Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
229c115027
commit
8ae8814fd7
|
@ -327,6 +327,7 @@ class Deployment < ApplicationRecord
|
|||
|
||||
def sync_status_with(build)
|
||||
return false unless ::Deployment.statuses.include?(build.status)
|
||||
return false if build.created? || build.status == self.status
|
||||
|
||||
update_status!(build.status)
|
||||
rescue StandardError => e
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
name: request_apdex_counters
|
||||
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69154
|
||||
rollout_issue_url: https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/1099
|
||||
milestone: '14.3'
|
||||
type: development
|
||||
group: team::Scalability
|
||||
default_enabled: false
|
|
@ -0,0 +1,21 @@
|
|||
---
|
||||
data_category: optional
|
||||
key_path: counts.kubernetes_agents
|
||||
description: Count of Kubernetes registered agents
|
||||
product_section: ops
|
||||
product_stage: configure
|
||||
product_group: group::configure
|
||||
product_category: kubernetes_management
|
||||
value_type: number
|
||||
status: active
|
||||
time_frame: all
|
||||
data_source: database
|
||||
distribution:
|
||||
- ce
|
||||
- ee
|
||||
tier:
|
||||
- free
|
||||
- premium
|
||||
- ultimate
|
||||
performance_indicator_type: []
|
||||
milestone: "<13.9"
|
|
@ -0,0 +1,21 @@
|
|||
---
|
||||
data_category: optional
|
||||
key_path: counts.kubernetes_agents_with_token
|
||||
description: Count of Kubernetes agents with at least one token
|
||||
product_section: ops
|
||||
product_stage: configure
|
||||
product_group: group::configure
|
||||
product_category: kubernetes_management
|
||||
value_type: number
|
||||
status: active
|
||||
time_frame: all
|
||||
data_source: database
|
||||
distribution:
|
||||
- ce
|
||||
- ee
|
||||
tier:
|
||||
- free
|
||||
- premium
|
||||
- ultimate
|
||||
performance_indicator_type: []
|
||||
milestone: "<13.9"
|
|
@ -0,0 +1,22 @@
|
|||
---
|
||||
data_category: optional
|
||||
key_path: counts.kubernetes_agent_k8s_api_proxy_request
|
||||
description: Count of Kubernetes API proxy requests
|
||||
product_section: ops
|
||||
product_stage: configure
|
||||
product_group: group::configure
|
||||
product_category: kubernetes_management
|
||||
value_type: number
|
||||
status: active
|
||||
milestone: '13.12'
|
||||
introduced_by_url:
|
||||
time_frame: all
|
||||
data_source: redis
|
||||
distribution:
|
||||
- ce
|
||||
- ee
|
||||
tier:
|
||||
- free
|
||||
- premium
|
||||
- ultimate
|
||||
performance_indicator_type: []
|
|
@ -240,7 +240,7 @@ The search filters you can see depends on which audit level you are at.
|
|||
| Scope (Instance level) | A specific group, project, or user that the action was scoped to. |
|
||||
| Date range | Either via the date range buttons or pickers (maximum range of 31 days). Default is from the first day of the month to today's date. |
|
||||
|
||||
![audit events](img/audit_log_v13_6.png)
|
||||
![audit events](img/audit_events_v14_5.png)
|
||||
|
||||
## Export to CSV **(PREMIUM SELF)**
|
||||
|
||||
|
|
Binary file not shown.
After Width: | Height: | Size: 32 KiB |
Binary file not shown.
Before Width: | Height: | Size: 43 KiB |
|
@ -276,6 +276,8 @@ configuration option in `gitlab.yml`. These metrics are served from the
|
|||
| `geo_uploads_synced` | Gauge | 14.1 | Number of uploads synced on secondary | `url` |
|
||||
| `geo_uploads_failed` | Gauge | 14.1 | Number of syncable uploads failed to sync on secondary | `url` |
|
||||
| `geo_uploads_registry` | Gauge | 14.1 | Number of uploads in the registry | `url` |
|
||||
| `gitlab_sli:rails_request_apdex:total` | Counter | 14.4 | The number of request-apdex measurements, [more information the development documentation](../../../development/application_slis/rails_request_apdex.md) | `endpoint_id`, `feature_category`, `request_urgency` |
|
||||
| `gitlab_sli:rails_request_apdex:success_total` | Counter | 14.4 | The number of succesful requests that met the target duration for their urgency. Devide by `gitlab_sli:rails_requests_apdex:total` to get a success ratio | `endpoint_id`, `feature_category`, `request_urgency` |
|
||||
|
||||
## Database load balancing metrics **(PREMIUM SELF)**
|
||||
|
||||
|
|
|
@ -7,9 +7,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w
|
|||
|
||||
# Security Configuration **(FREE)**
|
||||
|
||||
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6. **(ULTIMATE)**
|
||||
> - SAST configuration was [enabled](https://gitlab.com/groups/gitlab-org/-/epics/3659) in 13.3 and [improved](https://gitlab.com/gitlab-org/gitlab/-/issues/232862) in 13.4. **(ULTIMATE)**
|
||||
> - DAST Profiles feature was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40474) in 13.4. **(ULTIMATE)**
|
||||
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in GitLab 12.6.
|
||||
> - SAST configuration was [enabled](https://gitlab.com/groups/gitlab-org/-/epics/3659) in 13.3 and [improved](https://gitlab.com/gitlab-org/gitlab/-/issues/232862) in 13.4.
|
||||
> - DAST Profiles feature was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40474) in 13.4.
|
||||
> - A simplified version was made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/294076) in GitLab 13.10.
|
||||
> - [Redesigned](https://gitlab.com/gitlab-org/gitlab/-/issues/326926) in 14.2.
|
||||
|
||||
|
@ -38,31 +38,31 @@ Select **Configuration history** to see the `.gitlab-ci.yml` file's history.
|
|||
|
||||
You can configure the following security controls:
|
||||
|
||||
- Static Application Security Testing (SAST) **(FREE)**
|
||||
- [Static Application Security Testing](../sast/index.md) (SAST)
|
||||
- Select **Enable SAST** to configure SAST for the current project.
|
||||
For more details, read [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui).
|
||||
- Dynamic Application Security Testing (DAST) **(ULTIMATE)**
|
||||
- [Dynamic Application Security Testing](../dast/index.md) (DAST)
|
||||
- Select **Enable DAST** to configure DAST for the current project.
|
||||
- Select **Manage scans** to manage the saved DAST scans, site profiles, and scanner profiles.
|
||||
For more details, read [DAST on-demand scans](../dast/index.md#on-demand-scans).
|
||||
- Dependency Scanning **(ULTIMATE)**
|
||||
- [Dependency Scanning](../dependency_scanning/index.md)
|
||||
- Select **Configure via Merge Request** to create a merge request with the changes required to
|
||||
enable Dependency Scanning. For more details, see [Enable Dependency Scanning via an automatic merge request](../dependency_scanning/index.md#enable-dependency-scanning-via-an-automatic-merge-request).
|
||||
- Container Scanning **(ULTIMATE)**
|
||||
- [Container Scanning](../container_scanning/index.md)
|
||||
- Can be configured with `.gitlab-ci.yml`. For more details, read [Container Scanning](../../../user/application_security/container_scanning/index.md#configuration).
|
||||
- Cluster Image Scanning **(ULTIMATE)**
|
||||
- [Cluster Image Scanning](../cluster_image_scanning/index.md)
|
||||
- Can be configured with `.gitlab-ci.yml`. For more details, read [Cluster Image Scanning](../../../user/application_security/cluster_image_scanning/#configuration).
|
||||
- Secret Detection
|
||||
- [Secret Detection](../secret_detection/index.md)
|
||||
- Select **Configure via Merge Request** to create a merge request with the changes required to
|
||||
enable Secret Detection. For more details, read [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request).
|
||||
- API Fuzzing **(ULTIMATE)**
|
||||
- [API Fuzzing](../api_fuzzing/index.md)
|
||||
- Select **Enable API Fuzzing** to use API Fuzzing for the current project. For more details, read [API Fuzzing](../../../user/application_security/api_fuzzing/index.md#enable-web-api-fuzzing).
|
||||
- Coverage Fuzzing **(ULTIMATE)**
|
||||
- [Coverage Fuzzing](../coverage_fuzzing/index.md)
|
||||
- Can be configured with `.gitlab-ci.yml`. For more details, read [Coverage Fuzzing](../../../user/application_security/coverage_fuzzing/index.md#configuration).
|
||||
|
||||
## Compliance **(ULTIMATE)**
|
||||
|
||||
You can configure the following security controls:
|
||||
|
||||
- License Compliance **(ULTIMATE)**
|
||||
- [License Compliance](../../../user/compliance/license_compliance/index.md)
|
||||
- Can be configured with `.gitlab-ci.yml`. For more details, read [License Compliance](../../../user/compliance/license_compliance/index.md#configuration).
|
||||
|
|
|
@ -7,7 +7,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
|
|||
|
||||
# Dependency list **(ULTIMATE)**
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10075) in GitLab Ultimate 12.0.
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10075) in GitLab 12.0.
|
||||
|
||||
Use the dependency list to review your project's dependencies and key
|
||||
details about those dependencies, including their known vulnerabilities. It is a collection of dependencies in your project, including existing and new findings.
|
||||
|
@ -66,7 +66,7 @@ Dependency paths are supported for the following package managers:
|
|||
|
||||
## Licenses
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10536) in GitLab Ultimate 12.3.
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10536) in GitLab 12.3.
|
||||
|
||||
If the [License Compliance](../../compliance/license_compliance/index.md) CI job is configured,
|
||||
[discovered licenses](../../compliance/license_compliance/index.md#supported-languages-and-package-managers) are displayed on this page.
|
||||
|
|
|
@ -33,17 +33,17 @@ GitLab uses the following tools to scan and report known vulnerabilities found i
|
|||
|
||||
| Secure scanning tool | Description |
|
||||
|:-----------------------------------------------------------------------------|:-----------------------------------------------------------------------|
|
||||
| [Container Scanning](container_scanning/index.md) **(ULTIMATE)** | Scan Docker containers for known vulnerabilities. |
|
||||
| [Dependency List](dependency_list/index.md) **(ULTIMATE)** | View your project's dependencies and their known vulnerabilities. |
|
||||
| [Dependency Scanning](dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. |
|
||||
| [Dynamic Application Security Testing (DAST)](dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. |
|
||||
| [DAST API](dast_api/index.md) **(ULTIMATE)** | Analyze running web APIs for known vulnerabilities. |
|
||||
| [API fuzzing](api_fuzzing/index.md) **(ULTIMATE)** | Find unknown bugs and vulnerabilities in web APIs with fuzzing. |
|
||||
| [Secret Detection](secret_detection/index.md) | Analyze Git history for leaked secrets. |
|
||||
| [Security Dashboard](security_dashboard/index.md) **(ULTIMATE)** | View vulnerabilities in all your projects and groups. |
|
||||
| [Static Application Security Testing (SAST)](sast/index.md) | Analyze source code for known vulnerabilities. |
|
||||
| [Coverage fuzzing](coverage_fuzzing/index.md) **(ULTIMATE)** | Find unknown bugs and vulnerabilities with coverage-guided fuzzing. |
|
||||
| [Cluster Image Scanning](cluster_image_scanning/index.md) **(ULTIMATE)** | Scan Kubernetes clusters for known vulnerabilities. |
|
||||
| [Container Scanning](container_scanning/index.md) | Scan Docker containers for known vulnerabilities. |
|
||||
| [Dependency List](dependency_list/index.md) | View your project's dependencies and their known vulnerabilities. |
|
||||
| [Dependency Scanning](dependency_scanning/index.md) | Analyze your dependencies for known vulnerabilities. |
|
||||
| [Dynamic Application Security Testing (DAST)](dast/index.md) | Analyze running web applications for known vulnerabilities. |
|
||||
| [DAST API](dast_api/index.md) | Analyze running web APIs for known vulnerabilities. |
|
||||
| [API fuzzing](api_fuzzing/index.md) | Find unknown bugs and vulnerabilities in web APIs with fuzzing. |
|
||||
| [Secret Detection](secret_detection/index.md) | Analyze Git history for leaked secrets. |
|
||||
| [Security Dashboard](security_dashboard/index.md) | View vulnerabilities in all your projects and groups. |
|
||||
| [Static Application Security Testing (SAST)](sast/index.md) | Analyze source code for known vulnerabilities. |
|
||||
| [Coverage fuzzing](coverage_fuzzing/index.md) | Find unknown bugs and vulnerabilities with coverage-guided fuzzing. |
|
||||
| [Cluster Image Scanning](cluster_image_scanning/index.md) | Scan Kubernetes clusters for known vulnerabilities. |
|
||||
|
||||
## Security scanning with Auto DevOps
|
||||
|
||||
|
@ -185,7 +185,7 @@ By default, the vulnerability report does not show vulnerabilities of `dismissed
|
|||
|
||||
## Security approvals in merge requests
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9928) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.2.
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9928) in GitLab 12.2.
|
||||
|
||||
You can implement merge request approvals to require approval by selected users or a group when a
|
||||
merge request would introduce one of the following security issues:
|
||||
|
|
|
@ -118,9 +118,9 @@ examining the Cilium logs:
|
|||
kubectl -n gitlab-managed-apps logs -l k8s-app=cilium -c cilium-monitor
|
||||
```
|
||||
|
||||
### Change the enforcement status
|
||||
### Change the status
|
||||
|
||||
To change a network policy's enforcement status:
|
||||
To change a network policy's status:
|
||||
|
||||
- Select the network policy you want to update.
|
||||
- Select **Edit policy**.
|
||||
|
|
|
@ -6,8 +6,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w
|
|||
|
||||
# SAST Analyzers **(FREE)**
|
||||
|
||||
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3775) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 10.3.
|
||||
> - [Moved](https://gitlab.com/groups/gitlab-org/-/epics/2098) to GitLab Free in 13.3.
|
||||
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3775) in GitLab 10.3.
|
||||
> - [Moved](https://gitlab.com/groups/gitlab-org/-/epics/2098) from GitLab Ultimate to GitLab Free in 13.3.
|
||||
|
||||
SAST relies on underlying third party tools that are wrapped into what we call
|
||||
"Analyzers". An analyzer is a
|
||||
|
|
|
@ -7,8 +7,8 @@ type: reference, howto
|
|||
|
||||
# Static Application Security Testing (SAST) **(FREE)**
|
||||
|
||||
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3775) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 10.3.
|
||||
> - All open source (OSS) analyzers were moved to GitLab Free in GitLab 13.3.
|
||||
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3775) in GitLab 10.3.
|
||||
> - All open source (OSS) analyzers were moved from GitLab Ultimate to GitLab Free in GitLab 13.3.
|
||||
|
||||
NOTE:
|
||||
The whitepaper ["A Seismic Shift in Application Security"](https://about.gitlab.com/resources/whitepaper-seismic-shift-application-security/)
|
||||
|
@ -20,7 +20,7 @@ Testing (SAST) to check your source code for known vulnerabilities. When a pipel
|
|||
the results of the SAST analysis are processed and shown in the pipeline's Security tab. If the
|
||||
pipeline is associated with a merge request, the SAST analysis is compared with the results of
|
||||
the target branch's analysis (if available). The results of that comparison are shown in the merge
|
||||
request. **(ULTIMATE)** If the pipeline is running from the default branch, the results of the SAST
|
||||
request. If the pipeline is running from the default branch, the results of the SAST
|
||||
analysis are available in the [security dashboards](../security_dashboard/index.md).
|
||||
|
||||
![SAST results shown in the MR widget](img/sast_results_in_mr_v14_0.png)
|
||||
|
@ -197,7 +197,7 @@ Use the method that best meets your needs.
|
|||
- [Configure SAST in the UI with default settings](#configure-sast-in-the-ui-with-default-settings)
|
||||
- [Configure SAST in the UI with customizations](#configure-sast-in-the-ui-with-customizations)
|
||||
|
||||
### Configure SAST in the UI with default settings **(FREE)**
|
||||
### Configure SAST in the UI with default settings
|
||||
|
||||
> [Introduced](https://about.gitlab.com/releases/2021/02/22/gitlab-13-9-released/#security-configuration-page-for-all-users) in GitLab 13.9
|
||||
|
||||
|
@ -217,9 +217,9 @@ successfully, and an error may occur.
|
|||
|
||||
### Configure SAST in the UI with customizations **(ULTIMATE)**
|
||||
|
||||
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3659) in GitLab Ultimate 13.3.
|
||||
> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/232862) in GitLab Ultimate 13.4.
|
||||
> - [Improved](https://gitlab.com/groups/gitlab-org/-/epics/3635) in GitLab Ultimate 13.5.
|
||||
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3659) in GitLab 13.3.
|
||||
> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/232862) in GitLab 13.4.
|
||||
> - [Improved](https://gitlab.com/groups/gitlab-org/-/epics/3635) in GitLab 13.5.
|
||||
|
||||
To enable and configure SAST with customizations:
|
||||
|
||||
|
@ -402,7 +402,7 @@ To create a custom ruleset:
|
|||
|
||||
### False Positive Detection **(ULTIMATE)**
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/292686) in GitLab 14.2.
|
||||
> Introduced in GitLab 14.2.
|
||||
|
||||
Vulnerabilities that have been detected and are false positives will be flagged as false positives in the security dashboard.
|
||||
|
||||
|
@ -423,7 +423,7 @@ Read more on [how to use private Maven repositories](../index.md#using-private-m
|
|||
|
||||
### Enabling Kubesec analyzer
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12752) in GitLab Ultimate 12.6.
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12752) in GitLab 12.6.
|
||||
|
||||
You need to set `SCAN_KUBERNETES_MANIFESTS` to `"true"` to enable the
|
||||
Kubesec analyzer. In `.gitlab-ci.yml`, define:
|
||||
|
@ -569,7 +569,7 @@ Some analyzers can be customized with CI/CD variables.
|
|||
|
||||
#### Custom CI/CD variables
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18193) in GitLab Ultimate 12.5.
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18193) in GitLab 12.5.
|
||||
|
||||
In addition to the aforementioned SAST configuration CI/CD variables,
|
||||
all [custom variables](../../../ci/variables/index.md#custom-cicd-variables) are propagated
|
||||
|
|
|
@ -7,8 +7,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w
|
|||
|
||||
# Secret Detection **(FREE)**
|
||||
|
||||
> - [Introduced](https://about.gitlab.com/releases/2019/03/22/gitlab-11-9-released/#detect-secrets-and-credentials-in-the-repository) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.9.
|
||||
> - Made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/222788) in 13.3.
|
||||
> - [Introduced](https://about.gitlab.com/releases/2019/03/22/gitlab-11-9-released/#detect-secrets-and-credentials-in-the-repository) in GitLab 11.9.
|
||||
> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/222788) from GitLab Ultimate to GitLab Free in 13.3.
|
||||
|
||||
A recurring problem when developing applications is that developers may unintentionally commit
|
||||
secrets and credentials to their remote repositories. If other people have access to the source,
|
||||
|
@ -138,9 +138,9 @@ The results are saved as a
|
|||
that you can later download and analyze. Due to implementation limitations, we
|
||||
always take the latest Secret Detection artifact available.
|
||||
|
||||
### Enable Secret Detection via an automatic merge request **(FREE)**
|
||||
### Enable Secret Detection via an automatic merge request
|
||||
|
||||
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4496) in GitLab 13.11, behind a feature flag, enabled by default.
|
||||
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4496) in GitLab 13.11, deployed behind a feature flag, enabled by default.
|
||||
> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/329886) in GitLab 14.1.
|
||||
|
||||
To enable Secret Detection in a project, you can create a merge request
|
||||
|
|
|
@ -7,7 +7,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
|
|||
|
||||
# Vulnerability Pages **(ULTIMATE)**
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13561) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.0.
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13561) in GitLab 13.0.
|
||||
|
||||
Each vulnerability in a project has a Vulnerability Page. This page contains details of the
|
||||
vulnerability. The details included vary according to the type of vulnerability. Details of each
|
||||
|
|
|
@ -151,7 +151,7 @@ To change the status of vulnerabilities in the table:
|
|||
|
||||
### Change status of multiple vulnerabilities
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35816) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.9.
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35816) in GitLab 12.9.
|
||||
|
||||
You can change the status of multiple vulnerabilities at once:
|
||||
|
||||
|
@ -162,8 +162,8 @@ You can change the status of multiple vulnerabilities at once:
|
|||
|
||||
## Export vulnerability details
|
||||
|
||||
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213014) in the Security Center (previously known as the Instance Security Dashboard) and project-level Vulnerability Report (previously known as the Project Security Dashboard) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.0.
|
||||
> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/213013) to the group-level Vulnerability Report in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.1.
|
||||
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213014) in the Security Center (previously known as the Instance Security Dashboard) and project-level Vulnerability Report (previously known as the Project Security Dashboard) in GitLab 13.0.
|
||||
> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/213013) to the group-level Vulnerability Report in GitLab 13.1.
|
||||
|
||||
You can export details of the vulnerabilities listed in the Vulnerability Report. The export format
|
||||
is CSV (comma separated values). Note that all vulnerabilities are included because filters don't
|
||||
|
@ -197,7 +197,7 @@ thousands of vulnerabilities. Don't close the page until the download finishes.
|
|||
|
||||
## Dismiss a vulnerability
|
||||
|
||||
> The option of adding a dismissal reason was introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0.
|
||||
> The option of adding a dismissal reason was introduced in GitLab 12.0.
|
||||
|
||||
You can dismiss a vulnerability for the entire project:
|
||||
|
||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 11 KiB |
|
@ -7,144 +7,148 @@ disqus_identifier: 'https://docs.gitlab.com/ee/workflow/repository_mirroring.htm
|
|||
|
||||
# Repository mirroring **(FREE)**
|
||||
|
||||
Repository mirroring allows for the mirroring of repositories to and from external sources. You
|
||||
can use it to mirror branches, tags, and commits between repositories. It helps you use
|
||||
a repository outside of GitLab.
|
||||
You can _mirror_ a repository to and from external sources. You can select which
|
||||
repository serves as the source, and modify which parts of the repository are copied.
|
||||
Branches, tags, and commits can be mirrored.
|
||||
|
||||
A repository mirror at GitLab updates automatically. You can also manually trigger an update:
|
||||
|
||||
- At most once every five minutes on GitLab.com.
|
||||
- According to a [limit set by the administrator](../../../../administration/instance_limits.md#pull-mirroring-interval)
|
||||
on self-managed instances.
|
||||
|
||||
There are two kinds of repository mirroring supported by GitLab:
|
||||
Several mirroring methods exist:
|
||||
|
||||
- [Push](push.md): for mirroring a GitLab repository to another location.
|
||||
- [Pull](pull.md): for mirroring a repository from another location to GitLab.
|
||||
- [Bidirectional](bidirectional.md) mirroring is also available, but can cause conflicts.
|
||||
|
||||
Mirror a repository when:
|
||||
|
||||
- The canonical version of your project has migrated to GitLab. To keep providing a
|
||||
copy of your project at its previous home, configure your GitLab repository as a
|
||||
[push mirror](push.md). Changes you make to your GitLab repository are copied to
|
||||
the old location.
|
||||
- Your GitLab project is private, but some components can be shared publicly.
|
||||
Configure your primary repository as a [push mirror](push.md) and push the portions
|
||||
you want to make public. With this configuration, you can open-source specific
|
||||
projects, contribute back to the open-source community, and protect the sensitive
|
||||
parts of your project.
|
||||
- You migrated to GitLab, but the canonical version of your project is somewhere else.
|
||||
Configure your GitLab repository as a [pull mirror](pull.md) of the other project.
|
||||
Your GitLab repository pulls copies of the commits, tags, and branches of project.
|
||||
They become available to use on GitLab.
|
||||
|
||||
## Create a repository mirror
|
||||
|
||||
Prerequisite:
|
||||
|
||||
- You must have at least the [Maintainer role](../../../permissions.md) for the project.
|
||||
- If your mirror connects with `ssh://`, the host key must be detectable on the server,
|
||||
or you must have a local copy of the key.
|
||||
|
||||
1. On the top bar, select **Menu > Projects** and find your project.
|
||||
1. On the left sidebar, select **Settings > Repository**.
|
||||
1. Expand **Mirroring repositories**.
|
||||
1. Enter a **Git repository URL**. For security reasons, the URL to the original
|
||||
repository is only displayed to users with the [Maintainer role](../../../permissions.md)
|
||||
or the [Owner role](../../../permissions.md) for the mirrored project.
|
||||
1. Select a **Mirror direction**.
|
||||
1. If you entered a `ssh://` URL, select either:
|
||||
- **Detect host keys**: GitLab fetches the host keys from the server and displays the fingerprints.
|
||||
- **Input host keys manually**, and enter the host key into **SSH host key**.
|
||||
|
||||
When mirroring the repository, GitLab confirms at least one of the stored host keys
|
||||
matches before connecting. This check can protect your mirror from malicious code injections,
|
||||
or your password from being stolen.
|
||||
1. Select an **Authentication method**. To learn more, read
|
||||
[Authentication methods for mirrors](#authentication-methods-for-mirrors).
|
||||
1. If you authenticate with SSH host keys, [verify the host key](#verify-a-host-key)
|
||||
to ensure it is correct.
|
||||
1. To prevent force-pushing over diverged refs, select [**Keep divergent refs**](push.md#keep-divergent-refs).
|
||||
1. Optional. Select [**Mirror only protected branches**](#mirror-only-protected-branches).
|
||||
1. Select **Mirror repository**.
|
||||
|
||||
If you select `SSH public key` as your authentication method, GitLab generates a
|
||||
public key for your GitLab repository. You must provide this key to the non-GitLab server.
|
||||
To learn more, read [Get your SSH public key](#get-your-ssh-public-key).
|
||||
|
||||
## Update a mirror
|
||||
|
||||
When the mirror repository is updated, all new branches, tags, and commits are visible in the
|
||||
project's activity feed.
|
||||
project's activity feed. A repository mirror at GitLab updates automatically.
|
||||
You can also manually trigger an update:
|
||||
|
||||
Users with the [Maintainer role](../../../permissions.md) for the project can also force an
|
||||
immediate update, unless:
|
||||
- At most once every five minutes on GitLab.com.
|
||||
- According to [the pull mirroring interval limit](../../../../administration/instance_limits.md#pull-mirroring-interval)
|
||||
set by the administrator on self-managed instances.
|
||||
|
||||
### Force an update
|
||||
|
||||
While mirrors are scheduled to update automatically, you can force an immediate update unless:
|
||||
|
||||
- The mirror is already being updated.
|
||||
- The [limit for pull mirroring interval seconds](../../../../administration/instance_limits.md#pull-mirroring-interval) has not elapsed after its last update.
|
||||
- The [interval, in seconds](../../../../administration/instance_limits.md#pull-mirroring-interval)
|
||||
for pull mirroring limits has not elapsed after its last update.
|
||||
|
||||
For security reasons, the URL to the original repository is only displayed to users with the
|
||||
[Maintainer role](../../../permissions.md) or the [Owner role](../../../permissions.md) for the mirrored
|
||||
project.
|
||||
Prerequisite:
|
||||
|
||||
## Use cases
|
||||
- You must have at least the [Maintainer role](../../../permissions.md) for the project.
|
||||
|
||||
The following are some possible use cases for repository mirroring:
|
||||
|
||||
- You migrated to GitLab but still must keep your project in another source. In that case, you
|
||||
can set it up to mirror to GitLab (pull) and all the essential history of commits, tags,
|
||||
and branches are available in your GitLab instance. **(PREMIUM)**
|
||||
- You have old projects in another source that you don't use actively anymore, but don't want to
|
||||
remove for archiving purposes. In that case, you can create a push mirror so that your active
|
||||
GitLab repository can push its changes to the old location.
|
||||
- You are a GitLab self-managed user for privacy reasons and your instance is closed to the public,
|
||||
but you still have certain software components that you want open sourced. In this case, utilizing
|
||||
GitLab to be your primary repository which is closed from the public, and using push mirroring to a
|
||||
GitLab.com repository that's public, allows you to open source specific projects and contribute back
|
||||
to the open source community.
|
||||
1. On the top bar, select **Menu > Projects** and find your project.
|
||||
1. On the left sidebar, select **Settings > Repository**.
|
||||
1. Expand **Mirroring repositories**.
|
||||
1. Scroll to **Mirrored repositories** and identify the mirror to update.
|
||||
1. Select **Update now** (**{retry}**):
|
||||
![Repository mirroring force update user interface](img/repository_mirroring_force_update.png)
|
||||
|
||||
## Mirror only protected branches **(PREMIUM)**
|
||||
|
||||
> Moved to GitLab Premium in 13.9.
|
||||
|
||||
Based on the mirror direction that you choose, you can opt to mirror only the
|
||||
You can choose to mirror only the
|
||||
[protected branches](../../protected_branches.md) in the mirroring project,
|
||||
either from or to your remote repository. For pull mirroring, non-protected branches in
|
||||
the mirroring project are not mirrored and can diverge.
|
||||
either from or to your remote repository. For [pull mirroring](pull.md),
|
||||
non-protected branches in the mirroring project are not mirrored and can diverge.
|
||||
|
||||
To use this option, check the **Only mirror protected branches** box when
|
||||
creating a repository mirror. **(PREMIUM)**
|
||||
To use this option, select **Only mirror protected branches** when you create a repository mirror.
|
||||
|
||||
## SSH authentication
|
||||
## Authentication methods for mirrors
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/22982) in GitLab 11.6 for Push mirroring.
|
||||
When you create a mirror, you must configure the authentication method for it.
|
||||
GitLab supports these authentication methods:
|
||||
|
||||
- [SSH authentication](#ssh-authentication).
|
||||
- Password.
|
||||
|
||||
### SSH authentication
|
||||
|
||||
SSH authentication is mutual:
|
||||
|
||||
- You have to prove to the server that you're allowed to access the repository.
|
||||
- The server also has to prove to *you* that it's who it claims to be.
|
||||
- You must prove to the server that you're allowed to access the repository.
|
||||
- The server must also *prove to you* that it's who it claims to be.
|
||||
|
||||
You provide your credentials as a password or public key. The server that the
|
||||
other repository resides on provides its credentials as a "host key", the
|
||||
fingerprint of which needs to be verified manually.
|
||||
For SSH authentication, you provide your credentials as a password or _public key_.
|
||||
The server that the other repository resides on provides its credentials as a _host key_.
|
||||
You must [verify the fingerprint](#verify-a-host-key) of this host key manually.
|
||||
|
||||
If you're mirroring over SSH (using an `ssh://` URL), you can authenticate using:
|
||||
|
||||
- Password-based authentication, just as over HTTPS.
|
||||
- Public key authentication. This is often more secure than password authentication,
|
||||
- Public key authentication. This method is often more secure than password authentication,
|
||||
especially when the other repository supports [deploy keys](../../deploy_keys/index.md).
|
||||
|
||||
To get started:
|
||||
### Get your SSH public key
|
||||
|
||||
1. In your project, go to **Settings > Repository**, and then expand the **Mirroring repositories** section.
|
||||
1. Enter an `ssh://` URL for mirroring.
|
||||
When you mirror a repository and select the **SSH public key** as your
|
||||
authentication method, GitLab generates a public key for you. The non-GitLab server
|
||||
needs this key to establish trust with your GitLab repository. To copy your SSH public key:
|
||||
|
||||
NOTE:
|
||||
SCP-style URLs (that is, `git@example.com:group/project.git`) are not supported at this time.
|
||||
|
||||
Entering the URL adds two buttons to the page:
|
||||
|
||||
- **Detect host keys**.
|
||||
- **Input host keys manually**.
|
||||
|
||||
If you select the:
|
||||
|
||||
- **Detect host keys** button, GitLab fetches the host keys from the server and display the fingerprints.
|
||||
- **Input host keys manually** button, a field is displayed where you can paste in host keys.
|
||||
|
||||
Assuming you used the former, you now must verify that the fingerprints are
|
||||
those you expect. GitLab.com and other code hosting sites publish their
|
||||
fingerprints in the open for you to check:
|
||||
|
||||
- [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/regions.html#regions-fingerprints)
|
||||
- [Bitbucket](https://support.atlassian.com/bitbucket-cloud/docs/configure-ssh-and-two-step-verification/)
|
||||
- [GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints)
|
||||
- [GitLab.com](../../../gitlab_com/index.md#ssh-host-keys-fingerprints)
|
||||
- [Launchpad](https://help.launchpad.net/SSHFingerprints)
|
||||
- [Savannah](http://savannah.gnu.org/maintenance/SshAccess/)
|
||||
- [SourceForge](https://sourceforge.net/p/forge/documentation/SSH%20Key%20Fingerprints/)
|
||||
|
||||
Other providers vary. If you're running self-managed GitLab, or otherwise
|
||||
have access to the server for the other repository, you can securely gather the
|
||||
key fingerprints:
|
||||
|
||||
```shell
|
||||
$ cat /etc/ssh/ssh_host*pub | ssh-keygen -E md5 -l -f -
|
||||
256 MD5:f4:28:9f:23:99:15:21:1b:bf:ed:1f:8e:a0:76:b2:9d root@example.com (ECDSA)
|
||||
256 MD5:e6:eb:45:8a:3c:59:35:5f:e9:5b:80:12:be:7e:22:73 root@example.com (ED25519)
|
||||
2048 MD5:3f:72:be:3d:62:03:5c:62:83:e8:6e:14:34:3a:85:1d root@example.com (RSA)
|
||||
```
|
||||
|
||||
NOTE:
|
||||
You must exclude `-E md5` for some older versions of SSH.
|
||||
|
||||
When mirroring the repository, GitLab checks that at least one of the
|
||||
stored host keys matches before connecting. This can prevent malicious code from
|
||||
being injected into your mirror, or your password being stolen.
|
||||
|
||||
### SSH public key authentication
|
||||
|
||||
To use SSH public key authentication, you must also choose that option
|
||||
from the **Authentication method** dropdown. When the mirror is created,
|
||||
GitLab generates a 4096-bit RSA key that can be copied by selecting the **Copy SSH public key** button.
|
||||
|
||||
![Repository mirroring copy SSH public key to clipboard button](img/repository_mirroring_copy_ssh_public_key_button.png)
|
||||
|
||||
You then must add the public SSH key to the other repository's configuration:
|
||||
|
||||
- If the other repository is hosted on GitLab, you should add the public SSH key
|
||||
as a [deploy key](../../../project/deploy_keys/index.md).
|
||||
- If the other repository is hosted elsewhere, you must add the key to
|
||||
your user's `authorized_keys` file. Paste the entire public SSH key into the
|
||||
file on its own line and save it.
|
||||
1. On the top bar, select **Menu > Projects** and find your project.
|
||||
1. On the left sidebar, select **Settings > Repository**.
|
||||
1. Expand **Mirroring repositories**.
|
||||
1. Scroll to **Mirrored repositories**.
|
||||
1. Identify the correct repository, and select **Copy SSH public key**.
|
||||
1. Add the public SSH key to the other repository's configuration:
|
||||
- If the other repository is hosted on GitLab, add the public SSH key
|
||||
as a [deploy key](../../../project/deploy_keys/index.md).
|
||||
- If the other repository is hosted elsewhere, add the key to
|
||||
your user's `authorized_keys` file. Paste the entire public SSH key into the
|
||||
file on its own line and save it.
|
||||
|
||||
If you must change the key at any time, you can remove and re-add the mirror
|
||||
to generate a new key. Update the other repository with the new
|
||||
|
@ -154,14 +158,36 @@ NOTE:
|
|||
The generated keys are stored in the GitLab database, not in the file system. Therefore,
|
||||
SSH public key authentication for mirrors cannot be used in a pre-receive hook.
|
||||
|
||||
## Force an update **(FREE)**
|
||||
### Verify a host key
|
||||
|
||||
While mirrors are scheduled to update automatically, you can always force an update by using the
|
||||
update button which is available on the **Mirroring repositories** section of the **Repository Settings** page.
|
||||
When using a host key, always verify the fingerprints match what you expect.
|
||||
GitLab.com and other code hosting sites publish their fingerprints
|
||||
for you to check:
|
||||
|
||||
![Repository mirroring force update user interface](img/repository_mirroring_force_update.png)
|
||||
- [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/regions.html#regions-fingerprints)
|
||||
- [Bitbucket](https://support.atlassian.com/bitbucket-cloud/docs/configure-ssh-and-two-step-verification/)
|
||||
- [GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints)
|
||||
- [GitLab.com](../../../gitlab_com/index.md#ssh-host-keys-fingerprints)
|
||||
- [Launchpad](https://help.launchpad.net/SSHFingerprints)
|
||||
- [Savannah](http://savannah.gnu.org/maintenance/SshAccess/)
|
||||
- [SourceForge](https://sourceforge.net/p/forge/documentation/SSH%20Key%20Fingerprints/)
|
||||
|
||||
## Resources
|
||||
Other providers vary. You can securely gather key fingerprints with the following
|
||||
command if you:
|
||||
|
||||
- Run self-managed GitLab.
|
||||
- Have access to the server for the other repository.
|
||||
|
||||
```shell
|
||||
$ cat /etc/ssh/ssh_host*pub | ssh-keygen -E md5 -l -f -
|
||||
256 MD5:f4:28:9f:23:99:15:21:1b:bf:ed:1f:8e:a0:76:b2:9d root@example.com (ECDSA)
|
||||
256 MD5:e6:eb:45:8a:3c:59:35:5f:e9:5b:80:12:be:7e:22:73 root@example.com (ED25519)
|
||||
2048 MD5:3f:72:be:3d:62:03:5c:62:83:e8:6e:14:34:3a:85:1d root@example.com (RSA)
|
||||
```
|
||||
|
||||
Older versions of SSH may require you to remove `-E md5` from the command.
|
||||
|
||||
## Related topics
|
||||
|
||||
- Configure a [Pull Mirroring Interval](../../../../administration/instance_limits.md#pull-mirroring-interval)
|
||||
- [Disable mirrors for a project](../../../admin_area/settings/visibility_and_access_controls.md#enable-project-mirroring)
|
||||
|
@ -171,24 +197,33 @@ update button which is available on the **Mirroring repositories** section of th
|
|||
|
||||
Should an error occur during a push, GitLab displays an **Error** highlight for that repository. Details on the error can then be seen by hovering over the highlight text.
|
||||
|
||||
### 13:Received RST_STREAM with error code 2 with GitHub
|
||||
### Received RST_STREAM with error code 2 with GitHub
|
||||
|
||||
If you receive a "13:Received RST_STREAM with error code 2" message while mirroring to a GitHub repository,
|
||||
your GitHub settings might be set to block pushes that expose your email address used in commits. Either
|
||||
set your email address on GitHub to be public, or disable the [Block command line pushes that expose my email](https://github.com/settings/emails) setting.
|
||||
If you receive this message while mirroring to a GitHub repository:
|
||||
|
||||
### 4:Deadline Exceeded
|
||||
```plaintext
|
||||
13:Received RST_STREAM with error code 2
|
||||
```
|
||||
|
||||
When upgrading to GitLab 11.11.8 or newer, a change in how usernames are represented means that you
|
||||
Your GitHub settings might be set to block pushes that expose your email address
|
||||
used in commits. To fix this problem, either:
|
||||
|
||||
- Set your GitHub email address to public.
|
||||
- Disable the [Block command line pushes that expose my email](https://github.com/settings/emails) setting.
|
||||
|
||||
### Deadline Exceeded
|
||||
|
||||
When upgrading to GitLab 11.11.8 or later, a change in how usernames are represented means that you
|
||||
must update your mirroring username and password to ensure that `%40` characters are replaced with `@`.
|
||||
|
||||
### Connection blocked because server only allows public key authentication
|
||||
|
||||
As the error indicates, the connection is getting blocked between GitLab and the remote repository. Even if a
|
||||
[TCP Check](../../../../administration/raketasks/maintenance.md#check-tcp-connectivity-to-a-remote-site) is successful,
|
||||
you must check any networking components in the route from GitLab to the remote Server to ensure there's no blockage.
|
||||
The connection between GitLab and the remote repository is blocked. Even if a
|
||||
[TCP Check](../../../../administration/raketasks/maintenance.md#check-tcp-connectivity-to-a-remote-site)
|
||||
is successful, you must check any networking components in the route from GitLab
|
||||
to the remote server for blockage.
|
||||
|
||||
For example, we've seen this error when a Firewall was performing a `Deep SSH Inspection` on outgoing packets.
|
||||
This error can occur when a firewall performs a `Deep SSH Inspection` on outgoing packets.
|
||||
|
||||
### Could not read username: terminal prompts disabled
|
||||
|
||||
|
@ -196,29 +231,31 @@ If you receive this error after creating a new project using
|
|||
[GitLab CI/CD for external repositories](../../../../ci/ci_cd_for_external_repos/):
|
||||
|
||||
```plaintext
|
||||
"2:fetch remote: "fatal: could not read Username for 'https://bitbucket.org': terminal prompts disabled\n": exit status 128."
|
||||
"2:fetch remote: "fatal: could not read Username for 'https://bitbucket.org':
|
||||
terminal prompts disabled\n": exit status 128."
|
||||
```
|
||||
|
||||
Check if the repository owner is specified in the URL of your mirrored repository:
|
||||
|
||||
1. Go to your project.
|
||||
1. On the top bar, select **Menu > Projects** and find your project.
|
||||
1. On the left sidebar, select **Settings > Repository**.
|
||||
1. Select **Mirroring repositories**.
|
||||
1. If no repository owner is specified, delete and add the URL again in this format:
|
||||
1. Expand **Mirroring repositories**.
|
||||
1. If no repository owner is specified, delete and add the URL again in this format,
|
||||
replacing `OWNER`, `ACCOUNTNAME`, and `REPONAME` with your values:
|
||||
|
||||
```plaintext
|
||||
https://**<repo_owner>**@bitbucket.org/<accountname>/<reponame>.git
|
||||
https://OWNER@bitbucket.org/ACCOUNTNAME/REPONAME.git
|
||||
```
|
||||
|
||||
The repository owner is needed for Bitbucket to connect to the repository for mirroring.
|
||||
When connecting to the repository for mirroring, Bitbucket requires the repository owner in the string.
|
||||
|
||||
### Pull mirror is missing LFS files
|
||||
|
||||
In some cases, pull mirroring does not transfer LFS files. This issue occurs when:
|
||||
|
||||
- You use an SSH repository URL. The workaround is to use an HTTPS repository URL instead.
|
||||
There is [an issue to fix this for SSH URLs](https://gitlab.com/gitlab-org/gitlab/-/issues/11997).
|
||||
An issue exists [to fix this problem for SSH URLs](https://gitlab.com/gitlab-org/gitlab/-/issues/11997).
|
||||
- You're using GitLab 14.0 or older, and the source repository is a public Bitbucket URL.
|
||||
This was [fixed in GitLab 14.0.6](https://gitlab.com/gitlab-org/gitlab/-/issues/335123).
|
||||
[Fixed](https://gitlab.com/gitlab-org/gitlab/-/issues/335123) in GitLab 14.0.6.
|
||||
- You mirror an external repository using object storage.
|
||||
There is [an issue to fix this](https://gitlab.com/gitlab-org/gitlab/-/issues/335495).
|
||||
An issue exists [to fix this problem](https://gitlab.com/gitlab-org/gitlab/-/issues/335495).
|
||||
|
|
|
@ -4,12 +4,7 @@ module Gitlab
|
|||
module Metrics
|
||||
module RailsSlis
|
||||
class << self
|
||||
def request_apdex_counters_enabled?
|
||||
Feature.enabled?(:request_apdex_counters)
|
||||
end
|
||||
|
||||
def initialize_request_slis_if_needed!
|
||||
return unless request_apdex_counters_enabled?
|
||||
return if Gitlab::Metrics::Sli.initialized?(:rails_request_apdex)
|
||||
|
||||
Gitlab::Metrics::Sli.initialize_sli(:rails_request_apdex, possible_request_labels)
|
||||
|
|
|
@ -79,7 +79,7 @@ module Gitlab
|
|||
if !health_endpoint && ::Gitlab::Metrics.record_duration_for_status?(status)
|
||||
self.class.http_request_duration_seconds.observe({ method: method }, elapsed)
|
||||
|
||||
record_apdex_if_needed(env, elapsed)
|
||||
record_apdex(env, elapsed)
|
||||
end
|
||||
|
||||
[status, headers, body]
|
||||
|
@ -113,9 +113,7 @@ module Gitlab
|
|||
::Gitlab::ApplicationContext.current_context_attribute(:caller_id)
|
||||
end
|
||||
|
||||
def record_apdex_if_needed(env, elapsed)
|
||||
return unless Gitlab::Metrics::RailsSlis.request_apdex_counters_enabled?
|
||||
|
||||
def record_apdex(env, elapsed)
|
||||
urgency = urgency_for_env(env)
|
||||
|
||||
Gitlab::Metrics::RailsSlis.request_apdex.increment(
|
||||
|
|
|
@ -12890,7 +12890,9 @@ msgid "Enterprise"
|
|||
msgstr ""
|
||||
|
||||
msgid "Environment"
|
||||
msgstr ""
|
||||
msgid_plural "Environments"
|
||||
msgstr[0] ""
|
||||
msgstr[1] ""
|
||||
|
||||
msgid "Environment does not have deployments"
|
||||
msgstr ""
|
||||
|
@ -22591,9 +22593,6 @@ msgstr ""
|
|||
msgid "NetworkPolicies|Edit policy"
|
||||
msgstr ""
|
||||
|
||||
msgid "NetworkPolicies|Enforcement status"
|
||||
msgstr ""
|
||||
|
||||
msgid "NetworkPolicies|Environment does not have deployment platform"
|
||||
msgstr ""
|
||||
|
||||
|
@ -30242,16 +30241,19 @@ msgstr ""
|
|||
msgid "SecurityOrchestration|Description"
|
||||
msgstr ""
|
||||
|
||||
msgid "SecurityOrchestration|Disabled"
|
||||
msgstr ""
|
||||
|
||||
msgid "SecurityOrchestration|Edit policy"
|
||||
msgstr ""
|
||||
|
||||
msgid "SecurityOrchestration|Edit policy project"
|
||||
msgstr ""
|
||||
|
||||
msgid "SecurityOrchestration|Enforce security for this project. %{linkStart}More information.%{linkEnd}"
|
||||
msgid "SecurityOrchestration|Enabled"
|
||||
msgstr ""
|
||||
|
||||
msgid "SecurityOrchestration|Enforcement Status"
|
||||
msgid "SecurityOrchestration|Enforce security for this project. %{linkStart}More information.%{linkEnd}"
|
||||
msgstr ""
|
||||
|
||||
msgid "SecurityOrchestration|Executes a %{scanType} scan"
|
||||
|
@ -30320,6 +30322,9 @@ msgstr ""
|
|||
msgid "SecurityOrchestration|Sorry, your filter produced no results."
|
||||
msgstr ""
|
||||
|
||||
msgid "SecurityOrchestration|Status"
|
||||
msgstr ""
|
||||
|
||||
msgid "SecurityOrchestration|There was a problem creating the new security policy"
|
||||
msgstr ""
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ gem 'capybara', '~> 3.35.0'
|
|||
gem 'capybara-screenshot', '~> 1.0.23'
|
||||
gem 'rake', '~> 12.3.3'
|
||||
gem 'rspec', '~> 3.10'
|
||||
gem 'selenium-webdriver', '~> 4.0.0.rc1'
|
||||
gem 'selenium-webdriver', '~> 4.0'
|
||||
gem 'airborne', '~> 0.3.4', require: false # airborne is messing with rspec sandboxed mode so not requiring by default
|
||||
gem 'rest-client', '~> 2.1.0'
|
||||
gem 'rspec-retry', '~> 0.6.1', require: 'rspec/retry'
|
||||
|
@ -22,7 +22,7 @@ gem 'timecop', '~> 0.9.1'
|
|||
gem 'parallel', '~> 1.19'
|
||||
gem 'rspec-parameterized', '~> 0.4.2'
|
||||
gem 'octokit', '~> 4.21'
|
||||
gem 'webdrivers', '~> 4.6'
|
||||
gem 'webdrivers', '~> 5.0'
|
||||
gem 'zeitwerk', '~> 2.4'
|
||||
gem 'influxdb-client', '~> 1.17'
|
||||
|
||||
|
|
|
@ -125,13 +125,13 @@ GEM
|
|||
mime-types-data (~> 3.2015)
|
||||
mime-types-data (3.2021.0704)
|
||||
mini_mime (1.1.0)
|
||||
mini_portile2 (2.5.3)
|
||||
mini_portile2 (2.6.1)
|
||||
minitest (5.14.4)
|
||||
multi_xml (0.6.0)
|
||||
multipart-post (2.1.1)
|
||||
netrc (0.11.0)
|
||||
nokogiri (1.11.7)
|
||||
mini_portile2 (~> 2.5.0)
|
||||
nokogiri (1.12.5)
|
||||
mini_portile2 (~> 2.6.1)
|
||||
racc (~> 1.4)
|
||||
octokit (4.21.0)
|
||||
faraday (>= 0.9)
|
||||
|
@ -154,7 +154,7 @@ GEM
|
|||
byebug (~> 9.1)
|
||||
pry (~> 0.10)
|
||||
public_suffix (4.0.1)
|
||||
racc (1.5.2)
|
||||
racc (1.6.0)
|
||||
rack (2.2.3)
|
||||
rack-test (1.1.0)
|
||||
rack (>= 1.0, < 3)
|
||||
|
@ -198,9 +198,9 @@ GEM
|
|||
sawyer (0.8.2)
|
||||
addressable (>= 2.3.5)
|
||||
faraday (> 0.8, < 2.0)
|
||||
selenium-webdriver (4.0.0.rc1)
|
||||
selenium-webdriver (4.0.3)
|
||||
childprocess (>= 0.5, < 5.0)
|
||||
rexml (~> 3.2)
|
||||
rexml (~> 3.2, >= 3.2.5)
|
||||
rubyzip (>= 1.2.2)
|
||||
systemu (2.6.5)
|
||||
table_print (1.5.7)
|
||||
|
@ -227,10 +227,10 @@ GEM
|
|||
watir (6.19.1)
|
||||
regexp_parser (>= 1.2, < 3)
|
||||
selenium-webdriver (>= 3.142.7)
|
||||
webdrivers (4.6.0)
|
||||
webdrivers (4.7.0)
|
||||
nokogiri (~> 1.6)
|
||||
rubyzip (>= 1.3.0)
|
||||
selenium-webdriver (>= 3.0, < 4.0)
|
||||
selenium-webdriver (> 3.141, < 5.0)
|
||||
xpath (3.2.0)
|
||||
nokogiri (~> 1.8)
|
||||
zeitwerk (2.4.2)
|
||||
|
@ -269,4 +269,4 @@ DEPENDENCIES
|
|||
zeitwerk (~> 2.4)
|
||||
|
||||
BUNDLED WITH
|
||||
2.2.22
|
||||
2.2.29
|
||||
|
|
|
@ -97,7 +97,7 @@ RSpec.describe 'Value Stream Analytics', :js do
|
|||
end
|
||||
end
|
||||
|
||||
it 'shows data on each stage', :sidekiq_might_not_need_inline do
|
||||
it 'shows data on each stage', :sidekiq_might_not_need_inline, quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/338332' do
|
||||
expect_issue_to_be_present
|
||||
|
||||
click_stage('Plan')
|
||||
|
@ -133,7 +133,7 @@ RSpec.describe 'Value Stream Analytics', :js do
|
|||
expect(metrics_values).to eq(['-'] * 4)
|
||||
end
|
||||
|
||||
it 'can sort records' do
|
||||
it 'can sort records', quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/338332' do
|
||||
# NOTE: checking that the string changes should suffice
|
||||
# depending on the order the tests are run we might run into problems with hard coded strings
|
||||
original_first_title = first_stage_title
|
||||
|
|
|
@ -39,15 +39,6 @@ RSpec.describe Gitlab::Metrics::RailsSlis do
|
|||
|
||||
described_class.initialize_request_slis_if_needed!
|
||||
end
|
||||
|
||||
it 'does not initialize anything if the feature flag is disabled' do
|
||||
stub_feature_flags(request_apdex_counters: false)
|
||||
|
||||
expect(Gitlab::Metrics::Sli).not_to receive(:initialize_sli)
|
||||
expect(Gitlab::Metrics::Sli).not_to receive(:initialized?)
|
||||
|
||||
described_class.initialize_request_slis_if_needed!
|
||||
end
|
||||
end
|
||||
|
||||
describe '.request_apdex' do
|
||||
|
|
|
@ -851,6 +851,12 @@ RSpec.describe Deployment do
|
|||
context 'with created deployment' do
|
||||
let(:deployment_status) { :created }
|
||||
|
||||
context 'with created build' do
|
||||
let(:build_status) { :created }
|
||||
|
||||
it_behaves_like 'ignoring build'
|
||||
end
|
||||
|
||||
context 'with running build' do
|
||||
let(:build_status) { :running }
|
||||
|
||||
|
@ -873,12 +879,16 @@ RSpec.describe Deployment do
|
|||
context 'with running deployment' do
|
||||
let(:deployment_status) { :running }
|
||||
|
||||
context 'with created build' do
|
||||
let(:build_status) { :created }
|
||||
|
||||
it_behaves_like 'ignoring build'
|
||||
end
|
||||
|
||||
context 'with running build' do
|
||||
let(:build_status) { :running }
|
||||
|
||||
it_behaves_like 'gracefully handling error' do
|
||||
let(:error_message) { %Q{Status cannot transition via \"run\"} }
|
||||
end
|
||||
it_behaves_like 'ignoring build'
|
||||
end
|
||||
|
||||
context 'with finished build' do
|
||||
|
@ -897,6 +907,12 @@ RSpec.describe Deployment do
|
|||
context 'with finished deployment' do
|
||||
let(:deployment_status) { :success }
|
||||
|
||||
context 'with created build' do
|
||||
let(:build_status) { :created }
|
||||
|
||||
it_behaves_like 'ignoring build'
|
||||
end
|
||||
|
||||
context 'with running build' do
|
||||
let(:build_status) { :running }
|
||||
|
||||
|
@ -908,9 +924,13 @@ RSpec.describe Deployment do
|
|||
context 'with finished build' do
|
||||
let(:build_status) { :success }
|
||||
|
||||
it_behaves_like 'gracefully handling error' do
|
||||
let(:error_message) { %Q{Status cannot transition via \"succeed\"} }
|
||||
end
|
||||
it_behaves_like 'ignoring build'
|
||||
end
|
||||
|
||||
context 'with failed build' do
|
||||
let(:build_status) { :failed }
|
||||
|
||||
it_behaves_like 'synchronizing deployment'
|
||||
end
|
||||
|
||||
context 'with unrelated build' do
|
||||
|
|
Loading…
Reference in New Issue