diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-13 00:09:34 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-13 00:09:34 +0000 |
commit | 3cd08f4bf96cda3e9d3abf233095107832b17c20 (patch) | |
tree | dc09a618783a79d70f2a404374d4b850ccf9cc84 /doc/user | |
parent | dd4bee69b7d55620f7dc9db8c36b478bd4959755 (diff) | |
download | gitlab-ce-3cd08f4bf96cda3e9d3abf233095107832b17c20.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user')
-rw-r--r-- | doc/user/clusters/crossplane.md | 70 | ||||
-rw-r--r-- | doc/user/project/merge_requests/accessibility_testing.md | 24 | ||||
-rw-r--r-- | doc/user/reserved_names.md | 1 |
3 files changed, 46 insertions, 49 deletions
diff --git a/doc/user/clusters/crossplane.md b/doc/user/clusters/crossplane.md index 1e8a3129fed..12a5626937a 100644 --- a/doc/user/clusters/crossplane.md +++ b/doc/user/clusters/crossplane.md @@ -35,43 +35,39 @@ export REGION=us-central1 # the GCP region where the GKE cluster is provisioned. ## Configure RBAC permissions -- For a non-GitLab managed cluster(s), ensure that the service account for the token provided can manage resources in the `database.crossplane.io` API group. -Manually grant GitLab's service account the ability to manage resources in the -`database.crossplane.io` API group. The Aggregated ClusterRole allows us to do that. - -NOTE: **Note:** -For a non-GitLab managed cluster, ensure that the service account for the token provided can manage resources in the `database.crossplane.io` API group. -1. Save the following YAML as `crossplane-database-role.yaml`: - -```shell -cat > crossplane-database-role.yaml <<EOF -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: crossplane-database-role - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" -rules: -- apiGroups: - - database.crossplane.io - resources: - - postgresqlinstances - verbs: - - get - - list - - create - - update - - delete - - patch - - watch -EOF -``` - -Once the file is created, apply it with the following command in order to create the necessary role: - -```shell -kubectl apply -f crossplane-database-role.yaml -``` +- For GitLab-managed clusters, RBAC is configured automatically. + +- For non-GitLab managed clusters, ensure that the service account for the token provided can manage resources in the `database.crossplane.io` API group: + + 1. Save the following YAML as `crossplane-database-role.yaml`: + + ```yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: crossplane-database-role + labels: + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rules: + - apiGroups: + - database.crossplane.io + resources: + - postgresqlinstances + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + ``` + + 1. Apply the cluster role to the cluster: + + ```shell + kubectl apply -f crossplane-database-role.yaml + ``` ## Configure Crossplane with a cloud provider diff --git a/doc/user/project/merge_requests/accessibility_testing.md b/doc/user/project/merge_requests/accessibility_testing.md index a800ab6aec9..bfd62b77314 100644 --- a/doc/user/project/merge_requests/accessibility_testing.md +++ b/doc/user/project/merge_requests/accessibility_testing.md @@ -21,32 +21,34 @@ analyzed to a file called `accessibility`. ## Configure Accessibility Testing This example shows how to run [pa11y](https://pa11y.org/) -on your code with GitLab CI/CD using a node Docker image. +on your code with GitLab CI/CD using the [GitLab Accessibility Docker image](https://gitlab.com/gitlab-org/ci-cd/accessibility). -For GitLab 12.8 and later, to define the `a11y` job, you must +For GitLab 12.9 and later, to define the `a11y` job, you must [include](../../../ci/yaml/README.md#includetemplate) the [`Accessibility.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Verify/Accessibility.gitlab-ci.yml) included with your GitLab installation, as shown below. -For GitLab versions earlier than 12.8, you can copy and use the job as -defined in that template. Add the following to your `.gitlab-ci.yml` file: ```yaml variables: - a11y_urls: "https://about.gitlab.com" + a11y_urls: "https://about.gitlab.com https://gitlab.com/users/sign_in" include: - - remote: "https://gitlab.com/gitlab-org/gitlab/-/raw/master/lib/gitlab/ci/templates/Verify/Accessibility.gitlab-ci.yml" + - template: "Verify/Accessibility.gitlab-ci.yml" ``` -The example above will create an `a11y` job in your CI/CD pipeline and will run -Pa11y against the webpage you defined in `a11y_urls` to build a report. +creates an `a11y` job in your CI/CD pipeline, runs +Pa11y against the webpages defined in `a11y_urls`, and builds an HTML report for each. -NOTE: **Note:** -Only one URL may be currently passed into `a11y_urls`. +The report for each URL is saved as an artifact that can be [viewed directly in your browser](../../../ci/pipelines/job_artifacts.md#browsing-artifacts). + +A single `accessibility.json` artifact is created and saved along with the individual HTML reports. +It includes report data for all URLs scanned. -The full HTML Pa11y report will be saved as an artifact that can be [viewed directly in your browser](../../../ci/pipelines/job_artifacts.md#browsing-artifacts). +NOTE: **Note:** +For GitLab versions earlier than 12.9, you can use `include:remote` and use a +link to the [current template in `master`](https://gitlab.com/gitlab-org/gitlab/-/raw/master/lib/gitlab/ci/templates/Verify/Accessibility.gitlab-ci.yml) NOTE: **Note:** The job definition provided by the template does not support Kubernetes yet. diff --git a/doc/user/reserved_names.md b/doc/user/reserved_names.md index b160cb03f94..3e53bc0fd81 100644 --- a/doc/user/reserved_names.md +++ b/doc/user/reserved_names.md @@ -69,7 +69,6 @@ Currently the following names are reserved as top level groups: - `invites` - `jwt` - `login` -- `notification_settings` - `oauth` - `profile` - `projects` |