Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2021-12-01 06:10:42 +00:00
parent 95dc24081c
commit 9b646e9297
24 changed files with 117 additions and 65 deletions

View file

@ -0,0 +1,13 @@
- name: "apiFuzzingCiConfigurationCreate GraphQL mutation"
announcement_milestone: "14.6"
announcement_date: "2021-12-22"
removal_milestone: "15.0"
body: |
The API Fuzzing configuration snippet is now being generated client-side and does not require an
API request anymore. We are therefore deprecating the `apiFuzzingCiConfigurationCreate` mutation
which isn't being used in GitLab anymore.
stage: Secure
tiers: Ultimate
issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/333233
documentation_url: https://docs.gitlab.com/ee/user/application_security/api_fuzzing/#web-api-fuzzing-configuration-form
removal_date: "2022-05-22"

View file

@ -20,7 +20,7 @@ To disable Geo, follow these steps:
1. [Remove the primary site from the UI](#remove-the-primary-site-from-the-ui).
1. [Remove secondary replication slots](#remove-secondary-replication-slots).
1. [Remove Geo-related configuration](#remove-geo-related-configuration).
1. [(Optional) Revert PostgreSQL settings to use a password and listen on an IP](#optional-revert-postgresql-settings-to-use-a-password-and-listen-on-an-ip).
1. [Optional. Revert PostgreSQL settings to use a password and listen on an IP](#optional-revert-postgresql-settings-to-use-a-password-and-listen-on-an-ip).
## Remove all secondary Geo sites

View file

@ -559,7 +559,7 @@ to start again from scratch, there are a few steps that can help you:
You may want to remove the `/var/opt/gitlab/git-data/repositories.old` in the future
as soon as you confirmed that you don't need it anymore, to save disk space.
1. _(Optional)_ Rename other data folders and create new ones
1. Optional. Rename other data folders and create new ones
WARNING:
You may still have files on the **secondary** node that have been removed from the **primary** node, but this

View file

@ -621,7 +621,7 @@ To configure Gitaly with TLS:
1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
1. Verify Gitaly traffic is being served over TLS by
[observing the types of Gitaly connections](#observe-type-of-gitaly-connections).
1. (Optional) Improve security by:
1. Optional. Improve security by:
1. Disabling non-TLS connections by commenting out or deleting `gitaly['listen_addr']` in
`/etc/gitlab/gitlab.rb`.
1. Saving the file.
@ -697,7 +697,7 @@ To configure Gitaly with TLS:
1. Save the file and [restart GitLab](../restart_gitlab.md#installations-from-source).
1. Verify Gitaly traffic is being served over TLS by
[observing the types of Gitaly connections](#observe-type-of-gitaly-connections).
1. (Optional) Improve security by:
1. Optional. Improve security by:
1. Disabling non-TLS connections by commenting out or deleting `listen_addr` in
`/home/git/gitaly/config.toml`.
1. Saving the file.

View file

@ -155,7 +155,7 @@ On Omnibus GitLab installations, the settings are prefixed by `lfs_object_store_
This migrates existing LFS objects to object storage. New LFS objects
are forwarded to object storage unless
`gitlab_rails['lfs_object_store_background_upload']` and `gitlab_rails['lfs_object_store_direct_upload']` is set to `false`.
1. (Optional) Verify all files migrated properly.
1. Optional. Verify all files migrated properly.
From [PostgreSQL console](https://docs.gitlab.com/omnibus/settings/database.html#connecting-to-the-bundled-postgresql-database)
(`sudo gitlab-psql -d gitlabhq_production`) verify `objectstg` below (where `file_store=2`) has count of all artifacts:
@ -208,7 +208,7 @@ For source installations the settings are nested under `lfs:` and then
This migrates existing LFS objects to object storage. New LFS objects
are forwarded to object storage unless `background_upload` and `direct_upload` is set to
`false`.
1. (Optional) Verify all files migrated properly.
1. Optional. Verify all files migrated properly.
From PostgreSQL console (`sudo -u git -H psql -d gitlabhq_production`) verify `objectstg` below (where `file_store=2`) has count of all artifacts:
```shell

View file

@ -56,11 +56,11 @@ Before proceeding with the Pages configuration, you must:
| `gitlab.example.com` | `pages.example.com` | **{check-circle}** Yes |
1. Configure a **wildcard DNS record**.
1. (Optional) Have a **wildcard certificate** for that domain if you decide to
1. Optional. Have a **wildcard certificate** for that domain if you decide to
serve Pages under HTTPS.
1. (Optional but recommended) Enable [Shared runners](../../ci/runners/index.md)
1. Optional but recommended. Enable [Shared runners](../../ci/runners/index.md)
so that your users don't have to bring their own.
1. (Only for custom domains) Have a **secondary IP**.
1. For custom domains, have a **secondary IP**.
NOTE:
If your GitLab instance and the Pages daemon are deployed in a private network or behind a firewall, your GitLab Pages websites are only accessible to devices/users that have access to the private network.

View file

@ -59,9 +59,9 @@ Before proceeding with the Pages configuration, make sure that:
1. You have installed the `zip` and `unzip` packages in the same server that
GitLab is installed since they are needed to compress and decompress the
Pages artifacts.
1. (Optional) You have a **wildcard certificate** for the Pages domain if you
1. Optional. You have a **wildcard certificate** for the Pages domain if you
decide to serve Pages (`*.example.io`) under HTTPS.
1. (Optional but recommended) You have configured and enabled the [shared runners](../../ci/runners/index.md)
1. Optional but recommended. You have configured and enabled the [shared runners](../../ci/runners/index.md)
so that your users don't have to bring their own.
### DNS configuration

View file

@ -147,7 +147,7 @@ First, enable the **Developer Tools** panel. See [Getting the correlation ID in
After developer tools have been enabled, obtain a session cookie as follows:
1. Visit <https://gitlab.com> while logged in.
1. (Optional) Select **Fetch/XHR** request filter in the **Developer Tools** panel. This step is described for Google Chrome developer tools and is not strictly necessary, it just makes it easier to find the correct request.
1. Optional. Select **Fetch/XHR** request filter in the **Developer Tools** panel. This step is described for Google Chrome developer tools and is not strictly necessary, it just makes it easier to find the correct request.
1. Select the `results?request_id=<some-request-id>` request on the left hand side.
1. The session cookie is displayed under the `Request Headers` section of the `Headers` panel. Right-click on the cookie value and select `Copy value`.

View file

@ -689,7 +689,7 @@ The following capture groups are optional:
- `pre`: If set, the tag is ignored. Ignoring `pre` tags ensures release candidate
tags and other pre-release tags are not considered when determining the range of
commits to generate a changelog for.
- `meta`: (Optional) Specifies build metadata.
- `meta`: Optional. Specifies build metadata.
Using this information, GitLab builds a map of Git tags and their release
versions. It then determines what the latest tag is, based on the version

View file

@ -302,7 +302,7 @@ listed in the descriptions of the relevant settings.
| `external_authorization_service_timeout` | float | required by:<br>`external_authorization_service_enabled` | The timeout after which an authorization request is aborted, in seconds. When a request times out, access is denied to the user. (min: 0.001, max: 10, step: 0.001). |
| `external_authorization_service_url` | string | required by:<br>`external_authorization_service_enabled` | URL to which authorization requests are directed. |
| `external_pipeline_validation_service_url` | string | no | URL to use for pipeline validation requests. |
| `external_pipeline_validation_service_token` | string | no | (Optional) Token to include as the `X-Gitlab-Token` header in requests to the URL in `external_pipeline_validation_service_url`. |
| `external_pipeline_validation_service_token` | string | no | Optional. Token to include as the `X-Gitlab-Token` header in requests to the URL in `external_pipeline_validation_service_url`. |
| `external_pipeline_validation_service_timeout` | integer | no | How long to wait for a response from the pipeline validation service. Assumes `OK` if it times out. |
| `file_template_project_id` | integer | no | **(PREMIUM)** The ID of a project to load custom file templates from. |
| `first_day_of_week` | integer | no | Start day of the week for calendar views and date pickers. Valid values are `0` (default) for Sunday, `1` for Monday, and `6` for Saturday. |

View file

@ -91,7 +91,7 @@ The job token scope is only for controlling access to private projects.
1. On the left sidebar, select **Settings > CI/CD**.
1. Expand **Token Access**.
1. Toggle **Limit CI_JOB_TOKEN access** to enabled.
1. (Optional) Add existing projects to the token's access scope. The user adding a
1. Optional. Add existing projects to the token's access scope. The user adding a
project must have the [maintainer role](../../user/permissions.md) in both projects.
There is [a proposal](https://gitlab.com/groups/gitlab-org/-/epics/3559) to improve

View file

@ -634,7 +634,7 @@ timed rollout 10%:
start_in: 30 minutes
```
To stop the active timer of a delayed job, click the **{time-out}** (**Unschedule**) button.
To stop the active timer of a delayed job, select **Unschedule** (**{time-out}**).
This job can no longer be scheduled to run automatically. You can, however, execute the job manually.
To start a delayed job immediately, select **Play** (**{play}**).

View file

@ -85,10 +85,10 @@ To configure your Vault server:
to provide details about your Vault server:
- `VAULT_SERVER_URL` - The URL of your Vault server, such as `https://vault.example.com:8200`.
Required.
- `VAULT_AUTH_ROLE` - (Optional) The role to use when attempting to authenticate.
- `VAULT_AUTH_ROLE` - Optional. The role to use when attempting to authenticate.
If no role is specified, Vault uses the [default role](https://www.vaultproject.io/api/auth/jwt#default_role)
specified when the authentication method was configured.
- `VAULT_AUTH_PATH` - (Optional) The path where the authentication method is mounted, default is `jwt`.
- `VAULT_AUTH_PATH` - Optional. The path where the authentication method is mounted, default is `jwt`.
NOTE:
Support for providing these values in the user interface [is tracked in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/218677).

View file

@ -166,10 +166,10 @@ To add or update variables in the project settings:
- **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`.
- **Value**: No limitations.
- **Type**: [`File` or `Variable`](#cicd-variable-types).
- **Environment scope**: (Optional) `All`, or specific [environments](../environments/index.md).
- **Protect variable** (Optional): If selected, the variable is only available
- **Environment scope**: Optional. `All`, or specific [environments](../environments/index.md).
- **Protect variable** Optional. If selected, the variable is only available
in pipelines that run on protected branches or tags.
- **Mask variable** (Optional): If selected, the variable's **Value** is masked
- **Mask variable** Optional. If selected, the variable's **Value** is masked
in job logs. The variable fails to save if the value does not meet the
[masking requirements](#mask-a-cicd-variable).
@ -208,10 +208,10 @@ To add a group variable:
- **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`.
- **Value**: No limitations.
- **Type**: [`File` or `Variable`](#cicd-variable-types).
- **Environment scope** (Optional): `All`, or specific [environments](#limit-the-environment-scope-of-a-cicd-variable). **(PREMIUM)**
- **Protect variable** (Optional): If selected, the variable is only available
- **Environment scope** Optional. `All`, or specific [environments](#limit-the-environment-scope-of-a-cicd-variable). **(PREMIUM)**
- **Protect variable** Optional. If selected, the variable is only available
in pipelines that run on protected branches or tags.
- **Mask variable** (Optional): If selected, the variable's **Value** is masked
- **Mask variable** Optional. If selected, the variable's **Value** is masked
in job logs. The variable fails to save if the value does not meet the
[masking requirements](#mask-a-cicd-variable).
@ -248,9 +248,9 @@ To add an instance variable:
10,000 characters is allowed. This is also bounded by the limits of the selected
runner operating system. In GitLab 13.0 to 13.2, 700 characters is allowed.
- **Type**: [`File` or `Variable`](#cicd-variable-types).
- **Protect variable** (Optional): If selected, the variable is only available
- **Protect variable** Optional. If selected, the variable is only available
in pipelines that run on protected branches or tags.
- **Mask variable** (Optional): If selected, the variable's **Value** is not shown
- **Mask variable** Optional. If selected, the variable's **Value** is not shown
in job logs. The variable is not saved if the value does not meet the [masking requirements](#mask-a-cicd-variable).
### CI/CD variable types

View file

@ -115,7 +115,7 @@ Use these instructions for exploring the GitLab database while developing with t
1. **Use an SSL connection?** This depends on your installation. Options are:
- **Use Secure Connection**
- **Standard Connection** (default)
1. **(Optional) The database to connect to**: `gitlabhq_development`.
1. **Optional. The database to connect to**: `gitlabhq_development`.
1. **The display name for the database connection**: `gitlabhq_development`.
Your database connection should now be displayed in the PostgreSQL Explorer pane and

View file

@ -18,7 +18,7 @@ Before using CodeSandbox with your local GitLab instance, you must:
Follow the GDK [NGINX configuration instructions](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/nginx.md) to enable HTTPS for GDK.
1. Clone the [`codesandbox-client` project](https://github.com/codesandbox/codesandbox-client)
locally. If you plan on contributing upstream, you might want to fork and clone first.
1. (Optional) Use correct `python` and `nodejs` versions. Otherwise, `yarn` may fail to
1. Optional. Use correct `python` and `nodejs` versions. Otherwise, `yarn` may fail to
install or build some packages. If you're using `asdf` you can run the following commands:
```shell

View file

@ -799,7 +799,7 @@ To set up Service Ping locally, you must:
1. [Set up local repositories](#set-up-local-repositories).
1. [Test local setup](#test-local-setup).
1. (Optional) [Test Prometheus-based Service Ping](#test-prometheus-based-service-ping).
1. Optional. [Test Prometheus-based Service Ping](#test-prometheus-based-service-ping).
### Set up local repositories

View file

@ -474,20 +474,34 @@ To generate Service Ping, use [Teleport](https://goteleport.com/docs/) or a deta
1. Connect to bastion with agent forwarding:
`$ ssh -A lb-bastion.gprd.gitlab.com`.
```shell
ssh -A lb-bastion.gprd.gitlab.com
```
1. Create named screen:
`$ screen -S <username>_usage_ping_<date>`.
```shell
screen -S <username>_usage_ping_<date>
```
1. Connect to console host:
`$ ssh $USER-rails@console-01-sv-gprd.c.gitlab-production.internal`.
1. Run `ServicePing::SubmitService.new.execute`
1. Detach from screen:
```shell
ssh $USER-rails@console-01-sv-gprd.c.gitlab-production.internal
```
`ctrl + a, ctrl + d`
1. Run:
```shell
ServicePing::SubmitService.new.execute
```
1. To detach from screen, press `ctrl + A`, `ctrl + D`.
1. Exit from bastion:
`$ exit`
```shell
exit
```
### Verification (After approx 30 hours)
@ -501,28 +515,49 @@ To generate Service Ping, use [Teleport](https://goteleport.com/docs/) or a deta
1. Reconnect to bastion:
`$ ssh -A lb-bastion.gprd.gitlab.com`
```shell
ssh -A lb-bastion.gprd.gitlab.com
```
1. Find your screen session:
`$ screen -ls`
```shell
screen -ls
```
1. Attach to your screen session:
`$ screen -x 14226.mwawrzyniak_usage_ping_2021_01_22`
1. Check the last payload in `raw_usage_data` table: `RawUsageData.last.payload`
1. Check the when the payload was sent: `RawUsageData.last.sent_at`
```shell
screen -x 14226.mwawrzyniak_usage_ping_2021_01_22
```
1. Check the last payload in `raw_usage_data` table:
```shell
RawUsageData.last.payload
```
1. Check the when the payload was sent:
```shell
RawUsageData.last.sent_at
```
### Skip database write operations
To skip database write operations, DevOps report creation, and storage of usage data payload, you can pass an optional argument `skip_db_write`:
To skip database write operations, DevOps report creation, and storage of usage data payload, pass an optional argument:
`ServicePing::SubmitService.new(skip_db_write: true).execute`
```shell
skip_db_write:
ServicePing::SubmitService.new(skip_db_write: true).execute
```
## Troubleshooting
### Cannot disable Service Ping using the configuration file
The method to disable Service Ping using the GitLab configuration file does not work in
GitLab versions 9.3.0 to 13.12.3. To disable it, you need to use the Admin Area in
GitLab versions 9.3.0 to 13.12.3. To disable it, you must use the Admin Area in
the GitLab UI instead. For more information, see
[this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/333269).

View file

@ -294,7 +294,7 @@ Geo requires an EE license. To visit the Geo sites in your browser, you need a r
export EE_LICENSE=$(cat <path/to/your/gitlab_license>)
```
1. (Optional) Pull the GitLab image
1. Optional. Pull the GitLab image
This step is optional because pulling the Docker image is part of the [`Test::Integration::Geo` orchestrated scenario](https://gitlab.com/gitlab-org/gitlab-qa/-/blob/d8c5c40607c2be0eda58bbca1b9f534b00889a0b/lib/gitlab/qa/scenario/test/integration/geo.rb). However, it's easier to monitor the download progress if you pull the image first, and the scenario skips this step after checking that the image is up to date.

View file

@ -81,7 +81,7 @@ You can apply a feature flag strategy across multiple environments, without defi
the strategy multiple times.
GitLab Feature Flags use [Unleash](https://docs.getunleash.io/) as the feature flag
engine. In Unleash, there are [strategies](https://docs.getunleash.io/activation_strategy/)
engine. In Unleash, there are [strategies](https://docs.getunleash.io/user_guide/activation_strategy)
for granular feature flag controls. GitLab Feature Flags can have multiple strategies,
and the supported strategies are:
@ -96,8 +96,7 @@ and selecting **Edit** (**{pencil}**).
### All users
Enables the feature for all users. It uses the [`default`](https://docs.getunleash.io/activation_strategy/#default)
Unleash activation strategy.
Enables the feature for all users. It uses the Standard (`default`) Unleash activation [strategy](https://docs.getunleash.io/user_guide/activation_strategy#standard).
### Percent Rollout
@ -105,8 +104,7 @@ Unleash activation strategy.
Enables the feature for a percentage of page views, with configurable consistency
of behavior. This consistency is also known as stickiness. It uses the
[`flexibleRollout`](https://docs.getunleash.io/activation_strategy/#flexiblerollout)
Unleash activation strategy.
Gradual Rollout (`flexibleRollout`) Unleash activation [strategy](https://docs.getunleash.io/user_guide/activation_strategy#gradual-rollout).
You can configure the consistency to be based on:
@ -134,7 +132,7 @@ Selecting **Random** provides inconsistent application behavior for individual u
### Percent of Users
Enables the feature for a percentage of authenticated users. It uses the Unleash activation strategy
[`gradualRolloutUserId`](https://docs.getunleash.io/activation_strategy/#gradualrolloutuserid).
[`gradualRolloutUserId`](https://docs.getunleash.io/user_guide/activation_strategy#gradual-rollout).
For example, set a value of 15% to enable the feature for 15% of authenticated users.
@ -156,8 +154,7 @@ ID for the feature to be enabled. See the [Ruby example](#ruby-application-examp
> - [Updated](https://gitlab.com/gitlab-org/gitlab/-/issues/34363) to be defined per environment in GitLab 12.6.
Enables the feature for a list of target users. It is implemented
using the Unleash [`userWithId`](https://docs.getunleash.io/activation_strategy/#userwithid)
activation strategy.
using the Unleash UserIDs (`userWithId`) activation [strategy](https://docs.getunleash.io/user_guide/activation_strategy#userids).
Enter user IDs as a comma-separated list of values (for example,
`user@example.com, user2@example.com`, or `username1,username2,username3`, and so on). Note that
@ -187,8 +184,7 @@ To search for code references of a feature flag:
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35930) in GitLab 13.1.
Enables the feature for lists of users created [in the Feature Flags UI](#create-a-user-list), or with the [Feature Flag User List API](../api/feature_flag_user_lists.md).
Similar to [User IDs](#user-ids), it uses the Unleash [`userWithId`](https://docs.getunleash.io/activation_strategy/#userwithid)
activation strategy.
Similar to [User IDs](#user-ids), it uses the Unleash UsersIDs (`userWithId`) activation [strategy](https://docs.getunleash.io/user_guide/activation_strategy#userids).
It's not possible to *disable* a feature for members of a user list, but you can achieve the same
effect by enabling a feature for a user list that doesn't contain the excluded users.

View file

@ -161,7 +161,7 @@ To resolve the problem, migrate the affected file (or files) and push back to th
git push
```
1. (Optional) Clean up your `.git` folder:
1. Optional. Clean up your `.git` folder:
```shell
git reflog expire --expire-unreachable=now --all

View file

@ -247,3 +247,11 @@ We are changing how the date filter works in Value Stream Analytics. Instead of
If you monitor Value Stream Analytics metrics and rely on the date filter, to avoid losing data, you must save the data prior to this change.
Announced: 2021-11-22
### apiFuzzingCiConfigurationCreate GraphQL mutation
The API Fuzzing configuration snippet is now being generated client-side and does not require an
API request anymore. We are therefore deprecating the `apiFuzzingCiConfigurationCreate` mutation
which isn't being used in GitLab anymore.
Announced: 2021-12-22

View file

@ -53,7 +53,7 @@ To approve or reject a user sign up:
1. On the top bar, select **Menu > Admin**.
1. On the left sidebar, select **Overview > Users**.
1. Select the **Pending approval** tab.
1. (Optional) Select a user.
1. Optional. Select a user.
1. Select the **{settings}** **User administration** dropdown.
1. Select **Approve** or **Reject**.
@ -77,7 +77,7 @@ by removing them in LDAP, or directly from the Admin Area. To do this:
1. On the top bar, select **Menu > Admin**.
1. On the left sidebar, select **Overview > Users**.
1. (Optional) Select a user.
1. Optional. Select a user.
1. Select the **{settings}** **User administration** dropdown.
1. Select **Block**.
@ -101,7 +101,7 @@ A blocked user can be unblocked from the Admin Area. To do this:
1. On the top bar, select **Menu > Admin**.
1. On the left sidebar, select **Overview > Users**.
1. Select on the **Blocked** tab.
1. (Optional) Select a user.
1. Optional. Select a user.
1. Select the **{settings}** **User administration** dropdown.
1. Select **Unblock**.
@ -145,7 +145,7 @@ A user can be deactivated from the Admin Area. To do this:
1. On the top bar, select **Menu > Admin**.
1. On the left sidebar, select **Overview > Users**.
1. (Optional) Select a user.
1. Optional. Select a user.
1. Select the **{settings}** **User administration** dropdown.
1. Select **Deactivate**.
@ -185,7 +185,7 @@ To do this:
1. On the top bar, select **Menu > Admin**.
1. On the left sidebar, select **Overview > Users**.
1. Select the **Deactivated** tab.
1. (Optional) Select a user.
1. Optional. Select a user.
1. Select the **{settings}** **User administration** dropdown.
1. Select **Activate**.
@ -211,7 +211,7 @@ Users can be banned using the Admin Area. To do this:
1. On the top bar, select **Menu > Admin**.
1. On the left sidebar, select **Overview > Users**.
1. (Optional) Select a user.
1. Optional. Select a user.
1. Select the **{settings}** **User administration** dropdown.
1. Select **Ban user**.
@ -224,7 +224,7 @@ A banned user can be unbanned using the Admin Area. To do this:
1. On the top bar, select **Menu > Admin**.
1. On the left sidebar, select **Overview > Users**.
1. Select the **Banned** tab.
1. (Optional) Select a user.
1. Optional. Select a user.
1. Select the **{settings}** **User administration** dropdown.
1. Select **Unban user**.

View file

@ -52,7 +52,7 @@ You can create snippets in multiple ways, depending on whether you want to creat
Filenames with appropriate extensions display [syntax highlighting](#filenames).
Failure to add a filename can cause a known
[copy-pasting bug](https://gitlab.com/gitlab-org/gitlab/-/issues/22870). If you don't provide a filename, GitLab [creates a name for you](#filenames).
1. (Optional) Add [multiple files](#add-or-remove-multiple-files) to your snippet.
1. Optional. Add [multiple files](#add-or-remove-multiple-files) to your snippet.
1. Select a visibility level, and select **Create snippet**.
After you create a snippet, you can still [add more files to it](#add-or-remove-multiple-files).