diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-30 04:46:20 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-30 04:46:20 +0000 |
commit | d7437af3f31f388bf59b23a06c9bff5c8c5fd157 (patch) | |
tree | 992bc5e9b85094644aebfd45a4c0955a27fcfba4 /doc | |
parent | f981f6691d5395e04ee2858593135c448c10757d (diff) | |
download | gitlab-ce-d7437af3f31f388bf59b23a06c9bff5c8c5fd157.tar.gz |
Add latest changes from gitlab-org/security/gitlab@15-6-stable-ee
Diffstat (limited to 'doc')
-rw-r--r-- | doc/user/admin_area/settings/external_authorization.md | 3 | ||||
-rw-r--r-- | doc/user/packages/package_registry/index.md | 1 | ||||
-rw-r--r-- | doc/user/project/deploy_keys/index.md | 2 | ||||
-rw-r--r-- | doc/user/project/deploy_tokens/index.md | 2 |
4 files changed, 8 insertions, 0 deletions
diff --git a/doc/user/admin_area/settings/external_authorization.md b/doc/user/admin_area/settings/external_authorization.md index a34ceac0d95..09ac477b062 100644 --- a/doc/user/admin_area/settings/external_authorization.md +++ b/doc/user/admin_area/settings/external_authorization.md @@ -43,6 +43,9 @@ using Omnibus, learn to install a custom CA in the Alternatively, learn where to install custom certificates by using `openssl version -d`. +When external authorization is enabled, [deploy tokens](../../project/deploy_tokens/index.md) + and [deploy keys](../../project/deploy_keys/index.md) can't be used for Git operations. + ## Configuration The external authorization service can be enabled by an administrator: diff --git a/doc/user/packages/package_registry/index.md b/doc/user/packages/package_registry/index.md index 8e160cbb195..1aeb98fd48a 100644 --- a/doc/user/packages/package_registry/index.md +++ b/doc/user/packages/package_registry/index.md @@ -62,6 +62,7 @@ For most package types, the following credential types are valid: NOTE: If you have not activated the "Packages" feature for your project at **Settings > General > Project features**, you will receive a 403 Forbidden response. +Accessing package registry via deploy token is not available when external authorization is enabled. ## Use GitLab CI/CD to build packages diff --git a/doc/user/project/deploy_keys/index.md b/doc/user/project/deploy_keys/index.md index 58f7d3198b2..56bb899c233 100644 --- a/doc/user/project/deploy_keys/index.md +++ b/doc/user/project/deploy_keys/index.md @@ -18,6 +18,8 @@ Depending on your needs, you might want to use a [deploy token](../deploy_tokens | Validity | Valid as long as it's registered and enabled. | Can be given an expiration date. | | Registry access | Cannot access a package registry. | Can read from and write to a package registry. | +Deploy keys can't be used for Git operations if [external authorization](../../admin_area/settings/external_authorization.md) is enabled. + ## Scope A deploy key has a defined scope when it is created: diff --git a/doc/user/project/deploy_tokens/index.md b/doc/user/project/deploy_tokens/index.md index aab72d4859e..3dd6f14ea70 100644 --- a/doc/user/project/deploy_tokens/index.md +++ b/doc/user/project/deploy_tokens/index.md @@ -41,6 +41,8 @@ You can create deploy tokens at either the project or group level: By default, a deploy token does not expire. You can optionally set an expiry date when you create it. Expiry occurs at midnight UTC on that date. +Deploy tokens can't be used for Git operations and Package Registry operations if [external authorization](../../admin_area/settings/external_authorization.md) is enabled. + ## Scope A deploy token's scope determines the actions it can perform. |