Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
6216eabd1c
commit
e5bf29c7cd
|
@ -394,6 +394,7 @@ export default {
|
|||
<gl-dropdown
|
||||
v-gl-tooltip.hover.focus="$options.i18n.optionsDropdownTitle"
|
||||
size="small"
|
||||
category="tertiary"
|
||||
right
|
||||
toggle-class="btn-icon js-diff-more-actions"
|
||||
class="gl-pt-0!"
|
||||
|
@ -402,7 +403,7 @@ export default {
|
|||
@hidden="setMoreActionsShown(false)"
|
||||
>
|
||||
<template #button-content>
|
||||
<gl-icon name="ellipsis_v" class="mr-0" :size="12" />
|
||||
<gl-icon name="ellipsis_v" class="mr-0" />
|
||||
<span class="sr-only">{{ $options.i18n.optionsDropdownTitle }}</span>
|
||||
</template>
|
||||
<gl-dropdown-item
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
<script>
|
||||
import { GlTab, GlTabs, GlSprintf, GlLink, GlAlert } from '@gitlab/ui';
|
||||
import { __, s__ } from '~/locale';
|
||||
import glFeatureFlagsMixin from '~/vue_shared/mixins/gl_feature_flags_mixin';
|
||||
import LocalStorageSync from '~/vue_shared/components/local_storage_sync.vue';
|
||||
import UserCalloutDismisser from '~/vue_shared/components/user_callout_dismisser.vue';
|
||||
import AutoDevOpsAlert from './auto_dev_ops_alert.vue';
|
||||
|
@ -50,7 +49,6 @@ export default {
|
|||
UserCalloutDismisser,
|
||||
TrainingProviderList,
|
||||
},
|
||||
mixins: [glFeatureFlagsMixin()],
|
||||
inject: ['projectFullPath', 'vulnerabilityTrainingDocsPath'],
|
||||
props: {
|
||||
augmentedSecurityFeatures: {
|
||||
|
@ -252,7 +250,6 @@ export default {
|
|||
</section-layout>
|
||||
</gl-tab>
|
||||
<gl-tab
|
||||
v-if="glFeatures.secureVulnerabilityTraining"
|
||||
data-testid="vulnerability-management-tab"
|
||||
:title="$options.i18n.vulnerabilityManagement"
|
||||
query-param-value="vulnerability-management"
|
||||
|
|
|
@ -41,7 +41,6 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
|
|||
push_frontend_feature_flag(:refactor_mr_widgets_extensions, project, default_enabled: :yaml)
|
||||
push_frontend_feature_flag(:refactor_mr_widget_test_summary, project, default_enabled: :yaml)
|
||||
push_frontend_feature_flag(:rebase_without_ci_ui, project, default_enabled: :yaml)
|
||||
push_frontend_feature_flag(:secure_vulnerability_training, project, default_enabled: :yaml)
|
||||
push_frontend_feature_flag(:issue_assignees_widget, @project, default_enabled: :yaml)
|
||||
push_frontend_feature_flag(:realtime_labels, project, default_enabled: :yaml)
|
||||
push_frontend_feature_flag(:updated_diff_expansion_buttons, project, default_enabled: :yaml)
|
||||
|
|
|
@ -38,7 +38,7 @@ module Ci
|
|||
job_timeout_source: 4
|
||||
}
|
||||
|
||||
ignore_columns :runner_features, remove_with: '14.7', remove_after: '2021-11-22'
|
||||
ignore_columns :runner_features, remove_with: '15.1', remove_after: '2022-05-22'
|
||||
|
||||
def update_timeout_state
|
||||
timeout = timeout_with_highest_precedence
|
||||
|
|
|
@ -1,16 +1,16 @@
|
|||
= form_for @application_setting, url: ci_cd_admin_application_settings_path(anchor: 'js-runner-settings'), html: { class: 'fieldset-form' } do |f|
|
||||
= gitlab_ui_form_for @application_setting, url: ci_cd_admin_application_settings_path(anchor: 'js-runner-settings'), html: { class: 'fieldset-form' } do |f|
|
||||
= form_errors(@application_setting)
|
||||
|
||||
%fieldset
|
||||
.form-group
|
||||
= hidden_field_tag "application_setting[valid_runner_registrars][]", nil
|
||||
- ApplicationSetting::VALID_RUNNER_REGISTRAR_TYPES.each do |type|
|
||||
.form-check
|
||||
= f.check_box(:valid_runner_registrars, { multiple: true, checked: valid_runner_registrars.include?(type), class: 'form-check-input' }, type, nil)
|
||||
= f.label :valid_runner_registrars, class: 'form-check-label' do
|
||||
= s_("Runners|Members of the %{type} can register runners") % { type: type }
|
||||
%span.form-text.gl-text-gray-600
|
||||
.gl-form-group
|
||||
%span.form-text.gl-mb-3.gl-mt-0
|
||||
= _('If no options are selected, only administrators can register runners.')
|
||||
= link_to _('Learn more.'), help_page_path('user/admin_area/settings/continuous_integration', anchor: 'prevent-users-from-registering-runners'), target: '_blank', rel: 'noopener noreferrer'
|
||||
= hidden_field_tag "application_setting[valid_runner_registrars][]", nil
|
||||
- ApplicationSetting::VALID_RUNNER_REGISTRAR_TYPES.each do |type|
|
||||
= f.gitlab_ui_checkbox_component :valid_runner_registrars, s_("Runners|Members of the %{type} can register runners") % { type: type },
|
||||
checkbox_options: { multiple: true, checked: valid_runner_registrars.include?(type) },
|
||||
checked_value: type,
|
||||
unchecked_value: nil
|
||||
|
||||
= f.submit _('Save changes'), class: "gl-button btn btn-confirm"
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
name: secure_vulnerability_training
|
||||
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/issues/346074
|
||||
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/346308
|
||||
milestone: '14.6'
|
||||
type: development
|
||||
group: group::threat insights
|
||||
default_enabled: true
|
|
@ -16,7 +16,7 @@
|
|||
We encourage customers currently using NFS for Git repositories to plan their migration by reviewing our documentation on [migrating to Gitaly Cluster](https://docs.gitlab.com/ee/administration/gitaly/index.html#migrate-to-gitaly-cluster).
|
||||
|
||||
reporter: mjwood
|
||||
stage: create # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth
|
||||
stage: create
|
||||
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||
issue_url: # (optional) This is a link to the deprecation issue in GitLab
|
||||
documentation_url: # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -7,7 +7,8 @@
|
|||
body: | # Do not modify this line, instead modify the lines below.
|
||||
The GraphQL API field `defaultMergeCommitMessageWithDescription` has been deprecated and will be removed in GitLab 15.0. For projects with a commit message template set, it will ignore the template.
|
||||
# The following items are not published on the docs page, but may be used in the future.
|
||||
stage: # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth
|
||||
stage: create
|
||||
reporter: phikai
|
||||
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||
issue_url: # (optional) This is a link to the deprecation issue in GitLab
|
||||
documentation_url: # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -6,3 +6,5 @@
|
|||
breaking_change: true
|
||||
body: | # Do not modify this line, instead modify the lines below.
|
||||
Long term service and support (LTSS) for SUSE Linux Enterprise Server (SLES) 12 SP2 [ended on March 31, 2021](https://www.suse.com/lifecycle/). The CA certificates on SP2 include the expired DST root certificate, and it's not getting new CA certificate package updates. We have implemented some [workarounds](https://gitlab.com/gitlab-org/gitlab-omnibus-builder/-/merge_requests/191), but we will not be able to continue to keep the build running properly.
|
||||
stage: enablement
|
||||
reporter: dorrino
|
||||
|
|
|
@ -7,7 +7,8 @@
|
|||
body: | # Do not modify this line, instead modify the lines below.
|
||||
The `type` and `types` CI/CD keywords will be removed in GitLab 15.0. Pipelines that use these keywords will stop working, so you must switch to `stage` and `stages`, which have the same behavior.
|
||||
# The following items are not published on the docs page, but may be used in the future.
|
||||
stage: # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth
|
||||
stage: verify
|
||||
reporter: dhershkovitch
|
||||
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||
issue_url: # (optional) This is a link to the deprecation issue in GitLab
|
||||
documentation_url: # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -7,7 +7,8 @@
|
|||
body: | # Do not modify this line, instead modify the lines below.
|
||||
In GitLab 15.0 we are going to limit the number of characters in CI/CD job names to 255. Any pipeline with job names that exceed the 255 character limit will stop working after the 15.0 release.
|
||||
# The following items are not published on the docs page, but may be used in the future.
|
||||
stage: # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth
|
||||
reporter: dhershkovitch
|
||||
stage: verify
|
||||
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||
issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/342800 # (optional) This is a link to the deprecation issue in GitLab
|
||||
documentation_url: # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
The method for calculating fingerprints has changed, resulting in different values. Going forward, the new values will be
|
||||
exposed in the UUID field. Data previously available in the projectFingerprint field will eventually be removed entirely.
|
||||
# The following items are not published on the docs page, but may be used in the future.
|
||||
stage: # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth
|
||||
stage: secure
|
||||
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||
issue_url: # (optional) This is a link to the deprecation issue in GitLab
|
||||
documentation_url: # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -9,5 +9,6 @@
|
|||
The feature to disable enforcement of PAT expiration is unusual from a security perspective.
|
||||
We have become concerned that this unusual feature could create unexpected behavior for users.
|
||||
Unexpected behavior in a security feature is inherently dangerous, so we have decided to remove this feature.
|
||||
stage: manage
|
||||
issue_url: "https://gitlab.com/gitlab-org/gitlab/-/issues/351962" # (optional) This is a link to the deprecation issue in GitLab
|
||||
documentation_url: "https://docs.gitlab.com/ee/user/admin_area/settings/account_and_limit_settings.html#allow-expired-personal-access-tokens-to-be-used-deprecated" # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -9,5 +9,6 @@
|
|||
The feature to disable enforcement of SSH expiration is unusual from a security perspective.
|
||||
We have become concerned that this unusual feature could create unexpected behavior for users.
|
||||
Unexpected behavior in a security feature is inherently dangerous, so we have decided to remove this feature.
|
||||
stage: manage
|
||||
issue_url: "https://gitlab.com/gitlab-org/gitlab/-/issues/351963" # (optional) This is a link to the deprecation issue in GitLab
|
||||
documentation_url: "https://docs.gitlab.com/ee/user/admin_area/settings/account_and_limit_settings.html#allow-expired-ssh-keys-to-be-used-deprecated" # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -58,7 +58,7 @@
|
|||
to one of the other two forms (using the correct appropriate type in the signature, or using
|
||||
an inline argument expression).
|
||||
# The following items are not published on the docs page, but may be used in the future.
|
||||
stage: # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth
|
||||
stage: ecosystem
|
||||
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||
issue_url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/257883'
|
||||
documentation_url: # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
increase throughput and reduce Go garbage collection latency. For more information, see
|
||||
the [relevant epic](https://gitlab.com/groups/gitlab-com/gl-infra/-/epics/463).
|
||||
# The following items are not published on the docs page, but may be used in the future.
|
||||
stage: # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth
|
||||
stage: platform
|
||||
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||
issue_url: # (optional) This is a link to the deprecation issue in GitLab
|
||||
documentation_url: # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -9,3 +9,4 @@
|
|||
The GitLab Composer repository can be used to push, search, fetch metadata about, and download PHP dependencies. All these actions require authentication, except for downloading dependencies.
|
||||
|
||||
Downloading Composer dependencies without authentication is deprecated in GitLab 14.9, and will be removed in GitLab 15.0. Starting with GitLab 15.0, you must authenticate to download Composer dependencies.
|
||||
stage: package
|
||||
|
|
|
@ -14,3 +14,4 @@
|
|||
- [Container Registry cleanup policy](https://docs.gitlab.com/ee/api/graphql/reference/#containerexpirationpolicy)
|
||||
- [Dependency Proxy time-to-live policy](https://docs.gitlab.com/ee/api/graphql/reference/#dependencyproxyimagettlgrouppolicy)
|
||||
- [Enabling the Dependency Proxy for your group](https://docs.gitlab.com/ee/api/graphql/reference/#dependencyproxysetting)
|
||||
stage: package
|
||||
|
|
|
@ -12,3 +12,4 @@
|
|||
|
||||
Instead, using the project’s `.gitlab-ci.yml`, provide a regular expression with the `coverage` keyword to set
|
||||
testing coverage results in merge requests.
|
||||
stage: verify
|
||||
|
|
|
@ -9,3 +9,4 @@
|
|||
The Container Registry supports [authentication](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs/configuration.md#auth) with `htpasswd`. It relies on an [Apache `htpasswd` file](https://httpd.apache.org/docs/2.4/programs/htpasswd.html), with passwords hashed using `bcrypt`.
|
||||
|
||||
Since it isn't used in the context of GitLab (the product), `htpasswd` authentication will be deprecated in GitLab 14.9 and removed in GitLab 15.0.
|
||||
stage: package
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
body: | # Do not modify this line, instead modify the lines below.
|
||||
The `CI_JOB_JWT` will be updated to support a wider variety of cloud providers. It will be changed to match [`CI_JOB_JWT_V2`](https://docs.gitlab.com/ee/ci/variables/predefined_variables.html), but this change may not be backwards compatible for all users, including Hashicorp Vault users. To maintain the current behavior, users can switch to using `CI_JOB_JWT_V1`, or update their configuration in GitLab 15.0 to use the improved `CI_JOB_JWT`.
|
||||
# The following items are not published on the docs page, but may be used in the future.
|
||||
stage: # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth
|
||||
stage: verify
|
||||
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||
issue_url: # (optional) This is a link to the deprecation issue in GitLab
|
||||
documentation_url: # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -16,7 +16,8 @@
|
|||
1. Select **Expire access tokens** to enable them. Tokens must be revoked or they don’t expire.
|
||||
|
||||
# The following items are not published on the docs page, but may be used in the future.
|
||||
stage: # Manage
|
||||
reporter: hsutor
|
||||
stage: manage
|
||||
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||
issue_url: # https://gitlab.com/gitlab-org/gitlab/-/issues/21745
|
||||
documentation_url: # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -7,7 +7,8 @@
|
|||
body: | # Do not modify this line, instead modify the lines below.
|
||||
The OAuth implicit grant authorization flow will be removed in our next major release, GitLab 15.0. Any applications that use OAuth implicit grant should switch to alternative [supported OAuth flows](https://docs.gitlab.com/ee/api/oauth2.html).
|
||||
# The following items are not published on the docs page, but may be used in the future.
|
||||
stage: # Manage
|
||||
reporter: hsutor
|
||||
stage: manage
|
||||
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||
issue_url: # https://gitlab.com/gitlab-org/gitlab/-/issues/344609
|
||||
documentation_url: # (optional) This is a link to the current documentation page
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class DropRunnerFeaturesFromCiBuildsMetadata < Gitlab::Database::Migration[1.0]
|
||||
enable_lock_retries!
|
||||
|
||||
def up
|
||||
remove_column :ci_builds_metadata, :runner_features
|
||||
end
|
||||
|
||||
def down
|
||||
add_column :ci_builds_metadata, :runner_features, :jsonb, default: {}, null: false
|
||||
end
|
||||
end
|
|
@ -0,0 +1 @@
|
|||
fdec8e2d58c5b857a997d7fa3536969df8c05b8c455811cbec984834e031f2cb
|
|
@ -12368,7 +12368,6 @@ CREATE TABLE ci_builds_metadata (
|
|||
secrets jsonb DEFAULT '{}'::jsonb NOT NULL,
|
||||
build_id bigint NOT NULL,
|
||||
id bigint NOT NULL,
|
||||
runner_features jsonb DEFAULT '{}'::jsonb NOT NULL,
|
||||
runtime_runner_features jsonb DEFAULT '{}'::jsonb NOT NULL
|
||||
);
|
||||
|
||||
|
|
|
@ -773,8 +773,8 @@ settings:
|
|||
Clone traffic can put a large strain on your Gitaly service. The bulk of the work gets done in the
|
||||
either of the following RPCs:
|
||||
|
||||
- `SSHUploadPack` (for Git SSH).
|
||||
- `PostUploadPack` (for Git HTTP).
|
||||
- `SSHUploadPackWithSidechannel` (for Git SSH).
|
||||
- `PostUploadPackWithSidechannel` (for Git HTTP).
|
||||
|
||||
To prevent such workloads from overwhelming your Gitaly server, you can set concurrency limits in
|
||||
Gitaly's configuration file. For example:
|
||||
|
@ -784,26 +784,39 @@ Gitaly's configuration file. For example:
|
|||
|
||||
gitaly['concurrency'] = [
|
||||
{
|
||||
'rpc' => "/gitaly.SmartHTTPService/PostUploadPack",
|
||||
'max_per_repo' => 20
|
||||
'rpc' => "/gitaly.SmartHTTPService/PostUploadPackWithSidechanel",
|
||||
'max_per_repo' => 20,
|
||||
'max_queue_time' => "1s",
|
||||
'max_queue_size' => 10
|
||||
},
|
||||
{
|
||||
'rpc' => "/gitaly.SSHService/SSHUploadPack",
|
||||
'rpc' => "/gitaly.SSHService/SSHUploadPackWithSidechannel",
|
||||
'max_per_repo' => 20
|
||||
'max_queue_time' => "1s",
|
||||
'max_queue_size' => 10
|
||||
}
|
||||
]
|
||||
```
|
||||
|
||||
- `rpc` is the name of the RPC to set a concurrency limit for per repository.
|
||||
- `max_per_repo` is the maximum number of in-flight RPC calls for the given RPC per repository.
|
||||
- `max_queue_time` is the maximum amount of time a request can wait in the concurrency queue to
|
||||
be picked up by Gitaly.
|
||||
- `max_queue_size` is the maximum size the concurrency queue can grow to before requests are rejected by
|
||||
Gitaly.
|
||||
|
||||
This limits the number of in-flight RPC calls for the given RPCs. The limit is applied per
|
||||
repository. In the example above:
|
||||
|
||||
- Each repository served by the Gitaly server can have at most 20 simultaneous `PostUploadPack` RPC
|
||||
calls in flight, and the same for `SSHUploadPack`.
|
||||
- Each repository served by the Gitaly server can have at most 20 simultaneous `PostUploadPackWithSidechannel` and
|
||||
`SSHUploadPackWithSidechannel` RPC calls in flight.
|
||||
- If another request comes in for a repository that has used up its 20 slots, that request gets
|
||||
queued.
|
||||
- If a request waits in the queue for more than 1 second, it is rejected with an error.
|
||||
- If the queue grows beyond 10, subsequent requests are rejected with an error.
|
||||
|
||||
You can observe the behavior of this queue using the Gitaly logs and Prometheus. For more
|
||||
information, see the [relevant documentation](index.md#monitor-gitaly).
|
||||
information, see the [relevant documentation](index.md#monitor-gitaly-concurrency-limiting).
|
||||
|
||||
## Background Repository Optimization
|
||||
|
||||
|
@ -1068,7 +1081,7 @@ closed it.
|
|||
|
||||
### Observe the cache
|
||||
|
||||
The cache can be observed [using metrics](index.md#monitor-gitaly) and in the following logged
|
||||
The cache can be observed [using metrics](index.md#pack-objects-cache) and in the following logged
|
||||
information:
|
||||
|
||||
|Message|Fields|Description|
|
||||
|
|
|
@ -403,23 +403,38 @@ Metric definitions are available:
|
|||
- Using [Grafana Explore](https://grafana.com/docs/grafana/latest/explore/) on a
|
||||
Grafana instance configured against Prometheus.
|
||||
|
||||
### Monitor Gitaly
|
||||
### Monitor Gitaly rate limiting
|
||||
|
||||
You can observe the behavior of [queued requests](configure_gitaly.md#limit-rpc-concurrency) using
|
||||
Gitaly can be configured to limit requests based on:
|
||||
|
||||
- Concurrency of requests.
|
||||
- A rate limit.
|
||||
|
||||
Monitor Gitaly request limiting with the `gitaly_requests_dropped_total` Prometheus metric. This metric provides a total count
|
||||
of requests dropped due to request limiting. The `reason` label indicates why a request was dropped:
|
||||
|
||||
- `rate`, due to rate limiting.
|
||||
- `max_size`, because the concurrency queue size was reached.
|
||||
- `max_time`, because the request exceeded the maximum queue wait time as configured in Gitaly.
|
||||
|
||||
### Monitor Gitaly concurrency limiting
|
||||
|
||||
You can observe specific behavior of [concurrency-queued requests](configure_gitaly.md#limit-rpc-concurrency) using
|
||||
the Gitaly logs and Prometheus:
|
||||
|
||||
- In the [Gitaly logs](../logs.md#gitaly-logs), look for the string (or structured log field)
|
||||
`acquire_ms`. Messages that have this field are reporting about the concurrency limiter.
|
||||
- In Prometheus, look for the following metrics:
|
||||
- `gitaly_rate_limiting_in_progress`.
|
||||
- `gitaly_rate_limiting_queued`.
|
||||
- `gitaly_rate_limiting_seconds`.
|
||||
- `gitaly_concurrency_limiting_in_progress` indicates how many concurrent requests are
|
||||
being processed.
|
||||
- `gitaly_concurrency_limiting_queued` indicates how many requests for an RPC for a given
|
||||
repository are waiting due to the concurrency limit being reached.
|
||||
- `gitaly_concurrency_limiting_acquiring_seconds` indiciates how long a request has to
|
||||
wait due to concurrency limits before being processed.
|
||||
|
||||
Although the name of the Prometheus metric contains `rate_limiting`, it's a concurrency limiter,
|
||||
not a rate limiter. If a Gitaly client makes 1,000 requests in a row very quickly, concurrency
|
||||
doesn't exceed 1, and the concurrency limiter has no effect.
|
||||
### `pack-objects` cache
|
||||
|
||||
The following [pack-objects cache](configure_gitaly.md#pack-objects-cache) metrics are available:
|
||||
The following [`pack-objects` cache](configure_gitaly.md#pack-objects-cache) metrics are available:
|
||||
|
||||
- `gitaly_pack_objects_cache_enabled`, a gauge set to `1` when the cache is enabled. Available
|
||||
labels: `dir` and `max_age`.
|
||||
|
@ -448,7 +463,7 @@ gitaly_streamcache_filestore_removed_total{dir="/var/opt/gitlab/git-data/reposit
|
|||
gitaly_streamcache_index_entries{dir="/var/opt/gitlab/git-data/repositories/+gitaly/PackObjectsCache"} 1
|
||||
```
|
||||
|
||||
#### Useful queries
|
||||
### Useful queries
|
||||
|
||||
The following are useful queries for monitoring Gitaly:
|
||||
|
||||
|
|
|
@ -357,7 +357,7 @@ The `list-untracked-repositories` Praefect sub-command lists repositories of the
|
|||
- Aren't tracked in the Praefect database.
|
||||
|
||||
Add the `-older-than` option to avoid showing repositories that are the process of being created and for which a record doesn't yet exist in the
|
||||
Praefect database. Replace <duration> with a time duration (for example, `5s`, `10m`, or `1h`). Defaults to `6h`.
|
||||
Praefect database. Replace `<duration>` with a time duration (for example, `5s`, `10m`, or `1h`). Defaults to `6h`.
|
||||
|
||||
```shell
|
||||
sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml list-untracked-repositories -older-than <duration>
|
||||
|
|
|
@ -217,7 +217,7 @@ The following Elasticsearch settings are available:
|
|||
| `Password` | The password of your Elasticsearch instance. |
|
||||
| `Number of Elasticsearch shards` | Elasticsearch indexes are split into multiple shards for performance reasons. In general, you should use at least 5 shards, and indexes with tens of millions of documents need to have more shards ([see below](#guidance-on-choosing-optimal-cluster-configuration)). Changes to this value do not take effect until the index is recreated. You can read more about tradeoffs in the [Elasticsearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/scalability.html). |
|
||||
| `Number of Elasticsearch replicas` | Each Elasticsearch shard can have a number of replicas. These are a complete copy of the shard, and can provide increased query performance or resilience against hardware failure. Increasing this value increases total disk space required by the index. |
|
||||
| `Limit namespaces and projects that can be indexed` | Enabling this allows you to select namespaces and projects to index. All other namespaces and projects use database search instead. If you enable this option but do not select any namespaces or projects, none are indexed. [Read more below](#limit-namespaces-and-projects).
|
||||
| `Limit the number of namespaces and projects that can be indexed` | Enabling this allows you to select namespaces and projects to index. All other namespaces and projects use database search instead. If you enable this option but do not select any namespaces or projects, none are indexed. [Read more below](#limit-the-number-of-namespaces-and-projects-that-can-be-indexed).
|
||||
| `Using AWS hosted Elasticsearch with IAM credentials` | Sign your Elasticsearch requests using [AWS IAM authorization](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html), [AWS EC2 Instance Profile Credentials](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-iam-instance-profile.html#getting-started-create-iam-instance-profile-cli), or [AWS ECS Tasks Credentials](https://docs.aws.amazon.com/AmazonECS/latest/userguide/task-iam-roles.html). Please refer to [Identity and Access Management in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html) for details of AWS hosted OpenSearch domain access policy configuration. |
|
||||
| `AWS Region` | The AWS region in which your OpenSearch Service is located. |
|
||||
| `AWS Access Key` | The AWS access key. |
|
||||
|
@ -234,9 +234,10 @@ Sidekiq performance. Return them to their default values if you see increased `s
|
|||
in your Sidekiq logs. For more information, see
|
||||
[issue 322147](https://gitlab.com/gitlab-org/gitlab/-/issues/322147).
|
||||
|
||||
### Limit namespaces and projects
|
||||
### Limit the number of namespaces and projects that can be indexed
|
||||
|
||||
If you select `Limit namespaces and projects that can be indexed`, more options become available.
|
||||
If you check checkbox `Limit the number of namespaces and projects that can be indexed`
|
||||
under **Elasticsearch indexing restrictions** more options become available.
|
||||
|
||||
![limit namespaces and projects options](img/limit_namespaces_projects_options.png)
|
||||
|
||||
|
@ -920,7 +921,7 @@ More [complex Elasticsearch API calls](https://www.elastic.co/guide/en/elasticse
|
|||
It is important to understand at which level the problem is manifesting (UI, Rails code, Elasticsearch side) to be able to [troubleshoot further](../administration/troubleshooting/elasticsearch.md#search-results-workflow).
|
||||
|
||||
NOTE:
|
||||
The above instructions are not to be used for scenarios that only index a [subset of namespaces](#limit-namespaces-and-projects).
|
||||
The above instructions are not to be used for scenarios that only index a [subset of namespaces](#limit-the-number-of-namespaces-and-projects-that-can-be-indexed).
|
||||
|
||||
See [Elasticsearch Index Scopes](#advanced-search-index-scopes) for more information on searching for specific types of data.
|
||||
|
||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 7.7 KiB After Width: | Height: | Size: 47 KiB |
|
@ -370,7 +370,7 @@ RSpec.describe 'Admin updates settings' do
|
|||
expect(current_settings.valid_runner_registrars).to eq(ApplicationSetting::VALID_RUNNER_REGISTRAR_TYPES)
|
||||
|
||||
page.within('.as-runner') do
|
||||
find_all('.form-check-input').each(&:click)
|
||||
find_all('input[type="checkbox"]').each(&:click)
|
||||
|
||||
click_button 'Save changes'
|
||||
end
|
||||
|
|
|
@ -41,11 +41,7 @@ describe('App component', () => {
|
|||
let wrapper;
|
||||
let userCalloutDismissSpy;
|
||||
|
||||
const createComponent = ({
|
||||
shouldShowCallout = true,
|
||||
secureVulnerabilityTraining = true,
|
||||
...propsData
|
||||
}) => {
|
||||
const createComponent = ({ shouldShowCallout = true, ...propsData }) => {
|
||||
userCalloutDismissSpy = jest.fn();
|
||||
|
||||
wrapper = extendedWrapper(
|
||||
|
@ -57,9 +53,6 @@ describe('App component', () => {
|
|||
autoDevopsPath,
|
||||
projectFullPath,
|
||||
vulnerabilityTrainingDocsPath,
|
||||
glFeatures: {
|
||||
secureVulnerabilityTraining,
|
||||
},
|
||||
},
|
||||
stubs: {
|
||||
...stubChildren(SecurityConfigurationApp),
|
||||
|
@ -467,22 +460,4 @@ describe('App component', () => {
|
|||
expect(trainingLink.attributes('href')).toBe(vulnerabilityTrainingDocsPath);
|
||||
});
|
||||
});
|
||||
|
||||
describe('when secureVulnerabilityTraining feature flag is disabled', () => {
|
||||
beforeEach(() => {
|
||||
createComponent({
|
||||
augmentedSecurityFeatures: securityFeaturesMock,
|
||||
augmentedComplianceFeatures: complianceFeaturesMock,
|
||||
secureVulnerabilityTraining: false,
|
||||
});
|
||||
});
|
||||
|
||||
it('renders correct amount of tabs', () => {
|
||||
expect(findTabs()).toHaveLength(2);
|
||||
});
|
||||
|
||||
it('does not render the vulnerability-management tab', () => {
|
||||
expect(wrapper.findByTestId('vulnerability-management-tab').exists()).toBe(false);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
Loading…
Reference in New Issue