summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-03-23 12:09:47 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-03-23 12:09:47 +0000
commit8f9beefac3774b30e911fb00a68f4c7a5244cf27 (patch)
tree919c3a043f8c10bc3f78f3f6e029acfb6b972556 /doc
parente4bf776a8829e5186a0f63603c0be627b891d80e (diff)
downloadgitlab-ce-8f9beefac3774b30e911fb00a68f4c7a5244cf27.tar.gz
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
-rw-r--r--doc/api/graphql/reference/gitlab_schema.graphql51
-rw-r--r--doc/api/graphql/reference/gitlab_schema.json163
-rw-r--r--doc/api/graphql/reference/index.md10
-rw-r--r--doc/api/projects.md1
-rw-r--r--doc/development/contributing/merge_request_workflow.md1
-rw-r--r--doc/raketasks/cleanup.md56
-rw-r--r--doc/topics/airgap/index.md5
-rw-r--r--doc/topics/airgap/quick_start_guide.md157
-rw-r--r--doc/user/compliance/license_compliance/index.md2
9 files changed, 445 insertions, 1 deletions
diff --git a/doc/api/graphql/reference/gitlab_schema.graphql b/doc/api/graphql/reference/gitlab_schema.graphql
index 2d78174d669..ea11a203921 100644
--- a/doc/api/graphql/reference/gitlab_schema.graphql
+++ b/doc/api/graphql/reference/gitlab_schema.graphql
@@ -5046,6 +5046,7 @@ type Mutation {
will be destroyed during the update, and no Note will be returned
"""
updateNote(input: UpdateNoteInput!): UpdateNotePayload
+ updateRequirement(input: UpdateRequirementInput!): UpdateRequirementPayload
updateSnippet(input: UpdateSnippetInput!): UpdateSnippetPayload
}
@@ -8499,6 +8500,56 @@ type UpdateNotePayload {
}
"""
+Autogenerated input type of UpdateRequirement
+"""
+input UpdateRequirementInput {
+ """
+ A unique identifier for the client performing the mutation.
+ """
+ clientMutationId: String
+
+ """
+ The iid of the requirement to update
+ """
+ iid: String!
+
+ """
+ The project full path the requirement is associated with
+ """
+ projectPath: ID!
+
+ """
+ State of the requirement
+ """
+ state: RequirementState
+
+ """
+ Title of the requirement
+ """
+ title: String
+}
+
+"""
+Autogenerated return type of UpdateRequirement
+"""
+type UpdateRequirementPayload {
+ """
+ A unique identifier for the client performing the mutation.
+ """
+ clientMutationId: String
+
+ """
+ Reasons why the mutation failed.
+ """
+ errors: [String!]!
+
+ """
+ The requirement after mutation
+ """
+ requirement: Requirement
+}
+
+"""
Autogenerated input type of UpdateSnippet
"""
input UpdateSnippetInput {
diff --git a/doc/api/graphql/reference/gitlab_schema.json b/doc/api/graphql/reference/gitlab_schema.json
index 2be4573cafe..9e3460c0b03 100644
--- a/doc/api/graphql/reference/gitlab_schema.json
+++ b/doc/api/graphql/reference/gitlab_schema.json
@@ -15332,6 +15332,33 @@
"deprecationReason": null
},
{
+ "name": "updateRequirement",
+ "description": null,
+ "args": [
+ {
+ "name": "input",
+ "description": null,
+ "type": {
+ "kind": "NON_NULL",
+ "name": null,
+ "ofType": {
+ "kind": "INPUT_OBJECT",
+ "name": "UpdateRequirementInput",
+ "ofType": null
+ }
+ },
+ "defaultValue": null
+ }
+ ],
+ "type": {
+ "kind": "OBJECT",
+ "name": "UpdateRequirementPayload",
+ "ofType": null
+ },
+ "isDeprecated": false,
+ "deprecationReason": null
+ },
+ {
"name": "updateSnippet",
"description": null,
"args": [
@@ -25664,6 +25691,142 @@
},
{
"kind": "INPUT_OBJECT",
+ "name": "UpdateRequirementInput",
+ "description": "Autogenerated input type of UpdateRequirement",
+ "fields": null,
+ "inputFields": [
+ {
+ "name": "title",
+ "description": "Title of the requirement",
+ "type": {
+ "kind": "SCALAR",
+ "name": "String",
+ "ofType": null
+ },
+ "defaultValue": null
+ },
+ {
+ "name": "state",
+ "description": "State of the requirement",
+ "type": {
+ "kind": "ENUM",
+ "name": "RequirementState",
+ "ofType": null
+ },
+ "defaultValue": null
+ },
+ {
+ "name": "iid",
+ "description": "The iid of the requirement to update",
+ "type": {
+ "kind": "NON_NULL",
+ "name": null,
+ "ofType": {
+ "kind": "SCALAR",
+ "name": "String",
+ "ofType": null
+ }
+ },
+ "defaultValue": null
+ },
+ {
+ "name": "projectPath",
+ "description": "The project full path the requirement is associated with",
+ "type": {
+ "kind": "NON_NULL",
+ "name": null,
+ "ofType": {
+ "kind": "SCALAR",
+ "name": "ID",
+ "ofType": null
+ }
+ },
+ "defaultValue": null
+ },
+ {
+ "name": "clientMutationId",
+ "description": "A unique identifier for the client performing the mutation.",
+ "type": {
+ "kind": "SCALAR",
+ "name": "String",
+ "ofType": null
+ },
+ "defaultValue": null
+ }
+ ],
+ "interfaces": null,
+ "enumValues": null,
+ "possibleTypes": null
+ },
+ {
+ "kind": "OBJECT",
+ "name": "UpdateRequirementPayload",
+ "description": "Autogenerated return type of UpdateRequirement",
+ "fields": [
+ {
+ "name": "clientMutationId",
+ "description": "A unique identifier for the client performing the mutation.",
+ "args": [
+
+ ],
+ "type": {
+ "kind": "SCALAR",
+ "name": "String",
+ "ofType": null
+ },
+ "isDeprecated": false,
+ "deprecationReason": null
+ },
+ {
+ "name": "errors",
+ "description": "Reasons why the mutation failed.",
+ "args": [
+
+ ],
+ "type": {
+ "kind": "NON_NULL",
+ "name": null,
+ "ofType": {
+ "kind": "LIST",
+ "name": null,
+ "ofType": {
+ "kind": "NON_NULL",
+ "name": null,
+ "ofType": {
+ "kind": "SCALAR",
+ "name": "String",
+ "ofType": null
+ }
+ }
+ }
+ },
+ "isDeprecated": false,
+ "deprecationReason": null
+ },
+ {
+ "name": "requirement",
+ "description": "The requirement after mutation",
+ "args": [
+
+ ],
+ "type": {
+ "kind": "OBJECT",
+ "name": "Requirement",
+ "ofType": null
+ },
+ "isDeprecated": false,
+ "deprecationReason": null
+ }
+ ],
+ "inputFields": null,
+ "interfaces": [
+
+ ],
+ "enumValues": null,
+ "possibleTypes": null
+ },
+ {
+ "kind": "INPUT_OBJECT",
"name": "UpdateSnippetInput",
"description": "Autogenerated input type of UpdateSnippet",
"fields": null,
diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md
index 6a79a407dac..dfbd08be898 100644
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -1372,6 +1372,16 @@ Autogenerated return type of UpdateNote
| `errors` | String! => Array | Reasons why the mutation failed. |
| `note` | Note | The note after mutation |
+## UpdateRequirementPayload
+
+Autogenerated return type of UpdateRequirement
+
+| Name | Type | Description |
+| --- | ---- | ---------- |
+| `clientMutationId` | String | A unique identifier for the client performing the mutation. |
+| `errors` | String! => Array | Reasons why the mutation failed. |
+| `requirement` | Requirement | The requirement after mutation |
+
## UpdateSnippetPayload
Autogenerated return type of UpdateSnippet
diff --git a/doc/api/projects.md b/doc/api/projects.md
index ae9f7de427d..04775b0339d 100644
--- a/doc/api/projects.md
+++ b/doc/api/projects.md
@@ -46,6 +46,7 @@ GET /projects
| `order_by` | string | no | Return projects ordered by `id`, `name`, `path`, `created_at`, `updated_at`, or `last_activity_at` fields. Default is `created_at` |
| `sort` | string | no | Return projects sorted in `asc` or `desc` order. Default is `desc` |
| `search` | string | no | Return list of projects matching the search criteria |
+| `search_namespaces` | boolean | no | Include ancestor namespaces when matching search criteria. Default is `false` |
| `simple` | boolean | no | Return only limited fields for each project. This is a no-op without authentication as then _only_ simple fields are returned. |
| `owned` | boolean | no | Limit by projects explicitly owned by the current user |
| `membership` | boolean | no | Limit by projects that the current user is a member of |
diff --git a/doc/development/contributing/merge_request_workflow.md b/doc/development/contributing/merge_request_workflow.md
index 460bb6d25df..030cced8c2b 100644
--- a/doc/development/contributing/merge_request_workflow.md
+++ b/doc/development/contributing/merge_request_workflow.md
@@ -77,6 +77,7 @@ request is as follows:
1. The merge request author resolves only the threads they have fully addressed.
If there's an open reply or thread, a suggestion, a question, or anything else,
the thread should be left to be resolved by the reviewer.
+ 1. It should not be assumed that all feedback requires their recommended changes to be incorporated into the MR before it is merged. It is a judgment call by the MR author and the reviewer as to if this is required, or if a follow-up issue should be created to address the feedback in the future after the MR in question is merged.
1. If your MR touches code that executes shell commands, reads or opens files, or
handles paths to files on disk, make sure it adheres to the
[shell command guidelines](../shell_commands.md)
diff --git a/doc/raketasks/cleanup.md b/doc/raketasks/cleanup.md
index bbae713676d..bcce6a8a096 100644
--- a/doc/raketasks/cleanup.md
+++ b/doc/raketasks/cleanup.md
@@ -1,5 +1,61 @@
# Cleanup
+## Remove unreferenced LFS files from filesystem
+
+DANGER: **Danger:**
+Do not run this within 12 hours of a GitLab upgrade. This is to ensure that all background migrations have finished, which otherwise may lead to data loss.
+
+When you remove LFS files from a repository's history, they become orphaned and continue to consume disk space. With this rake task, you can remove invalid references from the database, which
+will allow garbage collection of LFS files.
+
+For example:
+
+```shell
+# omnibus-gitlab
+sudo gitlab-rake gitlab:cleanup:orphan_lfs_file_references PROJECT_PATH="gitlab-org/gitlab-foss"
+
+# installation from source
+bundle exec rake gitlab:cleanup:orphan_lfs_file_references RAILS_ENV=production PROJECT_PATH="gitlab-org/gitlab-foss"
+```
+
+You can also specify the project with `PROJECT_ID` instead of `PROJECT_PATH`.
+
+For example:
+
+```shell
+$ sudo gitlab-rake gitlab:cleanup:orphan_lfs_file_references PROJECT_PATH="gitlab-org/gitlab-foss"
+I, [2019-12-13T16:35:31.764962 #82356] INFO -- : Looking for orphan LFS files for project GitLab Org / GitLab Foss
+I, [2019-12-13T16:35:31.923659 #82356] INFO -- : Removed invalid references: 12
+```
+
+By default, this task does not delete anything but shows how many file references it can
+delete. Run the command with `DRY_RUN=false` if you actually want to
+delete the references. You can also use `LIMIT={number}` parameter to limit the number of deleted references.
+
+Note that this rake task only removes the references to LFS files. Unreferenced LFS files will be garbage-collected
+later (once a day). If you need to garbage collect them immediately, run
+`rake gitlab:cleanup:orphan_lfs_files` described below.
+
+## Remove unreferenced LFS files
+
+Unreferenced LFS files are removed on a daily basis but you can remove them immediately if
+you need to. For example:
+
+```shell
+# omnibus-gitlab
+sudo gitlab-rake gitlab:cleanup:orphan_lfs_files
+
+# installation from source
+bundle exec rake gitlab:cleanup:orphan_lfs_files
+```
+
+Example output:
+
+```shell
+$ sudo gitlab-rake gitlab:cleanup:orphan_lfs_files
+I, [2020-01-08T20:51:17.148765 #43765] INFO -- : Removed unreferenced LFS files: 12
+```
+
## Remove garbage from filesystem
Clean up local project upload files if they don't exist in GitLab database. The
diff --git a/doc/topics/airgap/index.md b/doc/topics/airgap/index.md
index abeb3a4b1d3..fc92dd5519d 100644
--- a/doc/topics/airgap/index.md
+++ b/doc/topics/airgap/index.md
@@ -3,6 +3,11 @@
Computers in an air-gapped network are isolated from the public internet as a security measure.
This page lists all the information available for running GitLab in an air-gapped environment.
+## Quick start
+
+If you plan to deploy a GitLab instance on a physically-isolated and offline network, see the
+[quick start guide](quick_start_guide.md) for configuration steps.
+
## Features
Follow these best practices to use GitLab's features in an offline environment:
diff --git a/doc/topics/airgap/quick_start_guide.md b/doc/topics/airgap/quick_start_guide.md
new file mode 100644
index 00000000000..c4c02af3c85
--- /dev/null
+++ b/doc/topics/airgap/quick_start_guide.md
@@ -0,0 +1,157 @@
+# Getting started with an air-gapped GitLab Installation
+
+This is a step-by-step guide that helps you install, configure, and use a self-managed GitLab
+instance entirely offline.
+
+## Installation
+
+NOTE: **Note:**
+This guide assumes the server is Ubuntu 18.04. Instructions for other servers may vary.
+
+NOTE: **Note:**
+This guide assumes the server host resolves as `my-host`, which you should replace with your
+server's name.
+
+Follow the installation instructions [as outlined in the omnibus install
+guide](https://about.gitlab.com/install/#ubuntu), but make sure to specify an `http`
+URL for the `EXTERNAL_URL` installation step. Once installed, we will manually
+configure the SSL ourselves.
+
+It is strongly recommended to setup a domain for IP resolution rather than bind
+to the server's IP address. This better ensures a stable target for our certs' CN
+and will make long-term resolution simpler.
+
+```shell
+sudo EXTERNAL_URL="http://my-host.internal" install gitlab-ee
+```
+
+## Enabling SSL
+
+Follow these steps to enable SSL for your fresh instance. Note that these steps reflect those for
+[manually configuring SSL in Omnibus's NGINX configuration](https://docs.gitlab.com/omnibus/settings/nginx.html#manually-configuring-https):
+
+1. Make the following changes to `/etc/gitlab/gitlab.rb`:
+
+ ```ruby
+ # Update external_url from "http" to "https"
+ external_url "https://example.gitlab.com"
+
+ # Set Let's Encrypt to false
+ letsencrypt['enable'] = false
+ ```
+
+1. Create the following directories with the appropriate permissions for generating self-signed
+ certificates:
+
+ ```shell
+ sudo mkdir -p /etc/gitlab/ssl
+ sudo chmod 755 /etc/gitlab/ssl
+ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/gitlab/ssl/my-host.internal.key -out /etc/gitlab/ssl/my-host.internal.crt
+ ```
+
+1. Reconfigure your instance to apply the changes:
+
+ ```shell
+ sudo gitlab-ctl reconfigure
+ ```
+
+## Enabling the GitLab Container Registry
+
+Follow these steps to enable the container registry. Note that these steps reflect those for
+[configuring the container registry under an existing domain](../../administration/packages/container_registry.md#configure-container-registry-under-an-existing-gitlab-domain):
+
+1. Make the following changes to `/etc/gitlab/gitlab.rb`:
+
+ ```ruby
+ # Change external_registry_url to match external_url, but append the port 4567
+ external_url "https://example.gitlab.com"
+ registry_external_url "https://example.gitlab.com:4567"
+ ```
+
+1. Reconfigure your instance to apply the changes:
+
+ ```shell
+ sudo gitlab-ctl reconfigure
+ ```
+
+## Allow the docker daemon to trust the registry and GitLab Runner
+
+Provide your Docker daemon with your certs by
+[following the steps for using trusted certificates with your registry](../../administration/packages/container_registry.md#using-self-signed-certificates-with-container-registry):
+
+```shell
+sudo mkdir -p /etc/docker/certs.d/my-host.internal:5000
+
+sudo cp /etc/gitlab/ssl/my-host.internal.crt /etc/docker/certs.d/my-host.internal:5000/ca.crt
+```
+
+Provide your GitLab Runner (to be installed next) with your certs by
+[following the steps for using trusted certificates with your Runner](https://docs.gitlab.com/runner/install/docker.html#installing-trusted-ssl-server-certificates):
+
+```shell
+sudo mkdir -p /etc/gitlab-runner/certs
+
+sudo cp /etc/gitlab/ssl/my-host.internal.crt /etc/gitlab-runner/certs/ca.crt
+```
+
+## Enabling GitLab Runner
+
+[Following a similar process to the steps for installing our GitLab Runner as a
+Docker service](https://docs.gitlab.com/runner/install/docker.html#docker-image-installation), we must first register our Runner:
+
+```shell
+$ sudo docker run --rm -it -v /etc/gitlab-runner:/etc/gitlab-runner gitlab/gitlab-runner register
+Updating CA certificates...
+Runtime platform arch=amd64 os=linux pid=7 revision=1b659122 version=12.8.0
+Running in system-mode.
+
+Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
+https://my-host.internal
+Please enter the gitlab-ci token for this runner:
+XXXXXXXXXXX
+Please enter the gitlab-ci description for this runner:
+[eb18856e13c0]:
+Please enter the gitlab-ci tags for this runner (comma separated):
+
+Registering runner... succeeded runner=FSMwkvLZ
+Please enter the executor: custom, docker, virtualbox, kubernetes, docker+machine, docker-ssh+machine, docker-ssh, parallels, shell, ssh:
+docker
+Please enter the default Docker image (e.g. ruby:2.6):
+ruby:2.6
+Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
+```
+
+Now we must add some additional configuration to our runner:
+
+Make the following changes to `/etc/gitlab-runner/config.toml`:
+
+- Add docker socket to volumes `volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"]`
+- Add `pull_policy = "if-not-present"` to the executor configuration
+
+Now we can start our Runner:
+
+```shell
+sudo docker run -d --restart always --name gitlab-runner -v /etc/gitlab-runner:/etc/gitlab-runner -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-runner:latest
+90646b6587127906a4ee3f2e51454c6e1f10f26fc7a0b03d9928d8d0d5897b64
+```
+
+### Authenticating the registry against the host OS
+
+As noted in [Docker's registry authentication documentation](https://docs.docker.com/registry/insecure/#docker-still-complains-about-the-certificate-when-using-authentication),
+certain versions of Docker require trusting the certificate chain at the OS level.
+
+In the case of Ubuntu, this involves using `update-ca-certificates`:
+
+```shell
+sudo cp /etc/docker/certs.d/my-host.internal\:5000/ca.crt /usr/local/share/ca-certificates/my-host.internal.crt
+
+sudo update-ca-certificates
+```
+
+If all goes well, this is what you should see:
+
+```
+1 added, 0 removed; done.
+Running hooks in /etc/ca-certificates/update.d...
+done.
+```
diff --git a/doc/user/compliance/license_compliance/index.md b/doc/user/compliance/license_compliance/index.md
index 2679dc85f42..dd2bb75b1df 100644
--- a/doc/user/compliance/license_compliance/index.md
+++ b/doc/user/compliance/license_compliance/index.md
@@ -53,7 +53,7 @@ The following languages and package managers are supported.
| Go | [Godep](https://github.com/tools/godep), go get ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), gvt ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), glide ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), dep ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), trash ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)) and govendor ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), [go mod](https://github.com/golang/go/wiki/Modules) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)) |[License Finder](https://github.com/pivotal/LicenseFinder)|
| Java | [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/) |[License Finder](https://github.com/pivotal/LicenseFinder)|
| .NET | [Nuget](https://www.nuget.org/) (.NET Framework is supported via the [mono project](https://www.mono-project.com/). Windows specific dependencies are not supported at this time.) |[License Finder](https://github.com/pivotal/LicenseFinder)|
-| Python | [pip](https://pip.pypa.io/en/stable/) |[License Finder](https://github.com/pivotal/LicenseFinder)|
+| Python | [pip](https://pip.pypa.io/en/stable/) (Python is supported through [requirements.txt](https://pip.readthedocs.io/en/1.1/requirements.html) and [Pipfile.lock](https://github.com/pypa/pipfile#pipfilelock).) |[License Finder](https://github.com/pivotal/LicenseFinder)|
| Ruby | [gem](https://rubygems.org/) |[License Finder](https://github.com/pivotal/LicenseFinder)|
| Erlang | [rebar](https://www.rebar3.org/) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types))|[License Finder](https://github.com/pivotal/LicenseFinder)|
| Objective-C, Swift | [Carthage](https://github.com/Carthage/Carthage) , [CocoaPods v0.39 and below](https://cocoapods.org/) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)) |[License Finder](https://github.com/pivotal/LicenseFinder)|