Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
83a3209c3f
commit
92077e0f8d
|
@ -402,7 +402,6 @@ RSpec/RepeatedExample:
|
|||
- 'spec/models/ability_spec.rb'
|
||||
- 'spec/models/ci/build_spec.rb'
|
||||
- 'spec/models/concerns/issuable_spec.rb'
|
||||
- 'spec/models/concerns/prometheus_adapter_spec.rb'
|
||||
- 'spec/models/member_spec.rb'
|
||||
- 'spec/models/project_services/chat_message/pipeline_message_spec.rb'
|
||||
- 'spec/models/user_spec.rb'
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import _ from 'underscore';
|
||||
import { memoize, throttle } from 'lodash';
|
||||
import $ from 'jquery';
|
||||
|
||||
class DirtySubmitForm {
|
||||
|
@ -21,8 +21,8 @@ class DirtySubmitForm {
|
|||
}
|
||||
|
||||
registerListeners() {
|
||||
const getThrottledHandlerForInput = _.memoize(() =>
|
||||
_.throttle(event => this.updateDirtyInput(event), DirtySubmitForm.THROTTLE_DURATION),
|
||||
const getThrottledHandlerForInput = memoize(() =>
|
||||
throttle(event => this.updateDirtyInput(event), DirtySubmitForm.THROTTLE_DURATION),
|
||||
);
|
||||
|
||||
const throttledUpdateDirtyInput = event => {
|
||||
|
|
|
@ -4,6 +4,7 @@ module Repositories
|
|||
class GitHttpController < Repositories::GitHttpClientController
|
||||
include WorkhorseRequest
|
||||
|
||||
before_action :snippet_request_allowed?
|
||||
before_action :access_check
|
||||
prepend_before_action :deny_head_requests, only: [:info_refs]
|
||||
|
||||
|
@ -12,8 +13,6 @@ module Repositories
|
|||
rescue_from Gitlab::GitAccess::ProjectCreationError, with: :render_422_with_exception
|
||||
rescue_from Gitlab::GitAccess::TimeoutError, with: :render_503_with_exception
|
||||
|
||||
before_action :snippet_request_allowed?
|
||||
|
||||
# GET /foo/bar.git/info/refs?service=git-upload-pack (git pull)
|
||||
# GET /foo/bar.git/info/refs?service=git-receive-pack (git push)
|
||||
def info_refs
|
||||
|
@ -121,6 +120,7 @@ module Repositories
|
|||
|
||||
def snippet_request_allowed?
|
||||
if repo_type.snippet? && Feature.disabled?(:version_snippets, user)
|
||||
Gitlab::AppLogger.info('Snippet access attempt with feature disabled')
|
||||
render plain: 'The project you were looking for could not be found.', status: :not_found
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Fix invalid class option for ionice
|
||||
merge_request: 28023
|
||||
author:
|
||||
type: fixed
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Check first if feature flag version_snippet is enabled
|
||||
merge_request: 28352
|
||||
author:
|
||||
type: fixed
|
|
@ -117,8 +117,6 @@ randomly placed on one of the selected paths.
|
|||
|
||||
[ce-4578]: https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/4578
|
||||
[restart-gitlab]: restart_gitlab.md#installations-from-source
|
||||
[reconfigure-gitlab]: restart_gitlab.md#omnibus-gitlab-reconfigure
|
||||
[backups]: ../raketasks/backup_restore.md
|
||||
[raketask]: https://gitlab.com/gitlab-org/gitlab/blob/033e5423a2594e08a7ebcd2379bd2331f4c39032/lib/backup/repository.rb#L54-56
|
||||
[repospath]: https://gitlab.com/gitlab-org/gitlab-foss/-/blob/8-9-stable/config/gitlab.yml.example#L457
|
||||
[ce-11449]: https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/11449
|
||||
|
|
|
@ -67,7 +67,7 @@ Asana - Teamwork without email
|
|||
|
||||
Set Asana service for a project.
|
||||
|
||||
> This service adds commit messages as comments to Asana tasks. Once enabled, commit messages are checked for Asana task URLs (for example, `https://app.asana.com/0/123456/987654`) or task IDs starting with # (for example, `#987654`). Every task ID found will get the commit comment added to it. You can also close a task with a message containing: `fix #123456`. You can find your API Keys here: <https://asana.com/developers/documentation/getting-started/auth#api-key>.
|
||||
> This service adds commit messages as comments to Asana tasks. Once enabled, commit messages are checked for Asana task URLs (for example, `https://app.asana.com/0/123456/987654`) or task IDs starting with # (for example, `#987654`). Every task ID found will get the commit comment added to it. You can also close a task with a message containing: `fix #123456`. You can find your API Keys here: <https://developers.asana.com/docs/#authentication-basics>.
|
||||
|
||||
```plaintext
|
||||
PUT /projects/:id/services/asana
|
||||
|
|
|
@ -44,7 +44,7 @@ infrastructure is up and running, and that your units of code work well together
|
|||
|
||||
## Selenium and WebdriverIO
|
||||
|
||||
[Selenium](https://selenium.dev/) is a piece of software that can control web browsers, e.g., to make them
|
||||
[Selenium](https://www.selenium.dev/) is a piece of software that can control web browsers, e.g., to make them
|
||||
visit a specific URL or interact with elements on the page. It can be programmatically controlled
|
||||
from a variety of programming languages. In this article we're going to be using the
|
||||
[WebdriverIO](https://webdriver.io/) JavaScript bindings, but the general concept should carry over
|
||||
|
|
|
@ -811,7 +811,7 @@ module Gitlab
|
|||
end
|
||||
```
|
||||
|
||||
A [Query Analyzer](https://graphql-ruby.org/queries/analysis.html#analyzer-api) contains a series
|
||||
A [Query Analyzer](https://graphql-ruby.org/queries/ast_analysis.html#analyzer-api) contains a series
|
||||
of callbacks to validate queries before they are executed. Each field can pass through
|
||||
the analyzer, and the final value is also available to you.
|
||||
|
||||
|
|
|
@ -160,7 +160,7 @@ Component statuses are linked to configuration documentation for each component.
|
|||
| [Elasticsearch](#elasticsearch) | Improved search within GitLab | [⤓][elasticsearch-omnibus] | [⤓][elasticsearch-charts] | [⤓][elasticsearch-charts] | [❌](https://gitlab.com/groups/gitlab-org/-/epics/153) | [⤓][elasticsearch-source] | [⤓][elasticsearch-gdk] | EE Only |
|
||||
| [Sentry integration](#sentry) | Error tracking for deployed apps | [⤓][sentry-integration] | [⤓][sentry-integration] | [⤓][sentry-integration] | [⤓][sentry-integration] | [⤓][sentry-integration] | [⤓][sentry-integration] | CE & EE |
|
||||
| [Jaeger integration](#jaeger) | Distributed tracing for deployed apps | [⤓][jaeger-integration] | [⤓][jaeger-integration] | [⤓][jaeger-integration] | [⤓][jaeger-integration] | [⤓][jaeger-integration] | [⤓][jaeger-integration] | EE Only |
|
||||
| [GitLab Managed Apps](#gitlab-managed-apps) | Deploy [Helm](https://helm.sh/docs/), [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/), [Cert-Manager](https://docs.cert-manager.io/en/latest/), [Prometheus](https://prometheus.io/docs/introduction/overview/), a [Runner](https://docs.gitlab.com/runner/), [JupyterHub](https://jupyter.org), [Knative](https://cloud.google.com/knative/) to a cluster | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | CE & EE |
|
||||
| [GitLab Managed Apps](#gitlab-managed-apps) | Deploy [Helm](https://helm.sh/docs/), [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/), [Cert-Manager](https://cert-manager.io/docs/), [Prometheus](https://prometheus.io/docs/introduction/overview/), a [Runner](https://docs.gitlab.com/runner/), [JupyterHub](https://jupyter.org), [Knative](https://cloud.google.com/knative/) to a cluster | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | CE & EE |
|
||||
|
||||
### Component details
|
||||
|
||||
|
@ -207,7 +207,7 @@ Consul is a tool for service discovery and configuration. Consul is distributed,
|
|||
|
||||
#### Elasticsearch
|
||||
|
||||
- [Project page](https://github.com/elastic/elasticsearch/blob/master/README.asciidoc)
|
||||
- [Project page](https://github.com/elastic/elasticsearch/)
|
||||
- Configuration: [Omnibus][elasticsearch-omnibus], [Charts][elasticsearch-charts], [Source][elasticsearch-source], [GDK][elasticsearch-gdk]
|
||||
- Layer: Core Service (Data)
|
||||
|
||||
|
@ -424,7 +424,7 @@ An external registry can also be configured to use GitLab as an auth endpoint.
|
|||
|
||||
#### Sentry
|
||||
|
||||
- [Project page](https://github.com/getsentry/sentry/blob/master/README.rst)
|
||||
- [Project page](https://github.com/getsentry/sentry/)
|
||||
- Configuration: [Omnibus][sentry-omnibus], [Charts][sentry-charts], [Source][gitlab-yml], [GDK][gitlab-yml]
|
||||
- Layer: Monitoring
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@ description: "Learn how GitLab's documentation website is architectured."
|
|||
|
||||
The [`gitlab-docs`](https://gitlab.com/gitlab-org/gitlab-docs) project hosts
|
||||
the repository which is used to generate the GitLab documentation website and
|
||||
is deployed to <https://docs.gitlab.com>. It uses the [Nanoc](http://nanoc.ws)
|
||||
is deployed to <https://docs.gitlab.com>. It uses the [Nanoc](https://nanoc.ws/)
|
||||
static site generator.
|
||||
|
||||
## Architecture
|
||||
|
|
|
@ -424,7 +424,7 @@ This is a list of available features:
|
|||
|
||||
- Do not add commas (`,`) or semicolons (`;`) to the end of list items.
|
||||
- Only add periods to the end of a list item if the item consists of a complete sentence.
|
||||
The [definition of full sentence](https://www2.le.ac.uk/offices/ld/resources/writing/grammar/grammar-guides/sentence)
|
||||
The [definition of full sentence](https://www2.le.ac.uk/offices/ld/all-resources/writing/grammar/grammar-guides/sentence)
|
||||
is: _"a complete sentence always contains a verb, expresses a complete idea, and makes sense standing alone"_.
|
||||
- Be consistent throughout the list: if the majority of the items do not end in a period,
|
||||
do not end any of the items in a period, even if they consist of a complete sentence.
|
||||
|
|
|
@ -23,7 +23,7 @@ Default client accepts two parameters: `resolvers` and `config`.
|
|||
|
||||
- `resolvers` parameter is created to accept an object of resolvers for [local state management](#local-state-with-apollo) queries and mutations
|
||||
- `config` parameter takes an object of configuration settings:
|
||||
- `cacheConfig` field accepts an optional object of settings to [customize Apollo cache](https://github.com/apollographql/apollo-client/tree/master/packages/apollo-cache-inmemory#configuration)
|
||||
- `cacheConfig` field accepts an optional object of settings to [customize Apollo cache](https://www.apollographql.com/docs/react/caching/cache-configuration/#configuring-the-cache)
|
||||
- `baseUrl` allows us to pass a URL for GraphQL endpoint different from our main endpoint (i.e.`${gon.relative_url_root}/api/graphql`)
|
||||
- `assumeImmutableResults` (set to `false` by default) - this setting, when set to `true`, will assume that every single operation on updating Apollo Cache is immutable. It also sets `freezeResults` to `true`, so any attempt on mutating Apollo Cache will throw a console warning in development environment. Please ensure you're following the immutability pattern on cache update operations before setting this option to `true`.
|
||||
|
||||
|
@ -601,7 +601,7 @@ defaultClient.query({ query })
|
|||
Read more about the [Apollo] client in the [Apollo documentation](https://www.apollographql.com/docs/tutorial/client/).
|
||||
|
||||
[Apollo]: https://www.apollographql.com/
|
||||
[vue-apollo]: https://github.com/Akryum/vue-apollo/
|
||||
[vue-apollo]: https://github.com/vuejs/vue-apollo
|
||||
[feature-flags]: ../feature_flags.md
|
||||
[default-client]: https://gitlab.com/gitlab-org/gitlab/blob/master/app/assets/javascripts/lib/graphql.js
|
||||
[vue-test-utils]: https://vue-test-utils.vuejs.org/
|
||||
|
|
|
@ -13,7 +13,7 @@ There are several ways to import a project.
|
|||
The first option is to simply [import the Project tarball file via the GitLab UI](../user/project/settings/import_export.md#importing-the-project):
|
||||
|
||||
1. Create the group `qa-perf-testing`
|
||||
1. Import the [GitLab FOSS project tarball](https://gitlab.com/gitlab-org/quality/performance-data/raw/master/gitlabhq_export.tar.gz) into the Group.
|
||||
1. Import the [GitLab FOSS project tarball](https://gitlab.com/gitlab-org/quality/performance-data/-/blob/master/projects_export/gitlabhq_export.tar.gz) into the Group.
|
||||
|
||||
It should take up to 15 minutes for the project to fully import. You can head to the project's main page for the current status.
|
||||
|
||||
|
@ -132,7 +132,7 @@ For Performance testing, we should:
|
|||
- Count the number of executed SQL queries during the restore.
|
||||
- Observe the number of GC cycles happening.
|
||||
|
||||
You can use this [snippet](https://gitlab.com/gitlab-org/gitlab/snippets/1924954), which will restore the project, and measure the execution time of `Project::TreeRestorer`, number of SQL queries and number of GC cycles happening.
|
||||
You can use this snippet: `https://gitlab.com/gitlab-org/gitlab/snippets/1924954` (must be logged in), which will restore the project, and measure the execution time of `Project::TreeRestorer`, number of SQL queries and number of GC cycles happening.
|
||||
|
||||
You can execute the script from the `gdk/gitlab` directory like this:
|
||||
|
||||
|
|
|
@ -307,7 +307,7 @@ It is recommended to reuse the identifiers the GitLab scanners already define:
|
|||
| [OSVD](https://cve.mitre.org/data/refs/refmap/source-OSVDB.html) | `osvdb` | OSVDB-113928 |
|
||||
| [USN](https://usn.ubuntu.com/) | `usn` | USN-4234-1 |
|
||||
| [WASC](http://projects.webappsec.org/Threat-Classification-Reference-Grid) | `wasc` | WASC-19 |
|
||||
| [RHSA](https://access.redhat.com/errata) | `rhsa` | RHSA-2020:0111 |
|
||||
| [RHSA](https://access.redhat.com/errata/#/) | `rhsa` | RHSA-2020:0111 |
|
||||
| [ELSA](https://linux.oracle.com/security/) | `elsa` | ELSA-2020-0085 |
|
||||
|
||||
The generic identifiers listed above are defined in the [common library](https://gitlab.com/gitlab-org/security-products/analyzers/common);
|
||||
|
|
|
@ -107,9 +107,9 @@ For instance `RETRIES=1 bin/rspec ...` would retry the failing examples once.
|
|||
|
||||
## Resources
|
||||
|
||||
- [Flaky Tests: Are You Sure You Want to Rerun Them?](http://semaphoreci.com/blog/2017/04/20/flaky-tests.html)
|
||||
- [Flaky Tests: Are You Sure You Want to Rerun Them?](https://semaphoreci.com/blog/2017/04/20/flaky-tests.html)
|
||||
- [How to Deal With and Eliminate Flaky Tests](https://semaphoreci.com/community/tutorials/how-to-deal-with-and-eliminate-flaky-tests)
|
||||
- [Tips on Treating Flakiness in your Rails Test Suite](http://semaphoreci.com/blog/2017/08/03/tips-on-treating-flakiness-in-your-test-suite.html)
|
||||
- [Tips on Treating Flakiness in your Rails Test Suite](https://semaphoreci.com/blog/2017/08/03/tips-on-treating-flakiness-in-your-test-suite.html)
|
||||
- ['Flaky' tests: a short story](https://www.ombulabs.com/blog/rspec/continuous-integration/how-to-track-down-a-flaky-test.html)
|
||||
- [Using Insights to Discover Flaky, Slow, and Failed Tests](https://circleci.com/blog/using-insights-to-discover-flaky-slow-and-failed-tests/)
|
||||
|
||||
|
|
|
@ -108,7 +108,7 @@ ahead and select this one, but please choose the size which best meets your own
|
|||
> **Note:** be aware that while your VM is active (known as "allocated"), it will incur
|
||||
"compute charges" which, ultimately, you will be billed for. So, even if you're using the
|
||||
free trial credits, you'll likely want to learn
|
||||
[how to properly shutdown an Azure VM to save money](https://buildazure.com/properly-shutdown-azure-vm-to-save-money/).
|
||||
[how to properly shutdown an Azure VM to save money](https://build5nines.com/properly-shutdown-azure-vm-to-save-money/).
|
||||
|
||||
Go ahead and click your chosen size, then click **"Select"** when you're ready to proceed to the
|
||||
next step.
|
||||
|
@ -420,7 +420,7 @@ Check out our other [Technical Articles](../../articles/index.md) or browse the
|
|||
- [Azure Portal][Azure-Portal]
|
||||
- [Azure - Pricing Calculator][Azure-Pricing-Calculator]
|
||||
- [Azure - Troubleshoot SSH Connections to an Azure Linux VM](https://docs.microsoft.com/en-us/azure/virtual-machines/troubleshooting/troubleshoot-ssh-connection)
|
||||
- [Azure - Properly Shutdown an Azure VM](https://buildazure.com/properly-shutdown-azure-vm-to-save-money/)
|
||||
- [Azure - Properly Shutdown an Azure VM](https://build5nines.com/properly-shutdown-azure-vm-to-save-money/)
|
||||
- [SSH], [PuTTY](https://www.putty.org) and [Using SSH in PuTTY][Using-SSH-In-Putty]
|
||||
|
||||
[Original-Blog-Post]: https://about.gitlab.com/blog/2016/07/13/how-to-setup-a-gitlab-instance-on-microsoft-azure/ "How to Set up a GitLab Instance on Microsoft Azure"
|
||||
|
|
|
@ -281,7 +281,7 @@ sudo apt-get update
|
|||
sudo apt-get install yarn
|
||||
```
|
||||
|
||||
Visit the official websites for [node](https://nodejs.org/en/download/package-manager/) and [yarn](https://yarnpkg.com/en/docs/install/) if you have any trouble with these steps.
|
||||
Visit the official websites for [node](https://nodejs.org/en/download/package-manager/) and [yarn](https://classic.yarnpkg.com/en/docs/install/) if you have any trouble with these steps.
|
||||
|
||||
## 5. System users
|
||||
|
||||
|
@ -533,7 +533,7 @@ As of Bundler 1.5.2, you can invoke `bundle install -jN` (where `N` is the numbe
|
|||
|
||||
Make sure you have `bundle` (run `bundle -v`):
|
||||
|
||||
- `>= 1.5.2`, because some [issues](https://devcenter.heroku.com/changelog-items/411) were [fixed](https://github.com/bundler/bundler/pull/2817) in 1.5.2.
|
||||
- `>= 1.5.2`, because some [issues](https://devcenter.heroku.com/changelog-items/411) were [fixed](https://github.com/rubygems/bundler/pull/2817) in 1.5.2.
|
||||
- `< 2.x`.
|
||||
|
||||
```shell
|
||||
|
|
|
@ -70,7 +70,7 @@ version of Node.js 10.13.0.
|
|||
You can check which version you are running with `node -v`. If you are running
|
||||
a version older than `v10.13.0`, you need to update to a newer version. You
|
||||
can find instructions to install from community maintained packages or compile
|
||||
from source at the [Node.js website](https://nodejs.org/en/download).
|
||||
from source at the [Node.js website](https://nodejs.org/en/download/).
|
||||
|
||||
## Hardware requirements
|
||||
|
||||
|
|
|
@ -31,8 +31,8 @@ of this document.
|
|||
|
||||
NOTE: **Note:**
|
||||
Elasticsearch should be installed on a separate server, whether you install
|
||||
it yourself or use a cloud hosted offering like Elastic's [Elasticsearch Service](https://www.elastic.co/products/elasticsearch/service) (available on AWS, GCP, or Azure) or the
|
||||
[Amazon Elasticsearch](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html) service. Running Elasticsearch on the same server as GitLab is not recommended
|
||||
it yourself or use a cloud hosted offering like Elastic's [Elasticsearch Service](https://www.elastic.co/elasticsearch/service) (available on AWS, GCP, or Azure) or the
|
||||
[Amazon Elasticsearch](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html) service. Running Elasticsearch on the same server as GitLab is not recommended
|
||||
and will likely cause a degradation in GitLab instance performance.
|
||||
|
||||
NOTE: **Note:**
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
# UltraAuth OmniAuth Provider
|
||||
|
||||
You can integrate your GitLab instance with [UltraAuth](https://ultraauth.com) to enable users to perform secure biometric authentication to your GitLab instance with your UltraAuth account. Users have to perform the biometric authentication using their mobile device with fingerprint sensor.
|
||||
You can integrate your GitLab instance with [UltraAuth](https://github.com/ultraauth) to enable users to perform secure biometric authentication to your GitLab instance with your UltraAuth account. Users have to perform the biometric authentication using their mobile device with fingerprint sensor.
|
||||
|
||||
## Create UltraAuth Application
|
||||
|
||||
To enable UltraAuth OmniAuth provider, you must use UltraAuth's credentials for your GitLab instance.
|
||||
To get the credentials (a pair of Client ID and Client Secret), you must register an application on UltraAuth.
|
||||
|
||||
1. Sign in to [UltraAuth](https://ultraauth.com).
|
||||
1. Sign in to [UltraAuth](https://app.ultraauth.com).
|
||||
1. Navigate to **Create an App** and click on **Ruby on Rails**.
|
||||
1. Scroll down the page that is displayed to locate the **Client ID** and **Client Secret**.
|
||||
Keep this page open as you continue configuration.
|
||||
|
|
|
@ -18,7 +18,7 @@ The following assumes you already have Vault installed and running.
|
|||
First you'll need to create a GitLab application to obtain an application ID and secret for authenticating into Vault. To do this, sign in to GitLab and follow these steps:
|
||||
|
||||
1. On GitLab, click your avatar on the top-right corner, and select your user **Settings > Applications**.
|
||||
1. Fill out the application **Name** and [**Redirect URI**](https://www.vaultproject.io/docs/auth/jwt.html#redirect-uris),
|
||||
1. Fill out the application **Name** and [**Redirect URI**](https://www.vaultproject.io/docs/auth/jwt/#redirect-uris),
|
||||
making sure to select the **OpenID** scope.
|
||||
1. Save application.
|
||||
1. Copy client ID and secret, or keep the page open for reference.
|
||||
|
@ -66,7 +66,7 @@ The following assumes you already have Vault installed and running.
|
|||
|
||||
1. **Write the OIDC Role Config:**
|
||||
|
||||
Now that Vault has a GitLab application ID and secret, it needs to know the [**Redirect URIs**](https://www.vaultproject.io/docs/auth/jwt.html#redirect-uris) and scopes given to GitLab during the application creation process. The redirect URIs need to match where your Vault instance is running. The `oidc_scopes` field needs to include the `openid`. Similarly to the previous step, replace `your_application_id` with the generated application ID from GitLab:
|
||||
Now that Vault has a GitLab application ID and secret, it needs to know the [**Redirect URIs**](https://www.vaultproject.io/docs/auth/jwt/#redirect-uris) and scopes given to GitLab during the application creation process. The redirect URIs need to match where your Vault instance is running. The `oidc_scopes` field needs to include the `openid`. Similarly to the previous step, replace `your_application_id` with the generated application ID from GitLab:
|
||||
|
||||
This configuration is saved under the name of the role you are creating. In this case, we are creating a `demo` role. Later, we'll show how you can access this role through the Vault CLI.
|
||||
|
||||
|
@ -107,7 +107,7 @@ The following assumes you already have Vault installed and running.
|
|||
|
||||
1. In the **Write the OIDC Role Config** (step 4), we created a role called `demo`. We set `role=demo` so Vault knows which configuration we'd like to login in with.
|
||||
1. To set Vault to use the `OIDC` sign-in method, we set `-method=oidc`.
|
||||
1. To set the port that GitLab should redirect to, we set `port=8250` or another port number that matches the port given to GitLab when listing [Redirect URIs](https://www.vaultproject.io/docs/auth/jwt.html#redirect-uris).
|
||||
1. To set the port that GitLab should redirect to, we set `port=8250` or another port number that matches the port given to GitLab when listing [Redirect URIs](https://www.vaultproject.io/docs/auth/jwt/#redirect-uris).
|
||||
|
||||
Once you run the command above, it will present a link in the terminal.
|
||||
Click the link in the terminal and a tab will open in the browser confirming you're signed into Vault via OIDC:
|
||||
|
|
|
@ -2,18 +2,35 @@
|
|||
comments: false
|
||||
---
|
||||
|
||||
# Rake tasks
|
||||
# Rake tasks **(CORE ONLY)**
|
||||
|
||||
- [Backup restore](backup_restore.md)
|
||||
- [Check](check.md)
|
||||
- [Cleanup](cleanup.md)
|
||||
- [Features](features.md)
|
||||
- [LDAP Maintenance](../administration/raketasks/ldap.md)
|
||||
- [General Maintenance](../administration/raketasks/maintenance.md) and self-checks
|
||||
- [User management](user_management.md)
|
||||
- [Webhooks](web_hooks.md)
|
||||
- [Import](import.md) of Git repositories in bulk
|
||||
- [Rebuild authorized_keys file](../administration/raketasks/maintenance.md#rebuild-authorized_keys-file) task for administrators
|
||||
- [Uploads Migrate](../administration/raketasks/uploads/migrate.md)
|
||||
- [Uploads Sanitize](../administration/raketasks/uploads/sanitize.md)
|
||||
- [Importing large GitLab project exports](../development/import_project.md#importing-via-a-rake-task)
|
||||
GitLab provides [Rake](https://ruby.github.io/rake/) tasks for common administration and operational processes.
|
||||
|
||||
GitLab Rake tasks are performed using:
|
||||
|
||||
- `gitlab-rake <raketask>` for [Omnibus GitLab](https://docs.gitlab.com/omnibus/README.html) installations.
|
||||
- `bundle exec rake <raketask>` for [source](../install/installation.md) installations.
|
||||
|
||||
## Available Rake tasks
|
||||
|
||||
The following are available Rake tasks:
|
||||
|
||||
| Tasks | Description |
|
||||
|:-------------------------------------------------------------------------------------------|:------------------------------------------------------------------------------------------|
|
||||
| [Back up and restore](backup_restore.md) | Back up, restore, and migrate GitLab instances between servers. |
|
||||
| [Clean up](cleanup.md) | Clean up unneeded items GitLab instances. |
|
||||
| [Enable namespaces](features.md) | Enable usernames and namespaces for user projects. |
|
||||
| [General maintenance](../administration/raketasks/maintenance.md) | General maintenance and self-check tasks. |
|
||||
| [Geo maintenance](../administration/raketasks/geo.md) **(PREMIUM ONLY)** | [Geo](../administration/geo/replication/index.md)-related maintenance. |
|
||||
| [GitHub import](../administration/raketasks/github_import.md) | Retrieve and import repositories from GitHub. |
|
||||
| [Import repositories](import.md) | Import bare repositories into your GitLab instance. |
|
||||
| [Import large project exports](../development/import_project.md#importing-via-a-rake-task) | Import large GitLab [project exports](../user/project/settings/import_export.md). |
|
||||
| [Integrity checks](../administration/raketasks/check.md) | Check the integrity of repositories, files, and LDAP. |
|
||||
| [LDAP maintenance](../administration/raketasks/ldap.md) | [LDAP](../administration/auth/ldap.md)-related tasks. |
|
||||
| [List repositories](list_repos.md) | List of all GitLab-managed Git repositories on disk. |
|
||||
| [Project import/export](../administration/raketasks/project_import_export.md) | Prepare for [project exports and imports](../user/project/settings/import_export.md). |
|
||||
| [Repository storage](../administration/raketasks/storage.md) | List and migrate existing projects and attachments from legacy storage to hashed storage. |
|
||||
| [Uploads migrate](../administration/raketasks/uploads/migrate.md) | Migrate uploads between storage local and object storage. |
|
||||
| [Uploads sanitize](../administration/raketasks/uploads/sanitize.md) | Remove EXIF data from images uploaded to earlier versions of GitLab. |
|
||||
| [User management](user_management.md) | Perform user management tasks. |
|
||||
| [Webhooks administration](web_hooks.md) | Maintain project Webhooks. |
|
||||
|
|
|
@ -79,7 +79,7 @@ is available.
|
|||
|
||||
> Introduced in GitLab 11.6 for project- and group-level clusters.
|
||||
|
||||
[cert-manager](https://docs.cert-manager.io/en/latest/) is a native
|
||||
[cert-manager](https://cert-manager.io/docs/) is a native
|
||||
Kubernetes certificate management controller that helps with issuing
|
||||
certificates. Installing cert-manager on your cluster will issue a
|
||||
certificate by [Let's Encrypt](https://letsencrypt.org/) and ensure that
|
||||
|
@ -98,7 +98,7 @@ If you have installed cert-manager prior to GitLab 12.3, Let's Encrypt will
|
|||
|
||||
To resolve this:
|
||||
|
||||
1. Uninstall cert-manager (consider [backing up any additional configuration](https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html)).
|
||||
1. Uninstall cert-manager (consider [backing up any additional configuration](https://cert-manager.io/docs/tutorials/backup/)).
|
||||
1. Install cert-manager again.
|
||||
|
||||
### GitLab Runner
|
||||
|
@ -1047,7 +1047,7 @@ The applications below can be uninstalled.
|
|||
|
||||
| Application | GitLab version | Notes |
|
||||
| ----------- | -------------- | ----- |
|
||||
| cert-manager | 12.2+ | The associated private key will be deleted and cannot be restored. Deployed applications will continue to use HTTPS, but certificates will not be renewed. Before uninstalling, you may wish to [back up your configuration](https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html) or [revoke your certificates](https://letsencrypt.org/docs/revoking/). |
|
||||
| cert-manager | 12.2+ | The associated private key will be deleted and cannot be restored. Deployed applications will continue to use HTTPS, but certificates will not be renewed. Before uninstalling, you may wish to [back up your configuration](https://cert-manager.io/docs/tutorials/backup/) or [revoke your certificates](https://letsencrypt.org/docs/revoking/). |
|
||||
| GitLab Runner | 12.2+ | Any running pipelines will be canceled. |
|
||||
| Helm | 12.2+ | The associated Tiller pod, the `gitlab-managed-apps` namespace, and all of its resources will be deleted and cannot be restored. |
|
||||
| Ingress | 12.1+ | The associated load balancer and IP will be deleted and cannot be restored. Furthermore, it can only be uninstalled if JupyterHub is not installed. |
|
||||
|
|
|
@ -102,7 +102,7 @@ module Gitlab
|
|||
if ionice
|
||||
raise ArgumentError, 'Invalid niceness' unless VALID_NICENESS_LEVELS.include?(niceness)
|
||||
|
||||
cmd.unshift(*%W[#{ionice} --class #{niceness}])
|
||||
cmd.unshift(*%W[#{ionice} -c #{niceness}])
|
||||
end
|
||||
|
||||
log_info("find command: '#{cmd.join(' ')}'")
|
||||
|
|
|
@ -146,9 +146,12 @@ describe Repositories::GitHttpController do
|
|||
let(:params) { container_params.merge(service: 'git-upload-pack') }
|
||||
|
||||
it 'returns 404' do
|
||||
expect(controller).not_to receive(:access_check)
|
||||
|
||||
get :info_refs, params: params
|
||||
|
||||
expect(response).to have_gitlab_http_status(:not_found)
|
||||
expect(response.body).to eq "The project you were looking for could not be found."
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -160,9 +163,12 @@ describe Repositories::GitHttpController do
|
|||
end
|
||||
|
||||
it 'returns 404' do
|
||||
expect(controller).not_to receive(:access_check)
|
||||
|
||||
post :git_upload_pack, params: params
|
||||
|
||||
expect(response).to have_gitlab_http_status(:not_found)
|
||||
expect(response.body).to eq "The project you were looking for could not be found."
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -70,6 +70,7 @@ describe('DirtySubmitForm', () => {
|
|||
describe('throttling tests', () => {
|
||||
beforeEach(() => {
|
||||
jasmine.clock().install();
|
||||
jasmine.clock().mockDate();
|
||||
DirtySubmitForm.THROTTLE_DURATION = 100;
|
||||
});
|
||||
|
||||
|
|
|
@ -28,6 +28,12 @@ describe Gitlab::Cleanup::OrphanJobArtifactFiles do
|
|||
expect { cleanup.run! }.to raise_error('Invalid niceness')
|
||||
end
|
||||
|
||||
it 'passes correct arguments to ionice' do
|
||||
allow(Gitlab::Utils).to receive(:which).with('ionice').and_return('/fake/ionice')
|
||||
expect(Open3).to receive(:popen3).with('/fake/ionice', '-c', any_args)
|
||||
cleanup.run!
|
||||
end
|
||||
|
||||
it 'finds artifacts on disk' do
|
||||
artifact = create(:ci_job_artifact, :archive)
|
||||
|
||||
|
|
|
@ -131,7 +131,6 @@ describe PrometheusAdapter, :use_clean_rails_memory_store_caching do
|
|||
end
|
||||
|
||||
it { expect(subject.to_json).to eq(prometheus_data.to_json) }
|
||||
it { expect(subject.to_json).to eq(prometheus_data.to_json) }
|
||||
end
|
||||
|
||||
[404, 500].each do |status|
|
||||
|
|
|
@ -49,7 +49,7 @@ describe Spam::SpamCheckService do
|
|||
end
|
||||
end
|
||||
|
||||
shared_examples 'akismet spam' do
|
||||
shared_examples 'only checks for spam if a request is provided' do
|
||||
context 'when request is missing' do
|
||||
let(:request) { nil }
|
||||
|
||||
|
@ -132,7 +132,7 @@ describe Spam::SpamCheckService do
|
|||
stub_feature_flags(allow_possible_spam: false)
|
||||
end
|
||||
|
||||
it_behaves_like 'akismet spam'
|
||||
it_behaves_like 'only checks for spam if a request is provided'
|
||||
|
||||
it 'marks as spam' do
|
||||
subject
|
||||
|
@ -142,7 +142,7 @@ describe Spam::SpamCheckService do
|
|||
end
|
||||
|
||||
context 'when allow_possible_spam feature flag is true' do
|
||||
it_behaves_like 'akismet spam'
|
||||
it_behaves_like 'only checks for spam if a request is provided'
|
||||
|
||||
it 'does not mark as spam' do
|
||||
subject
|
||||
|
|
Loading…
Reference in New Issue