diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 15:44:42 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 15:44:42 +0000 |
| commit | 4555e1b21c365ed8303ffb7a3325d773c9b8bf31 (patch) | |
| tree | 5423a1c7516cffe36384133ade12572cf709398d /doc | |
| parent | e570267f2f6b326480d284e0164a6464ba4081bc (diff) | |
| download | gitlab-ce-4555e1b21c365ed8303ffb7a3325d773c9b8bf31.tar.gz | |
Add latest changes from gitlab-org/gitlab@13-12-stable-eev13.12.0-rc42
Diffstat (limited to 'doc')
749 files changed, 30198 insertions, 15813 deletions
diff --git a/doc/.markdownlint/markdownlint-no-trailing-spaces.yml b/doc/.markdownlint/markdownlint-no-trailing-spaces.yml new file mode 100644 index 00000000000..3d107a3e667 --- /dev/null +++ b/doc/.markdownlint/markdownlint-no-trailing-spaces.yml @@ -0,0 +1,3 @@ +# Extended Markdown configuration to enforce no-trailing-spaces rule +"extends": "../../.markdownlint.yml" +"no-trailing-spaces": true diff --git a/doc/.vale/gitlab/Acronyms.yml b/doc/.vale/gitlab/Acronyms.yml index f7077413c9e..01dafe45223 100644 --- a/doc/.vale/gitlab/Acronyms.yml +++ b/doc/.vale/gitlab/Acronyms.yml @@ -48,6 +48,7 @@ exceptions: - EOL - EXIF - FAQ + - FIPS - FOSS - FQDN - FREE diff --git a/doc/.vale/gitlab/Admin.yml b/doc/.vale/gitlab/Admin.yml index 560752594d5..a2477026560 100644 --- a/doc/.vale/gitlab/Admin.yml +++ b/doc/.vale/gitlab/Admin.yml @@ -10,4 +10,4 @@ link: https://docs.gitlab.com/ee/development/documentation/styleguide/index.html level: suggestion ignorecase: true swap: - 'admin ?\w*': '(?:Admin Area|[Aa]dminist(ration|rator|rators|er|rative))' + 'admin ?\w*': '(?:Admin (Area|Mode)|[Aa]dminist(ration|rator|rators|er|rative))' diff --git a/doc/.vale/gitlab/SubstitutionSuggestions.yml b/doc/.vale/gitlab/SubstitutionSuggestions.yml index d2b8b37b301..bc9a6e3c70d 100644 --- a/doc/.vale/gitlab/SubstitutionSuggestions.yml +++ b/doc/.vale/gitlab/SubstitutionSuggestions.yml @@ -15,6 +15,7 @@ swap: active users: '"billable users"' docs: '"documentation"' GFM: '"GitLab Flavored Markdown"' + OAuth2: '"OAuth 2.0"' once that: '"after that"' once the: '"after the"' once you: '"after you"' diff --git a/doc/.vale/gitlab/spelling-exceptions.txt b/doc/.vale/gitlab/spelling-exceptions.txt index 4c4bbe96a96..05d0e5d4b85 100644 --- a/doc/.vale/gitlab/spelling-exceptions.txt +++ b/doc/.vale/gitlab/spelling-exceptions.txt @@ -563,6 +563,7 @@ smartcard smartcards snapshotting Sobelow +Solargraph Solarized Sourcegraph sparkline diff --git a/doc/README.md b/doc/README.md index 1cc309bd957..a56f17e3bf0 100644 --- a/doc/README.md +++ b/doc/README.md @@ -110,7 +110,7 @@ There are many ways to integrate with GitLab, including: |:-------------------------------------------|:------------| | [GitLab REST API](api/README.md) | Integrate with GitLab using our REST API. | | [GitLab GraphQL API](api/graphql/index.md) | Integrate with GitLab using our GraphQL API. | -| [Integrations](integration/README.md) | Integrations with third-party products. | +| [Integrations](integration/index.md) | Integrations with third-party products. | ## Contributing to GitLab diff --git a/doc/administration/application_settings_cache.md b/doc/administration/application_settings_cache.md index b6c09129c79..b3aac932fa8 100644 --- a/doc/administration/application_settings_cache.md +++ b/doc/administration/application_settings_cache.md @@ -4,16 +4,15 @@ group: Memory info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Changing application settings cache expiry interval **(FREE SELF)** +# Change the expiration interval for application cache **(FREE SELF)** -Application settings are cached for 60 seconds by default which should work -for most installations. A higher value would mean a greater delay between -changing an application setting and noticing that change come into effect. -A value of `0` would result in the `application_settings` table being -loaded for every request causing extra load on Redis and/or PostgreSQL. -It is therefore recommended to keep the value above zero. +By default, GitLab caches application settings for 60 seconds. Occasionally, +you may need to increase that interval to have more delay between application +setting changes and when users notice those changes in the application. -## Change the application settings cache expiry +We recommend you set this value to greater than `0` seconds. Setting it to `0` +causes the `application_settings` table to load for every request. This causes +extra load for Redis and PostgreSQL. To change the expiry value: @@ -25,7 +24,8 @@ To change the expiry value: gitlab_rails['application_settings_cache_seconds'] = 60 ``` -1. Save the file, and reconfigure and restart GitLab for the changes to take effect: +1. Save the file, and then reconfigure and restart GitLab for the changes to + take effect: ```shell gitlab-ctl reconfigure @@ -43,5 +43,5 @@ To change the expiry value: application_settings_cache_seconds: 60 ``` -1. Save the file and [restart](restart_gitlab.md#installations-from-source) +1. Save the file, and then [restart](restart_gitlab.md#installations-from-source) GitLab for the changes to take effect. diff --git a/doc/administration/audit_events.md b/doc/administration/audit_events.md index 9aa533d54f6..a7f4fc10655 100644 --- a/doc/administration/audit_events.md +++ b/doc/administration/audit_events.md @@ -157,6 +157,11 @@ on adding these events into GitLab: - [Group settings and activity](https://gitlab.com/groups/gitlab-org/-/epics/475) - [Instance-level settings and activity](https://gitlab.com/groups/gitlab-org/-/epics/476) +Don't see the event you want in any of the epics linked above? You can use the **Audit Event +Proposal** issue template to +[create an issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new?issuable_template=Audit%20Event%20Proposal) +to request it. + ### Disabled events #### Repository push @@ -170,7 +175,7 @@ In an upcoming release, Audit Events for Git push events will be enabled by default. Follow our [Partitioning strategy for Audit Events epic](https://gitlab.com/groups/gitlab-org/-/epics/3206) for updates. If you still wish to enable **Repository push** events in your instance, follow -the steps bellow. +the steps below. **In Omnibus installations:** diff --git a/doc/administration/auth/README.md b/doc/administration/auth/README.md index ef82c556468..a072cc73c43 100644 --- a/doc/administration/auth/README.md +++ b/doc/administration/auth/README.md @@ -6,7 +6,7 @@ group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# GitLab authentication and authorization +# GitLab authentication and authorization **(FREE SELF)** GitLab integrates with the following external authentication and authorization providers: diff --git a/doc/administration/auth/atlassian.md b/doc/administration/auth/atlassian.md index 9c5da558b0d..365236748b9 100644 --- a/doc/administration/auth/atlassian.md +++ b/doc/administration/auth/atlassian.md @@ -5,7 +5,7 @@ group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Atlassian OmniAuth Provider +# Atlassian OmniAuth Provider **(FREE SELF)** To enable the Atlassian OmniAuth provider for passwordless authentication you must register an application with Atlassian. diff --git a/doc/administration/auth/authentiq.md b/doc/administration/auth/authentiq.md index dbc5e446287..2eab4555c85 100644 --- a/doc/administration/auth/authentiq.md +++ b/doc/administration/auth/authentiq.md @@ -5,7 +5,7 @@ group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Authentiq OmniAuth Provider +# Authentiq OmniAuth Provider **(FREE SELF)** To enable the Authentiq OmniAuth provider for passwordless authentication you must register an application with Authentiq. diff --git a/doc/administration/auth/cognito.md b/doc/administration/auth/cognito.md index f264321ea6c..de5fa991abe 100644 --- a/doc/administration/auth/cognito.md +++ b/doc/administration/auth/cognito.md @@ -5,7 +5,7 @@ group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Amazon Web Services Cognito +# Amazon Web Services Cognito **(FREE SELF)** Amazon Cognito lets you add user sign-up, sign-in, and access control to your GitLab instance. The following documentation enables Cognito as an OAuth2 provider. diff --git a/doc/administration/auth/crowd.md b/doc/administration/auth/crowd.md index 440d956fc8f..f83710ef4c7 100644 --- a/doc/administration/auth/crowd.md +++ b/doc/administration/auth/crowd.md @@ -5,7 +5,7 @@ group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Atlassian Crowd OmniAuth Provider +# Atlassian Crowd OmniAuth Provider **(FREE SELF)** Authenticate to GitLab using the Atlassian Crowd OmniAuth provider. Enabling this provider also allows Crowd authentication for Git-over-https requests. diff --git a/doc/administration/auth/jwt.md b/doc/administration/auth/jwt.md index 59d00265a1b..b74b70ee8c0 100644 --- a/doc/administration/auth/jwt.md +++ b/doc/administration/auth/jwt.md @@ -5,7 +5,7 @@ group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# JWT OmniAuth provider +# JWT OmniAuth provider **(FREE SELF)** To enable the JWT OmniAuth provider, you must register your application with JWT. JWT will provide you with a secret key for you to use. diff --git a/doc/administration/auth/ldap/index.md b/doc/administration/auth/ldap/index.md index 0e55efba8ae..364c7cebea3 100644 --- a/doc/administration/auth/ldap/index.md +++ b/doc/administration/auth/ldap/index.md @@ -5,7 +5,7 @@ group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# General LDAP Setup +# General LDAP setup **(FREE SELF)** GitLab integrates with LDAP to support user authentication. @@ -29,7 +29,7 @@ stands for **Lightweight Directory Access Protocol**, which is a standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. -## Security **(FREE SELF)** +## Security GitLab assumes that LDAP users: @@ -44,7 +44,7 @@ We recommend against using LDAP integration if your LDAP users are allowed to change their 'mail', 'email' or 'userPrincipalName' attribute on the LDAP server or share email addresses. -### User deletion **(FREE SELF)** +### User deletion If a user is deleted from the LDAP server, they are also blocked in GitLab. Users are immediately blocked from logging in. However, there is an @@ -56,13 +56,13 @@ immediately block all access. GitLab Enterprise Edition Premium supports a [configurable sync time](#adjusting-ldap-user-sync-schedule). **(PREMIUM)** -## Git password authentication **(FREE SELF)** +## Git password authentication LDAP-enabled users can always authenticate with Git using their GitLab username or email and LDAP password, even if password authentication for Git is disabled in the application settings. -## Enabling LDAP sign-in for existing GitLab users **(FREE SELF)** +## Enabling LDAP sign-in for existing GitLab users When a user signs in to GitLab with LDAP for the first time, and their LDAP email address is the primary email address of an existing GitLab user, then @@ -73,7 +73,7 @@ In other words, if an existing GitLab user wants to enable LDAP sign-in for themselves, they should check that their GitLab email address matches their LDAP email address, and then sign into GitLab via their LDAP credentials. -## Google Secure LDAP **(FREE SELF)** +## Google Secure LDAP > Introduced in GitLab 11.9. @@ -81,7 +81,7 @@ LDAP email address, and then sign into GitLab via their LDAP credentials. LDAP service that can be configured with GitLab for authentication and group sync. See [Google Secure LDAP](google_secure_ldap.md) for detailed configuration instructions. -## Configuration **(FREE SELF)** +## Configuration To enable LDAP integration you need to add your LDAP server settings in `/etc/gitlab/gitlab.rb` or `/home/git/gitlab/config/gitlab.yml` for Omnibus @@ -100,7 +100,7 @@ would be on port 389. `plain` also operates on port 389. Removed values: `tls` w LDAP users must have a set email address, regardless of whether or not it's used to sign in. -### Example Configurations **(FREE SELF)** +### Example Configurations **Omnibus Configuration** @@ -163,7 +163,7 @@ production: ... ``` -### Basic Configuration Settings **(FREE SELF)** +### Basic Configuration Settings | Setting | Description | Required | Examples | | ------- | ----------- | -------- | -------- | @@ -190,7 +190,7 @@ Some examples of the `user_filter` field syntax: - `'(employeeType=developer)'` - `'(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'` -### SSL Configuration Settings **(FREE SELF)** +### SSL Configuration Settings | Setting | Description | Required | Examples | | ------- | ----------- | -------- | -------- | @@ -200,7 +200,7 @@ Some examples of the `user_filter` field syntax: | `cert` | Client certificate | no | `'-----BEGIN CERTIFICATE----- <REDACTED> -----END CERTIFICATE -----'` | | `key` | Client private key | no | `'-----BEGIN PRIVATE KEY----- <REDACTED> -----END PRIVATE KEY -----'` | -### Attribute Configuration Settings **(FREE SELF)** +### Attribute Configuration Settings LDAP attributes that GitLab uses to create an account for the LDAP user. The specified attribute can either be the attribute name as a string (for example, `'mail'`), or an array of attribute names to try in order (for example, `['mail', 'email']`). Note that the user's LDAP sign-in is the attribute specified as `uid` above. @@ -221,7 +221,7 @@ LDAP attributes that GitLab uses to create an account for the LDAP user. The spe | `external_groups` | An array of CNs of groups containing users that should be considered external. Note: Not `cn=interns` or the full DN. | no | `['interns', 'contractors']` | | `sync_ssh_keys` | The LDAP attribute containing a user's public SSH key. | no | `'sshPublicKey'` or false if not set | -### Set up LDAP user filter **(FREE SELF)** +### Set up LDAP user filter If you want to limit all GitLab access to a subset of the LDAP users on your LDAP server, the first step should be to narrow the configured `base`. However, @@ -266,7 +266,7 @@ Support for nested members in the user filter should not be confused with Please note that GitLab does not support the custom filter syntax used by OmniAuth LDAP. -#### Escaping special characters **(FREE SELF)** +#### Escaping special characters The `user_filter` DN can contain special characters. For example: @@ -297,7 +297,7 @@ The `user_filter` DN can contain special characters. For example: OU=Gitlab \28Inc\29,DC=gitlab,DC=com ``` -### Enabling LDAP username lowercase **(FREE SELF)** +### Enabling LDAP username lowercase Some LDAP servers, depending on their configurations, can return uppercase usernames. This can lead to several confusing issues such as creating links or namespaces with uppercase names. @@ -335,7 +335,7 @@ the configuration option `lowercase_usernames`. By default, this configuration o 1. [Restart GitLab](../../restart_gitlab.md#installations-from-source) for the changes to take effect. -### Disable LDAP web sign in **(FREE SELF)** +### Disable LDAP web sign in It can be useful to prevent using LDAP credentials through the web UI when an alternative such as SAML is preferred. This allows LDAP to be used for group @@ -367,7 +367,7 @@ This does not disable [using LDAP credentials for Git access](#git-password-auth 1. [Restart GitLab](../../restart_gitlab.md#installations-from-source) for the changes to take effect. -### Using encrypted credentials **(FREE SELF)** +### Using encrypted credentials Instead of having the LDAP integration credentials stored in plaintext in the configuration files, you can optionally use an encrypted file for the LDAP credentials. To use this feature, you first need to enable @@ -454,7 +454,7 @@ If initially your LDAP configuration looked like: 1. [Restart GitLab](../../restart_gitlab.md#installations-from-source) for the changes to take effect. -## Encryption **(FREE SELF)** +## Encryption ### TLS Server Authentication diff --git a/doc/administration/auth/ldap/ldap-troubleshooting.md b/doc/administration/auth/ldap/ldap-troubleshooting.md index 9d9c01b870f..1e6684751ed 100644 --- a/doc/administration/auth/ldap/ldap-troubleshooting.md +++ b/doc/administration/auth/ldap/ldap-troubleshooting.md @@ -5,7 +5,7 @@ group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# LDAP Troubleshooting for Administrators +# LDAP Troubleshooting for Administrators **(FREE SELF)** ## Common Problems & Workflows @@ -27,7 +27,7 @@ Could not authenticate you from Ldapmain because "Connection timed out - user sp ``` If your configured LDAP provider and/or endpoint is offline or otherwise -unreachable by GitLab, no LDAP user will be able to authenticate and sign-in. +unreachable by GitLab, no LDAP user is able to authenticate and sign-in. GitLab does not cache or store credentials for LDAP users to provide authentication during an LDAP outage. @@ -181,14 +181,13 @@ user = User.find_by_any_email('email@example.com') user.username ``` -This will show you which user has this email address. One of two steps will -have to be taken here: +This shows you which user has this email address. One of two steps must be taken here: - To create a new GitLab user/username for this user when signing in with LDAP, remove the secondary email to remove the conflict. - To use an existing GitLab user/username for this user to use with LDAP, remove this email as a secondary email and make it a primary one so GitLab - will associate this profile to the LDAP identity. + associates this profile to the LDAP identity. The user can do either of these steps [in their profile](../../../user/profile/index.md#access-your-user-profile) or an administrator can do it. @@ -227,7 +226,7 @@ output](#example-console-output-after-a-user-sync). ##### Example console output after a user sync **(PREMIUM SELF)** -The output from a [manual user sync](#sync-all-users) will be very verbose, and a +The output from a [manual user sync](#sync-all-users) is very verbose, and a single user's successful sync can look like this: ```shell @@ -255,8 +254,8 @@ uid: John There's a lot here, so let's go over what could be helpful when debugging. -First, GitLab will look for all users that have previously -signed in with LDAP and iterate on them. Each user's sync will start with +First, GitLab looks for all users that have previously +signed in with LDAP and iterate on them. Each user's sync starts with the following line that contains the user's username and email, as they exist in GitLab now: @@ -274,7 +273,7 @@ link between this user and the configured LDAP provider(s): Identity Load (0.9ms) SELECT "identities".* FROM "identities" WHERE "identities"."user_id" = 20 AND (provider LIKE 'ldap%') LIMIT 1 ``` -The identity object will have the DN that GitLab will use to look for the user +The identity object has the DN that GitLab uses to look for the user in LDAP. If the DN isn't found, the email is used instead. We can see that this user is found in LDAP: @@ -294,18 +293,18 @@ following message instead: LDAP search error: No Such Object ``` -...in which case the user will be blocked: +...in which case the user is blocked: ```shell User Update (0.4ms) UPDATE "users" SET "state" = $1, "updated_at" = $2 WHERE "users"."id" = $3 [["state", "ldap_blocked"], ["updated_at", "2019-10-18 15:46:22.902177"], ["id", 20]] ``` -Once the user is found in LDAP the rest of the output will update the GitLab +Once the user is found in LDAP, the rest of the output updates the GitLab database with any changes. #### Query a user in LDAP -This will test that GitLab can reach out to LDAP and read a particular user. +This tests that GitLab can reach out to LDAP and read a particular user. It can expose potential errors connecting to and/or querying LDAP that may seem to fail silently in the GitLab UI. diff --git a/doc/administration/auth/oidc.md b/doc/administration/auth/oidc.md index cde8944fadc..30ca7d94a1e 100644 --- a/doc/administration/auth/oidc.md +++ b/doc/administration/auth/oidc.md @@ -5,12 +5,12 @@ group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# OpenID Connect OmniAuth provider +# OpenID Connect OmniAuth provider **(FREE SELF)** GitLab can use [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) as an OmniAuth provider. To enable the OpenID Connect OmniAuth provider, you must register your application with an OpenID Connect provider. -The OpenID Connect will provide you with a client details and secret for you to use. +The OpenID Connect provides you with a client's details and secret for you to use. 1. On your GitLab server, open the configuration file. @@ -86,21 +86,21 @@ The OpenID Connect will provide you with a client details and secret for you to and the [OpenID Connect Core 1.0 specification](https://openid.net/specs/openid-connect-core-1_0.html). 1. For the configuration above, change the values for the provider to match your OpenID Connect client setup. Use the following as a guide: - - `<your_oidc_label>` is the label that will be displayed on the login page. - - `<custom_provider_icon>` (optional) is the icon that will be displayed on the login page. Icons for the major social login platforms are built-in into GitLab, + - `<your_oidc_label>` is the label that appears on the login page. + - `<custom_provider_icon>` (optional) is the icon that appears on the login page. Icons for the major social login platforms are built-in into GitLab, but can be overridden by specifying this parameter. Both local paths and absolute URLs are accepted. - `<your_oidc_url>` (optional) is the URL that points to the OpenID Connect provider. For example, `https://example.com/auth/realms/your-realm`. If this value is not provided, the URL is constructed from the `client_options` in the following format: `<client_options.scheme>://<client_options.host>:<client_options.port>`. - - If `discovery` is set to `true`, the OpenID Connect provider will try to auto discover the client options using `<your_oidc_url>/.well-known/openid-configuration`. Defaults to `false`. + - If `discovery` is set to `true`, the OpenID Connect provider attempts to auto discover the client options using `<your_oidc_url>/.well-known/openid-configuration`. Defaults to `false`. - `client_auth_method` (optional) specifies the method used for authenticating the client with the OpenID Connect provider. - Supported values are: - `basic` - HTTP Basic Authentication - `jwt_bearer` - JWT based authentication (private key and client secret signing) - `mtls` - Mutual TLS or X.509 certificate validation - - Any other value will POST the client ID and secret in the request body + - Any other value POSTs the client ID and secret in the request body - If not specified, defaults to `basic`. - - `<uid_field>` (optional) is the field name from the `user_info.raw_attributes` details that will be used as `uid` value. For example, `preferred_username`. - If this value is not provided or the field with the configured value is missing from the `user_info.raw_attributes` details, the `uid` will use the `sub` field. + - `<uid_field>` (optional) is the field name from the `user_info.raw_attributes` that defines the value for `uid`. For example, `preferred_username`. + If this value is not provided or the field with the configured value is missing from the `user_info.raw_attributes` details, the `uid` uses the `sub` field. - `send_scope_to_token_endpoint` is `true` by default. In other words, the `scope` parameter is normally included in requests to the token endpoint. However, if your OpenID Connect provider does not accept the `scope` parameter in such requests, set this to `false`. - `client_options` are the OpenID Connect client-specific options. Specifically: @@ -119,9 +119,9 @@ The OpenID Connect will provide you with a client details and secret for you to for the changes to take effect if you installed GitLab via Omnibus or from source respectively. On the sign in page, there should now be an OpenID Connect icon below the regular sign in form. -Click the icon to begin the authentication process. The OpenID Connect provider will ask the user to +Click the icon to begin the authentication process. The OpenID Connect provider asks the user to sign in and authorize the GitLab application (if confirmation required by the client). If everything goes well, the user -will be redirected to GitLab and will be signed in. +is redirected to GitLab and signed in. ## Example configurations @@ -134,25 +134,26 @@ See the [Google documentation](https://developers.google.com/identity/protocols/ for more details: ```ruby - gitlab_rails['omniauth_providers'] = [ - { - 'name' => 'openid_connect', - 'label' => 'Google OpenID', - 'args' => { - 'name' => 'openid_connect', - 'scope' => ['openid', 'profile', 'email'], - 'response_type' => 'code', - 'issuer' => 'https://accounts.google.com', - 'client_auth_method' => 'query', - 'discovery' => true, - 'uid_field' => 'preferred_username', - 'client_options' => { - 'identifier' => '<YOUR PROJECT CLIENT ID>', - 'secret' => '<YOUR PROJECT CLIENT SECRET>', - 'redirect_uri' => 'https://example.com/users/auth/openid_connect/callback', +gitlab_rails['omniauth_providers'] = [ + { + 'name' => 'openid_connect', + 'label' => 'Google OpenID', + 'args' => { + 'name' => 'openid_connect', + 'scope' => ['openid', 'profile', 'email'], + 'response_type' => 'code', + 'issuer' => 'https://accounts.google.com', + 'client_auth_method' => 'query', + 'discovery' => true, + 'uid_field' => 'preferred_username', + 'client_options' => { + 'identifier' => '<YOUR PROJECT CLIENT ID>', + 'secret' => '<YOUR PROJECT CLIENT SECRET>', + 'redirect_uri' => 'https://example.com/users/auth/openid_connect/callback', + } } - } - } + } +] ``` ### Microsoft Azure @@ -170,30 +171,177 @@ to obtain the tenant ID, client ID, and client secret for your app. Example Omnibus configuration block: ```ruby - gitlab_rails['omniauth_providers'] = [ - { - 'name' => 'openid_connect', - 'label' => 'Azure OIDC', - 'args' => { - 'name' => 'openid_connect', - 'scope' => ['openid', 'profile', 'email'], - 'response_type' => 'code', - 'issuer' => 'https://login.microsoftonline.com/<YOUR-TENANT-ID>/v2.0', - 'client_auth_method' => 'query', - 'discovery' => true, - 'uid_field' => 'preferred_username', - 'client_options' => { - 'identifier' => '<YOUR APP CLIENT ID>', - 'secret' => '<YOUR APP CLIENT SECRET>', - 'redirect_uri' => 'https://gitlab.example.com/users/auth/openid_connect/callback' - } - } - } +gitlab_rails['omniauth_providers'] = [ + { + 'name' => 'openid_connect', + 'label' => 'Azure OIDC', + 'args' => { + 'name' => 'openid_connect', + 'scope' => ['openid', 'profile', 'email'], + 'response_type' => 'code', + 'issuer' => 'https://login.microsoftonline.com/<YOUR-TENANT-ID>/v2.0', + 'client_auth_method' => 'query', + 'discovery' => true, + 'uid_field' => 'preferred_username', + 'client_options' => { + 'identifier' => '<YOUR APP CLIENT ID>', + 'secret' => '<YOUR APP CLIENT SECRET>', + 'redirect_uri' => 'https://gitlab.example.com/users/auth/openid_connect/callback' + } + } + } +] ``` Microsoft has documented how its platform works with [the OIDC protocol](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc). -## Troubleshooting +### Microsoft Azure Active Directory B2C + +While GitLab works with [Azure Active Directory B2C](https://docs.microsoft.com/en-us/azure/active-directory-b2c/overview), it requires special +configuration to work. To get started, sign in to the [Azure Portal](https://portal.azure.com). +For your app, you'll need the following information from Azure: + +- A tenant ID. You may already have one. For more information, review the + [Microsoft Azure Tenant](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant) documentation. +- A client ID and a client secret. Follow the instructions in the + [Microsoft tutorial](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-register-applications?tabs=app-reg-ga) documentation to obtain the + client ID and client secret for your app. +- The user flow or policy name. Follow the instructions in the [Microsoft tutorial](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-user-flow). + +If your GitLab domain is `gitlab.example.com`, ensure the app has the following `Redirect URI`: + +`https://gitlab.example.com/users/auth/openid_connect/callback` + +In addition, ensure that [ID tokens are enabled](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-register-applications?tabs=app-reg-ga#enable-id-token-implicit-grant). + +Add the following API permissions to the app: + +1. `openid` +1. `offline_access` + +#### Configure custom policies + +Azure B2C [offers two ways of defining the business logic for logging in a user](https://docs.microsoft.com/en-us/azure/active-directory-b2c/user-flow-overview): + +- [User flows](https://docs.microsoft.com/en-us/azure/active-directory-b2c/user-flow-overview#user-flows) +- [Custom policies](https://docs.microsoft.com/en-us/azure/active-directory-b2c/user-flow-overview#custom-policies) + +While cumbersome to configure, custom policies are required because +standard Azure B2C user flows [do not send the OpenID `email` claim](https://github.com/MicrosoftDocs/azure-docs/issues/16566). In +other words, they do not work with the [`allow_single_sign_on` or `auto_link_user` +parameters](../../integration/omniauth.md#initial-omniauth-configuration). +With a standard Azure B2C policy, GitLab cannot create a new account or +link to an existing one with an e-mail address. + +Carefully follow the instructions for [creating a custom policy](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy). + +The Microsoft instructions use `SocialAndLocalAccounts` in the [custom policy starter pack](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy#custom-policy-starter-pack), +but `LocalAccounts` works for authenticating against local, Active Directory accounts. Before you follow the instructions to [upload the polices](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy#upload-the-policies), do the following: + +1. To export the `email` claim, modify the `SignUpOrSignin.xml`. Replace the following line: + + ```xml + <OutputClaim ClaimTypeReferenceId="email" /> + ``` + + with: + + ```xml + <OutputClaim ClaimTypeReferenceId="signInNames.emailAddress" PartnerClaimType="email" /> + ``` + +1. For OIDC discovery to work with B2C, the policy must be configured with an issuer compatible with the [OIDC +specification](https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.4.3). +See the [token compatibility settings](https://docs.microsoft.com/en-us/azure/active-directory-b2c/configure-tokens?pivots=b2c-custom-policy#token-compatibility-settings). +In `TrustFrameworkBase.xml` under `JwtIssuer`, set `IssuanceClaimPattern` to `AuthorityWithTfp`: + + ```xml + <ClaimsProvider> + <DisplayName>Token Issuer</DisplayName> + <TechnicalProfiles> + <TechnicalProfile Id="JwtIssuer"> + <DisplayName>JWT Issuer</DisplayName> + <Protocol Name="None" /> + <OutputTokenFormat>JWT</OutputTokenFormat> + <Metadata> + <Item Key="IssuanceClaimPattern">AuthorityWithTfp</Item> + ... + ``` + +1. Now [upload the policy](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy#upload-the-policies). Overwrite +the existing files if you are updating an existing policy. + +1. Determine the issuer URL using the sign-in policy. The issuer URL will be in the form: + + ```markdown + https://<YOUR-DOMAIN>/tfp/<YOUR-TENANT-ID>/<YOUR-SIGN-IN-POLICY-NAME>/v2.0/ + ``` + + The policy name is lowercased in the URL. For example, `B2C_1A_signup_signin` + policy appears as `b2c_1a_signup_sigin`. + + Note that the trailing forward slash is required. + +1. Verify the operation of the OIDC discovery URL and issuer URL, append `.well-known/openid-configuration` +to the issuer URL: + + ```markdown + https://<YOUR-DOMAIN>/tfp/<YOUR-TENANT-ID>/<YOUR-SIGN-IN-POLICY-NAME>/v2.0/.well-known/openid-configuration + ``` + + For example, if `domain` is `example.b2clogin.com` and tenant ID is `fc40c736-476c-4da1-b489-ee48cee84386`, you can use `curl` and `jq` to +extract the issuer: + + ```shell + $ curl --silent "https://example.b2clogin.com/tfp/fc40c736-476c-4da1-b489-ee48cee84386/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration" | jq .issuer + "https://example.b2clogin.com/tfp/fc40c736-476c-4da1-b489-ee48cee84386/b2c_1a_signup_signin/v2.0/" + ``` + +1. Configure the issuer URL with the custom policy used for +`signup_signin`. For example, this is the Omnibus configuration with a +custom policy for `b2c_1a_signup_signin`: + +```ruby +gitlab_rails['omniauth_providers'] = [ +{ + 'name' => 'openid_connect', + 'label' => 'Azure B2C OIDC', + 'args' => { + 'name' => 'openid_connect', + 'scope' => ['openid'], + 'response_mode' => 'query', + 'response_type' => 'id_token', + 'issuer' => 'https://<YOUR-DOMAIN>/tfp/<YOUR-TENANT-ID>/b2c_1a_signup_signin/v2.0/', + 'client_auth_method' => 'query', + 'discovery' => true, + 'send_scope_to_token_endpoint' => true, + 'client_options' => { + 'identifier' => '<YOUR APP CLIENT ID>', + 'secret' => '<YOUR APP CLIENT SECRET>', + 'redirect_uri' => 'https://gitlab.example.com/users/auth/openid_connect/callback' + } + } +}] +``` + +#### Troubleshooting Azure B2C + +- Ensure all occurrences of `yourtenant.onmicrosoft.com`, `ProxyIdentityExperienceFrameworkAppId`, and `IdentityExperienceFrameworkAppId` match your B2C tenant hostname and +the respective client IDs in the XML policy files. + +- Add `https://jwt.ms` as a redirect URI to the app, and use the [custom policy tester](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy#test-the-custom-policy). +Make sure the payload includes `email` that matches the user's e-mail access. + +- After you enable the custom policy, users might see "Invalid username or password" after they try to sign in. This might be a configuration +issue with the `IdentityExperienceFramework` app. See [this Microsoft comment](https://docs.microsoft.com/en-us/answers/questions/50355/unable-to-sign-on-using-custom-policy.html?childToView=122370#comment-122370) +that suggests checking that the app manifest contains these settings: + + - `"accessTokenAcceptedVersion": null` + - `"signInAudience": "AzureADMyOrg"` + + Note that this configuration corresponds with the `Supported account types` setting used when creating the `IdentityExperienceFramework` app. + +## General troubleshooting If you're having trouble, here are some tips: diff --git a/doc/administration/auth/smartcard.md b/doc/administration/auth/smartcard.md index 4fe69d0160e..07c29984552 100644 --- a/doc/administration/auth/smartcard.md +++ b/doc/administration/auth/smartcard.md @@ -108,6 +108,11 @@ attribute. As a prerequisite, you must use an LDAP server that: - Supports the `certificateExactMatch` matching rule. - Has the certificate stored in the `userCertificate` attribute. +NOTE: +Active Directory doesn't support the `certificateExactMatch` matching rule so +[it is not supported at this time](https://gitlab.com/gitlab-org/gitlab/-/issues/327491). For +more information, see [the relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/328074). + ## Configure GitLab for smartcard authentication **For Omnibus installations** diff --git a/doc/administration/compliance.md b/doc/administration/compliance.md index 04369a76fb3..470dc1b4f9e 100644 --- a/doc/administration/compliance.md +++ b/doc/administration/compliance.md @@ -27,3 +27,6 @@ relevant compliance standards. |**[Auditor users](auditor_users.md)**<br>Auditor users are users who are given read-only access to all projects, groups, and other resources on the GitLab instance.|Premium+||Instance| |**[Credentials inventory](../user/admin_area/credentials_inventory.md)**<br>With a credentials inventory, GitLab administrators can keep track of the credentials used by all of the users in their GitLab instance. |Ultimate||Instance| |**Separation of Duties using [Protected branches](../user/project/protected_branches.md#protected-branches-approval-by-code-owners) and [custom CI Configuration Paths](../ci/pipelines/settings.md#custom-cicd-configuration-path)**<br> GitLab Premium users can leverage the GitLab cross-project YAML configurations to define deployers of code and developers of code. View the [Separation of Duties Deploy Project](https://gitlab.com/guided-explorations/separation-of-duties-deploy/blob/master/README.md) and [Separation of Duties Project](https://gitlab.com/guided-explorations/separation-of-duties/blob/master/README.md) to see how to use this set up to define these roles.|Premium+|✓|Project| +|**[Compliance frameworks](../user/project/settings/index.md#compliance-frameworks)**<br>Create a custom compliance framework at the group level to describe the type of compliance requirements any child project needs to follow. |Premium+|✓|Group| +|**[Compliance pipelines](../user/project/settings/index.md#compliance-pipeline-configuration)**<br>Define a pipeline configuration to run for any projects with a given compliance framework.|Ultimate|✓|Group| +|**[Compliance dashboard](../user/compliance/compliance_dashboard/index.md)**<br>Quickly get visibility into the compliance posture of your organization.|Ultimate|✓|Group| diff --git a/doc/administration/consul.md b/doc/administration/consul.md index 926267a414a..a748259aff0 100644 --- a/doc/administration/consul.md +++ b/doc/administration/consul.md @@ -83,7 +83,7 @@ curl "http://127.0.0.1:8500/v1/health/state/critical" Consul nodes communicate using the raft protocol. If the current leader goes offline, there needs to be a leader election. A leader node must exist to facilitate synchronization across the cluster. If too many nodes go offline at the same time, -the cluster will lose quorum and not elect a leader due to +the cluster loses quorum and doesn't elect a leader due to [broken consensus](https://www.consul.io/docs/architecture/consensus). Consult the [troubleshooting section](#troubleshooting-consul) if the cluster is not @@ -122,19 +122,19 @@ db-a XX.XX.X.Y:8301 alive client 0.9.0 2 gitlab_co db-b XX.XX.X.Y:8301 alive client 0.9.0 2 gitlab_consul ``` -Ideally all nodes will have a `Status` of `alive`. +Ideally all nodes have a `Status` of `alive`. ### Restart Consul If it is necessary to restart Consul, it is important to do this in a controlled manner to maintain quorum. If quorum is lost, to recover the cluster, -you will need to follow the Consul [outage recovery](#outage-recovery) process. +you follow the Consul [outage recovery](#outage-recovery) process. To be safe, it's recommended that you only restart Consul in one node at a time to ensure the cluster remains intact. For larger clusters, it is possible to restart multiple nodes at a time. See the [Consul consensus document](https://www.consul.io/docs/architecture/consensus#deployment-table) -for how many failures it can tolerate. This will be the number of simultaneous +for the number of failures it can tolerate. This will be the number of simultaneous restarts it can sustain. To restart Consul: @@ -145,13 +145,13 @@ sudo gitlab-ctl restart consul ### Consul nodes unable to communicate -By default, Consul will attempt to +By default, Consul attempts to [bind](https://www.consul.io/docs/agent/options#_bind) to `0.0.0.0`, but -it will advertise the first private IP address on the node for other Consul nodes +it advertises the first private IP address on the node for other Consul nodes to communicate with it. If the other nodes cannot communicate with a node on -this address, then the cluster will have a failed status. +this address, then the cluster has a failed status. -If you are running into this issue, you will see messages like the following in `gitlab-ctl tail consul` output: +If you run into this issue, then messages like the following are output in `gitlab-ctl tail consul`: ```plaintext 2017-09-25_19:53:39.90821 2017/09/25 19:53:39 [WARN] raft: no known peers, aborting election @@ -181,10 +181,10 @@ If you still see the errors, you may have to ### Consul does not start - multiple private IPs -In case that a node has multiple private IPs, Consul will be confused as to -which of the private addresses to advertise, and then immediately exit on start. +If a node has multiple private IPs, Consul doesn't know about +which of the private addresses to advertise, and then it immediately exits on start. -You will see messages like the following in `gitlab-ctl tail consul` output: +Messages like the following are output in `gitlab-ctl tail consul`: ```plaintext 2017-11-09_17:41:45.52876 ==> Starting Consul agent... @@ -211,8 +211,8 @@ To fix this: ### Outage recovery -If you lost enough Consul nodes in the cluster to break quorum, then the cluster -is considered failed, and it will not function without manual intervention. +If you have lost enough Consul nodes in the cluster to break quorum, then the cluster +is considered to have failed and cannot function without manual intervention. In that case, you can either recreate the nodes from scratch or attempt a recover. diff --git a/doc/administration/database_load_balancing.md b/doc/administration/database_load_balancing.md index fe30d98b92d..bd34a82f688 100644 --- a/doc/administration/database_load_balancing.md +++ b/doc/administration/database_load_balancing.md @@ -39,7 +39,7 @@ at least 1 secondary in [hot standby](https://www.postgresql.org/docs/11/hot-sta Load balancing also requires that the configured hosts **always** point to the primary, even after a database failover. Furthermore, the additional hosts to balance load among must **always** point to secondary databases. This means that -you should put a load balance in front of every database, and have GitLab connect +you should put a load balancer in front of every database, and have GitLab connect to those load balancers. For example, say you have a primary (`db1.gitlab.com`) and two secondaries, @@ -161,11 +161,11 @@ records, eventually dropping this hostname from rotation if it can't resolve its The `interval` value specifies the _minimum_ time between checks. If the A record has a TTL greater than this value, then service discovery will honor said TTL. For example, if the TTL of the A record is 90 seconds, then service -discovery will wait at least 90 seconds before checking the A record again. +discovery waits at least 90 seconds before checking the A record again. When the list of hosts is updated, it might take a while for the old connections to be terminated. The `disconnect_timeout` setting can be used to enforce an -upper limit on the time it will take to terminate all old database connections. +upper limit on the time it takes to terminate all old database connections. Some nameservers (like [Consul](https://www.consul.io/docs/discovery/dns#udp-based-dns-queries)) can return a truncated list of hosts when queried over UDP. To overcome this issue, you can use TCP for querying by setting @@ -179,7 +179,7 @@ all-in-one package based installations as well as GitLab Helm chart deployments. If you use an application server that forks, such as Unicorn, you _have to_ update your Unicorn configuration to start service discovery _after_ a fork. -Failure to do so will lead to service discovery only running in the parent +Failure to do so leads to service discovery only running in the parent process. If you are using Unicorn, then you can add the following to your Unicorn configuration file: @@ -190,13 +190,13 @@ after_fork do |server, worker| end ``` -This will ensure that service discovery is started in both the parent and all +This ensures that service discovery is started in both the parent and all child processes. ## Balancing queries -Read-only `SELECT` queries will be balanced among all the secondary hosts. -Everything else (including transactions) will be executed on the primary. +Read-only `SELECT` queries balance among all the secondary hosts. +Everything else (including transactions) executes on the primary. Queries such as `SELECT ... FOR UPDATE` are also executed on the primary. ## Prepared statements @@ -207,19 +207,19 @@ response timings. ## Primary sticking -After a write has been performed, GitLab will stick to using the primary for a -certain period of time, scoped to the user that performed the write. GitLab will -revert back to using secondaries when they have either caught up, or after 30 +After a write has been performed, GitLab sticks to using the primary for a +certain period of time, scoped to the user that performed the write. GitLab +reverts back to using secondaries when they have either caught up, or after 30 seconds. ## Failover handling -In the event of a failover or an unresponsive database, the load balancer will -try to use the next available host. If no secondaries are available the +In the event of a failover or an unresponsive database, the load balancer +tries to use the next available host. If no secondaries are available the operation is performed on the primary instead. -In the event of a connection error being produced when writing data, the -operation will be retried up to 3 times using an exponential back-off. +If a connection error occurs while writing data, the +operation is retried up to 3 times using an exponential back-off. When using load balancing, you should be able to safely restart a database server without it immediately leading to errors being presented to the users. @@ -251,9 +251,9 @@ For example: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/3526) in [GitLab Premium](https://about.gitlab.com/pricing/) 10.3. -To prevent reading from an outdated secondary the load balancer will check if it +To prevent reading from an outdated secondary the load balancer checks if it is in sync with the primary. If the data is determined to be recent enough the -secondary can be used, otherwise it will be ignored. To reduce the overhead of +secondary is used, otherwise it is ignored. To reduce the overhead of these checks we only perform these checks at certain intervals. There are three configuration options that influence this behavior: diff --git a/doc/administration/encrypted_configuration.md b/doc/administration/encrypted_configuration.md index 508f4314694..ff48005e427 100644 --- a/doc/administration/encrypted_configuration.md +++ b/doc/administration/encrypted_configuration.md @@ -18,7 +18,7 @@ In order to enable the encrypted configuration settings, a new base key needs to **Omnibus Installation** -Starting with 13.7 the new secret is automatically generated for you, but you will need to ensure your +Starting with 13.7 the new secret is automatically generated for you, but you need to ensure your `/etc/gitlab/gitlab-secrets.json` contains the same values on all nodes. **GitLab Cloud Native Helm Chart** @@ -34,4 +34,4 @@ The new secret can be generated by running: bundle exec rake gitlab:env:info RAILS_ENV=production GITLAB_GENERATE_ENCRYPTED_SETTINGS_KEY_BASE=true ``` -This will print general information on the GitLab instance, but will also cause the key to be generated in `<path-to-gitlab-rails>/config/secrets.yml` +This prints general information on the GitLab instance, but also causes the key to be generated in `<path-to-gitlab-rails>/config/secrets.yml` diff --git a/doc/administration/external_pipeline_validation.md b/doc/administration/external_pipeline_validation.md index f8329b24d6c..89543e446ac 100644 --- a/doc/administration/external_pipeline_validation.md +++ b/doc/administration/external_pipeline_validation.md @@ -5,27 +5,28 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference, howto --- -# External Pipeline Validation +# External pipeline validation You can use an external service to validate a pipeline before it's created. WARNING: This is an experimental feature and subject to change without notice. -## Usage - GitLab sends a POST request to the external service URL with the pipeline -data as payload. GitLab then invalidates the pipeline based on the response -code. If there's an error or the request times out, the pipeline is not -invalidated. +data as payload. The response code from the external service determines if GitLab +should accept or reject the pipeline. If the response is: + +- `200`, the pipeline is accepted. +- `4XX`, the pipeline is rejected. +- Other codes, the pipeline is accepted and logged. -Response codes: +If there's an error or the request times out, the pipeline is accepted. -- `200`: Accepted -- `4XX`: Not accepted -- All other codes: accepted and logged +Pipelines rejected by the external validation service aren't created, and don't +appear in pipeline lists in the GitLab UI or API. If you create a pipeline in the +UI that is rejected, `Pipeline cannot be run. External validation failed` is displayed. -## Configuration +## Configure external pipeline validation To configure external pipeline validation, add the [`EXTERNAL_VALIDATION_SERVICE_URL` environment variable](environment_variables.md) @@ -35,7 +36,7 @@ By default, requests to the external service time out after five seconds. To ove the default, set the `EXTERNAL_VALIDATION_SERVICE_TIMEOUT` environment variable to the required number of seconds. -## Payload Schema +## Payload schema ```json { diff --git a/doc/administration/geo/disaster_recovery/index.md b/doc/administration/geo/disaster_recovery/index.md index d1ea2978202..7c6f4a32b57 100644 --- a/doc/administration/geo/disaster_recovery/index.md +++ b/doc/administration/geo/disaster_recovery/index.md @@ -62,8 +62,7 @@ must disable the **primary** node. - If you do not have SSH access to the **primary** node, take the machine offline and prevent it from rebooting by any means at your disposal. - Since there are many ways you may prefer to accomplish this, we will avoid a - single recommendation. You may need to: + You might need to: - Reconfigure the load balancers. - Change DNS records (for example, point the primary DNS record to the @@ -240,11 +239,11 @@ an external PostgreSQL database, as it can only perform changes on a **secondary node with GitLab and the database on the same machine. As a result, a manual process is required: -1. Promote the replica database associated with the **secondary** site. This will - set the database to read-write. The instructions vary depending on where your database is hosted: +1. Promote the replica database associated with the **secondary** site. This + sets the database to read-write. The instructions vary depending on where your database is hosted: - [Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html#USER_ReadRepl.Promote) - [Azure PostgreSQL](https://docs.microsoft.com/en-us/azure/postgresql/howto-read-replicas-portal#stop-replication) - - For other external PostgreSQL databases, save the following script in you + - For other external PostgreSQL databases, save the following script in your secondary node, for example `/tmp/geo_promote.sh`, and modify the connection parameters to match your environment. Then, execute it to promote the replica: @@ -292,7 +291,7 @@ required: ### Step 4. (Optional) Updating the primary domain DNS record Updating the DNS records for the primary domain to point to the **secondary** node -will prevent the need to update all references to the primary domain to the +to prevent the need to update all references to the primary domain to the secondary domain, like changing Git remotes and API URLs. 1. SSH into the **secondary** node and login as root: @@ -311,7 +310,7 @@ secondary domain, like changing Git remotes and API URLs. ``` NOTE: - Changing `external_url` won't prevent access via the old secondary URL, as + Changing `external_url` does not prevent access via the old secondary URL, as long as the secondary DNS records are still intact. 1. Reconfigure the **secondary** node for the change to take effect: @@ -326,7 +325,7 @@ secondary domain, like changing Git remotes and API URLs. gitlab-rake geo:update_primary_node_url ``` - This command will use the changed `external_url` configuration defined + This command uses the changed `external_url` configuration defined in `/etc/gitlab/gitlab.rb`. 1. For GitLab 11.11 through 12.7 only, you may need to update the **primary** @@ -334,7 +333,7 @@ secondary domain, like changing Git remotes and API URLs. To determine if you need to do this, search for the `gitlab_rails["geo_node_name"]` setting in your `/etc/gitlab/gitlab.rb` - file. If it is commented out with `#` or not found at all, then you will + file. If it is commented out with `#` or not found at all, then you need to update the **primary** node's name in the database. You can search for it like so: @@ -444,7 +443,7 @@ and after that you also need two extra steps. Now we need to make each **secondary** node listen to changes on the new **primary** node. To do that you need to [initiate the replication process](../setup/database.md#step-3-initiate-the-replication-process) again but this time -for another **primary** node. All the old replication settings will be overwritten. +for another **primary** node. All the old replication settings are overwritten. ## Promoting a secondary Geo cluster in GitLab Cloud Native Helm Charts @@ -479,8 +478,7 @@ must disable the **primary** site: - If you do not have access to the **primary** Kubernetes cluster, take the cluster offline and prevent it from coming back online by any means at your disposal. - Since there are many ways you may prefer to accomplish this, we will avoid a - single recommendation. You may need to: + You might need to: - Reconfigure the load balancers. - Change DNS records (for example, point the primary DNS record to the diff --git a/doc/administration/geo/disaster_recovery/planned_failover.md b/doc/administration/geo/disaster_recovery/planned_failover.md index 96c6482e3db..bd8467f5437 100644 --- a/doc/administration/geo/disaster_recovery/planned_failover.md +++ b/doc/administration/geo/disaster_recovery/planned_failover.md @@ -27,7 +27,7 @@ have a high degree of confidence in being able to perform them accurately. ## Not all data is automatically replicated -If you are using any GitLab features that Geo [doesn't support](../index.md#limitations), +If you are using any GitLab features that Geo [doesn't support](../replication/datatypes.md#limitations-on-replicationverification), you must make separate provisions to ensure that the **secondary** node has an up-to-date copy of any data associated with that feature. This may extend the required scheduled maintenance period significantly. @@ -40,8 +40,7 @@ final transfer inside the maintenance window) will then transfer only the Repository-centric strategies for using `rsync` effectively can be found in the [moving repositories](../../operations/moving_repositories.md) documentation; these strategies can -be adapted for use with any other file-based data, such as GitLab Pages (to -be found in `/var/opt/gitlab/gitlab-rails/shared/pages` if using Omnibus). +be adapted for use with any other file-based data, such as [GitLab Pages](../../pages/index.md#change-storage-path). ## Preflight checks diff --git a/doc/administration/geo/index.md b/doc/administration/geo/index.md index f1884f297e8..780e391973c 100644 --- a/doc/administration/geo/index.md +++ b/doc/administration/geo/index.md @@ -22,12 +22,14 @@ Geo undergoes significant changes from release to release. Upgrades **are** supp Fetching large repositories can take a long time for teams located far from a single GitLab instance. -Geo provides local, read-only instances of your GitLab instances. This can reduce the time it takes +Geo provides local, read-only sites of your GitLab instances. This can reduce the time it takes to clone and fetch large repositories, speeding up development. For a video introduction to Geo, see [Introduction to GitLab Geo - GitLab Features](https://www.youtube.com/watch?v=-HDLxSjEh6w). -To make sure you're using the right version of the documentation, navigate to [the source version of this page on GitLab.com](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/administration/geo/index.md) and choose the appropriate release from the **Switch branch/tag** dropdown. For example, [`v11.2.3-ee`](https://gitlab.com/gitlab-org/gitlab/blob/v11.2.3-ee/doc/administration/geo/index.md). +To make sure you're using the right version of the documentation, navigate to [the Geo page on GitLab.com](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/administration/geo/index.md) and choose the appropriate release from the **Switch branch/tag** dropdown. For example, [`v13.7.6-ee`](https://gitlab.com/gitlab-org/gitlab/-/blob/v13.7.6-ee/doc/administration/geo/index.md). + +Geo uses a set of defined terms that is described in the [Geo Glossary](glossary.md), please familiarize yourself with those terms. ## Use cases @@ -35,21 +37,21 @@ Implementing Geo provides the following benefits: - Reduce from minutes to seconds the time taken for your distributed developers to clone and fetch large repositories and projects. - Enable all of your developers to contribute ideas and work in parallel, no matter where they are. -- Balance the read-only load between your **primary** and **secondary** nodes. +- Balance the read-only load between your **primary** and **secondary** sites. In addition, it: - Can be used for cloning and fetching projects, in addition to reading any data available in the GitLab web interface (see [limitations](#limitations)). - Overcomes slow connections between distant offices, saving time by improving speed for distributed teams. - Helps reducing the loading time for automated tasks, custom integrations, and internal workflows. -- Can quickly fail over to a **secondary** node in a [disaster recovery](disaster_recovery/index.md) scenario. -- Allows [planned failover](disaster_recovery/planned_failover.md) to a **secondary** node. +- Can quickly fail over to a **secondary** site in a [disaster recovery](disaster_recovery/index.md) scenario. +- Allows [planned failover](disaster_recovery/planned_failover.md) to a **secondary** site. Geo provides: -- Read-only **secondary** nodes: Maintain one **primary** GitLab node while still enabling read-only **secondary** nodes for each of your distributed teams. -- Authentication system hooks: **Secondary** nodes receives all authentication data (like user accounts and logins) from the **primary** instance. -- An intuitive UI: **Secondary** nodes use the same web interface your team has grown accustomed to. In addition, there are visual notifications that block write operations and make it clear that a user is on a **secondary** node. +- Read-only **secondary** sites: Maintain one **primary** GitLab site while still enabling read-only **secondary** sites for each of your distributed teams. +- Authentication system hooks: **Secondary** sites receives all authentication data (like user accounts and logins) from the **primary** instance. +- An intuitive UI: **Secondary** sites use the same web interface your team has grown accustomed to. In addition, there are visual notifications that block write operations and make it clear that a user is on a **secondary** sites. ### Gitaly Cluster @@ -64,16 +66,16 @@ Your Geo instance can be used for cloning and fetching projects, in addition to When Geo is enabled, the: -- Original instance is known as the **primary** node. -- Replicated read-only nodes are known as **secondary** nodes. +- Original instance is known as the **primary** site. +- Replicated read-only sites are known as **secondary** sites. Keep in mind that: -- **Secondary** nodes talk to the **primary** node to: +- **Secondary** sites talk to the **primary** site to: - Get user data for logins (API). - Replicate repositories, LFS Objects, and Attachments (HTTPS + JWT). -- In GitLab Premium 10.0 and later, the **primary** node no longer talks to **secondary** nodes to notify for changes (API). -- Pushing directly to a **secondary** node (for both HTTP and SSH, including Git LFS) was [introduced](https://about.gitlab.com/releases/2018/09/22/gitlab-11-3-released/) in [GitLab Premium](https://about.gitlab.com/pricing/#self-managed) 11.3. +- In GitLab Premium 10.0 and later, the **primary** site no longer talks to **secondary** sites to notify for changes (API). +- Pushing directly to a **secondary** site (for both HTTP and SSH, including Git LFS) was [introduced](https://about.gitlab.com/releases/2018/09/22/gitlab-11-3-released/) in [GitLab Premium](https://about.gitlab.com/pricing/#self-managed) 11.3. - There are [limitations](#limitations) when using Geo. ### Architecture @@ -84,31 +86,31 @@ The following diagram illustrates the underlying architecture of Geo. In this diagram: -- There is the **primary** node and the details of one **secondary** node. -- Writes to the database can only be performed on the **primary** node. A **secondary** node receives database +- There is the **primary** site and the details of one **secondary** site. +- Writes to the database can only be performed on the **primary** site. A **secondary** site receives database updates via PostgreSQL streaming replication. - If present, the [LDAP server](#ldap) should be configured to replicate for [Disaster Recovery](disaster_recovery/index.md) scenarios. -- A **secondary** node performs different type of synchronizations against the **primary** node, using a special +- A **secondary** site performs different type of synchronizations against the **primary** site, using a special authorization protected by JWT: - Repositories are cloned/updated via Git over HTTPS. - Attachments, LFS objects, and other files are downloaded via HTTPS using a private API endpoint. From the perspective of a user performing Git operations: -- The **primary** node behaves as a full read-write GitLab instance. -- **Secondary** nodes are read-only but proxy Git push operations to the **primary** node. This makes **secondary** nodes appear to support push operations themselves. +- The **primary** site behaves as a full read-write GitLab instance. +- **Secondary** sites are read-only but proxy Git push operations to the **primary** site. This makes **secondary** sites appear to support push operations themselves. To simplify the diagram, some necessary components are omitted. Note that: - Git over SSH requires [`gitlab-shell`](https://gitlab.com/gitlab-org/gitlab-shell) and OpenSSH. - Git over HTTPS required [`gitlab-workhorse`](https://gitlab.com/gitlab-org/gitlab-workhorse). -Note that a **secondary** node needs two different PostgreSQL databases: +Note that a **secondary** site needs two different PostgreSQL databases: - A read-only database instance that streams data from the main GitLab database. -- [Another database instance](#geo-tracking-database) used internally by the **secondary** node to record what data has been replicated. +- [Another database instance](#geo-tracking-database) used internally by the **secondary** site to record what data has been replicated. -In **secondary** nodes, there is an additional daemon: [Geo Log Cursor](#geo-log-cursor). +In **secondary** sites, there is an additional daemon: [Geo Log Cursor](#geo-log-cursor). ## Requirements for running Geo @@ -122,7 +124,7 @@ The following are required to run Geo: - PostgreSQL 11+ with [Streaming Replication](https://wiki.postgresql.org/wiki/Streaming_Replication) - Git 2.9+ - Git-lfs 2.4.2+ on the user side when using LFS -- All nodes must run the same GitLab version. +- All sites must run the same GitLab version. Additionally, check the GitLab [minimum requirements](../../install/requirements.md), and we recommend you use: @@ -132,9 +134,9 @@ and we recommend you use: ### Firewall rules -The following table lists basic ports that must be open between the **primary** and **secondary** nodes for Geo. +The following table lists basic ports that must be open between the **primary** and **secondary** sites for Geo. -| **Primary** node | **Secondary** node | Protocol | +| **Primary** site | **Secondary** site | Protocol | |:-----------------|:-------------------|:-------------| | 80 | 80 | HTTP | | 443 | 443 | TCP or HTTPS | @@ -153,10 +155,10 @@ If you wish to terminate SSL at the GitLab application server instead, use TCP p ### LDAP -We recommend that if you use LDAP on your **primary** node, you also set up secondary LDAP servers on each **secondary** node. Otherwise, users will not be able to perform Git operations over HTTP(s) on the **secondary** node using HTTP Basic Authentication. However, Git via SSH and personal access tokens will still work. +We recommend that if you use LDAP on your **primary** site, you also set up secondary LDAP servers on each **secondary** site. Otherwise, users will not be able to perform Git operations over HTTP(s) on the **secondary** site using HTTP Basic Authentication. However, Git via SSH and personal access tokens will still work. NOTE: -It is possible for all **secondary** nodes to share an LDAP server, but additional latency can be an issue. Also, consider what LDAP server will be available in a [disaster recovery](disaster_recovery/index.md) scenario if a **secondary** node is promoted to be a **primary** node. +It is possible for all **secondary** sites to share an LDAP server, but additional latency can be an issue. Also, consider what LDAP server will be available in a [disaster recovery](disaster_recovery/index.md) scenario if a **secondary** site is promoted to be a **primary** site. Check for instructions on how to set up replication in your LDAP service. Instructions will be different depending on the software or service used. For example, OpenLDAP provides [these instructions](https://www.openldap.org/doc/admin24/replication.html). @@ -168,18 +170,37 @@ The tracking database instance is used as metadata to control what needs to be u - Fetch new LFS Objects. - Fetch changes from a repository that has recently been updated. -Because the replicated database instance is read-only, we need this additional database instance for each **secondary** node. +Because the replicated database instance is read-only, we need this additional database instance for each **secondary** site. ### Geo Log Cursor This daemon: -- Reads a log of events replicated by the **primary** node to the **secondary** database instance. +- Reads a log of events replicated by the **primary** site to the **secondary** database instance. - Updates the Geo Tracking Database instance with changes that need to be executed. -When something is marked to be updated in the tracking database instance, asynchronous jobs running on the **secondary** node will execute the required operations and update the state. +When something is marked to be updated in the tracking database instance, asynchronous jobs running on the **secondary** site will execute the required operations and update the state. + +This new architecture allows GitLab to be resilient to connectivity issues between the sites. It doesn't matter how long the **secondary** site is disconnected from the **primary** site as it will be able to replay all the events in the correct order and become synchronized with the **primary** site again. + +## Limitations + +WARNING: +This list of limitations only reflects the latest version of GitLab. If you are using an older version, extra limitations may be in place. -This new architecture allows GitLab to be resilient to connectivity issues between the nodes. It doesn't matter how long the **secondary** node is disconnected from the **primary** node as it will be able to replay all the events in the correct order and become synchronized with the **primary** node again. +- Pushing directly to a **secondary** site redirects (for HTTP) or proxies (for SSH) the request to the **primary** site instead of [handling it directly](https://gitlab.com/gitlab-org/gitlab/-/issues/1381), except when using Git over HTTP with credentials embedded within the URI. For example, `https://user:password@secondary.tld`. +- The **primary** site has to be online for OAuth login to happen. Existing sessions and Git are not affected. Support for the **secondary** site to use an OAuth provider independent from the primary is [being planned](https://gitlab.com/gitlab-org/gitlab/-/issues/208465). +- The installation takes multiple manual steps that together can take about an hour depending on circumstances. We are working on improving this experience. See [Omnibus GitLab issue #2978](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/2978) for details. +- Real-time updates of issues/merge requests (for example, via long polling) doesn't work on the **secondary** site. +- [Selective synchronization](replication/configuration.md#selective-synchronization) applies only to files and repositories. Other datasets are replicated to the **secondary** site in full, making it inappropriate for use as an access control mechanism. +- Object pools for forked project deduplication work only on the **primary** site, and are duplicated on the **secondary** site. +- GitLab Runners cannot register with a **secondary** site. Support for this is [planned for the future](https://gitlab.com/gitlab-org/gitlab/-/issues/3294). +- Configuring Geo **secondary** sites to [use high-availability configurations of PostgreSQL](https://gitlab.com/groups/gitlab-org/-/epics/2536) is currently in **alpha** support. +- [Selective synchronization](replication/configuration.md#selective-synchronization) only limits what repositories are replicated. The entire PostgreSQL data is still replicated. Selective synchronization is not built to accomodate compliance / export control use cases. + +### Limitations on replication/verification + +There is a complete list of all GitLab [data types](replication/datatypes.md) and [existing support for replication and verification](replication/datatypes.md#limitations-on-replicationverification). ## Setup instructions @@ -187,7 +208,7 @@ For setup instructions, see [Setting up Geo](setup/index.md). ## Post-installation documentation -After installing GitLab on the **secondary** nodes and performing the initial configuration, see the following documentation for post-installation information. +After installing GitLab on the **secondary** site(s) and performing the initial configuration, see the following documentation for post-installation information. ### Configuring Geo @@ -195,16 +216,16 @@ For information on configuring Geo, see [Geo configuration](replication/configur ### Updating Geo -For information on how to update your Geo nodes to the latest GitLab version, see [Updating the Geo nodes](replication/updating_the_geo_nodes.md). +For information on how to update your Geo site(s) to the latest GitLab version, see [Updating the Geo sites](replication/updating_the_geo_nodes.md). ### Pausing and resuming replication > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35913) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.2. WARNING: -In GitLab 13.2 and 13.3, promoting a secondary node to a primary while the +In GitLab 13.2 and 13.3, promoting a secondary site to a primary while the secondary is paused fails. Do not pause replication before promoting a -secondary. If the node is paused, be sure to resume before promoting. This +secondary. If the site is paused, be sure to resume before promoting. This issue has been fixed in GitLab 13.4 and later. WARNING: @@ -213,7 +234,7 @@ Omnibus GitLab-managed database. External databases are currently not supported. In some circumstances, like during [upgrades](replication/updating_the_geo_nodes.md) or a [planned failover](disaster_recovery/planned_failover.md), it is desirable to pause replication between the primary and secondary. -Pausing and resuming replication is done via a command line tool from the secondary node where the `postgresql` service is enabled. +Pausing and resuming replication is done via a command line tool from the a node in the secondary site where the `postgresql` service is enabled. If `postgresql` is on a standalone database node, ensure that `gitlab.rb` on that node contains the configuration line `gitlab_rails['geo_node_name'] = 'node_name'`, where `node_name` is the same as the `geo_name_name` on the application node. @@ -243,7 +264,7 @@ For information on using Geo in disaster recovery situations to mitigate data-lo ### Replicating the Container Registry -For more information on how to replicate the Container Registry, see [Docker Registry for a **secondary** node](replication/docker_registry.md). +For more information on how to replicate the Container Registry, see [Docker Registry for a **secondary** site](replication/docker_registry.md). ### Security Review @@ -259,41 +280,22 @@ For an example of how to set up a location-aware Git remote URL with AWS Route53 ### Backfill -Once a **secondary** node is set up, it will start replicating missing data from -the **primary** node in a process known as **backfill**. You can monitor the -synchronization process on each Geo node from the **primary** node's **Geo Nodes** +Once a **secondary** site is set up, it will start replicating missing data from +the **primary** site in a process known as **backfill**. You can monitor the +synchronization process on each Geo site from the **primary** site's **Geo Nodes** dashboard in your browser. Failures that happen during a backfill are scheduled to be retried at the end of the backfill. -## Remove Geo node +## Remove Geo site -For more information on removing a Geo node, see [Removing **secondary** Geo nodes](replication/remove_geo_node.md). +For more information on removing a Geo site, see [Removing **secondary** Geo sites](replication/remove_geo_site.md). ## Disable Geo To find out how to disable Geo, see [Disabling Geo](replication/disable_geo.md). -## Limitations - -WARNING: -This list of limitations only reflects the latest version of GitLab. If you are using an older version, extra limitations may be in place. - -- Pushing directly to a **secondary** node redirects (for HTTP) or proxies (for SSH) the request to the **primary** node instead of [handling it directly](https://gitlab.com/gitlab-org/gitlab/-/issues/1381), except when using Git over HTTP with credentials embedded within the URI. For example, `https://user:password@secondary.tld`. -- The **primary** node has to be online for OAuth login to happen. Existing sessions and Git are not affected. Support for the **secondary** node to use an OAuth provider independent from the primary is [being planned](https://gitlab.com/gitlab-org/gitlab/-/issues/208465). -- The installation takes multiple manual steps that together can take about an hour depending on circumstances. We are working on improving this experience. See [Omnibus GitLab issue #2978](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/2978) for details. -- Real-time updates of issues/merge requests (for example, via long polling) doesn't work on the **secondary** node. -- [Selective synchronization](replication/configuration.md#selective-synchronization) applies only to files and repositories. Other datasets are replicated to the **secondary** node in full, making it inappropriate for use as an access control mechanism. -- Object pools for forked project deduplication work only on the **primary** node, and are duplicated on the **secondary** node. -- GitLab Runners cannot register with a **secondary** node. Support for this is [planned for the future](https://gitlab.com/gitlab-org/gitlab/-/issues/3294). -- Geo **secondary** nodes can not be configured to [use high-availability configurations of PostgreSQL](https://gitlab.com/groups/gitlab-org/-/epics/2536). -- [Selective synchronization](replication/configuration.md#selective-synchronization) only limits what repositories are replicated. The entire PostgreSQL data is still replicated. Selective synchronization is not built to accomodate compliance / export control use cases. - -### Limitations on replication/verification - -There is a complete list of all GitLab [data types](replication/datatypes.md) and [existing support for replication and verification](replication/datatypes.md#limitations-on-replicationverification). - ## Frequently Asked Questions For answers to common questions, see the [Geo FAQ](replication/faq.md). diff --git a/doc/administration/geo/replication/configuration.md b/doc/administration/geo/replication/configuration.md index 7dbb0c78166..6d5f3e61ba0 100644 --- a/doc/administration/geo/replication/configuration.md +++ b/doc/administration/geo/replication/configuration.md @@ -24,7 +24,7 @@ You are encouraged to first read through all the steps before executing them in your testing/production environment. NOTE: -**Do not** set up any custom authentication for the **secondary** nodes. This will be handled by the **primary** node. +**Do not** set up any custom authentication for the **secondary** nodes. This is handled by the **primary** node. Any change that requires access to the **Admin Area** needs to be done in the **primary** node because the **secondary** node is a read-only replica. @@ -41,7 +41,7 @@ they must be manually replicated to the **secondary** node. sudo cat /etc/gitlab/gitlab-secrets.json ``` - This will display the secrets that need to be replicated, in JSON format. + This displays the secrets that need to be replicated, in JSON format. 1. SSH into the **secondary** node and login as the `root` user: @@ -85,11 +85,11 @@ GitLab integrates with the system-installed SSH daemon, designating a user (typically named `git`) through which all access requests are handled. In a [Disaster Recovery](../disaster_recovery/index.md) situation, GitLab system -administrators will promote a **secondary** node to the **primary** node. DNS records for the +administrators promote a **secondary** node to the **primary** node. DNS records for the **primary** domain should also be updated to point to the new **primary** node -(previously a **secondary** node). Doing so will avoid the need to update Git remotes and API URLs. +(previously a **secondary** node). Doing so avoids the need to update Git remotes and API URLs. -This will cause all SSH requests to the newly promoted **primary** node to +This causes all SSH requests to the newly promoted **primary** node to fail due to SSH host key mismatch. To prevent this, the primary SSH host keys must be manually replicated to the **secondary** node. @@ -183,7 +183,7 @@ keys must be manually replicated to the **secondary** node. sudo -i ``` -1. Edit `/etc/gitlab/gitlab.rb` and add a **unique** name for your node. You will need this in the next steps: +1. Edit `/etc/gitlab/gitlab.rb` and add a **unique** name for your node. You need this in the next steps: ```ruby # The unique identifier for the Geo node. @@ -229,9 +229,9 @@ keys must be manually replicated to the **secondary** node. gitlab-rake gitlab:geo:check ``` -Once added to the Geo administration page and restarted, the **secondary** node will automatically start +Once added to the Geo administration page and restarted, the **secondary** node automatically starts replicating missing data from the **primary** node in a process known as **backfill**. -Meanwhile, the **primary** node will start to notify each **secondary** node of any changes, so +Meanwhile, the **primary** node starts to notify each **secondary** node of any changes, so that the **secondary** node can act on those notifications immediately. Be sure the _secondary_ node is running and accessible. You can sign in to the @@ -241,7 +241,7 @@ _secondary_ node with the same credentials as were used with the _primary_ node. You can safely skip this step if your **primary** node uses a CA-issued HTTPS certificate. -If your **primary** node is using a self-signed certificate for *HTTPS* support, you will +If your **primary** node is using a self-signed certificate for *HTTPS* support, you need to add that certificate to the **secondary** node's trust store. Retrieve the certificate from the **primary** node and follow [these instructions](https://docs.gitlab.com/omnibus/settings/ssl.html) @@ -265,7 +265,7 @@ the _primary_ node. Visit the _secondary_ node's **Admin Area > Geo** (`/admin/geo/nodes`) in your browser to determine if it's correctly identified as a _secondary_ Geo node, and if Geo is enabled. -The initial replication, or 'backfill', will probably still be in progress. You +The initial replication, or 'backfill', is probably still in progress. You can monitor the synchronization process on each Geo node from the **primary** node's **Geo Nodes** dashboard in your browser. @@ -282,12 +282,12 @@ The two most obvious issues that can become apparent in the dashboard are: - You are using a custom certificate or custom CA (see the [troubleshooting document](troubleshooting.md)). - The instance is firewalled (check your firewall rules). -Please note that disabling a **secondary** node will stop the synchronization process. +Please note that disabling a **secondary** node stops the synchronization process. Please note that if `git_data_dirs` is customized on the **primary** node for multiple repository shards you must duplicate the same configuration on each **secondary** node. -Point your users to the ["Using a Geo Server" guide](using_a_geo_server.md). +Point your users to the [Using a Geo Site guide](usage.md). Currently, this is what is synced: @@ -312,7 +312,7 @@ It is important to note that selective synchronization: 1. Does not hide project metadata from **secondary** nodes. - Since Geo currently relies on PostgreSQL replication, all project metadata gets replicated to **secondary** nodes, but repositories that have not been - selected will be empty. + selected are empty. 1. Does not reduce the number of events generated for the Geo event log. - The **primary** node generates events as long as any **secondary** nodes are present. Selective synchronization restrictions are implemented on the **secondary** nodes, diff --git a/doc/administration/geo/replication/datatypes.md b/doc/administration/geo/replication/datatypes.md index 61f99257844..e2f12cbd8dc 100644 --- a/doc/administration/geo/replication/datatypes.md +++ b/doc/administration/geo/replication/datatypes.md @@ -205,3 +205,33 @@ successfully, you must replicate their data using some other means. |[GitLab Pages](../../pages/index.md) | [No](https://gitlab.com/groups/gitlab-org/-/epics/589) | No | No | | |[Dependency proxy images](../../../user/packages/dependency_proxy/index.md) | [No](https://gitlab.com/gitlab-org/gitlab/-/issues/259694) | No | No | Blocked on [Geo: Secondary Mimicry](https://gitlab.com/groups/gitlab-org/-/epics/1528). Note that replication of this cache is not needed for Disaster Recovery purposes because it can be recreated from external sources. | |[Vulnerability Export](../../../user/application_security/vulnerability_report/#export-vulnerability-details) | [Not planned](https://gitlab.com/groups/gitlab-org/-/epics/3111) | No | Via Object Storage provider if supported. Native Geo support (Beta). | Not planned because they are ephemeral and sensitive. They can be regenerated on demand. | + +#### LFS object replication using the self service framework + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276696) in GitLab 13.12. +> - [Deployed behind a feature flag](../../../user/feature_flags.md), enabled by default. +> - Not enabled on GitLab.com as Geo is not enabled. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-lfs-object-replication-using-the-self-service-framework). + +There can be [risks when disabling released features](../../../user/feature_flags.md#risks-when-disabling-released-features). +Refer to this feature's version history for more details. + +##### Enable or disable LFS object replication using the self service framework + +LFS object replication using the self service framework is under development but ready for production use. It is +deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to disable it. + +To enable it: + +```ruby +Feature.enable(:geo_lfs_object_replication) +``` + +To disable it: + +```ruby +Feature.disable(:geo_lfs_object_replication) +``` diff --git a/doc/administration/geo/replication/docker_registry.md b/doc/administration/geo/replication/docker_registry.md index ea73614511f..a8628481ba7 100644 --- a/doc/administration/geo/replication/docker_registry.md +++ b/doc/administration/geo/replication/docker_registry.md @@ -24,7 +24,7 @@ integrated [Container Registry](../../packages/container_registry.md#use-object- You can enable a storage-agnostic replication so it can be used for cloud or local storage. Whenever a new image is pushed to the -**primary** site, each **secondary** site will pull it to its own container +**primary** site, each **secondary** site pulls it to its own container repository. To configure Docker Registry replication: @@ -70,12 +70,12 @@ We need to make Docker Registry send notification events to the NOTE: If you use an external Registry (not the one integrated with GitLab), you must add - these settings to its configuration yourself. In this case, you will also have to specify + these settings to its configuration yourself. In this case, you also have to specify notification secret in `registry.notification_secret` section of `/etc/gitlab/gitlab.rb` file. NOTE: - If you use GitLab HA, you will also have to specify + If you use GitLab HA, you also have to specify the notification secret in `registry.notification_secret` section of `/etc/gitlab/gitlab.rb` file for every web node. @@ -95,11 +95,11 @@ expecting to see the Docker images replicated. Because we need to allow the **secondary** site to communicate securely with the **primary** site Container Registry, we need to have a single key -pair for all the sites. The **secondary** site will use this key to +pair for all the sites. The **secondary** site uses this key to generate a short-lived JWT that is pull-only-capable to access the **primary** site Container Registry. -For each application and Sidekiq node on the **secondary** site: +For each application and Sidekiq node on the **secondary** site: 1. SSH into the node and login as the `root` user: @@ -126,5 +126,5 @@ For each application and Sidekiq node on the **secondary** site: To verify Container Registry replication is working, go to **Admin Area > Geo** (`/admin/geo/nodes`) on the **secondary** site. -The initial replication, or "backfill", will probably still be in progress. +The initial replication, or "backfill", is probably still in progress. You can monitor the synchronization process on each Geo site from the **primary** site's **Geo Nodes** dashboard in your browser. diff --git a/doc/administration/geo/replication/faq.md b/doc/administration/geo/replication/faq.md index 73a36f5e674..a83a1c22db6 100644 --- a/doc/administration/geo/replication/faq.md +++ b/doc/administration/geo/replication/faq.md @@ -13,61 +13,61 @@ The requirements are listed [on the index page](../index.md#requirements-for-run ## How does Geo know which projects to sync? -On each **secondary** node, there is a read-only replicated copy of the GitLab database. -A **secondary** node also has a tracking database where it stores which projects have been synced. +On each **secondary** site, there is a read-only replicated copy of the GitLab database. +A **secondary** site also has a tracking database where it stores which projects have been synced. Geo compares the two databases to find projects that are not yet tracked. At the start, this tracking database is empty, so Geo will start trying to update from every project that it can see in the GitLab database. For each project to sync: -1. Geo will issue a `git fetch geo --mirror` to get the latest information from the **primary** node. +1. Geo will issue a `git fetch geo --mirror` to get the latest information from the **primary** site. If there are no changes, the sync will be fast and end quickly. Otherwise, it will pull the latest commits. -1. The **secondary** node will update the tracking database to store the fact that it has synced projects A, B, C, etc. +1. The **secondary** site will update the tracking database to store the fact that it has synced projects A, B, C, etc. 1. Repeat until all projects are synced. -When someone pushes a commit to the **primary** node, it generates an event in the GitLab database that the repository has changed. -The **secondary** node sees this event, marks the project in question as dirty, and schedules the project to be resynced. +When someone pushes a commit to the **primary** site, it generates an event in the GitLab database that the repository has changed. +The **secondary** site sees this event, marks the project in question as dirty, and schedules the project to be resynced. To ensure that problems with pipelines (for example, syncs failing too many times or jobs being lost) don't permanently stop projects syncing, Geo also periodically checks the tracking database for projects that are marked as dirty. This check happens when the number of concurrent syncs falls below `repos_max_capacity` and there are no new projects waiting to be synced. Geo also has a checksum feature which runs a SHA256 sum across all the Git references to the SHA values. -If the refs don't match between the **primary** node and the **secondary** node, then the **secondary** node will mark that project as dirty and try to resync it. +If the refs don't match between the **primary** site and the **secondary** site, then the **secondary** site will mark that project as dirty and try to resync it. So even if we have an outdated tracking database, the validation should activate and find discrepancies in the repository state and resync. ## Can I use Geo in a disaster recovery situation? Yes, but there are limitations to what we replicate (see -[What data is replicated to a **secondary** node?](#what-data-is-replicated-to-a-secondary-node)). +[What data is replicated to a **secondary** site?](#what-data-is-replicated-to-a-secondary-site)). Read the documentation for [Disaster Recovery](../disaster_recovery/index.md). -## What data is replicated to a **secondary** node? +## What data is replicated to a **secondary** site? We currently replicate project repositories, LFS objects, generated attachments / avatars and the whole database. This means user accounts, issues, merge requests, groups, project data, etc., will be available for query. -## Can I `git push` to a **secondary** node? +## Can I `git push` to a **secondary** site? -Yes! Pushing directly to a **secondary** node (for both HTTP and SSH, including Git LFS) was [introduced](https://about.gitlab.com/releases/2018/09/22/gitlab-11-3-released/) in [GitLab Premium](https://about.gitlab.com/pricing/#self-managed) 11.3. +Yes! Pushing directly to a **secondary** site (for both HTTP and SSH, including Git LFS) was [introduced](https://about.gitlab.com/releases/2018/09/22/gitlab-11-3-released/) in [GitLab Premium](https://about.gitlab.com/pricing/#self-managed) 11.3. -## How long does it take to have a commit replicated to a **secondary** node? +## How long does it take to have a commit replicated to a **secondary** site? All replication operations are asynchronous and are queued to be dispatched. Therefore, it depends on a lot of factors including the amount of traffic, how big your commit is, the -connectivity between your nodes, your hardware, etc. +connectivity between your sites, your hardware, etc. ## What if the SSH server runs at a different port? -That's totally fine. We use HTTP(s) to fetch repository changes from the **primary** node to all **secondary** nodes. +That's totally fine. We use HTTP(s) to fetch repository changes from the **primary** site to all **secondary** sites. -## Is this possible to set up a Docker Registry for a **secondary** node that mirrors the one on the **primary** node? +## Is this possible to set up a Docker Registry for a **secondary** site that mirrors the one on the **primary** site? -Yes. See [Docker Registry for a **secondary** node](docker_registry.md). +Yes. See [Docker Registry for a **secondary** site](docker_registry.md). -## Can I login to a secondary node? +## Can I login to a secondary site? -Yes, but secondary nodes receive all authentication data (like user accounts and logins) from the primary instance. This means you will be re-directed to the primary for authentication and routed back afterwards. +Yes, but secondary sites receive all authentication data (like user accounts and logins) from the primary instance. This means you will be re-directed to the primary for authentication and routed back afterwards. diff --git a/doc/administration/geo/replication/geo_validation_tests.md b/doc/administration/geo/replication/geo_validation_tests.md index 06fd3cd70be..8f67e70c9e2 100644 --- a/doc/administration/geo/replication/geo_validation_tests.md +++ b/doc/administration/geo/replication/geo_validation_tests.md @@ -179,6 +179,15 @@ The following are PostgreSQL upgrade validation tests we performed. The following are additional validation tests we performed. +### May 2021 + +[Test failover with object storage replication enabled](https://gitlab.com/gitlab-org/gitlab/-/issues/330362): + +- Description: At the time of testing, Geo's object storage replication functionality was in beta. We tested that object storage replication works as intended and that the data was present on the new primary after a failover. +- Outcome: The test was successful. Data in object storage was replicated and present after a failover. +- Follow up issues: + - [Geo: Failing to replicate initial Monitoring project](https://gitlab.com/gitlab-org/gitlab/-/issues/330485) + ### August 2020 [Test Gitaly Cluster on a Geo Deployment](https://gitlab.com/gitlab-org/gitlab/-/issues/223210): diff --git a/doc/administration/geo/replication/location_aware_git_url.md b/doc/administration/geo/replication/location_aware_git_url.md index 272b746015b..014ca59e571 100644 --- a/doc/administration/geo/replication/location_aware_git_url.md +++ b/doc/administration/geo/replication/location_aware_git_url.md @@ -8,11 +8,11 @@ type: howto # Location-aware Git remote URL with AWS Route53 **(PREMIUM SELF)** You can provide GitLab users with a single remote URL that automatically uses -the Geo node closest to them. This means users don't need to update their Git -configuration to take advantage of closer Geo nodes as they move. +the Geo site closest to them. This means users don't need to update their Git +configuration to take advantage of closer Geo sites as they move. This is possible because, Git push requests can be automatically redirected -(HTTP) or proxied (SSH) from **secondary** nodes to the **primary** node. +(HTTP) or proxied (SSH) from **secondary** sites to the **primary** site. Though these instructions use [AWS Route53](https://aws.amazon.com/route53/), other services such as [Cloudflare](https://www.cloudflare.com/) could be used @@ -20,30 +20,30 @@ as well. NOTE: You can also use a load balancer to distribute web UI or API traffic to -[multiple Geo **secondary** nodes](../../../user/admin_area/geo_nodes.md#multiple-secondary-nodes-behind-a-load-balancer). -Importantly, the **primary** node cannot yet be included. See the feature request +[multiple Geo **secondary** sites](../../../user/admin_area/geo_nodes.md#multiple-secondary-nodes-behind-a-load-balancer). +Importantly, the **primary** site cannot yet be included. See the feature request [Support putting the **primary** behind a Geo node load balancer](https://gitlab.com/gitlab-org/gitlab/-/issues/10888). ## Prerequisites In this example, we have already set up: -- `primary.example.com` as a Geo **primary** node. -- `secondary.example.com` as a Geo **secondary** node. +- `primary.example.com` as a Geo **primary** site. +- `secondary.example.com` as a Geo **secondary** site. We will create a `git.example.com` subdomain that will automatically direct requests: -- From Europe to the **secondary** node. -- From all other locations to the **primary** node. +- From Europe to the **secondary** site. +- From all other locations to the **primary** site. In any case, you require: -- A working GitLab **primary** node that is accessible at its own address. -- A working GitLab **secondary** node. +- A working GitLab **primary** site that is accessible at its own address. +- A working GitLab **secondary** site. - A Route53 Hosted Zone managing your domain. -If you haven't yet set up a Geo _primary_ node and _secondary_ node, see the +If you haven't yet set up a Geo _primary_ site and _secondary_ site, see the [Geo setup instructions](../index.md#setup-instructions). ## Create a traffic policy @@ -89,7 +89,7 @@ routing configurations.  You have successfully set up a single host, e.g. `git.example.com` which -distributes traffic to your Geo nodes by geolocation! +distributes traffic to your Geo sites by geolocation! ## Configure Git clone URLs to use the special Git URL @@ -114,10 +114,10 @@ You can customize the: After following the configuration steps above, handling for Git requests is now location aware. For requests: -- Outside Europe, all requests are directed to the **primary** node. +- Outside Europe, all requests are directed to the **primary** site. - Within Europe, over: - HTTP: - - `git clone http://git.example.com/foo/bar.git` is directed to the **secondary** node. + - `git clone http://git.example.com/foo/bar.git` is directed to the **secondary** site. - `git push` is initially directed to the **secondary**, which automatically redirects to `primary.example.com`. - SSH: diff --git a/doc/administration/geo/replication/multiple_servers.md b/doc/administration/geo/replication/multiple_servers.md index f83e0e14e54..59bb3884a02 100644 --- a/doc/administration/geo/replication/multiple_servers.md +++ b/doc/administration/geo/replication/multiple_servers.md @@ -53,14 +53,14 @@ It is possible to use cloud hosted services for PostgreSQL and Redis, but this i ## Prerequisites: Two working GitLab multi-node clusters -One cluster will serve as the **primary** node. Use the +One cluster serves as the **primary** node. Use the [GitLab multi-node documentation](../../reference_architectures/index.md) to set this up. If you already have a working GitLab instance that is in-use, it can be used as a **primary**. -The second cluster will serve as the **secondary** node. Again, use the +The second cluster serves as the **secondary** node. Again, use the [GitLab multi-node documentation](../../reference_architectures/index.md) to set this up. -It's a good idea to log in and test it, however, note that its data will be +It's a good idea to log in and test it, however, note that its data is wiped out as part of the process of replicating from the **primary**. ## Configure the GitLab cluster to be the **primary** node @@ -120,7 +120,7 @@ major differences: called the "tracking database", which tracks the synchronization state of various resources. -Therefore, we will set up the multi-node components one-by-one, and include deviations +Therefore, we set up the multi-node components one-by-one, and include deviations from the normal multi-node setup. However, we highly recommend first configuring a brand-new cluster as if it were not part of a Geo setup so that it can be tested and verified as a working cluster. And only then should it be modified @@ -133,7 +133,7 @@ Configure the following services, again using the non-Geo multi-node documentation: - [Configuring Redis for GitLab](../../redis/replication_and_failover.md#example-configuration-for-the-gitlab-application) for multiple nodes. -- [Gitaly](../../gitaly/index.md), which will store data that is +- [Gitaly](../../gitaly/index.md), which stores data that is synchronized from the **primary** node. NOTE: @@ -143,7 +143,7 @@ recommended. ### Step 2: Configure the main read-only replica PostgreSQL database on the **secondary** node NOTE: -The following documentation assumes the database will be run on +The following documentation assumes the database runs on a single node only. Multi-node PostgreSQL on **secondary** nodes is [not currently supported](https://gitlab.com/groups/gitlab-org/-/epics/2536). @@ -151,7 +151,7 @@ Configure the [**secondary** database](../setup/database.md) as a read-only repl the **primary** database. Use the following as a guide. 1. Generate an MD5 hash of the desired password for the database user that the - GitLab application will use to access the read-replica database: + GitLab application uses to access the read-replica database: Note that the username (`gitlab` by default) is incorporated into the hash. @@ -233,13 +233,13 @@ If using an external PostgreSQL instance, refer also to ### Step 3: Configure the tracking database on the **secondary** node NOTE: -This documentation assumes the tracking database will be run on +This documentation assumes the tracking database runs on only a single machine, rather than as a PostgreSQL cluster. Configure the tracking database. 1. Generate an MD5 hash of the desired password for the database user that the - GitLab application will use to access the tracking database: + GitLab application uses to access the tracking database: Note that the username (`gitlab_geo` by default) is incorporated into the hash. @@ -377,7 +377,7 @@ Make sure that current node IP is listed in `postgresql['md5_auth_cidr_addresses After making these changes [Reconfigure GitLab](../../restart_gitlab.md#omnibus-gitlab-reconfigure) so the changes take effect. -On the secondary the following GitLab frontend services will be enabled: +On the secondary the following GitLab frontend services are enabled: - `geo-logcursor` - `gitlab-pages` diff --git a/doc/administration/geo/replication/object_storage.md b/doc/administration/geo/replication/object_storage.md index ad419f999b3..7dd831092a3 100644 --- a/doc/administration/geo/replication/object_storage.md +++ b/doc/administration/geo/replication/object_storage.md @@ -9,9 +9,9 @@ type: howto Geo can be used in combination with Object Storage (AWS S3, or other compatible object storage). -Currently, **secondary** nodes can use either: +Currently, **secondary** sites can use either: -- The same storage bucket as the **primary** node. +- The same storage bucket as the **primary** site. - A replicated storage bucket. To have: @@ -28,13 +28,13 @@ To have: WARNING: This is a [**beta** feature](https://about.gitlab.com/handbook/product/#beta) and is not ready yet for production use at any scale. The main limitations are a lack of testing at scale and no verification of any replicated data. -**Secondary** nodes can replicate files stored on the **primary** node regardless of +**Secondary** sites can replicate files stored on the **primary** site regardless of whether they are stored on the local file system or in object storage. To enable GitLab replication, you must: 1. Go to **Admin Area > Geo**. -1. Press **Edit** on the **secondary** node. +1. Press **Edit** on the **secondary** site. 1. In the **Synchronization Settings** section, find the **Allow this secondary node to replicate content on Object Storage** checkbox to enable it. @@ -46,7 +46,7 @@ For CI job artifacts, there is similar documentation to configure For user uploads, there is similar documentation to configure [upload object storage](../../uploads.md#using-object-storage) -If you want to migrate the **primary** node's files to object storage, you can +If you want to migrate the **primary** site's files to object storage, you can configure the **secondary** in a few ways: - Use the exact same object storage. @@ -57,15 +57,15 @@ configure the **secondary** in a few ways: GitLab does not currently support the case where both: -- The **primary** node uses local storage. -- A **secondary** node uses object storage. +- The **primary** site uses local storage. +- A **secondary** site uses object storage. ## Third-party replication services When using Amazon S3, you can use [CRR](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html) to -have automatic replication between the bucket used by the **primary** node and -the bucket used by **secondary** nodes. +have automatic replication between the bucket used by the **primary** site and +the bucket used by **secondary** sites. If you are using Google Cloud Storage, consider using [Multi-Regional Storage](https://cloud.google.com/storage/docs/storage-classes#multi-regional). diff --git a/doc/administration/geo/replication/remove_geo_node.md b/doc/administration/geo/replication/remove_geo_node.md index 09ea84b6c4b..697d8c6ae38 100644 --- a/doc/administration/geo/replication/remove_geo_node.md +++ b/doc/administration/geo/replication/remove_geo_node.md @@ -4,5 +4,5 @@ redirect_to: '../../geo/replication/remove_geo_site.md' This document was moved to [another location](../../geo/replication/remove_geo_site.md). -<!-- This redirect file can be deleted after 2022-04-01 --> +<!-- This redirect file can be deleted after 2021-06-01 --> <!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/administration/geo/replication/security_review.md b/doc/administration/geo/replication/security_review.md index abb84b95623..f84d7a2171d 100644 --- a/doc/administration/geo/replication/security_review.md +++ b/doc/administration/geo/replication/security_review.md @@ -36,7 +36,7 @@ from [owasp.org](https://owasp.org/). - The GitLab model of sensitivity is centered around public vs. internal vs. private projects. Geo replicates them all indiscriminately. "Selective sync" exists for files and repositories (but not database content), which would permit - only less-sensitive projects to be replicated to a **secondary** node if desired. + only less-sensitive projects to be replicated to a **secondary** site if desired. - See also: [GitLab data classification policy](https://about.gitlab.com/handbook/engineering/security/data-classification-standard.html). ### What data backup and retention requirements have been defined for the application? @@ -48,18 +48,18 @@ from [owasp.org](https://owasp.org/). ### Who are the application's end‐users? -- **Secondary** nodes are created in regions that are distant (in terms of - Internet latency) from the main GitLab installation (the **primary** node). They are - intended to be used by anyone who would ordinarily use the **primary** node, who finds - that the **secondary** node is closer to them (in terms of Internet latency). +- **Secondary** sites are created in regions that are distant (in terms of + Internet latency) from the main GitLab installation (the **primary** site). They are + intended to be used by anyone who would ordinarily use the **primary** site, who finds + that the **secondary** site is closer to them (in terms of Internet latency). ### How do the end‐users interact with the application? -- **Secondary** nodes provide all the interfaces a **primary** node does +- **Secondary** sites provide all the interfaces a **primary** site does (notably a HTTP/HTTPS web application, and HTTP/HTTPS or SSH Git repository access), but is constrained to read-only activities. The principal use case is - envisioned to be cloning Git repositories from the **secondary** node in favor of the - **primary** node, but end-users may use the GitLab web interface to view projects, + envisioned to be cloning Git repositories from the **secondary** site in favor of the + **primary** site, but end-users may use the GitLab web interface to view projects, issues, merge requests, snippets, etc. ### What security expectations do the end‐users have? @@ -67,10 +67,10 @@ from [owasp.org](https://owasp.org/). - The replication process must be secure. It would typically be unacceptable to transmit the entire database contents or all files and repositories across the public Internet in plaintext, for instance. -- **Secondary** nodes must have the same access controls over its content as the - **primary** node - unauthenticated users must not be able to gain access to privileged - information on the **primary** node by querying the **secondary** node. -- Attackers must not be able to impersonate the **secondary** node to the **primary** node, and +- **Secondary** sites must have the same access controls over its content as the + **primary** site - unauthenticated users must not be able to gain access to privileged + information on the **primary** site by querying the **secondary** site. +- Attackers must not be able to impersonate the **secondary** site to the **primary** site, and thus gain access to privileged information. ## Administrators @@ -86,7 +86,7 @@ from [owasp.org](https://owasp.org/). ### What administrative capabilities does the application offer? -- **Secondary** nodes may be added, modified, or removed by users with +- **Secondary** sites may be added, modified, or removed by users with administrative access. - The replication process may be controlled (start/stop) via the Sidekiq administrative controls. @@ -95,9 +95,9 @@ from [owasp.org](https://owasp.org/). ### What details regarding routing, switching, firewalling, and load‐balancing have been defined? -- Geo requires the **primary** node and **secondary** node to be able to communicate with each - other across a TCP/IP network. In particular, the **secondary** nodes must be able to - access HTTP/HTTPS and PostgreSQL services on the **primary** node. +- Geo requires the **primary** site and **secondary** site to be able to communicate with each + other across a TCP/IP network. In particular, the **secondary** sites must be able to + access HTTP/HTTPS and PostgreSQL services on the **primary** site. ### What core network devices support the application? @@ -105,9 +105,9 @@ from [owasp.org](https://owasp.org/). ### What network performance requirements exist? -- Maximum replication speeds between **primary** node and **secondary** node is limited by the +- Maximum replication speeds between **primary** site and **secondary** site is limited by the available bandwidth between sites. No hard requirements exist - time to complete - replication (and ability to keep up with changes on the **primary** node) is a function + replication (and ability to keep up with changes on the **primary** site) is a function of the size of the data set, tolerance for latency, and available network capacity. @@ -189,9 +189,9 @@ from [owasp.org](https://owasp.org/). ### How will database connection strings, encryption keys, and other sensitive components be stored, accessed, and protected from unauthorized detection? - There are some Geo-specific values. Some are shared secrets which must be - securely transmitted from the **primary** node to the **secondary** node at setup time. Our - documentation recommends transmitting them from the **primary** node to the system - administrator via SSH, and then back out to the **secondary** node in the same manner. + securely transmitted from the **primary** site to the **secondary** site at setup time. Our + documentation recommends transmitting them from the **primary** site to the system + administrator via SSH, and then back out to the **secondary** site in the same manner. In particular, this includes the PostgreSQL replication credentials and a secret key (`db_key_base`) which is used to decrypt certain columns in the database. The `db_key_base` secret is stored unencrypted on the file system, in @@ -205,25 +205,25 @@ from [owasp.org](https://owasp.org/). - Data is entered via the web application exposed by GitLab itself. Some data is also entered using system administration commands on the GitLab servers (e.g., `gitlab-ctl set-primary-node`). -- **Secondary** nodes also receive inputs via PostgreSQL streaming replication from the **primary** node. +- **Secondary** sites also receive inputs via PostgreSQL streaming replication from the **primary** site. ### What data output paths does the application support? -- **Primary** nodes output via PostgreSQL streaming replication to the **secondary** node. +- **Primary** sites output via PostgreSQL streaming replication to the **secondary** site. Otherwise, principally via the web application exposed by GitLab itself, and via SSH `git clone` operations initiated by the end-user. ### How does data flow across the application's internal components? -- **Secondary** nodes and **primary** nodes interact via HTTP/HTTPS (secured with JSON web +- **Secondary** sites and **primary** sites interact via HTTP/HTTPS (secured with JSON web tokens) and via PostgreSQL streaming replication. -- Within a **primary** node or **secondary** node, the SSOT is the file system and the database - (including Geo tracking database on **secondary** node). The various internal components +- Within a **primary** site or **secondary** site, the SSOT is the file system and the database + (including Geo tracking database on **secondary** site). The various internal components are orchestrated to make alterations to these stores. ### What data input validation requirements have been defined? -- **Secondary** nodes must have a faithful replication of the **primary** node's data. +- **Secondary** sites must have a faithful replication of the **primary** site's data. ### What data does the application store and how? @@ -231,11 +231,11 @@ from [owasp.org](https://owasp.org/). ### What data is or may need to be encrypted and what key management requirements have been defined? -- Neither **primary** nodes or **secondary** nodes encrypt Git repository or file system data at +- Neither **primary** sites or **secondary** sites encrypt Git repository or file system data at rest. A subset of database columns are encrypted at rest using the `db_otp_key`. - A static secret shared across all hosts in a GitLab deployment. - In transit, data should be encrypted, although the application does permit - communication to proceed unencrypted. The two main transits are the **secondary** node's + communication to proceed unencrypted. The two main transits are the **secondary** site's replication process for PostgreSQL, and for Git repositories/files. Both should be protected using TLS, with the keys for that managed via Omnibus per existing configuration for end-user access to GitLab. @@ -253,19 +253,19 @@ from [owasp.org](https://owasp.org/). ### What user privilege levels does the application support? -- Geo adds one type of privilege: **secondary** nodes can access a special Geo API to +- Geo adds one type of privilege: **secondary** sites can access a special Geo API to download files over HTTP/HTTPS, and to clone repositories using HTTP/HTTPS. ### What user identification and authentication requirements have been defined? -- **Secondary** nodes identify to Geo **primary** nodes via OAuth or JWT authentication +- **Secondary** sites identify to Geo **primary** sites via OAuth or JWT authentication based on the shared database (HTTP access) or a PostgreSQL replication user (for database replication). The database replication also requires IP-based access controls to be defined. ### What user authorization requirements have been defined? -- **Secondary** nodes must only be able to *read* data. They are not currently able to mutate data on the **primary** node. +- **Secondary** sites must only be able to *read* data. They are not currently able to mutate data on the **primary** site. ### What session management requirements have been defined? @@ -279,9 +279,9 @@ from [owasp.org](https://owasp.org/). ### What access requirements have been defined for URI and Service calls? -- **Secondary** nodes make many calls to the **primary** node's API. This is how file +- **Secondary** sites make many calls to the **primary** site's API. This is how file replication proceeds, for instance. This endpoint is only accessible with a JWT token. -- The **primary** node also makes calls to the **secondary** node to get status information. +- The **primary** site also makes calls to the **secondary** site to get status information. ## Application Monitoring diff --git a/doc/administration/geo/replication/troubleshooting.md b/doc/administration/geo/replication/troubleshooting.md index 079a3713c73..6d990fd12ba 100644 --- a/doc/administration/geo/replication/troubleshooting.md +++ b/doc/administration/geo/replication/troubleshooting.md @@ -558,6 +558,7 @@ to start again from scratch, there are a few steps that can help you: mv /var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/uploads.old mkdir -p /var/opt/gitlab/gitlab-rails/uploads + gitlab-ctl start postgresql gitlab-ctl start geo-postgresql ``` @@ -853,6 +854,12 @@ To resolve this issue: the **primary** node using IPv4 in the `/etc/hosts` file. Alternatively, you should [enable IPv6 on the **primary** node](https://docs.gitlab.com/omnibus/settings/nginx.html#setting-the-nginx-listen-address-or-addresses). +### GitLab Pages return 404 errors after promoting + +This is due to [Pages data not being managed by Geo](datatypes.md#limitations-on-replicationverification). +Find advice to resolve those errors in the +[Pages administration documentation](../../../administration/pages/index.md#404-error-after-promoting-a-geo-secondary-to-a-primary-node). + ## Fixing client errors ### Authorization errors from LFS HTTP(s) client requests diff --git a/doc/administration/geo/replication/usage.md b/doc/administration/geo/replication/usage.md index 2fcc0565567..1491aa3427e 100644 --- a/doc/administration/geo/replication/usage.md +++ b/doc/administration/geo/replication/usage.md @@ -25,3 +25,11 @@ remote: ssh://git@primary.geo/user/repo.git remote: Everything up-to-date ``` + +NOTE: +If you're using HTTPS instead of [SSH](../../../ssh/README.md) to push to the secondary, +you can't store credentials in the URL like `user:password@URL`. Instead, you can use a +[`.netrc` file](https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html) +for Unix-like operating systems or `_netrc` for Windows. In that case, the credentials +will be stored as a plain text. If you're looking for a more secure way to store credentials, +you can use [Git Credential Storage](https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage). diff --git a/doc/administration/geo/replication/using_a_geo_server.md b/doc/administration/geo/replication/using_a_geo_server.md index e48e750f710..f8ce72ac3f8 100644 --- a/doc/administration/geo/replication/using_a_geo_server.md +++ b/doc/administration/geo/replication/using_a_geo_server.md @@ -4,5 +4,5 @@ redirect_to: '../../geo/replication/usage.md' This document was moved to [another location](../../geo/replication/usage.md). -<!-- This redirect file can be deleted after 2022-04-01 --> +<!-- This redirect file can be deleted after 2022-06-01 --> <!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/administration/geo/replication/version_specific_updates.md b/doc/administration/geo/replication/version_specific_updates.md index 4f0a4dc638c..4a101c52325 100644 --- a/doc/administration/geo/replication/version_specific_updates.md +++ b/doc/administration/geo/replication/version_specific_updates.md @@ -15,8 +15,29 @@ for updating Geo nodes. We've detected an issue [with a column rename](https://gitlab.com/gitlab-org/gitlab/-/issues/324160) that may prevent upgrades to GitLab 13.9.0, 13.9.1, 13.9.2 and 13.9.3. -We are working on a patch and recommend delaying any upgrade attempt until a fixed version -is released. +We are working on a patch, but until a fixed version is released, you can manually complete +the zero-downtime upgrade: + +1. Before running the final `sudo gitlab-rake db:migrate` command on the deploy node, + execute the following queries using the PostgreSQL console (or `sudo gitlab-psql`) + to drop the problematic triggers: + + ```sql + drop trigger trigger_e40a6f1858e6 on application_settings; + drop trigger trigger_0d588df444c8 on application_settings; + drop trigger trigger_1572cbc9a15f on application_settings; + drop trigger trigger_22a39c5c25f3 on application_settings; + ``` + +1. Run the final migrations: + + ```shell + sudo gitlab-rake db:migrate + ``` + +If you have already run the final `sudo gitlab-rake db:migrate` command on the deploy node and have +encountered the [column rename issue](https://gitlab.com/gitlab-org/gitlab/-/issues/324160), you can still +follow the previous steps to complete the update. More details are available [in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/324160). diff --git a/doc/administration/geo/setup/database.md b/doc/administration/geo/setup/database.md index 9c2cc8fc62e..b87a606e349 100644 --- a/doc/administration/geo/setup/database.md +++ b/doc/administration/geo/setup/database.md @@ -466,15 +466,16 @@ The replication process is now complete. [PgBouncer](https://www.pgbouncer.org/) may be used with GitLab Geo to pool PostgreSQL connections. We recommend using PgBouncer if you use GitLab in a high-availability configuration with a cluster of nodes supporting a Geo -**primary** node and another cluster of nodes supporting a Geo **secondary** node. For more -information, see [High Availability with Omnibus GitLab](../../postgresql/replication_and_failover.md). +**primary** site and two other clusters of nodes supporting a Geo **secondary** site. +One for the main database and the other for the tracking database. For more information, +see [High Availability with Omnibus GitLab](../../postgresql/replication_and_failover.md). ## Patroni support Support for Patroni is intended to replace `repmgr` as a [highly available PostgreSQL solution](../../postgresql/replication_and_failover.md) on the primary node, but it can also be used for PostgreSQL HA on a secondary -site. +site. Similar to `repmgr`, using Patroni on a secondary node is optional. Starting with GitLab 13.5, Patroni is available for _experimental_ use with Geo primary and secondary sites. Due to its experimental nature, Patroni support is @@ -490,6 +491,10 @@ This experimental implementation has the following limitations: For instructions about how to set up Patroni on the primary site, see the [PostgreSQL replication and failover with Omnibus GitLab](../../postgresql/replication_and_failover.md#patroni) page. +### Configuring Patroni cluster for a Geo secondary site + +In a Geo secondary site, the main PostgreSQL database is a read-only replica of the primary site’s PostgreSQL database. + If you are currently using `repmgr` on your Geo primary site, see [these instructions](#migrating-from-repmgr-to-patroni) for migrating from `repmgr` to Patroni. A production-ready and secure setup requires at least three Consul nodes, three @@ -498,9 +503,7 @@ configuration for the secondary site. The internal load balancer provides a sing endpoint for connecting to the Patroni cluster's leader whenever a new leader is elected. Be sure to use [password credentials](../../postgresql/replication_and_failover.md#database-authorization-for-patroni) and other database best practices. -Similar to `repmgr`, using Patroni on a secondary node is optional. - -### Step 1. Configure Patroni permanent replication slot on the primary site +#### Step 1. Configure Patroni permanent replication slot on the primary site To set up database replication with Patroni on a secondary node, we need to configure a _permanent replication slot_ on the primary node's Patroni cluster, @@ -520,7 +523,7 @@ Leader instance**: ```ruby consul['enable'] = true consul['configuration'] = { - retry_join: %w[CONSUL_PRIMARY1_IP CONSULT_PRIMARY2_IP CONSULT_PRIMARY3_IP] + retry_join: %w[CONSUL_PRIMARY1_IP CONSUL_PRIMARY2_IP CONSUL_PRIMARY3_IP] } repmgr['enable'] = false @@ -553,7 +556,7 @@ Leader instance**: gitlab-ctl reconfigure ``` -### Step 2. Configure the internal load balancer on the primary site +#### Step 2. Configure the internal load balancer on the primary site To avoid reconfiguring the Standby Leader on the secondary site whenever a new Leader is elected on the primary site, we'll need to set up a TCP internal load @@ -597,7 +600,65 @@ backend postgresql Refer to your preferred Load Balancer's documentation for further guidance. -### Step 3. Configure a Standby cluster on the secondary site +#### Step 3. Configure a PgBouncer node on the secondary site + +A production-ready and highly available configuration requires at least +three Consul nodes, a minimum of one PgBouncer node, but it’s recommended to have +one per database node. An internal load balancer (TCP) is required when there is +more than one PgBouncer service nodes. The internal load balancer provides a single +endpoint for connecting to the PgBouncer cluster. For more information, +see [High Availability with Omnibus GitLab](../../postgresql/replication_and_failover.md). + +Follow the minimal configuration for the PgBouncer node: + +1. SSH into your PgBouncer node and login as root: + + ```shell + sudo -i + ``` + +1. Edit `/etc/gitlab/gitlab.rb` and add the following: + + ```ruby + # Disable all components except Pgbouncer and Consul agent + roles ['pgbouncer_role'] + + # PgBouncer configuration + pgbouncer['users'] = { + 'pgbouncer': { + password: 'PGBOUNCER_PASSWORD_HASH' + } + } + + # Consul configuration + consul['watchers'] = %w(postgresql) + + consul['configuration'] = { + retry_join: %w[CONSUL_SECONDARY1_IP CONSUL_SECONDARY2_IP CONSUL_SECONDARY3_IP] + } + + consul['monitoring_service_discovery'] = true + ``` + +1. Reconfigure GitLab for the changes to take effect: + + ```shell + gitlab-ctl reconfigure + ``` + +1. Create a `.pgpass` file so Consul is able to reload PgBouncer. Enter the `PLAIN_TEXT_PGBOUNCER_PASSWORD` twice when asked: + + ```shell + gitlab-ctl write-pgpass --host 127.0.0.1 --database pgbouncer --user pgbouncer --hostuser gitlab-consul + ``` + +1. Restart the PgBouncer service: + + ```shell + gitlab-ctl restart pgbouncer + ``` + +#### Step 4. Configure a Standby cluster on the secondary site NOTE: If you are converting a secondary site to a Patroni Cluster, you must start @@ -619,7 +680,7 @@ For each Patroni instance on the secondary site: consul['enable'] = true consul['configuration'] = { - retry_join: %w[CONSUL_SECONDARY1_IP CONSULT_SECONDARY2_IP CONSULT_SECONDARY3_IP] + retry_join: %w[CONSUL_SECONDARY1_IP CONSUL_SECONDARY2_IP CONSUL_SECONDARY3_IP] } repmgr['enable'] = false @@ -669,14 +730,14 @@ For each Patroni instance on the secondary site: gitlab-ctl reconfigure ``` -## Migrating from repmgr to Patroni +### Migrating from repmgr to Patroni 1. Before migrating, it is recommended that there is no replication lag between the primary and secondary sites and that replication is paused. In GitLab 13.2 and later, you can pause and resume replication with `gitlab-ctl geo-replication-pause` and `gitlab-ctl geo-replication-resume` on a Geo secondary database node. 1. Follow the [instructions to migrate repmgr to Patroni](../../postgresql/replication_and_failover.md#switching-from-repmgr-to-patroni). When configuring Patroni on each primary site database node, add `patroni['replication_slots'] = { '<slot_name>' => 'physical' }` to `gitlab.rb` where `<slot_name>` is the name of the replication slot for your Geo secondary. This will ensure that Patroni recognizes the replication slot as permanent and will not drop it upon restarting. 1. If database replication to the secondary was paused before migration, resume replication once Patroni is confirmed working on the primary. -## Migrating a single PostgreSQL node to Patroni +### Migrating a single PostgreSQL node to Patroni Before the introduction of Patroni, Geo had no Omnibus support for HA setups on the secondary node. @@ -685,12 +746,197 @@ With Patroni it's now possible to support that. In order to migrate the existing 1. Make sure you have a Consul cluster setup on the secondary (similar to how you set it up on the primary). 1. [Configure a permanent replication slot](#step-1-configure-patroni-permanent-replication-slot-on-the-primary-site). 1. [Configure the internal load balancer](#step-2-configure-the-internal-load-balancer-on-the-primary-site). -1. [Configure a Standby Cluster](#step-3-configure-a-standby-cluster-on-the-secondary-site) +1. [Configure a PgBouncer node](#step-3-configure-a-pgbouncer-node-on-the-secondary-site) +1. [Configure a Standby Cluster](#step-4-configure-a-standby-cluster-on-the-secondary-site) on that single node machine. You will end up with a "Standby Cluster" with a single node. That allows you to later on add additional Patroni nodes by following the same instructions above. +### Configuring Patroni cluster for the tracking PostgreSQL database + +Secondary sites use a separate PostgreSQL installation as a tracking database to +keep track of replication status and automatically recover from potential replication issues. +Omnibus automatically configures a tracking database when `roles ['geo_secondary_role']` is set. +If you want to run this database in a highly available configuration, follow the instructions below. + +A production-ready and secure setup requires at least three Consul nodes, three +Patroni nodes on the secondary site secondary site. Be sure to use [password credentials](../../postgresql/replication_and_failover.md#database-authorization-for-patroni) and other database best practices. + +#### Step 1. Configure a PgBouncer node on the secondary site + +A production-ready and highly available configuration requires at least +three Consul nodes, three PgBouncer nodes, and one internal load-balancing node. +The internal load balancer provides a single endpoint for connecting to the +PgBouncer cluster. For more information, see [High Availability with Omnibus GitLab](../../postgresql/replication_and_failover.md). + +Follow the minimal configuration for the PgBouncer node for the tracking database: + +1. SSH into your PgBouncer node and login as root: + + ```shell + sudo -i + ``` + +1. Edit `/etc/gitlab/gitlab.rb` and add the following: + + ```ruby + # Disable all components except Pgbouncer and Consul agent + roles ['pgbouncer_role'] + + # PgBouncer configuration + pgbouncer['users'] = { + 'pgbouncer': { + password: 'PGBOUNCER_PASSWORD_HASH' + } + } + + pgbouncer['databases'] = { + gitlabhq_geo_production: { + user: 'pgbouncer', + password: 'PGBOUNCER_PASSWORD_HASH' + } + } + + # Consul configuration + consul['watchers'] = %w(postgresql) + + consul['configuration'] = { + retry_join: %w[CONSUL_TRACKINGDB1_IP CONSUL_TRACKINGDB2_IP CONSUL_TRACKINGDB3_IP] + } + + consul['monitoring_service_discovery'] = true + + # GitLab database settings + gitlab_rails['db_database'] = 'gitlabhq_geo_production' + gitlab_rails['db_username'] = 'gitlab_geo' + ``` + +1. Reconfigure GitLab for the changes to take effect: + + ```shell + gitlab-ctl reconfigure + ``` + +1. Create a `.pgpass` file so Consul is able to reload PgBouncer. Enter the `PLAIN_TEXT_PGBOUNCER_PASSWORD` twice when asked: + + ```shell + gitlab-ctl write-pgpass --host 127.0.0.1 --database pgbouncer --user pgbouncer --hostuser gitlab-consul + ``` + +1. Restart the PgBouncer service: + + ```shell + gitlab-ctl restart pgbouncer + ``` + +#### Step 2. Configure a Patroni cluster + +For each Patroni instance on the secondary site for the tracking database: + +1. SSH into your Patroni node and login as root: + + ```shell + sudo -i + ``` + +1. Edit `/etc/gitlab/gitlab.rb` and add the following: + + ```ruby + # Disable all components except PostgreSQL, Patroni, and Consul + roles ['patroni_role'] + + # Consul configuration + consul['services'] = %w(postgresql) + + consul['configuration'] = { + server: true, + retry_join: %w[CONSUL_TRACKINGDB1_IP CONSUL_TRACKINGDB2_IP CONSUL_TRACKINGDB3_IP] + } + + # PostgreSQL configuration + postgresql['listen_address'] = '0.0.0.0' + postgresql['hot_standby'] = 'on' + postgresql['wal_level'] = 'replica' + + postgresql['pgbouncer_user_password'] = 'PGBOUNCER_PASSWORD_HASH' + postgresql['sql_replication_password'] = 'POSTGRESQL_REPLICATION_PASSWORD_HASH' + postgresql['sql_user_password'] = 'POSTGRESQL_PASSWORD_HASH' + + postgresql['md5_auth_cidr_addresses'] = [ + 'PATRONI_TRACKINGDB1_IP/32', 'PATRONI_TRACKINGDB2_IP/32', 'PATRONI_TRACKINGDB3_IP/32', 'PATRONI_TRACKINGDB_PGBOUNCER/32', + # Any other instance that needs access to the database as per documentation + ] + + # Patroni configuration + patroni['replication_password'] = 'PLAIN_TEXT_POSTGRESQL_REPLICATION_PASSWORD' + patroni['postgresql']['max_wal_senders'] = 5 # A minimum of three for one replica, plus two for each additional replica + + # GitLab database settings + gitlab_rails['db_database'] = 'gitlabhq_geo_production' + gitlab_rails['db_username'] = 'gitlab_geo' + + # Disable automatic database migrations + gitlab_rails['auto_migrate'] = false + ``` + +1. Reconfigure GitLab for the changes to take effect. + This is required to bootstrap PostgreSQL users and settings: + + ```shell + gitlab-ctl reconfigure + ``` + +#### Step 3. Configure the tracking database on the secondary nodes + +For each node running the `gitlab-rails`, `sidekiq`, and `geo-logcursor` services: + +1. SSH into your node and login as root: + + ```shell + sudo -i + ``` + +1. Edit `/etc/gitlab/gitlab.rb` and add the following attributes. You may have other attributes set, but the following need to be set. + + ```ruby + # Tracking database settings + geo_secondary['db_username'] = 'gitlab_geo' + geo_secondary['db_password'] = 'PLAIN_TEXT_PGBOUNCER_PASSWORD' + geo_secondary['db_database'] = 'gitlabhq_geo_production' + geo_secondary['db_host'] = 'PATRONI_TRACKINGDB_PGBOUNCER_IP' + geo_secondary['db_port'] = 6432 + geo_secondary['auto_migrate'] = false + + # Disable the tracking database service + geo_postgresql['enable'] = false + ``` + +1. Reconfigure GitLab for the changes to take effect. + + ```shell + gitlab-ctl reconfigure + ``` + +1. Run the tracking database migrations: + + ```shell + gitlab-rake geo:db:migrate + ``` + +### Migrating a single tracking database node to Patroni + +Before the introduction of Patroni, Geo had no Omnibus support for HA setups on +the secondary node. + +With Patroni, it's now possible to support that. Due to some restrictions on the +Patroni implementation on Omnibus that do not allow us to manage two different +clusters on the same machine, we recommend setting up a new Patroni cluster for +the tracking database by following the same instructions above. + +The secondary nodes will backfill the new tracking database, and no data +synchronization will be required. + ## Troubleshooting Read the [troubleshooting document](../replication/troubleshooting.md). diff --git a/doc/administration/geo/setup/index.md b/doc/administration/geo/setup/index.md index 5ec18e29f21..1afa4360cbc 100644 --- a/doc/administration/geo/setup/index.md +++ b/doc/administration/geo/setup/index.md @@ -25,7 +25,7 @@ If you installed GitLab using the Omnibus packages (highly recommended): 1. [Configure fast lookup of authorized SSH keys in the database](../../operations/fast_ssh_key_lookup.md). This step is required and needs to be done on **both** the **primary** and **secondary** nodes. 1. [Configure GitLab](../replication/configuration.md) to set the **primary** and **secondary** nodes. 1. Optional: [Configure a secondary LDAP server](../../auth/ldap/index.md) for the **secondary** node. See [notes on LDAP](../index.md#ldap). -1. [Follow the "Using a Geo Server" guide](../replication/using_a_geo_server.md). +1. Follow the [Using a Geo Site](../replication/usage.md) guide. ## Post-installation documentation diff --git a/doc/administration/git_annex.md b/doc/administration/git_annex.md index 07b7b1730e3..741b2a78b85 100644 --- a/doc/administration/git_annex.md +++ b/doc/administration/git_annex.md @@ -1,237 +1,8 @@ --- -stage: Create -group: Source Code -info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" -type: reference, howto -disqus_identifier: 'https://docs.gitlab.com/ee/workflow/git_annex.html' +redirect_to: 'index.md' --- -# Git annex +This document was moved to [another location](index.md). -WARNING: -[Git Annex support was removed](https://gitlab.com/gitlab-org/gitlab/-/issues/1648) -in GitLab 9.0. Read through the [migration guide from git-annex to Git LFS](../topics/git/lfs/migrate_from_git_annex_to_git_lfs.md). - -The biggest limitation of Git, compared to some older centralized version -control systems has been the maximum size of the repositories. - -The general recommendation is to not have Git repositories larger than 1GB to -preserve performance. Although GitLab has no limit (some repositories in GitLab -are over 50GB!), we subscribe to the advice to keep repositories as small as -you can. - -Not being able to version control large binaries is a big problem for many -larger organizations. -Videos, photos, audio, compiled binaries, and many other types of files are too -large. As a workaround, people keep artwork-in-progress in a Dropbox folder and -only check in the final result. This results in using outdated files, not -having a complete history, and increases the risk of losing work. - -This problem is solved in GitLab Enterprise Edition by integrating the -[git-annex](https://git-annex.branchable.com/) application. - -`git-annex` allows managing large binaries with Git without checking the -contents into Git. -You check-in only a symlink that contains the SHA-1 of the large binary. If you -need the large binary, you can sync it from the GitLab server over `rsync`, a -very fast file copying tool. - -## GitLab git-annex Configuration - -`git-annex` is disabled by default in GitLab. Below are the -configuration options required to enable it. - -### Requirements - -`git-annex` needs to be installed both on the server and the client-side. - -For Debian-like systems (for example, Debian and Ubuntu) this can be achieved by running: - -```shell -sudo apt-get update && sudo apt-get install git-annex -``` - -For RedHat-like systems (for example, CentOS and RHEL) this can be achieved by running: - -```shell -sudo yum install epel-release && sudo yum install git-annex -``` - -### Configuration for Omnibus packages - -For Omnibus GitLab packages, only one configuration setting is needed. -The Omnibus package internally sets the correct options in all locations. - -1. In `/etc/gitlab/gitlab.rb` add the following line: - - ```ruby - gitlab_shell['git_annex_enabled'] = true - ``` - -1. Save the file and [reconfigure GitLab](restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. - -### Configuration for installations from source - -There are 2 settings to enable git-annex on your GitLab server. - -One is located in `config/gitlab.yml` of the GitLab repository and the other -one is located in `config.yml` of GitLab Shell. - -1. In `config/gitlab.yml` add or edit the following lines: - - ```yaml - gitlab_shell: - git_annex_enabled: true - ``` - -1. In `config.yml` of GitLab Shell add or edit the following lines: - - ```yaml - git_annex_enabled: true - ``` - -1. Save the files and [restart GitLab](restart_gitlab.md#installations-from-source) for the changes to take effect. - -## Using GitLab git-annex - -NOTE: -Your Git remotes must be using the SSH protocol, not HTTP(S). - -Here is an example workflow of uploading a very large file and then checking it -into your Git repository: - -```shell -git clone git@example.com:group/project.git - -git annex init 'My Laptop' # initialize the annex project and give an optional description -cp ~/tmp/debian.iso ./ # copy a large file into the current directory -git annex add debian.iso # add the large file to git annex -git commit -am "Add Debian iso" # commit the file metadata -git annex sync --content # sync the Git repo and large file to the GitLab server -``` - -The output should look like this: - -```plaintext -commit -On branch master -Your branch is ahead of 'origin/master' by 1 commit. - (use "git push" to publish your local commits) -nothing to commit, working tree clean -ok -pull origin -remote: Counting objects: 5, done. -remote: Compressing objects: 100% (4/4), done. -remote: Total 5 (delta 2), reused 0 (delta 0) -Unpacking objects: 100% (5/5), done. -From example.com:group/project - 497842b..5162f80 git-annex -> origin/git-annex -ok -(merging origin/git-annex into git-annex...) -(recording state in git...) -copy debian.iso (checking origin...) (to origin...) -SHA256E-s26214400--8092b3d482fb1b7a5cf28c43bc1425c8f2d380e86869c0686c49aa7b0f086ab2.iso - 26,214,400 100% 638.88kB/s 0:00:40 (xfr#1, to-chk=0/1) -ok -pull origin -ok -(recording state in git...) -push origin -Counting objects: 15, done. -Delta compression using up to 4 threads. -Compressing objects: 100% (13/13), done. -Writing objects: 100% (15/15), 1.64 KiB | 0 bytes/s, done. -Total 15 (delta 1), reused 0 (delta 0) -To example.com:group/project.git - * [new branch] git-annex -> synced/git-annex - * [new branch] master -> synced/master -ok -``` - -Your files can be found in the `master` branch, but more branches are created -by the `annex sync` command. - -Git Annex creates a new directory at `.git/annex/` and records the -tracked files in the `.git/config` file. The files you assign to be tracked -with `git-annex` don't affect the existing `.git/config` records. The files -are turned into symbolic links that point to data in `.git/annex/objects/`. - -The `debian.iso` file in the example contain the symbolic link: - -```plaintext -.git/annex/objects/ZW/1k/SHA256E-s82701--6384039733b5035b559efd5a2e25a493ab6e09aabfd5162cc03f6f0ec238429d.png/SHA256E-s82701--6384039733b5035b559efd5a2e25a493ab6e09aabfd5162cc03f6f0ec238429d.iso -``` - -Use `git annex info` to retrieve the information about the local copy of your -repository. - ---- - -You can download a single large file with these commands: - -```shell -git clone git@gitlab.example.com:group/project.git - -git annex sync # sync Git branches but not the large file -git annex get debian.iso # download the large file -``` - -To download all files: - -```shell -git clone git@gitlab.example.com:group/project.git - -git annex sync --content # sync Git branches and download all the large files -``` - -By using `git-annex` without GitLab, anyone that can access the server can also -access the files of all projects. GitLab Annex ensures that you can only -access files of projects you have access to (developer, maintainer, or owner role). - -## How it works - -Internally GitLab uses [GitLab Shell](https://gitlab.com/gitlab-org/gitlab-shell) to handle SSH access and this was a great -integration point for `git-annex`. -There is a setting in GitLab Shell so you can disable GitLab Annex support -if you want to. - -## Troubleshooting tips - -Differences in the version of `git-annex` on the GitLab server and on local machines -can cause `git-annex` to raise unpredicted warnings and errors. - -Consult the [Annex upgrade page](https://git-annex.branchable.com/upgrades/) for more information about -the differences between versions. You can find out which version is installed -on your server by navigating to `https://pkgs.org/download/git-annex` and -searching for your distribution. - -Although there is no general guide for `git-annex` errors, there are a few tips -on how to go around the warnings. - -### `git-annex-shell: Not a git-annex or gcrypt repository` - -This warning can appear on the initial `git annex sync --content` and is caused -by differences in `git-annex-shell`. You can read more about it -[in this git-annex issue](https://git-annex.branchable.com/forum/Error_from_git-annex-shell_on_creation_of_gcrypt_special_remote/). - -One important thing to note is that despite the warning, the `sync` succeeds -and the files are pushed to the GitLab repository. - -If you get hit by this, you can run the following command inside the repository -that the warning was raised: - -```shell -git config remote.origin.annex-ignore false -``` - -Consecutive runs of `git annex sync --content` **should not** produce this -warning and the output should look like this: - -```plaintext -commit ok -pull origin -ok -pull origin -ok -push origin -``` +<!-- This redirect file can be deleted after <2021-07-22>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/administration/gitaly/configure_gitaly.md b/doc/administration/gitaly/configure_gitaly.md index 51ad376a625..c9b6fd4c510 100644 --- a/doc/administration/gitaly/configure_gitaly.md +++ b/doc/administration/gitaly/configure_gitaly.md @@ -378,13 +378,26 @@ server (with `gitaly_address`) unless you use 1. Edit `/etc/gitlab/gitlab.rb`: ```ruby + # Use the same token value configured on all Gitaly servers + gitlab_rails['gitaly_token'] = '<AUTH_TOKEN>' + git_data_dirs({ - 'default' => { 'gitaly_address' => 'tcp://gitaly1.internal:8075' }, + 'default' => { 'gitaly_address' => 'tcp://gitaly1.internal:8075' }, 'storage1' => { 'gitaly_address' => 'tcp://gitaly1.internal:8075' }, 'storage2' => { 'gitaly_address' => 'tcp://gitaly2.internal:8075' }, }) ``` + Alternatively, if each Gitaly server is configured to use a different authentication token: + + ```ruby + git_data_dirs({ + 'default' => { 'gitaly_address' => 'tcp://gitaly1.internal:8075', 'gitaly_token' => '<AUTH_TOKEN_1>' }, + 'storage1' => { 'gitaly_address' => 'tcp://gitaly1.internal:8075', 'gitaly_token' => '<AUTH_TOKEN_1>' }, + 'storage2' => { 'gitaly_address' => 'tcp://gitaly2.internal:8075', 'gitaly_token' => '<AUTH_TOKEN_2>' }, + }) + ``` + 1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). 1. Run `sudo gitlab-rake gitlab:gitaly:check` on the Gitaly client (for example, the Rails application) to confirm it can connect to Gitaly servers. @@ -404,12 +417,15 @@ server (with `gitaly_address`) unless you use storages: default: gitaly_address: tcp://gitaly1.internal:8075 + gitaly_token: AUTH_TOKEN_1 path: /some/local/path storage1: gitaly_address: tcp://gitaly1.internal:8075 + gitaly_token: AUTH_TOKEN_1 path: /some/local/path storage2: gitaly_address: tcp://gitaly2.internal:8075 + gitaly_token: AUTH_TOKEN_2 path: /some/local/path ``` @@ -979,7 +995,7 @@ identical fetches. It: The pack-objects cache is a local cache. It: - Stores its metadata in the memory of the Gitaly process it is enabled in. -- Stores the actual Git data it is caching in files on local storage. +- Stores the actual Git data it is caching in files on local storage. Using local files has the benefit that the operating system may automatically keep parts of the pack-objects cache files in RAM, @@ -1021,7 +1037,7 @@ we felt we cannot assume this is true everywhere. The cache needs a directory to store its files in. This directory should be: -- In a filesystem with enough space. If the cache filesystem runs out of space, all +- In a file system with enough space. If the cache file system runs out of space, all fetches start failing. - On a disk with enough IO bandwidth. If the cache disk runs out of IO bandwidth, all fetches, and probably the entire server, slows down. @@ -1036,8 +1052,8 @@ uses a unique random string as part of the cache filenames it creates. This mean - They do not reuse another process's files. While the default directory puts the cache files in the same -filesystem as your repository data, this is not requirement. You can -put the cache files on a different filesystem if that works better for +file system as your repository data, this is not requirement. You can +put the cache files on a different file system if that works better for your infrastructure. The amount of IO bandwidth required from the disk depends on: @@ -1141,7 +1157,7 @@ The following cache metrics are available. |Metric|Type|Labels|Description| |:---|:---|:---|:---| -|`gitaly_pack_objects_cache_enabled`|gauge|`dir`,`max_age`|Set to `1` when the cache is enabled via the Gitaly config file| +|`gitaly_pack_objects_cache_enabled`|gauge|`dir`,`max_age`|Set to `1` when the cache is enabled via the Gitaly configuration file| |`gitaly_pack_objects_cache_lookups_total`|counter|`result`|Hit/miss counter for cache lookups| |`gitaly_pack_objects_generated_bytes_total`|counter||Number of bytes written into the cache| |`gitaly_pack_objects_served_bytes_total`|counter||Number of bytes read from the cache| diff --git a/doc/administration/gitaly/index.md b/doc/administration/gitaly/index.md index 1a8e18ca2b2..3935e990590 100644 --- a/doc/administration/gitaly/index.md +++ b/doc/administration/gitaly/index.md @@ -62,7 +62,7 @@ Gitaly comes pre-configured with Omnibus GitLab, which is a configuration [suitable for up to 1000 users](../reference_architectures/1k_users.md). For: - Omnibus GitLab installations for up to 2000 users, see [specific Gitaly configuration instructions](../reference_architectures/2k_users.md#configure-gitaly). -- Source installations or custom Gitaly installations, see [Configure Gitaly](#configure-gitaly). +- Source installations or custom Gitaly installations, see [Configure Gitaly](configure_gitaly.md). GitLab installations for more than 2000 users should use Gitaly Cluster. @@ -108,9 +108,9 @@ The availability objectives for Gitaly clusters are: Gitaly Cluster supports: - [Strong consistency](praefect.md#strong-consistency) of the secondary replicas. -- [Automatic failover](praefect.md#automatic-failover-and-leader-election) from the primary to the secondary. +- [Automatic failover](praefect.md#automatic-failover-and-primary-election-strategies) from the primary to the secondary. - Reporting of possible data loss if replication queue is non-empty. -- Marking repositories as [read only](praefect.md#read-only-mode) if data loss is detected to prevent data inconsistencies. +- Marking repositories as [read-only](praefect.md#read-only-mode) if data loss is detected to prevent data inconsistencies. Follow the [Gitaly Cluster epic](https://gitlab.com/groups/gitlab-org/-/epics/1489) for improvements including @@ -213,7 +213,9 @@ In this example: - Each repository is stored on one of three Gitaly storages: `storage-1`, `storage-2`, or `storage-3`. - Each storage is serviced by a Gitaly node. -- The three Gitaly nodes store data in three separate hashed storage locations. +- The three Gitaly nodes share data in three separate hashed storage locations. +- The [replication factor](praefect.md#replication-factor) is `3`. There are three copies maintained + of each repository. Generally, virtual storage with Gitaly Cluster can replace direct Gitaly storage configurations, at the expense of additional storage needed to store each repository on multiple Gitaly nodes. The @@ -246,10 +248,10 @@ Gitaly Cluster and [Geo](../geo/index.md) both provide redundancy. However the r The following table outlines the major differences between Gitaly Cluster and Geo: -| Tool | Nodes | Locations | Latency tolerance | Failover | Consistency | Provides redundancy for | -|:---------------|:---------|:----------|:-------------------|:----------------------------------------------------------------|:-----------------------------------------|:------------------------| -| Gitaly Cluster | Multiple | Single | Approximately 1 ms | [Automatic](praefect.md#automatic-failover-and-leader-election) | [Strong](praefect.md#strong-consistency) | Data storage in Git | -| Geo | Multiple | Multiple | Up to one minute | [Manual](../geo/disaster_recovery/index.md) | Eventual | Entire GitLab instance | +| Tool | Nodes | Locations | Latency tolerance | Failover | Consistency | Provides redundancy for | +|:---------------|:---------|:----------|:-------------------|:----------------------------------------------------------------------------|:-----------------------------------------|:------------------------| +| Gitaly Cluster | Multiple | Single | Approximately 1 ms | [Automatic](praefect.md#automatic-failover-and-primary-election-strategies) | [Strong](praefect.md#strong-consistency) | Data storage in Git | +| Geo | Multiple | Multiple | Up to one minute | [Manual](../geo/disaster_recovery/index.md) | Eventual | Entire GitLab instance | For more information, see: diff --git a/doc/administration/gitaly/praefect.md b/doc/administration/gitaly/praefect.md index 1a8df1cea92..a1733d9d6ac 100644 --- a/doc/administration/gitaly/praefect.md +++ b/doc/administration/gitaly/praefect.md @@ -7,9 +7,14 @@ type: reference # Configure Gitaly Cluster **(FREE SELF)** -In addition to Gitaly Cluster configuration instructions available as part of -[reference architectures](../reference_architectures/index.md) for installations for more than -2000 users, advanced configuration instructions are available below. +Configure Gitaly Cluster using either: + +- The Gitaly Cluster configuration instructions available as part of + [reference architectures](../reference_architectures/index.md) for installations for more than + 2000 users. +- The advanced configuration instructions that follow on this page. + +Smaller GitLab installations may need only [Gitaly itself](index.md). ## Requirements for configuring a Gitaly Cluster @@ -869,6 +874,27 @@ Particular attention should be shown to: repository that viewed. If the project is created, and you can see the README file, it works! +#### Use TCP for existing GitLab instances + +When adding Gitaly Cluster to an existing Gitaly instance, the existing Gitaly storage +must use a TCP address. If `gitaly_address` is not specified, then a Unix socket is used, +which will prevent the communication with the cluster. + +For example: + +```ruby +git_data_dirs({ + 'default' => { 'gitaly_address' => 'tcp://old-gitaly.internal:8075' }, + 'cluster' => { + 'gitaly_address' => 'tcp://<load_balancer_server_address>:2305', + 'gitaly_token' => '<praefect_external_token>' + } +}) +``` + +See [Mixed Configuration](configure_gitaly.md#mixed-configuration) for further information on +running multiple Gitaly storages. + ### Grafana Grafana is included with GitLab, and can be used to monitor your Praefect @@ -1004,13 +1030,10 @@ replication factor offers better redundancy and distribution of read workload, b in a higher storage cost. By default, Praefect replicates repositories to every storage in a virtual storage. -### Configure replication factors +### Configure replication factor WARNING: -The feature is not production ready yet. After you set a replication factor, you can't unset it -without manually modifying database state. Variable replication factor requires you to enable -repository-specific primaries by configuring the `per_repository` primary election strategy. The election -strategy is not production ready yet. +Configurable replication factors require [repository-specific primary nodes](#repository-specific-primary-nodes) to be used. Praefect supports configuring a replication factor on a per-repository basis, by assigning specific storage nodes to host a repository. @@ -1056,26 +1079,119 @@ You can configure: current assignments: gitaly-1, gitaly-2 ``` -## Automatic failover and leader election +## Automatic failover and primary election strategies + +Praefect regularly checks the health of each Gitaly node. This is used to automatically fail over +to a newly-elected primary Gitaly node if the current primary node is found to be unhealthy. + +We recommend using [repository-specific primary nodes](#repository-specific-primary-nodes). This is +[planned to be the only available election strategy](https://gitlab.com/gitlab-org/gitaly/-/issues/3574) +from GitLab 14.0. + +### Repository-specific primary nodes + +> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/3492) in GitLab 13.12. + +Gitaly Cluster supports electing repository-specific primary Gitaly nodes. Repository-specific +Gitaly primary nodes are enabled in `/etc/gitlab/gitlab.rb` by setting +`praefect['failover_election_strategy'] = 'per_repository'`. + +Praefect's [deprecated election strategies](#deprecated-election-strategies): + +- Elected a primary Gitaly node for each virtual storage, which was used as the primary node for + each repository in the virtual storage. +- Prevented horizontal scaling of a virtual storage. The primary Gitaly node needed a replica of + each repository and thus became the bottleneck. + +The `per_repository` election strategy solves this problem by electing a primary Gitaly node separately for each +repository. Combined with [configurable replication factors](#configure-replication-factor), you can +horizontally scale storage capacity and distribute write load across Gitaly nodes. + +Primary elections are run when: + +- Praefect starts up. +- The cluster's consensus of a Gitaly node's health changes. + +A Gitaly node is considered: + +- Healthy if `>=50%` Praefect nodes have successfully health checked the Gitaly node in the + previous ten seconds. +- Unhealthy otherwise. + +During an election run, Praefect elects a new primary Gitaly node for each repository that has +an unhealthy primary Gitaly node. The election is made: + +- Randomly from healthy secondary Gitaly nodes that are the most up to date. +- Only from Gitaly nodes assigned to the host repository. + +If there are no healthy secondary nodes for a repository: + +- The unhealthy primary node is demoted and the repository is left without a primary node. +- Operations that require a primary node fail until a primary is successfully elected. + +#### Migrate to repository-specific primary Gitaly nodes + +New Gitaly Clusters can start using the `per_repository` election strategy immediately. + +To migrate existing clusters: + +1. Praefect nodes didn't historically keep database records of every repository stored on the cluster. When + the `per_repository` election strategy is configured, Praefect expects to have database records of + each repository. A [background migration](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/2749) is + included in GitLab 13.6 and later to create any missing database records for repositories. Before migrating + you should verify the migration has run by checking Praefect's logs: -Praefect regularly checks the health of each backend Gitaly node. This -information can be used to automatically failover to a new primary node if the -current primary node is found to be unhealthy. + Check Praefect's logs for `repository importer finished` message. The `virtual_storages` field contains + the names of virtual storages and whether they've had any missing database records created. -- **PostgreSQL (recommended):** Enabled by default, and equivalent to: - `praefect['failover_election_strategy'] = sql`. This configuration - option allows multiple Praefect nodes to coordinate via the - PostgreSQL database to elect a primary Gitaly node. This configuration - causes Praefect nodes to elect a new primary, monitor its health, - and elect a new primary if the current one has not been reachable in - 10 seconds by a majority of the Praefect nodes. + For example, the `default` virtual storage has been successfully migrated: + + ```json + {"level":"info","msg":"repository importer finished","pid":19752,"time":"2021-04-28T11:41:36.743Z","virtual_storages":{"default":true}} + ``` + + If a virtual storage has not been successfully migrated, it would have `false` next to it: + + ```json + {"level":"info","msg":"repository importer finished","pid":19752,"time":"2021-04-28T11:41:36.743Z","virtual_storages":{"default":false}} + ``` + + The migration is ran when Praefect starts up. If the migration is unsuccessful, you can restart + a Praefect node to reattempt it. The migration only runs with `sql` election strategy configured. + +1. Running two different election strategies side by side can cause a split brain, where different + Praefect nodes consider repositories to have different primaries. To avoid this, shut down + all Praefect nodes before changing the election strategy. + + Do this by running `gitlab-ctl stop praefect` on the Praefect nodes. + +1. On the Praefect nodes, configure the election strategy in `/etc/gitlab/gitlab.rb` with + `praefect['failover_election_strategy'] = 'per_repository'`. + +1. Finally, run `gitlab-ctl reconfigure` to reconfigure and restart the Praefect nodes. + +### Deprecated election strategies + +WARNING: +The below election strategies are deprecated and are scheduled for removal in GitLab 14.0. +Migrate to [repository-specific primary nodes](#repository-specific-primary-nodes). + +- **PostgreSQL:** Enabled by default until GitLab 14.0, and equivalent to: + `praefect['failover_election_strategy'] = 'sql'`. + + This configuration option: + + - Allows multiple Praefect nodes to coordinate via the PostgreSQL database to elect a primary + Gitaly node. + - Causes Praefect nodes to elect a new primary Gitaly node, monitor its health, and elect a new primary + Gitaly node if the current one is not reached within 10 seconds by a majority of the Praefect + nodes. - **Memory:** Enabled by setting `praefect['failover_election_strategy'] = 'local'` - in `/etc/gitlab/gitlab.rb` on the Praefect node. If a sufficient number of health - checks fail for the current primary backend Gitaly node, and new primary will - be elected. **Do not use with multiple Praefect nodes!** Using with multiple - Praefect nodes is likely to result in a split brain. + in `/etc/gitlab/gitlab.rb` on the Praefect node. -We are likely to implement support for Consul, and a cloud native, strategy in the future. + If a sufficient number of health checks fail for the current primary Gitaly node, a new primary is + elected. **Do not use with multiple Praefect nodes!** Using with multiple Praefect nodes is + likely to result in a split brain. ## Primary Node Failure @@ -1285,6 +1401,13 @@ praefect['reconciliation_scheduling_interval'] = '0' # disable the feature ### Manual reconciliation +WARNING: +The `reconcile` sub-command is deprecated and scheduled for removal in GitLab 14.0. Use +[automatic reconciliation](#automatic-reconciliation) instead. Manual reconciliation may +produce excess replication jobs and is limited in functionality. Manual reconciliation does +not work when [repository-specific primary nodes](#repository-specific-primary-nodes) are +enabled. + The Praefect `reconcile` sub-command allows for the manual reconciliation between two Gitaly nodes. The command replicates every repository on a later version on the reference storage to the target storage. @@ -1298,6 +1421,25 @@ sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.t ## Migrate to Gitaly Cluster +Whether migrating to Gitaly Cluster because of [NFS support deprecation](index.md#nfs-deprecation-notice) +or to move from single Gitaly nodes, the basic process involves: + +1. Create the required storage. +1. Create and configure Gitaly Cluster. +1. [Move the repositories](#move-repositories). + +The size of the required storage can vary between instances and depends on the set +[replication factor](#replication-factor). The migration to Gitaly Cluster might include +implementing repository storage redundancy. + +For a replication factor: + +- Of `1`: NFS, Gitaly, and Gitaly Cluster have roughly the same storage requirements. +- More than `1`: The amount of required storage is `used space * replication factor`. `used space` + should include any planned future growth. + +### Move Repositories + To migrate to Gitaly Cluster, existing repositories stored outside Gitaly Cluster must be moved. There is no automatic migration but the moves can be scheduled with the GitLab API. @@ -1305,7 +1447,7 @@ GitLab repositories can be associated with projects, groups, and snippets. Each have a separate API to schedule the respective repositories to move. To move all repositories on a GitLab instance, each of these types must be scheduled to move for each storage. -Each repository is made read only when the move is scheduled. The repository is not writable +Each repository is made read-only for the duration of the move. The repository is not writable until the move has completed. After creating and configuring Gitaly Cluster: @@ -1316,11 +1458,11 @@ After creating and configuring Gitaly Cluster: so that the Gitaly Cluster receives all new projects. This stops new projects being created on existing Gitaly nodes while the migration is in progress. 1. Schedule repository moves for: - - [Projects](#bulk-schedule-projects). - - [Snippets](#bulk-schedule-snippets). - - [Groups](#bulk-schedule-groups). **(PREMIUM SELF)** + - [Projects](#bulk-schedule-project-moves). + - [Snippets](#bulk-schedule-snippet-moves). + - [Groups](#bulk-schedule-group-moves). **(PREMIUM SELF)** -### Bulk schedule projects +#### Bulk schedule project moves 1. [Schedule repository storage moves for all projects on a storage shard](../../api/project_repository_storage_moves.md#schedule-repository-storage-moves-for-all-projects-on-a-storage-shard) using the API. For example: @@ -1353,7 +1495,7 @@ After creating and configuring Gitaly Cluster: 1. Repeat for each storage as required. -### Bulk schedule snippets +#### Bulk schedule snippet moves 1. [Schedule repository storage moves for all snippets on a storage shard](../../api/snippet_repository_storage_moves.md#schedule-repository-storage-moves-for-all-snippets-on-a-storage-shard) using the API. For example: @@ -1378,7 +1520,7 @@ After creating and configuring Gitaly Cluster: 1. Repeat for each storage as required. -### Bulk schedule groups **(PREMIUM SELF)** +#### Bulk schedule group moves **(PREMIUM SELF)** 1. [Schedule repository storage moves for all groups on a storage shard](../../api/group_repository_storage_moves.md#schedule-repository-storage-moves-for-all-groups-on-a-storage-shard) using the API. @@ -1421,3 +1563,16 @@ Here are common errors and potential causes: - **GRPC::Unavailable (14:all SubCons are in TransientFailure...)** - Praefect cannot reach one or more of its child Gitaly nodes. Try running the Praefect connection checker to diagnose. + +### Determine primary Gitaly node + +To determine the current primary Gitaly node for a specific Praefect node: + +- Use the `Shard Primary Election` [Grafana chart](#grafana) on the [`Gitlab Omnibus - Praefect` dashboard](https://gitlab.com/gitlab-org/grafana-dashboards/-/blob/master/omnibus/praefect.json). + This is recommended. +- If you do not have Grafana set up, use the following command on each host of each + Praefect node: + + ```shell + curl localhost:9652/metrics | grep gitaly_praefect_primaries` + ``` diff --git a/doc/administration/housekeeping.md b/doc/administration/housekeeping.md index 8f369a05fbf..9668b7277c2 100644 --- a/doc/administration/housekeeping.md +++ b/doc/administration/housekeeping.md @@ -4,9 +4,10 @@ group: Distribution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Housekeeping +# Housekeeping **(FREE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/3041) in GitLab 8.4. +GitLab supports and automates housekeeping tasks within your current repository, +such as compressing file revisions and removing unreachable objects. ## Automatic housekeeping @@ -25,8 +26,8 @@ For example in the following scenario a `git repack -d` will be executed: - Git GC period = `200` - Full repack period = `50` -When the `pushes_since_gc` value is 50 a `repack -A -d --pack-kept-objects` will run, similarly when -the `pushes_since_gc` value is 200 a `git gc` will be run. +When the `pushes_since_gc` value is 50 a `repack -A -d --pack-kept-objects` runs, similarly when +the `pushes_since_gc` value is 200 a `git gc` runs. - `git gc` ([man page](https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-gc.html)) runs a number of housekeeping tasks, such as compressing file revisions (to reduce disk space and increase performance) @@ -34,12 +35,14 @@ the `pushes_since_gc` value is 200 a `git gc` will be run. `git add`. - `git repack` ([man page](https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-repack.html)) re-organize existing packs into a single, more efficient pack. -Housekeeping will also [remove unreferenced LFS files](../raketasks/cleanup.md#remove-unreferenced-lfs-files) +Housekeeping also [removes unreferenced LFS files](../raketasks/cleanup.md#remove-unreferenced-lfs-files) from your project on the same schedule as the `git gc` operation, freeing up storage space for your project. -You can find this option under your project's **Settings > General > Advanced**. +To manually start the housekeeping process: - +1. In your project, go to **Settings > General**. +1. Expand the **Advanced** section. +1. Select **Run housekeeping**. ## How housekeeping handles pool repositories @@ -56,4 +59,9 @@ This is the current call stack by which it is invoked: 1. `Gitaly::FetchIntoObjectPoolRequest` To manually invoke it from a Rails console, if needed, you can call `project.pool_repository.object_pool.fetch`. -This is a potentially long-running task, though Gitaly will timeout in about 8 hours. +This is a potentially long-running task, though Gitaly times out in about 8 hours. + +WARNING: +Do not run `git prune` or `git gc` in pool repositories! This can +cause data loss in "real" repositories that depend on the pool in +question. diff --git a/doc/administration/img/housekeeping_settings.png b/doc/administration/img/housekeeping_settings.png Binary files differdeleted file mode 100644 index 356de51f0cc..00000000000 --- a/doc/administration/img/housekeeping_settings.png +++ /dev/null diff --git a/doc/administration/incoming_email.md b/doc/administration/incoming_email.md index 22cd6ca097c..9aa6bffdb98 100644 --- a/doc/administration/incoming_email.md +++ b/doc/administration/incoming_email.md @@ -4,7 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Incoming email +# Incoming email **(FREE SELF)** GitLab has several features based on receiving incoming emails: @@ -185,8 +185,11 @@ Example for Omnibus installs: ```ruby gitlab_rails['incoming_email_enabled'] = true -# The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to. -# The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`). +# The email address including the %{key} placeholder that will be replaced to reference the +# item being replied to. This %{key} should be included in its entirety within the email +# address and not replaced by another value. +# For example: emailaddress+%{key}@gitlab.example.com. +# The placeholder must appear in the "user" part of the address (before the `@`). gitlab_rails['incoming_email_address'] = "incoming+%{key}@gitlab.example.com" # Email account username @@ -223,7 +226,7 @@ incoming_email: # The email address including the %{key} placeholder that will be replaced to reference the # item being replied to. This %{key} should be included in its entirety within the email # address and not replaced by another value. - # For example: emailadress+%{key}@gmail.com. + # For example: emailaddress+%{key}@gitlab.example.com. # The placeholder must appear in the "user" part of the address (before the `@`). address: "incoming+%{key}@gitlab.example.com" @@ -264,8 +267,11 @@ Example for Omnibus installs: ```ruby gitlab_rails['incoming_email_enabled'] = true -# The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to. -# The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`). +# The email address including the %{key} placeholder that will be replaced to reference the +# item being replied to. This %{key} should be included in its entirety within the email +# address and not replaced by another value. +# For example: emailaddress+%{key}@gmail.com. +# The placeholder must appear in the "user" part of the address (before the `@`). gitlab_rails['incoming_email_address'] = "gitlab-incoming+%{key}@gmail.com" # Email account username @@ -299,8 +305,11 @@ Example for source installs: incoming_email: enabled: true - # The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to. - # The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`). + # The email address including the %{key} placeholder that will be replaced to reference the + # item being replied to. This %{key} should be included in its entirety within the email + # address and not replaced by another value. + # For example: emailaddress+%{key}@gmail.com. + # The placeholder must appear in the "user" part of the address (before the `@`). address: "gitlab-incoming+%{key}@gmail.com" # Email account username @@ -345,8 +354,11 @@ Example for Omnibus installs: ```ruby gitlab_rails['incoming_email_enabled'] = true -# The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to. -# The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`). +# The email address including the %{key} placeholder that will be replaced to reference the +# item being replied to. This %{key} should be included in its entirety within the email +# address and not replaced by another value. +# For example: emailaddress-%{key}@exchange.example.com. +# The placeholder must appear in the "user" part of the address (before the `@`). # Exchange does not support sub-addressing, so a catch-all mailbox must be used. gitlab_rails['incoming_email_address'] = "incoming-%{key}@exchange.example.com" @@ -370,8 +382,11 @@ Example for source installs: incoming_email: enabled: true - # The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to. - # The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`). + # The email address including the %{key} placeholder that will be replaced to reference the + # item being replied to. This %{key} should be included in its entirety within the email + # address and not replaced by another value. + # For example: emailaddress-%{key}@exchange.example.com. + # The placeholder must appear in the "user" part of the address (before the `@`). # Exchange does not support sub-addressing, so a catch-all mailbox must be used. address: "incoming-%{key}@exchange.example.com" @@ -476,9 +491,11 @@ This example for Omnibus GitLab assumes the mailbox `incoming@office365.example. ```ruby gitlab_rails['incoming_email_enabled'] = true -# The email address including the `%{key}` placeholder that will be replaced -# to reference the item being replied to. The placeholder can be omitted, but if -# present, it must appear in the "user" part of the address (before the `@`). +# The email address including the %{key} placeholder that will be replaced to reference the +# item being replied to. This %{key} should be included in its entirety within the email +# address and not replaced by another value. +# For example: emailaddress+%{key}@office365.example.com. +# The placeholder must appear in the "user" part of the address (before the `@`). gitlab_rails['incoming_email_address'] = "incoming+%{key}@office365.example.com" # Email account username @@ -501,9 +518,11 @@ This example for source installs assumes the mailbox `incoming@office365.example incoming_email: enabled: true - # The email address including the `%{key}` placeholder that will be replaced - # to reference the item being replied to. The placeholder can be omitted, but - # if present, it must appear in the "user" part of the address (before the `@`). + # The email address including the %{key} placeholder that will be replaced to reference the + # item being replied to. This %{key} should be included in its entirety within the email + # address and not replaced by another value. + # For example: emailaddress+%{key}@office365.example.com. + # The placeholder must appear in the "user" part of the address (before the `@`). address: "incoming+%{key}@office365.example.comm" # Email account username @@ -527,9 +546,11 @@ This example for Omnibus installs assumes the catch-all mailbox `incoming@office ```ruby gitlab_rails['incoming_email_enabled'] = true -# The email address including the `%{key}` placeholder that will be replaced to -# reference the item being replied to. The placeholder can be omitted, but if present, -# it must appear in the "user" part of the address (before the `@`). +# The email address including the %{key} placeholder that will be replaced to reference the +# item being replied to. This %{key} should be included in its entirety within the email +# address and not replaced by another value. +# For example: emailaddress-%{key}@office365.example.com. +# The placeholder must appear in the "user" part of the address (before the `@`). gitlab_rails['incoming_email_address'] = "incoming-%{key}@office365.example.com" # Email account username @@ -552,9 +573,11 @@ This example for source installs assumes the catch-all mailbox `incoming@office3 incoming_email: enabled: true - # The email address including the `%{key}` placeholder that will be replaced - # to reference the item being replied to. The placeholder can be omitted, but - # if present, it must appear in the "user" part of the address (before the `@`). + # The email address including the %{key} placeholder that will be replaced to reference the + # item being replied to. This %{key} should be included in its entirety within the email + # address and not replaced by another value. + # For example: emailaddress+%{key}@office365.example.com. + # The placeholder must appear in the "user" part of the address (before the `@`). address: "incoming-%{key}@office365.example.com" # Email account username @@ -653,9 +676,11 @@ This example for Omnibus GitLab assumes you're using the following mailbox: `inc ```ruby gitlab_rails['incoming_email_enabled'] = true -# The email address including the `%{key}` placeholder that will be replaced -# to reference the item being replied to. The placeholder can be omitted, but if -# present, it must appear in the "user" part of the address (before the `@`). +# The email address including the %{key} placeholder that will be replaced to reference the +# item being replied to. This %{key} should be included in its entirety within the email +# address and not replaced by another value. +# For example: emailaddress+%{key}@example.onmicrosoft.com. +# The placeholder must appear in the "user" part of the address (before the `@`). gitlab_rails['incoming_email_address'] = "incoming+%{key}@example.onmicrosoft.com" # Email account username diff --git a/doc/administration/index.md b/doc/administration/index.md index a7d81ca1543..1bc2084a23a 100644 --- a/doc/administration/index.md +++ b/doc/administration/index.md @@ -139,7 +139,7 @@ Learn how to install, configure, update, and maintain your GitLab instance. - [Postfix for incoming email](reply_by_email_postfix_setup.md): Set up a basic Postfix mail server with IMAP authentication on Ubuntu for incoming emails. -- [Abuse reports](../user/admin_area/abuse_reports.md): View and resolve abuse reports from your users. +- [Abuse reports](../user/admin_area/review_abuse_reports.md): View and resolve abuse reports from your users. - [Credentials Inventory](../user/admin_area/credentials_inventory.md): With Credentials inventory, GitLab administrators can keep track of the credentials used by their users in their GitLab self-managed instance. ## Project settings @@ -190,7 +190,6 @@ Learn how to install, configure, update, and maintain your GitLab instance. - [Git LFS configuration](lfs/index.md): Learn how to configure LFS for GitLab. - [Housekeeping](housekeeping.md): Keep your Git repositories tidy and fast. - [Configuring Git Protocol v2](git_protocol.md): Git protocol version 2 support. -- [Manage large files with `git-annex` (Deprecated)](git_annex.md) ## Monitoring GitLab diff --git a/doc/administration/instance_limits.md b/doc/administration/instance_limits.md index 820006eeadf..9ea76ff6151 100644 --- a/doc/administration/instance_limits.md +++ b/doc/administration/instance_limits.md @@ -15,7 +15,7 @@ performance, data, or could even exhaust the allocated resources for the applica Rate limits can be used to improve the security and durability of GitLab. -For example, a simple script can make thousands of web requests per second. Whether malicious, apathetic, or just a bug, your application and infrastructure may not be able to cope with the load. Rate limits can help mitigate these types of attacks. +For example, one script can make thousands of web requests per second. Whether malicious, apathetic, or just a bug, your application and infrastructure may not be able to cope with the load. Rate limits can help to mitigate these types of attacks. Read more about [configuring rate limits](../security/rate_limits.md) in the Security documentation. @@ -25,17 +25,17 @@ Read more about [configuring rate limits](../security/rate_limits.md) in the Sec This setting limits the request rate to the issue creation endpoint. -Read more on [issue creation rate limits](../user/admin_area/settings/rate_limit_on_issues_creation.md). +Read more about [issue creation rate limits](../user/admin_area/settings/rate_limit_on_issues_creation.md). -- **Default rate limit** - Disabled by default +- **Default rate limit**: Disabled by default. ### By User or IP This setting limits the request rate per user or IP. -Read more on [User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md). +Read more about [User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md). -- **Default rate limit** - Disabled by default +- **Default rate limit**: Disabled by default. ### By raw endpoint @@ -43,9 +43,9 @@ Read more on [User and IP rate limits](../user/admin_area/settings/user_and_ip_r This setting limits the request rate per endpoint. -Read more on [raw endpoint rate limits](../user/admin_area/settings/rate_limits_on_raw_endpoints.md). +Read more about [raw endpoint rate limits](../user/admin_area/settings/rate_limits_on_raw_endpoints.md). -- **Default rate limit** - 300 requests per project, per commit and per file path +- **Default rate limit**: 300 requests per project, per commit and per file path. ### By protected path @@ -65,9 +65,18 @@ GitLab rate limits the following paths by default: '/admin/session' ``` -Read more on [protected path rate limits](../user/admin_area/settings/protected_paths.md). +Read more about [protected path rate limits](../user/admin_area/settings/protected_paths.md). -- **Default rate limit** - After 10 requests, the client must wait 60 seconds before trying again +- **Default rate limit**: After 10 requests, the client must wait 60 seconds before trying again. + +### Package Registry + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57029) in GitLab 13.12. + +This setting limits the request rate on the Packages API per user or IP. For more information, see +[Package Registry Rate Limits](../user/admin_area/settings/package_registry_rate_limits.md). + +- **Default rate limit**: Disabled by default. ### Import/Export @@ -75,16 +84,16 @@ Read more on [protected path rate limits](../user/admin_area/settings/protected_ This setting limits the import/export actions for groups and projects. -| Limit | Default (per minute per user) | -| ----- | ----------------------------- | -| Project Import | 6 | -| Project Export | 6 | +| Limit | Default (per minute per user) | +|-------------------------|-------------------------------| +| Project Import | 6 | +| Project Export | 6 | | Project Export Download | 1 | -| Group Import | 6 | -| Group Export | 6 | -| Group Export | Download | 1 | +| Group Import | 6 | +| Group Export | 6 | +| Group Export Download | 1 | -Read more on [import/export rate limits](../user/admin_area/settings/import_export_rate_limits.md). +Read more about [import/export rate limits](../user/admin_area/settings/import_export_rate_limits.md). ### Rack attack @@ -92,9 +101,9 @@ This method of rate limiting is cumbersome, but has some advantages. It allows throttling of specific paths, and is also integrated into Git and container registry requests. -Read more on the [Rack Attack initializer](../security/rack_attack.md) method of setting rate limits. +Read more about the [Rack Attack initializer](../security/rack_attack.md) method of setting rate limits. -- **Default rate limit** - Disabled +- **Default rate limit**: Disabled. ### Member Invitations @@ -103,15 +112,58 @@ Limit the maximum daily member invitations allowed per group hierarchy. - GitLab.com: Free members may invite 20 members per day. - Self-managed: Invites are not limited. +### Webhook calls + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61151) in GitLab 13.12. +> - [Deployed behind a feature flag](../user/feature_flags.md), disabled by default. +> - Disabled on GitLab.com. +> - Not recommended for production use. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-rate-limiting-for-webhooks). **(FREE SELF)** + +Limit the number of times any given webhook can be called per minute. +This only applies to project and group webhooks. + +Calls over the rate limit are logged into `auth.log`. + +```ruby +# If limits don't exist for the default plan, you can create one with: +# Plan.default.create_limits! + +Plan.default.actual_limits.update!(web_hook_calls: 10) +``` + +Set the limit to `0` to disable it. + +- **Default rate limit**: Disabled. + +#### Enable or disable rate limiting for webhooks **(FREE SELF)** + +Rate limiting for webhooks is under development and not ready for production use. It is +deployed behind a feature flag that is **disabled by default**. +[GitLab administrators with access to the GitLab Rails console](../administration/feature_flags.md) +can enable it. + +To enable it: + +```ruby +Feature.enable(:web_hooks_rate_limit) +``` + +To disable it: + +```ruby +Feature.disable(:web_hooks_rate_limit) +``` + ## Gitaly concurrency limit Clone traffic can put a large strain on your Gitaly service. To prevent such workloads from overwhelming your Gitaly server, you can set concurrency limits in Gitaly's configuration file. -Read more on [Gitaly concurrency limits](gitaly/configure_gitaly.md#limit-rpc-concurrency). +Read more about [Gitaly concurrency limits](gitaly/configure_gitaly.md#limit-rpc-concurrency). -- **Default rate limit** - Disabled +- **Default rate limit**: Disabled. -## Number of comments per issue, merge request or commit +## Number of comments per issue, merge request, or commit > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22388) in GitLab 12.4. @@ -120,7 +172,7 @@ merge request, or commit. When the limit is reached, system notes can still be added so that the history of events is not lost, but user-submitted comments will fail. -- **Max limit:** 5.000 comments +- **Max limit**: 5,000 comments. ## Size of comments and descriptions of issues, merge requests, and epics @@ -132,7 +184,7 @@ item will not be created. It's possible that this limit will be changed to a lower number in the future. -- **Max size:** ~1 million characters / ~1 MB +- **Max size**: ~1 million characters / ~1 MB. ## Size of commit titles and descriptions @@ -152,7 +204,7 @@ The maximum number of issues loaded on the milestone overview page is 500. When the number exceeds the limit the page displays an alert and links to a paginated [issue list](../user/project/issues/managing_issues.md) of all issues in the milestone. -- **Limit:** 500 issues +- **Limit**: 500 issues. ## Number of pipelines per Git push @@ -174,13 +226,13 @@ Activity history for projects and individuals' profiles was limited to one year There is a limit when embedding metrics in GFM for performance reasons. -- **Max limit:** 100 embeds +- **Max limit**: 100 embeds. ## Number of webhooks On GitLab.com, the [maximum number of webhooks and their size](../user/gitlab_com/index.md#webhooks) per project, and per group, is limited. -To set this limit on a self-managed installation, where the default is `100` project webhooks and `50` group webhooks, run the following in the +To set this limit for a self-managed installation, where the default is `100` project webhooks and `50` group webhooks, run the following in the [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session): ```ruby @@ -203,7 +255,7 @@ Set the limit to `0` to disable it. The [minimum time between pull refreshes](../user/project/repository/repository_mirroring.md) defaults to 300 seconds (5 minutes). -To change this limit on a self-managed installation, run the following in the +To change this limit for a self-managed installation, run the following in the [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session): ```ruby @@ -220,14 +272,14 @@ Plan.default.actual_limits.update!(pull_mirror_interval_seconds: 200) GitLab ignores all incoming emails sent from auto-responders by looking for the `X-Autoreply` header. Such emails don't create comments on issues or merge requests. -## Amount of data sent from Sentry via Error Tracking +## Amount of data sent from Sentry through Error Tracking > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14926) in GitLab 12.6. Sentry payloads sent to GitLab have a 1 MB maximum limit, both for security reasons and to limit memory consumption. -## Max offset allowed via REST API for offset-based pagination +## Max offset allowed by the REST API for offset-based pagination > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/34565) in GitLab 13.0. @@ -236,7 +288,7 @@ requested offset into the set of results. This limit is only applied to endpoint support keyset-based pagination. More information about pagination options can be found in the [API docs section on pagination](../api/README.md#pagination). -To set this limit on a self-managed installation, run the following in the +To set this limit for a self-managed installation, run the following in the [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session): ```ruby @@ -246,7 +298,7 @@ To set this limit on a self-managed installation, run the following in the Plan.default.actual_limits.update!(offset_pagination_limit: 10000) ``` -- **Default offset pagination limit:** 50000 +- **Default offset pagination limit**: `50000`. Set the limit to `0` to disable it. @@ -272,7 +324,7 @@ will fail with a `job_activity_limit_exceeded` error. higher installations, this limit is defined under a `default` plan that affects all projects. This limit is disabled (`0`) by default. -To set this limit on a self-managed installation, run the following in the +To set this limit for a self-managed installation, run the following in the [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session): ```ruby @@ -295,7 +347,7 @@ too many deployments fail with a `deployments_limit_exceeded` error. The default limit is 500 for all [GitLab self-managed and SaaS plans](https://about.gitlab.com/pricing/). -To change the limit on a self-managed installation, change the `default` plan's limit with the following +To change the limit for a self-managed installation, change the `default` plan's limit with the following [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session) command: ```ruby @@ -323,7 +375,7 @@ limit, the subscription will be considered invalid. or higher installations, this limit is defined under a `default` plan that affects all projects. By default, there is a limit of `2` subscriptions. -To set this limit on a self-managed installation, run the following in the +To set this limit for a self-managed installation, run the following in the [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session): ```ruby @@ -348,7 +400,7 @@ On [GitLab Premium](https://about.gitlab.com/pricing/) self-managed or higher installations, this limit is defined under a `default` plan that affects all projects. By default, there is a limit of `10` pipeline schedules. -To set this limit on a self-managed installation, run the following in the +To set this limit for a self-managed installation, run the following in the [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session): ```ruby @@ -426,6 +478,32 @@ installation, run the following in the [GitLab Rails console](operations/rails_c Plan.default.actual_limits.update!(ci_max_artifact_size_junit: 10) ``` +### Number of registered runners per scope + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321368) in GitLab 13.12. + +The total number of registered runners is limited at the group and project +levels. Each time a new runner is registered, GitLab checks these limits. A +runner's registration fails if it exceeds the limit for the scope determined by +the runner registration token. + +- GitLab SaaS subscribers have different limits defined per plan, affecting all projects using that plan. +- Self-managed GitLab Premium and Ultimate limits are defined by a default plan that affects all projects: + + | Runner scope | Default value | + |---------------------------------------------|---------------| + | `ci_registered_group_runners` | 1000 | + | `ci_registered_project_runners` | 1000 | + + To update these limits, run the following in the + [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session): + + ```ruby + # Use ci_registered_group_runners or ci_registered_project_runners + # depending on desired scope + Plan.default.actual_limits.update!(ci_registered_project_runners: 100) + ``` + ## Instance monitoring and metrics ### Incident Management inbound alert limits @@ -496,11 +574,11 @@ See [Environment Dashboard](../ci/environments/environments_dashboard.md#adding- Pods and Deployments. However, data over 10 MB for a certain environment read from Kubernetes won't be shown. -## Merge Request reports +## Merge request reports Reports that go over the 20 MB limit won't be loaded. Affected reports: -- [Merge Request security reports](../user/project/merge_requests/testing_and_reports_in_merge_requests.md#security-reports) +- [Merge request security reports](../user/project/merge_requests/testing_and_reports_in_merge_requests.md#security-reports) - [CI/CD parameter `artifacts:expose_as`](../ci/yaml/README.md#artifactsexpose_as) - [Unit test reports](../ci/unit_test_reports.md) @@ -514,8 +592,8 @@ You can set a limit on the content of repository files that are indexed in Elasticsearch. Any files larger than this limit will not be indexed, and thus will not be searchable. -Setting a limit helps reduce the memory usage of the indexing processes as well -as the overall index size. This value defaults to `1024 KiB` (1 MiB) as any +Setting a limit helps reduce the memory usage of the indexing processes and +the overall index size. This value defaults to `1024 KiB` (1 MiB) as any text files larger than this likely aren't meant to be read by humans. You must set a limit, as unlimited file sizes aren't supported. Setting this @@ -535,8 +613,8 @@ This is applicable to all indexed data except repository files that get indexed, which have a separate limit (see [Maximum file size indexed](#maximum-file-size-indexed)). -- On GitLab.com this is limited to 20000 characters -- For self-managed installations it is unlimited by default +- On GitLab.com, this is limited to 20,000 characters +- For self-managed installations, this is unlimited by default This limit can be configured for self-managed installations when [enabling Elasticsearch](../integration/elasticsearch.md#enabling-advanced-search). @@ -550,7 +628,7 @@ Set the limit to `0` to disable it. ## Snippets limits -See the [documentation on Snippets settings](snippets/index.md). +See the [documentation about Snippets settings](snippets/index.md). ## Design Management limits @@ -587,14 +665,14 @@ More information can be found in the [Push event activities limit and bulk push On GitLab.com, the maximum file size for a package that's uploaded to the [GitLab Package Registry](../user/packages/package_registry/index.md) varies by format: -- Conan: 5GB -- Generic: 5GB -- Maven: 5GB -- npm: 5GB -- NuGet: 5GB -- PyPI: 5GB +- Conan: 5 GB +- Generic: 5 GB +- Maven: 5 GB +- npm: 5 GB +- NuGet: 5 GB +- PyPI: 5 GB -To set this limit on a self-managed installation, run the following in the +To set this limit for a self-managed installation, run the following in the [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session): ```ruby diff --git a/doc/administration/job_artifacts.md b/doc/administration/job_artifacts.md index bec1fa6ad05..187e98e9b43 100644 --- a/doc/administration/job_artifacts.md +++ b/doc/administration/job_artifacts.md @@ -5,12 +5,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference, howto --- -# Jobs artifacts administration +# Jobs artifacts administration **(FREE SELF)** -> - Introduced in GitLab 8.2 and GitLab Runner 0.7.0. -> - Starting with GitLab 8.4 and GitLab Runner 1.0, the artifacts archive format changed to `ZIP`. -> - Starting with GitLab 8.17, builds are renamed to jobs. -> - This is the administration documentation. For the user guide see [pipelines/job_artifacts](../ci/pipelines/job_artifacts.md). +This is the administration documentation. For the user guide see [pipelines/job_artifacts](../ci/pipelines/job_artifacts.md). Artifacts is a list of files and directories which are attached to a job after it finishes. This feature is enabled by default in all GitLab installations. Keep reading @@ -87,12 +84,7 @@ _The artifacts are stored by default in ### Using object storage -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/1762) in -> [GitLab Premium](https://about.gitlab.com/pricing/) 9.4. -> - Since version 9.5, artifacts are [browsable](../ci/pipelines/job_artifacts.md#download-job-artifacts), -> when object storage is enabled. 9.4 lacks this feature. -> - Since version 10.6, available in [GitLab Free](https://about.gitlab.com/pricing/). -> - Since version 11.0, we support `direct_upload` to S3. +> Introduced in GitLab 11.0: Support for `direct_upload` to S3. If you don't want to use the local disk where GitLab is installed to store the artifacts, you can use an object storage like AWS S3 instead. @@ -118,14 +110,14 @@ This section describes the earlier configuration format. For source installations the following settings are nested under `artifacts:` and then `object_store:`. On Omnibus GitLab installs they are prefixed by `artifacts_object_store_`. -| Setting | Default | Description | -|---------------------|---------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `enabled` | `false` | Enable/disable object storage | -| `remote_directory` | | The bucket name where Artifacts are stored | -| `direct_upload` | `false` | Set to `true` to enable direct upload of Artifacts without the need of local shared storage. Option may be removed once we decide to support only single storage for all files. | -| `background_upload` | `true` | Set to `false` to disable automatic upload. Option may be removed once upload is direct to S3 | +| Setting | Default | Description | +|---------------------|---------|-------------| +| `enabled` | `false` | Enable or disable object storage. | +| `remote_directory` | | The bucket name where Artifacts are stored. | +| `direct_upload` | `false` | Set to `true` to enable direct upload of Artifacts without the need of local shared storage. Option may be removed once we decide to support only single storage for all files. | +| `background_upload` | `true` | Set to `false` to disable automatic upload. Option may be removed once upload is direct to S3. | | `proxy_download` | `false` | Set to `true` to enable proxying all files served. Option allows to reduce egress traffic as this allows clients to download directly from remote storage instead of proxying all data. | -| `connection` | | Various connection options described below | +| `connection` | | Various connection options described below. | #### Connection settings @@ -370,42 +362,6 @@ steps below. If the `expire` directive is not set explicitly in your pipeline, artifacts expire per the default artifacts expiration setting, which you can find in the [CI/CD Administration settings](../user/admin_area/settings/continuous_integration.md). -## Validation for dependencies - -> Introduced in GitLab 10.3. - -To disable [the dependencies validation](../ci/yaml/README.md#when-a-dependent-job-fails), -you can enable the `ci_validate_build_dependencies_override` feature flag from a Rails console. - -**In Omnibus installations:** - -1. Enter the Rails console: - - ```shell - sudo gitlab-rails console - ``` - -1. Enable the feature flag to disable the validation: - - ```ruby - Feature.enable(:ci_validate_build_dependencies_override) - ``` - -**In installations from source:** - -1. Enter the Rails console: - - ```shell - cd /home/git/gitlab - sudo -u git -H bundle exec rails console -e production - ``` - -1. Enable the feature flag to disable the validation: - - ```ruby - Feature.enable(:ci_validate_build_dependencies_override) - ``` - ## Set the maximum file size of the artifacts If artifacts are enabled, you can change the maximum file size of the diff --git a/doc/administration/job_logs.md b/doc/administration/job_logs.md index 1afadcaf668..93f83311cad 100644 --- a/doc/administration/job_logs.md +++ b/doc/administration/job_logs.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference --- -# Job logs +# Job logs **(FREE SELF)** > [Renamed from job traces to job logs](https://gitlab.com/gitlab-org/gitlab/-/issues/29121) in GitLab 12.5. @@ -109,7 +109,7 @@ See "Phase 4: uploading" in [Data flow](#data-flow) to learn about the process. If you want to avoid any local disk usage for job logs, you can do so using one of the following options: -- Enable the [beta incremental logging](#new-incremental-logging-architecture) feature. +- Enable the [beta incremental logging](#incremental-logging-architecture) feature. - Set the [job logs location](#changing-the-job-logs-local-location) to an NFS drive. @@ -128,16 +128,28 @@ This command permanently deletes the log files and is irreversible. find /var/opt/gitlab/gitlab-rails/shared/artifacts -name "job.log" -mtime +60 -delete ``` -## New incremental logging architecture +## Incremental logging architecture -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/18169) in GitLab 10.4. +> - [Deployed behind a feature flag](../user/feature_flags.md), disabled by default. +> - Enabled on GitLab.com. +> - [Recommended for production use](https://gitlab.com/groups/gitlab-org/-/epics/4275) in GitLab 13.6. +> - [Recommended for production use with AWS S3](https://gitlab.com/gitlab-org/gitlab/-/issues/273498) in GitLab 13.7. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-incremental-logging). **(FREE SELF)** -NOTE: -This beta feature is off by default. See below for how to [enable or disable](#enabling-incremental-logging) it. +Job logs are sent from the GitLab Runner in chunks and cached temporarily on disk +in `/var/opt/gitlab/gitlab-ci/builds` by Omnibus GitLab. After the job completes, +a background job archives the job log. The log is moved to `/var/opt/gitlab/gitlab-rails/shared/artifacts/` +by default, or to object storage if configured. -By combining the process with object storage settings, we can completely bypass -the local file storage. This is a useful option if GitLab is installed as -cloud-native, for example on Kubernetes. +In a [scaled-out architecture](reference_architectures/index.md) with Rails and Sidekiq running on more than one +server, these two locations on the filesystem have to be shared using NFS. + +To eliminate both filesystem requirements: + +- Enable the incremental logging feature, which uses Redis instead of disk space for temporary caching of job logs. +- Configure [object storage](job_artifacts.md#object-storage-settings) for storing archived job logs. + +### Technical details The data flow is the same as described in the [data flow section](#data-flow) with one change: _the stored path of the first two phases is different_. This incremental @@ -159,67 +171,39 @@ Here is the detailed data flow: 1. The Sidekiq worker archives the log to object storage and cleans up the log in Redis and a persistent store (object storage or the database). -### Enabling incremental logging +### Limitations -The following commands are to be issued in a Rails console: +- [Redis cluster is not supported](https://gitlab.com/gitlab-org/gitlab/-/issues/224171). +- You must configure [object storage for CI/CD artifacts, logs, and builds](job_artifacts.md#object-storage-settings) + before you enable the feature flag. After the flag is enabled, files cannot be written + to disk, and there is no protection against misconfiguration. +- There is [an epic tracking other potential limitations and improvements](https://gitlab.com/groups/gitlab-org/-/epics/3791). -```shell -# Omnibus GitLab -gitlab-rails console +### Enable or disable incremental logging **(FREE SELF)** -# Installation from source -cd /home/git/gitlab -sudo -u git -H bin/rails console -e production -``` +Incremental logging is under development, but ready for production use. It is +deployed behind a feature flag that is **disabled by default**. +[GitLab administrators with access to the GitLab Rails console](feature_flags.md) +can enable it. -**To check if incremental logging (trace) is enabled:** +Before you enable the feature flag: -```ruby -Feature.enabled?(:ci_enable_live_trace) -``` +- Review [the limitations of incremental logging](#limitations). +- [Enable object storage](job_artifacts.md#object-storage-settings). -**To enable incremental logging (trace):** +To enable incremental logging: ```ruby Feature.enable(:ci_enable_live_trace) ``` -NOTE: -The transition period is handled gracefully. Upcoming logs are -generated with the incremental architecture, and on-going logs stay with the -legacy architecture, which means that on-going logs aren't forcibly -re-generated with the incremental architecture. +Running jobs' logs continue to be written to disk, but new jobs use +incremental logging. -**To disable incremental logging (trace):** +To disable incremental logging: ```ruby -Feature.disable('ci_enable_live_trace') +Feature.disable(:ci_enable_live_trace) ``` -NOTE: -The transition period is handled gracefully. Upcoming logs are generated -with the legacy architecture, and on-going incremental logs stay with the incremental -architecture, which means that on-going incremental logs aren't forcibly re-generated -with the legacy architecture. - -### Potential implications - -In some cases, having data stored on Redis could incur data loss: - -1. **Case 1: When all data in Redis are accidentally flushed** - - On going incremental logs could be recovered by re-sending logs (this is - supported by all versions of GitLab Runner). - - Finished jobs which have not archived incremental logs lose the last part - (~128KB) of log data. - -1. **Case 2: When Sidekiq workers fail to archive (e.g., there was a bug that - prevents archiving process, Sidekiq inconsistency, etc.)** - - All log data in Redis is deleted after one week. If the - Sidekiq workers can't finish by the expiry date, the part of log data is lost. - -Another issue that might arise is that it could consume all memory on the Redis -instance. If the number of jobs is 1000, 128MB (128KB * 1000) is consumed. - -Also, it could pressure the database replication lag. `INSERT`s are generated to -indicate that we have log chunk. `UPDATE`s with 128KB of data is issued once we -receive multiple chunks. +Running jobs continue to use incremental logging, but new jobs write to the disk. diff --git a/doc/administration/lfs/img/git-annex-branches.png b/doc/administration/lfs/img/git-annex-branches.png Binary files differdeleted file mode 100644 index 3d614f68177..00000000000 --- a/doc/administration/lfs/img/git-annex-branches.png +++ /dev/null diff --git a/doc/administration/maintenance_mode/index.md b/doc/administration/maintenance_mode/index.md index 437f59247f6..7fd383eabae 100644 --- a/doc/administration/maintenance_mode/index.md +++ b/doc/administration/maintenance_mode/index.md @@ -10,9 +10,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w Maintenance Mode allows administrators to reduce write operations to a minimum while maintenance tasks are performed. The main goal is to block all external actions that change the internal state, including the PostgreSQL database, but especially files, Git repositories, Container repositories, etc. -Once Maintenance Mode is enabled, in-progress actions will finish relatively quickly since no new actions are coming in, and internal state changes will be minimal. +Once Maintenance Mode is enabled, in-progress actions finish relatively quickly since no new actions are coming in, and internal state changes are minimal. In that state, various maintenance tasks are easier, and services can be stopped completely or be -further degraded for a much shorter period of time than might otherwise be needed, for example stopping cron jobs and draining queues should be fairly quick. +further degraded for a much shorter period of time than might otherwise be needed. For example, stopping cron jobs and draining queues should be fairly quick. Maintenance Mode allows most external actions that do not change internal state. On a high-level, HTTP POST, PUT, PATCH, and DELETE requests are blocked and a detailed overview of [how special cases are handled](#rest-api) is available. @@ -74,33 +74,33 @@ In some cases, the visual feedback from an action could be misleading, for examp ### Admin functions -Systems administrators can edit the application settings. This will allow +Systems administrators can edit the application settings. This allows them to disable Maintenance Mode after it's been enabled. ### Authentication All users can log in and out of the GitLab instance but no new users can be created. -If there are [LDAP syncs](../auth/ldap/index.md) scheduled for that time, they will fail since user creation is disabled. Similarly, [user creations based on SAML](../../integration/saml.md#general-setup) will fail. +If there are [LDAP syncs](../auth/ldap/index.md) scheduled for that time, they fail since user creation is disabled. Similarly, [user creations based on SAML](../../integration/saml.md#general-setup) fail. ### Git actions -All read-only Git operations will continue to work, for example -`git clone` and `git pull`. All write operations will fail, both through the CLI and Web IDE with the error message: `Git push is not allowed because this GitLab instance is currently in (read-only) maintenance mode.` +All read-only Git operations continue to work, for example +`git clone` and `git pull`. All write operations fail, both through the CLI and Web IDE with the error message: `Git push is not allowed because this GitLab instance is currently in (read-only) maintenance mode.` -If Geo is enabled, Git pushes to both primary and secondaries will fail. +If Geo is enabled, Git pushes to both primary and secondaries fail. ### Merge requests, issues, epics -All write actions except those mentioned above will fail. For example, a user cannot update merge requests or issues. +All write actions except those mentioned above fail. For example, a user cannot update merge requests or issues. ### Incoming email -Creating new issue replies, issues (including new Service Desk issues), merge requests [by email](../incoming_email.md) will fail. +Creating new issue replies, issues (including new Service Desk issues), merge requests [by email](../incoming_email.md) fail. ### Outgoing email -Notification emails will continue to arrive, but emails that require database writes, like resetting the password, will not arrive. +Notification emails continue to arrive, but emails that require database writes, like resetting the password, do not arrive. ### REST API diff --git a/doc/administration/monitoring/performance/img/performance_bar_external_http_calls.png b/doc/administration/monitoring/performance/img/performance_bar_external_http_calls.png Binary files differdeleted file mode 100644 index 45f2b0956e9..00000000000 --- a/doc/administration/monitoring/performance/img/performance_bar_external_http_calls.png +++ /dev/null diff --git a/doc/administration/monitoring/performance/img/performance_bar_frontend.png b/doc/administration/monitoring/performance/img/performance_bar_frontend.png Binary files differdeleted file mode 100644 index 9cc874c883a..00000000000 --- a/doc/administration/monitoring/performance/img/performance_bar_frontend.png +++ /dev/null diff --git a/doc/administration/monitoring/performance/img/performance_bar_gitaly_calls.png b/doc/administration/monitoring/performance/img/performance_bar_gitaly_calls.png Binary files differdeleted file mode 100644 index 6caa2869d9b..00000000000 --- a/doc/administration/monitoring/performance/img/performance_bar_gitaly_calls.png +++ /dev/null diff --git a/doc/administration/monitoring/performance/img/performance_bar_redis_calls.png b/doc/administration/monitoring/performance/img/performance_bar_redis_calls.png Binary files differdeleted file mode 100644 index f2df8c794db..00000000000 --- a/doc/administration/monitoring/performance/img/performance_bar_redis_calls.png +++ /dev/null diff --git a/doc/administration/monitoring/performance/img/performance_bar_request_selector_warning_expanded.png b/doc/administration/monitoring/performance/img/performance_bar_request_selector_warning_expanded.png Binary files differdeleted file mode 100644 index 36553f513e1..00000000000 --- a/doc/administration/monitoring/performance/img/performance_bar_request_selector_warning_expanded.png +++ /dev/null diff --git a/doc/administration/monitoring/performance/img/performance_bar_rugged_calls.png b/doc/administration/monitoring/performance/img/performance_bar_rugged_calls.png Binary files differdeleted file mode 100644 index 0340ca1b2f7..00000000000 --- a/doc/administration/monitoring/performance/img/performance_bar_rugged_calls.png +++ /dev/null diff --git a/doc/administration/monitoring/performance/img/performance_bar_sql_queries.png b/doc/administration/monitoring/performance/img/performance_bar_sql_queries.png Binary files differdeleted file mode 100644 index ef74e0a3b6e..00000000000 --- a/doc/administration/monitoring/performance/img/performance_bar_sql_queries.png +++ /dev/null diff --git a/doc/administration/monitoring/performance/performance_bar.md b/doc/administration/monitoring/performance/performance_bar.md index f6aa60b36a1..dd43c7d6fbb 100644 --- a/doc/administration/monitoring/performance/performance_bar.md +++ b/doc/administration/monitoring/performance/performance_bar.md @@ -18,25 +18,20 @@ From left to right, it displays: - **Current Host**: the current host serving the page. - **Database queries**: the time taken (in milliseconds) and the total number of database queries, displayed in the format `00ms / 00 (00 cached) pg`. Click to display - a modal window with more details: -  + a modal window with more details. - **Gitaly calls**: the time taken (in milliseconds) and the total number of [Gitaly](../../gitaly/index.md) calls. Click to display a modal window with more - details: -  + details. - **Rugged calls**: the time taken (in milliseconds) and the total number of [Rugged](../../nfs.md#improving-nfs-performance-with-gitlab) calls. - Click to display a modal window with more details: -  + Click to display a modal window with more details. - **Redis calls**: the time taken (in milliseconds) and the total number of - Redis calls. Click to display a modal window with more details: -  + Redis calls. Click to display a modal window with more details. - **Elasticsearch calls**: the time taken (in milliseconds) and the total number of Elasticsearch calls. Click to display a modal window with more details. - **External HTTP calls**: the time taken (in milliseconds) and the total number of external calls to other systems. Click to display a modal window - with more details -  + with more details. - **Load timings** of the page: if your browser supports load timings (Chromium and Chrome) several values in milliseconds, separated by slashes. Click to display a modal window with more details. The values, from left to right: @@ -44,8 +39,7 @@ From left to right, it displays: - [**First Contentful Paint**](https://web.dev/first-contentful-paint/): Time until something was visible to the user. - [**DomContentLoaded**](https://developers.google.com/web/fundamentals/performance/critical-rendering-path/measure-crp) Event. - - **Total number of requests** the page loaded: -  + - **Total number of requests** the page loaded. - **Trace**: If Jaeger is integrated, **Trace** links to a Jaeger tracing page with the current request's `correlation_id` included. - **+**: A link to add a request's details to the performance bar. The request @@ -60,21 +54,18 @@ From left to right, it displays: ## Request warnings -Requests exceeding predefined limits display a warning **{warning}** icon and -explanation next to the failing metric. In this example, the Gitaly call duration -exceeded the threshold: +Requests that exceed predefined limits display a warning **{warning}** icon and +explanation next to the metric. In this example, the Gitaly call duration +exceeded the threshold.  If any requests on the current page generated warnings, the warning icon displays -next to the **Request selector**: +next to the **Requests** selector menu. In this selector menu, an exclamation `(!)` +appears next to requests with warnings.  -Requests with warnings display `(!)` after their path in the **Request selector**: - - - ## Enable the Performance Bar via the Admin Area The GitLab Performance Bar is disabled by default. To enable it for a given group: diff --git a/doc/administration/monitoring/prometheus/gitlab_metrics.md b/doc/administration/monitoring/prometheus/gitlab_metrics.md index 9f87192aab0..f29db9ead38 100644 --- a/doc/administration/monitoring/prometheus/gitlab_metrics.md +++ b/doc/administration/monitoring/prometheus/gitlab_metrics.md @@ -74,8 +74,6 @@ The following metrics are available: | `gitlab_transaction_event_import_repository_total` | Counter | 9.4 | Counter for repository imports (RepositoryImportWorker) | | | `gitlab_transaction_event_patch_hard_limit_bytes_hit_total` | Counter | 13.9 | Counter for diff patch size limit hits | | | `gitlab_transaction_event_push_branch_total` | Counter | 9.4 | Counter for all branch pushes | | -| `gitlab_transaction_event_push_commit_total` | Counter | 9.4 | Counter for commits | `branch` | -| `gitlab_transaction_event_push_tag_total` | Counter | 9.4 | Counter for tag pushes | | | `gitlab_transaction_event_rails_exception_total` | Counter | 9.4 | Counter for number of rails exceptions | | | `gitlab_transaction_event_receive_email_total` | Counter | 9.4 | Counter for received emails | `handler` | | `gitlab_transaction_event_remote_mirrors_failed_total` | Counter | 10.8 | Counter for failed remote mirrors | | @@ -129,6 +127,9 @@ The following metrics are available: | `pipeline_graph_link_calculation_duration_seconds` | Histogram | 13.9 | Total time spent calculating links, in seconds | | | `pipeline_graph_links_total` | Histogram | 13.9 | Number of links per graph | | | `pipeline_graph_links_per_job_ratio` | Histogram | 13.9 | Ratio of links to job per graph | | +| `gitlab_ci_pipeline_security_orchestration_policy_processing_duration_seconds` | Histogram | 13.12 | Time in seconds it takes to process Security Policies in CI/CD pipeline | | +| `gitlab_ci_difference_live_vs_actual_minutes` | Histogram | 13.12 | Difference between CI minute consumption counted while jobs were running (live) vs when jobs are complete (actual). Used to enforce CI minute consumption limits on long running jobs. | `plan` | +| `gitlab_spamcheck_request_duration_seconds` | Histogram | 13.12 | The duration for requests between Rails and the anti-spam engine | | ## Metrics controlled by a feature flag @@ -214,11 +215,15 @@ configuration option in `gitlab.yml`. These metrics are served from the | `geo_package_files_failed` | Gauge | 13.3 | Number of syncable package files failed to sync on secondary | `url` | | `geo_package_files_registry` | Gauge | 13.3 | Number of package files in the registry | `url` | | `geo_terraform_state_versions` | Gauge | 13.5 | Number of terraform state versions on primary | `url` | -| `geo_terraform_state_versions_checksummed` | Gauge | 13.5 | Number of terraform state versions checksummed on primary | `url` | +| `geo_terraform_state_versions_checksummed` | Gauge | 13.5 | Number of terraform state versions checksummed successfully on primary | `url` | | `geo_terraform_state_versions_checksum_failed` | Gauge | 13.5 | Number of terraform state versions failed to calculate the checksum on primary | `url` | +| `geo_terraform_state_versions_checksum_total` | Gauge | 13.12 | Number of terraform state versions tried to checksum on primary | `url` | | `geo_terraform_state_versions_synced` | Gauge | 13.5 | Number of syncable terraform state versions synced on secondary | `url` | | `geo_terraform_state_versions_failed` | Gauge | 13.5 | Number of syncable terraform state versions failed to sync on secondary | `url` | | `geo_terraform_state_versions_registry` | Gauge | 13.5 | Number of terraform state versions in the registry | `url` | +| `geo_terraform_state_versions_verified` | Gauge | 13.12 | Number of terraform state versions verified on secondary | `url` | +| `geo_terraform_state_versions_verification_failed` | Gauge | 13.12 | Number of terraform state versions verifications failed on secondary | `url` | +| `geo_terraform_state_versions_verification_total` | Gauge | 13.12 | Number of terraform state versions verifications tried on secondary | `url` | | `global_search_bulk_cron_queue_size` | Gauge | 12.10 | Number of database records waiting to be synchronized to Elasticsearch | | | `global_search_awaiting_indexing_queue_size` | Gauge | 13.2 | Number of database updates waiting to be synchronized to Elasticsearch while indexing is paused | | | `geo_merge_request_diffs` | Gauge | 13.4 | Number of merge request diffs on primary | `url` | @@ -254,7 +259,7 @@ The following metrics are available: |:--------------------------------- |:--------- |:------------------------------------------------------------- |:-------------------------------------- |:--------------------------------------------------------- | | `db_load_balancing_hosts` | Gauge | [12.3](https://gitlab.com/gitlab-org/gitlab/-/issues/13630) | Current number of load balancing hosts | | | `sidekiq_load_balancing_count` | Counter | 13.11 | Sidekiq jobs using load balancing with data consistency set to :sticky or :delayed | `queue`, `boundary`, `external_dependencies`, `feature_category`, `job_status`, `urgency`, `data_consistency`, `database_chosen` | - + ## Database partitioning metrics **(PREMIUM SELF)** The following metrics are available: diff --git a/doc/administration/monitoring/prometheus/postgres_exporter.md b/doc/administration/monitoring/prometheus/postgres_exporter.md index 783030a9220..8a851afe35b 100644 --- a/doc/administration/monitoring/prometheus/postgres_exporter.md +++ b/doc/administration/monitoring/prometheus/postgres_exporter.md @@ -6,7 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # PostgreSQL Server Exporter **(FREE SELF)** -The [PostgreSQL Server Exporter](https://github.com/wrouesnel/postgres_exporter) allows you to export various PostgreSQL metrics. +The [PostgreSQL Server Exporter](https://github.com/prometheus-community/postgres_exporter) allows you to export various PostgreSQL metrics. For installations from source you must install and configure it yourself. diff --git a/doc/administration/nfs.md b/doc/administration/nfs.md index 52948732766..c49a2c20ed2 100644 --- a/doc/administration/nfs.md +++ b/doc/administration/nfs.md @@ -22,8 +22,8 @@ file system performance, see ## Gitaly and NFS deprecation WARNING: -From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories will no longer be -considered and customer technical support will be considered out of scope. +From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories are no longer +considered and customer technical support is considered out of scope. [Read more about Gitaly and NFS](gitaly/index.md#nfs-deprecation-notice) and [the correct mount options to use](#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). @@ -81,8 +81,8 @@ When you define your NFS exports, we recommend you also add the following options: - `no_root_squash` - NFS normally changes the `root` user to `nobody`. This is - a good security measure when NFS shares will be accessed by many different - users. However, in this case only GitLab will use the NFS share so it + a good security measure when NFS shares are accessed by many different + users. However, in this case only GitLab uses the NFS share so it is safe. GitLab recommends the `no_root_squash` setting because we need to manage file permissions automatically. Without the setting you may receive errors when the Omnibus package tries to alter permissions. Note that GitLab @@ -137,15 +137,15 @@ NFS performance with GitLab can in some cases be improved with [Rugged](https://github.com/libgit2/rugged). NOTE: -From GitLab 12.1, it will automatically be detected if Rugged can and should be used per storage. +From GitLab 12.1, it automatically detects if Rugged can and should be used per storage. -If you previously enabled Rugged using the feature flag, you will need to unset the feature flag by using: +If you previously enabled Rugged using the feature flag, you need to unset the feature flag by using: ```shell sudo gitlab-rake gitlab:features:unset_rugged ``` -If the Rugged feature flag is explicitly set to either `true` or `false`, GitLab will use the value explicitly set. +If the Rugged feature flag is explicitly set to either `true` or `false`, GitLab uses the value explicitly set. #### Improving NFS performance with Puma @@ -190,7 +190,7 @@ Note there are several options that you should consider using: | `lookupcache=positive` | Tells the NFS client to honor `positive` cache results but invalidates any `negative` cache results. Negative cache results cause problems with Git. Specifically, a `git push` can fail to register uniformly across all NFS clients. The negative cache causes the clients to 'remember' that the files did not exist previously. | `hard` | Instead of `soft`. [Further details](#soft-mount-option). | `cto` | `cto` is the default option, which you should use. Do not use `nocto`. [Further details](#nocto-mount-option). -| `_netdev` | Wait to mount filesystem until network is online. See also the [`high_availability['mountpoint']`](https://docs.gitlab.com/omnibus/settings/configuration.html#only-start-omnibus-gitlab-services-after-a-given-file-system-is-mounted) option. +| `_netdev` | Wait to mount file system until network is online. See also the [`high_availability['mountpoint']`](https://docs.gitlab.com/omnibus/settings/configuration.html#only-start-omnibus-gitlab-services-after-a-given-file-system-is-mounted) option. #### `soft` mount option @@ -222,7 +222,7 @@ they highlight that if the NFS client driver caches data, `soft` means there is writes by GitLab are actually on disk. Mount points set with the option `hard` may not perform as well, and if the -NFS server goes down, `hard` will cause processes to hang when interacting with +NFS server goes down, `hard` causes processes to hang when interacting with the mount point. Use `SIGKILL` (`kill -9`) to deal with hung processes. The `intr` option [stopped working in the 2.6 kernel](https://access.redhat.com/solutions/157873). @@ -260,7 +260,7 @@ mountpoint └── uploads ``` -To do so, we'll need to configure Omnibus with the paths to each directory nested +To do so, configure Omnibus with the paths to each directory nested in the mount point as follows: Mount `/gitlab-nfs` then use the following Omnibus @@ -274,7 +274,7 @@ gitlab_ci['builds_directory'] = '/gitlab-nfs/gitlab-data/builds' ``` Run `sudo gitlab-ctl reconfigure` to start using the central location. Be aware -that if you had existing data, you'll need to manually copy or rsync it to +that if you had existing data, you need to manually copy or rsync it to these new locations, and then restart GitLab. ### Bind mounts @@ -296,21 +296,21 @@ NFS mount point is `/gitlab-nfs`. Then, add the following bind mounts in /gitlab-nfs/gitlab-data/builds /var/opt/gitlab/gitlab-ci/builds none bind 0 0 ``` -Using bind mounts will require manually making sure the data directories +Using bind mounts requires you to manually make sure the data directories are empty before attempting a restore. Read more about the [restore prerequisites](../raketasks/backup_restore.md). ### Multiple NFS mounts -When using default Omnibus configuration you will need to share 4 data locations +When using default Omnibus configuration you need to share 4 data locations between all GitLab cluster nodes. No other locations should be shared. The following are the 4 locations need to be shared: | Location | Description | Default configuration | | -------- | ----------- | --------------------- | -| `/var/opt/gitlab/git-data` | Git repository data. This will account for a large portion of your data | `git_data_dirs({"default" => { "path" => "/var/opt/gitlab/git-data"} })` +| `/var/opt/gitlab/git-data` | Git repository data. This accounts for a large portion of your data | `git_data_dirs({"default" => { "path" => "/var/opt/gitlab/git-data"} })` | `/var/opt/gitlab/gitlab-rails/uploads` | User uploaded attachments | `gitlab_rails['uploads_directory'] = '/var/opt/gitlab/gitlab-rails/uploads'` -| `/var/opt/gitlab/gitlab-rails/shared` | Build artifacts, GitLab Pages, LFS objects, temp files, etc. If you're using LFS this may also account for a large portion of your data | `gitlab_rails['shared_path'] = '/var/opt/gitlab/gitlab-rails/shared'` +| `/var/opt/gitlab/gitlab-rails/shared` | Build artifacts, GitLab Pages, LFS objects, temp files, and so on. If you're using LFS this may also account for a large portion of your data | `gitlab_rails['shared_path'] = '/var/opt/gitlab/gitlab-rails/shared'` | `/var/opt/gitlab/gitlab-ci/builds` | GitLab CI/CD build traces | `gitlab_ci['builds_directory'] = '/var/opt/gitlab/gitlab-ci/builds'` Other GitLab directories should not be shared between nodes. They contain @@ -318,7 +318,7 @@ node-specific files and GitLab code that does not need to be shared. To ship logs to a central location consider using remote syslog. Omnibus GitLab packages provide configuration for [UDP log shipping](https://docs.gitlab.com/omnibus/settings/logs.html#udp-log-shipping-gitlab-enterprise-edition-only). -Having multiple NFS mounts will require manually making sure the data directories +Having multiple NFS mounts requires you to manually make sure the data directories are empty before attempting a restore. Read more about the [restore prerequisites](../raketasks/backup_restore.md). @@ -348,7 +348,7 @@ Any `Operation not permitted` errors means you should investigate your NFS serve ## NFS in a Firewalled Environment If the traffic between your NFS server and NFS client(s) is subject to port filtering -by a firewall, then you will need to reconfigure that firewall to allow NFS communication. +by a firewall, then you need to reconfigure that firewall to allow NFS communication. [This guide from TDLP](https://tldp.org/HOWTO/NFS-HOWTO/security.html#FIREWALLS) covers the basics of using NFS in a firewalled environment. Additionally, we encourage you to @@ -370,7 +370,7 @@ sudo ufw allow from <client_ip_address> to any port nfs WARNING: From GitLab 13.0, using NFS for Git repositories is deprecated. -As of GitLab 14.0, NFS-related issues with Gitaly will no longer be addressed. Read +As of GitLab 14.0, NFS-related issues with Gitaly are no longer addressed. Read more about [Gitaly and NFS deprecation](gitaly/index.md#nfs-deprecation-notice). Customers and users have reported data loss on high-traffic repositories when using NFS for Git repositories. @@ -391,7 +391,7 @@ The problem may be partially mitigated by adjusting caching using the following WARNING: The `actimeo=0` and `noac` options both result in a significant reduction in performance, possibly leading to timeouts. You may be able to avoid timeouts and data loss using `actimeo=0` and `lookupcache=positive` _without_ `noac`, however -we expect the performance reduction will still be significant. Upgrade to +we expect the performance reduction is still significant. Upgrade to [Gitaly Cluster](gitaly/praefect.md) as soon as possible. ### Avoid using cloud-based file systems diff --git a/doc/administration/object_storage.md b/doc/administration/object_storage.md index cbef752773b..d133e8c3721 100644 --- a/doc/administration/object_storage.md +++ b/doc/administration/object_storage.md @@ -595,7 +595,7 @@ with the Fog library that GitLab uses. Symptoms include an error in `production. If you configure GitLab to use object storage for CI logs and artifacts, you can avoid [local disk usage for job logs](job_logs.md#data-flow) by enabling -[beta incremental logging](job_logs.md#new-incremental-logging-architecture). +[beta incremental logging](job_logs.md#incremental-logging-architecture). ### Proxy Download diff --git a/doc/administration/operations/extra_sidekiq_processes.md b/doc/administration/operations/extra_sidekiq_processes.md index 88e3369e25e..6b8d6f3bf1e 100644 --- a/doc/administration/operations/extra_sidekiq_processes.md +++ b/doc/administration/operations/extra_sidekiq_processes.md @@ -144,8 +144,10 @@ attributes](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/workers/all_q quickly. Can be `high`, `low`, or `throttled`. For example, the `authorized_projects` queue is used to refresh user permissions, and is high urgency. -- `name` - the queue name. The other attributes are typically more useful as - they are more general, but this is available in case a particular queue needs +- `worker_name` - the worker name. The other attributes are typically more useful as + they are more general, but this is available in case a particular worker needs + to be selected. +- `name` - the queue name. Similiarly, this is available in case a particular queue needs to be selected. - `resource_boundary` - if the queue is bound by `cpu`, `memory`, or `unknown`. For example, the `project_export` queue is memory bound as it has diff --git a/doc/administration/operations/fast_ssh_key_lookup.md b/doc/administration/operations/fast_ssh_key_lookup.md index ec5bf9d6379..980db9713ee 100644 --- a/doc/administration/operations/fast_ssh_key_lookup.md +++ b/doc/administration/operations/fast_ssh_key_lookup.md @@ -16,7 +16,7 @@ Regular SSH operations become slow as the number of users grows because OpenSSH searches for a key to authorize a user via a linear search. In the worst case, such as when the user is not authorized to access GitLab, OpenSSH will scan the entire file to search for a key. This can take significant time and disk I/O, -which will delay users attempting to push or pull to a repository. Making +which delays users attempting to push or pull to a repository. Making matters worse, if users add or remove keys frequently, the operating system may not be able to cache the `authorized_keys` file, which causes the disk to be accessed repeatedly. @@ -28,7 +28,7 @@ lookup of authorized SSH keys. WARNING: OpenSSH version 6.9+ is required because `AuthorizedKeysCommand` must be able to accept a fingerprint. These -instructions will break installations using older versions of OpenSSH, such as +instructions break installations that use older versions of OpenSSH, such as those included with CentOS 6 as of September 2017. If you want to use this feature for CentOS 6, follow [the instructions on how to build and install a custom OpenSSH package](#compiling-a-custom-version-of-openssh-for-centos-6) before continuing. @@ -40,9 +40,9 @@ single source of truth, [Geo](../geo/index.md) needs to be configured to perform lookups via database lookup. As part of [setting up Geo](../geo/index.md#setup-instructions), -you will be required to follow the steps outlined below for both the primary and +you are required to follow the steps outlined below for both the primary and secondary nodes, but note that the `Write to "authorized keys" file` checkbox -only needs to be unchecked on the primary node since it will be reflected +only needs to be unchecked on the primary node since it is reflected automatically on the secondary if database replication is working. ## Setting up fast lookup via GitLab Shell @@ -91,10 +91,10 @@ as required, but that might require temporary ownership changes during `gitlab-s WARNING: Do not disable writes until SSH is confirmed to be working -perfectly, because the file will quickly become out-of-date. +perfectly; otherwise, the file quickly becomes out-of-date. In the case of lookup failures (which are common), the `authorized_keys` -file will still be scanned. So Git SSH performance will still be slow for many +file is still scanned. So Git SSH performance would still be slow for many users as long as a large file exists. You can disable any more writes to the `authorized_keys` file by unchecking @@ -183,8 +183,8 @@ the database. The following instructions can be used to build OpenSSH 7.5: -rw-r--r--. 1 root root 367516 Jun 20 19:37 openssh-server-7.5p1-1.x86_64.rpm ``` -1. Install the packages. OpenSSH packages will replace `/etc/pam.d/sshd` - with its own version, which may prevent users from logging in, so be sure +1. Install the packages. OpenSSH packages replace `/etc/pam.d/sshd` + with their own versions, which may prevent users from logging in, so be sure that the file is backed up and restored after installation: ```shell diff --git a/doc/administration/operations/filesystem_benchmarking.md b/doc/administration/operations/filesystem_benchmarking.md index 6119fcdae45..ffce104e1ad 100644 --- a/doc/administration/operations/filesystem_benchmarking.md +++ b/doc/administration/operations/filesystem_benchmarking.md @@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w File system performance has a big impact on overall GitLab performance, especially for actions that read or write to Git repositories. This information -will help benchmark file system performance against known good and bad real-world +helps benchmark file system performance against known good and bad real-world systems. Normally when talking about file system performance the biggest concern is @@ -35,12 +35,12 @@ Then run the following: fio --randrepeat=1 --ioengine=libaio --direct=1 --gtod_reduce=1 --name=test --bs=4k --iodepth=64 --readwrite=randrw --rwmixread=75 --size=4G --filename=/path/to/git-data/testfile ``` -This will create a 4GB file in `/path/to/git-data/testfile`. It performs +This creates a 4GB file in `/path/to/git-data/testfile`. It performs 4KB reads and writes using a 75%/25% split within the file, with 64 operations running at a time. Be sure to delete the file after the test completes. -The output will vary depending on what version of `fio` installed. The following +The output varies depending on what version of `fio` installed. The following is an example output from `fio` v2.2.10 on a networked solid-state drive (SSD): ```plaintext @@ -78,8 +78,8 @@ test but still have poor performance due to read speed and various other factors. The following one-line commands provide a quick benchmark for file system write and read -performance. This will write 1,000 small files to the directory in which it is -executed, and then read the same 1,000 files. +performance. This writes 1,000 small files to the directory in which it is +executed, and then reads the same 1,000 files. 1. Change into the root of the appropriate [repository storage path](../repository_storage_paths.md). @@ -107,7 +107,7 @@ executed, and then read the same 1,000 files. cd ../; rm -rf test ``` -The output of the `time for ...` commands will look similar to the following. The +The output of the `time for ...` commands resemble the following. The important metric is the `real` time. ```shell diff --git a/doc/administration/operations/rails_console.md b/doc/administration/operations/rails_console.md index 1fe1ea96bff..8c366e311b8 100644 --- a/doc/administration/operations/rails_console.md +++ b/doc/administration/operations/rails_console.md @@ -149,17 +149,17 @@ Traceback (most recent call last): /opt/gitlab/..../runner_command.rb:42:in `load': cannot load such file -- /tmp/helloworld.rb (LoadError) ``` -In case you encouter a similar error to this: +In case you encounter a similar error to this: ```plaintext -[root ~]# sudo gitlab-rails runner helloworld.rb +[root ~]# sudo gitlab-rails runner helloworld.rb Please specify a valid ruby command or the path of a script to run. Run 'rails runner -h' for help. undefined local variable or method `helloworld' for main:Object ``` -You can either move the file to the `/tmp` directory or create a new directory onwed by the user `git` and save the script in that directory as illustrated below: +You can either move the file to the `/tmp` directory or create a new directory owned by the user `git` and save the script in that directory as illustrated below: ```shell sudo mkdir /scripts diff --git a/doc/administration/operations/ssh_certificates.md b/doc/administration/operations/ssh_certificates.md index c0525cf6258..cc09ad95dce 100644 --- a/doc/administration/operations/ssh_certificates.md +++ b/doc/administration/operations/ssh_certificates.md @@ -110,10 +110,10 @@ Where `{KEY_ID}` is the `%i` argument passed to the script (e.g. `aeanfjord`), and `{PRINCIPAL}` is the principal passed to it (e.g. `sshUsers`). -You will need to customize the `sshUsers` part of that. It should be +You need to customize the `sshUsers` part of that. It should be some principal that's guaranteed to be part of the key for all users who can log in to GitLab, or you must provide a list of principals, -one of which is going to be present for the user, e.g.: +one of which is present for the user, e.g.: ```plaintext [...] @@ -122,7 +122,7 @@ one of which is going to be present for the user, e.g.: ## Principals and security -You can supply as many principals as you want, these will be turned +You can supply as many principals as you want, these are turned into multiple lines of `authorized_keys` output, as described in the `AuthorizedPrincipalsFile` documentation in `sshd_config(5)`. @@ -130,32 +130,32 @@ Normally when using the `AuthorizedKeysCommand` with OpenSSH the principal is some "group" that's allowed to log into that server. However with GitLab it's only used to appease OpenSSH's requirement for it, we effectively only care about the "key ID" being -correct. Once that's extracted GitLab will enforce its own ACLs for +correct. Once that's extracted GitLab enforces its own ACLs for that user (e.g. what projects the user can access). So it's OK to e.g. be overly generous in what you accept, since if the -user e.g. has no access to GitLab at all it'll just error out with a +user e.g. has no access to GitLab at all it just errors out with a message about this being an invalid user. ## Interaction with the `authorized_keys` file SSH certificates can be used in conjunction with the `authorized_keys` -file, and if set up as configured above the `authorized_keys` file will -still serve as a fallback. +file, and if set up as configured above the `authorized_keys` file +still serves as a fallback. This is because if the `AuthorizedPrincipalsCommand` can't -authenticate the user, OpenSSH will fall back on +authenticate the user, OpenSSH falls back on `~/.ssh/authorized_keys` (or the `AuthorizedKeysCommand`). Therefore there may still be a reason to use the ["Fast lookup of authorized SSH keys in the database"](fast_ssh_key_lookup.html) method -in conjunction with this. Since you'll be using SSH certificates for +in conjunction with this. Since you are using SSH certificates for all your normal users, and relying on the `~/.ssh/authorized_keys` fallback for deploy keys, if you make use of those. But you may find that there's no reason to do that, since all your -normal users will use the fast `AuthorizedPrincipalsCommand` path, and -only automated deployment key access will fall back on +normal users use the fast `AuthorizedPrincipalsCommand` path, and +only automated deployment key access falls back on `~/.ssh/authorized_keys`, or that you have a lot more keys for normal users (especially if they're renewed) than you have deploy keys. @@ -167,14 +167,14 @@ uploading an SSH public key to their profile, relying on the currently no feature to prevent this, [but there's an open request for adding it](https://gitlab.com/gitlab-org/gitlab/-/issues/23260). -Such a restriction can currently be hacked in by e.g. providing a +Such a restriction can currently be hacked in by, for example, providing a custom `AuthorizedKeysCommand` which checks if the discovered key-ID returned from `gitlab-shell-authorized-keys-check` is a deploy key or not (all non-deploy keys should be refused). ## Disabling the global warning about users lacking SSH keys -By default GitLab will show a "You won't be able to pull or push +By default GitLab shows a "You won't be able to pull or push project code via SSH" warning to users who have not uploaded an SSH key to their profile. diff --git a/doc/administration/packages/container_registry.md b/doc/administration/packages/container_registry.md index 853a1884821..14e54513536 100644 --- a/doc/administration/packages/container_registry.md +++ b/doc/administration/packages/container_registry.md @@ -301,6 +301,16 @@ the Container Registry by themselves, follow the steps below. ## Configure storage for the Container Registry +NOTE: +For storage backends that support it, you can use object versioning to preserve, retrieve, and +restore the non-current versions of every object stored in your buckets. However, this may result in +higher storage usage and costs. Due to how the registry operates, image uploads are first stored in +a temporary path and then transferred to a final location. For object storage backends, including S3 +and GCS, this transfer is achieved with a copy followed by a delete. With object versioning enabled, +these deleted temporary upload artifacts are kept as non-current versions, therefore increasing the +storage bucket size. To ensure that non-current versions are deleted after a given amount of time, +you should configure an object lifecycle policy with your storage provider. + You can configure the Container Registry to use various storage backends by configuring a storage driver. By default the GitLab Container Registry is configured to use the [file system driver](#use-file-system) @@ -937,7 +947,7 @@ To enable the read-only mode: sudo gitlab-ctl reconfigure ``` - This command sets the Container Registry into the read only mode. + This command sets the Container Registry into the read-only mode. 1. Next, trigger one of the garbage collect commands: @@ -1065,15 +1075,15 @@ If the registry fails to authenticate valid login attempts, you get the followin ```shell # docker login gitlab.company.com:4567 Username: user -Password: +Password: Error response from daemon: login attempt to https://gitlab.company.com:4567/v2/ failed with status: 401 Unauthorized ``` And more specifically, this appears in the `/var/log/gitlab/registry/current` log file: ```plaintext -level=info msg="token signed by untrusted key with ID: "TOKE:NL6Q:7PW6:EXAM:PLET:OKEN:BG27:RCIB:D2S3:EXAM:PLET:OKEN"" -level=warning msg="error authorizing context: invalid token" go.version=go1.12.7 http.request.host="gitlab.company.com:4567" http.request.id=74613829-2655-4f96-8991-1c9fe33869b8 http.request.method=GET http.request.remoteaddr=10.72.11.20 http.request.uri="/v2/" http.request.useragent="docker/19.03.2 go/go1.12.8 git-commit/6a30dfc kernel/3.10.0-693.2.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/19.03.2 \(linux\))" +level=info msg="token signed by untrusted key with ID: "TOKE:NL6Q:7PW6:EXAM:PLET:OKEN:BG27:RCIB:D2S3:EXAM:PLET:OKEN"" +level=warning msg="error authorizing context: invalid token" go.version=go1.12.7 http.request.host="gitlab.company.com:4567" http.request.id=74613829-2655-4f96-8991-1c9fe33869b8 http.request.method=GET http.request.remoteaddr=10.72.11.20 http.request.uri="/v2/" http.request.useragent="docker/19.03.2 go/go1.12.8 git-commit/6a30dfc kernel/3.10.0-693.2.2.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/19.03.2 \(linux\))" ``` GitLab uses the contents of the certificate key pair's two sides to encrypt the authentication token @@ -1294,8 +1304,8 @@ GitLab Rails application, the Docker Registry, or something else. In this case, since we know that since the login succeeded, we probably need to look at the communication between the client and the Registry. -The REST API between the Docker client and Registry is [described -here](https://docs.docker.com/registry/spec/api/). Normally, one would just +The REST API between the Docker client and Registry is described +[in the Docker documentation](https://docs.docker.com/registry/spec/api/). Normally, one would just use Wireshark or tcpdump to capture the traffic and see where things went wrong. However, since all communications between Docker clients and servers are done over HTTPS, it's a bit difficult to decrypt the traffic quickly even diff --git a/doc/administration/packages/index.md b/doc/administration/packages/index.md index 5ddf47d9b33..6440fb16fc6 100644 --- a/doc/administration/packages/index.md +++ b/doc/administration/packages/index.md @@ -98,6 +98,12 @@ To enable the Packages feature: 1. [Restart GitLab](../restart_gitlab.md#helm-chart-installations "How to reconfigure Helm GitLab") for the changes to take effect. +## Rate limits + +When downloading packages as dependencies in downstream projects, many requests are made through the +Packages API. You may therefore reach enforced user and IP rate limits. To address this issue, you +can define specific rate limits for the Packages API. For more details, see [Package Registry Rate Limits](../../user/admin_area/settings/package_registry_rate_limits.md). + ## Changing the storage path By default, the packages are stored locally, but you can change the default diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md index ae4fa086e3f..c93ae90deb6 100644 --- a/doc/administration/pages/index.md +++ b/doc/administration/pages/index.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w description: 'Learn how to administer GitLab Pages.' --- -# GitLab Pages administration +# GitLab Pages administration **(FREE SELF)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/80) in GitLab EE 8.3. > - Custom CNAMEs with TLS support were [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/173) in GitLab EE 8.5. @@ -120,7 +120,7 @@ This example contains the following: - `example.com`: The GitLab domain. - `example.io`: The domain GitLab Pages is served from. - `192.0.2.1`: The primary IP of your GitLab instance. -- `192.0.2.2`: The secondary IP, which is dedicated to GitLab Pages. +- `192.0.2.2`: The secondary IP, which is dedicated to GitLab Pages. It must be different than the primary IP. NOTE: You should not use the GitLab domain to serve user pages. For more information see the [security section](#security). @@ -253,13 +253,14 @@ control over how the Pages daemon runs and serves content in your environment. | `gitlab_server` | Server to use for authentication when access control is enabled; defaults to GitLab `external_url`. | | `headers` | Specify any additional http headers that should be sent to the client with each response. Multiple headers can be given as an array, header and value as one string, for example `['my-header: myvalue', 'my-other-header: my-other-value']` | | `inplace_chroot` | On [systems that don't support bind-mounts](index.md#additional-configuration-for-docker-container), this instructs GitLab Pages to `chroot` into its `pages_path` directory. Some caveats exist when using in-place `chroot`; refer to the GitLab Pages [README](https://gitlab.com/gitlab-org/gitlab-pages/blob/master/README.md#caveats) for more information. | +| `enable_disk` | Allows the GitLab Pages daemon to serve content from disk. Shall be disabled if shared disk storage isn't available. | | `insecure_ciphers` | Use default list of cipher suites, may contain insecure ones like 3DES and RC4. | | `internal_gitlab_server` | Internal GitLab server address used exclusively for API requests. Useful if you want to send that traffic over an internal load balancer. Defaults to GitLab `external_url`. | | `listen_proxy` | The addresses to listen on for reverse-proxy requests. Pages binds to these addresses' network sockets and receives incoming requests from them. Sets the value of `proxy_pass` in `$nginx-dir/conf/gitlab-pages.conf`. | | `log_directory` | Absolute path to a log directory. | | `log_format` | The log output format: `text` or `json`. | | `log_verbose` | Verbose logging, true/false. | -| `propagate_correlation_id` | Set to true (false by default) to re-use existing Correlation ID from the incoming request header `X-Request-ID` if present. If a reverse proxy sets this header, the value will be propagated in the request chain. | +| `propagate_correlation_id` | Set to true (false by default) to re-use existing Correlation ID from the incoming request header `X-Request-ID` if present. If a reverse proxy sets this header, the value is propagated in the request chain. | | `max_connections` | Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners. | | `metrics_address` | The address to listen on for metrics requests. | | `redirect_http` | Redirect pages from HTTP to HTTPS, true/false. | @@ -310,14 +311,12 @@ world. Custom domains are supported, but no TLS. ```ruby pages_external_url "http://example.io" - nginx['listen_addresses'] = ['192.0.2.1'] + nginx['listen_addresses'] = ['192.0.2.1'] # The primary IP of the GitLab instance pages_nginx['enable'] = false - gitlab_pages['external_http'] = ['192.0.2.2:80', '[2001:db8::2]:80'] + gitlab_pages['external_http'] = ['192.0.2.2:80', '[2001:db8::2]:80'] # The secondary IPs for the GitLab Pages daemon ``` - where `192.0.2.1` is the primary IP address that GitLab is listening to and - `192.0.2.2` and `2001:db8::2` are the secondary IPs the GitLab Pages daemon - listens on. If you don't have IPv6, you can omit the IPv6 address. + If you don't have IPv6, you can omit the IPv6 address. 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). @@ -342,20 +341,18 @@ world. Custom domains and TLS are supported. ```ruby pages_external_url "https://example.io" - nginx['listen_addresses'] = ['192.0.2.1'] + nginx['listen_addresses'] = ['192.0.2.1'] # The primary IP of the GitLab instance pages_nginx['enable'] = false - gitlab_pages['external_http'] = ['192.0.2.2:80', '[2001:db8::2]:80'] - gitlab_pages['external_https'] = ['192.0.2.2:443', '[2001:db8::2]:443'] + gitlab_pages['external_http'] = ['192.0.2.2:80', '[2001:db8::2]:80'] # The secondary IPs for the GitLab Pages daemon + gitlab_pages['external_https'] = ['192.0.2.2:443', '[2001:db8::2]:443'] # The secondary IPs for the GitLab Pages daemon # Redirect pages from HTTP to HTTPS gitlab_pages['redirect_http'] = true ``` - where `192.0.2.1` is the primary IP address that GitLab is listening to and - `192.0.2.2` and `2001:db8::2` are the secondary IPs where the GitLab Pages daemon - listens on. If you don't have IPv6, you can omit the IPv6 address. + If you don't have IPv6, you can omit the IPv6 address. 1. If you haven't named your certificate and key `example.io.crt` and `example.io.key` respectively, -then you'll need to also add the full paths as shown below: +then you need to also add the full paths as shown below: ```ruby gitlab_pages['cert'] = "/etc/gitlab/ssl/example.io.crt" @@ -468,7 +465,7 @@ To do that: WARNING: For self-managed installations, all public websites remain private until they are -redeployed. This issue will be resolved by +redeployed. Resolve this issue by [sourcing domain configuration from the GitLab API](https://gitlab.com/gitlab-org/gitlab/-/issues/218357). ### Running behind a proxy @@ -555,9 +552,9 @@ Follow the steps below to configure verbose logging of GitLab Pages daemon. > [Introduced](https://gitlab.com/gitlab-org/gitlab-pages/-/merge_requests/438) in GitLab 13.10. -Setting the `propagate_correlation_id` to true will allow installations behind a reverse proxy generate +Setting the `propagate_correlation_id` to true allows installations behind a reverse proxy to generate and set a correlation ID to requests sent to GitLab Pages. When a reverse proxy sets the header value `X-Request-ID`, -the value will be propagated in the request chain. +the value propagates in the request chain. Users [can find the correlation ID in the logs](../troubleshooting/tracing_correlation_id.md#identify-the-correlation-id-for-a-request). To enable the propagation of the correlation ID: @@ -648,7 +645,7 @@ The default is 100MB. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16610) in GitLab 12.7. NOTE: -Only GitLab admin users will be able to view and override the **Maximum size of Pages** setting. +Only GitLab admin users are able to view and override the **Maximum size of Pages** setting. To override the global maximum pages size for a specific project: @@ -771,7 +768,7 @@ The default value for Omnibus installations is `nil`. If left unchanged, GitLab Pages tries to use any available source (either `gitlab` or `disk`). The preferred source is `gitlab`, which uses [API-based configuration](#gitlab-api-based-configuration). -On large GitLab instances, using the API-based configuration will significantly improve the pages daemon startup time, as there is no need to load all custom domains configuration into memory. +On large GitLab instances, using the API-based configuration significantly improves the pages daemon startup time, as there is no need to load all custom domains configuration into memory. For more details see this [blog post](https://about.gitlab.com/blog/2020/08/03/how-gitlab-pages-uses-the-gitlab-api-to-serve-content/). @@ -839,25 +836,25 @@ Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". Examples: -- Increasing `gitlab_cache_expiry` will allow items to exist in the cache longer. +- Increasing `gitlab_cache_expiry` allows items to exist in the cache longer. This setting might be useful if the communication between GitLab Pages and GitLab Rails is not stable. -- Increasing `gitlab_cache_refresh` will reduce the frequency at which GitLab Pages +- Increasing `gitlab_cache_refresh` reduces the frequency at which GitLab Pages requests a domain's configuration from GitLab Rails. This setting might be useful GitLab Pages generates too many requests to GitLab API and content does not change frequently. -- Decreasing `gitlab_cache_cleanup` will remove expired items from the cache more frequently, +- Decreasing `gitlab_cache_cleanup` removes expired items from the cache more frequently, reducing the memory usage of your Pages node. - Decreasing `gitlab_retrieval_timeout` allows you to stop the request to GitLab Rails -more quickly. Increasing it will allow more time to receive a response from the API, +more quickly. Increasing it allows more time to receive a response from the API, useful in slow networking environments. -- Decreasing `gitlab_retrieval_interval` will make requests to the API more frequently, +- Decreasing `gitlab_retrieval_interval` makes requests to the API more frequently, only when there is an error response from the API, for example a connection timeout. -- Decreasing `gitlab_retrieval_retries` will reduce the number of times a domain's +- Decreasing `gitlab_retrieval_retries` reduces the number of times a domain's configuration is tried to be resolved automatically before reporting an error. ## Using object storage @@ -868,13 +865,6 @@ configuration is tried to be resolved automatically before reporting an error. ### Object storage settings -WARNING: -With the following settings, Pages uses both NFS and Object Storage locations when deploying the -site. **Do not remove the existing NFS mount used by Pages** when applying these settings. For more -information, see the epics -[3901](https://gitlab.com/groups/gitlab-org/-/epics/3901#how-to-test-object-storage-integration-in-beta) -and [3910](https://gitlab.com/groups/gitlab-org/-/epics/3910). - The following settings are: - Nested under `pages:` and then `object_store:` on source installations. @@ -886,6 +876,10 @@ The following settings are: | `remote_directory` | The name of the bucket where Pages site content is stored. | | | `connection` | Various connection options described below. | | +NOTE: +If you want to stop using and disconnect the NFS server, you need to [explicitly disable +local storage](#disable-pages-local-storage), and it's only possible after upgrading to GitLab 13.11. + #### S3-compatible connection settings See [the available connection settings for different providers](../object_storage.md#connection-settings). @@ -919,6 +913,8 @@ In Omnibus installations: 1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. +1. [Migrate existing Pages deployments to object storage.](#migrate-pages-deployments-to-object-storage) + In installations from source: 1. Edit `/home/git/gitlab/config/gitlab.yml` and add or amend the following lines: @@ -938,6 +934,8 @@ In installations from source: 1. Save the file and [restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect. +1. [Migrate existing Pages deployments to object storage.](#migrate-pages-deployments-to-object-storage) + ## ZIP storage In GitLab 14.0 the underlaying storage format of GitLab Pages is changing from @@ -951,7 +949,9 @@ These ZIP archives can be stored either locally on disk storage or on the [objec > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59003) in GitLab 13.11. -GitLab will [try to automatically migrate](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/54578) the old storage format to the new ZIP-based one when you upgrade to GitLab 13.11 or further. +GitLab tries to +[automatically migrate](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/54578) +the old storage format to the new ZIP-based one when you upgrade to GitLab 13.11 or further. However, some projects may fail to be migrated for different reasons. To verify that all projects have been migrated successfully, you can manually run the migration: @@ -996,7 +996,7 @@ If you find that migrated data is invalid, you can remove all migrated data by r sudo gitlab-rake gitlab:pages:clean_migrated_zip_storage ``` -This will not remove any data from the legacy disk storage and the GitLab Pages daemon will automatically fallback +This does not remove any data from the legacy disk storage and the GitLab Pages daemon automatically falls back to using that. ### Migrate Pages deployments to object storage @@ -1021,6 +1021,43 @@ After the migration to object storage is performed, you can choose to revert you sudo gitlab-rake gitlab:pages:deployments:migrate_to_local ``` +### Disable Pages local storage + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/301159) in GitLab 13.11. + +If you use [object storage](#using-object-storage), disable local storage: + +1. Edit `/etc/gitlab/gitlab.rb`: + + ```ruby + gitlab_rails['pages_local_store_enabled'] = false + ``` + +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. + +Starting from GitLab 13.12, this setting also disables the [legacy storage](#migrate-legacy-storage-to-zip-storage), so if you were using NFS to serve Pages, you can completely disconnect from it. + +## Migrate GitLab Pages to 14.0 + +In GitLab 14.0 a number of breaking changes are introduced which may require some user intervention. +The steps below describe the best way to migrate without causing any downtime for your GitLab instance. + +If you run GitLab on a single server, then most likely you will not notice any problem after +upgrading to GitLab 14.0, but it may be safer to follow the steps anyway. +If you run GitLab on a single server, then most likely the upgrade process to 14.0 will go smoothly for you. Regardless, we recommend everyone follow the migration steps to ensure a successful upgrade. +If at any point you run into issues, consult the [troubleshooting section](#troubleshooting). + +To migrate GitLab Pages to GitLab 14.0: + +1. If your current GitLab version is lower than 13.12, then you first need to upgrade to 13.12. +Upgrading directly to 14.0 may cause downtime for some web-sites hosted on GitLab Pages +until you finish the following steps. +1. Enable the [API-based configuration](#gitlab-api-based-configuration), which +is the default starting from GitLab 14.0. Skip this step if you're already running GitLab 14.0 or above. +1. If you want to store your pages content in the [object storage](#using-object-storage), make sure to configure it. +If you want to store the pages content locally or continue using an NFS server, skip this step. +1. [Migrate legacy storage to ZIP storage.](#migrate-legacy-storage-to-zip-storage) + ## Backup GitLab Pages are part of the [regular backup](../../raketasks/backup_restore.md), so there is no separate backup to configure. @@ -1120,6 +1157,35 @@ to define the explicit address that the GitLab Pages daemon should listen on: gitlab_pages['listen_proxy'] = '127.0.0.1:8090' ``` +### Intermittent 502 errors or after a few days + +If you run Pages on a system that uses `systemd` and +[`tmpfiles.d`](https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html), +you may encounter intermittent 502 errors trying to serve Pages with an error similar to: + +```plaintext +dial tcp: lookup gitlab.example.com on [::1]:53: dial udp [::1]:53: connect: no route to host" +``` + +GitLab Pages creates a [bind mount](https://man7.org/linux/man-pages/man8/mount.8.html) +inside `/tmp/gitlab-pages-*` that includes files like `/etc/hosts`. +However, `systemd` may clean the `/tmp/` directory on a regular basis so the DNS +configuration may be lost. + +To stop `systemd` from cleaning the Pages related content: + +1. Tell `tmpfiles.d` to not remove the Pages `/tmp` directory: + + ```shell + echo 'x /tmp/gitlab-pages-*' >> /etc/tmpfiles.d/gitlab-pages-jail.conf + ``` + +1. Restart GitLab Pages: + + ```shell + sudo gitlab-ctl restart gitlab-pages + ``` + ### 404 error after transferring the project to a different group or user, or changing project path If you encounter a `404 Not Found` error a Pages site after transferring a project to @@ -1136,6 +1202,17 @@ date > /var/opt/gitlab/gitlab-rails/shared/pages/.update If you've customized the Pages storage path, adjust the command above to use your custom path. +### 404 error after promoting a Geo secondary to a primary node + +These are due to the Pages files not being among the +[supported data types](../geo/replication/datatypes.md#limitations-on-replicationverification). + +It is possible to copy the subfolders and files in the [Pages path](#change-storage-path) +to the new primary node to resolve this. +For example, you can adapt the `rsync` strategy from the +[moving repositories documenation](../operations/moving_repositories.md). +Alternatively, run the CI pipelines of those projects that contain a `pages` job again. + ### Failed to connect to the internal GitLab API If you have enabled [API-based configuration](#gitlab-api-based-configuration) and see the following error: @@ -1199,7 +1276,7 @@ If the wildcard DNS [prerequisite](#prerequisites) can't be met, you can still u all projects you need to use Pages with into a single group namespace, for example `pages`. 1. Configure a [DNS entry](#dns-configuration) without the `*.`-wildcard, for example `pages.example.io`. 1. Configure `pages_external_url http://example.io/` in your `gitlab.rb` file. - Omit the group namespace here, because it will automatically be prepended by GitLab. + Omit the group namespace here, because it automatically is prepended by GitLab. ### Pages daemon fails with permission denied errors @@ -1223,3 +1300,24 @@ Once added, reconfigure with `sudo gitlab-ctl reconfigure` and restart GitLab wi Verify that the **Callback URL**/Redirect URI in the GitLab Pages [System OAuth application](../../integration/oauth_provider.md#instance-wide-applications) is using the protocol (HTTP or HTTPS) that `pages_external_url` is configured to use. + +### 500 error `cannot serve from disk` + +If you get a 500 response from Pages and encounter an error similar to: + +```plaintext +ERRO[0145] cannot serve from disk error="gitlab: disk access is disabled via enable-disk=false" project_id=27 source_path="file:///shared/pages/@hashed/67/06/670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf/pages_deployments/14/artifacts.zip" source_type=zip +``` + +It means that GitLab Rails is telling GitLab Pages to serve content from a location on disk, +however, GitLab Pages was configured to disable disk access. + +To enable disk access: + +1. Enable disk access for GitLab Pages in `/etc/gitlab/gitlab.rb`: + + ```ruby + gitlab_pages['enable_disk'] = true + ``` + +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). diff --git a/doc/administration/pages/source.md b/doc/administration/pages/source.md index e1b54e11a1f..f1c3b515f68 100644 --- a/doc/administration/pages/source.md +++ b/doc/administration/pages/source.md @@ -4,7 +4,7 @@ group: Release info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# GitLab Pages administration for source installations +# GitLab Pages administration for source installations **(FREE SELF)** NOTE: Before attempting to enable GitLab Pages, first make sure you have diff --git a/doc/administration/polling.md b/doc/administration/polling.md index cd2e8ecad60..f66df70a163 100644 --- a/doc/administration/polling.md +++ b/doc/administration/polling.md @@ -18,14 +18,14 @@ seconds; these are _not_ the actual values. - 1 is the default, and recommended for most installations. (Issue notes poll every 2 seconds, and issue titles poll every 5 seconds.) -- 0 will disable UI polling completely. (On the next poll, clients will stop +- 0 disables UI polling completely. (On the next poll, clients stop polling for updates.) -- A value greater than 1 will slow polling down. If you see issues with +- A value greater than 1 slows polling down. If you see issues with database load from lots of clients polling for updates, increasing the multiplier from 1 can be a good compromise, rather than disabling polling completely. (For example: If this is set to 2, then issue notes poll every 4 seconds, and issue titles poll every 10 seconds.) -- A value between 0 and 1 will make the UI poll more frequently (so updates - will show in other sessions faster), but is **not recommended**. 1 should be +- A value between 0 and 1 makes the UI poll more frequently (so updates + show in other sessions faster), but is **not recommended**. 1 should be fast enough. (For example, if this is set to 0.5, then issue notes poll every 1 second, and issue titles poll every 2.5 seconds.) diff --git a/doc/administration/postgresql/pgbouncer.md b/doc/administration/postgresql/pgbouncer.md index 791ca64b001..fc7da04b960 100644 --- a/doc/administration/postgresql/pgbouncer.md +++ b/doc/administration/postgresql/pgbouncer.md @@ -23,7 +23,7 @@ This content has been moved to a [new location](replication_and_failover.md#conf 1. Generate PGBOUNCER_USER_PASSWORD_HASH with the command `gitlab-ctl pg-password-md5 pgbouncer` -1. Generate SQL_USER_PASSWORD_HASH with the command `gitlab-ctl pg-password-md5 gitlab`. We'll also need to enter the plaintext SQL_USER_PASSWORD later +1. Generate SQL_USER_PASSWORD_HASH with the command `gitlab-ctl pg-password-md5 gitlab`. Enter the plaintext SQL_USER_PASSWORD later. 1. On your database node, ensure the following is set in your `/etc/gitlab/gitlab.rb` @@ -37,7 +37,7 @@ This content has been moved to a [new location](replication_and_failover.md#conf 1. Run `gitlab-ctl reconfigure` NOTE: - If the database was already running, it will need to be restarted after reconfigure by running `gitlab-ctl restart postgresql`. + If the database was already running, it needs to be restarted after reconfigure by running `gitlab-ctl restart postgresql`. 1. On the node you are running PgBouncer on, make sure the following is set in `/etc/gitlab/gitlab.rb` @@ -68,7 +68,7 @@ This content has been moved to a [new location](replication_and_failover.md#conf ## Backups -Do not backup or restore GitLab through a PgBouncer connection: this will cause a GitLab outage. +Do not backup or restore GitLab through a PgBouncer connection: it causes a GitLab outage. [Read more about this and how to reconfigure backups](../../raketasks/backup_restore.md#backup-and-restore-for-installations-using-pgbouncer). diff --git a/doc/administration/postgresql/replication_and_failover.md b/doc/administration/postgresql/replication_and_failover.md index 7e25bd69539..878d2b536cb 100644 --- a/doc/administration/postgresql/replication_and_failover.md +++ b/doc/administration/postgresql/replication_and_failover.md @@ -120,7 +120,7 @@ Few notes on the service itself: - The service runs under a system account, by default `gitlab-consul`. - If you are using a different username, you will have to specify it. We will refer to it with `CONSUL_USERNAME`, -- There will be a database user created with read only access to the repmgr +- There will be a database user created with read-only access to the repmgr database - Passwords will be stored in the following locations: - `/etc/gitlab/gitlab.rb`: hashed diff --git a/doc/administration/raketasks/ldap.md b/doc/administration/raketasks/ldap.md index 531e9e89020..d7a37d1df3a 100644 --- a/doc/administration/raketasks/ldap.md +++ b/doc/administration/raketasks/ldap.md @@ -10,8 +10,8 @@ The following are LDAP-related Rake tasks. ## Check -The LDAP check Rake task will test the `bind_dn` and `password` credentials -(if configured) and will list a sample of LDAP users. This task is also +The LDAP check Rake task tests the `bind_dn` and `password` credentials +(if configured) and lists a sample of LDAP users. This task is also executed as part of the `gitlab:check` task, but can run independently using the command below. @@ -27,7 +27,7 @@ sudo gitlab-rake gitlab:ldap:check sudo -u git -H bundle exec rake gitlab:ldap:check RAILS_ENV=production ``` -By default, the task will return a sample of 100 LDAP users. Change this +By default, the task returns a sample of 100 LDAP users. Change this limit by passing a number to the check task: ```shell @@ -36,9 +36,9 @@ rake gitlab:ldap:check[50] ## Run a group sync **(PREMIUM SELF)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/14735) in [GitLab Starter](https://about.gitlab.com/pricing/) 12.2. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/14735) in GitLab 12.2. -The following task will run a [group sync](../auth/ldap/index.md#group-sync) immediately. This is valuable +The following task runs a [group sync](../auth/ldap/index.md#group-sync) immediately. This is valuable when you'd like to update all configured group memberships against LDAP without waiting for the next scheduled group sync to be run. @@ -61,9 +61,9 @@ bundle exec rake gitlab:ldap:group_sync ## Rename a provider -If you change the LDAP server ID in `gitlab.yml` or `gitlab.rb` you will need -to update all user identities or users will be unable to sign in. Input the -old and new provider and this task will update all matching identities in the +If you change the LDAP server ID in `gitlab.yml` or `gitlab.rb` you need +to update all user identities or users aren't able to sign in. Input the +old and new provider and this task updates all matching identities in the database. `old_provider` and `new_provider` are derived from the prefix `ldap` plus the @@ -81,9 +81,10 @@ main: `main` is the LDAP server ID. Together, the unique provider is `ldapmain`. -> **Warning**: If you input an incorrect new provider users will be unable -to sign in. If this happens, run the task again with the incorrect provider -as the `old_provider` and the correct provider as the `new_provider`. +WARNING: +If you input an incorrect new provider, users cannot sign in. If this happens, +run the task again with the incorrect provider as the `old_provider` and the +correct provider as the `new_provider`. **Omnibus Installation** @@ -119,7 +120,7 @@ User identities were successfully updated ### Other options -If you do not specify an `old_provider` and `new_provider` you will be prompted +If you do not specify an `old_provider` and `new_provider` the task prompts you for them: **Omnibus Installation** @@ -141,7 +142,7 @@ What is the old provider? Ex. 'ldapmain': ldapmain What is the new provider? Ex. 'ldapcustom': ldapmycompany ``` -This tasks also accepts the `force` environment variable which will skip the +This task also accepts the `force` environment variable, which skips the confirmation dialog: ```shell diff --git a/doc/administration/raketasks/project_import_export.md b/doc/administration/raketasks/project_import_export.md index 0fe15f2b5ba..cd6ffc957b1 100644 --- a/doc/administration/raketasks/project_import_export.md +++ b/doc/administration/raketasks/project_import_export.md @@ -53,5 +53,5 @@ Note the following: - The project import option must be enabled in application settings (`/admin/application_settings/general`) under **Import sources**, which is available under **Admin Area > Settings > Visibility and access controls**. -- The exports are stored in a temporary [shared directory](../../development/shared_files.md) - and are deleted every 24 hours by a specific worker. +- The exports are stored in a temporary directory and are deleted every + 24 hours by a specific worker. diff --git a/doc/administration/raketasks/storage.md b/doc/administration/raketasks/storage.md index 7fedcbf3c1a..5b6d4e16d8d 100644 --- a/doc/administration/raketasks/storage.md +++ b/doc/administration/raketasks/storage.md @@ -77,7 +77,7 @@ To have a summary and then a list of projects and their attachments using hashed WARNING: In GitLab 13.0, [hashed storage](../repository_storage_types.md#hashed-storage) is enabled by default and the legacy storage is deprecated. -Support for legacy storage will be removed in GitLab 14.0. If you're on GitLab +GitLab 14.0 eliminates support for legacy storage. If you're on GitLab 13.0 and later, switching new projects to legacy storage is not possible. The option to choose between hashed and legacy storage in the admin area has been disabled. @@ -114,25 +114,25 @@ There is a specific queue you can watch to see how long it will take to finish: After it reaches zero, you can confirm every project has been migrated by running the commands above. If you find it necessary, you can run this migration script again to schedule missing projects. -Any error or warning will be logged in Sidekiq's log file. +Any error or warning is logged in Sidekiq's log file. If [Geo](../geo/index.md) is enabled, each project that is successfully migrated generates an event to replicate the changes on any **secondary** nodes. -You only need the `gitlab:storage:migrate_to_hashed` Rake task to migrate your repositories, but we have additional -commands below that helps you inspect projects and attachments in both legacy and hashed storage. +You only need the `gitlab:storage:migrate_to_hashed` Rake task to migrate your repositories, but there are +[additional commands(#list-projects-and-attachments) to help you inspect projects and attachments in both legacy and hashed storage. ## Rollback from hashed storage to legacy storage WARNING: In GitLab 13.0, [hashed storage](../repository_storage_types.md#hashed-storage) is enabled by default and the legacy storage is deprecated. -Support for legacy storage will be removed in GitLab 14.0. If you're on GitLab +GitLab 14.0 eliminates support for legacy storage. If you're on GitLab 13.0 and later, switching new projects to legacy storage is not possible. The option to choose between hashed and legacy storage in the admin area has been disabled. -This task will schedule all your existing projects and associated attachments to be rolled back to the +This task schedules all your existing projects and associated attachments to be rolled back to the legacy storage type. - **Omnibus installation** @@ -161,7 +161,7 @@ On the **Queues** tab, you can watch the `hashed_storage:hashed_storage_project_ After it reaches zero, you can confirm every project has been rolled back by running the commands above. If some projects weren't rolled back, you can run this rollback script again to schedule further rollbacks. -Any error or warning will be logged in Sidekiq's log file. +Any error or warning is logged in Sidekiq's log file. If you have a Geo setup, the rollback will not be reflected automatically on the **secondary** node. You may need to wait for a backfill operation to kick-in and remove diff --git a/doc/administration/reference_architectures/10k_users.md b/doc/administration/reference_architectures/10k_users.md index 97af1fe8d3c..e4a699b962c 100644 --- a/doc/administration/reference_architectures/10k_users.md +++ b/doc/administration/reference_architectures/10k_users.md @@ -24,8 +24,8 @@ full list of reference architectures, see | Internal load balancing node | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | | Redis - Cache** | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | | Redis - Queues / Shared State** | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| Redis Sentinel - Cache** | 3 | 1 vCPU, 1.7 GB memory | `g1-small` | `t3.small` | `B1MS` | -| Redis Sentinel - Queues / Shared State** | 3 | 1 vCPU, 1.7 GB memory | `g1-small` | `t3.small` | `B1MS` | +| Redis Sentinel - Cache** | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | `c5.large` | `A1 v2` | +| Redis Sentinel - Queues / Shared State** | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | `c5.large` | `A1 v2` | | Gitaly | 3 | 16 vCPU, 60 GB memory | `n1-standard-16` | `m5.4xlarge` | `D16s v3` | | Praefect | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | | Praefect PostgreSQL* | 1+ | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | @@ -129,7 +129,7 @@ The Google Cloud Platform (GCP) architectures were built and tested using the CPU platform. On different hardware you may find that adjustments, either lower or higher, are required for your CPU or node counts. For more information, see our [Sysbench](https://github.com/akopytov/sysbench)-based -[CPU benchmark](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). +[CPU benchmarks](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). Due to better performance and availability, for data objects (such as LFS, uploads, or artifacts), using an [object storage service](#configure-the-object-storage) @@ -1917,7 +1917,12 @@ To configure the Sidekiq nodes, on each one: ### Sidekiq configuration ### ####################################### sidekiq['listen_address'] = "0.0.0.0" - sidekiq['cluster'] = true # no need to set this after GitLab 13.0 + + # Set number of Sidekiq queue processes to the same number as available CPUs + sidekiq['queue_groups'] = ['*'] * 4 + + # Set number of Sidekiq threads per queue process to the recommend number of 10 + sidekiq['max_concurrency'] = 10 ####################################### ### Monitoring configuration ### @@ -1962,7 +1967,9 @@ To configure the Sidekiq nodes, on each one: 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. NOTE: -You can also run [multiple Sidekiq processes](../operations/extra_sidekiq_processes.md). +If you find that the environment's Sidekiq job processing is slow with long queues, +more nodes can be added as required. You can also tune your Sidekiq nodes to +run [multiple Sidekiq processes](../operations/extra_sidekiq_processes.md). <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> @@ -2363,7 +2370,7 @@ considered and customer technical support will be considered out of scope. As an alternative approach, you can also run select components of GitLab as Cloud Native in Kubernetes via our official [Helm Charts](https://docs.gitlab.com/charts/). In this setup, we support running the equivalent of GitLab Rails and Sidekiq nodes -in a Kubernetes cluster, named Webservice and Sidekiq respectively. In addition, +in a Kubernetes cluster, named Webservice and Sidekiq respectively. In addition, the following other supporting services are supported: NGINX, Task Runner, Migrations, Prometheus and Grafana. @@ -2405,8 +2412,8 @@ services where applicable): | Internal load balancing node | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | | Redis - Cache** | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | | Redis - Queues / Shared State** | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | -| Redis Sentinel - Cache** | 3 | 1 vCPU, 1.7 GB memory | `g1-small` | -| Redis Sentinel - Queues / Shared State** | 3 | 1 vCPU, 1.7 GB memory | `g1-small` | +| Redis Sentinel - Cache** | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | +| Redis Sentinel - Queues / Shared State** | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | | Gitaly | 3 | 16 vCPU, 60 GB memory | `n1-standard-16` | | Praefect | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | | Praefect PostgreSQL* | 1+ | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | diff --git a/doc/administration/reference_architectures/1k_users.md b/doc/administration/reference_architectures/1k_users.md index bed584e94bd..6ad4e0f05e3 100644 --- a/doc/administration/reference_architectures/1k_users.md +++ b/doc/administration/reference_architectures/1k_users.md @@ -17,20 +17,20 @@ many organizations . > - **Supported users (approximate):** 1,000 > - **High Availability:** No. For a highly-available environment, you can -> follow the [3K reference architecture](3k_users.md). +> follow a modified [3K reference architecture](3k_users.md#supported-modifications-for-lower-user-counts-ha). > - **Test requests per second (RPS) rates:** API: 20 RPS, Web: 2 RPS, Git (Pull): 2 RPS, Git (Push): 1 RPS -| Users | Configuration | GCP | AWS | Azure | -|--------------|-------------------------|----------------|-----------------|----------------| -| Up to 500 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | -| Up to 1,000 | 8 vCPU, 7.2 GB memory | n1-highcpu-8 | `c5.2xlarge` | F8s v2 | +| Users | Configuration | GCP | AWS | Azure | +|--------------|-------------------------|----------------|--------------|----------| +| Up to 500 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | +| Up to 1,000 | 8 vCPU, 7.2 GB memory | `n1-highcpu-8` | `c5.2xlarge` | `F8s v2` | The Google Cloud Platform (GCP) architectures were built and tested using the [Intel Xeon E5 v3 (Haswell)](https://cloud.google.com/compute/docs/cpu-platforms) CPU platform. On different hardware you may find that adjustments, either lower or higher, are required for your CPU or node counts. For more information, see our [Sysbench](https://github.com/akopytov/sysbench)-based -[CPU benchmark](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). +[CPU benchmarks](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). In addition to the stated configurations, we recommend having at least 2 GB of swap on your server, even if you currently have enough available memory. Having diff --git a/doc/administration/reference_architectures/25k_users.md b/doc/administration/reference_architectures/25k_users.md index 7f9f284d085..129386d6ce5 100644 --- a/doc/administration/reference_architectures/25k_users.md +++ b/doc/administration/reference_architectures/25k_users.md @@ -15,25 +15,31 @@ full list of reference architectures, see > - **High Availability:** Yes ([Praefect](#configure-praefect-postgresql) needs a third-party PostgreSQL solution for HA) > - **Test requests per second (RPS) rates:** API: 500 RPS, Web: 50 RPS, Git (Pull): 50 RPS, Git (Push): 10 RPS -| Service | Nodes | Configuration | GCP | AWS | Azure | -|-----------------------------------------|-------------|-------------------------|-----------------|-------------|----------| -| External load balancing node | 1 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | -| Consul | 3 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| PostgreSQL | 3 | 16 vCPU, 60 GB memory | n1-standard-16 | `m5.4xlarge` | D16s v3 | -| PgBouncer | 3 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Internal load balancing node | 1 | 4 vCPU, 3.6GB memory | n1-highcpu-4 | `c5.large` | F2s v2 | -| Redis - Cache | 3 | 4 vCPU, 15 GB memory | n1-standard-4 | `m5.xlarge` | D4s v3 | -| Redis - Queues / Shared State | 3 | 4 vCPU, 15 GB memory | n1-standard-4 | `m5.xlarge` | D4s v3 | -| Redis Sentinel - Cache | 3 | 1 vCPU, 1.7 GB memory | g1-small | `t3.small` | B1MS | -| Redis Sentinel - Queues / Shared State | 3 | 1 vCPU, 1.7 GB memory | g1-small | `t3.small` | B1MS | -| Gitaly | 3 | 32 vCPU, 120 GB memory | n1-standard-32 | `m5.8xlarge` | D32s v3 | -| Praefect | 3 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | -| Praefect PostgreSQL | 1+* | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Sidekiq | 4 | 4 vCPU, 15 GB memory | n1-standard-4 | `m5.xlarge` | D4s v3 | -| GitLab Rails | 5 | 32 vCPU, 28.8 GB memory | n1-highcpu-32 | `c5.9xlarge` | F32s v2 | -| Monitoring node | 1 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | -| Object storage | n/a | n/a | n/a | n/a | n/a | -| NFS server | 1 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | +| Service | Nodes | Configuration | GCP | AWS | Azure | +|------------------------------------------|-------------|-------------------------|------------------|--------------|-----------| +| External load balancing node | 1 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | +| Consul* | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| PostgreSQL* | 3 | 16 vCPU, 60 GB memory | `n1-standard-1` | `m5.4xlarge` | `D16s v3` | +| PgBouncer* | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Internal load balancing node | 1 | 4 vCPU, 3.6GB memory | `n1-highcpu-4` | `c5.large` | `F2s v2` | +| Redis - Cache** | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | +| Redis - Queues / Shared State** | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | +| Redis Sentinel - Cache** | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | `c5.large` | `A1 v2` | +| Redis Sentinel - Queues / Shared State** | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | `c5.large` | `A1 v2` | +| Gitaly | 3 | 32 vCPU, 120 GB memory | `n1-standard-32` | `m5.8xlarge` | `D32s v3` | +| Praefect | 3 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | +| Praefect PostgreSQL* | 1+ | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Sidekiq | 4 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | +| GitLab Rails | 5 | 32 vCPU, 28.8 GB memory | `n1-highcpu-32` | `c5.9xlarge` | `F32s v2` | +| Monitoring node | 1 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | +| Object storage | n/a | n/a | n/a | n/a | n/a | +| NFS server | 1 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | + +NOTE: +Components marked with * can be optionally run on reputable +third party external PaaS PostgreSQL solutions. Google Cloud SQL and AWS RDS are known to work. +Components marked with ** can be optionally run on reputable +third party external PaaS Redis solutions. Google Memorystore and AWS Elasticache are known to work. ```plantuml @startuml 25k @@ -123,7 +129,7 @@ The Google Cloud Platform (GCP) architectures were built and tested using the CPU platform. On different hardware you may find that adjustments, either lower or higher, are required for your CPU or node counts. For more information, see our [Sysbench](https://github.com/akopytov/sysbench)-based -[CPU benchmark](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). +[CPU benchmarks](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). Due to better performance and availability, for data objects (such as LFS, uploads, or artifacts), using an [object storage service](#configure-the-object-storage) @@ -1913,7 +1919,12 @@ To configure the Sidekiq nodes, on each one: ### Sidekiq configuration ### ####################################### sidekiq['listen_address'] = "0.0.0.0" - sidekiq['cluster'] = true # no need to set this after GitLab 13.0 + + # Set number of Sidekiq queue processes to the same number as available CPUs + sidekiq['queue_groups'] = ['*'] * 4 + + # Set number of Sidekiq threads per queue process to the recommend number of 10 + sidekiq['max_concurrency'] = 10 ####################################### ### Monitoring configuration ### @@ -1958,7 +1969,9 @@ To configure the Sidekiq nodes, on each one: 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. NOTE: -You can also run [multiple Sidekiq processes](../operations/extra_sidekiq_processes.md). +If you find that the environment's Sidekiq job processing is slow with long queues, +more nodes can be added as required. You can also tune your Sidekiq nodes to +run [multiple Sidekiq processes](../operations/extra_sidekiq_processes.md). <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> diff --git a/doc/administration/reference_architectures/2k_users.md b/doc/administration/reference_architectures/2k_users.md index e5418e47ca2..69e261cfbe6 100644 --- a/doc/administration/reference_architectures/2k_users.md +++ b/doc/administration/reference_architectures/2k_users.md @@ -13,19 +13,25 @@ For a full list of reference architectures, see > - **Supported users (approximate):** 2,000 > - **High Availability:** No. For a highly-available environment, you can -> follow the [3K reference architecture](3k_users.md). +> follow a modified [3K reference architecture](3k_users.md#supported-modifications-for-lower-user-counts-ha). > - **Test requests per second (RPS) rates:** API: 40 RPS, Web: 4 RPS, Git (Pull): 4 RPS, Git (Push): 1 RPS -| Service | Nodes | Configuration | GCP | AWS | Azure | -|------------------------------------------|--------|-------------------------|----------------|--------------|---------| -| Load balancer | 1 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| PostgreSQL | 1 | 2 vCPU, 7.5 GB memory | n1-standard-2 | `m5.large` | D2s v3 | -| Redis | 1 | 1 vCPU, 3.75 GB memory | n1-standard-1 | `m5.large` | D2s v3 | -| Gitaly | 1 | 4 vCPU, 15 GB memory | n1-standard-4 | `m5.xlarge` | D4s v3 | -| GitLab Rails | 2 | 8 vCPU, 7.2 GB memory | n1-highcpu-8 | `c5.2xlarge` | F8s v2 | -| Monitoring node | 1 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Object storage | n/a | n/a | n/a | n/a | n/a | -| NFS server (optional, not recommended) | 1 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | +| Service | Nodes | Configuration | GCP | AWS | Azure | +|------------------------------------------|--------|-------------------------|-----------------|--------------|----------| +| Load balancer | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| PostgreSQL* | 1 | 2 vCPU, 7.5 GB memory | `n1-standard-2` | `m5.large` | `D2s v3` | +| Redis** | 1 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | `m5.large` | `D2s v3` | +| Gitaly | 1 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | +| GitLab Rails | 2 | 8 vCPU, 7.2 GB memory | `n1-highcpu-8` | `c5.2xlarge` | `F8s v2` | +| Monitoring node | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Object storage | n/a | n/a | n/a | n/a | n/a | +| NFS server (optional, not recommended) | 1 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | + +NOTE: +Components marked with * can be optionally run on reputable +third party external PaaS PostgreSQL solutions. Google Cloud SQL and AWS RDS are known to work. +Components marked with ** can be optionally run on reputable +third party external PaaS Redis solutions. Google Memorystore and AWS Elasticache are known to work. ```plantuml @startuml 2k @@ -60,7 +66,7 @@ The Google Cloud Platform (GCP) architectures were built and tested using the CPU platform. On different hardware you may find that adjustments, either lower or higher, are required for your CPU or node counts. For more information, see our [Sysbench](https://github.com/akopytov/sysbench)-based -[CPU benchmark](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). +[CPU benchmarks](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). Due to better performance and availability, for data objects (such as LFS, uploads, or artifacts), using an [object storage service](#configure-the-object-storage) @@ -642,6 +648,8 @@ On each node perform the following: node_exporter['listen_address'] = '0.0.0.0:9100' gitlab_workhorse['prometheus_listen_addr'] = '0.0.0.0:9229' sidekiq['listen_address'] = "0.0.0.0" + # Set number of Sidekiq threads per queue process to the recommend number of 10 + sidekiq['max_concurrency'] = 10 puma['listen'] = '0.0.0.0' # Add the monitoring node's IP address to the monitoring whitelist and allow it to diff --git a/doc/administration/reference_architectures/3k_users.md b/doc/administration/reference_architectures/3k_users.md index b8d0a98a1f1..d81f98a35d4 100644 --- a/doc/administration/reference_architectures/3k_users.md +++ b/doc/administration/reference_architectures/3k_users.md @@ -14,8 +14,9 @@ than 3,000 users. For fewer users, reduce the stated node sizes as needed. If maintaining a high level of uptime for your GitLab environment isn't a requirement, or if you don't have the expertise to maintain this sort of -environment, we recommend using the [2,000-user reference architecture](2k_users.md) -for your GitLab installation. +environment, we recommend using the non-HA [2,000-user reference architecture](2k_users.md) +for your GitLab installation. If HA is still a requirement, there's several supported +tweaks you can make to this architecture to reduce complexity as detailed here. For a full list of reference architectures, see [Available reference architectures](index.md#available-reference-architectures). @@ -24,22 +25,28 @@ For a full list of reference architectures, see > - **High Availability:** Yes, although [Praefect](#configure-praefect-postgresql) needs a third-party PostgreSQL solution > - **Test requests per second (RPS) rates:** API: 60 RPS, Web: 6 RPS, Git (Pull): 6 RPS, Git (Push): 1 RPS -| Service | Nodes | Configuration | GCP | AWS | Azure | -|--------------------------------------------|-------------|-----------------------|----------------|-------------|---------| -| External load balancing node | 1 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Redis | 3 | 2 vCPU, 7.5 GB memory | n1-standard-2 | `m5.large` | D2s v3 | -| Consul + Sentinel | 3 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| PostgreSQL | 3 | 2 vCPU, 7.5 GB memory | n1-standard-2 | `m5.large` | D2s v3 | -| PgBouncer | 3 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Internal load balancing node | 1 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Gitaly | 3 | 4 vCPU, 15 GB memory | n1-standard-4 | `m5.xlarge` | D4s v3 | -| Praefect | 3 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Praefect PostgreSQL | 1+* | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Sidekiq | 4 | 2 vCPU, 7.5 GB memory | n1-standard-2 | `m5.large` | D2s v3 | -| GitLab Rails | 3 | 8 vCPU, 7.2 GB memory | n1-highcpu-8 | `c5.2xlarge` | F8s v2 | -| Monitoring node | 1 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Object storage | n/a | n/a | n/a | n/a | n/a | -| NFS server (optional, not recommended) | 1 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | +| Service | Nodes | Configuration | GCP | AWS | Azure | +|--------------------------------------------|-------------|-----------------------|-----------------|--------------|----------| +| External load balancing node | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Redis** | 3 | 2 vCPU, 7.5 GB memory | `n1-standard-2` | `m5.large` | `D2s v3` | +| Consul* + Sentinel** | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| PostgreSQL* | 3 | 2 vCPU, 7.5 GB memory | `n1-standard-2` | `m5.large` | `D2s v3` | +| PgBouncer* | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Internal load balancing node | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Gitaly | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | +| Praefect | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Praefect PostgreSQL* | 1+ | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Sidekiq | 4 | 2 vCPU, 7.5 GB memory | `n1-standard-2` | `m5.large` | `D2s v3` | +| GitLab Rails | 3 | 8 vCPU, 7.2 GB memory | `n1-highcpu-8` | `c5.2xlarge` | `F8s v2` | +| Monitoring node | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Object storage | n/a | n/a | n/a | n/a | n/a | +| NFS server (optional, not recommended) | 1 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | + +NOTE: +Components marked with * can be optionally run on reputable +third party external PaaS PostgreSQL solutions. Google Cloud SQL and AWS RDS are known to work. +Components marked with ** can be optionally run on reputable +third party external PaaS Redis solutions. Google Memorystore and AWS Elasticache are known to work. ```plantuml @startuml 3k @@ -129,7 +136,7 @@ The Google Cloud Platform (GCP) architectures were built and tested using the CPU platform. On different hardware you may find that adjustments, either lower or higher, are required for your CPU or node counts. For more information, see our [Sysbench](https://github.com/akopytov/sysbench)-based -[CPU benchmark](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). +[CPU benchmarks](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). Due to better performance and availability, for data objects (such as LFS, uploads, or artifacts), using an [object storage service](#configure-the-object-storage) @@ -1595,6 +1602,12 @@ To configure the Sidekiq nodes, one each one: ####################################### sidekiq['listen_address'] = "0.0.0.0" + # Set number of Sidekiq queue processes to the same number as available CPUs + sidekiq['queue_groups'] = ['*'] * 2 + + # Set number of Sidekiq threads per queue process to the recommend number of 10 + sidekiq['max_concurrency'] = 10 + ####################################### ### Monitoring configuration ### ####################################### @@ -1650,7 +1663,9 @@ To configure the Sidekiq nodes, one each one: ``` NOTE: -You can also run [multiple Sidekiq processes](../operations/extra_sidekiq_processes.md). +If you find that the environment's Sidekiq job processing is slow with long queues, +more nodes can be added as required. You can also tune your Sidekiq nodes to +run [multiple Sidekiq processes](../operations/extra_sidekiq_processes.md). <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> @@ -2040,6 +2055,27 @@ considered and customer technical support will be considered out of scope. [Read more about Gitaly and NFS](../gitaly/index.md#nfs-deprecation-notice) and [the correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). +## Supported modifications for lower user counts (HA) + +The 3k GitLab reference architecture is the smallest we recommend that achieves High Availability (HA). +However, for environments that need to serve less users but maintain HA, there's several +supported modifications you can make to this architecture to reduce complexity and cost. + +It should be noted that to achieve HA with GitLab, this architecture's makeup is ultimately what is +required. Each component has various considerations and rules to follow and this architecture +meets all of these. Smaller versions of this architecture will be fundamentally the same, +but with smaller performance requirements, several modifications can be considered as follows: + +- Lowering node specs: Depending on your user count, you can lower all suggested node specs as desired. However, it's recommended that you don't go lower than the [general requirements](../../install/requirements.md). +- Combining select nodes: Some nodes can be combined to reduce complexity at the cost of some performance: + - GitLab Rails and Sidekiq: Sidekiq nodes can be removed and the component instead enabled on the GitLab Rails nodes. + - PostgreSQL and PgBouncer: PgBouncer nodes can be removed and the component instead enabled on PostgreSQL with the Internal Load Balancer pointing to them instead. +- Running select components in reputable Cloud PaaS solutions: Select components of the GitLab setup can instead be run on Cloud Provider PaaS solutions. By doing this, additional dependent components can also be removed: + - PostgreSQL: Can be run on reputable Cloud PaaS solutions such as Google Cloud SQL or AWS RDS. In this setup, the PgBouncer and Consul nodes are no longer required: + - Consul may still be desired if [Prometheus](../monitoring/prometheus/index.md) auto discovery is a requirement, otherwise you would need to [manually add scrape configurations](../monitoring/prometheus/index.md#adding-custom-scrape-configurations) for all nodes. + - As Redis Sentinel runs on the same box as Consul in this architecture, it may need to be run on a separate box if Redis is still being run via Omnibus. + - Redis: Can be run on reputable Cloud PaaS solutions such as Google Memorystore and AWS Elasticache. In this setup, the Redis Sentinel is no longer required. + <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> Back to setup components <i class="fa fa-angle-double-up" aria-hidden="true"></i> diff --git a/doc/administration/reference_architectures/50k_users.md b/doc/administration/reference_architectures/50k_users.md index 183a998e89a..5cc463c953d 100644 --- a/doc/administration/reference_architectures/50k_users.md +++ b/doc/administration/reference_architectures/50k_users.md @@ -15,25 +15,31 @@ full list of reference architectures, see > - **High Availability:** Yes ([Praefect](#configure-praefect-postgresql) needs a third-party PostgreSQL solution for HA) > - **Test requests per second (RPS) rates:** API: 1000 RPS, Web: 100 RPS, Git (Pull): 100 RPS, Git (Push): 20 RPS -| Service | Nodes | Configuration | GCP | AWS | Azure | -|-----------------------------------------|-------------|-------------------------|-----------------|--------------|----------| -| External load balancing node | 1 | 8 vCPU, 7.2 GB memory | n1-highcpu-8 | `c5.2xlarge` | F8s v2 | -| Consul | 3 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| PostgreSQL | 3 | 32 vCPU, 120 GB memory | n1-standard-32 | `m5.8xlarge` | D32s v3 | -| PgBouncer | 3 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Internal load balancing node | 1 | 8 vCPU, 7.2 GB memory | n1-highcpu-8 | `c5.2xlarge` | F8s v2 | -| Redis - Cache | 3 | 4 vCPU, 15 GB memory | n1-standard-4 | `m5.xlarge` | D4s v3 | -| Redis - Queues / Shared State | 3 | 4 vCPU, 15 GB memory | n1-standard-4 | `m5.xlarge` | D4s v3 | -| Redis Sentinel - Cache | 3 | 1 vCPU, 1.7 GB memory | g1-small | `t3.small` | B1MS | -| Redis Sentinel - Queues / Shared State | 3 | 1 vCPU, 1.7 GB memory | g1-small | `t3.small` | B1MS | -| Gitaly | 3 | 64 vCPU, 240 GB memory | n1-standard-64 | `m5.16xlarge` | D64s v3 | -| Praefect | 3 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | -| Praefect PostgreSQL | 1+* | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Sidekiq | 4 | 4 vCPU, 15 GB memory | n1-standard-4 | `m5.xlarge` | D4s v3 | -| GitLab Rails | 12 | 32 vCPU, 28.8 GB memory | n1-highcpu-32 | `c5.9xlarge` | F32s v2 | -| Monitoring node | 1 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | -| Object storage | n/a | n/a | n/a | n/a | n/a | -| NFS server | 1 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | +| Service | Nodes | Configuration | GCP | AWS | Azure | +|------------------------------------------|-------------|-------------------------|------------------|---------------|-----------| +| External load balancing node | 1 | 8 vCPU, 7.2 GB memory | `n1-highcpu-8` | `c5.2xlarge` | `F8s v2` | +| Consul* | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| PostgreSQL* | 3 | 32 vCPU, 120 GB memory | `n1-standard-32` | `m5.8xlarge` | `D32s v3` | +| PgBouncer* | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Internal load balancing node | 1 | 8 vCPU, 7.2 GB memory | `n1-highcpu-8` | `c5.2xlarge` | `F8s v2` | +| Redis - Cache** | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | +| Redis - Queues / Shared State** | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | +| Redis Sentinel - Cache** | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | `c5.large` | `A1 v2` | +| Redis Sentinel - Queues / Shared State** | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | `c5.large` | `A1 v2` | +| Gitaly | 3 | 64 vCPU, 240 GB memory | `n1-standard-64` | `m5.16xlarge` | `D64s v3` | +| Praefect | 3 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | +| Praefect PostgreSQL* | 1+ | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Sidekiq | 4 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | +| GitLab Rails | 12 | 32 vCPU, 28.8 GB memory | `n1-highcpu-32` | `c5.9xlarge` | `F32s v2` | +| Monitoring node | 1 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | +| Object storage | n/a | n/a | n/a | n/a | n/a | +| NFS server | 1 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | + +NOTE: +Components marked with * can be optionally run on reputable +third party external PaaS PostgreSQL solutions. Google Cloud SQL and AWS RDS are known to work. +Components marked with ** can be optionally run on reputable +third party external PaaS Redis solutions. Google Memorystore and AWS Elasticache are known to work. ```plantuml @startuml 50k @@ -123,7 +129,7 @@ The Google Cloud Platform (GCP) architectures were built and tested using the CPU platform. On different hardware you may find that adjustments, either lower or higher, are required for your CPU or node counts. For more information, see our [Sysbench](https://github.com/akopytov/sysbench)-based -[CPU benchmark](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). +[CPU benchmarks](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). Due to better performance and availability, for data objects (such as LFS, uploads, or artifacts), using an [object storage service](#configure-the-object-storage) @@ -1920,7 +1926,12 @@ To configure the Sidekiq nodes, on each one: ### Sidekiq configuration ### ####################################### sidekiq['listen_address'] = "0.0.0.0" - sidekiq['cluster'] = true # no need to set this after GitLab 13.0 + + # Set number of Sidekiq queue processes to the same number as available CPUs + sidekiq['queue_groups'] = ['*'] * 4 + + # Set number of Sidekiq threads per queue process to the recommend number of 10 + sidekiq['max_concurrency'] = 10 ####################################### ### Monitoring configuration ### @@ -1965,7 +1976,9 @@ To configure the Sidekiq nodes, on each one: 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. NOTE: -You can also run [multiple Sidekiq processes](../operations/extra_sidekiq_processes.md). +If you find that the environment's Sidekiq job processing is slow with long queues, +more nodes can be added as required. You can also tune your Sidekiq nodes to +run [multiple Sidekiq processes](../operations/extra_sidekiq_processes.md). <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> diff --git a/doc/administration/reference_architectures/5k_users.md b/doc/administration/reference_architectures/5k_users.md index 70d02bba855..792dd7020c7 100644 --- a/doc/administration/reference_architectures/5k_users.md +++ b/doc/administration/reference_architectures/5k_users.md @@ -22,22 +22,28 @@ costly-to-operate environment by using the > - **High Availability:** Yes ([Praefect](#configure-praefect-postgresql) needs a third-party PostgreSQL solution for HA) > - **Test requests per second (RPS) rates:** API: 100 RPS, Web: 10 RPS, Git (Pull): 10 RPS, Git (Push): 2 RPS -| Service | Nodes | Configuration | GCP | AWS | Azure | -|--------------------------------------------|-------------|-------------------------|----------------|-------------|----------| -| External load balancing node | 1 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Redis | 3 | 2 vCPU, 7.5 GB memory | n1-standard-2 | `m5.large` | D2s v3 | -| Consul + Sentinel | 3 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| PostgreSQL | 3 | 4 vCPU, 15 GB memory | n1-standard-4 | `m5.xlarge` | D4s v3 | -| PgBouncer | 3 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Internal load balancing node | 1 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Gitaly | 3 | 8 vCPU, 30 GB memory | n1-standard-8 | `m5.2xlarge` | D8s v3 | -| Praefect | 3 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Praefect PostgreSQL | 1+* | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Sidekiq | 4 | 2 vCPU, 7.5 GB memory | n1-standard-2 | `m5.large` | D2s v3 | -| GitLab Rails | 3 | 16 vCPU, 14.4 GB memory | n1-highcpu-16 | `c5.4xlarge` | F16s v2 | -| Monitoring node | 1 | 2 vCPU, 1.8 GB memory | n1-highcpu-2 | `c5.large` | F2s v2 | -| Object storage | n/a | n/a | n/a | n/a | n/a | -| NFS server (optional, not recommended) | 1 | 4 vCPU, 3.6 GB memory | n1-highcpu-4 | `c5.xlarge` | F4s v2 | +| Service | Nodes | Configuration | GCP | AWS | Azure | +|--------------------------------------------|-------------|-------------------------|-----------------|--------------|----------| +| External load balancing node | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Redis** | 3 | 2 vCPU, 7.5 GB memory | `n1-standard-2` | `m5.large` | `D2s v3` | +| Consul* + Sentinel** | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| PostgreSQL* | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | +| PgBouncer* | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Internal load balancing node | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Gitaly | 3 | 8 vCPU, 30 GB memory | `n1-standard-8` | `m5.2xlarge` | `D8s v3` | +| Praefect | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Praefect PostgreSQL* | 1+ | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Sidekiq | 4 | 2 vCPU, 7.5 GB memory | `n1-standard-2` | `m5.large` | `D2s v3` | +| GitLab Rails | 3 | 16 vCPU, 14.4 GB memory | `n1-highcpu-16` | `c5.4xlarge` | `F16s v2`| +| Monitoring node | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | +| Object storage | n/a | n/a | n/a | n/a | n/a | +| NFS server (optional, not recommended) | 1 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | + +NOTE: +Components marked with * can be optionally run on reputable +third party external PaaS PostgreSQL solutions. Google Cloud SQL and AWS RDS are known to work. +Components marked with ** can be optionally run on reputable +third party external PaaS Redis solutions. Google Memorystore and AWS Elasticache are known to work. ```plantuml @startuml 5k @@ -127,7 +133,7 @@ The Google Cloud Platform (GCP) architectures were built and tested using the CPU platform. On different hardware you may find that adjustments, either lower or higher, are required for your CPU or node counts. For more information, see our [Sysbench](https://github.com/akopytov/sysbench)-based -[CPU benchmark](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). +[CPU benchmarks](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). Due to better performance and availability, for data objects (such as LFS, uploads, or artifacts), using an [object storage service](#configure-the-object-storage) @@ -1585,6 +1591,12 @@ To configure the Sidekiq nodes, one each one: ####################################### sidekiq['listen_address'] = "0.0.0.0" + # Set number of Sidekiq queue processes to the same number as available CPUs + sidekiq['queue_groups'] = ['*'] * 4 + + # Set number of Sidekiq threads per queue process to the recommend number of 10 + sidekiq['max_concurrency'] = 10 + ####################################### ### Monitoring configuration ### ####################################### @@ -1639,7 +1651,9 @@ To configure the Sidekiq nodes, one each one: ``` NOTE: -You can also run [multiple Sidekiq processes](../operations/extra_sidekiq_processes.md). +If you find that the environment's Sidekiq job processing is slow with long queues, +more nodes can be added as required. You can also tune your Sidekiq nodes to +run [multiple Sidekiq processes](../operations/extra_sidekiq_processes.md). <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> diff --git a/doc/administration/reference_architectures/troubleshooting.md b/doc/administration/reference_architectures/troubleshooting.md index 60a6ee0132f..d5f57965a80 100644 --- a/doc/administration/reference_architectures/troubleshooting.md +++ b/doc/administration/reference_architectures/troubleshooting.md @@ -4,7 +4,7 @@ group: Distribution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Troubleshooting a reference architecture setup +# Troubleshooting a reference architecture setup **(FREE SELF)** This page serves as the troubleshooting documentation if you followed one of the [reference architectures](index.md#reference-architectures). @@ -33,7 +33,7 @@ The dependency on disk storage also prevents Pages being deployed using the ### Incremental logging is required for CI to use object storage If you configure GitLab to use object storage for CI logs and artifacts, -[you must also enable incremental logging](../job_logs.md#new-incremental-logging-architecture). +[you must also enable incremental logging](../job_logs.md#incremental-logging-architecture). ### Proxy Download diff --git a/doc/administration/reply_by_email_postfix_setup.md b/doc/administration/reply_by_email_postfix_setup.md index f310ef04295..f0b9daead69 100644 --- a/doc/administration/reply_by_email_postfix_setup.md +++ b/doc/administration/reply_by_email_postfix_setup.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w This document will take you through the steps of setting up a basic Postfix mail server with IMAP authentication on Ubuntu, to be used with [incoming email](incoming_email.md). -The instructions make the assumption that you will be using the email address `incoming@gitlab.example.com`, that is, username `incoming` on host `gitlab.example.com`. Don't forget to change it to your actual host when executing the example code snippets. +The instructions make the assumption that you are using the email address `incoming@gitlab.example.com`, that is, username `incoming` on host `gitlab.example.com`. Don't forget to change it to your actual host when executing the example code snippets. ## Configure your server firewall @@ -127,7 +127,7 @@ The instructions make the assumption that you will be using the email address `i ## Configure Postfix to use Maildir-style mailboxes -Courier, which we will install later to add IMAP authentication, requires mailboxes to have the Maildir format, rather than mbox. +Courier, which we install later to add IMAP authentication, requires mailboxes to have the Maildir format, rather than mbox. 1. Configure Postfix to use Maildir-style mailboxes: @@ -191,7 +191,7 @@ Courier, which we will install later to add IMAP authentication, requires mailbo imapd start ``` -1. The `courier-authdaemon` isn't started after installation. Without it, IMAP authentication will fail: +1. The `courier-authdaemon` isn't started after installation. Without it, IMAP authentication fails: ```shell sudo service courier-authdaemon start @@ -213,7 +213,7 @@ Courier, which we will install later to add IMAP authentication, requires mailbo 1. Let Postfix know about the IPs that it should consider part of the LAN: - We'll assume `192.168.1.0/24` is your local LAN. You can safely skip this step if you don't have other machines in the same local network. + Let's assume `192.168.1.0/24` is your local LAN. You can safely skip this step if you don't have other machines in the same local network. ```shell sudo postconf -e "mynetworks = 127.0.0.0/8, 192.168.1.0/24" diff --git a/doc/administration/repository_storage_types.md b/doc/administration/repository_storage_types.md index 29e31fcb6ef..21bb11226ce 100644 --- a/doc/administration/repository_storage_types.md +++ b/doc/administration/repository_storage_types.md @@ -131,7 +131,7 @@ forks use the object pool for shared objects. For more information, see [How Git object deduplication works in GitLab](../development/git_object_deduplication.md). Objects are moved from the source project to the object pool when housekeeping is run on the source -project. Object pool repositories are stored similarly to regular repositories: +project. Object pool repositories are stored similarly to regular repositories in a directory called `@pools` instead of `@hashed` ```ruby # object pool paths @@ -139,8 +139,8 @@ project. Object pool repositories are stored similarly to regular repositories: ``` WARNING: -Do not run `git prune` or `git gc` in object pool repositories. This can cause data loss in the -regular repositories that depend on the object pool. +Do not run `git prune` or `git gc` in object pool repositories, which are stored in the `@pools` directory. +This can cause data loss in the regular repositories that depend on the object pool. ### Object storage support diff --git a/doc/administration/restart_gitlab.md b/doc/administration/restart_gitlab.md index f4cc98ca145..5f7f08f4ecf 100644 --- a/doc/administration/restart_gitlab.md +++ b/doc/administration/restart_gitlab.md @@ -27,7 +27,7 @@ GitLab Rails application (Puma) as well as the other components, like: ### Omnibus GitLab restart -There may be times in the documentation where you will be asked to _restart_ +There may be times in the documentation where you are asked to _restart_ GitLab. In that case, you need to run the following command: ```shell @@ -73,7 +73,7 @@ As a last resort, you can try to ### Omnibus GitLab reconfigure -There may be times in the documentation where you will be asked to _reconfigure_ +There may be times in the documentation where you are asked to _reconfigure_ GitLab. Remember that this method applies only for the Omnibus packages. Reconfigure Omnibus GitLab with: @@ -86,15 +86,15 @@ Reconfiguring GitLab should occur in the event that something in its configuration (`/etc/gitlab/gitlab.rb`) has changed. When you run this command, [Chef](https://www.chef.io/products/chef-infra/), the underlying configuration management -application that powers Omnibus GitLab, will make sure that all things like directories, +application that powers Omnibus GitLab, makes sure that all things like directories, permissions, and services are in place and in the same shape that they were initially shipped. -It will also restart GitLab components where needed, if any of their +It also restarts GitLab components where needed, if any of their configuration files have changed. If you manually edit any files in `/var/opt/gitlab` that are managed by Chef, -running reconfigure will revert the changes AND restart the services that +running reconfigure reverts the changes AND restarts the services that depend on those files. ## Installations from source diff --git a/doc/administration/server_hooks.md b/doc/administration/server_hooks.md index 671da505e56..f67bf676a61 100644 --- a/doc/administration/server_hooks.md +++ b/doc/administration/server_hooks.md @@ -70,7 +70,12 @@ Assuming the hook code is properly implemented, the hook code is executed as app To create a Git hook that applies to all of the repositories in your instance, set a global server hook. The default global server hook directory is in the GitLab Shell directory. Any -hook added there applies to all repositories. +hook added there applies to all repositories, including: + +- [Project and group wiki](../user/project/wiki/index.md) repositories, + whose storage directory names are in the format `<id>.wiki.git`. +- [Design management](../user/project/issues/design_management.md) repositories under a + project, whose storage directory names are in the format `<id>.design.git`. The default directory: diff --git a/doc/administration/terraform_state.md b/doc/administration/terraform_state.md index 0c01279b04c..898d98495d9 100644 --- a/doc/administration/terraform_state.md +++ b/doc/administration/terraform_state.md @@ -4,7 +4,7 @@ group: Configure info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Terraform state administration (alpha) **(FREE)** +# Terraform state administration **(FREE)** > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2673) in GitLab 12.10. diff --git a/doc/administration/troubleshooting/defcon.md b/doc/administration/troubleshooting/defcon.md new file mode 100644 index 00000000000..09e11553d97 --- /dev/null +++ b/doc/administration/troubleshooting/defcon.md @@ -0,0 +1,25 @@ +--- +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +--- + +# Disaster Recovery + +This document describes a feature that allows to easily disable some important but computationally +expensive parts of the application, in order to relieve stress on the database in an ongoing downtime. + +## `ci_queueing_disaster_recovery` + +This feature flag, if enabled temporarily disables fair scheduling on shared runners. +This can help reduce system resource usage on the `jobs/request` endpoint +by significantly reducing computations being performed. + +Side effects: + +- In case of a large backlog of jobs, the jobs will be processed in the order +they were put in the system instead of balancing the jobs across many projects +- Projects which are out of quota will be run. This affects +only jobs that were created during the last hour, as prior jobs are canceled +by a periodic background worker (`StuckCiJobsWorker`). diff --git a/doc/administration/troubleshooting/elasticsearch.md b/doc/administration/troubleshooting/elasticsearch.md index 11425d464b9..d04ce23188f 100644 --- a/doc/administration/troubleshooting/elasticsearch.md +++ b/doc/administration/troubleshooting/elasticsearch.md @@ -251,13 +251,13 @@ can be made. If the indices: - Can be made, Escalate this to GitLab support. If the issue is not with creating an empty index, the next step is to check for errors -during the indexing of projects. If errors do occur, they will either stem from the indexing: +during the indexing of projects. If errors do occur, they stem from either the indexing: - On the GitLab side. You need to rectify those. If they are not something you are familiar with, contact GitLab support for guidance. - Within the Elasticsearch instance itself. See if the error is [documented and has a fix](../../integration/elasticsearch.md#troubleshooting). If not, speak with your Elasticsearch administrator. -If the indexing process does not present errors, you will want to check the status of the indexed projects. You can do this via the following Rake tasks: +If the indexing process does not present errors, check the status of the indexed projects. You can do this via the following Rake tasks: - [`sudo gitlab-rake gitlab:elastic:index_projects_status`](../../integration/elasticsearch.md#gitlab-advanced-search-rake-tasks) (shows the overall status) - [`sudo gitlab-rake gitlab:elastic:projects_not_indexed`](../../integration/elasticsearch.md#gitlab-advanced-search-rake-tasks) (shows specific projects that are not indexed) @@ -290,11 +290,11 @@ If the issue is: regarding the error(s) you are seeing. If you are unsure here, it never hurts to reach out to GitLab support. -Beyond that, you will want to review the error. If it is: +Beyond that, review the error. If it is: - Specifically from the indexer, this could be a bug/issue and should be escalated to GitLab support. -- An OS issue, you will want to reach out to your systems administrator. +- An OS issue, you should reach out to your systems administrator. - A `Faraday::TimeoutError (execution expired)` error **and** you're using a proxy, [set a custom `gitlab_rails['env']` environment variable, called `no_proxy`](https://docs.gitlab.com/omnibus/settings/environment-variables.html) with the IP address of your Elasticsearch host. @@ -365,7 +365,7 @@ require contacting an Elasticsearch administrator or GitLab Support. The best place to start while debugging issues with an Advanced Search migration is the [`elasticsearch.log` file](../logs.md#elasticsearchlog). -Migrations will log information while a migration is in progress and any +Migrations log information while a migration is in progress and any errors encountered. Apply fixes for any errors found in the log and retry the migration. diff --git a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md index 6b1cf2d1194..588be73e786 100644 --- a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md +++ b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md @@ -305,6 +305,42 @@ p.statistics.refresh! pp p.statistics # compare with earlier values ``` +### Identify deploy keys associated with blocked and non-member users + +When the user who created a deploy key is blocked or removed from the project, the key +can no longer be used to push to protected branches in a private project (see [issue #329742](https://gitlab.com/gitlab-org/gitlab/-/issues/329742)). +The following script identifies unusable deploy keys: + +```ruby +ghost_user_id = User.ghost.id + +DeployKeysProject.with_write_access.find_each do |deploy_key_mapping| + project = deploy_key_mapping.project + deploy_key = deploy_key_mapping.deploy_key + user = deploy_key.user + + access_checker = Gitlab::DeployKeyAccess.new(deploy_key, container: project) + + # can_push_for_ref? tests if deploy_key can push to default branch, which is likely to be protected + can_push = access_checker.can_do_action?(:push_code) + can_push_to_default = access_checker.can_push_for_ref?(project.repository.root_ref) + + next if access_checker.allowed? && can_push && can_push_to_default + + if user.nil? || user.id == ghost_user_id + username = 'none' + state = '-' + else + username = user.username + user_state = user.state + end + + puts "Deploy key: #{deploy_key.id}, Project: #{project.full_path}, Can push?: " + (can_push ? 'YES' : 'NO') + + ", Can push to default branch #{project.repository.root_ref}?: " + (can_push_to_default ? 'YES' : 'NO') + + ", User: #{username}, User state: #{user_state}" +end +``` + ## Wikis ### Recreate @@ -537,7 +573,7 @@ inactive_users.each do |user| end ``` -### Find Max permissions for project/group +### Find a user's max permissions for project/group ```ruby user = User.find_by_username 'username' diff --git a/doc/administration/troubleshooting/log_parsing.md b/doc/administration/troubleshooting/log_parsing.md index 2900ce58940..a0f71960e14 100644 --- a/doc/administration/troubleshooting/log_parsing.md +++ b/doc/administration/troubleshooting/log_parsing.md @@ -201,3 +201,42 @@ grep "fatal: " /var/log/gitlab/gitaly/current | \ jq '."grpc.request.glProjectPath"' | \ sort | uniq ``` + +### Parsing `gitlab-shell.log` + +For investigating Git calls via SSH, from [GitLab 12.10](https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/367). + +Find the top 20 calls by project and user: + +```shell +jq --raw-output --slurp ' + map( + select( + .username != null and + .gl_project_path !=null + ) + ) + | group_by(.username+.gl_project_path) + | sort_by(-length) + | limit(20; .[]) + | "count: \(length)\tuser: \(.[0].username)\tproject: \(.[0].gl_project_path)" ' \ + /var/log/gitlab/gitlab-shell/gitlab-shell.log +``` + +Find the top 20 calls by project, user, and command: + +```shell +jq --raw-output --slurp ' + map( + select( + .command != null and + .username != null and + .gl_project_path !=null + ) + ) + | group_by(.username+.gl_project_path+.command) + | sort_by(-length) + | limit(20; .[]) + | "count: \(length)\tcommand: \(.[0].command)\tuser: \(.[0].username)\tproject: \(.[0].gl_project_path)" ' \ + /var/log/gitlab/gitlab-shell/gitlab-shell.log +``` diff --git a/doc/administration/troubleshooting/sidekiq.md b/doc/administration/troubleshooting/sidekiq.md index 8d19a8a163b..297a8355036 100644 --- a/doc/administration/troubleshooting/sidekiq.md +++ b/doc/administration/troubleshooting/sidekiq.md @@ -11,7 +11,7 @@ tasks. When things go wrong it can be difficult to troubleshoot. These situations also tend to be high-pressure because a production system job queue may be filling up. Users will notice when this happens because new branches may not show up and merge requests may not be updated. The following are some -troubleshooting steps that will help you diagnose the bottleneck. +troubleshooting steps to help you diagnose the bottleneck. GitLab administrators/users should consider working through these debug steps with GitLab Support so the backtraces can be analyzed by our team. @@ -42,7 +42,7 @@ Example log output: When using [Sidekiq JSON logging](../logs.md#sidekiqlog), arguments logs are limited to a maximum size of 10 kilobytes of text; -any arguments after this limit will be discarded and replaced with a +any arguments after this limit are discarded and replaced with a single argument containing the string `"..."`. You can set `SIDEKIQ_LOG_ARGUMENTS` [environment variable](https://docs.gitlab.com/omnibus/settings/environment-variables.html) @@ -58,7 +58,7 @@ In GitLab 13.5 and earlier, set `SIDEKIQ_LOG_ARGUMENTS` to `1` to start logging ## Thread dump -Send the Sidekiq process ID the `TTIN` signal and it will output thread +Send the Sidekiq process ID the `TTIN` signal to output thread backtraces in the log file. ```shell @@ -66,7 +66,7 @@ kill -TTIN <sidekiq_pid> ``` Check in `/var/log/gitlab/sidekiq/current` or `$GITLAB_HOME/log/sidekiq.log` for -the backtrace output. The backtraces will be lengthy and generally start with +the backtrace output. The backtraces are lengthy and generally start with several `WARN` level messages. Here's an example of a single thread's backtrace: ```plaintext @@ -88,8 +88,8 @@ Move on to other troubleshooting methods if this happens. ## Process profiling with `perf` Linux has a process profiling tool called `perf` that is helpful when a certain -process is eating up a lot of CPU. If you see high CPU usage and Sidekiq won't -respond to the `TTIN` signal, this is a good next step. +process is eating up a lot of CPU. If you see high CPU usage and Sidekiq isn't +responding to the `TTIN` signal, this is a good next step. If `perf` is not installed on your system, install it with `apt-get` or `yum`: @@ -134,8 +134,8 @@ corresponding Ruby code where this is happening. `gdb` can be another effective tool for debugging Sidekiq. It gives you a little more interactive way to look at each thread and see what's causing problems. -Attaching to a process with `gdb` will suspends the normal operation -of the process (Sidekiq will not process jobs while `gdb` is attached). +Attaching to a process with `gdb` suspends the normal operation +of the process (Sidekiq does not process jobs while `gdb` is attached). Start by attaching to the Sidekiq PID: @@ -285,7 +285,7 @@ end ### Remove Sidekiq jobs for given parameters (destructive) The general method to kill jobs conditionally is the following command, which -will remove jobs that are queued but not started. Running jobs will not be killed. +removes jobs that are queued but not started. Running jobs can not be killed. ```ruby queue = Sidekiq::Queue.new('<queue name>') @@ -294,7 +294,7 @@ queue.each { |job| job.delete if <condition>} Have a look at the section below for cancelling running jobs. -In the method above, `<queue-name>` is the name of the queue that contains the job(s) you want to delete and `<condition>` will decide which jobs get deleted. +In the method above, `<queue-name>` is the name of the queue that contains the job(s) you want to delete and `<condition>` decides which jobs get deleted. Commonly, `<condition>` references the job arguments, which depend on the type of job in question. To find the arguments for a specific queue, you can have a look at the `perform` function of the related worker file, commonly found at `/app/workers/<queue-name>_worker.rb`. diff --git a/doc/administration/troubleshooting/ssl.md b/doc/administration/troubleshooting/ssl.md index d7bfd537eca..7c0b745f8c2 100644 --- a/doc/administration/troubleshooting/ssl.md +++ b/doc/administration/troubleshooting/ssl.md @@ -238,3 +238,17 @@ remote server that is serving only HTTP. One scenario is that you're using [object storage](../object_storage.md), which isn't served under HTTPS. GitLab is misconfigured and attempts a TLS handshake, but the object storage will respond with plain HTTP. + +## `schannel: SEC_E_UNTRUSTED_ROOT` + +If you're on Windows and get the following error: + +```plaintext +Fatal: unable to access 'https://gitlab.domain.tld/group/project.git': schannel: SEC_E_UNTRUSTED_ROOT (0x80090325) - The certificate chain was issued by an authority that is not trusted." +``` + +You may need to specify that Git should use OpenSSL: + +```shell +git config --system http.sslbackend openssl +``` diff --git a/doc/administration/troubleshooting/test_environments.md b/doc/administration/troubleshooting/test_environments.md index 53e51bbfe80..16ef4f83978 100644 --- a/doc/administration/troubleshooting/test_environments.md +++ b/doc/administration/troubleshooting/test_environments.md @@ -92,7 +92,7 @@ gitlab_rails['omniauth_providers'] = [ #### GroupSAML for GitLab.com -See [the GDK SAML documentation](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/saml.md). +See [the GDK SAML documentation](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/saml.md). ### Elasticsearch diff --git a/doc/administration/whats-new.md b/doc/administration/whats-new.md index 4cbb0b854ae..a5e3a232890 100644 --- a/doc/administration/whats-new.md +++ b/doc/administration/whats-new.md @@ -19,11 +19,23 @@ feature list, the feature list is tailored to your subscription type: - Features only available to self-managed installations are not shown on GitLab.com. - Features only available on GitLab.com are not shown to self-managed installations. -The **What's new** feature cannot be disabled, but -[is planned](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59011) for a future release. - ## Self-managed installations Due to our release post process, the content for **What's new** is not yet finalized when a new version (`.0` release) is cut. The updated **What's new** is included in the first patch release, such as `13.10.1`. + +## Configure What's new variant + +You can configure the What's new variant: + +1. Navigate to **Admin Area > Settings > Preferences**, then expand **What's new**. +1. Choose one of the following options: + + | Option | Description | + | ------ | ----------- | + | Enable What's new: All tiers | What's new presents new features from all tiers to help you keep track of all new features. | + | Enable What's new: Current tier only | What's new presents new features for your current subscription tier, while hiding new features not available to your subscription tier. | + | Disable What's new | What's new is disabled and can no longer be viewed. | + +1. Save your changes. diff --git a/doc/api/README.md b/doc/api/README.md index 1a914fb1dbe..db0c593dc03 100644 --- a/doc/api/README.md +++ b/doc/api/README.md @@ -1,10 +1,10 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# API Docs +# API Docs **(FREE)** Use the GitLab [REST](http://spec.openapis.org/oas/v3.0.3) API to automate GitLab. @@ -125,9 +125,10 @@ There are several ways you can authenticate with the GitLab API: - [Session cookie](#session-cookie) - [GitLab CI/CD job token](#gitlab-cicd-job-token) **(Specific endpoints only)** -NOTE: -Project access tokens are supported for self-managed instances on Free and -higher. They're also supported on GitLab.com Bronze and higher. +Project access tokens are supported by: + +- Self-managed GitLab Free and higher. +- GitLab SaaS Premium and higher. If you are an administrator, you or your application can authenticate as a specific user. To do so, use: @@ -208,6 +209,7 @@ You can use a GitLab CI/CD job token to authenticate with specific API endpoints Package Registry, you can use [deploy tokens](../user/project/deploy_tokens/index.md). - [Container Registry](../user/packages/container_registry/index.md) (the `$CI_REGISTRY_PASSWORD` is `$CI_JOB_TOKEN`). + - [Container Registry API](container_registry.md) (scoped to the job's project, when the `ci_job_token_scope` feature flag is enabled) - [Get job artifacts](job_artifacts.md#get-job-artifacts). - [Get job token's job](jobs.md#get-job-tokens-job). - [Pipeline triggers](pipeline_triggers.md), using the `token=` parameter. @@ -776,7 +778,3 @@ some API endpoints also support `text/plain`. In [GitLab 13.10 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/250342), API endpoints do not support `text/plain` by default, unless it's explicitly documented. - -This change is deployed behind the `:api_always_use_application_json` [feature flag](../user/feature_flags.md), -enabled by default. On GitLab self-managed instances, GitLab administrators can choose -to [disable it](../administration/feature_flags.md). **(FREE SELF)** diff --git a/doc/api/admin_sidekiq_queues.md b/doc/api/admin_sidekiq_queues.md index 9cbdcb863d6..d0e310ab548 100644 --- a/doc/api/admin_sidekiq_queues.md +++ b/doc/api/admin_sidekiq_queues.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Enablement +group: Distribution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/api_resources.md b/doc/api/api_resources.md index b0d03ebad74..9200d47effe 100644 --- a/doc/api/api_resources.md +++ b/doc/api/api_resources.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/applications.md b/doc/api/applications.md index b3741a3cb30..b3a46b70c9e 100644 --- a/doc/api/applications.md +++ b/doc/api/applications.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Manage +group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/avatar.md b/doc/api/avatar.md index 5d50fac86f0..baa670f3e93 100644 --- a/doc/api/avatar.md +++ b/doc/api/avatar.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Manage +group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/broadcast_messages.md b/doc/api/broadcast_messages.md index 04b2727f575..de56405056a 100644 --- a/doc/api/broadcast_messages.md +++ b/doc/api/broadcast_messages.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Growth +group: Activation info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/commits.md b/doc/api/commits.md index 117f949aba0..22d98b2b0a6 100644 --- a/doc/api/commits.md +++ b/doc/api/commits.md @@ -316,7 +316,6 @@ Example response: { "id": "8b090c1b79a14f2bd9e8a738f717824ff53aebad", "short_id": "8b090c1b", - "title": "Feature added", "author_name": "Example User", "author_email": "user@example.com", "authored_date": "2016-12-12T20:10:39.000+01:00", diff --git a/doc/api/container_registry.md b/doc/api/container_registry.md index f29f8aaf6e9..0b37c0ad91a 100644 --- a/doc/api/container_registry.md +++ b/doc/api/container_registry.md @@ -6,10 +6,30 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Container Registry API -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/55978) in GitLab 11.8. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/55978) in GitLab 11.8. +> - The use of `CI_JOB_TOKEN` scoped to the current project was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/49750) in GitLab 13.12. This is the API documentation of the [GitLab Container Registry](../user/packages/container_registry/index.md). +When the `ci_job_token_scope` feature flag is enabled (it is **disabled by default**), you can use the below endpoints +from a CI/CD job, by passing the `$CI_JOB_TOKEN` variable as the `JOB-TOKEN` header. +The job token will only have access to its own project. + +[GitLab administrators with access to the GitLab Rails console](../administration/feature_flags.md) +can opt to enable it. + +To enable it: + +```ruby +Feature.enable(:ci_job_token_scope) +``` + +To disable it: + +```ruby +Feature.disable(:ci_job_token_scope) +``` + ## List registry repositories ### Within a project diff --git a/doc/api/custom_attributes.md b/doc/api/custom_attributes.md index 68d27b77998..a17b3b78b18 100644 --- a/doc/api/custom_attributes.md +++ b/doc/api/custom_attributes.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/dependencies.md b/doc/api/dependencies.md index 6beb57a6da0..6175c26ed75 100644 --- a/doc/api/dependencies.md +++ b/doc/api/dependencies.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Secure +group: Composition Analysis info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/deploy_tokens.md b/doc/api/deploy_tokens.md index eae46d5f2f5..ad144946445 100644 --- a/doc/api/deploy_tokens.md +++ b/doc/api/deploy_tokens.md @@ -16,6 +16,12 @@ Get a list of all deploy tokens across the GitLab instance. This endpoint requir GET /deploy_tokens ``` +Parameters: + +| Attribute | Type | Required | Description | +|-----------|----------|------------------------|-------------| +| `active` | boolean | **{dotted-circle}** No | Limit by active status. | + Example request: ```shell @@ -31,6 +37,8 @@ Example response: "name": "MyToken", "username": "gitlab+deploy-token-1", "expires_at": "2020-02-14T00:00:00.000Z", + "revoked": false, + "expired": false, "scopes": [ "read_repository", "read_registry" @@ -55,9 +63,10 @@ GET /projects/:id/deploy_tokens Parameters: -| Attribute | Type | Required | Description | -|:---------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| Attribute | Type | Required | Description | +|:---------------|:---------------|:-----------------------|:------------| +| `id` | integer/string | **{check-circle}** Yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `active` | boolean | **{dotted-circle}** No | Limit by active status. | Example request: @@ -74,6 +83,8 @@ Example response: "name": "MyToken", "username": "gitlab+deploy-token-1", "expires_at": "2020-02-14T00:00:00.000Z", + "revoked": false, + "expired": false, "scopes": [ "read_repository", "read_registry" @@ -92,13 +103,17 @@ Creates a new deploy token for a project. POST /projects/:id/deploy_tokens ``` -| Attribute | Type | Required | Description | -| --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | -| `name` | string | yes | New deploy token's name | -| `expires_at` | datetime | no | Expiration date for the deploy token. Does not expire if no value is provided. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | -| `username` | string | no | Username for deploy token. Default is `gitlab+deploy-token-{n}` | -| `scopes` | array of strings | yes | Indicates the deploy token scopes. Must be at least one of `read_repository`, `read_registry`, `write_registry`, `read_package_registry`, or `write_package_registry`. | +Parameters: + +| Attribute | Type | Required | Description | +| ------------ | ---------------- | ---------------------- | ----------- | +| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `name` | string | **{check-circle}** Yes | New deploy token's name | +| `expires_at` | datetime | **{dotted-circle}** No | Expiration date for the deploy token. Does not expire if no value is provided. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | +| `username` | string | **{dotted-circle}** No | Username for deploy token. Default is `gitlab+deploy-token-{n}` | +| `scopes` | array of strings | **{check-circle}** Yes | Indicates the deploy token scopes. Must be at least one of `read_repository`, `read_registry`, `write_registry`, `read_package_registry`, or `write_package_registry`. | + +Example request: ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" --header "Content-Type: application/json" --data '{"name": "My deploy token", "expires_at": "2021-01-01", "username": "custom-user", "scopes": ["read_repository"]}' "https://gitlab.example.com/api/v4/projects/5/deploy_tokens/" @@ -113,6 +128,8 @@ Example response: "username": "custom-user", "expires_at": "2021-01-01T00:00:00.000Z", "token": "jMRvtPNxrn3crTAGukpZ", + "revoked": false, + "expired": false, "scopes": [ "read_repository" ] @@ -129,10 +146,12 @@ Removes a deploy token from the project. DELETE /projects/:id/deploy_tokens/:token_id ``` -| Attribute | Type | Required | Description | -| --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | -| `token_id` | integer | yes | The ID of the deploy token | +Parameters: + +| Attribute | Type | Required | Description | +| ---------- | -------------- | ---------------------- | ----------- | +| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `token_id` | integer | **{check-circle}** Yes | The ID of the deploy token | Example request: @@ -157,9 +176,10 @@ GET /groups/:id/deploy_tokens Parameters: -| Attribute | Type | Required | Description | -|:---------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| Attribute | Type | Required | Description | +|:---------------|:---------------|:-----------------------|:------------| +| `id` | integer/string | **{check-circle}** Yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `active` | boolean | **{dotted-circle}** No | Limit by active status. | Example request: @@ -176,6 +196,8 @@ Example response: "name": "MyToken", "username": "gitlab+deploy-token-1", "expires_at": "2020-02-14T00:00:00.000Z", + "revoked": false, + "expired": false, "scopes": [ "read_repository", "read_registry" @@ -194,13 +216,15 @@ Creates a new deploy token for a group. POST /groups/:id/deploy_tokens ``` -| Attribute | Type | Required | Description | -| --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | -| `name` | string | yes | New deploy token's name | -| `expires_at` | datetime | no | Expiration date for the deploy token. Does not expire if no value is provided. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | -| `username` | string | no | Username for deploy token. Default is `gitlab+deploy-token-{n}` | -| `scopes` | array of strings | yes | Indicates the deploy token scopes. Must be at least one of `read_repository`, `read_registry`, `write_registry`, `read_package_registry`, or `write_package_registry`. | +Parameters: + +| Attribute | Type | Required | Description | +| ------------ | ---- | --------- | ----------- | +| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `name` | string | **{check-circle}** Yes | New deploy token's name | +| `expires_at` | datetime | **{dotted-circle}** No | Expiration date for the deploy token. Does not expire if no value is provided. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | +| `username` | string | **{dotted-circle}** No | Username for deploy token. Default is `gitlab+deploy-token-{n}` | +| `scopes` | array of strings | **{check-circle}** Yes | Indicates the deploy token scopes. Must be at least one of `read_repository`, `read_registry`, `write_registry`, `read_package_registry`, or `write_package_registry`. | Example request: @@ -217,6 +241,8 @@ Example response: "username": "custom-user", "expires_at": "2021-01-01T00:00:00.000Z", "token": "jMRvtPNxrn3crTAGukpZ", + "revoked": false, + "expired": false, "scopes": [ "read_registry" ] @@ -233,10 +259,12 @@ Removes a deploy token from the group. DELETE /groups/:id/deploy_tokens/:token_id ``` -| Attribute | Type | Required | Description | -| --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | -| `token_id` | integer | yes | The ID of the deploy token | +Parameters: + +| Attribute | Type | Required | Description | +| ----------- | -------------- | ---------------------- | ----------- | +| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `token_id` | integer | **{check-circle}** Yes | The ID of the deploy token | Example request: diff --git a/doc/api/deployments.md b/doc/api/deployments.md index 32d3ab55f9f..cf224ad60ab 100644 --- a/doc/api/deployments.md +++ b/doc/api/deployments.md @@ -266,7 +266,7 @@ Example of response "status": "success", "updated_at": "2016-08-11T07:43:52.143Z", "web_url": "http://gitlab.dev/root/project/pipelines/5" - } + }, "runner": null } } diff --git a/doc/api/discussions.md b/doc/api/discussions.md index 828370c3386..3d40349ecca 100644 --- a/doc/api/discussions.md +++ b/doc/api/discussions.md @@ -270,7 +270,7 @@ GET /projects/:id/snippets/:snippet_id/discussions "system": false, "noteable_id": 3, "noteable_type": "Snippet", - "noteable_id": null + "noteable_iid": null }, { "id": 1129, @@ -290,7 +290,7 @@ GET /projects/:id/snippets/:snippet_id/discussions "system": false, "noteable_id": 3, "noteable_type": "Snippet", - "noteable_id": null, + "noteable_iid": null, "resolvable": false } ] @@ -317,7 +317,7 @@ GET /projects/:id/snippets/:snippet_id/discussions "system": false, "noteable_id": 3, "noteable_type": "Snippet", - "noteable_id": null, + "noteable_iid": null, "resolvable": false } ] @@ -476,7 +476,7 @@ GET /groups/:id/epics/:epic_id/discussions "system": false, "noteable_id": 3, "noteable_type": "Epic", - "noteable_id": null, + "noteable_iid": null, "resolvable": false }, { @@ -497,7 +497,7 @@ GET /groups/:id/epics/:epic_id/discussions "system": false, "noteable_id": 3, "noteable_type": "Epic", - "noteable_id": null, + "noteable_iid": null, "resolvable": false } ] @@ -524,7 +524,7 @@ GET /groups/:id/epics/:epic_id/discussions "system": false, "noteable_id": 3, "noteable_type": "Epic", - "noteable_id": null, + "noteable_iid": null, "resolvable": false } ] @@ -757,7 +757,7 @@ Diff comments also contain position: "notes": [ { "id": 1128, - "type": DiffNote, + "type": "DiffNote", "body": "diff comment", "attachment": null, "author": { @@ -787,12 +787,12 @@ Diff comments also contain position: "line_range": { "start": { "line_code": "588440f66559714280628a4f9799f0c4eb880a4a_10_10", - "type": "new", + "type": "new" }, "end": { "line_code": "588440f66559714280628a4f9799f0c4eb880a4a_11_11", "type": "old" - }, + } } }, "resolved": false, @@ -853,9 +853,9 @@ Parameters for all comments: | `position[start_sha]` | string | yes | SHA referencing commit in target branch | | `position[head_sha]` | string | yes | SHA referencing HEAD of this merge request | | `position[position_type]` | string | yes | Type of the position reference', allowed values: `text` or `image` | -| `position[new_path]` | string | no | File path after change | +| `position[new_path]` | string | yes (if the position type is `text`) | File path after change | | `position[new_line]` | integer | no | Line number after change (for `text` diff notes) | -| `position[old_path]` | string | no | File path before change | +| `position[old_path]` | string | yes (if the position type is `text`) | File path before change | | `position[old_line]` | integer | no | Line number before change (for `text` diff notes) | | `position[line_range]` | hash | no | Line range for a multi-line diff note | | `position[width]` | integer | no | Width of the image (for `image` diff notes) | @@ -863,10 +863,63 @@ Parameters for all comments: | `position[x]` | float | no | X coordinate (for `image` diff notes) | | `position[y]` | float | no | Y coordinate (for `image` diff notes) | +#### Create a new thread on the overview page + ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions?body=comment" ``` +#### Create a new thread in the merge request diff + +- Both `position[old_path]` and `position[new_path]` are required and must refer to the file path before and after the change. +- To create a thread on an added line (highlighted in green in the merge request diff), use `position[new_line]` and don't include `position[old_line]`. +- To create a thread on a removed line (highlighted in red in the merge request diff), use `position[old_line]` and don't include `position[new_line]`. +- To create a thread on an unchanged line, include both `position[new_line]` and `position[old_line]` for the line. These positions might not be the same if earlier changes in the file changed the line number. This is a bug that we plan to fix in [GraphQL `createDiffNote` forces clients to compute redundant information (#325161)](https://gitlab.com/gitlab-org/gitlab/-/issues/325161). +- If you specify incorrect `base`/`head`/`start` `SHA` parameters, you might run into the following bug: [Merge request comments receive "download" link instead of inline code (#296829)](https://gitlab.com/gitlab-org/gitlab/-/issues/296829). + +To create a new thread: + +1. [Get the latest merge request version](merge_requests.md#get-mr-diff-versions): + + ```shell + curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/merge_requests/11/versions" + ```` + +1. Note the details of the latest version, which is listed first in the response array. + + ```json + [ + { + "id": 164560414, + "head_commit_sha": "f9ce7e16e56c162edbc9e480108041cf6b0291fe", + "base_commit_sha": "5e6dffa282c5129aa67cd227a0429be21bfdaf80", + "start_commit_sha": "5e6dffa282c5129aa67cd227a0429be21bfdaf80", + "created_at": "2021-03-30T09:18:27.351Z", + "merge_request_id": 93958054, + "state": "collected", + "real_size": "2" + }, + "previous versions are here" + ] + ``` + +1. Create a new diff thread. This example creates a thread on an added line: + + ```shell + curl --request POST --header "PRIVATE-TOKEN: <your_access_token>"\ + --form 'position[position_type]=text'\ + --form 'position[base_sha]=<use base_commit_sha from the versions response>'\ + --form 'position[head_sha]=<use head_commit_sha from the versions response>'\ + --form 'position[start_sha]=<use start_commit_sha from the versions response>'\ + --form 'position[new_path]=file.js'\ + --form 'position[old_path]=file.js'\ + --form 'position[new_line]=18'\ + --form 'body=test comment body'\ + "https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions" + ``` + +#### Parameters for multiline comments + Parameters for multiline comments only: | Attribute | Type | Required | Description | @@ -1089,7 +1142,7 @@ Diff comments contain also position: "notes": [ { "id": 1128, - "type": DiffNote, + "type": "DiffNote", "body": "diff comment", "attachment": null, "author": { diff --git a/doc/api/dora4_group_analytics.md b/doc/api/dora4_group_analytics.md index 8935fa1e121..743dcf728a2 100644 --- a/doc/api/dora4_group_analytics.md +++ b/doc/api/dora4_group_analytics.md @@ -1,87 +1,8 @@ --- -stage: Release -group: Release -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: reference, api +redirect_to: 'dora/metrics.md' --- -# DORA4 Analytics Group API **(ULTIMATE SELF)** +This document was moved to [another location](dora/metrics.md). -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/291747) in GitLab 13.9. -> - [Deployed behind a feature flag](../user/feature_flags.md), disabled by default. -> - Disabled on GitLab.com. -> - Not recommended for production use. -> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-dora4-analytics-group-api). - -WARNING: -These endpoints are deprecated and will be removed in GitLab 14.0. Use the [DORA metrics API](dora/metrics.md) instead. - -WARNING: -This feature might not be available to you. Check the **version history** note above for details. - -All methods require reporter authorization. - -## List group deployment frequencies - -Get a list of all group deployment frequencies: - -```plaintext -GET /groups/:id/analytics/deployment_frequency?environment=:environment&from=:from&to=:to&interval=:interval -``` - -Attributes: - -| Attribute | Type | Required | Description | -|--------------|--------|----------|-----------------------| -| `id` | string | yes | The ID of the group. | - -Parameters: - -| Parameter | Type | Required | Description | -|--------------|--------|----------|-----------------------| -| `environment`| string | yes | The name of the environment to filter by. | -| `from` | string | yes | Datetime range to start from. Inclusive, ISO 8601 format (`YYYY-MM-DDTHH:MM:SSZ`). | -| `to` | string | no | Datetime range to end at. Exclusive, ISO 8601 format (`YYYY-MM-DDTHH:MM:SSZ`). | -| `interval` | string | no | The bucketing interval (`all`, `monthly`, `daily`). | - -Example request: - -```shell -curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/:id/analytics/deployment_frequency?environment=:environment&from=:from&to=:to&interval=:interval" -``` - -Example response: - -```json -[ - { - "from": "2017-01-01", - "to": "2017-01-02", - "value": 106 - }, - { - "from": "2017-01-02", - "to": "2017-01-03", - "value": 55 - } -] -``` - -## Enable or disable DORA4 Analytics Group API **(ULTIMATE SELF)** - -DORA4 Analytics Group API is under development and not ready for production use. It is -deployed behind a feature flag that is **disabled by default**. -[GitLab administrators with access to the GitLab Rails console](../administration/feature_flags.md) -can enable it. - -To enable it: - -```ruby -Feature.enable(:dora4_group_deployment_frequency_api) -``` - -To disable it: - -```ruby -Feature.disable(:dora4_group_deployment_frequency_api) -``` +<!-- This redirect file can be deleted after <2021-07-25>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/api/epic_issues.md b/doc/api/epic_issues.md index c4a8e2d40cc..3644375ad0a 100644 --- a/doc/api/epic_issues.md +++ b/doc/api/epic_issues.md @@ -107,7 +107,6 @@ Example response: "award_emoji": "http://localhost:3001/api/v4/projects/8/issues/6/award_emoji", "project": "http://localhost:3001/api/v4/projects/8" }, - "subscribed": true, "epic_issue_id": 2 } ] diff --git a/doc/api/epic_links.md b/doc/api/epic_links.md index 228f68531fd..e570b9f31cf 100644 --- a/doc/api/epic_links.md +++ b/doc/api/epic_links.md @@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/9188) in GitLab 11.8. -Manages parent-child [epic relationships](../user/group/epics/index.md#multi-level-child-epics). +Manages parent-child [epic relationships](../user/group/epics/manage_epics.md#multi-level-child-epics). Every API call to `epic_links` must be authenticated. @@ -97,7 +97,7 @@ Example response: "id": 6, "iid": 38, "group_id": 1, - "parent_id": 5 + "parent_id": 5, "title": "Accusamus iste et ullam ratione voluptatem omnis debitis dolor est.", "description": "Molestias dolorem eos vitae expedita impedit necessitatibus quo voluptatum.", "author": { diff --git a/doc/api/events.md b/doc/api/events.md index 38d2c934061..49d99cc43fe 100644 --- a/doc/api/events.md +++ b/doc/api/events.md @@ -1,10 +1,10 @@ --- -stage: none -group: unassigned +stage: Manage +group: Compliance info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Events +# Events API ## Filter parameters @@ -71,10 +71,10 @@ Parameters: | --------- | ---- | -------- | ----------- | | `action` | string | no | Include only events of a particular [action type](#action-types) | | `target_type` | string | no | Include only events of a particular [target type](#target-types) | -| `before` | date | no | Include only events created before a particular date. Please see [here for the supported format](#date-formatting) | -| `after` | date | no | Include only events created after a particular date. Please see [here for the supported format](#date-formatting) | +| `before` | date | no | Include only events created before a particular date. [View how to format dates](#date-formatting). | +| `after` | date | no | Include only events created after a particular date. [View how to format dates](#date-formatting). | | `scope` | string | no | Include all events across a user's projects. | -| `sort` | string | no | Sort events in `asc` or `desc` order by `created_at`. Default is `desc` | +| `sort` | string | no | Sort events in `asc` or `desc` order by `created_at`. Default is `desc`. | Example request: @@ -148,9 +148,9 @@ Parameters: | `id` | integer | yes | The ID or Username of the user | | `action` | string | no | Include only events of a particular [action type](#action-types) | | `target_type` | string | no | Include only events of a particular [target type](#target-types) | -| `before` | date | no | Include only events created before a particular date. Please see [here for the supported format](#date-formatting) | -| `after` | date | no | Include only events created after a particular date. Please see [here for the supported format](#date-formatting) | -| `sort` | string | no | Sort events in `asc` or `desc` order by `created_at`. Default is `desc` | +| `before` | date | no | Include only events created before a particular date. [View how to format dates](#date-formatting). | +| `after` | date | no | Include only events created after a particular date. [View how to format dates](#date-formatting). | +| `sort` | string | no | Sort events in `asc` or `desc` order by `created_at`. Default is `desc`. | | `page` | integer | no | The page of results to return. Defaults to 1. | | `per_page` | integer | no | The number of results per page. Defaults to 20. | @@ -286,9 +286,9 @@ Parameters: | `project_id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | | `action` | string | no | Include only events of a particular [action type](#action-types) | | `target_type` | string | no | Include only events of a particular [target type](#target-types) | -| `before` | date | no | Include only events created before a particular date. Please see [here for the supported format](#date-formatting) | -| `after` | date | no | Include only events created after a particular date. Please see [here for the supported format](#date-formatting) | -| `sort` | string | no | Sort events in `asc` or `desc` order by `created_at`. Default is `desc` | +| `before` | date | no | Include only events created before a particular date. [View how to format dates](#date-formatting). | +| `after` | date | no | Include only events created after a particular date. [View how to format dates](#date-formatting). | +| `sort` | string | no | Sort events in `asc` or `desc` order by `created_at`. Default is `desc`. | Example request: @@ -301,7 +301,7 @@ Example response: ```json [ { - "id": 8 + "id": 8, "title":null, "project_id":1, "action_name":"opened", diff --git a/doc/api/feature_flag_user_lists.md b/doc/api/feature_flag_user_lists.md index e0a5fe99663..af8b3fcc71e 100644 --- a/doc/api/feature_flag_user_lists.md +++ b/doc/api/feature_flag_user_lists.md @@ -126,7 +126,7 @@ Example response: "iid": 1, "project_id": 1, "created_at": "2020-02-04T08:13:10.507Z", - "updated_at": "2020-02-04T08:13:10.507Z", + "updated_at": "2020-02-04T08:13:10.507Z" } ``` diff --git a/doc/api/feature_flags.md b/doc/api/feature_flags.md index fa5481b12a7..50cb9b1141e 100644 --- a/doc/api/feature_flags.md +++ b/doc/api/feature_flags.md @@ -70,7 +70,7 @@ Example response: "version": "new_version_flag", "created_at":"2019-11-04T08:13:10.507Z", "updated_at":"2019-11-04T08:13:10.507Z", - "scopes":[] + "scopes":[], "strategies": [ { "id": 2, diff --git a/doc/api/geo_nodes.md b/doc/api/geo_nodes.md index 38f11d8dfe2..7926aeeeed7 100644 --- a/doc/api/geo_nodes.md +++ b/doc/api/geo_nodes.md @@ -362,9 +362,6 @@ Example response: "wikis_checksum_mismatch_count": 1, "repositories_retrying_verification_count": 1, "wikis_retrying_verification_count": 3, - "repositories_checked_count": 7, - "repositories_checked_failed_count": 2, - "repositories_checked_in_percentage": "17.07%", "last_event_id": 23, "last_event_timestamp": 1509681166, "cursor_last_event_id": null, diff --git a/doc/api/graphql/audit_report.md b/doc/api/graphql/audit_report.md index 74ac8710160..a68af6e8646 100644 --- a/doc/api/graphql/audit_report.md +++ b/doc/api/graphql/audit_report.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/graphql/getting_started.md b/doc/api/graphql/getting_started.md index fe92b17a121..b48ce48f6c3 100644 --- a/doc/api/graphql/getting_started.md +++ b/doc/api/graphql/getting_started.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/graphql/index.md b/doc/api/graphql/index.md index ace41e0e92d..5864e5878b7 100644 --- a/doc/api/graphql/index.md +++ b/doc/api/graphql/index.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index e353346b0b1..7f496e1aded 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -24,19 +24,21 @@ Fields that are deprecated are marked with **{warning-solid}**. Items (fields, enums, etc) that have been removed according to our [deprecation process](../index.md#deprecation-and-removal-process) can be found in [Removed Items](../removed_items.md). -<!-- vale gitlab.Spelling = NO --> +<!-- vale off --> +<!-- Docs linting disabled after this line. --> +<!-- See https://docs.gitlab.com/ee/development/documentation/testing.html#disable-vale-tests --> ## `Query` type The `Query` type contains the API's top-level entry points for all executable queries. -### `ciApplicationSettings` +### `Query.ciApplicationSettings` CI related settings that apply to the entire instance. Returns [`CiApplicationSettings`](#ciapplicationsettings). -### `ciConfig` +### `Query.ciConfig` Linted and processed contents of a CI config. Should not be requested more than once per request. @@ -47,11 +49,11 @@ Returns [`CiConfig`](#ciconfig). | Name | Type | Description | | ---- | ---- | ----------- | -| `content` | [`String!`](#string) | Contents of `.gitlab-ci.yml`. | -| `dryRun` | [`Boolean`](#boolean) | Run pipeline creation simulation, or only do static check. | -| `projectPath` | [`ID!`](#id) | The project of the CI config. | +| <a id="queryciconfigcontent"></a>`content` | [`String!`](#string) | Contents of `.gitlab-ci.yml`. | +| <a id="queryciconfigdryrun"></a>`dryRun` | [`Boolean`](#boolean) | Run pipeline creation simulation, or only do static check. | +| <a id="queryciconfigprojectpath"></a>`projectPath` | [`ID!`](#id) | The project of the CI config. | -### `containerRepository` +### `Query.containerRepository` Find a container repository. @@ -61,44 +63,44 @@ Returns [`ContainerRepositoryDetails`](#containerrepositorydetails). | Name | Type | Description | | ---- | ---- | ----------- | -| `id` | [`ContainerRepositoryID!`](#containerrepositoryid) | The global ID of the container repository. | +| <a id="querycontainerrepositoryid"></a>`id` | [`ContainerRepositoryID!`](#containerrepositoryid) | The global ID of the container repository. | -### `currentLicense` +### `Query.currentLicense` Fields related to the current license. Returns [`CurrentLicense`](#currentlicense). -### `currentUser` +### `Query.currentUser` Get information about current user. -Returns [`User`](#user). +Returns [`UserCore`](#usercore). -### `designManagement` +### `Query.designManagement` Fields related to design management. Returns [`DesignManagement!`](#designmanagement). -### `devopsAdoptionSegments` +### `Query.devopsAdoptionSegments` -Get configured DevOps adoption segments on the instance. +Get configured DevOps adoption segments on the instance. **BETA** This endpoint is subject to change without notice. Returns [`DevopsAdoptionSegmentConnection`](#devopsadoptionsegmentconnection). +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | -| `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `directDescendantsOnly` | [`Boolean`](#boolean) | Limits segments to direct descendants of specified parent. | -| `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | -| `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | -| `parentNamespaceId` | [`NamespaceID`](#namespaceid) | Filter by ancestor namespace. | +| <a id="querydevopsadoptionsegmentsdirectdescendantsonly"></a>`directDescendantsOnly` | [`Boolean`](#boolean) | Limits segments to direct descendants of specified parent. | +| <a id="querydevopsadoptionsegmentsparentnamespaceid"></a>`parentNamespaceId` | [`NamespaceID`](#namespaceid) | Filter by ancestor namespace. | -### `echo` +### `Query.echo` Testing endpoint to validate the API with. @@ -108,9 +110,9 @@ Returns [`String!`](#string). | Name | Type | Description | | ---- | ---- | ----------- | -| `text` | [`String!`](#string) | Text to echo back. | +| <a id="queryechotext"></a>`text` | [`String!`](#string) | Text to echo back. | -### `geoNode` +### `Query.geoNode` Find a Geo node. @@ -120,9 +122,9 @@ Returns [`GeoNode`](#geonode). | Name | Type | Description | | ---- | ---- | ----------- | -| `name` | [`String`](#string) | The name of the Geo node. Defaults to the current Geo node name. | +| <a id="querygeonodename"></a>`name` | [`String`](#string) | The name of the Geo node. Defaults to the current Geo node name. | -### `group` +### `Query.group` Find a group. @@ -132,40 +134,40 @@ Returns [`Group`](#group). | Name | Type | Description | | ---- | ---- | ----------- | -| `fullPath` | [`ID!`](#id) | The full path of the project, group or namespace, e.g., `gitlab-org/gitlab-foss`. | +| <a id="querygroupfullpath"></a>`fullPath` | [`ID!`](#id) | The full path of the project, group or namespace, e.g., `gitlab-org/gitlab-foss`. | -### `instanceSecurityDashboard` +### `Query.instanceSecurityDashboard` Fields related to Instance Security Dashboard. Returns [`InstanceSecurityDashboard`](#instancesecuritydashboard). -### `instanceStatisticsMeasurements` +### `Query.instanceStatisticsMeasurements` Get statistics on the instance. WARNING: **Deprecated** in 13.10. This was renamed. -Use: `Query.usageTrendsMeasurements`. +Use: [`Query.usageTrendsMeasurements`](#queryusagetrendsmeasurements). Returns [`UsageTrendsMeasurementConnection`](#usagetrendsmeasurementconnection). +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | -| `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | -| `identifier` | [`MeasurementIdentifier!`](#measurementidentifier) | The type of measurement/statistics to retrieve. | -| `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | -| `recordedAfter` | [`Time`](#time) | Measurement recorded after this date. | -| `recordedBefore` | [`Time`](#time) | Measurement recorded before this date. | +| <a id="queryinstancestatisticsmeasurementsidentifier"></a>`identifier` | [`MeasurementIdentifier!`](#measurementidentifier) | The type of measurement/statistics to retrieve. | +| <a id="queryinstancestatisticsmeasurementsrecordedafter"></a>`recordedAfter` | [`Time`](#time) | Measurement recorded after this date. | +| <a id="queryinstancestatisticsmeasurementsrecordedbefore"></a>`recordedBefore` | [`Time`](#time) | Measurement recorded before this date. | -### `issue` +### `Query.issue` -Find an Issue. +Find an issue. Returns [`Issue`](#issue). @@ -173,9 +175,9 @@ Returns [`Issue`](#issue). | Name | Type | Description | | ---- | ---- | ----------- | -| `id` | [`IssueID!`](#issueid) | The global ID of the Issue. | +| <a id="queryissueid"></a>`id` | [`IssueID!`](#issueid) | The global ID of the issue. | -### `iteration` +### `Query.iteration` Find an iteration. @@ -185,30 +187,37 @@ Returns [`Iteration`](#iteration). | Name | Type | Description | | ---- | ---- | ----------- | -| `id` | [`IterationID!`](#iterationid) | Find an iteration by its ID. | +| <a id="queryiterationid"></a>`id` | [`IterationID!`](#iterationid) | Find an iteration by its ID. | -### `licenseHistoryEntries` +### `Query.licenseHistoryEntries` Fields related to entries in the license history. Returns [`LicenseHistoryEntryConnection`](#licensehistoryentryconnection). +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +### `Query.mergeRequest` + +Find a merge request. + +Returns [`MergeRequest`](#mergerequest). + #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | -| `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | -| `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | +| <a id="querymergerequestid"></a>`id` | [`MergeRequestID!`](#mergerequestid) | The global ID of the merge request. | -### `metadata` +### `Query.metadata` Metadata about GitLab. Returns [`Metadata`](#metadata). -### `milestone` +### `Query.milestone` Find a milestone. @@ -218,9 +227,9 @@ Returns [`Milestone`](#milestone). | Name | Type | Description | | ---- | ---- | ----------- | -| `id` | [`MilestoneID!`](#milestoneid) | Find a milestone by its ID. | +| <a id="querymilestoneid"></a>`id` | [`MilestoneID!`](#milestoneid) | Find a milestone by its ID. | -### `namespace` +### `Query.namespace` Find a namespace. @@ -230,9 +239,9 @@ Returns [`Namespace`](#namespace). | Name | Type | Description | | ---- | ---- | ----------- | -| `fullPath` | [`ID!`](#id) | The full path of the project, group or namespace, e.g., `gitlab-org/gitlab-foss`. | +| <a id="querynamespacefullpath"></a>`fullPath` | [`ID!`](#id) | The full path of the project, group or namespace, e.g., `gitlab-org/gitlab-foss`. | -### `package` +### `Query.package` Find a package. @@ -242,9 +251,9 @@ Returns [`PackageDetailsType`](#packagedetailstype). | Name | Type | Description | | ---- | ---- | ----------- | -| `id` | [`PackagesPackageID!`](#packagespackageid) | The global ID of the package. | +| <a id="querypackageid"></a>`id` | [`PackagesPackageID!`](#packagespackageid) | The global ID of the package. | -### `project` +### `Query.project` Find a project. @@ -254,44 +263,51 @@ Returns [`Project`](#project). | Name | Type | Description | | ---- | ---- | ----------- | -| `fullPath` | [`ID!`](#id) | The full path of the project, group or namespace, e.g., `gitlab-org/gitlab-foss`. | +| <a id="queryprojectfullpath"></a>`fullPath` | [`ID!`](#id) | The full path of the project, group or namespace, e.g., `gitlab-org/gitlab-foss`. | -### `projects` +### `Query.projects` Find projects visible to the current user. Returns [`ProjectConnection`](#projectconnection). +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | -| `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | -| `ids` | [`[ID!]`](#id) | Filter projects by IDs. | -| `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | -| `membership` | [`Boolean`](#boolean) | Limit projects that the current user is a member of. | -| `search` | [`String`](#string) | Search query for project name, path, or description. | -| `searchNamespaces` | [`Boolean`](#boolean) | Include namespace in project search. | -| `sort` | [`String`](#string) | Sort order of results. | +| <a id="queryprojectsids"></a>`ids` | [`[ID!]`](#id) | Filter projects by IDs. | +| <a id="queryprojectsmembership"></a>`membership` | [`Boolean`](#boolean) | Limit projects that the current user is a member of. | +| <a id="queryprojectssearch"></a>`search` | [`String`](#string) | Search query for project name, path, or description. | +| <a id="queryprojectssearchnamespaces"></a>`searchNamespaces` | [`Boolean`](#boolean) | Include namespace in project search. | +| <a id="queryprojectssort"></a>`sort` | [`String`](#string) | Sort order of results. | -### `runnerPlatforms` +### `Query.runner` -Supported runner platforms. +Find a runner. Available only when feature flag `runner_graphql_query` is enabled. -Returns [`RunnerPlatformConnection`](#runnerplatformconnection). +Returns [`CiRunner`](#cirunner). #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | -| `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | -| `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | +| <a id="queryrunnerid"></a>`id` | [`CiRunnerID!`](#cirunnerid) | Runner ID. | + +### `Query.runnerPlatforms` -### `runnerSetup` +Supported runner platforms. + +Returns [`RunnerPlatformConnection`](#runnerplatformconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +### `Query.runnerSetup` Runner setup instructions. @@ -301,125 +317,144 @@ Returns [`RunnerSetup`](#runnersetup). | Name | Type | Description | | ---- | ---- | ----------- | -| `architecture` | [`String!`](#string) | Architecture to generate the instructions for. | -| `groupId` | [`GroupID`](#groupid) | Group to register the runner for. Deprecated in 13.11: No longer used. | -| `platform` | [`String!`](#string) | Platform to generate the instructions for. | -| `projectId` | [`ProjectID`](#projectid) | Project to register the runner for. Deprecated in 13.11: No longer used. | +| <a id="queryrunnersetuparchitecture"></a>`architecture` | [`String!`](#string) | Architecture to generate the instructions for. | +| <a id="queryrunnersetupgroupid"></a>`groupId` **{warning-solid}** | [`GroupID`](#groupid) | **Deprecated** in 13.11. No longer used. | +| <a id="queryrunnersetupplatform"></a>`platform` | [`String!`](#string) | Platform to generate the instructions for. | +| <a id="queryrunnersetupprojectid"></a>`projectId` **{warning-solid}** | [`ProjectID`](#projectid) | **Deprecated** in 13.11. No longer used. | + +### `Query.runners` + +Find runners visible to the current user. Available only when feature flag `runner_graphql_query` is enabled. + +Returns [`CiRunnerConnection`](#cirunnerconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="queryrunnerssort"></a>`sort` | [`CiRunnerSort`](#cirunnersort) | Sort order of results. | +| <a id="queryrunnersstatus"></a>`status` | [`CiRunnerStatus`](#cirunnerstatus) | Filter runners by status. | +| <a id="queryrunnerstaglist"></a>`tagList` | [`[String!]`](#string) | Filter by tags associated with the runner (comma-separated or array). | +| <a id="queryrunnerstype"></a>`type` | [`CiRunnerType`](#cirunnertype) | Filter runners by type. | -### `snippets` +### `Query.snippets` Find Snippets visible to the current user. Returns [`SnippetConnection`](#snippetconnection). +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | -| `authorId` | [`UserID`](#userid) | The ID of an author. | -| `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `explore` | [`Boolean`](#boolean) | Explore personal snippets. | -| `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | -| `ids` | [`[SnippetID!]`](#snippetid) | Array of global snippet IDs. For example, `gid://gitlab/ProjectSnippet/1`. | -| `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | -| `projectId` | [`ProjectID`](#projectid) | The ID of a project. | -| `type` | [`TypeEnum`](#typeenum) | The type of snippet. | -| `visibility` | [`VisibilityScopesEnum`](#visibilityscopesenum) | The visibility of the snippet. | +| <a id="querysnippetsauthorid"></a>`authorId` | [`UserID`](#userid) | The ID of an author. | +| <a id="querysnippetsexplore"></a>`explore` | [`Boolean`](#boolean) | Explore personal snippets. | +| <a id="querysnippetsids"></a>`ids` | [`[SnippetID!]`](#snippetid) | Array of global snippet IDs. For example, `gid://gitlab/ProjectSnippet/1`. | +| <a id="querysnippetsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The ID of a project. | +| <a id="querysnippetstype"></a>`type` | [`TypeEnum`](#typeenum) | The type of snippet. | +| <a id="querysnippetsvisibility"></a>`visibility` | [`VisibilityScopesEnum`](#visibilityscopesenum) | The visibility of the snippet. | -### `usageTrendsMeasurements` +### `Query.usageTrendsMeasurements` Get statistics on the instance. Returns [`UsageTrendsMeasurementConnection`](#usagetrendsmeasurementconnection). +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | -| `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | -| `identifier` | [`MeasurementIdentifier!`](#measurementidentifier) | The type of measurement/statistics to retrieve. | -| `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | -| `recordedAfter` | [`Time`](#time) | Measurement recorded after this date. | -| `recordedBefore` | [`Time`](#time) | Measurement recorded before this date. | +| <a id="queryusagetrendsmeasurementsidentifier"></a>`identifier` | [`MeasurementIdentifier!`](#measurementidentifier) | The type of measurement/statistics to retrieve. | +| <a id="queryusagetrendsmeasurementsrecordedafter"></a>`recordedAfter` | [`Time`](#time) | Measurement recorded after this date. | +| <a id="queryusagetrendsmeasurementsrecordedbefore"></a>`recordedBefore` | [`Time`](#time) | Measurement recorded before this date. | -### `user` +### `Query.user` Find a user. -Returns [`User`](#user). +Returns [`UserCore`](#usercore). #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `id` | [`UserID`](#userid) | ID of the User. | -| `username` | [`String`](#string) | Username of the User. | +| <a id="queryuserid"></a>`id` | [`UserID`](#userid) | ID of the User. | +| <a id="queryuserusername"></a>`username` | [`String`](#string) | Username of the User. | -### `users` +### `Query.users` Find users. -Returns [`UserConnection`](#userconnection). +Returns [`UserCoreConnection`](#usercoreconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `admins` | [`Boolean`](#boolean) | Return only admin users. | -| `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | -| `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | -| `ids` | [`[ID!]`](#id) | List of user Global IDs. | -| `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | -| `search` | [`String`](#string) | Query to search users by name, username, or primary email. | -| `sort` | [`Sort`](#sort) | Sort users by this criteria. | -| `usernames` | [`[String!]`](#string) | List of usernames. | +| <a id="queryusersadmins"></a>`admins` | [`Boolean`](#boolean) | Return only admin users. | +| <a id="queryusersids"></a>`ids` | [`[ID!]`](#id) | List of user Global IDs. | +| <a id="queryuserssearch"></a>`search` | [`String`](#string) | Query to search users by name, username, or primary email. | +| <a id="queryuserssort"></a>`sort` | [`Sort`](#sort) | Sort users by this criteria. | +| <a id="queryusersusernames"></a>`usernames` | [`[String!]`](#string) | List of usernames. | -### `vulnerabilities` +### `Query.vulnerabilities` Vulnerabilities reported on projects on the current user's instance security dashboard. Returns [`VulnerabilityConnection`](#vulnerabilityconnection). +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | -| `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | -| `hasIssues` | [`Boolean`](#boolean) | Returns only the vulnerabilities which have linked issues. | -| `hasResolution` | [`Boolean`](#boolean) | Returns only the vulnerabilities which have been resolved on default branch. | -| `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | -| `projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. | -| `reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. | -| `scanner` | [`[String!]`](#string) | Filter vulnerabilities by VulnerabilityScanner.externalId. | -| `scannerId` | [`[VulnerabilitiesScannerID!]`](#vulnerabilitiesscannerid) | Filter vulnerabilities by scanner ID. | -| `severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. | -| `sort` | [`VulnerabilitySort`](#vulnerabilitysort) | List vulnerabilities by sort order. | -| `state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. | - -### `vulnerabilitiesCountByDay` +| <a id="queryvulnerabilitieshasissues"></a>`hasIssues` | [`Boolean`](#boolean) | Returns only the vulnerabilities which have linked issues. | +| <a id="queryvulnerabilitieshasresolution"></a>`hasResolution` | [`Boolean`](#boolean) | Returns only the vulnerabilities which have been resolved on default branch. | +| <a id="queryvulnerabilitiesprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. | +| <a id="queryvulnerabilitiesreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. | +| <a id="queryvulnerabilitiesscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by VulnerabilityScanner.externalId. | +| <a id="queryvulnerabilitiesscannerid"></a>`scannerId` | [`[VulnerabilitiesScannerID!]`](#vulnerabilitiesscannerid) | Filter vulnerabilities by scanner ID. | +| <a id="queryvulnerabilitiesseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. | +| <a id="queryvulnerabilitiessort"></a>`sort` | [`VulnerabilitySort`](#vulnerabilitysort) | List vulnerabilities by sort order. | +| <a id="queryvulnerabilitiesstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. | + +### `Query.vulnerabilitiesCountByDay` Number of vulnerabilities per day for the projects on the current user's instance security dashboard. Returns [`VulnerabilitiesCountByDayConnection`](#vulnerabilitiescountbydayconnection). +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | -| `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | -| `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `endDate` | [`ISO8601Date!`](#iso8601date) | Last day for which to fetch vulnerability history. | -| `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | -| `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | -| `startDate` | [`ISO8601Date!`](#iso8601date) | First day for which to fetch vulnerability history. | +| <a id="queryvulnerabilitiescountbydayenddate"></a>`endDate` | [`ISO8601Date!`](#iso8601date) | Last day for which to fetch vulnerability history. | +| <a id="queryvulnerabilitiescountbydaystartdate"></a>`startDate` | [`ISO8601Date!`](#iso8601date) | First day for which to fetch vulnerability history. | -### `vulnerabilitiesCountByDayAndSeverity` +### `Query.vulnerabilitiesCountByDayAndSeverity` Number of vulnerabilities per severity level, per day, for the projects on the current user's instance security dashboard. @@ -428,7135 +463,13032 @@ current user's instance security dashboard. WARNING: **Deprecated** in 13.3. Use of this is not recommended. -Use: `Query.vulnerabilitiesCountByDay`. +Use: [`Query.vulnerabilitiesCountByDay`](#queryvulnerabilitiescountbyday). Returns [`VulnerabilitiesCountByDayAndSeverityConnection`](#vulnerabilitiescountbydayandseverityconnection). +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="queryvulnerabilitiescountbydayandseverityenddate"></a>`endDate` | [`ISO8601Date!`](#iso8601date) | Last day for which to fetch vulnerability history. | +| <a id="queryvulnerabilitiescountbydayandseveritystartdate"></a>`startDate` | [`ISO8601Date!`](#iso8601date) | First day for which to fetch vulnerability history. | + +### `Query.vulnerability` + +Find a vulnerability. + +Returns [`Vulnerability`](#vulnerability). + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="queryvulnerabilityid"></a>`id` | [`VulnerabilityID!`](#vulnerabilityid) | The Global ID of the Vulnerability. | + +## `Mutation` type + +The `Mutation` type contains all the mutations you can execute. + +All mutations receive their arguments in a single input object named `input`, and all mutations +support at least a return field `errors` containing a list of error messages. + +All input objects may have a `clientMutationId: String` field, identifying the mutation. + +For example: + +```graphql +mutation($id: NoteableID!, $body: String!) { + createNote(input: { noteableId: $id, body: $body }) { + errors + } +} +``` + +### `Mutation.addAwardEmoji` + +WARNING: +**Deprecated** in 13.2. +Use awardEmojiAdd. + +Input type: `AddAwardEmojiInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationaddawardemojiawardableid"></a>`awardableId` | [`AwardableID!`](#awardableid) | The global ID of the awardable resource. | +| <a id="mutationaddawardemojiclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationaddawardemojiname"></a>`name` | [`String!`](#string) | The emoji name. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationaddawardemojiawardemoji"></a>`awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | +| <a id="mutationaddawardemojiclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationaddawardemojierrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.addProjectToSecurityDashboard` + +Input type: `AddProjectToSecurityDashboardInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationaddprojecttosecuritydashboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationaddprojecttosecuritydashboardid"></a>`id` | [`ProjectID!`](#projectid) | ID of the project to be added to Instance Security Dashboard. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationaddprojecttosecuritydashboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationaddprojecttosecuritydashboarderrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationaddprojecttosecuritydashboardproject"></a>`project` | [`Project`](#project) | Project that was added to the Instance Security Dashboard. | + +### `Mutation.adminSidekiqQueuesDeleteJobs` + +Input type: `AdminSidekiqQueuesDeleteJobsInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationadminsidekiqqueuesdeletejobscallerid"></a>`callerId` | [`String`](#string) | Delete jobs matching caller_id in the context metadata. | +| <a id="mutationadminsidekiqqueuesdeletejobsclientid"></a>`clientId` | [`String`](#string) | Delete jobs matching client_id in the context metadata. | +| <a id="mutationadminsidekiqqueuesdeletejobsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationadminsidekiqqueuesdeletejobsfeaturecategory"></a>`featureCategory` | [`String`](#string) | Delete jobs matching feature_category in the context metadata. | +| <a id="mutationadminsidekiqqueuesdeletejobsproject"></a>`project` | [`String`](#string) | Delete jobs matching project in the context metadata. | +| <a id="mutationadminsidekiqqueuesdeletejobsqueuename"></a>`queueName` | [`String!`](#string) | The name of the queue to delete jobs from. | +| <a id="mutationadminsidekiqqueuesdeletejobsrelatedclass"></a>`relatedClass` | [`String`](#string) | Delete jobs matching related_class in the context metadata. | +| <a id="mutationadminsidekiqqueuesdeletejobsremoteip"></a>`remoteIp` | [`String`](#string) | Delete jobs matching remote_ip in the context metadata. | +| <a id="mutationadminsidekiqqueuesdeletejobsrootnamespace"></a>`rootNamespace` | [`String`](#string) | Delete jobs matching root_namespace in the context metadata. | +| <a id="mutationadminsidekiqqueuesdeletejobssubscriptionplan"></a>`subscriptionPlan` | [`String`](#string) | Delete jobs matching subscription_plan in the context metadata. | +| <a id="mutationadminsidekiqqueuesdeletejobsuser"></a>`user` | [`String`](#string) | Delete jobs matching user in the context metadata. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationadminsidekiqqueuesdeletejobsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationadminsidekiqqueuesdeletejobserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationadminsidekiqqueuesdeletejobsresult"></a>`result` | [`DeleteJobsResponse`](#deletejobsresponse) | Information about the status of the deletion request. | + +### `Mutation.alertSetAssignees` + +Input type: `AlertSetAssigneesInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationalertsetassigneesassigneeusernames"></a>`assigneeUsernames` | [`[String!]!`](#string) | The usernames to assign to the alert. Replaces existing assignees by default. | +| <a id="mutationalertsetassigneesclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationalertsetassigneesiid"></a>`iid` | [`String!`](#string) | The IID of the alert to mutate. | +| <a id="mutationalertsetassigneesoperationmode"></a>`operationMode` | [`MutationOperationMode`](#mutationoperationmode) | The operation to perform. Defaults to REPLACE. | +| <a id="mutationalertsetassigneesprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the alert to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationalertsetassigneesalert"></a>`alert` | [`AlertManagementAlert`](#alertmanagementalert) | The alert after mutation. | +| <a id="mutationalertsetassigneesclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationalertsetassigneeserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationalertsetassigneesissue"></a>`issue` | [`Issue`](#issue) | The issue created after mutation. | +| <a id="mutationalertsetassigneestodo"></a>`todo` | [`Todo`](#todo) | The to-do item after mutation. | + +### `Mutation.alertTodoCreate` + +Input type: `AlertTodoCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationalerttodocreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationalerttodocreateiid"></a>`iid` | [`String!`](#string) | The IID of the alert to mutate. | +| <a id="mutationalerttodocreateprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the alert to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationalerttodocreatealert"></a>`alert` | [`AlertManagementAlert`](#alertmanagementalert) | The alert after mutation. | +| <a id="mutationalerttodocreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationalerttodocreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationalerttodocreateissue"></a>`issue` | [`Issue`](#issue) | The issue created after mutation. | +| <a id="mutationalerttodocreatetodo"></a>`todo` | [`Todo`](#todo) | The to-do item after mutation. | + +### `Mutation.apiFuzzingCiConfigurationCreate` + +Input type: `ApiFuzzingCiConfigurationCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationapifuzzingciconfigurationcreateapispecificationfile"></a>`apiSpecificationFile` | [`String!`](#string) | File path or URL to the file that defines the API surface for scanning. Must be in the format specified by the `scanMode` argument. | +| <a id="mutationapifuzzingciconfigurationcreateauthpassword"></a>`authPassword` | [`String`](#string) | CI variable containing the password for authenticating with the target API. | +| <a id="mutationapifuzzingciconfigurationcreateauthusername"></a>`authUsername` | [`String`](#string) | CI variable containing the username for authenticating with the target API. | +| <a id="mutationapifuzzingciconfigurationcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationapifuzzingciconfigurationcreateprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project. | +| <a id="mutationapifuzzingciconfigurationcreatescanmode"></a>`scanMode` | [`ApiFuzzingScanMode!`](#apifuzzingscanmode) | The mode for API fuzzing scans. | +| <a id="mutationapifuzzingciconfigurationcreatescanprofile"></a>`scanProfile` | [`String`](#string) | Name of a default profile to use for scanning. Ex: Quick-10. | +| <a id="mutationapifuzzingciconfigurationcreatetarget"></a>`target` | [`String!`](#string) | URL for the target of API fuzzing scans. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationapifuzzingciconfigurationcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationapifuzzingciconfigurationcreateconfigurationyaml"></a>`configurationYaml` | [`String`](#string) | A YAML snippet that can be inserted into the project's `.gitlab-ci.yml` to set up API fuzzing scans. | +| <a id="mutationapifuzzingciconfigurationcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationapifuzzingciconfigurationcreategitlabciyamleditpath"></a>`gitlabCiYamlEditPath` | [`String`](#string) | The location at which the project's `.gitlab-ci.yml` file can be edited in the browser. | + +### `Mutation.awardEmojiAdd` + +Input type: `AwardEmojiAddInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationawardemojiaddawardableid"></a>`awardableId` | [`AwardableID!`](#awardableid) | The global ID of the awardable resource. | +| <a id="mutationawardemojiaddclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationawardemojiaddname"></a>`name` | [`String!`](#string) | The emoji name. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationawardemojiaddawardemoji"></a>`awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | +| <a id="mutationawardemojiaddclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationawardemojiadderrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.awardEmojiRemove` + +Input type: `AwardEmojiRemoveInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationawardemojiremoveawardableid"></a>`awardableId` | [`AwardableID!`](#awardableid) | The global ID of the awardable resource. | +| <a id="mutationawardemojiremoveclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationawardemojiremovename"></a>`name` | [`String!`](#string) | The emoji name. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationawardemojiremoveawardemoji"></a>`awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | +| <a id="mutationawardemojiremoveclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationawardemojiremoveerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.awardEmojiToggle` + +Input type: `AwardEmojiToggleInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationawardemojitoggleawardableid"></a>`awardableId` | [`AwardableID!`](#awardableid) | The global ID of the awardable resource. | +| <a id="mutationawardemojitoggleclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationawardemojitogglename"></a>`name` | [`String!`](#string) | The emoji name. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationawardemojitoggleawardemoji"></a>`awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | +| <a id="mutationawardemojitoggleclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationawardemojitoggleerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationawardemojitoggletoggledon"></a>`toggledOn` | [`Boolean!`](#boolean) | Indicates the status of the emoji. True if the toggle awarded the emoji, and false if the toggle removed the emoji. | + +### `Mutation.boardListCreate` + +Input type: `BoardListCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationboardlistcreateassigneeid"></a>`assigneeId` | [`UserID`](#userid) | Global ID of an existing user. | +| <a id="mutationboardlistcreatebacklog"></a>`backlog` | [`Boolean`](#boolean) | Create the backlog list. | +| <a id="mutationboardlistcreateboardid"></a>`boardId` | [`BoardID!`](#boardid) | Global ID of the issue board to mutate. | +| <a id="mutationboardlistcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationboardlistcreateiterationid"></a>`iterationId` | [`IterationID`](#iterationid) | Global ID of an existing iteration. | +| <a id="mutationboardlistcreatelabelid"></a>`labelId` | [`LabelID`](#labelid) | Global ID of an existing label. | +| <a id="mutationboardlistcreatemilestoneid"></a>`milestoneId` | [`MilestoneID`](#milestoneid) | Global ID of an existing milestone. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationboardlistcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationboardlistcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationboardlistcreatelist"></a>`list` | [`BoardList`](#boardlist) | Issue list in the issue board. | + +### `Mutation.boardListUpdateLimitMetrics` + +Input type: `BoardListUpdateLimitMetricsInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationboardlistupdatelimitmetricsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationboardlistupdatelimitmetricslimitmetric"></a>`limitMetric` | [`ListLimitMetric`](#listlimitmetric) | The new limit metric type for the list. | +| <a id="mutationboardlistupdatelimitmetricslistid"></a>`listId` | [`ListID!`](#listid) | The global ID of the list. | +| <a id="mutationboardlistupdatelimitmetricsmaxissuecount"></a>`maxIssueCount` | [`Int`](#int) | The new maximum issue count limit. | +| <a id="mutationboardlistupdatelimitmetricsmaxissueweight"></a>`maxIssueWeight` | [`Int`](#int) | The new maximum issue weight limit. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationboardlistupdatelimitmetricsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationboardlistupdatelimitmetricserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationboardlistupdatelimitmetricslist"></a>`list` | [`BoardList`](#boardlist) | The updated list. | + +### `Mutation.bulkFindOrCreateDevopsAdoptionSegments` + +**BETA** This endpoint is subject to change without notice. + +Input type: `BulkFindOrCreateDevopsAdoptionSegmentsInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationbulkfindorcreatedevopsadoptionsegmentsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationbulkfindorcreatedevopsadoptionsegmentsnamespaceids"></a>`namespaceIds` | [`[NamespaceID!]!`](#namespaceid) | List of Namespace IDs for the segments. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationbulkfindorcreatedevopsadoptionsegmentsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationbulkfindorcreatedevopsadoptionsegmentserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationbulkfindorcreatedevopsadoptionsegmentssegments"></a>`segments` | [`[DevopsAdoptionSegment!]`](#devopsadoptionsegment) | Created segments after mutation. | + +### `Mutation.ciCdSettingsUpdate` + +Input type: `CiCdSettingsUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcicdsettingsupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcicdsettingsupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Full Path of the project the settings belong to. | +| <a id="mutationcicdsettingsupdatekeeplatestartifact"></a>`keepLatestArtifact` | [`Boolean`](#boolean) | Indicates if the latest artifact should be kept for this project. | +| <a id="mutationcicdsettingsupdatemergepipelinesenabled"></a>`mergePipelinesEnabled` | [`Boolean`](#boolean) | Indicates if merge pipelines are enabled for the project. | +| <a id="mutationcicdsettingsupdatemergetrainsenabled"></a>`mergeTrainsEnabled` | [`Boolean`](#boolean) | Indicates if merge trains are enabled for the project. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcicdsettingsupdatecicdsettings"></a>`ciCdSettings` | [`ProjectCiCdSetting!`](#projectcicdsetting) | The CI/CD settings after mutation. | +| <a id="mutationcicdsettingsupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcicdsettingsupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.clusterAgentDelete` + +Input type: `ClusterAgentDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationclusteragentdeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationclusteragentdeleteid"></a>`id` | [`ClustersAgentID!`](#clustersagentid) | Global ID of the cluster agent that will be deleted. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationclusteragentdeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationclusteragentdeleteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.clusterAgentTokenCreate` + +Input type: `ClusterAgentTokenCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationclusteragenttokencreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationclusteragenttokencreateclusteragentid"></a>`clusterAgentId` | [`ClustersAgentID!`](#clustersagentid) | Global ID of the cluster agent that will be associated with the new token. | +| <a id="mutationclusteragenttokencreatedescription"></a>`description` | [`String`](#string) | Description of the token. | +| <a id="mutationclusteragenttokencreatename"></a>`name` | [`String!`](#string) | Name of the token. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationclusteragenttokencreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationclusteragenttokencreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationclusteragenttokencreatesecret"></a>`secret` | [`String`](#string) | Token secret value. Make sure you save it - you won't be able to access it again. | +| <a id="mutationclusteragenttokencreatetoken"></a>`token` | [`ClusterAgentToken`](#clusteragenttoken) | Token created after mutation. | + +### `Mutation.clusterAgentTokenDelete` + +Input type: `ClusterAgentTokenDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationclusteragenttokendeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationclusteragenttokendeleteid"></a>`id` | [`ClustersAgentTokenID!`](#clustersagenttokenid) | Global ID of the cluster agent token that will be deleted. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationclusteragenttokendeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationclusteragenttokendeleteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.commitCreate` + +Input type: `CommitCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcommitcreateactions"></a>`actions` | [`[CommitAction!]!`](#commitaction) | Array of action hashes to commit as a batch. | +| <a id="mutationcommitcreatebranch"></a>`branch` | [`String!`](#string) | Name of the branch to commit into, it can be a new branch. | +| <a id="mutationcommitcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcommitcreatemessage"></a>`message` | [`String!`](#string) | Raw commit message. | +| <a id="mutationcommitcreateprojectpath"></a>`projectPath` | [`ID!`](#id) | Project full path the branch is associated with. | +| <a id="mutationcommitcreatestartbranch"></a>`startBranch` | [`String`](#string) | If on a new branch, name of the original branch. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcommitcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcommitcreatecommit"></a>`commit` | [`Commit`](#commit) | The commit after mutation. | +| <a id="mutationcommitcreatecommitpipelinepath"></a>`commitPipelinePath` | [`String`](#string) | ETag path for the commit's pipeline. | +| <a id="mutationcommitcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.configureSast` + +Configure SAST for a project by enabling SAST in a new or modified +`.gitlab-ci.yml` file in a new branch. The new branch and a URL to +create a Merge Request are a part of the response. + +Input type: `ConfigureSastInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationconfiguresastclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationconfiguresastconfiguration"></a>`configuration` | [`SastCiConfigurationInput!`](#sastciconfigurationinput) | SAST CI configuration for the project. | +| <a id="mutationconfiguresastprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationconfiguresastbranch"></a>`branch` | [`String`](#string) | Branch that has the new/modified `.gitlab-ci.yml` file. | +| <a id="mutationconfiguresastclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationconfiguresasterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationconfiguresastsuccesspath"></a>`successPath` | [`String`](#string) | Redirect path to use when the response is successful. | + +### `Mutation.configureSecretDetection` + +Configure Secret Detection for a project by enabling Secret Detection +in a new or modified `.gitlab-ci.yml` file in a new branch. The new +branch and a URL to create a Merge Request are a part of the +response. + +Input type: `ConfigureSecretDetectionInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationconfiguresecretdetectionclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationconfiguresecretdetectionprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationconfiguresecretdetectionbranch"></a>`branch` | [`String`](#string) | Branch that has the new/modified `.gitlab-ci.yml` file. | +| <a id="mutationconfiguresecretdetectionclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationconfiguresecretdetectionerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationconfiguresecretdetectionsuccesspath"></a>`successPath` | [`String`](#string) | Redirect path to use when the response is successful. | + +### `Mutation.createAlertIssue` + +Input type: `CreateAlertIssueInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatealertissueclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatealertissueiid"></a>`iid` | [`String!`](#string) | The IID of the alert to mutate. | +| <a id="mutationcreatealertissueprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the alert to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatealertissuealert"></a>`alert` | [`AlertManagementAlert`](#alertmanagementalert) | The alert after mutation. | +| <a id="mutationcreatealertissueclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatealertissueerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreatealertissueissue"></a>`issue` | [`Issue`](#issue) | The issue created after mutation. | +| <a id="mutationcreatealertissuetodo"></a>`todo` | [`Todo`](#todo) | The to-do item after mutation. | + +### `Mutation.createAnnotation` + +Input type: `CreateAnnotationInput` + #### Arguments | Name | Type | Description | | ---- | ---- | ----------- | +| <a id="mutationcreateannotationclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateannotationclusterid"></a>`clusterId` | [`ClustersClusterID`](#clustersclusterid) | The global ID of the cluster to add an annotation to. | +| <a id="mutationcreateannotationdashboardpath"></a>`dashboardPath` | [`String!`](#string) | The path to a file defining the dashboard on which the annotation should be added. | +| <a id="mutationcreateannotationdescription"></a>`description` | [`String!`](#string) | The description of the annotation. | +| <a id="mutationcreateannotationendingat"></a>`endingAt` | [`Time`](#time) | Timestamp indicating ending moment to which the annotation relates. | +| <a id="mutationcreateannotationenvironmentid"></a>`environmentId` | [`EnvironmentID`](#environmentid) | The global ID of the environment to add an annotation to. | +| <a id="mutationcreateannotationstartingat"></a>`startingAt` | [`Time!`](#time) | Timestamp indicating starting moment to which the annotation relates. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateannotationannotation"></a>`annotation` | [`MetricsDashboardAnnotation`](#metricsdashboardannotation) | The created annotation. | +| <a id="mutationcreateannotationclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateannotationerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.createBoard` + +Input type: `CreateBoardInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateboardassigneeid"></a>`assigneeId` | [`UserID`](#userid) | ID of user to be assigned to the board. | +| <a id="mutationcreateboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateboardgrouppath"></a>`groupPath` | [`ID`](#id) | Full path of the group with which the resource is associated. | +| <a id="mutationcreateboardhidebackloglist"></a>`hideBacklogList` | [`Boolean`](#boolean) | Whether or not backlog list is hidden. | +| <a id="mutationcreateboardhideclosedlist"></a>`hideClosedList` | [`Boolean`](#boolean) | Whether or not closed list is hidden. | +| <a id="mutationcreateboarditerationid"></a>`iterationId` | [`IterationID`](#iterationid) | ID of iteration to be assigned to the board. | +| <a id="mutationcreateboardlabelids"></a>`labelIds` | [`[LabelID!]`](#labelid) | IDs of labels to be added to the board. | +| <a id="mutationcreateboardlabels"></a>`labels` | [`[String!]`](#string) | Labels of the issue. | +| <a id="mutationcreateboardmilestoneid"></a>`milestoneId` | [`MilestoneID`](#milestoneid) | ID of milestone to be assigned to the board. | +| <a id="mutationcreateboardname"></a>`name` | [`String`](#string) | The board name. | +| <a id="mutationcreateboardprojectpath"></a>`projectPath` | [`ID`](#id) | Full path of the project with which the resource is associated. | +| <a id="mutationcreateboardweight"></a>`weight` | [`Int`](#int) | Weight value to be assigned to the board. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateboardboard"></a>`board` | [`Board`](#board) | The board after mutation. | +| <a id="mutationcreateboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateboarderrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.createBranch` + +Input type: `CreateBranchInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatebranchclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatebranchname"></a>`name` | [`String!`](#string) | Name of the branch. | +| <a id="mutationcreatebranchprojectpath"></a>`projectPath` | [`ID!`](#id) | Project full path the branch is associated with. | +| <a id="mutationcreatebranchref"></a>`ref` | [`String!`](#string) | Branch name or commit SHA to create branch from. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatebranchbranch"></a>`branch` | [`Branch`](#branch) | Branch after mutation. | +| <a id="mutationcreatebranchclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatebrancherrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.createClusterAgent` + +Input type: `CreateClusterAgentInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateclusteragentclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateclusteragentname"></a>`name` | [`String!`](#string) | Name of the cluster agent. | +| <a id="mutationcreateclusteragentprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the associated project for this cluster agent. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateclusteragentclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateclusteragentclusteragent"></a>`clusterAgent` | [`ClusterAgent`](#clusteragent) | Cluster agent created after mutation. | +| <a id="mutationcreateclusteragenterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.createComplianceFramework` + +Input type: `CreateComplianceFrameworkInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatecomplianceframeworkclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatecomplianceframeworknamespacepath"></a>`namespacePath` | [`ID!`](#id) | Full path of the namespace to add the compliance framework to. | +| <a id="mutationcreatecomplianceframeworkparams"></a>`params` | [`ComplianceFrameworkInput!`](#complianceframeworkinput) | Parameters to update the compliance framework with. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatecomplianceframeworkclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatecomplianceframeworkerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreatecomplianceframeworkframework"></a>`framework` | [`ComplianceFramework`](#complianceframework) | The created compliance framework. | + +### `Mutation.createCustomEmoji` + +Available only when feature flag `custom_emoji` is enabled. + +Input type: `CreateCustomEmojiInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatecustomemojiclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatecustomemojigrouppath"></a>`groupPath` | [`ID!`](#id) | Namespace full path the emoji is associated with. | +| <a id="mutationcreatecustomemojiname"></a>`name` | [`String!`](#string) | Name of the emoji. | +| <a id="mutationcreatecustomemojiurl"></a>`url` | [`String!`](#string) | Location of the emoji file. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatecustomemojiclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatecustomemojicustomemoji"></a>`customEmoji` | [`CustomEmoji`](#customemoji) | The new custom emoji. | +| <a id="mutationcreatecustomemojierrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.createDevopsAdoptionSegment` + +**BETA** This endpoint is subject to change without notice. + +Input type: `CreateDevopsAdoptionSegmentInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatedevopsadoptionsegmentclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatedevopsadoptionsegmentnamespaceid"></a>`namespaceId` | [`NamespaceID!`](#namespaceid) | Namespace ID to set for the segment. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatedevopsadoptionsegmentclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatedevopsadoptionsegmenterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreatedevopsadoptionsegmentsegment"></a>`segment` | [`DevopsAdoptionSegment`](#devopsadoptionsegment) | The segment after mutation. | + +### `Mutation.createDiffNote` + +Input type: `CreateDiffNoteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatediffnotebody"></a>`body` | [`String!`](#string) | Content of the note. | +| <a id="mutationcreatediffnoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatediffnoteconfidential"></a>`confidential` | [`Boolean`](#boolean) | The confidentiality flag of a note. Default is false. | +| <a id="mutationcreatediffnotenoteableid"></a>`noteableId` | [`NoteableID!`](#noteableid) | The global ID of the resource to add a note to. | +| <a id="mutationcreatediffnoteposition"></a>`position` | [`DiffPositionInput!`](#diffpositioninput) | The position of this note on a diff. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatediffnoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatediffnoteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreatediffnotenote"></a>`note` | [`Note`](#note) | The note after mutation. | + +### `Mutation.createEpic` + +Input type: `CreateEpicInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateepicaddlabelids"></a>`addLabelIds` | [`[ID!]`](#id) | The IDs of labels to be added to the epic. | +| <a id="mutationcreateepicclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateepicconfidential"></a>`confidential` | [`Boolean`](#boolean) | Indicates if the epic is confidential. | +| <a id="mutationcreateepicdescription"></a>`description` | [`String`](#string) | The description of the epic. | +| <a id="mutationcreateepicduedatefixed"></a>`dueDateFixed` | [`String`](#string) | The end date of the epic. | +| <a id="mutationcreateepicduedateisfixed"></a>`dueDateIsFixed` | [`Boolean`](#boolean) | Indicates end date should be sourced from due_date_fixed field not the issue milestones. | +| <a id="mutationcreateepicgrouppath"></a>`groupPath` | [`ID!`](#id) | The group the epic to mutate is in. | +| <a id="mutationcreateepicremovelabelids"></a>`removeLabelIds` | [`[ID!]`](#id) | The IDs of labels to be removed from the epic. | +| <a id="mutationcreateepicstartdatefixed"></a>`startDateFixed` | [`String`](#string) | The start date of the epic. | +| <a id="mutationcreateepicstartdateisfixed"></a>`startDateIsFixed` | [`Boolean`](#boolean) | Indicates start date should be sourced from start_date_fixed field not the issue milestones. | +| <a id="mutationcreateepictitle"></a>`title` | [`String`](#string) | The title of the epic. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateepicclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateepicepic"></a>`epic` | [`Epic`](#epic) | The created epic. | +| <a id="mutationcreateepicerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.createImageDiffNote` + +Input type: `CreateImageDiffNoteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateimagediffnotebody"></a>`body` | [`String!`](#string) | Content of the note. | +| <a id="mutationcreateimagediffnoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateimagediffnoteconfidential"></a>`confidential` | [`Boolean`](#boolean) | The confidentiality flag of a note. Default is false. | +| <a id="mutationcreateimagediffnotenoteableid"></a>`noteableId` | [`NoteableID!`](#noteableid) | The global ID of the resource to add a note to. | +| <a id="mutationcreateimagediffnoteposition"></a>`position` | [`DiffImagePositionInput!`](#diffimagepositioninput) | The position of this note on a diff. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateimagediffnoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateimagediffnoteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreateimagediffnotenote"></a>`note` | [`Note`](#note) | The note after mutation. | + +### `Mutation.createIssue` + +Input type: `CreateIssueInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateissueassigneeids"></a>`assigneeIds` | [`[UserID!]`](#userid) | The array of user IDs to assign to the issue. | +| <a id="mutationcreateissueclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateissueconfidential"></a>`confidential` | [`Boolean`](#boolean) | Indicates the issue is confidential. | +| <a id="mutationcreateissuecreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp when the issue was created. Available only for admins and project owners. | +| <a id="mutationcreateissuedescription"></a>`description` | [`String`](#string) | Description of the issue. | +| <a id="mutationcreateissuediscussiontoresolve"></a>`discussionToResolve` | [`String`](#string) | The ID of a discussion to resolve. Also pass `merge_request_to_resolve_discussions_of`. | +| <a id="mutationcreateissueduedate"></a>`dueDate` | [`ISO8601Date`](#iso8601date) | Due date of the issue. | +| <a id="mutationcreateissueepicid"></a>`epicId` | [`EpicID`](#epicid) | The ID of an epic to associate the issue with. | +| <a id="mutationcreateissuehealthstatus"></a>`healthStatus` | [`HealthStatus`](#healthstatus) | The desired health status. | +| <a id="mutationcreateissueiid"></a>`iid` | [`Int`](#int) | The IID (internal ID) of a project issue. Only admins and project owners can modify. | +| <a id="mutationcreateissuelabelids"></a>`labelIds` | [`[LabelID!]`](#labelid) | The IDs of labels to be added to the issue. | +| <a id="mutationcreateissuelabels"></a>`labels` | [`[String!]`](#string) | Labels of the issue. | +| <a id="mutationcreateissuelocked"></a>`locked` | [`Boolean`](#boolean) | Indicates discussion is locked on the issue. | +| <a id="mutationcreateissuemergerequesttoresolvediscussionsof"></a>`mergeRequestToResolveDiscussionsOf` | [`MergeRequestID`](#mergerequestid) | The IID of a merge request for which to resolve discussions. | +| <a id="mutationcreateissuemilestoneid"></a>`milestoneId` | [`MilestoneID`](#milestoneid) | The ID of the milestone to assign to the issue. On update milestone will be removed if set to null. | +| <a id="mutationcreateissueprojectpath"></a>`projectPath` | [`ID!`](#id) | Project full path the issue is associated with. | +| <a id="mutationcreateissuetitle"></a>`title` | [`String!`](#string) | Title of the issue. | +| <a id="mutationcreateissuetype"></a>`type` | [`IssueType`](#issuetype) | Type of the issue. | +| <a id="mutationcreateissueweight"></a>`weight` | [`Int`](#int) | The weight of the issue. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateissueclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateissueerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreateissueissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.createIteration` + +Input type: `CreateIterationInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateiterationclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateiterationdescription"></a>`description` | [`String`](#string) | The description of the iteration. | +| <a id="mutationcreateiterationduedate"></a>`dueDate` | [`String`](#string) | The end date of the iteration. | +| <a id="mutationcreateiterationgrouppath"></a>`groupPath` | [`ID`](#id) | Full path of the group with which the resource is associated. | +| <a id="mutationcreateiterationprojectpath"></a>`projectPath` | [`ID`](#id) | Full path of the project with which the resource is associated. | +| <a id="mutationcreateiterationstartdate"></a>`startDate` | [`String`](#string) | The start date of the iteration. | +| <a id="mutationcreateiterationtitle"></a>`title` | [`String`](#string) | The title of the iteration. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreateiterationclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreateiterationerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreateiterationiteration"></a>`iteration` | [`Iteration`](#iteration) | The created iteration. | + +### `Mutation.createNote` + +Input type: `CreateNoteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatenotebody"></a>`body` | [`String!`](#string) | Content of the note. | +| <a id="mutationcreatenoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatenoteconfidential"></a>`confidential` | [`Boolean`](#boolean) | The confidentiality flag of a note. Default is false. | +| <a id="mutationcreatenotediscussionid"></a>`discussionId` | [`DiscussionID`](#discussionid) | The global ID of the discussion this note is in reply to. | +| <a id="mutationcreatenotenoteableid"></a>`noteableId` | [`NoteableID!`](#noteableid) | The global ID of the resource to add a note to. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatenoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatenoteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreatenotenote"></a>`note` | [`Note`](#note) | The note after mutation. | + +### `Mutation.createRequirement` + +Input type: `CreateRequirementInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreaterequirementclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreaterequirementdescription"></a>`description` | [`String`](#string) | Description of the requirement. | +| <a id="mutationcreaterequirementprojectpath"></a>`projectPath` | [`ID!`](#id) | Full project path the requirement is associated with. | +| <a id="mutationcreaterequirementtitle"></a>`title` | [`String`](#string) | Title of the requirement. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreaterequirementclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreaterequirementerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreaterequirementrequirement"></a>`requirement` | [`Requirement`](#requirement) | Requirement after mutation. | + +### `Mutation.createSnippet` + +Input type: `CreateSnippetInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatesnippetblobactions"></a>`blobActions` | [`[SnippetBlobActionInputType!]`](#snippetblobactioninputtype) | Actions to perform over the snippet repository and blobs. | +| <a id="mutationcreatesnippetcaptcharesponse"></a>`captchaResponse` **{warning-solid}** | [`String`](#string) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | +| <a id="mutationcreatesnippetclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatesnippetdescription"></a>`description` | [`String`](#string) | Description of the snippet. | +| <a id="mutationcreatesnippetprojectpath"></a>`projectPath` | [`ID`](#id) | The project full path the snippet is associated with. | +| <a id="mutationcreatesnippetspamlogid"></a>`spamLogId` **{warning-solid}** | [`Int`](#int) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | +| <a id="mutationcreatesnippettitle"></a>`title` | [`String!`](#string) | Title of the snippet. | +| <a id="mutationcreatesnippetuploadedfiles"></a>`uploadedFiles` | [`[String!]`](#string) | The paths to files uploaded in the snippet description. | +| <a id="mutationcreatesnippetvisibilitylevel"></a>`visibilityLevel` | [`VisibilityLevelsEnum!`](#visibilitylevelsenum) | The visibility level of the snippet. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatesnippetcaptchasitekey"></a>`captchaSiteKey` **{warning-solid}** | [`String`](#string) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | +| <a id="mutationcreatesnippetclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatesnippeterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreatesnippetneedscaptcharesponse"></a>`needsCaptchaResponse` **{warning-solid}** | [`Boolean`](#boolean) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | +| <a id="mutationcreatesnippetsnippet"></a>`snippet` | [`Snippet`](#snippet) | The snippet after mutation. | +| <a id="mutationcreatesnippetspam"></a>`spam` **{warning-solid}** | [`Boolean`](#boolean) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | +| <a id="mutationcreatesnippetspamlogid"></a>`spamLogId` **{warning-solid}** | [`Int`](#int) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | + +### `Mutation.createTestCase` + +Input type: `CreateTestCaseInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatetestcaseclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatetestcasedescription"></a>`description` | [`String`](#string) | The test case description. | +| <a id="mutationcreatetestcaselabelids"></a>`labelIds` | [`[ID!]`](#id) | The IDs of labels to be added to the test case. | +| <a id="mutationcreatetestcaseprojectpath"></a>`projectPath` | [`ID!`](#id) | The project full path to create the test case. | +| <a id="mutationcreatetestcasetitle"></a>`title` | [`String!`](#string) | The test case title. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcreatetestcaseclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcreatetestcaseerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationcreatetestcasetestcase"></a>`testCase` | [`Issue`](#issue) | The test case created. | + +### `Mutation.dastOnDemandScanCreate` + +Input type: `DastOnDemandScanCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastondemandscancreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastondemandscancreatedastscannerprofileid"></a>`dastScannerProfileId` | [`DastScannerProfileID`](#dastscannerprofileid) | ID of the scanner profile to be used for the scan. | +| <a id="mutationdastondemandscancreatedastsiteprofileid"></a>`dastSiteProfileId` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be used for the scan. | +| <a id="mutationdastondemandscancreatefullpath"></a>`fullPath` | [`ID!`](#id) | The project the site profile belongs to. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastondemandscancreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastondemandscancreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdastondemandscancreatepipelineurl"></a>`pipelineUrl` | [`String`](#string) | URL of the pipeline that was created. | + +### `Mutation.dastProfileCreate` + +Input type: `DastProfileCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastprofilecreatebranchname"></a>`branchName` | [`String`](#string) | The associated branch. | +| <a id="mutationdastprofilecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastprofilecreatedastscannerprofileid"></a>`dastScannerProfileId` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be associated. | +| <a id="mutationdastprofilecreatedastsiteprofileid"></a>`dastSiteProfileId` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be associated. | +| <a id="mutationdastprofilecreatedescription"></a>`description` | [`String`](#string) | The description of the profile. Defaults to an empty string. | +| <a id="mutationdastprofilecreatefullpath"></a>`fullPath` | [`ID!`](#id) | The project the profile belongs to. | +| <a id="mutationdastprofilecreatename"></a>`name` | [`String!`](#string) | The name of the profile. | +| <a id="mutationdastprofilecreaterunaftercreate"></a>`runAfterCreate` | [`Boolean`](#boolean) | Run scan using profile after creation. Defaults to false. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastprofilecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastprofilecreatedastprofile"></a>`dastProfile` | [`DastProfile`](#dastprofile) | The created profile. | +| <a id="mutationdastprofilecreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdastprofilecreatepipelineurl"></a>`pipelineUrl` | [`String`](#string) | The URL of the pipeline that was created. Requires `runAfterCreate` to be set to `true`. | + +### `Mutation.dastProfileDelete` + +Input type: `DastProfileDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastprofiledeleteid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be deleted. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastprofiledeleteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.dastProfileRun` + +Input type: `DastProfileRunInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastprofilerunclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastprofilerunfullpath"></a>`fullPath` | [`ID!`](#id) | Full path for the project the scanner profile belongs to. | +| <a id="mutationdastprofilerunid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be used for the scan. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastprofilerunclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastprofilerunerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdastprofilerunpipelineurl"></a>`pipelineUrl` | [`String`](#string) | URL of the pipeline that was created. | + +### `Mutation.dastProfileUpdate` + +Input type: `DastProfileUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastprofileupdatebranchname"></a>`branchName` | [`String`](#string) | The associated branch. | +| <a id="mutationdastprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastprofileupdatedastscannerprofileid"></a>`dastScannerProfileId` | [`DastScannerProfileID`](#dastscannerprofileid) | ID of the scanner profile to be associated. | +| <a id="mutationdastprofileupdatedastsiteprofileid"></a>`dastSiteProfileId` | [`DastSiteProfileID`](#dastsiteprofileid) | ID of the site profile to be associated. | +| <a id="mutationdastprofileupdatedescription"></a>`description` | [`String`](#string) | The description of the profile. Defaults to an empty string. | +| <a id="mutationdastprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | The project the profile belongs to. | +| <a id="mutationdastprofileupdateid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile to be deleted. | +| <a id="mutationdastprofileupdatename"></a>`name` | [`String`](#string) | The name of the profile. | +| <a id="mutationdastprofileupdaterunafterupdate"></a>`runAfterUpdate` | [`Boolean`](#boolean) | Run scan using profile after update. Defaults to false. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastprofileupdatedastprofile"></a>`dastProfile` | [`DastProfile`](#dastprofile) | The updated profile. | +| <a id="mutationdastprofileupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdastprofileupdatepipelineurl"></a>`pipelineUrl` | [`String`](#string) | The URL of the pipeline that was created. Requires the input argument `runAfterUpdate` to be set to `true` when calling the mutation, otherwise no pipeline will be created. | + +### `Mutation.dastScannerProfileCreate` + +Input type: `DastScannerProfileCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastscannerprofilecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastscannerprofilecreatefullpath"></a>`fullPath` | [`ID!`](#id) | The project the scanner profile belongs to. | +| <a id="mutationdastscannerprofilecreateprofilename"></a>`profileName` | [`String!`](#string) | The name of the scanner profile. | +| <a id="mutationdastscannerprofilecreatescantype"></a>`scanType` | [`DastScanTypeEnum`](#dastscantypeenum) | Indicates the type of DAST scan that will run. Either a Passive Scan or an Active Scan. | +| <a id="mutationdastscannerprofilecreateshowdebugmessages"></a>`showDebugMessages` | [`Boolean`](#boolean) | Indicates if debug messages should be included in DAST console output. True to include the debug messages. | +| <a id="mutationdastscannerprofilecreatespidertimeout"></a>`spiderTimeout` | [`Int`](#int) | The maximum number of minutes allowed for the spider to traverse the site. | +| <a id="mutationdastscannerprofilecreatetargettimeout"></a>`targetTimeout` | [`Int`](#int) | The maximum number of seconds allowed for the site under test to respond to a request. | +| <a id="mutationdastscannerprofilecreateuseajaxspider"></a>`useAjaxSpider` | [`Boolean`](#boolean) | Indicates if the AJAX spider should be used to crawl the target site. True to run the AJAX spider in addition to the traditional spider, and false to run only the traditional spider. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastscannerprofilecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastscannerprofilecreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdastscannerprofilecreateglobalid"></a>`globalId` **{warning-solid}** | [`DastScannerProfileID`](#dastscannerprofileid) | **Deprecated:** Use `id`. Deprecated in 13.6. | +| <a id="mutationdastscannerprofilecreateid"></a>`id` | [`DastScannerProfileID`](#dastscannerprofileid) | ID of the scanner profile. | + +### `Mutation.dastScannerProfileDelete` + +Input type: `DastScannerProfileDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastscannerprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastscannerprofiledeletefullpath"></a>`fullPath` | [`ID!`](#id) | Full path for the project the scanner profile belongs to. | +| <a id="mutationdastscannerprofiledeleteid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be deleted. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastscannerprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastscannerprofiledeleteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.dastScannerProfileUpdate` + +Input type: `DastScannerProfileUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastscannerprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastscannerprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | The project the scanner profile belongs to. | +| <a id="mutationdastscannerprofileupdateid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the scanner profile to be updated. | +| <a id="mutationdastscannerprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | The name of the scanner profile. | +| <a id="mutationdastscannerprofileupdatescantype"></a>`scanType` | [`DastScanTypeEnum`](#dastscantypeenum) | Indicates the type of DAST scan that will run. Either a Passive Scan or an Active Scan. | +| <a id="mutationdastscannerprofileupdateshowdebugmessages"></a>`showDebugMessages` | [`Boolean`](#boolean) | Indicates if debug messages should be included in DAST console output. True to include the debug messages. | +| <a id="mutationdastscannerprofileupdatespidertimeout"></a>`spiderTimeout` | [`Int!`](#int) | The maximum number of minutes allowed for the spider to traverse the site. | +| <a id="mutationdastscannerprofileupdatetargettimeout"></a>`targetTimeout` | [`Int!`](#int) | The maximum number of seconds allowed for the site under test to respond to a request. | +| <a id="mutationdastscannerprofileupdateuseajaxspider"></a>`useAjaxSpider` | [`Boolean`](#boolean) | Indicates if the AJAX spider should be used to crawl the target site. True to run the AJAX spider in addition to the traditional spider, and false to run only the traditional spider. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastscannerprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastscannerprofileupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdastscannerprofileupdateid"></a>`id` | [`DastScannerProfileID`](#dastscannerprofileid) | ID of the scanner profile. | + +### `Mutation.dastSiteProfileCreate` + +Input type: `DastSiteProfileCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsiteprofilecreateauth"></a>`auth` | [`DastSiteProfileAuthInput`](#dastsiteprofileauthinput) | Parameters for authentication. Will be ignored if `security_dast_site_profiles_additional_fields` feature flag is disabled. | +| <a id="mutationdastsiteprofilecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsiteprofilecreateexcludedurls"></a>`excludedUrls` | [`[String!]`](#string) | The URLs to skip during an authenticated scan. Defaults to `[]`. Will be ignored if `security_dast_site_profiles_additional_fields` feature flag is disabled. | +| <a id="mutationdastsiteprofilecreatefullpath"></a>`fullPath` | [`ID!`](#id) | The project the site profile belongs to. | +| <a id="mutationdastsiteprofilecreateprofilename"></a>`profileName` | [`String!`](#string) | The name of the site profile. | +| <a id="mutationdastsiteprofilecreaterequestheaders"></a>`requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. Will be ignored if `security_dast_site_profiles_additional_fields` feature flag is disabled. | +| <a id="mutationdastsiteprofilecreatetargettype"></a>`targetType` | [`DastTargetTypeEnum`](#dasttargettypeenum) | The type of target to be scanned. Will be ignored if `security_dast_site_profiles_api_option` feature flag is disabled. | +| <a id="mutationdastsiteprofilecreatetargeturl"></a>`targetUrl` | [`String`](#string) | The URL of the target to be scanned. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsiteprofilecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsiteprofilecreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdastsiteprofilecreateid"></a>`id` | [`DastSiteProfileID`](#dastsiteprofileid) | ID of the site profile. | + +### `Mutation.dastSiteProfileDelete` + +Input type: `DastSiteProfileDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsiteprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsiteprofiledeletefullpath"></a>`fullPath` | [`ID!`](#id) | The project the site profile belongs to. | +| <a id="mutationdastsiteprofiledeleteid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be deleted. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsiteprofiledeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsiteprofiledeleteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.dastSiteProfileUpdate` + +Input type: `DastSiteProfileUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsiteprofileupdateauth"></a>`auth` | [`DastSiteProfileAuthInput`](#dastsiteprofileauthinput) | Parameters for authentication. Will be ignored if `security_dast_site_profiles_additional_fields` feature flag is disabled. | +| <a id="mutationdastsiteprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsiteprofileupdateexcludedurls"></a>`excludedUrls` | [`[String!]`](#string) | The URLs to skip during an authenticated scan. Will be ignored if `security_dast_site_profiles_additional_fields` feature flag is disabled. | +| <a id="mutationdastsiteprofileupdatefullpath"></a>`fullPath` | [`ID!`](#id) | The project the site profile belongs to. | +| <a id="mutationdastsiteprofileupdateid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be updated. | +| <a id="mutationdastsiteprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | The name of the site profile. | +| <a id="mutationdastsiteprofileupdaterequestheaders"></a>`requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. Will be ignored if `security_dast_site_profiles_additional_fields` feature flag is disabled. | +| <a id="mutationdastsiteprofileupdatetargettype"></a>`targetType` | [`DastTargetTypeEnum`](#dasttargettypeenum) | The type of target to be scanned. Will be ignored if `security_dast_site_profiles_api_option` feature flag is disabled. | +| <a id="mutationdastsiteprofileupdatetargeturl"></a>`targetUrl` | [`String`](#string) | The URL of the target to be scanned. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsiteprofileupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsiteprofileupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdastsiteprofileupdateid"></a>`id` | [`DastSiteProfileID`](#dastsiteprofileid) | ID of the site profile. | + +### `Mutation.dastSiteTokenCreate` + +Input type: `DastSiteTokenCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsitetokencreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsitetokencreatefullpath"></a>`fullPath` | [`ID!`](#id) | The project the site token belongs to. | +| <a id="mutationdastsitetokencreatetargeturl"></a>`targetUrl` | [`String`](#string) | The URL of the target to be validated. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsitetokencreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsitetokencreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdastsitetokencreateid"></a>`id` | [`DastSiteTokenID`](#dastsitetokenid) | ID of the site token. | +| <a id="mutationdastsitetokencreatestatus"></a>`status` | [`DastSiteProfileValidationStatusEnum`](#dastsiteprofilevalidationstatusenum) | The current validation status of the target. | +| <a id="mutationdastsitetokencreatetoken"></a>`token` | [`String`](#string) | Token string. | + +### `Mutation.dastSiteValidationCreate` + +Input type: `DastSiteValidationCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsitevalidationcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsitevalidationcreatedastsitetokenid"></a>`dastSiteTokenId` | [`DastSiteTokenID!`](#dastsitetokenid) | ID of the site token. | +| <a id="mutationdastsitevalidationcreatefullpath"></a>`fullPath` | [`ID!`](#id) | The project the site profile belongs to. | +| <a id="mutationdastsitevalidationcreatestrategy"></a>`strategy` | [`DastSiteValidationStrategyEnum`](#dastsitevalidationstrategyenum) | The validation strategy to be used. | +| <a id="mutationdastsitevalidationcreatevalidationpath"></a>`validationPath` | [`String!`](#string) | The path to be requested during validation. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsitevalidationcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsitevalidationcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdastsitevalidationcreateid"></a>`id` | [`DastSiteValidationID`](#dastsitevalidationid) | ID of the site validation. | +| <a id="mutationdastsitevalidationcreatestatus"></a>`status` | [`DastSiteProfileValidationStatusEnum`](#dastsiteprofilevalidationstatusenum) | The current validation status. | + +### `Mutation.dastSiteValidationRevoke` + +Input type: `DastSiteValidationRevokeInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsitevalidationrevokeclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsitevalidationrevokefullpath"></a>`fullPath` | [`ID!`](#id) | The project the site validation belongs to. | +| <a id="mutationdastsitevalidationrevokenormalizedtargeturl"></a>`normalizedTargetUrl` | [`String!`](#string) | Normalized URL of the target to be revoked. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdastsitevalidationrevokeclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdastsitevalidationrevokeerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.deleteAnnotation` + +Input type: `DeleteAnnotationInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdeleteannotationclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdeleteannotationid"></a>`id` | [`MetricsDashboardAnnotationID!`](#metricsdashboardannotationid) | Global ID of the annotation to delete. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdeleteannotationclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdeleteannotationerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.deleteDevopsAdoptionSegment` + +**BETA** This endpoint is subject to change without notice. + +Input type: `DeleteDevopsAdoptionSegmentInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdeletedevopsadoptionsegmentclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdeletedevopsadoptionsegmentid"></a>`id` | [`[AnalyticsDevopsAdoptionSegmentID!]!`](#analyticsdevopsadoptionsegmentid) | One or many IDs of the segments to delete. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdeletedevopsadoptionsegmentclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdeletedevopsadoptionsegmenterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.designManagementDelete` + +Input type: `DesignManagementDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdesignmanagementdeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdesignmanagementdeletefilenames"></a>`filenames` | [`[String!]!`](#string) | The filenames of the designs to delete. | +| <a id="mutationdesignmanagementdeleteiid"></a>`iid` | [`ID!`](#id) | The IID of the issue to modify designs for. | +| <a id="mutationdesignmanagementdeleteprojectpath"></a>`projectPath` | [`ID!`](#id) | The project where the issue is to upload designs for. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdesignmanagementdeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdesignmanagementdeleteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdesignmanagementdeleteversion"></a>`version` | [`DesignVersion`](#designversion) | The new version in which the designs are deleted. | + +### `Mutation.designManagementMove` + +Input type: `DesignManagementMoveInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdesignmanagementmoveclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdesignmanagementmoveid"></a>`id` | [`DesignManagementDesignID!`](#designmanagementdesignid) | ID of the design to move. | +| <a id="mutationdesignmanagementmovenext"></a>`next` | [`DesignManagementDesignID`](#designmanagementdesignid) | ID of the immediately following design. | +| <a id="mutationdesignmanagementmoveprevious"></a>`previous` | [`DesignManagementDesignID`](#designmanagementdesignid) | ID of the immediately preceding design. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdesignmanagementmoveclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdesignmanagementmovedesigncollection"></a>`designCollection` | [`DesignCollection`](#designcollection) | The current state of the collection. | +| <a id="mutationdesignmanagementmoveerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.designManagementUpload` + +Input type: `DesignManagementUploadInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdesignmanagementuploadclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdesignmanagementuploadfiles"></a>`files` | [`[Upload!]!`](#upload) | The files to upload. | +| <a id="mutationdesignmanagementuploadiid"></a>`iid` | [`ID!`](#id) | The IID of the issue to modify designs for. | +| <a id="mutationdesignmanagementuploadprojectpath"></a>`projectPath` | [`ID!`](#id) | The project where the issue is to upload designs for. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdesignmanagementuploadclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdesignmanagementuploaddesigns"></a>`designs` | [`[Design!]!`](#design) | The designs that were uploaded by the mutation. | +| <a id="mutationdesignmanagementuploaderrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdesignmanagementuploadskippeddesigns"></a>`skippedDesigns` | [`[Design!]!`](#design) | Any designs that were skipped from the upload due to there being no change to their content since their last version. | + +### `Mutation.destroyBoard` + +Input type: `DestroyBoardInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroyboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroyboardid"></a>`id` | [`BoardID!`](#boardid) | The global ID of the board to destroy. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroyboardboard"></a>`board` | [`Board`](#board) | The board after mutation. | +| <a id="mutationdestroyboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroyboarderrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.destroyBoardList` + +Input type: `DestroyBoardListInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroyboardlistclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroyboardlistlistid"></a>`listId` | [`ListID!`](#listid) | Global ID of the list to destroy. Only label lists are accepted. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroyboardlistclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroyboardlisterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdestroyboardlistlist"></a>`list` | [`BoardList`](#boardlist) | The list after mutation. | + +### `Mutation.destroyComplianceFramework` + +Input type: `DestroyComplianceFrameworkInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroycomplianceframeworkclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroycomplianceframeworkid"></a>`id` | [`ComplianceManagementFrameworkID!`](#compliancemanagementframeworkid) | The global ID of the compliance framework to destroy. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroycomplianceframeworkclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroycomplianceframeworkerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.destroyContainerRepository` + +Input type: `DestroyContainerRepositoryInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroycontainerrepositoryclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroycontainerrepositoryid"></a>`id` | [`ContainerRepositoryID!`](#containerrepositoryid) | ID of the container repository. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroycontainerrepositoryclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroycontainerrepositorycontainerrepository"></a>`containerRepository` | [`ContainerRepository!`](#containerrepository) | The container repository policy after scheduling the deletion. | +| <a id="mutationdestroycontainerrepositoryerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.destroyContainerRepositoryTags` + +Input type: `DestroyContainerRepositoryTagsInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroycontainerrepositorytagsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroycontainerrepositorytagsid"></a>`id` | [`ContainerRepositoryID!`](#containerrepositoryid) | ID of the container repository. | +| <a id="mutationdestroycontainerrepositorytagstagnames"></a>`tagNames` | [`[String!]!`](#string) | Container repository tag(s) to delete. Total number can't be greater than 20. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroycontainerrepositorytagsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroycontainerrepositorytagsdeletedtagnames"></a>`deletedTagNames` | [`[String!]!`](#string) | Deleted container repository tags. | +| <a id="mutationdestroycontainerrepositorytagserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.destroyEpicBoard` + +Input type: `DestroyEpicBoardInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroyepicboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroyepicboardid"></a>`id` | [`BoardsEpicBoardID!`](#boardsepicboardid) | Global ID of the board to destroy. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroyepicboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroyepicboardepicboard"></a>`epicBoard` | [`EpicBoard`](#epicboard) | Epic board after mutation. | +| <a id="mutationdestroyepicboarderrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.destroyNote` + +Input type: `DestroyNoteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroynoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroynoteid"></a>`id` | [`NoteID!`](#noteid) | The global ID of the note to destroy. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroynoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroynoteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdestroynotenote"></a>`note` | [`Note`](#note) | The note after mutation. | + +### `Mutation.destroySnippet` + +Input type: `DestroySnippetInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroysnippetclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroysnippetid"></a>`id` | [`SnippetID!`](#snippetid) | The global ID of the snippet to destroy. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroysnippetclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroysnippeterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdestroysnippetsnippet"></a>`snippet` | [`Snippet`](#snippet) | The snippet after mutation. | + +### `Mutation.discussionToggleResolve` + +Toggles the resolved state of a discussion. + +Input type: `DiscussionToggleResolveInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdiscussiontoggleresolveclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdiscussiontoggleresolveid"></a>`id` | [`DiscussionID!`](#discussionid) | The global ID of the discussion. | +| <a id="mutationdiscussiontoggleresolveresolve"></a>`resolve` | [`Boolean!`](#boolean) | Will resolve the discussion when true, and unresolve the discussion when false. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdiscussiontoggleresolveclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdiscussiontoggleresolvediscussion"></a>`discussion` | [`Discussion`](#discussion) | The discussion after mutation. | +| <a id="mutationdiscussiontoggleresolveerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.dismissVulnerability` + +WARNING: +**Deprecated** in 13.5. +Use vulnerabilityDismiss. + +Input type: `DismissVulnerabilityInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdismissvulnerabilityclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdismissvulnerabilitycomment"></a>`comment` | [`String`](#string) | Comment why vulnerability should be dismissed. | +| <a id="mutationdismissvulnerabilitydismissalreason"></a>`dismissalReason` | [`VulnerabilityDismissalReason`](#vulnerabilitydismissalreason) | Reason why vulnerability should be dismissed. | +| <a id="mutationdismissvulnerabilityid"></a>`id` | [`VulnerabilityID!`](#vulnerabilityid) | ID of the vulnerability to be dismissed. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdismissvulnerabilityclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdismissvulnerabilityerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationdismissvulnerabilityvulnerability"></a>`vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after dismissal. | + +### `Mutation.environmentsCanaryIngressUpdate` + +Input type: `EnvironmentsCanaryIngressUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationenvironmentscanaryingressupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationenvironmentscanaryingressupdateid"></a>`id` | [`EnvironmentID!`](#environmentid) | The global ID of the environment to update. | +| <a id="mutationenvironmentscanaryingressupdateweight"></a>`weight` | [`Int!`](#int) | The weight of the Canary Ingress. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationenvironmentscanaryingressupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationenvironmentscanaryingressupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.epicAddIssue` + +Input type: `EpicAddIssueInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicaddissueclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicaddissuegrouppath"></a>`groupPath` | [`ID!`](#id) | The group the epic to mutate belongs to. | +| <a id="mutationepicaddissueiid"></a>`iid` | [`ID!`](#id) | The IID of the epic to mutate. | +| <a id="mutationepicaddissueissueiid"></a>`issueIid` | [`String!`](#string) | The IID of the issue to be added. | +| <a id="mutationepicaddissueprojectpath"></a>`projectPath` | [`ID!`](#id) | The full path of the project the issue belongs to. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicaddissueclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicaddissueepic"></a>`epic` | [`Epic`](#epic) | The epic after mutation. | +| <a id="mutationepicaddissueepicissue"></a>`epicIssue` | [`EpicIssue`](#epicissue) | The epic-issue relation. | +| <a id="mutationepicaddissueerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.epicBoardCreate` + +Input type: `EpicBoardCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicboardcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicboardcreategrouppath"></a>`groupPath` | [`ID`](#id) | Full path of the group with which the resource is associated. | +| <a id="mutationepicboardcreatehidebackloglist"></a>`hideBacklogList` | [`Boolean`](#boolean) | Whether or not backlog list is hidden. | +| <a id="mutationepicboardcreatehideclosedlist"></a>`hideClosedList` | [`Boolean`](#boolean) | Whether or not closed list is hidden. | +| <a id="mutationepicboardcreatelabelids"></a>`labelIds` | [`[LabelID!]`](#labelid) | IDs of labels to be added to the board. | +| <a id="mutationepicboardcreatelabels"></a>`labels` | [`[String!]`](#string) | Labels of the issue. | +| <a id="mutationepicboardcreatename"></a>`name` | [`String`](#string) | The board name. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicboardcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicboardcreateepicboard"></a>`epicBoard` | [`EpicBoard`](#epicboard) | The created epic board. | +| <a id="mutationepicboardcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.epicBoardListCreate` + +Input type: `EpicBoardListCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicboardlistcreatebacklog"></a>`backlog` | [`Boolean`](#boolean) | Create the backlog list. | +| <a id="mutationepicboardlistcreateboardid"></a>`boardId` | [`BoardsEpicBoardID!`](#boardsepicboardid) | Global ID of the issue board to mutate. | +| <a id="mutationepicboardlistcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicboardlistcreatelabelid"></a>`labelId` | [`LabelID`](#labelid) | Global ID of an existing label. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicboardlistcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicboardlistcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationepicboardlistcreatelist"></a>`list` | [`EpicList`](#epiclist) | Epic list in the epic board. | + +### `Mutation.epicBoardListDestroy` + +Destroys an epic board list. + +Input type: `EpicBoardListDestroyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicboardlistdestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicboardlistdestroylistid"></a>`listId` | [`BoardsEpicListID!`](#boardsepiclistid) | Global ID of the epic board list to destroy. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicboardlistdestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicboardlistdestroyerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationepicboardlistdestroylist"></a>`list` | [`EpicList`](#epiclist) | The epic board list. `null` if the board was destroyed successfully. | + +### `Mutation.epicBoardUpdate` + +Input type: `EpicBoardUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicboardupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicboardupdatehidebackloglist"></a>`hideBacklogList` | [`Boolean`](#boolean) | Whether or not backlog list is hidden. | +| <a id="mutationepicboardupdatehideclosedlist"></a>`hideClosedList` | [`Boolean`](#boolean) | Whether or not closed list is hidden. | +| <a id="mutationepicboardupdateid"></a>`id` | [`BoardsEpicBoardID!`](#boardsepicboardid) | The epic board global ID. | +| <a id="mutationepicboardupdatelabelids"></a>`labelIds` | [`[LabelID!]`](#labelid) | IDs of labels to be added to the board. | +| <a id="mutationepicboardupdatelabels"></a>`labels` | [`[String!]`](#string) | Labels of the issue. | +| <a id="mutationepicboardupdatename"></a>`name` | [`String`](#string) | The board name. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicboardupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicboardupdateepicboard"></a>`epicBoard` | [`EpicBoard`](#epicboard) | The updated epic board. | +| <a id="mutationepicboardupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.epicMoveList` + +Input type: `EpicMoveListInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicmovelistboardid"></a>`boardId` | [`BoardsEpicBoardID!`](#boardsepicboardid) | Global ID of the board that the epic is in. | +| <a id="mutationepicmovelistclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicmovelistepicid"></a>`epicId` | [`EpicID!`](#epicid) | ID of the epic to mutate. | +| <a id="mutationepicmovelistfromlistid"></a>`fromListId` | [`BoardsEpicListID!`](#boardsepiclistid) | ID of the board list that the epic will be moved from. | +| <a id="mutationepicmovelisttolistid"></a>`toListId` | [`BoardsEpicListID!`](#boardsepiclistid) | ID of the board list that the epic will be moved to. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicmovelistclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicmovelisterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.epicSetSubscription` + +Input type: `EpicSetSubscriptionInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicsetsubscriptionclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicsetsubscriptiongrouppath"></a>`groupPath` | [`ID!`](#id) | The group the epic to mutate belongs to. | +| <a id="mutationepicsetsubscriptioniid"></a>`iid` | [`ID!`](#id) | The IID of the epic to mutate. | +| <a id="mutationepicsetsubscriptionsubscribedstate"></a>`subscribedState` | [`Boolean!`](#boolean) | The desired state of the subscription. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepicsetsubscriptionclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepicsetsubscriptionepic"></a>`epic` | [`Epic`](#epic) | The epic after mutation. | +| <a id="mutationepicsetsubscriptionerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.epicTreeReorder` + +Input type: `EpicTreeReorderInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepictreereorderbaseepicid"></a>`baseEpicId` | [`EpicID!`](#epicid) | The ID of the base epic of the tree. | +| <a id="mutationepictreereorderclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepictreereordermoved"></a>`moved` | [`EpicTreeNodeFieldsInputType!`](#epictreenodefieldsinputtype) | Parameters for updating the tree positions. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationepictreereorderclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationepictreereordererrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.exportRequirements` + +Input type: `ExportRequirementsInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationexportrequirementsauthorusername"></a>`authorUsername` | [`[String!]`](#string) | Filter requirements by author username. | +| <a id="mutationexportrequirementsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationexportrequirementsprojectpath"></a>`projectPath` | [`ID!`](#id) | Full project path the requirements are associated with. | +| <a id="mutationexportrequirementssearch"></a>`search` | [`String`](#string) | Search query for requirement title. | +| <a id="mutationexportrequirementsselectedfields"></a>`selectedFields` | [`[String!]`](#string) | List of selected requirements fields to be exported. | +| <a id="mutationexportrequirementssort"></a>`sort` | [`Sort`](#sort) | List requirements by sort order. | +| <a id="mutationexportrequirementsstate"></a>`state` | [`RequirementState`](#requirementstate) | Filter requirements by state. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationexportrequirementsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationexportrequirementserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.gitlabSubscriptionActivate` + +Input type: `GitlabSubscriptionActivateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationgitlabsubscriptionactivateactivationcode"></a>`activationCode` | [`String!`](#string) | Activation code received after purchasing a GitLab subscription. | +| <a id="mutationgitlabsubscriptionactivateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationgitlabsubscriptionactivateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationgitlabsubscriptionactivateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationgitlabsubscriptionactivatelicense"></a>`license` | [`CurrentLicense`](#currentlicense) | The current license. | + +### `Mutation.httpIntegrationCreate` + +Input type: `HttpIntegrationCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationhttpintegrationcreateactive"></a>`active` | [`Boolean!`](#boolean) | Whether the integration is receiving alerts. | +| <a id="mutationhttpintegrationcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationhttpintegrationcreatename"></a>`name` | [`String!`](#string) | The name of the integration. | +| <a id="mutationhttpintegrationcreatepayloadattributemappings"></a>`payloadAttributeMappings` | [`[AlertManagementPayloadAlertFieldInput!]`](#alertmanagementpayloadalertfieldinput) | The custom mapping of GitLab alert attributes to fields from the payload_example. | +| <a id="mutationhttpintegrationcreatepayloadexample"></a>`payloadExample` | [`JsonString`](#jsonstring) | The example of an alert payload. | +| <a id="mutationhttpintegrationcreateprojectpath"></a>`projectPath` | [`ID!`](#id) | The project to create the integration in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationhttpintegrationcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationhttpintegrationcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationhttpintegrationcreateintegration"></a>`integration` | [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) | The HTTP integration. | + +### `Mutation.httpIntegrationDestroy` + +Input type: `HttpIntegrationDestroyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationhttpintegrationdestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationhttpintegrationdestroyid"></a>`id` | [`AlertManagementHttpIntegrationID!`](#alertmanagementhttpintegrationid) | The ID of the integration to remove. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationhttpintegrationdestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationhttpintegrationdestroyerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationhttpintegrationdestroyintegration"></a>`integration` | [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) | The HTTP integration. | + +### `Mutation.httpIntegrationResetToken` + +Input type: `HttpIntegrationResetTokenInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationhttpintegrationresettokenclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationhttpintegrationresettokenid"></a>`id` | [`AlertManagementHttpIntegrationID!`](#alertmanagementhttpintegrationid) | The ID of the integration to mutate. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationhttpintegrationresettokenclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationhttpintegrationresettokenerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationhttpintegrationresettokenintegration"></a>`integration` | [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) | The HTTP integration. | + +### `Mutation.httpIntegrationUpdate` + +Input type: `HttpIntegrationUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationhttpintegrationupdateactive"></a>`active` | [`Boolean`](#boolean) | Whether the integration is receiving alerts. | +| <a id="mutationhttpintegrationupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationhttpintegrationupdateid"></a>`id` | [`AlertManagementHttpIntegrationID!`](#alertmanagementhttpintegrationid) | The ID of the integration to mutate. | +| <a id="mutationhttpintegrationupdatename"></a>`name` | [`String`](#string) | The name of the integration. | +| <a id="mutationhttpintegrationupdatepayloadattributemappings"></a>`payloadAttributeMappings` | [`[AlertManagementPayloadAlertFieldInput!]`](#alertmanagementpayloadalertfieldinput) | The custom mapping of GitLab alert attributes to fields from the payload_example. | +| <a id="mutationhttpintegrationupdatepayloadexample"></a>`payloadExample` | [`JsonString`](#jsonstring) | The example of an alert payload. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationhttpintegrationupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationhttpintegrationupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationhttpintegrationupdateintegration"></a>`integration` | [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) | The HTTP integration. | + +### `Mutation.issueMove` + +Input type: `IssueMoveInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuemoveclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuemoveiid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationissuemoveprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | +| <a id="mutationissuemovetargetprojectpath"></a>`targetProjectPath` | [`ID!`](#id) | The project to move the issue to. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuemoveclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuemoveerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuemoveissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.issueMoveList` + +Input type: `IssueMoveListInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuemovelistboardid"></a>`boardId` | [`BoardID!`](#boardid) | Global ID of the board that the issue is in. | +| <a id="mutationissuemovelistclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuemovelistepicid"></a>`epicId` | [`EpicID`](#epicid) | The ID of the parent epic. NULL when removing the association. | +| <a id="mutationissuemovelistfromlistid"></a>`fromListId` | [`ID`](#id) | ID of the board list that the issue will be moved from. | +| <a id="mutationissuemovelistiid"></a>`iid` | [`String!`](#string) | IID of the issue to mutate. | +| <a id="mutationissuemovelistmoveafterid"></a>`moveAfterId` | [`ID`](#id) | ID of issue that should be placed after the current issue. | +| <a id="mutationissuemovelistmovebeforeid"></a>`moveBeforeId` | [`ID`](#id) | ID of issue that should be placed before the current issue. | +| <a id="mutationissuemovelistprojectpath"></a>`projectPath` | [`ID!`](#id) | Project the issue to mutate is in. | +| <a id="mutationissuemovelisttolistid"></a>`toListId` | [`ID`](#id) | ID of the board list that the issue will be moved to. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuemovelistclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuemovelisterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuemovelistissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.issueSetAssignees` + +Input type: `IssueSetAssigneesInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetassigneesassigneeusernames"></a>`assigneeUsernames` | [`[String!]!`](#string) | The usernames to assign to the resource. Replaces existing assignees by default. | +| <a id="mutationissuesetassigneesclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetassigneesiid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationissuesetassigneesoperationmode"></a>`operationMode` | [`MutationOperationMode`](#mutationoperationmode) | The operation to perform. Defaults to REPLACE. | +| <a id="mutationissuesetassigneesprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetassigneesclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetassigneeserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuesetassigneesissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.issueSetConfidential` + +Input type: `IssueSetConfidentialInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetconfidentialclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetconfidentialconfidential"></a>`confidential` | [`Boolean!`](#boolean) | Whether or not to set the issue as a confidential. | +| <a id="mutationissuesetconfidentialiid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationissuesetconfidentialprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetconfidentialclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetconfidentialerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuesetconfidentialissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.issueSetDueDate` + +Input type: `IssueSetDueDateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetduedateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetduedateduedate"></a>`dueDate` | [`Time`](#time) | The desired due date for the issue, due date will be removed if absent or set to null. | +| <a id="mutationissuesetduedateiid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationissuesetduedateprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetduedateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetduedateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuesetduedateissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.issueSetEpic` + +Input type: `IssueSetEpicInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetepicclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetepicepicid"></a>`epicId` | [`EpicID`](#epicid) | Global ID of the epic to be assigned to the issue, epic will be removed if absent or set to null. | +| <a id="mutationissuesetepiciid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationissuesetepicprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetepicclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetepicerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuesetepicissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.issueSetIteration` + +Input type: `IssueSetIterationInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetiterationclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetiterationiid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationissuesetiterationiterationid"></a>`iterationId` | [`IterationID`](#iterationid) | The iteration to assign to the issue. | +| <a id="mutationissuesetiterationprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetiterationclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetiterationerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuesetiterationissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.issueSetLocked` + +Input type: `IssueSetLockedInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetlockedclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetlockediid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationissuesetlockedlocked"></a>`locked` | [`Boolean!`](#boolean) | Whether or not to lock discussion on the issue. | +| <a id="mutationissuesetlockedprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetlockedclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetlockederrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuesetlockedissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.issueSetSeverity` + +Input type: `IssueSetSeverityInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetseverityclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetseverityiid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationissuesetseverityprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | +| <a id="mutationissuesetseverityseverity"></a>`severity` | [`IssuableSeverity!`](#issuableseverity) | Set the incident severity level. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetseverityclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetseverityerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuesetseverityissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.issueSetSubscription` + +Input type: `IssueSetSubscriptionInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetsubscriptionclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetsubscriptioniid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationissuesetsubscriptionprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | +| <a id="mutationissuesetsubscriptionsubscribedstate"></a>`subscribedState` | [`Boolean!`](#boolean) | The desired state of the subscription. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetsubscriptionclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetsubscriptionerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuesetsubscriptionissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.issueSetWeight` + +Input type: `IssueSetWeightInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetweightclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetweightiid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationissuesetweightprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | +| <a id="mutationissuesetweightweight"></a>`weight` | [`Int!`](#int) | The desired weight for the issue. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationissuesetweightclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationissuesetweighterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationissuesetweightissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.iterationCadenceCreate` + +Input type: `IterationCadenceCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationiterationcadencecreateactive"></a>`active` | [`Boolean!`](#boolean) | Whether the iteration cadence is active. | +| <a id="mutationiterationcadencecreateautomatic"></a>`automatic` | [`Boolean!`](#boolean) | Whether the iteration cadence should automatically generate future iterations. | +| <a id="mutationiterationcadencecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationiterationcadencecreatedescription"></a>`description` | [`String`](#string) | Description of the iteration cadence. Maximum length is 5000 characters. | +| <a id="mutationiterationcadencecreatedurationinweeks"></a>`durationInWeeks` | [`Int`](#int) | Duration in weeks of the iterations within this cadence. | +| <a id="mutationiterationcadencecreategrouppath"></a>`groupPath` | [`ID!`](#id) | The group where the iteration cadence is created. | +| <a id="mutationiterationcadencecreateiterationsinadvance"></a>`iterationsInAdvance` | [`Int`](#int) | Future iterations to be created when iteration cadence is set to automatic. | +| <a id="mutationiterationcadencecreaterollover"></a>`rollOver` | [`Boolean`](#boolean) | Whether the iteration cadence should roll over issues to the next iteration or not. | +| <a id="mutationiterationcadencecreatestartdate"></a>`startDate` | [`Time`](#time) | Timestamp of the iteration cadence start date. | +| <a id="mutationiterationcadencecreatetitle"></a>`title` | [`String`](#string) | Title of the iteration cadence. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationiterationcadencecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationiterationcadencecreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationiterationcadencecreateiterationcadence"></a>`iterationCadence` | [`IterationCadence`](#iterationcadence) | The created iteration cadence. | + +### `Mutation.iterationCadenceDestroy` + +Input type: `IterationCadenceDestroyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationiterationcadencedestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationiterationcadencedestroyid"></a>`id` | [`IterationsCadenceID!`](#iterationscadenceid) | Global ID of the iteration cadence. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationiterationcadencedestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationiterationcadencedestroyerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationiterationcadencedestroygroup"></a>`group` | [`Group!`](#group) | Group the iteration cadence belongs to. | + +### `Mutation.iterationCadenceUpdate` + +Input type: `IterationCadenceUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationiterationcadenceupdateactive"></a>`active` | [`Boolean`](#boolean) | Whether the iteration cadence is active. | +| <a id="mutationiterationcadenceupdateautomatic"></a>`automatic` | [`Boolean`](#boolean) | Whether the iteration cadence should automatically generate future iterations. | +| <a id="mutationiterationcadenceupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationiterationcadenceupdatedescription"></a>`description` | [`String`](#string) | Description of the iteration cadence. Maximum length is 5000 characters. | +| <a id="mutationiterationcadenceupdatedurationinweeks"></a>`durationInWeeks` | [`Int`](#int) | Duration in weeks of the iterations within this cadence. | +| <a id="mutationiterationcadenceupdateid"></a>`id` | [`IterationsCadenceID!`](#iterationscadenceid) | Global ID of the iteration cadence. | +| <a id="mutationiterationcadenceupdateiterationsinadvance"></a>`iterationsInAdvance` | [`Int`](#int) | Future iterations to be created when iteration cadence is set to automatic. | +| <a id="mutationiterationcadenceupdaterollover"></a>`rollOver` | [`Boolean`](#boolean) | Whether the iteration cadence should roll over issues to the next iteration or not. | +| <a id="mutationiterationcadenceupdatestartdate"></a>`startDate` | [`Time`](#time) | Timestamp of the iteration cadence start date. | +| <a id="mutationiterationcadenceupdatetitle"></a>`title` | [`String`](#string) | Title of the iteration cadence. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationiterationcadenceupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationiterationcadenceupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationiterationcadenceupdateiterationcadence"></a>`iterationCadence` | [`IterationCadence`](#iterationcadence) | The updated iteration cadence. | + +### `Mutation.iterationDelete` + +Input type: `IterationDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationiterationdeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationiterationdeleteid"></a>`id` | [`IterationID!`](#iterationid) | ID of the iteration. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationiterationdeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationiterationdeleteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationiterationdeletegroup"></a>`group` | [`Group!`](#group) | Group the iteration belongs to. | + +### `Mutation.jiraImportStart` + +Input type: `JiraImportStartInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationjiraimportstartclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationjiraimportstartjiraprojectkey"></a>`jiraProjectKey` | [`String!`](#string) | Project key of the importer Jira project. | +| <a id="mutationjiraimportstartjiraprojectname"></a>`jiraProjectName` | [`String`](#string) | Project name of the importer Jira project. | +| <a id="mutationjiraimportstartprojectpath"></a>`projectPath` | [`ID!`](#id) | The project to import the Jira project into. | +| <a id="mutationjiraimportstartusersmapping"></a>`usersMapping` | [`[JiraUsersMappingInputType!]`](#jirausersmappinginputtype) | The mapping of Jira to GitLab users. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationjiraimportstartclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationjiraimportstarterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationjiraimportstartjiraimport"></a>`jiraImport` | [`JiraImport`](#jiraimport) | The Jira import data after mutation. | + +### `Mutation.jiraImportUsers` + +Input type: `JiraImportUsersInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationjiraimportusersclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationjiraimportusersprojectpath"></a>`projectPath` | [`ID!`](#id) | The project to import the Jira users into. | +| <a id="mutationjiraimportusersstartat"></a>`startAt` | [`Int`](#int) | The index of the record the import should started at, default 0 (50 records returned). | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationjiraimportusersclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationjiraimportuserserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationjiraimportusersjirausers"></a>`jiraUsers` | [`[JiraUser!]`](#jirauser) | Users returned from Jira, matched by email and name if possible. | + +### `Mutation.jobPlay` + +Input type: `JobPlayInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationjobplayclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationjobplayid"></a>`id` | [`CiBuildID!`](#cibuildid) | The ID of the job to mutate. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationjobplayclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationjobplayerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationjobplayjob"></a>`job` | [`CiJob`](#cijob) | The job after the mutation. | + +### `Mutation.jobRetry` + +Input type: `JobRetryInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationjobretryclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationjobretryid"></a>`id` | [`CiBuildID!`](#cibuildid) | The ID of the job to mutate. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationjobretryclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationjobretryerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationjobretryjob"></a>`job` | [`CiJob`](#cijob) | The job after the mutation. | + +### `Mutation.labelCreate` + +Input type: `LabelCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationlabelcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationlabelcreatecolor"></a>`color` | [`String`](#string) | The color of the label given in 6-digit hex notation with leading '#' sign (for example, `#FFAABB`) or one of the CSS color names. | +| <a id="mutationlabelcreatedescription"></a>`description` | [`String`](#string) | Description of the label. | +| <a id="mutationlabelcreategrouppath"></a>`groupPath` | [`ID`](#id) | Full path of the group with which the resource is associated. | +| <a id="mutationlabelcreateprojectpath"></a>`projectPath` | [`ID`](#id) | Full path of the project with which the resource is associated. | +| <a id="mutationlabelcreateremoveonclose"></a>`removeOnClose` | [`Boolean`](#boolean) | Whether the label should be removed from an issue when the issue is closed. | +| <a id="mutationlabelcreatetitle"></a>`title` | [`String!`](#string) | Title of the label. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationlabelcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationlabelcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationlabelcreatelabel"></a>`label` | [`Label`](#label) | The label after mutation. | + +### `Mutation.markAsSpamSnippet` + +Input type: `MarkAsSpamSnippetInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmarkasspamsnippetclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmarkasspamsnippetid"></a>`id` | [`SnippetID!`](#snippetid) | The global ID of the snippet to update. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmarkasspamsnippetclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmarkasspamsnippeterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmarkasspamsnippetsnippet"></a>`snippet` | [`Snippet`](#snippet) | The snippet after mutation. | + +### `Mutation.mergeRequestAccept` + +Accepts a merge request. +When accepted, the source branch will be merged into the target branch, either +immediately if possible, or using one of the automatic merge strategies. + +Input type: `MergeRequestAcceptInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestacceptclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestacceptcommitmessage"></a>`commitMessage` | [`String`](#string) | Custom merge commit message. | +| <a id="mutationmergerequestacceptiid"></a>`iid` | [`String!`](#string) | The IID of the merge request to mutate. | +| <a id="mutationmergerequestacceptprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the merge request to mutate is in. | +| <a id="mutationmergerequestacceptsha"></a>`sha` | [`String!`](#string) | The HEAD SHA at the time when this merge was requested. | +| <a id="mutationmergerequestacceptshouldremovesourcebranch"></a>`shouldRemoveSourceBranch` | [`Boolean`](#boolean) | Should the source branch be removed. | +| <a id="mutationmergerequestacceptsquash"></a>`squash` | [`Boolean`](#boolean) | Squash commits on the source branch before merge. | +| <a id="mutationmergerequestacceptsquashcommitmessage"></a>`squashCommitMessage` | [`String`](#string) | Custom squash commit message (if squash is true). | +| <a id="mutationmergerequestacceptstrategy"></a>`strategy` | [`MergeStrategyEnum`](#mergestrategyenum) | How to merge this merge request. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestacceptclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestaccepterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestacceptmergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.mergeRequestCreate` + +Input type: `MergeRequestCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestcreatedescription"></a>`description` | [`String`](#string) | Description of the merge request (Markdown rendered as HTML for caching). | +| <a id="mutationmergerequestcreatelabels"></a>`labels` | [`[String!]`](#string) | Labels of the merge request. | +| <a id="mutationmergerequestcreateprojectpath"></a>`projectPath` | [`ID!`](#id) | Project full path the merge request is associated with. | +| <a id="mutationmergerequestcreatesourcebranch"></a>`sourceBranch` | [`String!`](#string) | Source branch of the merge request. | +| <a id="mutationmergerequestcreatetargetbranch"></a>`targetBranch` | [`String!`](#string) | Target branch of the merge request. | +| <a id="mutationmergerequestcreatetitle"></a>`title` | [`String!`](#string) | Title of the merge request. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestcreatemergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.mergeRequestReviewerRereview` + +Input type: `MergeRequestReviewerRereviewInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestreviewerrereviewclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestreviewerrereviewiid"></a>`iid` | [`String!`](#string) | The IID of the merge request to mutate. | +| <a id="mutationmergerequestreviewerrereviewprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the merge request to mutate is in. | +| <a id="mutationmergerequestreviewerrereviewuserid"></a>`userId` | [`UserID!`](#userid) | The user ID for the user that has been requested for a new review. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestreviewerrereviewclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestreviewerrereviewerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestreviewerrereviewmergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.mergeRequestSetAssignees` + +Input type: `MergeRequestSetAssigneesInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetassigneesassigneeusernames"></a>`assigneeUsernames` | [`[String!]!`](#string) | The usernames to assign to the resource. Replaces existing assignees by default. | +| <a id="mutationmergerequestsetassigneesclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetassigneesiid"></a>`iid` | [`String!`](#string) | The IID of the merge request to mutate. | +| <a id="mutationmergerequestsetassigneesoperationmode"></a>`operationMode` | [`MutationOperationMode`](#mutationoperationmode) | The operation to perform. Defaults to REPLACE. | +| <a id="mutationmergerequestsetassigneesprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the merge request to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetassigneesclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetassigneeserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestsetassigneesmergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.mergeRequestSetDraft` + +Input type: `MergeRequestSetDraftInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetdraftclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetdraftdraft"></a>`draft` | [`Boolean!`](#boolean) | Whether or not to set the merge request as a draft. | +| <a id="mutationmergerequestsetdraftiid"></a>`iid` | [`String!`](#string) | The IID of the merge request to mutate. | +| <a id="mutationmergerequestsetdraftprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the merge request to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetdraftclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetdrafterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestsetdraftmergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.mergeRequestSetLabels` + +Input type: `MergeRequestSetLabelsInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetlabelsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetlabelsiid"></a>`iid` | [`String!`](#string) | The IID of the merge request to mutate. | +| <a id="mutationmergerequestsetlabelslabelids"></a>`labelIds` | [`[LabelID!]!`](#labelid) | The Label IDs to set. Replaces existing labels by default. | +| <a id="mutationmergerequestsetlabelsoperationmode"></a>`operationMode` | [`MutationOperationMode`](#mutationoperationmode) | Changes the operation mode. Defaults to REPLACE. | +| <a id="mutationmergerequestsetlabelsprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the merge request to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetlabelsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetlabelserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestsetlabelsmergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.mergeRequestSetLocked` + +Input type: `MergeRequestSetLockedInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetlockedclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetlockediid"></a>`iid` | [`String!`](#string) | The IID of the merge request to mutate. | +| <a id="mutationmergerequestsetlockedlocked"></a>`locked` | [`Boolean!`](#boolean) | Whether or not to lock the merge request. | +| <a id="mutationmergerequestsetlockedprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the merge request to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetlockedclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetlockederrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestsetlockedmergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.mergeRequestSetMilestone` + +Input type: `MergeRequestSetMilestoneInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetmilestoneclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetmilestoneiid"></a>`iid` | [`String!`](#string) | The IID of the merge request to mutate. | +| <a id="mutationmergerequestsetmilestonemilestoneid"></a>`milestoneId` | [`MilestoneID`](#milestoneid) | The milestone to assign to the merge request. | +| <a id="mutationmergerequestsetmilestoneprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the merge request to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetmilestoneclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetmilestoneerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestsetmilestonemergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.mergeRequestSetSubscription` + +Input type: `MergeRequestSetSubscriptionInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetsubscriptionclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetsubscriptioniid"></a>`iid` | [`String!`](#string) | The IID of the merge request to mutate. | +| <a id="mutationmergerequestsetsubscriptionprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the merge request to mutate is in. | +| <a id="mutationmergerequestsetsubscriptionsubscribedstate"></a>`subscribedState` | [`Boolean!`](#boolean) | The desired state of the subscription. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetsubscriptionclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetsubscriptionerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestsetsubscriptionmergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.mergeRequestSetWip` + +WARNING: +**Deprecated** in 13.12. +Use mergeRequestSetDraft. + +Input type: `MergeRequestSetWipInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetwipclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetwipiid"></a>`iid` | [`String!`](#string) | The IID of the merge request to mutate. | +| <a id="mutationmergerequestsetwipprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the merge request to mutate is in. | +| <a id="mutationmergerequestsetwipwip"></a>`wip` | [`Boolean!`](#boolean) | Whether or not to set the merge request as a draft. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestsetwipclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestsetwiperrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestsetwipmergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.mergeRequestUpdate` + +Update attributes of a merge request. + +Input type: `MergeRequestUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestupdatedescription"></a>`description` | [`String`](#string) | Description of the merge request (Markdown rendered as HTML for caching). | +| <a id="mutationmergerequestupdateiid"></a>`iid` | [`String!`](#string) | The IID of the merge request to mutate. | +| <a id="mutationmergerequestupdateprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the merge request to mutate is in. | +| <a id="mutationmergerequestupdatestate"></a>`state` | [`MergeRequestNewState`](#mergerequestnewstate) | The action to perform to change the state. | +| <a id="mutationmergerequestupdatetargetbranch"></a>`targetBranch` | [`String`](#string) | Target branch of the merge request. | +| <a id="mutationmergerequestupdatetitle"></a>`title` | [`String`](#string) | Title of the merge request. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationmergerequestupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationmergerequestupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationmergerequestupdatemergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | + +### `Mutation.namespaceIncreaseStorageTemporarily` + +Input type: `NamespaceIncreaseStorageTemporarilyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationnamespaceincreasestoragetemporarilyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationnamespaceincreasestoragetemporarilyid"></a>`id` | [`NamespaceID!`](#namespaceid) | The global ID of the namespace to mutate. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationnamespaceincreasestoragetemporarilyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationnamespaceincreasestoragetemporarilyerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationnamespaceincreasestoragetemporarilynamespace"></a>`namespace` | [`Namespace`](#namespace) | The namespace after mutation. | + +### `Mutation.oncallRotationCreate` + +Input type: `OncallRotationCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallrotationcreateactiveperiod"></a>`activePeriod` | [`OncallRotationActivePeriodInputType`](#oncallrotationactiveperiodinputtype) | The active period of time that the on-call rotation should take place. | +| <a id="mutationoncallrotationcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallrotationcreateendsat"></a>`endsAt` | [`OncallRotationDateInputType`](#oncallrotationdateinputtype) | The end date and time of the on-call rotation, in the timezone of the on-call schedule. | +| <a id="mutationoncallrotationcreatename"></a>`name` | [`String!`](#string) | The name of the on-call rotation. | +| <a id="mutationoncallrotationcreateparticipants"></a>`participants` | [`[OncallUserInputType!]!`](#oncalluserinputtype) | The usernames of users participating in the on-call rotation. A maximum limit of 100 participants applies. | +| <a id="mutationoncallrotationcreateprojectpath"></a>`projectPath` | [`ID!`](#id) | The project to create the on-call schedule in. | +| <a id="mutationoncallrotationcreaterotationlength"></a>`rotationLength` | [`OncallRotationLengthInputType!`](#oncallrotationlengthinputtype) | The rotation length of the on-call rotation. | +| <a id="mutationoncallrotationcreatescheduleiid"></a>`scheduleIid` | [`String!`](#string) | The IID of the on-call schedule to create the on-call rotation in. | +| <a id="mutationoncallrotationcreatestartsat"></a>`startsAt` | [`OncallRotationDateInputType!`](#oncallrotationdateinputtype) | The start date and time of the on-call rotation, in the timezone of the on-call schedule. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallrotationcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallrotationcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationoncallrotationcreateoncallrotation"></a>`oncallRotation` | [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation) | The on-call rotation. | + +### `Mutation.oncallRotationDestroy` + +Input type: `OncallRotationDestroyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallrotationdestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallrotationdestroyid"></a>`id` | [`IncidentManagementOncallRotationID!`](#incidentmanagementoncallrotationid) | The ID of the on-call rotation to remove. | +| <a id="mutationoncallrotationdestroyprojectpath"></a>`projectPath` | [`ID!`](#id) | The project to remove the on-call schedule from. | +| <a id="mutationoncallrotationdestroyscheduleiid"></a>`scheduleIid` | [`String!`](#string) | The IID of the on-call schedule to the on-call rotation belongs to. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallrotationdestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallrotationdestroyerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationoncallrotationdestroyoncallrotation"></a>`oncallRotation` | [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation) | The on-call rotation. | + +### `Mutation.oncallRotationUpdate` + +Input type: `OncallRotationUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallrotationupdateactiveperiod"></a>`activePeriod` | [`OncallRotationActivePeriodInputType`](#oncallrotationactiveperiodinputtype) | The active period of time that the on-call rotation should take place. | +| <a id="mutationoncallrotationupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallrotationupdateendsat"></a>`endsAt` | [`OncallRotationDateInputType`](#oncallrotationdateinputtype) | The end date and time of the on-call rotation, in the timezone of the on-call schedule. | +| <a id="mutationoncallrotationupdateid"></a>`id` | [`IncidentManagementOncallRotationID!`](#incidentmanagementoncallrotationid) | The ID of the on-call schedule to create the on-call rotation in. | +| <a id="mutationoncallrotationupdatename"></a>`name` | [`String`](#string) | The name of the on-call rotation. | +| <a id="mutationoncallrotationupdateparticipants"></a>`participants` | [`[OncallUserInputType!]`](#oncalluserinputtype) | The usernames of users participating in the on-call rotation. A maximum limit of 100 participants applies. | +| <a id="mutationoncallrotationupdaterotationlength"></a>`rotationLength` | [`OncallRotationLengthInputType`](#oncallrotationlengthinputtype) | The rotation length of the on-call rotation. | +| <a id="mutationoncallrotationupdatestartsat"></a>`startsAt` | [`OncallRotationDateInputType`](#oncallrotationdateinputtype) | The start date and time of the on-call rotation, in the timezone of the on-call schedule. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallrotationupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallrotationupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationoncallrotationupdateoncallrotation"></a>`oncallRotation` | [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation) | The on-call rotation. | + +### `Mutation.oncallScheduleCreate` + +Input type: `OncallScheduleCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallschedulecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallschedulecreatedescription"></a>`description` | [`String`](#string) | The description of the on-call schedule. | +| <a id="mutationoncallschedulecreatename"></a>`name` | [`String!`](#string) | The name of the on-call schedule. | +| <a id="mutationoncallschedulecreateprojectpath"></a>`projectPath` | [`ID!`](#id) | The project to create the on-call schedule in. | +| <a id="mutationoncallschedulecreatetimezone"></a>`timezone` | [`String!`](#string) | The timezone of the on-call schedule. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallschedulecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallschedulecreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationoncallschedulecreateoncallschedule"></a>`oncallSchedule` | [`IncidentManagementOncallSchedule`](#incidentmanagementoncallschedule) | The on-call schedule. | + +### `Mutation.oncallScheduleDestroy` + +Input type: `OncallScheduleDestroyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallscheduledestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallscheduledestroyiid"></a>`iid` | [`String!`](#string) | The on-call schedule internal ID to remove. | +| <a id="mutationoncallscheduledestroyprojectpath"></a>`projectPath` | [`ID!`](#id) | The project to remove the on-call schedule from. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallscheduledestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallscheduledestroyerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationoncallscheduledestroyoncallschedule"></a>`oncallSchedule` | [`IncidentManagementOncallSchedule`](#incidentmanagementoncallschedule) | The on-call schedule. | + +### `Mutation.oncallScheduleUpdate` + +Input type: `OncallScheduleUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallscheduleupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallscheduleupdatedescription"></a>`description` | [`String`](#string) | The description of the on-call schedule. | +| <a id="mutationoncallscheduleupdateiid"></a>`iid` | [`String!`](#string) | The on-call schedule internal ID to update. | +| <a id="mutationoncallscheduleupdatename"></a>`name` | [`String`](#string) | The name of the on-call schedule. | +| <a id="mutationoncallscheduleupdateprojectpath"></a>`projectPath` | [`ID!`](#id) | The project to update the on-call schedule in. | +| <a id="mutationoncallscheduleupdatetimezone"></a>`timezone` | [`String`](#string) | The timezone of the on-call schedule. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationoncallscheduleupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationoncallscheduleupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationoncallscheduleupdateoncallschedule"></a>`oncallSchedule` | [`IncidentManagementOncallSchedule`](#incidentmanagementoncallschedule) | The on-call schedule. | + +### `Mutation.pipelineCancel` + +Input type: `PipelineCancelInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationpipelinecancelclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationpipelinecancelid"></a>`id` | [`CiPipelineID!`](#cipipelineid) | The ID of the pipeline to mutate. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationpipelinecancelclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationpipelinecancelerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.pipelineDestroy` + +Input type: `PipelineDestroyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationpipelinedestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationpipelinedestroyid"></a>`id` | [`CiPipelineID!`](#cipipelineid) | The ID of the pipeline to mutate. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationpipelinedestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationpipelinedestroyerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.pipelineRetry` + +Input type: `PipelineRetryInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationpipelineretryclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationpipelineretryid"></a>`id` | [`CiPipelineID!`](#cipipelineid) | The ID of the pipeline to mutate. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationpipelineretryclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationpipelineretryerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationpipelineretrypipeline"></a>`pipeline` | [`Pipeline`](#pipeline) | The pipeline after mutation. | + +### `Mutation.prometheusIntegrationCreate` + +Input type: `PrometheusIntegrationCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationprometheusintegrationcreateactive"></a>`active` | [`Boolean!`](#boolean) | Whether the integration is receiving alerts. | +| <a id="mutationprometheusintegrationcreateapiurl"></a>`apiUrl` | [`String!`](#string) | Endpoint at which Prometheus can be queried. | +| <a id="mutationprometheusintegrationcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationprometheusintegrationcreateprojectpath"></a>`projectPath` | [`ID!`](#id) | The project to create the integration in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationprometheusintegrationcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationprometheusintegrationcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationprometheusintegrationcreateintegration"></a>`integration` | [`AlertManagementPrometheusIntegration`](#alertmanagementprometheusintegration) | The newly created integration. | + +### `Mutation.prometheusIntegrationResetToken` + +Input type: `PrometheusIntegrationResetTokenInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationprometheusintegrationresettokenclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationprometheusintegrationresettokenid"></a>`id` | [`PrometheusServiceID!`](#prometheusserviceid) | The ID of the integration to mutate. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationprometheusintegrationresettokenclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationprometheusintegrationresettokenerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationprometheusintegrationresettokenintegration"></a>`integration` | [`AlertManagementPrometheusIntegration`](#alertmanagementprometheusintegration) | The newly created integration. | + +### `Mutation.prometheusIntegrationUpdate` + +Input type: `PrometheusIntegrationUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationprometheusintegrationupdateactive"></a>`active` | [`Boolean`](#boolean) | Whether the integration is receiving alerts. | +| <a id="mutationprometheusintegrationupdateapiurl"></a>`apiUrl` | [`String`](#string) | Endpoint at which Prometheus can be queried. | +| <a id="mutationprometheusintegrationupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationprometheusintegrationupdateid"></a>`id` | [`PrometheusServiceID!`](#prometheusserviceid) | The ID of the integration to mutate. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationprometheusintegrationupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationprometheusintegrationupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationprometheusintegrationupdateintegration"></a>`integration` | [`AlertManagementPrometheusIntegration`](#alertmanagementprometheusintegration) | The newly created integration. | + +### `Mutation.promoteToEpic` + +Input type: `PromoteToEpicInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationpromotetoepicclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationpromotetoepicgrouppath"></a>`groupPath` | [`ID`](#id) | The group the promoted epic will belong to. | +| <a id="mutationpromotetoepiciid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationpromotetoepicprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationpromotetoepicclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationpromotetoepicepic"></a>`epic` | [`Epic`](#epic) | The epic after issue promotion. | +| <a id="mutationpromotetoepicerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationpromotetoepicissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.releaseAssetLinkCreate` + +Input type: `ReleaseAssetLinkCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleaseassetlinkcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleaseassetlinkcreatedirectassetpath"></a>`directAssetPath` | [`String`](#string) | Relative path for a direct asset link. | +| <a id="mutationreleaseassetlinkcreatelinktype"></a>`linkType` | [`ReleaseAssetLinkType`](#releaseassetlinktype) | The type of the asset link. | +| <a id="mutationreleaseassetlinkcreatename"></a>`name` | [`String!`](#string) | Name of the asset link. | +| <a id="mutationreleaseassetlinkcreateprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project the asset link is associated with. | +| <a id="mutationreleaseassetlinkcreatetagname"></a>`tagName` | [`String!`](#string) | Name of the associated release's tag. | +| <a id="mutationreleaseassetlinkcreateurl"></a>`url` | [`String!`](#string) | URL of the asset link. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleaseassetlinkcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleaseassetlinkcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationreleaseassetlinkcreatelink"></a>`link` | [`ReleaseAssetLink`](#releaseassetlink) | The asset link after mutation. | + +### `Mutation.releaseAssetLinkDelete` + +Input type: `ReleaseAssetLinkDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleaseassetlinkdeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleaseassetlinkdeleteid"></a>`id` | [`ReleasesLinkID!`](#releaseslinkid) | ID of the release asset link to delete. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleaseassetlinkdeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleaseassetlinkdeleteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationreleaseassetlinkdeletelink"></a>`link` | [`ReleaseAssetLink`](#releaseassetlink) | The deleted release asset link. | + +### `Mutation.releaseAssetLinkUpdate` + +Input type: `ReleaseAssetLinkUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleaseassetlinkupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleaseassetlinkupdatedirectassetpath"></a>`directAssetPath` | [`String`](#string) | Relative path for a direct asset link. | +| <a id="mutationreleaseassetlinkupdateid"></a>`id` | [`ReleasesLinkID!`](#releaseslinkid) | ID of the release asset link to update. | +| <a id="mutationreleaseassetlinkupdatelinktype"></a>`linkType` | [`ReleaseAssetLinkType`](#releaseassetlinktype) | The type of the asset link. | +| <a id="mutationreleaseassetlinkupdatename"></a>`name` | [`String`](#string) | Name of the asset link. | +| <a id="mutationreleaseassetlinkupdateurl"></a>`url` | [`String`](#string) | URL of the asset link. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleaseassetlinkupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleaseassetlinkupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationreleaseassetlinkupdatelink"></a>`link` | [`ReleaseAssetLink`](#releaseassetlink) | The asset link after mutation. | + +### `Mutation.releaseCreate` + +Input type: `ReleaseCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleasecreateassets"></a>`assets` | [`ReleaseAssetsInput`](#releaseassetsinput) | Assets associated to the release. | +| <a id="mutationreleasecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleasecreatedescription"></a>`description` | [`String`](#string) | Description (also known as "release notes") of the release. | +| <a id="mutationreleasecreatemilestones"></a>`milestones` | [`[String!]`](#string) | The title of each milestone the release is associated with. GitLab Premium customers can specify group milestones. | +| <a id="mutationreleasecreatename"></a>`name` | [`String`](#string) | Name of the release. | +| <a id="mutationreleasecreateprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project the release is associated with. | +| <a id="mutationreleasecreateref"></a>`ref` | [`String`](#string) | The commit SHA or branch name to use if creating a new tag. | +| <a id="mutationreleasecreatereleasedat"></a>`releasedAt` | [`Time`](#time) | The date when the release will be/was ready. Defaults to the current time. | +| <a id="mutationreleasecreatetagname"></a>`tagName` | [`String!`](#string) | Name of the tag to associate with the release. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleasecreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleasecreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationreleasecreaterelease"></a>`release` | [`Release`](#release) | The release after mutation. | + +### `Mutation.releaseDelete` + +Input type: `ReleaseDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleasedeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleasedeleteprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project the release is associated with. | +| <a id="mutationreleasedeletetagname"></a>`tagName` | [`String!`](#string) | Name of the tag associated with the release to delete. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleasedeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleasedeleteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationreleasedeleterelease"></a>`release` | [`Release`](#release) | The deleted release. | + +### `Mutation.releaseUpdate` + +Input type: `ReleaseUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleaseupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleaseupdatedescription"></a>`description` | [`String`](#string) | Description (release notes) of the release. | +| <a id="mutationreleaseupdatemilestones"></a>`milestones` | [`[String!]`](#string) | The title of each milestone the release is associated with. GitLab Premium customers can specify group milestones. | +| <a id="mutationreleaseupdatename"></a>`name` | [`String`](#string) | Name of the release. | +| <a id="mutationreleaseupdateprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project the release is associated with. | +| <a id="mutationreleaseupdatereleasedat"></a>`releasedAt` | [`Time`](#time) | The release date. | +| <a id="mutationreleaseupdatetagname"></a>`tagName` | [`String!`](#string) | Name of the tag associated with the release. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationreleaseupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationreleaseupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationreleaseupdaterelease"></a>`release` | [`Release`](#release) | The release after mutation. | + +### `Mutation.removeAwardEmoji` + +WARNING: +**Deprecated** in 13.2. +Use awardEmojiRemove. + +Input type: `RemoveAwardEmojiInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationremoveawardemojiawardableid"></a>`awardableId` | [`AwardableID!`](#awardableid) | The global ID of the awardable resource. | +| <a id="mutationremoveawardemojiclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationremoveawardemojiname"></a>`name` | [`String!`](#string) | The emoji name. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationremoveawardemojiawardemoji"></a>`awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | +| <a id="mutationremoveawardemojiclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationremoveawardemojierrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.removeProjectFromSecurityDashboard` + +Input type: `RemoveProjectFromSecurityDashboardInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationremoveprojectfromsecuritydashboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationremoveprojectfromsecuritydashboardid"></a>`id` | [`ProjectID!`](#projectid) | ID of the project to remove from the Instance Security Dashboard. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationremoveprojectfromsecuritydashboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationremoveprojectfromsecuritydashboarderrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.repositionImageDiffNote` + +Repositions a DiffNote on an image (a `Note` where the `position.positionType` is `"image"`). + +Input type: `RepositionImageDiffNoteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationrepositionimagediffnoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationrepositionimagediffnoteid"></a>`id` | [`DiffNoteID!`](#diffnoteid) | The global ID of the DiffNote to update. | +| <a id="mutationrepositionimagediffnoteposition"></a>`position` | [`UpdateDiffImagePositionInput!`](#updatediffimagepositioninput) | The position of this note on a diff. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationrepositionimagediffnoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationrepositionimagediffnoteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationrepositionimagediffnotenote"></a>`note` | [`Note`](#note) | The note after mutation. | + +### `Mutation.revertVulnerabilityToDetected` + +WARNING: +**Deprecated** in 13.5. +Use vulnerabilityRevertToDetected. + +Input type: `RevertVulnerabilityToDetectedInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationrevertvulnerabilitytodetectedclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationrevertvulnerabilitytodetectedid"></a>`id` | [`VulnerabilityID!`](#vulnerabilityid) | ID of the vulnerability to be reverted. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationrevertvulnerabilitytodetectedclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationrevertvulnerabilitytodetectederrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationrevertvulnerabilitytodetectedvulnerability"></a>`vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after revert. | + +### `Mutation.runDastScan` + +WARNING: +**Deprecated** in 13.4. +Use DastOnDemandScanCreate. + +Input type: `RunDASTScanInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationrundastscanbranch"></a>`branch` | [`String!`](#string) | The branch to be associated with the scan. | +| <a id="mutationrundastscanclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationrundastscanprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the DAST scan belongs to. | +| <a id="mutationrundastscanscantype"></a>`scanType` | [`DastScanTypeEnum!`](#dastscantypeenum) | The type of scan to be run. | +| <a id="mutationrundastscantargeturl"></a>`targetUrl` | [`String!`](#string) | The URL of the target to be scanned. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationrundastscanclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationrundastscanerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationrundastscanpipelineurl"></a>`pipelineUrl` | [`String`](#string) | URL of the pipeline that was created. | + +### `Mutation.terraformStateDelete` + +Input type: `TerraformStateDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationterraformstatedeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationterraformstatedeleteid"></a>`id` | [`TerraformStateID!`](#terraformstateid) | Global ID of the Terraform state. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationterraformstatedeleteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationterraformstatedeleteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.terraformStateLock` + +Input type: `TerraformStateLockInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationterraformstatelockclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationterraformstatelockid"></a>`id` | [`TerraformStateID!`](#terraformstateid) | Global ID of the Terraform state. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationterraformstatelockclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationterraformstatelockerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.terraformStateUnlock` + +Input type: `TerraformStateUnlockInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationterraformstateunlockclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationterraformstateunlockid"></a>`id` | [`TerraformStateID!`](#terraformstateid) | Global ID of the Terraform state. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationterraformstateunlockclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationterraformstateunlockerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.todoCreate` + +Input type: `TodoCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtodocreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtodocreatetargetid"></a>`targetId` | [`TodoableID!`](#todoableid) | The global ID of the to-do item's parent. Issues, merge requests, designs and epics are supported. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtodocreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtodocreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationtodocreatetodo"></a>`todo` | [`Todo`](#todo) | The to-do item created. | + +### `Mutation.todoMarkDone` + +Input type: `TodoMarkDoneInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtodomarkdoneclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtodomarkdoneid"></a>`id` | [`TodoID!`](#todoid) | The global ID of the to-do item to mark as done. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtodomarkdoneclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtodomarkdoneerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationtodomarkdonetodo"></a>`todo` | [`Todo!`](#todo) | The requested to-do item. | + +### `Mutation.todoRestore` + +Input type: `TodoRestoreInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtodorestoreclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtodorestoreid"></a>`id` | [`TodoID!`](#todoid) | The global ID of the to-do item to restore. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtodorestoreclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtodorestoreerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationtodorestoretodo"></a>`todo` | [`Todo!`](#todo) | The requested to-do item. | + +### `Mutation.todoRestoreMany` + +Input type: `TodoRestoreManyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtodorestoremanyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtodorestoremanyids"></a>`ids` | [`[TodoID!]!`](#todoid) | The global IDs of the to-do items to restore (a maximum of 50 is supported at once). | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtodorestoremanyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtodorestoremanyerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationtodorestoremanytodos"></a>`todos` | [`[Todo!]!`](#todo) | Updated to-do items. | +| <a id="mutationtodorestoremanyupdatedids"></a>`updatedIds` **{warning-solid}** | [`[TodoID!]!`](#todoid) | **Deprecated:** Use to-do items. Deprecated in 13.2. | + +### `Mutation.todosMarkAllDone` + +Input type: `TodosMarkAllDoneInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtodosmarkalldoneclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtodosmarkalldoneclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtodosmarkalldoneerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationtodosmarkalldonetodos"></a>`todos` | [`[Todo!]!`](#todo) | Updated to-do items. | +| <a id="mutationtodosmarkalldoneupdatedids"></a>`updatedIds` **{warning-solid}** | [`[TodoID!]!`](#todoid) | **Deprecated:** Use to-do items. Deprecated in 13.2. | + +### `Mutation.toggleAwardEmoji` + +WARNING: +**Deprecated** in 13.2. +Use awardEmojiToggle. + +Input type: `ToggleAwardEmojiInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtoggleawardemojiawardableid"></a>`awardableId` | [`AwardableID!`](#awardableid) | The global ID of the awardable resource. | +| <a id="mutationtoggleawardemojiclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtoggleawardemojiname"></a>`name` | [`String!`](#string) | The emoji name. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationtoggleawardemojiawardemoji"></a>`awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | +| <a id="mutationtoggleawardemojiclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationtoggleawardemojierrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationtoggleawardemojitoggledon"></a>`toggledOn` | [`Boolean!`](#boolean) | Indicates the status of the emoji. True if the toggle awarded the emoji, and false if the toggle removed the emoji. | + +### `Mutation.updateAlertStatus` + +Input type: `UpdateAlertStatusInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatealertstatusclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatealertstatusiid"></a>`iid` | [`String!`](#string) | The IID of the alert to mutate. | +| <a id="mutationupdatealertstatusprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the alert to mutate is in. | +| <a id="mutationupdatealertstatusstatus"></a>`status` | [`AlertManagementStatus!`](#alertmanagementstatus) | The status to set the alert. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatealertstatusalert"></a>`alert` | [`AlertManagementAlert`](#alertmanagementalert) | The alert after mutation. | +| <a id="mutationupdatealertstatusclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatealertstatuserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationupdatealertstatusissue"></a>`issue` | [`Issue`](#issue) | The issue created after mutation. | +| <a id="mutationupdatealertstatustodo"></a>`todo` | [`Todo`](#todo) | The to-do item after mutation. | + +### `Mutation.updateBoard` + +Input type: `UpdateBoardInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateboardassigneeid"></a>`assigneeId` | [`UserID`](#userid) | ID of user to be assigned to the board. | +| <a id="mutationupdateboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateboardhidebackloglist"></a>`hideBacklogList` | [`Boolean`](#boolean) | Whether or not backlog list is hidden. | +| <a id="mutationupdateboardhideclosedlist"></a>`hideClosedList` | [`Boolean`](#boolean) | Whether or not closed list is hidden. | +| <a id="mutationupdateboardid"></a>`id` | [`BoardID!`](#boardid) | The board global ID. | +| <a id="mutationupdateboarditerationid"></a>`iterationId` | [`IterationID`](#iterationid) | ID of iteration to be assigned to the board. | +| <a id="mutationupdateboardlabelids"></a>`labelIds` | [`[LabelID!]`](#labelid) | IDs of labels to be added to the board. | +| <a id="mutationupdateboardlabels"></a>`labels` | [`[String!]`](#string) | Labels of the issue. | +| <a id="mutationupdateboardmilestoneid"></a>`milestoneId` | [`MilestoneID`](#milestoneid) | ID of milestone to be assigned to the board. | +| <a id="mutationupdateboardname"></a>`name` | [`String`](#string) | The board name. | +| <a id="mutationupdateboardweight"></a>`weight` | [`Int`](#int) | Weight value to be assigned to the board. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateboardboard"></a>`board` | [`Board`](#board) | The board after mutation. | +| <a id="mutationupdateboardclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateboarderrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.updateBoardEpicUserPreferences` + +Input type: `UpdateBoardEpicUserPreferencesInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateboardepicuserpreferencesboardid"></a>`boardId` | [`BoardID!`](#boardid) | The board global ID. | +| <a id="mutationupdateboardepicuserpreferencesclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateboardepicuserpreferencescollapsed"></a>`collapsed` | [`Boolean!`](#boolean) | Whether the epic should be collapsed in the board. | +| <a id="mutationupdateboardepicuserpreferencesepicid"></a>`epicId` | [`EpicID!`](#epicid) | ID of an epic to set preferences for. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateboardepicuserpreferencesclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateboardepicuserpreferencesepicuserpreferences"></a>`epicUserPreferences` | [`BoardEpicUserPreferences`](#boardepicuserpreferences) | User preferences for the epic in the board after mutation. | +| <a id="mutationupdateboardepicuserpreferenceserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.updateBoardList` + +Input type: `UpdateBoardListInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateboardlistclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateboardlistcollapsed"></a>`collapsed` | [`Boolean`](#boolean) | Indicates if the list is collapsed for this user. | +| <a id="mutationupdateboardlistlistid"></a>`listId` | [`ListID!`](#listid) | Global ID of the list. | +| <a id="mutationupdateboardlistposition"></a>`position` | [`Int`](#int) | Position of list within the board. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateboardlistclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateboardlisterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationupdateboardlistlist"></a>`list` | [`BoardList`](#boardlist) | Mutated list. | + +### `Mutation.updateComplianceFramework` + +Input type: `UpdateComplianceFrameworkInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatecomplianceframeworkclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatecomplianceframeworkid"></a>`id` | [`ComplianceManagementFrameworkID!`](#compliancemanagementframeworkid) | The global ID of the compliance framework to update. | +| <a id="mutationupdatecomplianceframeworkparams"></a>`params` | [`ComplianceFrameworkInput!`](#complianceframeworkinput) | Parameters to update the compliance framework with. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatecomplianceframeworkclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatecomplianceframeworkcomplianceframework"></a>`complianceFramework` | [`ComplianceFramework`](#complianceframework) | The compliance framework after mutation. | +| <a id="mutationupdatecomplianceframeworkerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.updateContainerExpirationPolicy` + +Input type: `UpdateContainerExpirationPolicyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatecontainerexpirationpolicycadence"></a>`cadence` | [`ContainerExpirationPolicyCadenceEnum`](#containerexpirationpolicycadenceenum) | This container expiration policy schedule. | +| <a id="mutationupdatecontainerexpirationpolicyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatecontainerexpirationpolicyenabled"></a>`enabled` | [`Boolean`](#boolean) | Indicates whether this container expiration policy is enabled. | +| <a id="mutationupdatecontainerexpirationpolicykeepn"></a>`keepN` | [`ContainerExpirationPolicyKeepEnum`](#containerexpirationpolicykeepenum) | Number of tags to retain. | +| <a id="mutationupdatecontainerexpirationpolicynameregex"></a>`nameRegex` | [`UntrustedRegexp`](#untrustedregexp) | Tags with names matching this regex pattern will expire. | +| <a id="mutationupdatecontainerexpirationpolicynameregexkeep"></a>`nameRegexKeep` | [`UntrustedRegexp`](#untrustedregexp) | Tags with names matching this regex pattern will be preserved. | +| <a id="mutationupdatecontainerexpirationpolicyolderthan"></a>`olderThan` | [`ContainerExpirationPolicyOlderThanEnum`](#containerexpirationpolicyolderthanenum) | Tags older that this will expire. | +| <a id="mutationupdatecontainerexpirationpolicyprojectpath"></a>`projectPath` | [`ID!`](#id) | The project path where the container expiration policy is located. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatecontainerexpirationpolicyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatecontainerexpirationpolicycontainerexpirationpolicy"></a>`containerExpirationPolicy` | [`ContainerExpirationPolicy`](#containerexpirationpolicy) | The container expiration policy after mutation. | +| <a id="mutationupdatecontainerexpirationpolicyerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.updateEpic` + +Input type: `UpdateEpicInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateepicaddlabelids"></a>`addLabelIds` | [`[ID!]`](#id) | The IDs of labels to be added to the epic. | +| <a id="mutationupdateepicclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateepicconfidential"></a>`confidential` | [`Boolean`](#boolean) | Indicates if the epic is confidential. | +| <a id="mutationupdateepicdescription"></a>`description` | [`String`](#string) | The description of the epic. | +| <a id="mutationupdateepicduedatefixed"></a>`dueDateFixed` | [`String`](#string) | The end date of the epic. | +| <a id="mutationupdateepicduedateisfixed"></a>`dueDateIsFixed` | [`Boolean`](#boolean) | Indicates end date should be sourced from due_date_fixed field not the issue milestones. | +| <a id="mutationupdateepicgrouppath"></a>`groupPath` | [`ID!`](#id) | The group the epic to mutate is in. | +| <a id="mutationupdateepiciid"></a>`iid` | [`ID!`](#id) | The IID of the epic to mutate. | +| <a id="mutationupdateepicremovelabelids"></a>`removeLabelIds` | [`[ID!]`](#id) | The IDs of labels to be removed from the epic. | +| <a id="mutationupdateepicstartdatefixed"></a>`startDateFixed` | [`String`](#string) | The start date of the epic. | +| <a id="mutationupdateepicstartdateisfixed"></a>`startDateIsFixed` | [`Boolean`](#boolean) | Indicates start date should be sourced from start_date_fixed field not the issue milestones. | +| <a id="mutationupdateepicstateevent"></a>`stateEvent` | [`EpicStateEvent`](#epicstateevent) | State event for the epic. | +| <a id="mutationupdateepictitle"></a>`title` | [`String`](#string) | The title of the epic. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateepicclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateepicepic"></a>`epic` | [`Epic`](#epic) | The epic after mutation. | +| <a id="mutationupdateepicerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.updateEpicBoardList` + +Input type: `UpdateEpicBoardListInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateepicboardlistclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateepicboardlistcollapsed"></a>`collapsed` | [`Boolean`](#boolean) | Indicates if the list is collapsed for this user. | +| <a id="mutationupdateepicboardlistlistid"></a>`listId` | [`BoardsEpicListID!`](#boardsepiclistid) | Global ID of the epic list. | +| <a id="mutationupdateepicboardlistposition"></a>`position` | [`Int`](#int) | Position of list within the board. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateepicboardlistclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateepicboardlisterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationupdateepicboardlistlist"></a>`list` | [`EpicList`](#epiclist) | Mutated epic list. | + +### `Mutation.updateImageDiffNote` + +Updates a DiffNote on an image (a `Note` where the `position.positionType` is `"image"`). +If the body of the Note contains only quick actions, +the Note will be destroyed during the update, and no Note will be +returned. + +Input type: `UpdateImageDiffNoteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateimagediffnotebody"></a>`body` | [`String`](#string) | Content of the note. | +| <a id="mutationupdateimagediffnoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateimagediffnoteid"></a>`id` | [`NoteID!`](#noteid) | The global ID of the note to update. | +| <a id="mutationupdateimagediffnoteposition"></a>`position` | [`UpdateDiffImagePositionInput`](#updatediffimagepositioninput) | The position of this note on a diff. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateimagediffnoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateimagediffnoteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationupdateimagediffnotenote"></a>`note` | [`Note`](#note) | The note after mutation. | + +### `Mutation.updateIssue` + +Input type: `UpdateIssueInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateissueaddlabelids"></a>`addLabelIds` | [`[ID!]`](#id) | The IDs of labels to be added to the issue. | +| <a id="mutationupdateissueclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateissueconfidential"></a>`confidential` | [`Boolean`](#boolean) | Indicates the issue is confidential. | +| <a id="mutationupdateissuedescription"></a>`description` | [`String`](#string) | Description of the issue. | +| <a id="mutationupdateissueduedate"></a>`dueDate` | [`ISO8601Date`](#iso8601date) | Due date of the issue. | +| <a id="mutationupdateissueepicid"></a>`epicId` | [`EpicID`](#epicid) | The ID of the parent epic. NULL when removing the association. | +| <a id="mutationupdateissuehealthstatus"></a>`healthStatus` | [`HealthStatus`](#healthstatus) | The desired health status. | +| <a id="mutationupdateissueiid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | +| <a id="mutationupdateissuelocked"></a>`locked` | [`Boolean`](#boolean) | Indicates discussion is locked on the issue. | +| <a id="mutationupdateissuemilestoneid"></a>`milestoneId` | [`ID`](#id) | The ID of the milestone to assign to the issue. On update milestone will be removed if set to null. | +| <a id="mutationupdateissueprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | +| <a id="mutationupdateissueremovelabelids"></a>`removeLabelIds` | [`[ID!]`](#id) | The IDs of labels to be removed from the issue. | +| <a id="mutationupdateissuestateevent"></a>`stateEvent` | [`IssueStateEvent`](#issuestateevent) | Close or reopen an issue. | +| <a id="mutationupdateissuetitle"></a>`title` | [`String`](#string) | Title of the issue. | +| <a id="mutationupdateissuetype"></a>`type` | [`IssueType`](#issuetype) | Type of the issue. | +| <a id="mutationupdateissueweight"></a>`weight` | [`Int`](#int) | The weight of the issue. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateissueclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateissueerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationupdateissueissue"></a>`issue` | [`Issue`](#issue) | The issue after mutation. | + +### `Mutation.updateIteration` + +Input type: `UpdateIterationInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateiterationclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateiterationdescription"></a>`description` | [`String`](#string) | Description of the iteration. | +| <a id="mutationupdateiterationduedate"></a>`dueDate` | [`String`](#string) | End date of the iteration. | +| <a id="mutationupdateiterationgrouppath"></a>`groupPath` | [`ID!`](#id) | Group of the iteration. | +| <a id="mutationupdateiterationid"></a>`id` | [`ID!`](#id) | Global ID of the iteration. | +| <a id="mutationupdateiterationstartdate"></a>`startDate` | [`String`](#string) | Start date of the iteration. | +| <a id="mutationupdateiterationtitle"></a>`title` | [`String`](#string) | Title of the iteration. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdateiterationclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdateiterationerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationupdateiterationiteration"></a>`iteration` | [`Iteration`](#iteration) | Updated iteration. | + +### `Mutation.updateNamespacePackageSettings` + +Input type: `UpdateNamespacePackageSettingsInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatenamespacepackagesettingsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatenamespacepackagesettingsgenericduplicateexceptionregex"></a>`genericDuplicateExceptionRegex` | [`UntrustedRegexp`](#untrustedregexp) | When generic_duplicates_allowed is false, you can publish duplicate packages with names that match this regex. Otherwise, this setting has no effect. | +| <a id="mutationupdatenamespacepackagesettingsgenericduplicatesallowed"></a>`genericDuplicatesAllowed` | [`Boolean`](#boolean) | Indicates whether duplicate generic packages are allowed for this namespace. | +| <a id="mutationupdatenamespacepackagesettingsmavenduplicateexceptionregex"></a>`mavenDuplicateExceptionRegex` | [`UntrustedRegexp`](#untrustedregexp) | When maven_duplicates_allowed is false, you can publish duplicate packages with names that match this regex. Otherwise, this setting has no effect. | +| <a id="mutationupdatenamespacepackagesettingsmavenduplicatesallowed"></a>`mavenDuplicatesAllowed` | [`Boolean`](#boolean) | Indicates whether duplicate Maven packages are allowed for this namespace. | +| <a id="mutationupdatenamespacepackagesettingsnamespacepath"></a>`namespacePath` | [`ID!`](#id) | The namespace path where the namespace package setting is located. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatenamespacepackagesettingsclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatenamespacepackagesettingserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationupdatenamespacepackagesettingspackagesettings"></a>`packageSettings` | [`PackageSettings`](#packagesettings) | The namespace package setting after mutation. | + +### `Mutation.updateNote` + +Updates a Note. +If the body of the Note contains only quick actions, +the Note will be destroyed during the update, and no Note will be +returned. + +Input type: `UpdateNoteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatenotebody"></a>`body` | [`String`](#string) | Content of the note. | +| <a id="mutationupdatenoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatenoteconfidential"></a>`confidential` | [`Boolean`](#boolean) | The confidentiality flag of a note. Default is false. | +| <a id="mutationupdatenoteid"></a>`id` | [`NoteID!`](#noteid) | The global ID of the note to update. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatenoteclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatenoteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationupdatenotenote"></a>`note` | [`Note`](#note) | The note after mutation. | + +### `Mutation.updateRequirement` + +Input type: `UpdateRequirementInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdaterequirementclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdaterequirementdescription"></a>`description` | [`String`](#string) | Description of the requirement. | +| <a id="mutationupdaterequirementiid"></a>`iid` | [`String!`](#string) | The IID of the requirement to update. | +| <a id="mutationupdaterequirementlasttestreportstate"></a>`lastTestReportState` | [`TestReportState`](#testreportstate) | Creates a test report for the requirement with the given state. | +| <a id="mutationupdaterequirementprojectpath"></a>`projectPath` | [`ID!`](#id) | Full project path the requirement is associated with. | +| <a id="mutationupdaterequirementstate"></a>`state` | [`RequirementState`](#requirementstate) | State of the requirement. | +| <a id="mutationupdaterequirementtitle"></a>`title` | [`String`](#string) | Title of the requirement. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdaterequirementclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdaterequirementerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationupdaterequirementrequirement"></a>`requirement` | [`Requirement`](#requirement) | Requirement after mutation. | + +### `Mutation.updateSnippet` + +Input type: `UpdateSnippetInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatesnippetblobactions"></a>`blobActions` | [`[SnippetBlobActionInputType!]`](#snippetblobactioninputtype) | Actions to perform over the snippet repository and blobs. | +| <a id="mutationupdatesnippetcaptcharesponse"></a>`captchaResponse` **{warning-solid}** | [`String`](#string) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | +| <a id="mutationupdatesnippetclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatesnippetdescription"></a>`description` | [`String`](#string) | Description of the snippet. | +| <a id="mutationupdatesnippetid"></a>`id` | [`SnippetID!`](#snippetid) | The global ID of the snippet to update. | +| <a id="mutationupdatesnippetspamlogid"></a>`spamLogId` **{warning-solid}** | [`Int`](#int) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | +| <a id="mutationupdatesnippettitle"></a>`title` | [`String`](#string) | Title of the snippet. | +| <a id="mutationupdatesnippetvisibilitylevel"></a>`visibilityLevel` | [`VisibilityLevelsEnum`](#visibilitylevelsenum) | The visibility level of the snippet. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationupdatesnippetcaptchasitekey"></a>`captchaSiteKey` **{warning-solid}** | [`String`](#string) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | +| <a id="mutationupdatesnippetclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationupdatesnippeterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationupdatesnippetneedscaptcharesponse"></a>`needsCaptchaResponse` **{warning-solid}** | [`Boolean`](#boolean) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | +| <a id="mutationupdatesnippetsnippet"></a>`snippet` | [`Snippet`](#snippet) | The snippet after mutation. | +| <a id="mutationupdatesnippetspam"></a>`spam` **{warning-solid}** | [`Boolean`](#boolean) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | +| <a id="mutationupdatesnippetspamlogid"></a>`spamLogId` **{warning-solid}** | [`Int`](#int) | **Deprecated:** Use spam protection with HTTP headers instead. Deprecated in 13.11. | + +### `Mutation.userCalloutCreate` + +Input type: `UserCalloutCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationusercalloutcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationusercalloutcreatefeaturename"></a>`featureName` | [`String!`](#string) | The feature name you want to dismiss the callout for. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationusercalloutcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationusercalloutcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationusercalloutcreateusercallout"></a>`userCallout` | [`UserCallout!`](#usercallout) | The user callout dismissed. | + +### `Mutation.vulnerabilityConfirm` + +Input type: `VulnerabilityConfirmInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilityconfirmclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilityconfirmid"></a>`id` | [`VulnerabilityID!`](#vulnerabilityid) | ID of the vulnerability to be confirmed. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilityconfirmclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilityconfirmerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationvulnerabilityconfirmvulnerability"></a>`vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after state change. | + +### `Mutation.vulnerabilityDismiss` + +Input type: `VulnerabilityDismissInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilitydismissclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilitydismisscomment"></a>`comment` | [`String`](#string) | Comment why vulnerability should be dismissed. | +| <a id="mutationvulnerabilitydismissdismissalreason"></a>`dismissalReason` | [`VulnerabilityDismissalReason`](#vulnerabilitydismissalreason) | Reason why vulnerability should be dismissed. | +| <a id="mutationvulnerabilitydismissid"></a>`id` | [`VulnerabilityID!`](#vulnerabilityid) | ID of the vulnerability to be dismissed. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilitydismissclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilitydismisserrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationvulnerabilitydismissvulnerability"></a>`vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after dismissal. | + +### `Mutation.vulnerabilityExternalIssueLinkCreate` + +Input type: `VulnerabilityExternalIssueLinkCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilityexternalissuelinkcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilityexternalissuelinkcreateexternaltracker"></a>`externalTracker` | [`VulnerabilityExternalIssueLinkExternalTracker!`](#vulnerabilityexternalissuelinkexternaltracker) | External tracker type of the external issue link. | +| <a id="mutationvulnerabilityexternalissuelinkcreateid"></a>`id` | [`VulnerabilityID!`](#vulnerabilityid) | ID of the vulnerability. | +| <a id="mutationvulnerabilityexternalissuelinkcreatelinktype"></a>`linkType` | [`VulnerabilityExternalIssueLinkType!`](#vulnerabilityexternalissuelinktype) | Type of the external issue link. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilityexternalissuelinkcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilityexternalissuelinkcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationvulnerabilityexternalissuelinkcreateexternalissuelink"></a>`externalIssueLink` | [`VulnerabilityExternalIssueLink`](#vulnerabilityexternalissuelink) | The created external issue link. | + +### `Mutation.vulnerabilityExternalIssueLinkDestroy` + +Input type: `VulnerabilityExternalIssueLinkDestroyInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilityexternalissuelinkdestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilityexternalissuelinkdestroyid"></a>`id` | [`VulnerabilitiesExternalIssueLinkID!`](#vulnerabilitiesexternalissuelinkid) | The global ID of the vulnerability external issue link. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilityexternalissuelinkdestroyclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilityexternalissuelinkdestroyerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.vulnerabilityResolve` + +Input type: `VulnerabilityResolveInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilityresolveclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilityresolveid"></a>`id` | [`VulnerabilityID!`](#vulnerabilityid) | ID of the vulnerability to be resolved. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilityresolveclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilityresolveerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationvulnerabilityresolvevulnerability"></a>`vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after state change. | + +### `Mutation.vulnerabilityRevertToDetected` + +Input type: `VulnerabilityRevertToDetectedInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilityreverttodetectedclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilityreverttodetectedid"></a>`id` | [`VulnerabilityID!`](#vulnerabilityid) | ID of the vulnerability to be reverted. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationvulnerabilityreverttodetectedclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationvulnerabilityreverttodetectederrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationvulnerabilityreverttodetectedvulnerability"></a>`vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after revert. | + +## Connections + +Some types in our schema are `Connection` types - they represent a paginated +collection of edges between two nodes in the graph. These follow the +[Relay cursor connections specification](https://relay.dev/graphql/connections.htm). + +### Pagination arguments {#connection-pagination-arguments} + +All connection fields support the following pagination arguments: + +| Name | Type | Description | +|------|------|-------------| | `after` | [`String`](#string) | Returns the elements in the list that come after the specified cursor. | | `before` | [`String`](#string) | Returns the elements in the list that come before the specified cursor. | -| `endDate` | [`ISO8601Date!`](#iso8601date) | Last day for which to fetch vulnerability history. | | `first` | [`Int`](#int) | Returns the first _n_ elements from the list. | | `last` | [`Int`](#int) | Returns the last _n_ elements from the list. | -| `startDate` | [`ISO8601Date!`](#iso8601date) | First day for which to fetch vulnerability history. | -### `vulnerability` +Since these arguments are common to all connection fields, they are not repeated for each connection. -Find a vulnerability. +### Connection fields -Returns [`Vulnerability`](#vulnerability). +All connections have at least the following fields: -#### Arguments +| Name | Type | Description | +|------|------|-------------| +| `pageInfo` | [`PageInfo!`](#pageinfo) | Pagination information. | +| `edges` | `[edge!]` | The edges. | +| `nodes` | `[item!]` | The items in the current page. | + +The precise type of `Edge` and `Item` depends on the kind of connection. A +[`ProjectConnection`](#projectconnection) will have nodes that have the type +[`[Project!]`](#project), and edges that have the type [`ProjectEdge`](#projectedge). + +### Connection types + +Some of the types in the schema exist solely to model connections. Each connection +has a distinct, named type, with a distinct named edge type. These are listed separately +below. + +#### `AlertManagementAlertConnection` + +The connection type for [`AlertManagementAlert`](#alertmanagementalert). + +##### Fields | Name | Type | Description | | ---- | ---- | ----------- | -| `id` | [`VulnerabilityID!`](#vulnerabilityid) | The Global ID of the Vulnerability. | +| <a id="alertmanagementalertconnectionedges"></a>`edges` | [`[AlertManagementAlertEdge]`](#alertmanagementalertedge) | A list of edges. | +| <a id="alertmanagementalertconnectionnodes"></a>`nodes` | [`[AlertManagementAlert]`](#alertmanagementalert) | A list of nodes. | +| <a id="alertmanagementalertconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -## Object types +#### `AlertManagementAlertEdge` -Object types represent the resources that the GitLab GraphQL API can return. -They contain _fields_. Each field has its own type, which will either be one of the -basic GraphQL [scalar types](https://graphql.org/learn/schema/#scalar-types) -(e.g.: `String` or `Boolean`) or other object types. +The edge type for [`AlertManagementAlert`](#alertmanagementalert). -For more information, see -[Object Types and Fields](https://graphql.org/learn/schema/#object-types-and-fields) -on `graphql.org`. +##### Fields -### `AccessLevel` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementalertedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="alertmanagementalertedgenode"></a>`node` | [`AlertManagementAlert`](#alertmanagementalert) | The item at the end of the edge. | -Represents the access level of a relationship between a User and object that it is related to. +#### `AlertManagementHttpIntegrationConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `integerValue` | [`Int`](#int) | Integer representation of access level. | -| `stringValue` | [`AccessLevelEnum`](#accesslevelenum) | String representation of access level. | +The connection type for [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration). -### `AddAwardEmojiPayload` +##### Fields -Autogenerated return type of AddAwardEmoji. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementhttpintegrationconnectionedges"></a>`edges` | [`[AlertManagementHttpIntegrationEdge]`](#alertmanagementhttpintegrationedge) | A list of edges. | +| <a id="alertmanagementhttpintegrationconnectionnodes"></a>`nodes` | [`[AlertManagementHttpIntegration]`](#alertmanagementhttpintegration) | A list of nodes. | +| <a id="alertmanagementhttpintegrationconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### `AlertManagementHttpIntegrationEdge` -### `AddProjectToSecurityDashboardPayload` +The edge type for [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration). -Autogenerated return type of AddProjectToSecurityDashboard. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `project` | [`Project`](#project) | Project that was added to the Instance Security Dashboard. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementhttpintegrationedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="alertmanagementhttpintegrationedgenode"></a>`node` | [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) | The item at the end of the edge. | -### `AdminSidekiqQueuesDeleteJobsPayload` +#### `AlertManagementIntegrationConnection` -Autogenerated return type of AdminSidekiqQueuesDeleteJobs. +The connection type for [`AlertManagementIntegration`](#alertmanagementintegration). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `result` | [`DeleteJobsResponse`](#deletejobsresponse) | Information about the status of the deletion request. | +##### Fields -### `AlertManagementAlert` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementintegrationconnectionedges"></a>`edges` | [`[AlertManagementIntegrationEdge]`](#alertmanagementintegrationedge) | A list of edges. | +| <a id="alertmanagementintegrationconnectionnodes"></a>`nodes` | [`[AlertManagementIntegration]`](#alertmanagementintegration) | A list of nodes. | +| <a id="alertmanagementintegrationconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -Describes an alert from the project's Alert Management. +#### `AlertManagementIntegrationEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `assignees` | [`UserConnection`](#userconnection) | Assignees of the alert. | -| `createdAt` | [`Time`](#time) | Timestamp the alert was created. | -| `description` | [`String`](#string) | Description of the alert. | -| `details` | [`JSON`](#json) | Alert details. | -| `detailsUrl` | [`String!`](#string) | The URL of the alert detail page. | -| `discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. | -| `endedAt` | [`Time`](#time) | Timestamp the alert ended. | -| `environment` | [`Environment`](#environment) | Environment for the alert. | -| `eventCount` | [`Int`](#int) | Number of events of this alert. | -| `hosts` | [`[String!]`](#string) | List of hosts the alert came from. | -| `iid` | [`ID!`](#id) | Internal ID of the alert. | -| `issue` | [`Issue`](#issue) | Issue attached to the alert. | -| `issueIid` **{warning-solid}** | [`ID`](#id) | **Deprecated** in 13.10. Use issue field. | -| `metricsDashboardUrl` | [`String`](#string) | URL for metrics embed for the alert. | -| `monitoringTool` | [`String`](#string) | Monitoring tool the alert came from. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. | -| `prometheusAlert` | [`PrometheusAlert`](#prometheusalert) | The alert condition for Prometheus. | -| `runbook` | [`String`](#string) | Runbook for the alert as defined in alert details. | -| `service` | [`String`](#string) | Service the alert came from. | -| `severity` | [`AlertManagementSeverity`](#alertmanagementseverity) | Severity of the alert. | -| `startedAt` | [`Time`](#time) | Timestamp the alert was raised. | -| `status` | [`AlertManagementStatus`](#alertmanagementstatus) | Status of the alert. | -| `title` | [`String`](#string) | Title of the alert. | -| `todos` | [`TodoConnection`](#todoconnection) | To-do items of the current user for the alert. | -| `updatedAt` | [`Time`](#time) | Timestamp the alert was last updated. | - -### `AlertManagementAlertConnection` - -The connection type for AlertManagementAlert. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[AlertManagementAlertEdge]`](#alertmanagementalertedge) | A list of edges. | -| `nodes` | [`[AlertManagementAlert]`](#alertmanagementalert) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `AlertManagementAlertEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`AlertManagementAlert`](#alertmanagementalert) | The item at the end of the edge. | +The edge type for [`AlertManagementIntegration`](#alertmanagementintegration). -### `AlertManagementAlertStatusCountsType` +##### Fields -Represents total number of alerts for the represented categories. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementintegrationedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="alertmanagementintegrationedgenode"></a>`node` | [`AlertManagementIntegration`](#alertmanagementintegration) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `acknowledged` | [`Int`](#int) | Number of alerts with status ACKNOWLEDGED for the project. | -| `all` | [`Int`](#int) | Total number of alerts for the project. | -| `ignored` | [`Int`](#int) | Number of alerts with status IGNORED for the project. | -| `open` | [`Int`](#int) | Number of alerts with status TRIGGERED or ACKNOWLEDGED for the project. | -| `resolved` | [`Int`](#int) | Number of alerts with status RESOLVED for the project. | -| `triggered` | [`Int`](#int) | Number of alerts with status TRIGGERED for the project. | +#### `AwardEmojiConnection` -### `AlertManagementHttpIntegration` +The connection type for [`AwardEmoji`](#awardemoji). -An endpoint and credentials used to accept alerts for a project. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `active` | [`Boolean`](#boolean) | Whether the endpoint is currently accepting alerts. | -| `apiUrl` | [`String`](#string) | URL at which Prometheus metrics can be queried to populate the metrics dashboard. | -| `id` | [`ID!`](#id) | ID of the integration. | -| `name` | [`String`](#string) | Name of the integration. | -| `payloadAlertFields` | [`[AlertManagementPayloadAlertField!]`](#alertmanagementpayloadalertfield) | Extract alert fields from payload example for custom mapping. | -| `payloadAttributeMappings` | [`[AlertManagementPayloadAlertMappingField!]`](#alertmanagementpayloadalertmappingfield) | The custom mapping of GitLab alert attributes to fields from the payload_example. | -| `payloadExample` | [`JsonString`](#jsonstring) | The example of an alert payload. | -| `token` | [`String`](#string) | Token used to authenticate alert notification requests. | -| `type` | [`AlertManagementIntegrationType!`](#alertmanagementintegrationtype) | Type of integration. | -| `url` | [`String`](#string) | Endpoint which accepts alert notifications. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="awardemojiconnectionedges"></a>`edges` | [`[AwardEmojiEdge]`](#awardemojiedge) | A list of edges. | +| <a id="awardemojiconnectionnodes"></a>`nodes` | [`[AwardEmoji]`](#awardemoji) | A list of nodes. | +| <a id="awardemojiconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `AlertManagementHttpIntegrationConnection` +#### `AwardEmojiEdge` -The connection type for AlertManagementHttpIntegration. +The edge type for [`AwardEmoji`](#awardemoji). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[AlertManagementHttpIntegrationEdge]`](#alertmanagementhttpintegrationedge) | A list of edges. | -| `nodes` | [`[AlertManagementHttpIntegration]`](#alertmanagementhttpintegration) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### Fields -### `AlertManagementHttpIntegrationEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="awardemojiedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="awardemojiedgenode"></a>`node` | [`AwardEmoji`](#awardemoji) | The item at the end of the edge. | -An edge in a connection. +#### `BlobConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) | The item at the end of the edge. | +The connection type for [`Blob`](#blob). -### `AlertManagementIntegrationConnection` +##### Fields -The connection type for AlertManagementIntegration. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="blobconnectionedges"></a>`edges` | [`[BlobEdge]`](#blobedge) | A list of edges. | +| <a id="blobconnectionnodes"></a>`nodes` | [`[Blob]`](#blob) | A list of nodes. | +| <a id="blobconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[AlertManagementIntegrationEdge]`](#alertmanagementintegrationedge) | A list of edges. | -| `nodes` | [`[AlertManagementIntegration]`](#alertmanagementintegration) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### `BlobEdge` -### `AlertManagementIntegrationEdge` +The edge type for [`Blob`](#blob). -An edge in a connection. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`AlertManagementIntegration`](#alertmanagementintegration) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="blobedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="blobedgenode"></a>`node` | [`Blob`](#blob) | The item at the end of the edge. | -### `AlertManagementPayloadAlertField` +#### `BoardConnection` -Parsed field from an alert used for custom mappings. +The connection type for [`Board`](#board). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `label` | [`String`](#string) | Human-readable label of the payload path. | -| `path` | [`[PayloadAlertFieldPathSegment!]`](#payloadalertfieldpathsegment) | Path to value inside payload JSON. | -| `type` | [`AlertManagementPayloadAlertFieldType`](#alertmanagementpayloadalertfieldtype) | Type of the parsed value. | +##### Fields -### `AlertManagementPayloadAlertMappingField` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardconnectionedges"></a>`edges` | [`[BoardEdge]`](#boardedge) | A list of edges. | +| <a id="boardconnectionnodes"></a>`nodes` | [`[Board]`](#board) | A list of nodes. | +| <a id="boardconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -Parsed field (with its name) from an alert used for custom mappings. +#### `BoardEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `fieldName` | [`AlertManagementPayloadAlertFieldName`](#alertmanagementpayloadalertfieldname) | A GitLab alert field name. | -| `label` | [`String`](#string) | Human-readable label of the payload path. | -| `path` | [`[PayloadAlertFieldPathSegment!]`](#payloadalertfieldpathsegment) | Path to value inside payload JSON. | -| `type` | [`AlertManagementPayloadAlertFieldType`](#alertmanagementpayloadalertfieldtype) | Type of the parsed value. | +The edge type for [`Board`](#board). -### `AlertManagementPrometheusIntegration` +##### Fields -An endpoint and credentials used to accept Prometheus alerts for a project. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="boardedgenode"></a>`node` | [`Board`](#board) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `active` | [`Boolean`](#boolean) | Whether the endpoint is currently accepting alerts. | -| `apiUrl` | [`String`](#string) | URL at which Prometheus metrics can be queried to populate the metrics dashboard. | -| `id` | [`ID!`](#id) | ID of the integration. | -| `name` | [`String`](#string) | Name of the integration. | -| `token` | [`String`](#string) | Token used to authenticate alert notification requests. | -| `type` | [`AlertManagementIntegrationType!`](#alertmanagementintegrationtype) | Type of integration. | -| `url` | [`String`](#string) | Endpoint which accepts alert notifications. | +#### `BoardEpicConnection` -### `AlertSetAssigneesPayload` +The connection type for [`BoardEpic`](#boardepic). -Autogenerated return type of AlertSetAssignees. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `alert` | [`AlertManagementAlert`](#alertmanagementalert) | The alert after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue created after mutation. | -| `todo` | [`Todo`](#todo) | The to-do item after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardepicconnectionedges"></a>`edges` | [`[BoardEpicEdge]`](#boardepicedge) | A list of edges. | +| <a id="boardepicconnectionnodes"></a>`nodes` | [`[BoardEpic]`](#boardepic) | A list of nodes. | +| <a id="boardepicconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `AlertTodoCreatePayload` +#### `BoardEpicEdge` -Autogenerated return type of AlertTodoCreate. +The edge type for [`BoardEpic`](#boardepic). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `alert` | [`AlertManagementAlert`](#alertmanagementalert) | The alert after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue created after mutation. | -| `todo` | [`Todo`](#todo) | The to-do item after mutation. | +##### Fields -### `ApiFuzzingCiConfiguration` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardepicedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="boardepicedgenode"></a>`node` | [`BoardEpic`](#boardepic) | The item at the end of the edge. | -Data associated with configuring API fuzzing scans in GitLab CI. +#### `BoardListConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `scanModes` | [`[ApiFuzzingScanMode!]`](#apifuzzingscanmode) | All available scan modes. | -| `scanProfiles` | [`[ApiFuzzingScanProfile!]`](#apifuzzingscanprofile) | All default scan profiles. | +The connection type for [`BoardList`](#boardlist). -### `ApiFuzzingCiConfigurationCreatePayload` +##### Fields -Autogenerated return type of ApiFuzzingCiConfigurationCreate. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardlistconnectionedges"></a>`edges` | [`[BoardListEdge]`](#boardlistedge) | A list of edges. | +| <a id="boardlistconnectionnodes"></a>`nodes` | [`[BoardList]`](#boardlist) | A list of nodes. | +| <a id="boardlistconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `configurationYaml` | [`String`](#string) | A YAML snippet that can be inserted into the project's `.gitlab-ci.yml` to set up API fuzzing scans. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `gitlabCiYamlEditPath` | [`String`](#string) | The location at which the project's `.gitlab-ci.yml` file can be edited in the browser. | +#### `BoardListEdge` -### `ApiFuzzingScanProfile` +The edge type for [`BoardList`](#boardlist). -An API Fuzzing scan profile. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | A short description of the profile. | -| `name` | [`String`](#string) | The unique name of the profile. | -| `yaml` | [`String`](#string) | A syntax highlit HTML representation of the YAML. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardlistedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="boardlistedgenode"></a>`node` | [`BoardList`](#boardlist) | The item at the end of the edge. | -### `ApprovalRule` +#### `CiBuildNeedConnection` -Describes a rule for who can approve merge requests. +The connection type for [`CiBuildNeed`](#cibuildneed). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `id` | [`GlobalID!`](#globalid) | ID of the rule. | -| `name` | [`String`](#string) | Name of the rule. | -| `type` | [`ApprovalRuleType`](#approvalruletype) | Type of the rule. | +##### Fields -### `AwardEmoji` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cibuildneedconnectionedges"></a>`edges` | [`[CiBuildNeedEdge]`](#cibuildneededge) | A list of edges. | +| <a id="cibuildneedconnectionnodes"></a>`nodes` | [`[CiBuildNeed]`](#cibuildneed) | A list of nodes. | +| <a id="cibuildneedconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -An emoji awarded by a user. +#### `CiBuildNeedEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String!`](#string) | The emoji description. | -| `emoji` | [`String!`](#string) | The emoji as an icon. | -| `name` | [`String!`](#string) | The emoji name. | -| `unicode` | [`String!`](#string) | The emoji in Unicode. | -| `unicodeVersion` | [`String!`](#string) | The Unicode version for this emoji. | -| `user` | [`User!`](#user) | The user who awarded the emoji. | +The edge type for [`CiBuildNeed`](#cibuildneed). -### `AwardEmojiAddPayload` +##### Fields -Autogenerated return type of AwardEmojiAdd. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cibuildneededgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="cibuildneededgenode"></a>`node` | [`CiBuildNeed`](#cibuildneed) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### `CiConfigGroupConnection` -### `AwardEmojiConnection` +The connection type for [`CiConfigGroup`](#ciconfiggroup). -The connection type for AwardEmoji. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[AwardEmojiEdge]`](#awardemojiedge) | A list of edges. | -| `nodes` | [`[AwardEmoji]`](#awardemoji) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfiggroupconnectionedges"></a>`edges` | [`[CiConfigGroupEdge]`](#ciconfiggroupedge) | A list of edges. | +| <a id="ciconfiggroupconnectionnodes"></a>`nodes` | [`[CiConfigGroup]`](#ciconfiggroup) | A list of nodes. | +| <a id="ciconfiggroupconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `AwardEmojiEdge` +#### `CiConfigGroupEdge` -An edge in a connection. +The edge type for [`CiConfigGroup`](#ciconfiggroup). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`AwardEmoji`](#awardemoji) | The item at the end of the edge. | +##### Fields -### `AwardEmojiRemovePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfiggroupedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="ciconfiggroupedgenode"></a>`node` | [`CiConfigGroup`](#ciconfiggroup) | The item at the end of the edge. | -Autogenerated return type of AwardEmojiRemove. +#### `CiConfigJobConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +The connection type for [`CiConfigJob`](#ciconfigjob). -### `AwardEmojiTogglePayload` +##### Fields -Autogenerated return type of AwardEmojiToggle. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigjobconnectionedges"></a>`edges` | [`[CiConfigJobEdge]`](#ciconfigjobedge) | A list of edges. | +| <a id="ciconfigjobconnectionnodes"></a>`nodes` | [`[CiConfigJob]`](#ciconfigjob) | A list of nodes. | +| <a id="ciconfigjobconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `toggledOn` | [`Boolean!`](#boolean) | Indicates the status of the emoji. True if the toggle awarded the emoji, and false if the toggle removed the emoji. | +#### `CiConfigJobEdge` -### `BaseService` +The edge type for [`CiConfigJob`](#ciconfigjob). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `active` | [`Boolean`](#boolean) | Indicates if the service is active. | -| `type` | [`String`](#string) | Class name of the service. | +##### Fields -### `Blob` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigjobedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="ciconfigjobedgenode"></a>`node` | [`CiConfigJob`](#ciconfigjob) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `flatPath` | [`String!`](#string) | Flat path of the entry. | -| `id` | [`ID!`](#id) | ID of the entry. | -| `lfsOid` | [`String`](#string) | LFS ID of the blob. | -| `mode` | [`String`](#string) | Blob mode in numeric format. | -| `name` | [`String!`](#string) | Name of the entry. | -| `path` | [`String!`](#string) | Path of the entry. | -| `sha` | [`String!`](#string) | Last commit SHA for the entry. | -| `type` | [`EntryType!`](#entrytype) | Type of tree entry. | -| `webPath` | [`String`](#string) | Web path of the blob. | -| `webUrl` | [`String`](#string) | Web URL of the blob. | +#### `CiConfigNeedConnection` -### `BlobConnection` +The connection type for [`CiConfigNeed`](#ciconfigneed). -The connection type for Blob. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[BlobEdge]`](#blobedge) | A list of edges. | -| `nodes` | [`[Blob]`](#blob) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigneedconnectionedges"></a>`edges` | [`[CiConfigNeedEdge]`](#ciconfigneededge) | A list of edges. | +| <a id="ciconfigneedconnectionnodes"></a>`nodes` | [`[CiConfigNeed]`](#ciconfigneed) | A list of nodes. | +| <a id="ciconfigneedconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `BlobEdge` +#### `CiConfigNeedEdge` -An edge in a connection. +The edge type for [`CiConfigNeed`](#ciconfigneed). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Blob`](#blob) | The item at the end of the edge. | +##### Fields -### `Board` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigneededgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="ciconfigneededgenode"></a>`node` | [`CiConfigNeed`](#ciconfigneed) | The item at the end of the edge. | -Represents a project or group issue board. +#### `CiConfigStageConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `assignee` | [`User`](#user) | The board assignee. | -| `createdAt` | [`Time!`](#time) | Timestamp of when the board was created. | -| `epics` | [`BoardEpicConnection`](#boardepicconnection) | Epics associated with board issues. | -| `hideBacklogList` | [`Boolean`](#boolean) | Whether or not backlog list is hidden. | -| `hideClosedList` | [`Boolean`](#boolean) | Whether or not closed list is hidden. | -| `id` | [`ID!`](#id) | ID (global ID) of the board. | -| `iteration` | [`Iteration`](#iteration) | The board iteration. | -| `labels` | [`LabelConnection`](#labelconnection) | Labels of the board. | -| `lists` | [`BoardListConnection`](#boardlistconnection) | Lists of the board. | -| `milestone` | [`Milestone`](#milestone) | The board milestone. | -| `name` | [`String`](#string) | Name of the board. | -| `updatedAt` | [`Time!`](#time) | Timestamp of when the board was last updated. | -| `webPath` | [`String!`](#string) | Web path of the board. | -| `webUrl` | [`String!`](#string) | Web URL of the board. | -| `weight` | [`Int`](#int) | Weight of the board. | - -### `BoardConnection` - -The connection type for Board. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[BoardEdge]`](#boardedge) | A list of edges. | -| `nodes` | [`[Board]`](#board) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `BoardEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Board`](#board) | The item at the end of the edge. | +The connection type for [`CiConfigStage`](#ciconfigstage). -### `BoardEpic` +##### Fields -Represents an epic on an issue board. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigstageconnectionedges"></a>`edges` | [`[CiConfigStageEdge]`](#ciconfigstageedge) | A list of edges. | +| <a id="ciconfigstageconnectionnodes"></a>`nodes` | [`[CiConfigStage]`](#ciconfigstage) | A list of nodes. | +| <a id="ciconfigstageconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `author` | [`User!`](#user) | Author of the epic. | -| `awardEmoji` | [`AwardEmojiConnection`](#awardemojiconnection) | A list of award emojis associated with the epic. | -| `children` | [`EpicConnection`](#epicconnection) | Children (sub-epics) of the epic. | -| `closedAt` | [`Time`](#time) | Timestamp of when the epic was closed. | -| `confidential` | [`Boolean`](#boolean) | Indicates if the epic is confidential. | -| `createdAt` | [`Time`](#time) | Timestamp of when the epic was created. | -| `currentUserTodos` | [`TodoConnection!`](#todoconnection) | To-do items for the current user. | -| `descendantCounts` | [`EpicDescendantCount`](#epicdescendantcount) | Number of open and closed descendant epics and issues. | -| `descendantWeightSum` | [`EpicDescendantWeights`](#epicdescendantweights) | Total weight of open and closed issues in the epic and its descendants. | -| `description` | [`String`](#string) | Description of the epic. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. | -| `downvotes` | [`Int!`](#int) | Number of downvotes the epic has received. | -| `dueDate` | [`Time`](#time) | Due date of the epic. | -| `dueDateFixed` | [`Time`](#time) | Fixed due date of the epic. | -| `dueDateFromMilestones` | [`Time`](#time) | Inherited due date of the epic from milestones. | -| `dueDateIsFixed` | [`Boolean`](#boolean) | Indicates if the due date has been manually set. | -| `events` | [`EventConnection`](#eventconnection) | A list of events associated with the object. | -| `group` | [`Group!`](#group) | Group to which the epic belongs. | -| `hasChildren` | [`Boolean!`](#boolean) | Indicates if the epic has children. | -| `hasIssues` | [`Boolean!`](#boolean) | Indicates if the epic has direct issues. | -| `hasParent` | [`Boolean!`](#boolean) | Indicates if the epic has a parent epic. | -| `healthStatus` | [`EpicHealthStatus`](#epichealthstatus) | Current health status of the epic. | -| `id` | [`ID!`](#id) | ID of the epic. | -| `iid` | [`ID!`](#id) | Internal ID of the epic. | -| `issues` | [`EpicIssueConnection`](#epicissueconnection) | A list of issues associated with the epic. | -| `labels` | [`LabelConnection`](#labelconnection) | Labels assigned to the epic. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. | -| `parent` | [`Epic`](#epic) | Parent epic of the epic. | -| `participants` | [`UserConnection`](#userconnection) | List of participants for the epic. | -| `reference` | [`String!`](#string) | Internal reference of the epic. Returned in shortened format by default. | -| `relationPath` | [`String`](#string) | URI path of the epic-issue relationship. | -| `relativePosition` | [`Int`](#int) | The relative position of the epic in the epic tree. | -| `startDate` | [`Time`](#time) | Start date of the epic. | -| `startDateFixed` | [`Time`](#time) | Fixed start date of the epic. | -| `startDateFromMilestones` | [`Time`](#time) | Inherited start date of the epic from milestones. | -| `startDateIsFixed` | [`Boolean`](#boolean) | Indicates if the start date has been manually set. | -| `state` | [`EpicState!`](#epicstate) | State of the epic. | -| `subscribed` | [`Boolean!`](#boolean) | Indicates the currently logged in user is subscribed to the epic. | -| `title` | [`String`](#string) | Title of the epic. | -| `titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | -| `updatedAt` | [`Time`](#time) | Timestamp of when the epic was updated. | -| `upvotes` | [`Int!`](#int) | Number of upvotes the epic has received. | -| `userDiscussionsCount` | [`Int!`](#int) | Number of user discussions in the epic. | -| `userNotesCount` | [`Int!`](#int) | Number of user notes of the epic. | -| `userPermissions` | [`EpicPermissions!`](#epicpermissions) | Permissions for the current user on the resource. | -| `userPreferences` | [`BoardEpicUserPreferences`](#boardepicuserpreferences) | User preferences for the epic on the issue board. | -| `webPath` | [`String!`](#string) | Web path of the epic. | -| `webUrl` | [`String!`](#string) | Web URL of the epic. | - -### `BoardEpicConnection` - -The connection type for BoardEpic. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[BoardEpicEdge]`](#boardepicedge) | A list of edges. | -| `nodes` | [`[BoardEpic]`](#boardepic) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `BoardEpicEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`BoardEpic`](#boardepic) | The item at the end of the edge. | +#### `CiConfigStageEdge` -### `BoardEpicUserPreferences` +The edge type for [`CiConfigStage`](#ciconfigstage). -Represents user preferences for a board epic. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `collapsed` | [`Boolean!`](#boolean) | Indicates epic should be displayed as collapsed. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigstageedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="ciconfigstageedgenode"></a>`node` | [`CiConfigStage`](#ciconfigstage) | The item at the end of the edge. | -### `BoardList` +#### `CiGroupConnection` -Represents a list for an issue board. +The connection type for [`CiGroup`](#cigroup). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `assignee` | [`User`](#user) | Assignee in the list. | -| `collapsed` | [`Boolean`](#boolean) | Indicates if the list is collapsed for this user. | -| `id` | [`ID!`](#id) | ID (global ID) of the list. | -| `issues` | [`IssueConnection`](#issueconnection) | Board issues. | -| `issuesCount` | [`Int`](#int) | Count of issues in the list. | -| `iteration` | [`Iteration`](#iteration) | Iteration of the list. | -| `label` | [`Label`](#label) | Label of the list. | -| `limitMetric` | [`ListLimitMetric`](#listlimitmetric) | The current limit metric for the list. | -| `listType` | [`String!`](#string) | Type of the list. | -| `maxIssueCount` | [`Int`](#int) | Maximum number of issues in the list. | -| `maxIssueWeight` | [`Int`](#int) | Maximum weight of issues in the list. | -| `milestone` | [`Milestone`](#milestone) | Milestone of the list. | -| `position` | [`Int`](#int) | Position of list within the board. | -| `title` | [`String!`](#string) | Title of the list. | -| `totalWeight` | [`Int`](#int) | Total weight of all issues in the list. | +##### Fields -### `BoardListConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cigroupconnectionedges"></a>`edges` | [`[CiGroupEdge]`](#cigroupedge) | A list of edges. | +| <a id="cigroupconnectionnodes"></a>`nodes` | [`[CiGroup]`](#cigroup) | A list of nodes. | +| <a id="cigroupconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -The connection type for BoardList. +#### `CiGroupEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[BoardListEdge]`](#boardlistedge) | A list of edges. | -| `nodes` | [`[BoardList]`](#boardlist) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +The edge type for [`CiGroup`](#cigroup). -### `BoardListCreatePayload` +##### Fields -Autogenerated return type of BoardListCreate. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cigroupedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="cigroupedgenode"></a>`node` | [`CiGroup`](#cigroup) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `list` | [`BoardList`](#boardlist) | Issue list in the issue board. | +#### `CiJobArtifactConnection` -### `BoardListEdge` +The connection type for [`CiJobArtifact`](#cijobartifact). -An edge in a connection. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`BoardList`](#boardlist) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cijobartifactconnectionedges"></a>`edges` | [`[CiJobArtifactEdge]`](#cijobartifactedge) | A list of edges. | +| <a id="cijobartifactconnectionnodes"></a>`nodes` | [`[CiJobArtifact]`](#cijobartifact) | A list of nodes. | +| <a id="cijobartifactconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `BoardListUpdateLimitMetricsPayload` +#### `CiJobArtifactEdge` -Autogenerated return type of BoardListUpdateLimitMetrics. +The edge type for [`CiJobArtifact`](#cijobartifact). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `list` | [`BoardList`](#boardlist) | The updated list. | +##### Fields -### `Branch` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cijobartifactedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="cijobartifactedgenode"></a>`node` | [`CiJobArtifact`](#cijobartifact) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `commit` | [`Commit`](#commit) | Commit for the branch. | -| `name` | [`String!`](#string) | Name of the branch. | +#### `CiJobConnection` -### `BulkFindOrCreateDevopsAdoptionSegmentsPayload` +The connection type for [`CiJob`](#cijob). -Autogenerated return type of BulkFindOrCreateDevopsAdoptionSegments. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `segments` | [`[DevopsAdoptionSegment!]`](#devopsadoptionsegment) | Created segments after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cijobconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="cijobconnectionedges"></a>`edges` | [`[CiJobEdge]`](#cijobedge) | A list of edges. | +| <a id="cijobconnectionnodes"></a>`nodes` | [`[CiJob]`](#cijob) | A list of nodes. | +| <a id="cijobconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `BurnupChartDailyTotals` +#### `CiJobEdge` -Represents the total number of issues and their weights for a particular day. +The edge type for [`CiJob`](#cijob). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `completedCount` | [`Int!`](#int) | Number of closed issues as of this day. | -| `completedWeight` | [`Int!`](#int) | Total weight of closed issues as of this day. | -| `date` | [`ISO8601Date!`](#iso8601date) | Date for burnup totals. | -| `scopeCount` | [`Int!`](#int) | Number of issues as of this day. | -| `scopeWeight` | [`Int!`](#int) | Total weight of issues as of this day. | +##### Fields -### `CiApplicationSettings` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cijobedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="cijobedgenode"></a>`node` | [`CiJob`](#cijob) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `keepLatestArtifact` | [`Boolean`](#boolean) | Whether to keep the latest jobs artifacts. | +#### `CiRunnerConnection` -### `CiBuildNeed` +The connection type for [`CiRunner`](#cirunner). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | [`String`](#string) | Name of the job we need to complete. | +##### Fields -### `CiBuildNeedConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cirunnerconnectionedges"></a>`edges` | [`[CiRunnerEdge]`](#cirunneredge) | A list of edges. | +| <a id="cirunnerconnectionnodes"></a>`nodes` | [`[CiRunner]`](#cirunner) | A list of nodes. | +| <a id="cirunnerconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -The connection type for CiBuildNeed. +#### `CiRunnerEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CiBuildNeedEdge]`](#cibuildneededge) | A list of edges. | -| `nodes` | [`[CiBuildNeed]`](#cibuildneed) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +The edge type for [`CiRunner`](#cirunner). -### `CiBuildNeedEdge` +##### Fields -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cirunneredgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="cirunneredgenode"></a>`node` | [`CiRunner`](#cirunner) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CiBuildNeed`](#cibuildneed) | The item at the end of the edge. | +#### `CiStageConnection` -### `CiCdSettingsUpdatePayload` +The connection type for [`CiStage`](#cistage). -Autogenerated return type of CiCdSettingsUpdate. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `ciCdSettings` | [`ProjectCiCdSetting!`](#projectcicdsetting) | The CI/CD settings after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cistageconnectionedges"></a>`edges` | [`[CiStageEdge]`](#cistageedge) | A list of edges. | +| <a id="cistageconnectionnodes"></a>`nodes` | [`[CiStage]`](#cistage) | A list of nodes. | +| <a id="cistageconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `CiConfig` +#### `CiStageEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `errors` | [`[String!]`](#string) | Linting errors. | -| `mergedYaml` | [`String`](#string) | Merged CI configuration YAML. | -| `stages` | [`CiConfigStageConnection`](#ciconfigstageconnection) | Stages of the pipeline. | -| `status` | [`CiConfigStatus`](#ciconfigstatus) | Status of linting, can be either valid or invalid. | +The edge type for [`CiStage`](#cistage). -### `CiConfigGroup` +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `jobs` | [`CiConfigJobConnection`](#ciconfigjobconnection) | Jobs in group. | -| `name` | [`String`](#string) | Name of the job group. | -| `size` | [`Int`](#int) | Size of the job group. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cistageedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="cistageedgenode"></a>`node` | [`CiStage`](#cistage) | The item at the end of the edge. | -### `CiConfigGroupConnection` +#### `ClusterAgentConnection` -The connection type for CiConfigGroup. +The connection type for [`ClusterAgent`](#clusteragent). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CiConfigGroupEdge]`](#ciconfiggroupedge) | A list of edges. | -| `nodes` | [`[CiConfigGroup]`](#ciconfiggroup) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### Fields -### `CiConfigGroupEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="clusteragentconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="clusteragentconnectionedges"></a>`edges` | [`[ClusterAgentEdge]`](#clusteragentedge) | A list of edges. | +| <a id="clusteragentconnectionnodes"></a>`nodes` | [`[ClusterAgent]`](#clusteragent) | A list of nodes. | +| <a id="clusteragentconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -An edge in a connection. +#### `ClusterAgentEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CiConfigGroup`](#ciconfiggroup) | The item at the end of the edge. | +The edge type for [`ClusterAgent`](#clusteragent). -### `CiConfigJob` +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `afterScript` | [`[String!]`](#string) | Override a set of commands that are executed after the job. | -| `allowFailure` | [`Boolean`](#boolean) | Allow job to fail. | -| `beforeScript` | [`[String!]`](#string) | Override a set of commands that are executed before the job. | -| `environment` | [`String`](#string) | Name of an environment to which the job deploys. | -| `except` | [`CiConfigJobRestriction`](#ciconfigjobrestriction) | Limit when jobs are not created. | -| `groupName` | [`String`](#string) | Name of the job group. | -| `name` | [`String`](#string) | Name of the job. | -| `needs` | [`CiConfigNeedConnection`](#ciconfigneedconnection) | Builds that must complete before the jobs run. | -| `only` | [`CiConfigJobRestriction`](#ciconfigjobrestriction) | Jobs are created when these conditions do not apply. | -| `script` | [`[String!]`](#string) | Shell script that is executed by a runner. | -| `stage` | [`String`](#string) | Name of the job stage. | -| `tags` | [`[String!]`](#string) | List of tags that are used to select a runner. | -| `when` | [`String`](#string) | When to run the job. | - -### `CiConfigJobConnection` - -The connection type for CiConfigJob. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CiConfigJobEdge]`](#ciconfigjobedge) | A list of edges. | -| `nodes` | [`[CiConfigJob]`](#ciconfigjob) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `CiConfigJobEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CiConfigJob`](#ciconfigjob) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="clusteragentedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="clusteragentedgenode"></a>`node` | [`ClusterAgent`](#clusteragent) | The item at the end of the edge. | -### `CiConfigJobRestriction` +#### `ClusterAgentTokenConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `refs` | [`[String!]`](#string) | The Git refs the job restriction applies to. | +The connection type for [`ClusterAgentToken`](#clusteragenttoken). -### `CiConfigNeed` +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | [`String`](#string) | Name of the need. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="clusteragenttokenconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="clusteragenttokenconnectionedges"></a>`edges` | [`[ClusterAgentTokenEdge]`](#clusteragenttokenedge) | A list of edges. | +| <a id="clusteragenttokenconnectionnodes"></a>`nodes` | [`[ClusterAgentToken]`](#clusteragenttoken) | A list of nodes. | +| <a id="clusteragenttokenconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `CiConfigNeedConnection` +#### `ClusterAgentTokenEdge` -The connection type for CiConfigNeed. +The edge type for [`ClusterAgentToken`](#clusteragenttoken). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CiConfigNeedEdge]`](#ciconfigneededge) | A list of edges. | -| `nodes` | [`[CiConfigNeed]`](#ciconfigneed) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### Fields -### `CiConfigNeedEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="clusteragenttokenedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="clusteragenttokenedgenode"></a>`node` | [`ClusterAgentToken`](#clusteragenttoken) | The item at the end of the edge. | -An edge in a connection. +#### `CodeCoverageActivityConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CiConfigNeed`](#ciconfigneed) | The item at the end of the edge. | +The connection type for [`CodeCoverageActivity`](#codecoverageactivity). -### `CiConfigStage` +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `groups` | [`CiConfigGroupConnection`](#ciconfiggroupconnection) | Groups of jobs for the stage. | -| `name` | [`String`](#string) | Name of the stage. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="codecoverageactivityconnectionedges"></a>`edges` | [`[CodeCoverageActivityEdge]`](#codecoverageactivityedge) | A list of edges. | +| <a id="codecoverageactivityconnectionnodes"></a>`nodes` | [`[CodeCoverageActivity]`](#codecoverageactivity) | A list of nodes. | +| <a id="codecoverageactivityconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `CiConfigStageConnection` +#### `CodeCoverageActivityEdge` -The connection type for CiConfigStage. +The edge type for [`CodeCoverageActivity`](#codecoverageactivity). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CiConfigStageEdge]`](#ciconfigstageedge) | A list of edges. | -| `nodes` | [`[CiConfigStage]`](#ciconfigstage) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### Fields -### `CiConfigStageEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="codecoverageactivityedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="codecoverageactivityedgenode"></a>`node` | [`CodeCoverageActivity`](#codecoverageactivity) | The item at the end of the edge. | -An edge in a connection. +#### `CodeQualityDegradationConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CiConfigStage`](#ciconfigstage) | The item at the end of the edge. | +The connection type for [`CodeQualityDegradation`](#codequalitydegradation). -### `CiGroup` +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `detailedStatus` | [`DetailedStatus`](#detailedstatus) | Detailed status of the group. | -| `jobs` | [`CiJobConnection`](#cijobconnection) | Jobs in group. | -| `name` | [`String`](#string) | Name of the job group. | -| `size` | [`Int`](#int) | Size of the group. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="codequalitydegradationconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="codequalitydegradationconnectionedges"></a>`edges` | [`[CodeQualityDegradationEdge]`](#codequalitydegradationedge) | A list of edges. | +| <a id="codequalitydegradationconnectionnodes"></a>`nodes` | [`[CodeQualityDegradation]`](#codequalitydegradation) | A list of nodes. | +| <a id="codequalitydegradationconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `CiGroupConnection` +#### `CodeQualityDegradationEdge` -The connection type for CiGroup. +The edge type for [`CodeQualityDegradation`](#codequalitydegradation). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CiGroupEdge]`](#cigroupedge) | A list of edges. | -| `nodes` | [`[CiGroup]`](#cigroup) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### Fields -### `CiGroupEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="codequalitydegradationedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="codequalitydegradationedgenode"></a>`node` | [`CodeQualityDegradation`](#codequalitydegradation) | The item at the end of the edge. | -An edge in a connection. +#### `CommitConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CiGroup`](#cigroup) | The item at the end of the edge. | +The connection type for [`Commit`](#commit). -### `CiJob` +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `active` | [`Boolean!`](#boolean) | Indicates the job is active. | -| `allowFailure` | [`Boolean!`](#boolean) | Whether this job is allowed to fail. | -| `artifacts` | [`CiJobArtifactConnection`](#cijobartifactconnection) | Artifacts generated by the job. | -| `cancelable` | [`Boolean!`](#boolean) | Indicates the job can be canceled. | -| `commitPath` | [`String`](#string) | Path to the commit that triggered the job. | -| `coverage` | [`Float`](#float) | Coverage level of the job. | -| `createdAt` | [`Time!`](#time) | When the job was created. | -| `detailedStatus` | [`DetailedStatus`](#detailedstatus) | Detailed status of the job. | -| `duration` | [`Int`](#int) | Duration of the job in seconds. | -| `finishedAt` | [`Time`](#time) | When a job has finished running. | -| `id` | [`JobID`](#jobid) | ID of the job. | -| `name` | [`String`](#string) | Name of the job. | -| `needs` | [`CiBuildNeedConnection`](#cibuildneedconnection) | References to builds that must complete before the jobs run. | -| `pipeline` | [`Pipeline`](#pipeline) | Pipeline the job belongs to. | -| `playable` | [`Boolean!`](#boolean) | Indicates the job can be played. | -| `queuedAt` | [`Time`](#time) | When the job was enqueued and marked as pending. | -| `refName` | [`String`](#string) | Ref name of the job. | -| `refPath` | [`String`](#string) | Path to the ref. | -| `retryable` | [`Boolean!`](#boolean) | Indicates the job can be retried. | -| `scheduledAt` | [`Time`](#time) | Schedule for the build. | -| `schedulingType` | [`String`](#string) | Type of pipeline scheduling. Value is `dag` if the pipeline uses the `needs` keyword, and `stage` otherwise. | -| `shortSha` | [`String!`](#string) | Short SHA1 ID of the commit. | -| `stage` | [`CiStage`](#cistage) | Stage of the job. | -| `startedAt` | [`Time`](#time) | When the job was started. | -| `status` | [`CiJobStatus`](#cijobstatus) | Status of the job. | -| `tags` | [`[String!]`](#string) | Tags for the current job. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="commitconnectionedges"></a>`edges` | [`[CommitEdge]`](#commitedge) | A list of edges. | +| <a id="commitconnectionnodes"></a>`nodes` | [`[Commit]`](#commit) | A list of nodes. | +| <a id="commitconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `CiJobArtifact` +#### `CommitEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `downloadPath` | [`String`](#string) | URL for downloading the artifact's file. | -| `fileType` | [`JobArtifactFileType`](#jobartifactfiletype) | File type of the artifact. | +The edge type for [`Commit`](#commit). -### `CiJobArtifactConnection` +##### Fields -The connection type for CiJobArtifact. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="commitedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="commitedgenode"></a>`node` | [`Commit`](#commit) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CiJobArtifactEdge]`](#cijobartifactedge) | A list of edges. | -| `nodes` | [`[CiJobArtifact]`](#cijobartifact) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### `ComplianceFrameworkConnection` -### `CiJobArtifactEdge` +The connection type for [`ComplianceFramework`](#complianceframework). -An edge in a connection. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CiJobArtifact`](#cijobartifact) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="complianceframeworkconnectionedges"></a>`edges` | [`[ComplianceFrameworkEdge]`](#complianceframeworkedge) | A list of edges. | +| <a id="complianceframeworkconnectionnodes"></a>`nodes` | [`[ComplianceFramework]`](#complianceframework) | A list of nodes. | +| <a id="complianceframeworkconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `CiJobConnection` +#### `ComplianceFrameworkEdge` -The connection type for CiJob. +The edge type for [`ComplianceFramework`](#complianceframework). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[CiJobEdge]`](#cijobedge) | A list of edges. | -| `nodes` | [`[CiJob]`](#cijob) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### Fields -### `CiJobEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="complianceframeworkedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="complianceframeworkedgenode"></a>`node` | [`ComplianceFramework`](#complianceframework) | The item at the end of the edge. | -An edge in a connection. +#### `ContainerRepositoryConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CiJob`](#cijob) | The item at the end of the edge. | +The connection type for [`ContainerRepository`](#containerrepository). -### `CiStage` +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `detailedStatus` | [`DetailedStatus`](#detailedstatus) | Detailed status of the stage. | -| `groups` | [`CiGroupConnection`](#cigroupconnection) | Group of jobs for the stage. | -| `jobs` | [`CiJobConnection`](#cijobconnection) | Jobs for the stage. | -| `name` | [`String`](#string) | Name of the stage. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="containerrepositoryconnectionedges"></a>`edges` | [`[ContainerRepositoryEdge]`](#containerrepositoryedge) | A list of edges. | +| <a id="containerrepositoryconnectionnodes"></a>`nodes` | [`[ContainerRepository]`](#containerrepository) | A list of nodes. | +| <a id="containerrepositoryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `CiStageConnection` +#### `ContainerRepositoryEdge` -The connection type for CiStage. +The edge type for [`ContainerRepository`](#containerrepository). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CiStageEdge]`](#cistageedge) | A list of edges. | -| `nodes` | [`[CiStage]`](#cistage) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### Fields -### `CiStageEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="containerrepositoryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="containerrepositoryedgenode"></a>`node` | [`ContainerRepository`](#containerrepository) | The item at the end of the edge. | -An edge in a connection. +#### `ContainerRepositoryTagConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CiStage`](#cistage) | The item at the end of the edge. | +The connection type for [`ContainerRepositoryTag`](#containerrepositorytag). -### `ClusterAgent` +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time`](#time) | Timestamp the cluster agent was created. | -| `createdByUser` | [`User`](#user) | User object, containing information about the person who created the agent. | -| `id` | [`ID!`](#id) | ID of the cluster agent. | -| `name` | [`String`](#string) | Name of the cluster agent. | -| `project` | [`Project`](#project) | The project this cluster agent is associated with. | -| `tokens` | [`ClusterAgentTokenConnection`](#clusteragenttokenconnection) | Tokens associated with the cluster agent. | -| `updatedAt` | [`Time`](#time) | Timestamp the cluster agent was updated. | -| `webPath` | [`String`](#string) | Web path of the cluster agent. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="containerrepositorytagconnectionedges"></a>`edges` | [`[ContainerRepositoryTagEdge]`](#containerrepositorytagedge) | A list of edges. | +| <a id="containerrepositorytagconnectionnodes"></a>`nodes` | [`[ContainerRepositoryTag]`](#containerrepositorytag) | A list of nodes. | +| <a id="containerrepositorytagconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `ClusterAgentConnection` +#### `ContainerRepositoryTagEdge` -The connection type for ClusterAgent. +The edge type for [`ContainerRepositoryTag`](#containerrepositorytag). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[ClusterAgentEdge]`](#clusteragentedge) | A list of edges. | -| `nodes` | [`[ClusterAgent]`](#clusteragent) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### Fields -### `ClusterAgentDeletePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="containerrepositorytagedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="containerrepositorytagedgenode"></a>`node` | [`ContainerRepositoryTag`](#containerrepositorytag) | The item at the end of the edge. | -Autogenerated return type of ClusterAgentDelete. +#### `CustomEmojiConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +The connection type for [`CustomEmoji`](#customemoji). -### `ClusterAgentEdge` +##### Fields -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="customemojiconnectionedges"></a>`edges` | [`[CustomEmojiEdge]`](#customemojiedge) | A list of edges. | +| <a id="customemojiconnectionnodes"></a>`nodes` | [`[CustomEmoji]`](#customemoji) | A list of nodes. | +| <a id="customemojiconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`ClusterAgent`](#clusteragent) | The item at the end of the edge. | +#### `CustomEmojiEdge` -### `ClusterAgentToken` +The edge type for [`CustomEmoji`](#customemoji). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clusterAgent` | [`ClusterAgent`](#clusteragent) | Cluster agent this token is associated with. | -| `createdAt` | [`Time`](#time) | Timestamp the token was created. | -| `createdByUser` | [`User`](#user) | The user who created the token. | -| `description` | [`String`](#string) | Description of the token. | -| `id` | [`ClustersAgentTokenID!`](#clustersagenttokenid) | Global ID of the token. | -| `lastUsedAt` | [`Time`](#time) | Timestamp the token was last used. | -| `name` | [`String`](#string) | Name given to the token. | +##### Fields -### `ClusterAgentTokenConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="customemojiedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="customemojiedgenode"></a>`node` | [`CustomEmoji`](#customemoji) | The item at the end of the edge. | -The connection type for ClusterAgentToken. +#### `DastProfileConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[ClusterAgentTokenEdge]`](#clusteragenttokenedge) | A list of edges. | -| `nodes` | [`[ClusterAgentToken]`](#clusteragenttoken) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +The connection type for [`DastProfile`](#dastprofile). -### `ClusterAgentTokenCreatePayload` +##### Fields -Autogenerated return type of ClusterAgentTokenCreate. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastprofileconnectionedges"></a>`edges` | [`[DastProfileEdge]`](#dastprofileedge) | A list of edges. | +| <a id="dastprofileconnectionnodes"></a>`nodes` | [`[DastProfile]`](#dastprofile) | A list of nodes. | +| <a id="dastprofileconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `secret` | [`String`](#string) | Token secret value. Make sure you save it - you won't be able to access it again. | -| `token` | [`ClusterAgentToken`](#clusteragenttoken) | Token created after mutation. | +#### `DastProfileEdge` -### `ClusterAgentTokenDeletePayload` +The edge type for [`DastProfile`](#dastprofile). -Autogenerated return type of ClusterAgentTokenDelete. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastprofileedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="dastprofileedgenode"></a>`node` | [`DastProfile`](#dastprofile) | The item at the end of the edge. | -### `ClusterAgentTokenEdge` +#### `DastScannerProfileConnection` -An edge in a connection. +The connection type for [`DastScannerProfile`](#dastscannerprofile). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`ClusterAgentToken`](#clusteragenttoken) | The item at the end of the edge. | +##### Fields -### `CodeCoverageActivity` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastscannerprofileconnectionedges"></a>`edges` | [`[DastScannerProfileEdge]`](#dastscannerprofileedge) | A list of edges. | +| <a id="dastscannerprofileconnectionnodes"></a>`nodes` | [`[DastScannerProfile]`](#dastscannerprofile) | A list of nodes. | +| <a id="dastscannerprofileconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -Represents the code coverage activity for a group. +#### `DastScannerProfileEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `averageCoverage` | [`Float`](#float) | Average percentage of the different code coverage results available for the group. | -| `coverageCount` | [`Int`](#int) | Number of different code coverage results available for the group. | -| `date` | [`Date!`](#date) | Date when the code coverage was created. | -| `projectCount` | [`Int`](#int) | Number of projects with code coverage results for the group. | +The edge type for [`DastScannerProfile`](#dastscannerprofile). -### `CodeCoverageActivityConnection` +##### Fields -The connection type for CodeCoverageActivity. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastscannerprofileedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="dastscannerprofileedgenode"></a>`node` | [`DastScannerProfile`](#dastscannerprofile) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CodeCoverageActivityEdge]`](#codecoverageactivityedge) | A list of edges. | -| `nodes` | [`[CodeCoverageActivity]`](#codecoverageactivity) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### `DastSiteProfileConnection` -### `CodeCoverageActivityEdge` +The connection type for [`DastSiteProfile`](#dastsiteprofile). -An edge in a connection. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CodeCoverageActivity`](#codecoverageactivity) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastsiteprofileconnectionedges"></a>`edges` | [`[DastSiteProfileEdge]`](#dastsiteprofileedge) | A list of edges. | +| <a id="dastsiteprofileconnectionnodes"></a>`nodes` | [`[DastSiteProfile]`](#dastsiteprofile) | A list of nodes. | +| <a id="dastsiteprofileconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `CodeCoverageSummary` +#### `DastSiteProfileEdge` -Represents the code coverage summary for a project. +The edge type for [`DastSiteProfile`](#dastsiteprofile). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `averageCoverage` | [`Float`](#float) | Average percentage of the different code coverage results available for the project. | -| `coverageCount` | [`Int`](#int) | Number of different code coverage results available. | -| `lastUpdatedOn` | [`Date`](#date) | Latest date when the code coverage was created for the project. | +##### Fields -### `Commit` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastsiteprofileedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="dastsiteprofileedgenode"></a>`node` | [`DastSiteProfile`](#dastsiteprofile) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `author` | [`User`](#user) | Author of the commit. | -| `authorGravatar` | [`String`](#string) | Commit authors gravatar. | -| `authorName` | [`String`](#string) | Commit authors name. | -| `authoredDate` | [`Time`](#time) | Timestamp of when the commit was authored. | -| `description` | [`String`](#string) | Description of the commit message. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `id` | [`ID!`](#id) | ID (global ID) of the commit. | -| `message` | [`String`](#string) | Raw commit message. | -| `pipelines` | [`PipelineConnection`](#pipelineconnection) | Pipelines of the commit ordered latest first. | -| `sha` | [`String!`](#string) | SHA1 ID of the commit. | -| `shortId` | [`String!`](#string) | Short SHA1 ID of the commit. | -| `signatureHtml` | [`String`](#string) | Rendered HTML of the commit signature. | -| `title` | [`String`](#string) | Title of the commit message. | -| `titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | -| `webPath` | [`String!`](#string) | Web path of the commit. | -| `webUrl` | [`String!`](#string) | Web URL of the commit. | - -### `CommitConnection` - -The connection type for Commit. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CommitEdge]`](#commitedge) | A list of edges. | -| `nodes` | [`[Commit]`](#commit) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `CommitCreatePayload` - -Autogenerated return type of CommitCreate. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `commit` | [`Commit`](#commit) | The commit after mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | - -### `CommitEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Commit`](#commit) | The item at the end of the edge. | +#### `DastSiteValidationConnection` -### `ComplianceFramework` +The connection type for [`DastSiteValidation`](#dastsitevalidation). -Represents a ComplianceFramework associated with a Project. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `color` | [`String!`](#string) | Hexadecimal representation of compliance framework's label color. | -| `description` | [`String!`](#string) | Description of the compliance framework. | -| `id` | [`ID!`](#id) | Compliance framework ID. | -| `name` | [`String!`](#string) | Name of the compliance framework. | -| `pipelineConfigurationFullPath` | [`String`](#string) | Full path of the compliance pipeline configuration stored in a project repository, such as `.gitlab/.compliance-gitlab-ci.yml@compliance/hipaa` **(ULTIMATE)**. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastsitevalidationconnectionedges"></a>`edges` | [`[DastSiteValidationEdge]`](#dastsitevalidationedge) | A list of edges. | +| <a id="dastsitevalidationconnectionnodes"></a>`nodes` | [`[DastSiteValidation]`](#dastsitevalidation) | A list of nodes. | +| <a id="dastsitevalidationconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `ComplianceFrameworkConnection` +#### `DastSiteValidationEdge` -The connection type for ComplianceFramework. +The edge type for [`DastSiteValidation`](#dastsitevalidation). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ComplianceFrameworkEdge]`](#complianceframeworkedge) | A list of edges. | -| `nodes` | [`[ComplianceFramework]`](#complianceframework) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### Fields -### `ComplianceFrameworkEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastsitevalidationedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="dastsitevalidationedgenode"></a>`node` | [`DastSiteValidation`](#dastsitevalidation) | The item at the end of the edge. | -An edge in a connection. +#### `DesignAtVersionConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`ComplianceFramework`](#complianceframework) | The item at the end of the edge. | +The connection type for [`DesignAtVersion`](#designatversion). -### `ComposerMetadata` +##### Fields -Composer metadata. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designatversionconnectionedges"></a>`edges` | [`[DesignAtVersionEdge]`](#designatversionedge) | A list of edges. | +| <a id="designatversionconnectionnodes"></a>`nodes` | [`[DesignAtVersion]`](#designatversion) | A list of nodes. | +| <a id="designatversionconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `composerJson` | [`PackageComposerJsonType!`](#packagecomposerjsontype) | Data of the Composer JSON file. | -| `targetSha` | [`String!`](#string) | Target SHA of the package. | +#### `DesignAtVersionEdge` -### `ConanFileMetadata` +The edge type for [`DesignAtVersion`](#designatversion). -Conan file metadata. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `conanFileType` | [`ConanMetadatumFileTypeEnum!`](#conanmetadatumfiletypeenum) | Type of the Conan file. | -| `conanPackageReference` | [`String`](#string) | Reference of the Conan package. | -| `createdAt` | [`Time!`](#time) | Date of creation. | -| `id` | [`PackagesConanFileMetadatumID!`](#packagesconanfilemetadatumid) | ID of the metadatum. | -| `packageRevision` | [`String`](#string) | Revision of the package. | -| `recipeRevision` | [`String!`](#string) | Revision of the Conan recipe. | -| `updatedAt` | [`Time!`](#time) | Date of most recent update. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designatversionedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="designatversionedgenode"></a>`node` | [`DesignAtVersion`](#designatversion) | The item at the end of the edge. | -### `ConanMetadata` +#### `DesignConnection` -Conan metadata. +The connection type for [`Design`](#design). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | Date of creation. | -| `id` | [`PackagesConanMetadatumID!`](#packagesconanmetadatumid) | ID of the metadatum. | -| `packageChannel` | [`String!`](#string) | Channel of the Conan package. | -| `packageUsername` | [`String!`](#string) | Username of the Conan package. | -| `recipe` | [`String!`](#string) | Recipe of the Conan package. | -| `recipePath` | [`String!`](#string) | Recipe path of the Conan package. | -| `updatedAt` | [`Time!`](#time) | Date of most recent update. | +##### Fields -### `ConfigureSastPayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designconnectionedges"></a>`edges` | [`[DesignEdge]`](#designedge) | A list of edges. | +| <a id="designconnectionnodes"></a>`nodes` | [`[Design]`](#design) | A list of nodes. | +| <a id="designconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -Autogenerated return type of ConfigureSast. +#### `DesignEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `status` | [`String!`](#string) | Status of creating the commit for the supplied SAST CI configuration. | -| `successPath` | [`String`](#string) | Redirect path to use when the response is successful. | +The edge type for [`Design`](#design). -### `ContainerExpirationPolicy` +##### Fields -A tag expiration policy designed to keep only the images that matter most. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="designedgenode"></a>`node` | [`Design`](#design) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cadence` | [`ContainerExpirationPolicyCadenceEnum!`](#containerexpirationpolicycadenceenum) | This container expiration policy schedule. | -| `createdAt` | [`Time!`](#time) | Timestamp of when the container expiration policy was created. | -| `enabled` | [`Boolean!`](#boolean) | Indicates whether this container expiration policy is enabled. | -| `keepN` | [`ContainerExpirationPolicyKeepEnum`](#containerexpirationpolicykeepenum) | Number of tags to retain. | -| `nameRegex` | [`UntrustedRegexp`](#untrustedregexp) | Tags with names matching this regex pattern will expire. | -| `nameRegexKeep` | [`UntrustedRegexp`](#untrustedregexp) | Tags with names matching this regex pattern will be preserved. | -| `nextRunAt` | [`Time`](#time) | Next time that this container expiration policy will get executed. | -| `olderThan` | [`ContainerExpirationPolicyOlderThanEnum`](#containerexpirationpolicyolderthanenum) | Tags older that this will expire. | -| `updatedAt` | [`Time!`](#time) | Timestamp of when the container expiration policy was updated. | +#### `DesignVersionConnection` -### `ContainerRepository` +The connection type for [`DesignVersion`](#designversion). -A container repository. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `canDelete` | [`Boolean!`](#boolean) | Can the current user delete the container repository. | -| `createdAt` | [`Time!`](#time) | Timestamp when the container repository was created. | -| `expirationPolicyCleanupStatus` | [`ContainerRepositoryCleanupStatus`](#containerrepositorycleanupstatus) | The tags cleanup status for the container repository. | -| `expirationPolicyStartedAt` | [`Time`](#time) | Timestamp when the cleanup done by the expiration policy was started on the container repository. | -| `id` | [`ID!`](#id) | ID of the container repository. | -| `location` | [`String!`](#string) | URL of the container repository. | -| `name` | [`String!`](#string) | Name of the container repository. | -| `path` | [`String!`](#string) | Path of the container repository. | -| `project` | [`Project!`](#project) | Project of the container registry. | -| `status` | [`ContainerRepositoryStatus`](#containerrepositorystatus) | Status of the container repository. | -| `tagsCount` | [`Int!`](#int) | Number of tags associated with this image. | -| `updatedAt` | [`Time!`](#time) | Timestamp when the container repository was updated. | - -### `ContainerRepositoryConnection` - -The connection type for ContainerRepository. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ContainerRepositoryEdge]`](#containerrepositoryedge) | A list of edges. | -| `nodes` | [`[ContainerRepository]`](#containerrepository) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designversionconnectionedges"></a>`edges` | [`[DesignVersionEdge]`](#designversionedge) | A list of edges. | +| <a id="designversionconnectionnodes"></a>`nodes` | [`[DesignVersion]`](#designversion) | A list of nodes. | +| <a id="designversionconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `ContainerRepositoryDetails` +#### `DesignVersionEdge` -Details of a container repository. +The edge type for [`DesignVersion`](#designversion). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `canDelete` | [`Boolean!`](#boolean) | Can the current user delete the container repository. | -| `createdAt` | [`Time!`](#time) | Timestamp when the container repository was created. | -| `expirationPolicyCleanupStatus` | [`ContainerRepositoryCleanupStatus`](#containerrepositorycleanupstatus) | The tags cleanup status for the container repository. | -| `expirationPolicyStartedAt` | [`Time`](#time) | Timestamp when the cleanup done by the expiration policy was started on the container repository. | -| `id` | [`ID!`](#id) | ID of the container repository. | -| `location` | [`String!`](#string) | URL of the container repository. | -| `name` | [`String!`](#string) | Name of the container repository. | -| `path` | [`String!`](#string) | Path of the container repository. | -| `project` | [`Project!`](#project) | Project of the container registry. | -| `status` | [`ContainerRepositoryStatus`](#containerrepositorystatus) | Status of the container repository. | -| `tags` | [`ContainerRepositoryTagConnection`](#containerrepositorytagconnection) | Tags of the container repository. | -| `tagsCount` | [`Int!`](#int) | Number of tags associated with this image. | -| `updatedAt` | [`Time!`](#time) | Timestamp when the container repository was updated. | - -### `ContainerRepositoryEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`ContainerRepository`](#containerrepository) | The item at the end of the edge. | +##### Fields -### `ContainerRepositoryTag` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designversionedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="designversionedgenode"></a>`node` | [`DesignVersion`](#designversion) | The item at the end of the edge. | -A tag from a container repository. +#### `DevopsAdoptionSegmentConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `canDelete` | [`Boolean!`](#boolean) | Can the current user delete this tag. | -| `createdAt` | [`Time`](#time) | Timestamp when the tag was created. | -| `digest` | [`String`](#string) | Digest of the tag. | -| `location` | [`String!`](#string) | URL of the tag. | -| `name` | [`String!`](#string) | Name of the tag. | -| `path` | [`String!`](#string) | Path of the tag. | -| `revision` | [`String`](#string) | Revision of the tag. | -| `shortRevision` | [`String`](#string) | Short revision of the tag. | -| `totalSize` | [`BigInt`](#bigint) | The size of the tag. | +The connection type for [`DevopsAdoptionSegment`](#devopsadoptionsegment). -### `ContainerRepositoryTagConnection` +##### Fields -The connection type for ContainerRepositoryTag. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="devopsadoptionsegmentconnectionedges"></a>`edges` | [`[DevopsAdoptionSegmentEdge]`](#devopsadoptionsegmentedge) | A list of edges. | +| <a id="devopsadoptionsegmentconnectionnodes"></a>`nodes` | [`[DevopsAdoptionSegment]`](#devopsadoptionsegment) | A list of nodes. | +| <a id="devopsadoptionsegmentconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ContainerRepositoryTagEdge]`](#containerrepositorytagedge) | A list of edges. | -| `nodes` | [`[ContainerRepositoryTag]`](#containerrepositorytag) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### `DevopsAdoptionSegmentEdge` -### `ContainerRepositoryTagEdge` +The edge type for [`DevopsAdoptionSegment`](#devopsadoptionsegment). -An edge in a connection. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`ContainerRepositoryTag`](#containerrepositorytag) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="devopsadoptionsegmentedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="devopsadoptionsegmentedgenode"></a>`node` | [`DevopsAdoptionSegment`](#devopsadoptionsegment) | The item at the end of the edge. | -### `CreateAlertIssuePayload` +#### `DiscussionConnection` -Autogenerated return type of CreateAlertIssue. +The connection type for [`Discussion`](#discussion). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `alert` | [`AlertManagementAlert`](#alertmanagementalert) | The alert after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue created after mutation. | -| `todo` | [`Todo`](#todo) | The to-do item after mutation. | +##### Fields -### `CreateAnnotationPayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="discussionconnectionedges"></a>`edges` | [`[DiscussionEdge]`](#discussionedge) | A list of edges. | +| <a id="discussionconnectionnodes"></a>`nodes` | [`[Discussion]`](#discussion) | A list of nodes. | +| <a id="discussionconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -Autogenerated return type of CreateAnnotation. +#### `DiscussionEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `annotation` | [`MetricsDashboardAnnotation`](#metricsdashboardannotation) | The created annotation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +The edge type for [`Discussion`](#discussion). -### `CreateBoardPayload` +##### Fields -Autogenerated return type of CreateBoard. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="discussionedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="discussionedgenode"></a>`node` | [`Discussion`](#discussion) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `board` | [`Board`](#board) | The board after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### `EnvironmentConnection` -### `CreateBranchPayload` +The connection type for [`Environment`](#environment). -Autogenerated return type of CreateBranch. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `branch` | [`Branch`](#branch) | Branch after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="environmentconnectionedges"></a>`edges` | [`[EnvironmentEdge]`](#environmentedge) | A list of edges. | +| <a id="environmentconnectionnodes"></a>`nodes` | [`[Environment]`](#environment) | A list of nodes. | +| <a id="environmentconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `CreateClusterAgentPayload` +#### `EnvironmentEdge` -Autogenerated return type of CreateClusterAgent. +The edge type for [`Environment`](#environment). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `clusterAgent` | [`ClusterAgent`](#clusteragent) | Cluster agent created after mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +##### Fields -### `CreateComplianceFrameworkPayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="environmentedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="environmentedgenode"></a>`node` | [`Environment`](#environment) | The item at the end of the edge. | -Autogenerated return type of CreateComplianceFramework. +#### `EpicBoardConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `framework` | [`ComplianceFramework`](#complianceframework) | The created compliance framework. | +The connection type for [`EpicBoard`](#epicboard). -### `CreateCustomEmojiPayload` +##### Fields -Autogenerated return type of CreateCustomEmoji. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicboardconnectionedges"></a>`edges` | [`[EpicBoardEdge]`](#epicboardedge) | A list of edges. | +| <a id="epicboardconnectionnodes"></a>`nodes` | [`[EpicBoard]`](#epicboard) | A list of nodes. | +| <a id="epicboardconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `customEmoji` | [`CustomEmoji`](#customemoji) | The new custom emoji. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### `EpicBoardEdge` -### `CreateDevopsAdoptionSegmentPayload` +The edge type for [`EpicBoard`](#epicboard). -Autogenerated return type of CreateDevopsAdoptionSegment. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `segment` | [`DevopsAdoptionSegment`](#devopsadoptionsegment) | The segment after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicboardedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="epicboardedgenode"></a>`node` | [`EpicBoard`](#epicboard) | The item at the end of the edge. | -### `CreateDiffNotePayload` +#### `EpicConnection` -Autogenerated return type of CreateDiffNote. +The connection type for [`Epic`](#epic). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `note` | [`Note`](#note) | The note after mutation. | +##### Fields -### `CreateEpicPayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicconnectionedges"></a>`edges` | [`[EpicEdge]`](#epicedge) | A list of edges. | +| <a id="epicconnectionnodes"></a>`nodes` | [`[Epic]`](#epic) | A list of nodes. | +| <a id="epicconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -Autogenerated return type of CreateEpic. +#### `EpicEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `epic` | [`Epic`](#epic) | The created epic. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +The edge type for [`Epic`](#epic). -### `CreateImageDiffNotePayload` +##### Fields -Autogenerated return type of CreateImageDiffNote. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="epicedgenode"></a>`node` | [`Epic`](#epic) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `note` | [`Note`](#note) | The note after mutation. | +#### `EpicIssueConnection` -### `CreateIssuePayload` +The connection type for [`EpicIssue`](#epicissue). -Autogenerated return type of CreateIssue. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicissueconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="epicissueconnectionedges"></a>`edges` | [`[EpicIssueEdge]`](#epicissueedge) | A list of edges. | +| <a id="epicissueconnectionnodes"></a>`nodes` | [`[EpicIssue]`](#epicissue) | A list of nodes. | +| <a id="epicissueconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| <a id="epicissueconnectionweight"></a>`weight` | [`Int!`](#int) | Total weight of issues collection. | -### `CreateIterationPayload` +#### `EpicIssueEdge` -Autogenerated return type of CreateIteration. +The edge type for [`EpicIssue`](#epicissue). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `iteration` | [`Iteration`](#iteration) | The created iteration. | +##### Fields -### `CreateNotePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicissueedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="epicissueedgenode"></a>`node` | [`EpicIssue`](#epicissue) | The item at the end of the edge. | -Autogenerated return type of CreateNote. +#### `EpicListConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `note` | [`Note`](#note) | The note after mutation. | +The connection type for [`EpicList`](#epiclist). -### `CreateRequirementPayload` +##### Fields -Autogenerated return type of CreateRequirement. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epiclistconnectionedges"></a>`edges` | [`[EpicListEdge]`](#epiclistedge) | A list of edges. | +| <a id="epiclistconnectionnodes"></a>`nodes` | [`[EpicList]`](#epiclist) | A list of nodes. | +| <a id="epiclistconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `requirement` | [`Requirement`](#requirement) | Requirement after mutation. | +#### `EpicListEdge` -### `CreateSnippetPayload` +The edge type for [`EpicList`](#epiclist). -Autogenerated return type of CreateSnippet. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `captchaSiteKey` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.11. Use spam protection with HTTP headers instead. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `needsCaptchaResponse` **{warning-solid}** | [`Boolean`](#boolean) | **Deprecated** in 13.11. Use spam protection with HTTP headers instead. | -| `snippet` | [`Snippet`](#snippet) | The snippet after mutation. | -| `spam` **{warning-solid}** | [`Boolean`](#boolean) | **Deprecated** in 13.11. Use spam protection with HTTP headers instead. | -| `spamLogId` **{warning-solid}** | [`Int`](#int) | **Deprecated** in 13.11. Use spam protection with HTTP headers instead. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epiclistedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="epiclistedgenode"></a>`node` | [`EpicList`](#epiclist) | The item at the end of the edge. | -### `CreateTestCasePayload` +#### `EventConnection` -Autogenerated return type of CreateTestCase. +The connection type for [`Event`](#event). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `testCase` | [`Issue`](#issue) | The test case created. | +##### Fields -### `CurrentLicense` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="eventconnectionedges"></a>`edges` | [`[EventEdge]`](#eventedge) | A list of edges. | +| <a id="eventconnectionnodes"></a>`nodes` | [`[Event]`](#event) | A list of nodes. | +| <a id="eventconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -Represents the current license. +#### `EventEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `activatedAt` | [`Date`](#date) | Date when the license was activated. | -| `billableUsersCount` | [`Int`](#int) | Number of billable users on the system. | -| `company` | [`String`](#string) | Company of the licensee. | -| `email` | [`String`](#string) | Email of the licensee. | -| `expiresAt` | [`Date`](#date) | Date when the license expires. | -| `id` | [`ID!`](#id) | ID of the license. | -| `lastSync` | [`Time`](#time) | Date when the license was last synced. | -| `maximumUserCount` | [`Int`](#int) | Highest number of billable users on the system during the term of the current license. | -| `name` | [`String`](#string) | Name of the licensee. | -| `plan` | [`String!`](#string) | Name of the subscription plan. | -| `startsAt` | [`Date`](#date) | Date when the license started. | -| `type` | [`String!`](#string) | Type of the license. | -| `usersInLicenseCount` | [`Int`](#int) | Number of paid users in the license. | -| `usersOverLicenseCount` | [`Int`](#int) | Number of users over the paid users in the license. | +The edge type for [`Event`](#event). -### `CustomEmoji` +##### Fields -A custom emoji uploaded by user. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="eventedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="eventedgenode"></a>`node` | [`Event`](#event) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `external` | [`Boolean!`](#boolean) | Whether the emoji is an external link. | -| `id` | [`CustomEmojiID!`](#customemojiid) | The ID of the emoji. | -| `name` | [`String!`](#string) | The name of the emoji. | -| `url` | [`String!`](#string) | The link to file of the emoji. | +#### `GroupMemberConnection` -### `CustomEmojiConnection` +The connection type for [`GroupMember`](#groupmember). -The connection type for CustomEmoji. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[CustomEmojiEdge]`](#customemojiedge) | A list of edges. | -| `nodes` | [`[CustomEmoji]`](#customemoji) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupmemberconnectionedges"></a>`edges` | [`[GroupMemberEdge]`](#groupmemberedge) | A list of edges. | +| <a id="groupmemberconnectionnodes"></a>`nodes` | [`[GroupMember]`](#groupmember) | A list of nodes. | +| <a id="groupmemberconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `CustomEmojiEdge` +#### `GroupMemberEdge` -An edge in a connection. +The edge type for [`GroupMember`](#groupmember). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`CustomEmoji`](#customemoji) | The item at the end of the edge. | +##### Fields -### `DastOnDemandScanCreatePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupmemberedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="groupmemberedgenode"></a>`node` | [`GroupMember`](#groupmember) | The item at the end of the edge. | -Autogenerated return type of DastOnDemandScanCreate. +#### `GroupWikiRepositoryRegistryConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `pipelineUrl` | [`String`](#string) | URL of the pipeline that was created. | +The connection type for [`GroupWikiRepositoryRegistry`](#groupwikirepositoryregistry). -### `DastProfile` +##### Fields -Represents a DAST Profile. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupwikirepositoryregistryconnectionedges"></a>`edges` | [`[GroupWikiRepositoryRegistryEdge]`](#groupwikirepositoryregistryedge) | A list of edges. | +| <a id="groupwikirepositoryregistryconnectionnodes"></a>`nodes` | [`[GroupWikiRepositoryRegistry]`](#groupwikirepositoryregistry) | A list of nodes. | +| <a id="groupwikirepositoryregistryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `branch` | [`DastProfileBranch`](#dastprofilebranch) | The associated branch. | -| `dastScannerProfile` | [`DastScannerProfile`](#dastscannerprofile) | The associated scanner profile. | -| `dastSiteProfile` | [`DastSiteProfile`](#dastsiteprofile) | The associated site profile. | -| `description` | [`String`](#string) | The description of the scan. | -| `editPath` | [`String`](#string) | Relative web path to the edit page of a profile. | -| `id` | [`DastProfileID!`](#dastprofileid) | ID of the profile. | -| `name` | [`String`](#string) | The name of the profile. | +#### `GroupWikiRepositoryRegistryEdge` -### `DastProfileBranch` +The edge type for [`GroupWikiRepositoryRegistry`](#groupwikirepositoryregistry). -Represents a DAST Profile Branch. +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupwikirepositoryregistryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="groupwikirepositoryregistryedgenode"></a>`node` | [`GroupWikiRepositoryRegistry`](#groupwikirepositoryregistry) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `exists` | [`Boolean`](#boolean) | Indicates whether or not the branch exists. | -| `name` | [`String`](#string) | The name of the branch. | +#### `IncidentManagementOncallRotationConnection` -### `DastProfileConnection` +The connection type for [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation). -The connection type for DastProfile. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[DastProfileEdge]`](#dastprofileedge) | A list of edges. | -| `nodes` | [`[DastProfile]`](#dastprofile) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallrotationconnectionedges"></a>`edges` | [`[IncidentManagementOncallRotationEdge]`](#incidentmanagementoncallrotationedge) | A list of edges. | +| <a id="incidentmanagementoncallrotationconnectionnodes"></a>`nodes` | [`[IncidentManagementOncallRotation]`](#incidentmanagementoncallrotation) | A list of nodes. | +| <a id="incidentmanagementoncallrotationconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `DastProfileCreatePayload` +#### `IncidentManagementOncallRotationEdge` -Autogenerated return type of DastProfileCreate. +The edge type for [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `dastProfile` | [`DastProfile`](#dastprofile) | The created profile. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `pipelineUrl` | [`String`](#string) | The URL of the pipeline that was created. Requires `runAfterCreate` to be set to `true`. | +##### Fields -### `DastProfileDeletePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallrotationedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="incidentmanagementoncallrotationedgenode"></a>`node` | [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation) | The item at the end of the edge. | -Autogenerated return type of DastProfileDelete. +#### `IncidentManagementOncallScheduleConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +The connection type for [`IncidentManagementOncallSchedule`](#incidentmanagementoncallschedule). -### `DastProfileEdge` +##### Fields -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallscheduleconnectionedges"></a>`edges` | [`[IncidentManagementOncallScheduleEdge]`](#incidentmanagementoncallscheduleedge) | A list of edges. | +| <a id="incidentmanagementoncallscheduleconnectionnodes"></a>`nodes` | [`[IncidentManagementOncallSchedule]`](#incidentmanagementoncallschedule) | A list of nodes. | +| <a id="incidentmanagementoncallscheduleconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`DastProfile`](#dastprofile) | The item at the end of the edge. | +#### `IncidentManagementOncallScheduleEdge` -### `DastProfileRunPayload` +The edge type for [`IncidentManagementOncallSchedule`](#incidentmanagementoncallschedule). -Autogenerated return type of DastProfileRun. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `pipelineUrl` | [`String`](#string) | URL of the pipeline that was created. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallscheduleedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="incidentmanagementoncallscheduleedgenode"></a>`node` | [`IncidentManagementOncallSchedule`](#incidentmanagementoncallschedule) | The item at the end of the edge. | -### `DastProfileUpdatePayload` +#### `IncidentManagementOncallShiftConnection` -Autogenerated return type of DastProfileUpdate. +The connection type for [`IncidentManagementOncallShift`](#incidentmanagementoncallshift). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `dastProfile` | [`DastProfile`](#dastprofile) | The updated profile. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `pipelineUrl` | [`String`](#string) | The URL of the pipeline that was created. Requires the input argument `runAfterUpdate` to be set to `true` when calling the mutation, otherwise no pipeline will be created. | +##### Fields -### `DastScannerProfile` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallshiftconnectionedges"></a>`edges` | [`[IncidentManagementOncallShiftEdge]`](#incidentmanagementoncallshiftedge) | A list of edges. | +| <a id="incidentmanagementoncallshiftconnectionnodes"></a>`nodes` | [`[IncidentManagementOncallShift]`](#incidentmanagementoncallshift) | A list of nodes. | +| <a id="incidentmanagementoncallshiftconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -Represents a DAST scanner profile. +#### `IncidentManagementOncallShiftEdge` + +The edge type for [`IncidentManagementOncallShift`](#incidentmanagementoncallshift). + +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `editPath` | [`String`](#string) | Relative web path to the edit page of a scanner profile. | -| `globalId` **{warning-solid}** | [`DastScannerProfileID!`](#dastscannerprofileid) | **Deprecated** in 13.6. Use `id`. | -| `id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the DAST scanner profile. | -| `profileName` | [`String`](#string) | Name of the DAST scanner profile. | -| `referencedInSecurityPolicies` | [`[String!]`](#string) | List of security policy names that are referencing given project. | -| `scanType` | [`DastScanTypeEnum`](#dastscantypeenum) | Indicates the type of DAST scan that will run. Either a Passive Scan or an Active Scan. | -| `showDebugMessages` | [`Boolean!`](#boolean) | Indicates if debug messages should be included in DAST console output. True to include the debug messages. | -| `spiderTimeout` | [`Int`](#int) | The maximum number of minutes allowed for the spider to traverse the site. | -| `targetTimeout` | [`Int`](#int) | The maximum number of seconds allowed for the site under test to respond to a request. | -| `useAjaxSpider` | [`Boolean!`](#boolean) | Indicates if the AJAX spider should be used to crawl the target site. True to run the AJAX spider in addition to the traditional spider, and false to run only the traditional spider. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallshiftedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="incidentmanagementoncallshiftedgenode"></a>`node` | [`IncidentManagementOncallShift`](#incidentmanagementoncallshift) | The item at the end of the edge. | + +#### `IssueConnection` -### `DastScannerProfileConnection` +The connection type for [`Issue`](#issue). -The connection type for DastScannerProfile. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[DastScannerProfileEdge]`](#dastscannerprofileedge) | A list of edges. | -| `nodes` | [`[DastScannerProfile]`](#dastscannerprofile) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="issueconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="issueconnectionedges"></a>`edges` | [`[IssueEdge]`](#issueedge) | A list of edges. | +| <a id="issueconnectionnodes"></a>`nodes` | [`[Issue]`](#issue) | A list of nodes. | +| <a id="issueconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| <a id="issueconnectionweight"></a>`weight` | [`Int!`](#int) | Total weight of issues collection. | -### `DastScannerProfileCreatePayload` +#### `IssueEdge` -Autogenerated return type of DastScannerProfileCreate. +The edge type for [`Issue`](#issue). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `globalId` **{warning-solid}** | [`DastScannerProfileID`](#dastscannerprofileid) | **Deprecated** in 13.6. Use `id`. | -| `id` | [`DastScannerProfileID`](#dastscannerprofileid) | ID of the scanner profile. | +##### Fields -### `DastScannerProfileDeletePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="issueedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="issueedgenode"></a>`node` | [`Issue`](#issue) | The item at the end of the edge. | -Autogenerated return type of DastScannerProfileDelete. +#### `IterationCadenceConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +The connection type for [`IterationCadence`](#iterationcadence). -### `DastScannerProfileEdge` +##### Fields -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="iterationcadenceconnectionedges"></a>`edges` | [`[IterationCadenceEdge]`](#iterationcadenceedge) | A list of edges. | +| <a id="iterationcadenceconnectionnodes"></a>`nodes` | [`[IterationCadence]`](#iterationcadence) | A list of nodes. | +| <a id="iterationcadenceconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`DastScannerProfile`](#dastscannerprofile) | The item at the end of the edge. | +#### `IterationCadenceEdge` -### `DastScannerProfileUpdatePayload` +The edge type for [`IterationCadence`](#iterationcadence). -Autogenerated return type of DastScannerProfileUpdate. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `id` | [`DastScannerProfileID`](#dastscannerprofileid) | ID of the scanner profile. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="iterationcadenceedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="iterationcadenceedgenode"></a>`node` | [`IterationCadence`](#iterationcadence) | The item at the end of the edge. | -### `DastSiteProfile` +#### `IterationConnection` -Represents a DAST Site Profile. +The connection type for [`Iteration`](#iteration). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `auth` | [`DastSiteProfileAuth`](#dastsiteprofileauth) | Target authentication details. Will always return `null` if `security_dast_site_profiles_additional_fields` feature flag is disabled. | -| `editPath` | [`String`](#string) | Relative web path to the edit page of a site profile. | -| `excludedUrls` | [`[String!]`](#string) | The URLs to skip during an authenticated scan. Will always return `null` if `security_dast_site_profiles_additional_fields` feature flag is disabled. | -| `id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile. | -| `normalizedTargetUrl` | [`String`](#string) | Normalized URL of the target to be scanned. | -| `profileName` | [`String`](#string) | The name of the site profile. | -| `referencedInSecurityPolicies` | [`[String!]`](#string) | List of security policy names that are referencing given project. | -| `requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. Will always return `null` if `security_dast_site_profiles_additional_fields` feature flag is disabled. | -| `targetType` | [`DastTargetTypeEnum`](#dasttargettypeenum) | The type of target to be scanned. Will always return `null` if `security_dast_site_profiles_api_option` feature flag is disabled. | -| `targetUrl` | [`String`](#string) | The URL of the target to be scanned. | -| `userPermissions` | [`DastSiteProfilePermissions!`](#dastsiteprofilepermissions) | Permissions for the current user on the resource. | -| `validationStatus` | [`DastSiteProfileValidationStatusEnum`](#dastsiteprofilevalidationstatusenum) | The current validation status of the site profile. | +##### Fields -### `DastSiteProfileAuth` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="iterationconnectionedges"></a>`edges` | [`[IterationEdge]`](#iterationedge) | A list of edges. | +| <a id="iterationconnectionnodes"></a>`nodes` | [`[Iteration]`](#iteration) | A list of nodes. | +| <a id="iterationconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -Input type for DastSiteProfile authentication. +#### `IterationEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `enabled` | [`Boolean`](#boolean) | Indicates whether authentication is enabled. | -| `password` | [`String`](#string) | Redacted password to authenticate with on the target website. | -| `passwordField` | [`String`](#string) | The name of password field at the sign-in HTML form. | -| `url` | [`String`](#string) | The URL of the page containing the sign-in HTML form on the target website. | -| `username` | [`String`](#string) | The username to authenticate with on the target website. | -| `usernameField` | [`String`](#string) | The name of username field at the sign-in HTML form. | +The edge type for [`Iteration`](#iteration). -### `DastSiteProfileConnection` +##### Fields -The connection type for DastSiteProfile. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="iterationedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="iterationedgenode"></a>`node` | [`Iteration`](#iteration) | The item at the end of the edge. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[DastSiteProfileEdge]`](#dastsiteprofileedge) | A list of edges. | -| `nodes` | [`[DastSiteProfile]`](#dastsiteprofile) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### `JiraImportConnection` -### `DastSiteProfileCreatePayload` +The connection type for [`JiraImport`](#jiraimport). -Autogenerated return type of DastSiteProfileCreate. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `id` | [`DastSiteProfileID`](#dastsiteprofileid) | ID of the site profile. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jiraimportconnectionedges"></a>`edges` | [`[JiraImportEdge]`](#jiraimportedge) | A list of edges. | +| <a id="jiraimportconnectionnodes"></a>`nodes` | [`[JiraImport]`](#jiraimport) | A list of nodes. | +| <a id="jiraimportconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -### `DastSiteProfileDeletePayload` +#### `JiraImportEdge` -Autogenerated return type of DastSiteProfileDelete. +The edge type for [`JiraImport`](#jiraimport). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +##### Fields -### `DastSiteProfileEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jiraimportedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="jiraimportedgenode"></a>`node` | [`JiraImport`](#jiraimport) | The item at the end of the edge. | -An edge in a connection. +#### `JiraProjectConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`DastSiteProfile`](#dastsiteprofile) | The item at the end of the edge. | +The connection type for [`JiraProject`](#jiraproject). -### `DastSiteProfilePermissions` +##### Fields -Check permissions for the current user on site profile. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jiraprojectconnectionedges"></a>`edges` | [`[JiraProjectEdge]`](#jiraprojectedge) | A list of edges. | +| <a id="jiraprojectconnectionnodes"></a>`nodes` | [`[JiraProject]`](#jiraproject) | A list of nodes. | +| <a id="jiraprojectconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createOnDemandDastScan` | [`Boolean!`](#boolean) | Indicates the user can perform `create_on_demand_dast_scan` on this resource. | +#### `JiraProjectEdge` -### `DastSiteProfileUpdatePayload` +The edge type for [`JiraProject`](#jiraproject). -Autogenerated return type of DastSiteProfileUpdate. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `id` | [`DastSiteProfileID`](#dastsiteprofileid) | ID of the site profile. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jiraprojectedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="jiraprojectedgenode"></a>`node` | [`JiraProject`](#jiraproject) | The item at the end of the edge. | -### `DastSiteTokenCreatePayload` +#### `LabelConnection` -Autogenerated return type of DastSiteTokenCreate. +The connection type for [`Label`](#label). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `id` | [`DastSiteTokenID`](#dastsitetokenid) | ID of the site token. | -| `status` | [`DastSiteProfileValidationStatusEnum`](#dastsiteprofilevalidationstatusenum) | The current validation status of the target. | -| `token` | [`String`](#string) | Token string. | +##### Fields -### `DastSiteValidation` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="labelconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="labelconnectionedges"></a>`edges` | [`[LabelEdge]`](#labeledge) | A list of edges. | +| <a id="labelconnectionnodes"></a>`nodes` | [`[Label]`](#label) | A list of nodes. | +| <a id="labelconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -Represents a DAST Site Validation. +#### `LabelEdge` + +The edge type for [`Label`](#label). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="labeledgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="labeledgenode"></a>`node` | [`Label`](#label) | The item at the end of the edge. | + +#### `LfsObjectRegistryConnection` + +The connection type for [`LfsObjectRegistry`](#lfsobjectregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="lfsobjectregistryconnectionedges"></a>`edges` | [`[LfsObjectRegistryEdge]`](#lfsobjectregistryedge) | A list of edges. | +| <a id="lfsobjectregistryconnectionnodes"></a>`nodes` | [`[LfsObjectRegistry]`](#lfsobjectregistry) | A list of nodes. | +| <a id="lfsobjectregistryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `LfsObjectRegistryEdge` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `id` | [`DastSiteValidationID!`](#dastsitevalidationid) | Global ID of the site validation. | -| `normalizedTargetUrl` | [`String`](#string) | Normalized URL of the target to be validated. | -| `status` | [`DastSiteProfileValidationStatusEnum!`](#dastsiteprofilevalidationstatusenum) | Status of the site validation. | +The edge type for [`LfsObjectRegistry`](#lfsobjectregistry). -### `DastSiteValidationConnection` +##### Fields -The connection type for DastSiteValidation. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="lfsobjectregistryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="lfsobjectregistryedgenode"></a>`node` | [`LfsObjectRegistry`](#lfsobjectregistry) | The item at the end of the edge. | + +#### `LicenseHistoryEntryConnection` + +The connection type for [`LicenseHistoryEntry`](#licensehistoryentry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="licensehistoryentryconnectionedges"></a>`edges` | [`[LicenseHistoryEntryEdge]`](#licensehistoryentryedge) | A list of edges. | +| <a id="licensehistoryentryconnectionnodes"></a>`nodes` | [`[LicenseHistoryEntry]`](#licensehistoryentry) | A list of nodes. | +| <a id="licensehistoryentryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `LicenseHistoryEntryEdge` + +The edge type for [`LicenseHistoryEntry`](#licensehistoryentry). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[DastSiteValidationEdge]`](#dastsitevalidationedge) | A list of edges. | -| `nodes` | [`[DastSiteValidation]`](#dastsitevalidation) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### Fields -### `DastSiteValidationCreatePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="licensehistoryentryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="licensehistoryentryedgenode"></a>`node` | [`LicenseHistoryEntry`](#licensehistoryentry) | The item at the end of the edge. | + +#### `MemberInterfaceConnection` + +The connection type for [`MemberInterface`](#memberinterface). + +##### Fields -Autogenerated return type of DastSiteValidationCreate. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="memberinterfaceconnectionedges"></a>`edges` | [`[MemberInterfaceEdge]`](#memberinterfaceedge) | A list of edges. | +| <a id="memberinterfaceconnectionnodes"></a>`nodes` | [`[MemberInterface]`](#memberinterface) | A list of nodes. | +| <a id="memberinterfaceconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `id` | [`DastSiteValidationID`](#dastsitevalidationid) | ID of the site validation. | -| `status` | [`DastSiteProfileValidationStatusEnum`](#dastsiteprofilevalidationstatusenum) | The current validation status. | +#### `MemberInterfaceEdge` -### `DastSiteValidationEdge` +The edge type for [`MemberInterface`](#memberinterface). -An edge in a connection. +##### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`DastSiteValidation`](#dastsitevalidation) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="memberinterfaceedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="memberinterfaceedgenode"></a>`node` | [`MemberInterface`](#memberinterface) | The item at the end of the edge. | -### `DastSiteValidationRevokePayload` +#### `MergeRequestAssigneeConnection` -Autogenerated return type of DastSiteValidationRevoke. +The connection type for [`MergeRequestAssignee`](#mergerequestassignee). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +##### Fields -### `DeleteAnnotationPayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestassigneeconnectionedges"></a>`edges` | [`[MergeRequestAssigneeEdge]`](#mergerequestassigneeedge) | A list of edges. | +| <a id="mergerequestassigneeconnectionnodes"></a>`nodes` | [`[MergeRequestAssignee]`](#mergerequestassignee) | A list of nodes. | +| <a id="mergerequestassigneeconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `MergeRequestAssigneeEdge` + +The edge type for [`MergeRequestAssignee`](#mergerequestassignee). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestassigneeedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="mergerequestassigneeedgenode"></a>`node` | [`MergeRequestAssignee`](#mergerequestassignee) | The item at the end of the edge. | + +#### `MergeRequestConnection` + +The connection type for [`MergeRequest`](#mergerequest). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="mergerequestconnectionedges"></a>`edges` | [`[MergeRequestEdge]`](#mergerequestedge) | A list of edges. | +| <a id="mergerequestconnectionnodes"></a>`nodes` | [`[MergeRequest]`](#mergerequest) | A list of nodes. | +| <a id="mergerequestconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| <a id="mergerequestconnectiontotaltimetomerge"></a>`totalTimeToMerge` | [`Float`](#float) | Total sum of time to merge, in seconds, for the collection of merge requests. | + +#### `MergeRequestDiffRegistryConnection` + +The connection type for [`MergeRequestDiffRegistry`](#mergerequestdiffregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestdiffregistryconnectionedges"></a>`edges` | [`[MergeRequestDiffRegistryEdge]`](#mergerequestdiffregistryedge) | A list of edges. | +| <a id="mergerequestdiffregistryconnectionnodes"></a>`nodes` | [`[MergeRequestDiffRegistry]`](#mergerequestdiffregistry) | A list of nodes. | +| <a id="mergerequestdiffregistryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `MergeRequestDiffRegistryEdge` + +The edge type for [`MergeRequestDiffRegistry`](#mergerequestdiffregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestdiffregistryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="mergerequestdiffregistryedgenode"></a>`node` | [`MergeRequestDiffRegistry`](#mergerequestdiffregistry) | The item at the end of the edge. | + +#### `MergeRequestEdge` + +The edge type for [`MergeRequest`](#mergerequest). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="mergerequestedgenode"></a>`node` | [`MergeRequest`](#mergerequest) | The item at the end of the edge. | + +#### `MergeRequestReviewerConnection` + +The connection type for [`MergeRequestReviewer`](#mergerequestreviewer). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestreviewerconnectionedges"></a>`edges` | [`[MergeRequestReviewerEdge]`](#mergerequestrevieweredge) | A list of edges. | +| <a id="mergerequestreviewerconnectionnodes"></a>`nodes` | [`[MergeRequestReviewer]`](#mergerequestreviewer) | A list of nodes. | +| <a id="mergerequestreviewerconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `MergeRequestReviewerEdge` + +The edge type for [`MergeRequestReviewer`](#mergerequestreviewer). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestrevieweredgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="mergerequestrevieweredgenode"></a>`node` | [`MergeRequestReviewer`](#mergerequestreviewer) | The item at the end of the edge. | + +#### `MetricsDashboardAnnotationConnection` + +The connection type for [`MetricsDashboardAnnotation`](#metricsdashboardannotation). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="metricsdashboardannotationconnectionedges"></a>`edges` | [`[MetricsDashboardAnnotationEdge]`](#metricsdashboardannotationedge) | A list of edges. | +| <a id="metricsdashboardannotationconnectionnodes"></a>`nodes` | [`[MetricsDashboardAnnotation]`](#metricsdashboardannotation) | A list of nodes. | +| <a id="metricsdashboardannotationconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `MetricsDashboardAnnotationEdge` + +The edge type for [`MetricsDashboardAnnotation`](#metricsdashboardannotation). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="metricsdashboardannotationedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="metricsdashboardannotationedgenode"></a>`node` | [`MetricsDashboardAnnotation`](#metricsdashboardannotation) | The item at the end of the edge. | + +#### `MilestoneConnection` + +The connection type for [`Milestone`](#milestone). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="milestoneconnectionedges"></a>`edges` | [`[MilestoneEdge]`](#milestoneedge) | A list of edges. | +| <a id="milestoneconnectionnodes"></a>`nodes` | [`[Milestone]`](#milestone) | A list of nodes. | +| <a id="milestoneconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `MilestoneEdge` + +The edge type for [`Milestone`](#milestone). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="milestoneedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="milestoneedgenode"></a>`node` | [`Milestone`](#milestone) | The item at the end of the edge. | + +#### `NamespaceConnection` + +The connection type for [`Namespace`](#namespace). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="namespaceconnectionedges"></a>`edges` | [`[NamespaceEdge]`](#namespaceedge) | A list of edges. | +| <a id="namespaceconnectionnodes"></a>`nodes` | [`[Namespace]`](#namespace) | A list of nodes. | +| <a id="namespaceconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `NamespaceEdge` + +The edge type for [`Namespace`](#namespace). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="namespaceedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="namespaceedgenode"></a>`node` | [`Namespace`](#namespace) | The item at the end of the edge. | -Autogenerated return type of DeleteAnnotation. +#### `NoteConnection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +The connection type for [`Note`](#note). -### `DeleteDevopsAdoptionSegmentPayload` +##### Fields -Autogenerated return type of DeleteDevopsAdoptionSegment. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="noteconnectionedges"></a>`edges` | [`[NoteEdge]`](#noteedge) | A list of edges. | +| <a id="noteconnectionnodes"></a>`nodes` | [`[Note]`](#note) | A list of nodes. | +| <a id="noteconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `NoteEdge` + +The edge type for [`Note`](#note). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="noteedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="noteedgenode"></a>`node` | [`Note`](#note) | The item at the end of the edge. | + +#### `OncallParticipantTypeConnection` + +The connection type for [`OncallParticipantType`](#oncallparticipanttype). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="oncallparticipanttypeconnectionedges"></a>`edges` | [`[OncallParticipantTypeEdge]`](#oncallparticipanttypeedge) | A list of edges. | +| <a id="oncallparticipanttypeconnectionnodes"></a>`nodes` | [`[OncallParticipantType]`](#oncallparticipanttype) | A list of nodes. | +| <a id="oncallparticipanttypeconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `OncallParticipantTypeEdge` + +The edge type for [`OncallParticipantType`](#oncallparticipanttype). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="oncallparticipanttypeedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="oncallparticipanttypeedgenode"></a>`node` | [`OncallParticipantType`](#oncallparticipanttype) | The item at the end of the edge. | + +#### `PackageConnection` + +The connection type for [`Package`](#package). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packageconnectionedges"></a>`edges` | [`[PackageEdge]`](#packageedge) | A list of edges. | +| <a id="packageconnectionnodes"></a>`nodes` | [`[Package]`](#package) | A list of nodes. | +| <a id="packageconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `PackageEdge` + +The edge type for [`Package`](#package). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packageedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="packageedgenode"></a>`node` | [`Package`](#package) | The item at the end of the edge. | + +#### `PackageFileConnection` + +The connection type for [`PackageFile`](#packagefile). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagefileconnectionedges"></a>`edges` | [`[PackageFileEdge]`](#packagefileedge) | A list of edges. | +| <a id="packagefileconnectionnodes"></a>`nodes` | [`[PackageFile]`](#packagefile) | A list of nodes. | +| <a id="packagefileconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `PackageFileEdge` + +The edge type for [`PackageFile`](#packagefile). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagefileedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="packagefileedgenode"></a>`node` | [`PackageFile`](#packagefile) | The item at the end of the edge. | + +#### `PackageFileRegistryConnection` + +The connection type for [`PackageFileRegistry`](#packagefileregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagefileregistryconnectionedges"></a>`edges` | [`[PackageFileRegistryEdge]`](#packagefileregistryedge) | A list of edges. | +| <a id="packagefileregistryconnectionnodes"></a>`nodes` | [`[PackageFileRegistry]`](#packagefileregistry) | A list of nodes. | +| <a id="packagefileregistryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `PackageFileRegistryEdge` + +The edge type for [`PackageFileRegistry`](#packagefileregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagefileregistryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="packagefileregistryedgenode"></a>`node` | [`PackageFileRegistry`](#packagefileregistry) | The item at the end of the edge. | + +#### `PackageTagConnection` + +The connection type for [`PackageTag`](#packagetag). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagetagconnectionedges"></a>`edges` | [`[PackageTagEdge]`](#packagetagedge) | A list of edges. | +| <a id="packagetagconnectionnodes"></a>`nodes` | [`[PackageTag]`](#packagetag) | A list of nodes. | +| <a id="packagetagconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `PackageTagEdge` + +The edge type for [`PackageTag`](#packagetag). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagetagedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="packagetagedgenode"></a>`node` | [`PackageTag`](#packagetag) | The item at the end of the edge. | + +#### `PathLockConnection` + +The connection type for [`PathLock`](#pathlock). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pathlockconnectionedges"></a>`edges` | [`[PathLockEdge]`](#pathlockedge) | A list of edges. | +| <a id="pathlockconnectionnodes"></a>`nodes` | [`[PathLock]`](#pathlock) | A list of nodes. | +| <a id="pathlockconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `PathLockEdge` + +The edge type for [`PathLock`](#pathlock). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pathlockedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="pathlockedgenode"></a>`node` | [`PathLock`](#pathlock) | The item at the end of the edge. | + +#### `PipelineArtifactRegistryConnection` + +The connection type for [`PipelineArtifactRegistry`](#pipelineartifactregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelineartifactregistryconnectionedges"></a>`edges` | [`[PipelineArtifactRegistryEdge]`](#pipelineartifactregistryedge) | A list of edges. | +| <a id="pipelineartifactregistryconnectionnodes"></a>`nodes` | [`[PipelineArtifactRegistry]`](#pipelineartifactregistry) | A list of nodes. | +| <a id="pipelineartifactregistryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `PipelineArtifactRegistryEdge` + +The edge type for [`PipelineArtifactRegistry`](#pipelineartifactregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelineartifactregistryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="pipelineartifactregistryedgenode"></a>`node` | [`PipelineArtifactRegistry`](#pipelineartifactregistry) | The item at the end of the edge. | + +#### `PipelineConnection` + +The connection type for [`Pipeline`](#pipeline). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelineconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="pipelineconnectionedges"></a>`edges` | [`[PipelineEdge]`](#pipelineedge) | A list of edges. | +| <a id="pipelineconnectionnodes"></a>`nodes` | [`[Pipeline]`](#pipeline) | A list of nodes. | +| <a id="pipelineconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `PipelineEdge` + +The edge type for [`Pipeline`](#pipeline). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelineedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="pipelineedgenode"></a>`node` | [`Pipeline`](#pipeline) | The item at the end of the edge. | + +#### `PipelineSecurityReportFindingConnection` + +The connection type for [`PipelineSecurityReportFinding`](#pipelinesecurityreportfinding). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelinesecurityreportfindingconnectionedges"></a>`edges` | [`[PipelineSecurityReportFindingEdge]`](#pipelinesecurityreportfindingedge) | A list of edges. | +| <a id="pipelinesecurityreportfindingconnectionnodes"></a>`nodes` | [`[PipelineSecurityReportFinding]`](#pipelinesecurityreportfinding) | A list of nodes. | +| <a id="pipelinesecurityreportfindingconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `PipelineSecurityReportFindingEdge` + +The edge type for [`PipelineSecurityReportFinding`](#pipelinesecurityreportfinding). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelinesecurityreportfindingedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="pipelinesecurityreportfindingedgenode"></a>`node` | [`PipelineSecurityReportFinding`](#pipelinesecurityreportfinding) | The item at the end of the edge. | + +#### `ProjectConnection` + +The connection type for [`Project`](#project). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectconnectionedges"></a>`edges` | [`[ProjectEdge]`](#projectedge) | A list of edges. | +| <a id="projectconnectionnodes"></a>`nodes` | [`[Project]`](#project) | A list of nodes. | +| <a id="projectconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `ProjectEdge` + +The edge type for [`Project`](#project). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="projectedgenode"></a>`node` | [`Project`](#project) | The item at the end of the edge. | + +#### `ProjectMemberConnection` + +The connection type for [`ProjectMember`](#projectmember). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectmemberconnectionedges"></a>`edges` | [`[ProjectMemberEdge]`](#projectmemberedge) | A list of edges. | +| <a id="projectmemberconnectionnodes"></a>`nodes` | [`[ProjectMember]`](#projectmember) | A list of nodes. | +| <a id="projectmemberconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `ProjectMemberEdge` + +The edge type for [`ProjectMember`](#projectmember). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectmemberedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="projectmemberedgenode"></a>`node` | [`ProjectMember`](#projectmember) | The item at the end of the edge. | + +#### `ReleaseAssetLinkConnection` + +The connection type for [`ReleaseAssetLink`](#releaseassetlink). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseassetlinkconnectionedges"></a>`edges` | [`[ReleaseAssetLinkEdge]`](#releaseassetlinkedge) | A list of edges. | +| <a id="releaseassetlinkconnectionnodes"></a>`nodes` | [`[ReleaseAssetLink]`](#releaseassetlink) | A list of nodes. | +| <a id="releaseassetlinkconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `ReleaseAssetLinkEdge` + +The edge type for [`ReleaseAssetLink`](#releaseassetlink). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseassetlinkedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="releaseassetlinkedgenode"></a>`node` | [`ReleaseAssetLink`](#releaseassetlink) | The item at the end of the edge. | + +#### `ReleaseConnection` + +The connection type for [`Release`](#release). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="releaseconnectionedges"></a>`edges` | [`[ReleaseEdge]`](#releaseedge) | A list of edges. | +| <a id="releaseconnectionnodes"></a>`nodes` | [`[Release]`](#release) | A list of nodes. | +| <a id="releaseconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### `ReleaseEdge` + +The edge type for [`Release`](#release). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="releaseedgenode"></a>`node` | [`Release`](#release) | The item at the end of the edge. | + +#### `ReleaseEvidenceConnection` + +The connection type for [`ReleaseEvidence`](#releaseevidence). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseevidenceconnectionedges"></a>`edges` | [`[ReleaseEvidenceEdge]`](#releaseevidenceedge) | A list of edges. | +| <a id="releaseevidenceconnectionnodes"></a>`nodes` | [`[ReleaseEvidence]`](#releaseevidence) | A list of nodes. | +| <a id="releaseevidenceconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `ReleaseEvidenceEdge` + +The edge type for [`ReleaseEvidence`](#releaseevidence). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseevidenceedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="releaseevidenceedgenode"></a>`node` | [`ReleaseEvidence`](#releaseevidence) | The item at the end of the edge. | + +#### `ReleaseSourceConnection` + +The connection type for [`ReleaseSource`](#releasesource). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releasesourceconnectionedges"></a>`edges` | [`[ReleaseSourceEdge]`](#releasesourceedge) | A list of edges. | +| <a id="releasesourceconnectionnodes"></a>`nodes` | [`[ReleaseSource]`](#releasesource) | A list of nodes. | +| <a id="releasesourceconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `ReleaseSourceEdge` + +The edge type for [`ReleaseSource`](#releasesource). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releasesourceedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="releasesourceedgenode"></a>`node` | [`ReleaseSource`](#releasesource) | The item at the end of the edge. | + +#### `RepositoryBlobConnection` + +The connection type for [`RepositoryBlob`](#repositoryblob). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="repositoryblobconnectionedges"></a>`edges` | [`[RepositoryBlobEdge]`](#repositoryblobedge) | A list of edges. | +| <a id="repositoryblobconnectionnodes"></a>`nodes` | [`[RepositoryBlob]`](#repositoryblob) | A list of nodes. | +| <a id="repositoryblobconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `RepositoryBlobEdge` + +The edge type for [`RepositoryBlob`](#repositoryblob). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="repositoryblobedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="repositoryblobedgenode"></a>`node` | [`RepositoryBlob`](#repositoryblob) | The item at the end of the edge. | + +#### `RequirementConnection` + +The connection type for [`Requirement`](#requirement). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="requirementconnectionedges"></a>`edges` | [`[RequirementEdge]`](#requirementedge) | A list of edges. | +| <a id="requirementconnectionnodes"></a>`nodes` | [`[Requirement]`](#requirement) | A list of nodes. | +| <a id="requirementconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `RequirementEdge` + +The edge type for [`Requirement`](#requirement). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="requirementedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="requirementedgenode"></a>`node` | [`Requirement`](#requirement) | The item at the end of the edge. | + +#### `RunnerArchitectureConnection` + +The connection type for [`RunnerArchitecture`](#runnerarchitecture). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="runnerarchitectureconnectionedges"></a>`edges` | [`[RunnerArchitectureEdge]`](#runnerarchitectureedge) | A list of edges. | +| <a id="runnerarchitectureconnectionnodes"></a>`nodes` | [`[RunnerArchitecture]`](#runnerarchitecture) | A list of nodes. | +| <a id="runnerarchitectureconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `RunnerArchitectureEdge` + +The edge type for [`RunnerArchitecture`](#runnerarchitecture). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="runnerarchitectureedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="runnerarchitectureedgenode"></a>`node` | [`RunnerArchitecture`](#runnerarchitecture) | The item at the end of the edge. | + +#### `RunnerPlatformConnection` + +The connection type for [`RunnerPlatform`](#runnerplatform). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="runnerplatformconnectionedges"></a>`edges` | [`[RunnerPlatformEdge]`](#runnerplatformedge) | A list of edges. | +| <a id="runnerplatformconnectionnodes"></a>`nodes` | [`[RunnerPlatform]`](#runnerplatform) | A list of nodes. | +| <a id="runnerplatformconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `RunnerPlatformEdge` + +The edge type for [`RunnerPlatform`](#runnerplatform). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="runnerplatformedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="runnerplatformedgenode"></a>`node` | [`RunnerPlatform`](#runnerplatform) | The item at the end of the edge. | + +#### `SastCiConfigurationAnalyzersEntityConnection` + +The connection type for [`SastCiConfigurationAnalyzersEntity`](#sastciconfigurationanalyzersentity). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationanalyzersentityconnectionedges"></a>`edges` | [`[SastCiConfigurationAnalyzersEntityEdge]`](#sastciconfigurationanalyzersentityedge) | A list of edges. | +| <a id="sastciconfigurationanalyzersentityconnectionnodes"></a>`nodes` | [`[SastCiConfigurationAnalyzersEntity]`](#sastciconfigurationanalyzersentity) | A list of nodes. | +| <a id="sastciconfigurationanalyzersentityconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `SastCiConfigurationAnalyzersEntityEdge` + +The edge type for [`SastCiConfigurationAnalyzersEntity`](#sastciconfigurationanalyzersentity). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationanalyzersentityedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="sastciconfigurationanalyzersentityedgenode"></a>`node` | [`SastCiConfigurationAnalyzersEntity`](#sastciconfigurationanalyzersentity) | The item at the end of the edge. | + +#### `SastCiConfigurationEntityConnection` + +The connection type for [`SastCiConfigurationEntity`](#sastciconfigurationentity). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationentityconnectionedges"></a>`edges` | [`[SastCiConfigurationEntityEdge]`](#sastciconfigurationentityedge) | A list of edges. | +| <a id="sastciconfigurationentityconnectionnodes"></a>`nodes` | [`[SastCiConfigurationEntity]`](#sastciconfigurationentity) | A list of nodes. | +| <a id="sastciconfigurationentityconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `SastCiConfigurationEntityEdge` + +The edge type for [`SastCiConfigurationEntity`](#sastciconfigurationentity). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationentityedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="sastciconfigurationentityedgenode"></a>`node` | [`SastCiConfigurationEntity`](#sastciconfigurationentity) | The item at the end of the edge. | + +#### `SastCiConfigurationOptionsEntityConnection` + +The connection type for [`SastCiConfigurationOptionsEntity`](#sastciconfigurationoptionsentity). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationoptionsentityconnectionedges"></a>`edges` | [`[SastCiConfigurationOptionsEntityEdge]`](#sastciconfigurationoptionsentityedge) | A list of edges. | +| <a id="sastciconfigurationoptionsentityconnectionnodes"></a>`nodes` | [`[SastCiConfigurationOptionsEntity]`](#sastciconfigurationoptionsentity) | A list of nodes. | +| <a id="sastciconfigurationoptionsentityconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `SastCiConfigurationOptionsEntityEdge` + +The edge type for [`SastCiConfigurationOptionsEntity`](#sastciconfigurationoptionsentity). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationoptionsentityedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="sastciconfigurationoptionsentityedgenode"></a>`node` | [`SastCiConfigurationOptionsEntity`](#sastciconfigurationoptionsentity) | The item at the end of the edge. | + +#### `ScanConnection` + +The connection type for [`Scan`](#scan). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="scanconnectionedges"></a>`edges` | [`[ScanEdge]`](#scanedge) | A list of edges. | +| <a id="scanconnectionnodes"></a>`nodes` | [`[Scan]`](#scan) | A list of nodes. | +| <a id="scanconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `ScanEdge` + +The edge type for [`Scan`](#scan). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="scanedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="scanedgenode"></a>`node` | [`Scan`](#scan) | The item at the end of the edge. | + +#### `ScannedResourceConnection` + +The connection type for [`ScannedResource`](#scannedresource). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="scannedresourceconnectionedges"></a>`edges` | [`[ScannedResourceEdge]`](#scannedresourceedge) | A list of edges. | +| <a id="scannedresourceconnectionnodes"></a>`nodes` | [`[ScannedResource]`](#scannedresource) | A list of nodes. | +| <a id="scannedresourceconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `ScannedResourceEdge` + +The edge type for [`ScannedResource`](#scannedresource). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="scannedresourceedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="scannedresourceedgenode"></a>`node` | [`ScannedResource`](#scannedresource) | The item at the end of the edge. | + +#### `SentryErrorConnection` + +The connection type for [`SentryError`](#sentryerror). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrorconnectionedges"></a>`edges` | [`[SentryErrorEdge]`](#sentryerroredge) | A list of edges. | +| <a id="sentryerrorconnectionnodes"></a>`nodes` | [`[SentryError]`](#sentryerror) | A list of nodes. | +| <a id="sentryerrorconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `SentryErrorEdge` + +The edge type for [`SentryError`](#sentryerror). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerroredgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="sentryerroredgenode"></a>`node` | [`SentryError`](#sentryerror) | The item at the end of the edge. | + +#### `ServiceConnection` + +The connection type for [`Service`](#service). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="serviceconnectionedges"></a>`edges` | [`[ServiceEdge]`](#serviceedge) | A list of edges. | +| <a id="serviceconnectionnodes"></a>`nodes` | [`[Service]`](#service) | A list of nodes. | +| <a id="serviceconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `ServiceEdge` + +The edge type for [`Service`](#service). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="serviceedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="serviceedgenode"></a>`node` | [`Service`](#service) | The item at the end of the edge. | + +#### `SnippetBlobConnection` + +The connection type for [`SnippetBlob`](#snippetblob). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetblobconnectionedges"></a>`edges` | [`[SnippetBlobEdge]`](#snippetblobedge) | A list of edges. | +| <a id="snippetblobconnectionnodes"></a>`nodes` | [`[SnippetBlob]`](#snippetblob) | A list of nodes. | +| <a id="snippetblobconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `SnippetBlobEdge` + +The edge type for [`SnippetBlob`](#snippetblob). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetblobedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="snippetblobedgenode"></a>`node` | [`SnippetBlob`](#snippetblob) | The item at the end of the edge. | + +#### `SnippetConnection` + +The connection type for [`Snippet`](#snippet). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetconnectionedges"></a>`edges` | [`[SnippetEdge]`](#snippetedge) | A list of edges. | +| <a id="snippetconnectionnodes"></a>`nodes` | [`[Snippet]`](#snippet) | A list of nodes. | +| <a id="snippetconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `SnippetEdge` + +The edge type for [`Snippet`](#snippet). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="snippetedgenode"></a>`node` | [`Snippet`](#snippet) | The item at the end of the edge. | + +#### `SnippetRepositoryRegistryConnection` + +The connection type for [`SnippetRepositoryRegistry`](#snippetrepositoryregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetrepositoryregistryconnectionedges"></a>`edges` | [`[SnippetRepositoryRegistryEdge]`](#snippetrepositoryregistryedge) | A list of edges. | +| <a id="snippetrepositoryregistryconnectionnodes"></a>`nodes` | [`[SnippetRepositoryRegistry]`](#snippetrepositoryregistry) | A list of nodes. | +| <a id="snippetrepositoryregistryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `SnippetRepositoryRegistryEdge` + +The edge type for [`SnippetRepositoryRegistry`](#snippetrepositoryregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetrepositoryregistryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="snippetrepositoryregistryedgenode"></a>`node` | [`SnippetRepositoryRegistry`](#snippetrepositoryregistry) | The item at the end of the edge. | + +#### `SubmoduleConnection` + +The connection type for [`Submodule`](#submodule). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="submoduleconnectionedges"></a>`edges` | [`[SubmoduleEdge]`](#submoduleedge) | A list of edges. | +| <a id="submoduleconnectionnodes"></a>`nodes` | [`[Submodule]`](#submodule) | A list of nodes. | +| <a id="submoduleconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `SubmoduleEdge` + +The edge type for [`Submodule`](#submodule). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="submoduleedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="submoduleedgenode"></a>`node` | [`Submodule`](#submodule) | The item at the end of the edge. | + +#### `TerraformStateConnection` + +The connection type for [`TerraformState`](#terraformstate). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="terraformstateconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="terraformstateconnectionedges"></a>`edges` | [`[TerraformStateEdge]`](#terraformstateedge) | A list of edges. | +| <a id="terraformstateconnectionnodes"></a>`nodes` | [`[TerraformState]`](#terraformstate) | A list of nodes. | +| <a id="terraformstateconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `TerraformStateEdge` + +The edge type for [`TerraformState`](#terraformstate). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="terraformstateedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="terraformstateedgenode"></a>`node` | [`TerraformState`](#terraformstate) | The item at the end of the edge. | + +#### `TerraformStateVersionRegistryConnection` + +The connection type for [`TerraformStateVersionRegistry`](#terraformstateversionregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="terraformstateversionregistryconnectionedges"></a>`edges` | [`[TerraformStateVersionRegistryEdge]`](#terraformstateversionregistryedge) | A list of edges. | +| <a id="terraformstateversionregistryconnectionnodes"></a>`nodes` | [`[TerraformStateVersionRegistry]`](#terraformstateversionregistry) | A list of nodes. | +| <a id="terraformstateversionregistryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `TerraformStateVersionRegistryEdge` + +The edge type for [`TerraformStateVersionRegistry`](#terraformstateversionregistry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="terraformstateversionregistryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="terraformstateversionregistryedgenode"></a>`node` | [`TerraformStateVersionRegistry`](#terraformstateversionregistry) | The item at the end of the edge. | + +#### `TestCaseConnection` + +The connection type for [`TestCase`](#testcase). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testcaseconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="testcaseconnectionedges"></a>`edges` | [`[TestCaseEdge]`](#testcaseedge) | A list of edges. | +| <a id="testcaseconnectionnodes"></a>`nodes` | [`[TestCase]`](#testcase) | A list of nodes. | +| <a id="testcaseconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `TestCaseEdge` + +The edge type for [`TestCase`](#testcase). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testcaseedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="testcaseedgenode"></a>`node` | [`TestCase`](#testcase) | The item at the end of the edge. | + +#### `TestReportConnection` + +The connection type for [`TestReport`](#testreport). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testreportconnectionedges"></a>`edges` | [`[TestReportEdge]`](#testreportedge) | A list of edges. | +| <a id="testreportconnectionnodes"></a>`nodes` | [`[TestReport]`](#testreport) | A list of nodes. | +| <a id="testreportconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `TestReportEdge` + +The edge type for [`TestReport`](#testreport). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testreportedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="testreportedgenode"></a>`node` | [`TestReport`](#testreport) | The item at the end of the edge. | + +#### `TestSuiteSummaryConnection` + +The connection type for [`TestSuiteSummary`](#testsuitesummary). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testsuitesummaryconnectioncount"></a>`count` | [`Int!`](#int) | Total count of collection. | +| <a id="testsuitesummaryconnectionedges"></a>`edges` | [`[TestSuiteSummaryEdge]`](#testsuitesummaryedge) | A list of edges. | +| <a id="testsuitesummaryconnectionnodes"></a>`nodes` | [`[TestSuiteSummary]`](#testsuitesummary) | A list of nodes. | +| <a id="testsuitesummaryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `TestSuiteSummaryEdge` + +The edge type for [`TestSuiteSummary`](#testsuitesummary). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testsuitesummaryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="testsuitesummaryedgenode"></a>`node` | [`TestSuiteSummary`](#testsuitesummary) | The item at the end of the edge. | + +#### `TimelogConnection` + +The connection type for [`Timelog`](#timelog). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="timelogconnectionedges"></a>`edges` | [`[TimelogEdge]`](#timelogedge) | A list of edges. | +| <a id="timelogconnectionnodes"></a>`nodes` | [`[Timelog]`](#timelog) | A list of nodes. | +| <a id="timelogconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `TimelogEdge` + +The edge type for [`Timelog`](#timelog). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="timelogedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="timelogedgenode"></a>`node` | [`Timelog`](#timelog) | The item at the end of the edge. | + +#### `TodoConnection` + +The connection type for [`Todo`](#todo). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="todoconnectionedges"></a>`edges` | [`[TodoEdge]`](#todoedge) | A list of edges. | +| <a id="todoconnectionnodes"></a>`nodes` | [`[Todo]`](#todo) | A list of nodes. | +| <a id="todoconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `TodoEdge` + +The edge type for [`Todo`](#todo). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="todoedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="todoedgenode"></a>`node` | [`Todo`](#todo) | The item at the end of the edge. | + +#### `TreeEntryConnection` + +The connection type for [`TreeEntry`](#treeentry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="treeentryconnectionedges"></a>`edges` | [`[TreeEntryEdge]`](#treeentryedge) | A list of edges. | +| <a id="treeentryconnectionnodes"></a>`nodes` | [`[TreeEntry]`](#treeentry) | A list of nodes. | +| <a id="treeentryconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `TreeEntryEdge` + +The edge type for [`TreeEntry`](#treeentry). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="treeentryedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="treeentryedgenode"></a>`node` | [`TreeEntry`](#treeentry) | The item at the end of the edge. | + +#### `UsageTrendsMeasurementConnection` + +The connection type for [`UsageTrendsMeasurement`](#usagetrendsmeasurement). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usagetrendsmeasurementconnectionedges"></a>`edges` | [`[UsageTrendsMeasurementEdge]`](#usagetrendsmeasurementedge) | A list of edges. | +| <a id="usagetrendsmeasurementconnectionnodes"></a>`nodes` | [`[UsageTrendsMeasurement]`](#usagetrendsmeasurement) | A list of nodes. | +| <a id="usagetrendsmeasurementconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `UsageTrendsMeasurementEdge` + +The edge type for [`UsageTrendsMeasurement`](#usagetrendsmeasurement). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usagetrendsmeasurementedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="usagetrendsmeasurementedgenode"></a>`node` | [`UsageTrendsMeasurement`](#usagetrendsmeasurement) | The item at the end of the edge. | + +#### `UserCalloutConnection` + +The connection type for [`UserCallout`](#usercallout). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercalloutconnectionedges"></a>`edges` | [`[UserCalloutEdge]`](#usercalloutedge) | A list of edges. | +| <a id="usercalloutconnectionnodes"></a>`nodes` | [`[UserCallout]`](#usercallout) | A list of nodes. | +| <a id="usercalloutconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `UserCalloutEdge` + +The edge type for [`UserCallout`](#usercallout). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercalloutedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="usercalloutedgenode"></a>`node` | [`UserCallout`](#usercallout) | The item at the end of the edge. | + +#### `UserCoreConnection` + +The connection type for [`UserCore`](#usercore). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercoreconnectionedges"></a>`edges` | [`[UserCoreEdge]`](#usercoreedge) | A list of edges. | +| <a id="usercoreconnectionnodes"></a>`nodes` | [`[UserCore]`](#usercore) | A list of nodes. | +| <a id="usercoreconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `UserCoreEdge` + +The edge type for [`UserCore`](#usercore). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercoreedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="usercoreedgenode"></a>`node` | [`UserCore`](#usercore) | The item at the end of the edge. | + +#### `VulnerabilitiesCountByDayAndSeverityConnection` + +The connection type for [`VulnerabilitiesCountByDayAndSeverity`](#vulnerabilitiescountbydayandseverity). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitiescountbydayandseverityconnectionedges"></a>`edges` | [`[VulnerabilitiesCountByDayAndSeverityEdge]`](#vulnerabilitiescountbydayandseverityedge) | A list of edges. | +| <a id="vulnerabilitiescountbydayandseverityconnectionnodes"></a>`nodes` | [`[VulnerabilitiesCountByDayAndSeverity]`](#vulnerabilitiescountbydayandseverity) | A list of nodes. | +| <a id="vulnerabilitiescountbydayandseverityconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `VulnerabilitiesCountByDayAndSeverityEdge` + +The edge type for [`VulnerabilitiesCountByDayAndSeverity`](#vulnerabilitiescountbydayandseverity). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitiescountbydayandseverityedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="vulnerabilitiescountbydayandseverityedgenode"></a>`node` | [`VulnerabilitiesCountByDayAndSeverity`](#vulnerabilitiescountbydayandseverity) | The item at the end of the edge. | + +#### `VulnerabilitiesCountByDayConnection` + +The connection type for [`VulnerabilitiesCountByDay`](#vulnerabilitiescountbyday). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitiescountbydayconnectionedges"></a>`edges` | [`[VulnerabilitiesCountByDayEdge]`](#vulnerabilitiescountbydayedge) | A list of edges. | +| <a id="vulnerabilitiescountbydayconnectionnodes"></a>`nodes` | [`[VulnerabilitiesCountByDay]`](#vulnerabilitiescountbyday) | A list of nodes. | +| <a id="vulnerabilitiescountbydayconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `VulnerabilitiesCountByDayEdge` + +The edge type for [`VulnerabilitiesCountByDay`](#vulnerabilitiescountbyday). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitiescountbydayedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="vulnerabilitiescountbydayedgenode"></a>`node` | [`VulnerabilitiesCountByDay`](#vulnerabilitiescountbyday) | The item at the end of the edge. | + +#### `VulnerabilityConnection` + +The connection type for [`Vulnerability`](#vulnerability). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityconnectionedges"></a>`edges` | [`[VulnerabilityEdge]`](#vulnerabilityedge) | A list of edges. | +| <a id="vulnerabilityconnectionnodes"></a>`nodes` | [`[Vulnerability]`](#vulnerability) | A list of nodes. | +| <a id="vulnerabilityconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `VulnerabilityEdge` + +The edge type for [`Vulnerability`](#vulnerability). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="vulnerabilityedgenode"></a>`node` | [`Vulnerability`](#vulnerability) | The item at the end of the edge. | + +#### `VulnerabilityExternalIssueLinkConnection` + +The connection type for [`VulnerabilityExternalIssueLink`](#vulnerabilityexternalissuelink). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityexternalissuelinkconnectionedges"></a>`edges` | [`[VulnerabilityExternalIssueLinkEdge]`](#vulnerabilityexternalissuelinkedge) | A list of edges. | +| <a id="vulnerabilityexternalissuelinkconnectionnodes"></a>`nodes` | [`[VulnerabilityExternalIssueLink]`](#vulnerabilityexternalissuelink) | A list of nodes. | +| <a id="vulnerabilityexternalissuelinkconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `VulnerabilityExternalIssueLinkEdge` + +The edge type for [`VulnerabilityExternalIssueLink`](#vulnerabilityexternalissuelink). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityexternalissuelinkedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="vulnerabilityexternalissuelinkedgenode"></a>`node` | [`VulnerabilityExternalIssueLink`](#vulnerabilityexternalissuelink) | The item at the end of the edge. | + +#### `VulnerabilityIssueLinkConnection` + +The connection type for [`VulnerabilityIssueLink`](#vulnerabilityissuelink). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityissuelinkconnectionedges"></a>`edges` | [`[VulnerabilityIssueLinkEdge]`](#vulnerabilityissuelinkedge) | A list of edges. | +| <a id="vulnerabilityissuelinkconnectionnodes"></a>`nodes` | [`[VulnerabilityIssueLink]`](#vulnerabilityissuelink) | A list of nodes. | +| <a id="vulnerabilityissuelinkconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `VulnerabilityIssueLinkEdge` + +The edge type for [`VulnerabilityIssueLink`](#vulnerabilityissuelink). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityissuelinkedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="vulnerabilityissuelinkedgenode"></a>`node` | [`VulnerabilityIssueLink`](#vulnerabilityissuelink) | The item at the end of the edge. | + +#### `VulnerabilityScannerConnection` + +The connection type for [`VulnerabilityScanner`](#vulnerabilityscanner). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityscannerconnectionedges"></a>`edges` | [`[VulnerabilityScannerEdge]`](#vulnerabilityscanneredge) | A list of edges. | +| <a id="vulnerabilityscannerconnectionnodes"></a>`nodes` | [`[VulnerabilityScanner]`](#vulnerabilityscanner) | A list of nodes. | +| <a id="vulnerabilityscannerconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `VulnerabilityScannerEdge` + +The edge type for [`VulnerabilityScanner`](#vulnerabilityscanner). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityscanneredgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. | +| <a id="vulnerabilityscanneredgenode"></a>`node` | [`VulnerabilityScanner`](#vulnerabilityscanner) | The item at the end of the edge. | + +## Object types + +Object types represent the resources that the GitLab GraphQL API can return. +They contain _fields_. Each field has its own type, which will either be one of the +basic GraphQL [scalar types](https://graphql.org/learn/schema/#scalar-types) +(e.g.: `String` or `Boolean`) or other object types. Fields may have arguments. +Fields with arguments are exactly like top-level queries, and are listed beneath +the table of fields for each object type. + +For more information, see +[Object Types and Fields](https://graphql.org/learn/schema/#object-types-and-fields) +on `graphql.org`. + +### `AccessLevel` + +Represents the access level of a relationship between a User and object that it is related to. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="accesslevelintegervalue"></a>`integerValue` | [`Int`](#int) | Integer representation of access level. | +| <a id="accesslevelstringvalue"></a>`stringValue` | [`AccessLevelEnum`](#accesslevelenum) | String representation of access level. | + +### `AlertManagementAlert` + +Describes an alert from the project's Alert Management. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementalertassignees"></a>`assignees` | [`UserCoreConnection`](#usercoreconnection) | Assignees of the alert. (see [Connections](#connections)) | +| <a id="alertmanagementalertcreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp the alert was created. | +| <a id="alertmanagementalertdescription"></a>`description` | [`String`](#string) | Description of the alert. | +| <a id="alertmanagementalertdetails"></a>`details` | [`JSON`](#json) | Alert details. | +| <a id="alertmanagementalertdetailsurl"></a>`detailsUrl` | [`String!`](#string) | The URL of the alert detail page. | +| <a id="alertmanagementalertdiscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="alertmanagementalertendedat"></a>`endedAt` | [`Time`](#time) | Timestamp the alert ended. | +| <a id="alertmanagementalertenvironment"></a>`environment` | [`Environment`](#environment) | Environment for the alert. | +| <a id="alertmanagementalerteventcount"></a>`eventCount` | [`Int`](#int) | Number of events of this alert. | +| <a id="alertmanagementalerthosts"></a>`hosts` | [`[String!]`](#string) | List of hosts the alert came from. | +| <a id="alertmanagementalertiid"></a>`iid` | [`ID!`](#id) | Internal ID of the alert. | +| <a id="alertmanagementalertissue"></a>`issue` | [`Issue`](#issue) | Issue attached to the alert. | +| <a id="alertmanagementalertissueiid"></a>`issueIid` **{warning-solid}** | [`ID`](#id) | **Deprecated** in 13.10. Use issue field. | +| <a id="alertmanagementalertmetricsdashboardurl"></a>`metricsDashboardUrl` | [`String`](#string) | URL for metrics embed for the alert. | +| <a id="alertmanagementalertmonitoringtool"></a>`monitoringTool` | [`String`](#string) | Monitoring tool the alert came from. | +| <a id="alertmanagementalertnotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | +| <a id="alertmanagementalertprometheusalert"></a>`prometheusAlert` | [`PrometheusAlert`](#prometheusalert) | The alert condition for Prometheus. | +| <a id="alertmanagementalertrunbook"></a>`runbook` | [`String`](#string) | Runbook for the alert as defined in alert details. | +| <a id="alertmanagementalertservice"></a>`service` | [`String`](#string) | Service the alert came from. | +| <a id="alertmanagementalertseverity"></a>`severity` | [`AlertManagementSeverity`](#alertmanagementseverity) | Severity of the alert. | +| <a id="alertmanagementalertstartedat"></a>`startedAt` | [`Time`](#time) | Timestamp the alert was raised. | +| <a id="alertmanagementalertstatus"></a>`status` | [`AlertManagementStatus`](#alertmanagementstatus) | Status of the alert. | +| <a id="alertmanagementalerttitle"></a>`title` | [`String`](#string) | Title of the alert. | +| <a id="alertmanagementalertupdatedat"></a>`updatedAt` | [`Time`](#time) | Timestamp the alert was last updated. | + +#### Fields with arguments + +##### `AlertManagementAlert.todos` + +To-do items of the current user for the alert. + +Returns [`TodoConnection`](#todoconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementalerttodosaction"></a>`action` | [`[TodoActionEnum!]`](#todoactionenum) | The action to be filtered. | +| <a id="alertmanagementalerttodosauthorid"></a>`authorId` | [`[ID!]`](#id) | The ID of an author. | +| <a id="alertmanagementalerttodosgroupid"></a>`groupId` | [`[ID!]`](#id) | The ID of a group. | +| <a id="alertmanagementalerttodosprojectid"></a>`projectId` | [`[ID!]`](#id) | The ID of a project. | +| <a id="alertmanagementalerttodosstate"></a>`state` | [`[TodoStateEnum!]`](#todostateenum) | The state of the todo. | +| <a id="alertmanagementalerttodostype"></a>`type` | [`[TodoTargetEnum!]`](#todotargetenum) | The type of the todo. | + +### `AlertManagementAlertStatusCountsType` + +Represents total number of alerts for the represented categories. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementalertstatuscountstypeacknowledged"></a>`acknowledged` | [`Int`](#int) | Number of alerts with status ACKNOWLEDGED for the project. | +| <a id="alertmanagementalertstatuscountstypeall"></a>`all` | [`Int`](#int) | Total number of alerts for the project. | +| <a id="alertmanagementalertstatuscountstypeignored"></a>`ignored` | [`Int`](#int) | Number of alerts with status IGNORED for the project. | +| <a id="alertmanagementalertstatuscountstypeopen"></a>`open` | [`Int`](#int) | Number of alerts with status TRIGGERED or ACKNOWLEDGED for the project. | +| <a id="alertmanagementalertstatuscountstyperesolved"></a>`resolved` | [`Int`](#int) | Number of alerts with status RESOLVED for the project. | +| <a id="alertmanagementalertstatuscountstypetriggered"></a>`triggered` | [`Int`](#int) | Number of alerts with status TRIGGERED for the project. | + +### `AlertManagementHttpIntegration` + +An endpoint and credentials used to accept alerts for a project. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementhttpintegrationactive"></a>`active` | [`Boolean`](#boolean) | Whether the endpoint is currently accepting alerts. | +| <a id="alertmanagementhttpintegrationapiurl"></a>`apiUrl` | [`String`](#string) | URL at which Prometheus metrics can be queried to populate the metrics dashboard. | +| <a id="alertmanagementhttpintegrationid"></a>`id` | [`ID!`](#id) | ID of the integration. | +| <a id="alertmanagementhttpintegrationname"></a>`name` | [`String`](#string) | Name of the integration. | +| <a id="alertmanagementhttpintegrationpayloadalertfields"></a>`payloadAlertFields` | [`[AlertManagementPayloadAlertField!]`](#alertmanagementpayloadalertfield) | Extract alert fields from payload example for custom mapping. | +| <a id="alertmanagementhttpintegrationpayloadattributemappings"></a>`payloadAttributeMappings` | [`[AlertManagementPayloadAlertMappingField!]`](#alertmanagementpayloadalertmappingfield) | The custom mapping of GitLab alert attributes to fields from the payload_example. | +| <a id="alertmanagementhttpintegrationpayloadexample"></a>`payloadExample` | [`JsonString`](#jsonstring) | The example of an alert payload. | +| <a id="alertmanagementhttpintegrationtoken"></a>`token` | [`String`](#string) | Token used to authenticate alert notification requests. | +| <a id="alertmanagementhttpintegrationtype"></a>`type` | [`AlertManagementIntegrationType!`](#alertmanagementintegrationtype) | Type of integration. | +| <a id="alertmanagementhttpintegrationurl"></a>`url` | [`String`](#string) | Endpoint which accepts alert notifications. | + +### `AlertManagementPayloadAlertField` + +Parsed field from an alert used for custom mappings. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementpayloadalertfieldlabel"></a>`label` | [`String`](#string) | Human-readable label of the payload path. | +| <a id="alertmanagementpayloadalertfieldpath"></a>`path` | [`[PayloadAlertFieldPathSegment!]`](#payloadalertfieldpathsegment) | Path to value inside payload JSON. | +| <a id="alertmanagementpayloadalertfieldtype"></a>`type` | [`AlertManagementPayloadAlertFieldType`](#alertmanagementpayloadalertfieldtype) | Type of the parsed value. | + +### `AlertManagementPayloadAlertMappingField` + +Parsed field (with its name) from an alert used for custom mappings. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementpayloadalertmappingfieldfieldname"></a>`fieldName` | [`AlertManagementPayloadAlertFieldName`](#alertmanagementpayloadalertfieldname) | A GitLab alert field name. | +| <a id="alertmanagementpayloadalertmappingfieldlabel"></a>`label` | [`String`](#string) | Human-readable label of the payload path. | +| <a id="alertmanagementpayloadalertmappingfieldpath"></a>`path` | [`[PayloadAlertFieldPathSegment!]`](#payloadalertfieldpathsegment) | Path to value inside payload JSON. | +| <a id="alertmanagementpayloadalertmappingfieldtype"></a>`type` | [`AlertManagementPayloadAlertFieldType`](#alertmanagementpayloadalertfieldtype) | Type of the parsed value. | + +### `AlertManagementPrometheusIntegration` + +An endpoint and credentials used to accept Prometheus alerts for a project. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementprometheusintegrationactive"></a>`active` | [`Boolean`](#boolean) | Whether the endpoint is currently accepting alerts. | +| <a id="alertmanagementprometheusintegrationapiurl"></a>`apiUrl` | [`String`](#string) | URL at which Prometheus metrics can be queried to populate the metrics dashboard. | +| <a id="alertmanagementprometheusintegrationid"></a>`id` | [`ID!`](#id) | ID of the integration. | +| <a id="alertmanagementprometheusintegrationname"></a>`name` | [`String`](#string) | Name of the integration. | +| <a id="alertmanagementprometheusintegrationtoken"></a>`token` | [`String`](#string) | Token used to authenticate alert notification requests. | +| <a id="alertmanagementprometheusintegrationtype"></a>`type` | [`AlertManagementIntegrationType!`](#alertmanagementintegrationtype) | Type of integration. | +| <a id="alertmanagementprometheusintegrationurl"></a>`url` | [`String`](#string) | Endpoint which accepts alert notifications. | + +### `ApiFuzzingCiConfiguration` + +Data associated with configuring API fuzzing scans in GitLab CI. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="apifuzzingciconfigurationscanmodes"></a>`scanModes` | [`[ApiFuzzingScanMode!]`](#apifuzzingscanmode) | All available scan modes. | +| <a id="apifuzzingciconfigurationscanprofiles"></a>`scanProfiles` | [`[ApiFuzzingScanProfile!]`](#apifuzzingscanprofile) | All default scan profiles. | + +### `ApiFuzzingScanProfile` + +An API Fuzzing scan profile. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="apifuzzingscanprofiledescription"></a>`description` | [`String`](#string) | A short description of the profile. | +| <a id="apifuzzingscanprofilename"></a>`name` | [`String`](#string) | The unique name of the profile. | +| <a id="apifuzzingscanprofileyaml"></a>`yaml` | [`String`](#string) | A syntax highlit HTML representation of the YAML. | + +### `ApprovalRule` + +Describes a rule for who can approve merge requests. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="approvalruleid"></a>`id` | [`GlobalID!`](#globalid) | ID of the rule. | +| <a id="approvalrulename"></a>`name` | [`String`](#string) | Name of the rule. | +| <a id="approvalruletype"></a>`type` | [`ApprovalRuleType`](#approvalruletype) | Type of the rule. | + +### `AwardEmoji` + +An emoji awarded by a user. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="awardemojidescription"></a>`description` | [`String!`](#string) | The emoji description. | +| <a id="awardemojiemoji"></a>`emoji` | [`String!`](#string) | The emoji as an icon. | +| <a id="awardemojiname"></a>`name` | [`String!`](#string) | The emoji name. | +| <a id="awardemojiunicode"></a>`unicode` | [`String!`](#string) | The emoji in Unicode. | +| <a id="awardemojiunicodeversion"></a>`unicodeVersion` | [`String!`](#string) | The Unicode version for this emoji. | +| <a id="awardemojiuser"></a>`user` | [`UserCore!`](#usercore) | The user who awarded the emoji. | + +### `BaseService` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="baseserviceactive"></a>`active` | [`Boolean`](#boolean) | Indicates if the service is active. | +| <a id="baseservicetype"></a>`type` | [`String`](#string) | Class name of the service. | + +### `Blob` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="blobflatpath"></a>`flatPath` | [`String!`](#string) | Flat path of the entry. | +| <a id="blobid"></a>`id` | [`ID!`](#id) | ID of the entry. | +| <a id="bloblfsoid"></a>`lfsOid` | [`String`](#string) | LFS ID of the blob. | +| <a id="blobmode"></a>`mode` | [`String`](#string) | Blob mode in numeric format. | +| <a id="blobname"></a>`name` | [`String!`](#string) | Name of the entry. | +| <a id="blobpath"></a>`path` | [`String!`](#string) | Path of the entry. | +| <a id="blobsha"></a>`sha` | [`String!`](#string) | Last commit SHA for the entry. | +| <a id="blobtype"></a>`type` | [`EntryType!`](#entrytype) | Type of tree entry. | +| <a id="blobwebpath"></a>`webPath` | [`String`](#string) | Web path of the blob. | +| <a id="blobweburl"></a>`webUrl` | [`String`](#string) | Web URL of the blob. | + +### `BlobViewer` + +Represents how the blob content should be displayed. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="blobviewercollapsed"></a>`collapsed` | [`Boolean!`](#boolean) | Shows whether the blob should be displayed collapsed. | +| <a id="blobviewerfiletype"></a>`fileType` | [`String!`](#string) | Content file type. | +| <a id="blobviewerloadasync"></a>`loadAsync` | [`Boolean!`](#boolean) | Shows whether the blob content is loaded asynchronously. | +| <a id="blobviewerloadingpartialname"></a>`loadingPartialName` | [`String!`](#string) | Loading partial name. | +| <a id="blobviewerrendererror"></a>`renderError` | [`String`](#string) | Error rendering the blob content. | +| <a id="blobviewertoolarge"></a>`tooLarge` | [`Boolean!`](#boolean) | Shows whether the blob is too large to be displayed. | +| <a id="blobviewertype"></a>`type` | [`BlobViewersType!`](#blobviewerstype) | Type of blob viewer. | + +### `Board` + +Represents a project or group issue board. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardassignee"></a>`assignee` | [`UserCore`](#usercore) | The board assignee. | +| <a id="boardcreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of when the board was created. | +| <a id="boardhidebackloglist"></a>`hideBacklogList` | [`Boolean`](#boolean) | Whether or not backlog list is hidden. | +| <a id="boardhideclosedlist"></a>`hideClosedList` | [`Boolean`](#boolean) | Whether or not closed list is hidden. | +| <a id="boardid"></a>`id` | [`ID!`](#id) | ID (global ID) of the board. | +| <a id="boarditeration"></a>`iteration` | [`Iteration`](#iteration) | The board iteration. | +| <a id="boardlabels"></a>`labels` | [`LabelConnection`](#labelconnection) | Labels of the board. (see [Connections](#connections)) | +| <a id="boardmilestone"></a>`milestone` | [`Milestone`](#milestone) | The board milestone. | +| <a id="boardname"></a>`name` | [`String`](#string) | Name of the board. | +| <a id="boardupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of when the board was last updated. | +| <a id="boardwebpath"></a>`webPath` | [`String!`](#string) | Web path of the board. | +| <a id="boardweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the board. | +| <a id="boardweight"></a>`weight` | [`Int`](#int) | Weight of the board. | + +#### Fields with arguments + +##### `Board.epics` + +Epics associated with board issues. + +Returns [`BoardEpicConnection`](#boardepicconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardepicsissuefilters"></a>`issueFilters` | [`BoardIssueInput`](#boardissueinput) | Filters applied when selecting issues on the board. | + +##### `Board.lists` + +Lists of the board. + +Returns [`BoardListConnection`](#boardlistconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardlistsid"></a>`id` | [`ListID`](#listid) | Find a list by its global ID. | +| <a id="boardlistsissuefilters"></a>`issueFilters` | [`BoardIssueInput`](#boardissueinput) | Filters applied when getting issue metadata in the board list. | + +### `BoardEpic` + +Represents an epic on an issue board. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardepicauthor"></a>`author` | [`UserCore!`](#usercore) | Author of the epic. | +| <a id="boardepicawardemoji"></a>`awardEmoji` | [`AwardEmojiConnection`](#awardemojiconnection) | A list of award emojis associated with the epic. (see [Connections](#connections)) | +| <a id="boardepicclosedat"></a>`closedAt` | [`Time`](#time) | Timestamp of when the epic was closed. | +| <a id="boardepicconfidential"></a>`confidential` | [`Boolean`](#boolean) | Indicates if the epic is confidential. | +| <a id="boardepiccreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp of when the epic was created. | +| <a id="boardepicdescendantcounts"></a>`descendantCounts` | [`EpicDescendantCount`](#epicdescendantcount) | Number of open and closed descendant epics and issues. | +| <a id="boardepicdescendantweightsum"></a>`descendantWeightSum` | [`EpicDescendantWeights`](#epicdescendantweights) | Total weight of open and closed issues in the epic and its descendants. | +| <a id="boardepicdescription"></a>`description` | [`String`](#string) | Description of the epic. | +| <a id="boardepicdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="boardepicdiscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="boardepicdownvotes"></a>`downvotes` | [`Int!`](#int) | Number of downvotes the epic has received. | +| <a id="boardepicduedate"></a>`dueDate` | [`Time`](#time) | Due date of the epic. | +| <a id="boardepicduedatefixed"></a>`dueDateFixed` | [`Time`](#time) | Fixed due date of the epic. | +| <a id="boardepicduedatefrommilestones"></a>`dueDateFromMilestones` | [`Time`](#time) | Inherited due date of the epic from milestones. | +| <a id="boardepicduedateisfixed"></a>`dueDateIsFixed` | [`Boolean`](#boolean) | Indicates if the due date has been manually set. | +| <a id="boardepicevents"></a>`events` | [`EventConnection`](#eventconnection) | A list of events associated with the object. (see [Connections](#connections)) | +| <a id="boardepicgroup"></a>`group` | [`Group!`](#group) | Group to which the epic belongs. | +| <a id="boardepichaschildren"></a>`hasChildren` | [`Boolean!`](#boolean) | Indicates if the epic has children. | +| <a id="boardepichasissues"></a>`hasIssues` | [`Boolean!`](#boolean) | Indicates if the epic has direct issues. | +| <a id="boardepichasparent"></a>`hasParent` | [`Boolean!`](#boolean) | Indicates if the epic has a parent epic. | +| <a id="boardepichealthstatus"></a>`healthStatus` | [`EpicHealthStatus`](#epichealthstatus) | Current health status of the epic. | +| <a id="boardepicid"></a>`id` | [`ID!`](#id) | ID of the epic. | +| <a id="boardepiciid"></a>`iid` | [`ID!`](#id) | Internal ID of the epic. | +| <a id="boardepicissues"></a>`issues` | [`EpicIssueConnection`](#epicissueconnection) | A list of issues associated with the epic. (see [Connections](#connections)) | +| <a id="boardepiclabels"></a>`labels` | [`LabelConnection`](#labelconnection) | Labels assigned to the epic. (see [Connections](#connections)) | +| <a id="boardepicnotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | +| <a id="boardepicparent"></a>`parent` | [`Epic`](#epic) | Parent epic of the epic. | +| <a id="boardepicparticipants"></a>`participants` | [`UserCoreConnection`](#usercoreconnection) | List of participants for the epic. (see [Connections](#connections)) | +| <a id="boardepicrelationpath"></a>`relationPath` | [`String`](#string) | URI path of the epic-issue relationship. | +| <a id="boardepicrelativeposition"></a>`relativePosition` | [`Int`](#int) | The relative position of the epic in the epic tree. | +| <a id="boardepicstartdate"></a>`startDate` | [`Time`](#time) | Start date of the epic. | +| <a id="boardepicstartdatefixed"></a>`startDateFixed` | [`Time`](#time) | Fixed start date of the epic. | +| <a id="boardepicstartdatefrommilestones"></a>`startDateFromMilestones` | [`Time`](#time) | Inherited start date of the epic from milestones. | +| <a id="boardepicstartdateisfixed"></a>`startDateIsFixed` | [`Boolean`](#boolean) | Indicates if the start date has been manually set. | +| <a id="boardepicstate"></a>`state` | [`EpicState!`](#epicstate) | State of the epic. | +| <a id="boardepicsubscribed"></a>`subscribed` | [`Boolean!`](#boolean) | Indicates the currently logged in user is subscribed to the epic. | +| <a id="boardepictitle"></a>`title` | [`String`](#string) | Title of the epic. | +| <a id="boardepictitlehtml"></a>`titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | +| <a id="boardepicupdatedat"></a>`updatedAt` | [`Time`](#time) | Timestamp of when the epic was updated. | +| <a id="boardepicupvotes"></a>`upvotes` | [`Int!`](#int) | Number of upvotes the epic has received. | +| <a id="boardepicuserdiscussionscount"></a>`userDiscussionsCount` | [`Int!`](#int) | Number of user discussions in the epic. | +| <a id="boardepicusernotescount"></a>`userNotesCount` | [`Int!`](#int) | Number of user notes of the epic. | +| <a id="boardepicuserpermissions"></a>`userPermissions` | [`EpicPermissions!`](#epicpermissions) | Permissions for the current user on the resource. | +| <a id="boardepicuserpreferences"></a>`userPreferences` | [`BoardEpicUserPreferences`](#boardepicuserpreferences) | User preferences for the epic on the issue board. | +| <a id="boardepicwebpath"></a>`webPath` | [`String!`](#string) | Web path of the epic. | +| <a id="boardepicweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the epic. | + +#### Fields with arguments + +##### `BoardEpic.children` + +Children (sub-epics) of the epic. + +Returns [`EpicConnection`](#epicconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardepicchildrenauthorusername"></a>`authorUsername` | [`String`](#string) | Filter epics by author. | +| <a id="boardepicchildrenconfidential"></a>`confidential` | [`Boolean`](#boolean) | Filter epics by given confidentiality. | +| <a id="boardepicchildrenenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | +| <a id="boardepicchildreniid"></a>`iid` | [`ID`](#id) | IID of the epic, e.g., "1". | +| <a id="boardepicchildreniidstartswith"></a>`iidStartsWith` | [`String`](#string) | Filter epics by IID for autocomplete. | +| <a id="boardepicchildreniids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., [1, 2]. | +| <a id="boardepicchildrenincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include epics from descendant groups. | +| <a id="boardepicchildrenlabelname"></a>`labelName` | [`[String!]`](#string) | Filter epics by labels. | +| <a id="boardepicchildrenmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Filter epics by milestone title, computed from epic's issues. | +| <a id="boardepicchildrenmyreactionemoji"></a>`myReactionEmoji` | [`String`](#string) | Filter by reaction emoji applied by the current user. | +| <a id="boardepicchildrensearch"></a>`search` | [`String`](#string) | Search query for epic title or description. | +| <a id="boardepicchildrensort"></a>`sort` | [`EpicSort`](#epicsort) | List epics by sort order. | +| <a id="boardepicchildrenstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. | +| <a id="boardepicchildrenstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. | +| <a id="boardepicchildrentimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. | + +##### `BoardEpic.currentUserTodos` + +To-do items for the current user. + +Returns [`TodoConnection!`](#todoconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardepiccurrentusertodosstate"></a>`state` | [`TodoStateEnum`](#todostateenum) | State of the to-do items. | + +##### `BoardEpic.reference` + +Internal reference of the epic. Returned in shortened format by default. + +Returns [`String!`](#string). + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardepicreferencefull"></a>`full` | [`Boolean`](#boolean) | Indicates if the reference should be returned in full. | + +### `BoardEpicUserPreferences` + +Represents user preferences for a board epic. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardepicuserpreferencescollapsed"></a>`collapsed` | [`Boolean!`](#boolean) | Indicates epic should be displayed as collapsed. | + +### `BoardList` + +Represents a list for an issue board. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardlistassignee"></a>`assignee` | [`UserCore`](#usercore) | Assignee in the list. | +| <a id="boardlistcollapsed"></a>`collapsed` | [`Boolean`](#boolean) | Indicates if the list is collapsed for this user. | +| <a id="boardlistid"></a>`id` | [`ID!`](#id) | ID (global ID) of the list. | +| <a id="boardlistissuescount"></a>`issuesCount` | [`Int`](#int) | Count of issues in the list. | +| <a id="boardlistiteration"></a>`iteration` | [`Iteration`](#iteration) | Iteration of the list. | +| <a id="boardlistlabel"></a>`label` | [`Label`](#label) | Label of the list. | +| <a id="boardlistlimitmetric"></a>`limitMetric` | [`ListLimitMetric`](#listlimitmetric) | The current limit metric for the list. | +| <a id="boardlistlisttype"></a>`listType` | [`String!`](#string) | Type of the list. | +| <a id="boardlistmaxissuecount"></a>`maxIssueCount` | [`Int`](#int) | Maximum number of issues in the list. | +| <a id="boardlistmaxissueweight"></a>`maxIssueWeight` | [`Int`](#int) | Maximum weight of issues in the list. | +| <a id="boardlistmilestone"></a>`milestone` | [`Milestone`](#milestone) | Milestone of the list. | +| <a id="boardlistposition"></a>`position` | [`Int`](#int) | Position of list within the board. | +| <a id="boardlisttitle"></a>`title` | [`String!`](#string) | Title of the list. | +| <a id="boardlisttotalweight"></a>`totalWeight` | [`Int`](#int) | Total weight of all issues in the list. | + +#### Fields with arguments + +##### `BoardList.issues` + +Board issues. + +Returns [`IssueConnection`](#issueconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardlistissuesfilters"></a>`filters` | [`BoardIssueInput`](#boardissueinput) | Filters applied when selecting issues in the board list. | + +### `Branch` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="branchcommit"></a>`commit` | [`Commit`](#commit) | Commit for the branch. | +| <a id="branchname"></a>`name` | [`String!`](#string) | Name of the branch. | + +### `BurnupChartDailyTotals` + +Represents the total number of issues and their weights for a particular day. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="burnupchartdailytotalscompletedcount"></a>`completedCount` | [`Int!`](#int) | Number of closed issues as of this day. | +| <a id="burnupchartdailytotalscompletedweight"></a>`completedWeight` | [`Int!`](#int) | Total weight of closed issues as of this day. | +| <a id="burnupchartdailytotalsdate"></a>`date` | [`ISO8601Date!`](#iso8601date) | Date for burnup totals. | +| <a id="burnupchartdailytotalsscopecount"></a>`scopeCount` | [`Int!`](#int) | Number of issues as of this day. | +| <a id="burnupchartdailytotalsscopeweight"></a>`scopeWeight` | [`Int!`](#int) | Total weight of issues as of this day. | + +### `CiApplicationSettings` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciapplicationsettingskeeplatestartifact"></a>`keepLatestArtifact` | [`Boolean`](#boolean) | Whether to keep the latest jobs artifacts. | + +### `CiBuildNeed` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cibuildneedname"></a>`name` | [`String`](#string) | Name of the job we need to complete. | + +### `CiConfig` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigerrors"></a>`errors` | [`[String!]`](#string) | Linting errors. | +| <a id="ciconfigmergedyaml"></a>`mergedYaml` | [`String`](#string) | Merged CI configuration YAML. | +| <a id="ciconfigstages"></a>`stages` | [`CiConfigStageConnection`](#ciconfigstageconnection) | Stages of the pipeline. (see [Connections](#connections)) | +| <a id="ciconfigstatus"></a>`status` | [`CiConfigStatus`](#ciconfigstatus) | Status of linting, can be either valid or invalid. | + +### `CiConfigGroup` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfiggroupjobs"></a>`jobs` | [`CiConfigJobConnection`](#ciconfigjobconnection) | Jobs in group. (see [Connections](#connections)) | +| <a id="ciconfiggroupname"></a>`name` | [`String`](#string) | Name of the job group. | +| <a id="ciconfiggroupsize"></a>`size` | [`Int`](#int) | Size of the job group. | + +### `CiConfigJob` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigjobafterscript"></a>`afterScript` | [`[String!]`](#string) | Override a set of commands that are executed after the job. | +| <a id="ciconfigjoballowfailure"></a>`allowFailure` | [`Boolean`](#boolean) | Allow job to fail. | +| <a id="ciconfigjobbeforescript"></a>`beforeScript` | [`[String!]`](#string) | Override a set of commands that are executed before the job. | +| <a id="ciconfigjobenvironment"></a>`environment` | [`String`](#string) | Name of an environment to which the job deploys. | +| <a id="ciconfigjobexcept"></a>`except` | [`CiConfigJobRestriction`](#ciconfigjobrestriction) | Limit when jobs are not created. | +| <a id="ciconfigjobgroupname"></a>`groupName` | [`String`](#string) | Name of the job group. | +| <a id="ciconfigjobname"></a>`name` | [`String`](#string) | Name of the job. | +| <a id="ciconfigjobneeds"></a>`needs` | [`CiConfigNeedConnection`](#ciconfigneedconnection) | Builds that must complete before the jobs run. (see [Connections](#connections)) | +| <a id="ciconfigjobonly"></a>`only` | [`CiConfigJobRestriction`](#ciconfigjobrestriction) | Jobs are created when these conditions do not apply. | +| <a id="ciconfigjobscript"></a>`script` | [`[String!]`](#string) | Shell script that is executed by a runner. | +| <a id="ciconfigjobstage"></a>`stage` | [`String`](#string) | Name of the job stage. | +| <a id="ciconfigjobtags"></a>`tags` | [`[String!]`](#string) | List of tags that are used to select a runner. | +| <a id="ciconfigjobwhen"></a>`when` | [`String`](#string) | When to run the job. | + +### `CiConfigJobRestriction` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigjobrestrictionrefs"></a>`refs` | [`[String!]`](#string) | The Git refs the job restriction applies to. | + +### `CiConfigNeed` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigneedname"></a>`name` | [`String`](#string) | Name of the need. | + +### `CiConfigStage` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="ciconfigstagegroups"></a>`groups` | [`CiConfigGroupConnection`](#ciconfiggroupconnection) | Groups of jobs for the stage. (see [Connections](#connections)) | +| <a id="ciconfigstagename"></a>`name` | [`String`](#string) | Name of the stage. | + +### `CiGroup` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cigroupdetailedstatus"></a>`detailedStatus` | [`DetailedStatus`](#detailedstatus) | Detailed status of the group. | +| <a id="cigroupjobs"></a>`jobs` | [`CiJobConnection`](#cijobconnection) | Jobs in group. (see [Connections](#connections)) | +| <a id="cigroupname"></a>`name` | [`String`](#string) | Name of the job group. | +| <a id="cigroupsize"></a>`size` | [`Int`](#int) | Size of the group. | + +### `CiJob` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cijobactive"></a>`active` | [`Boolean!`](#boolean) | Indicates the job is active. | +| <a id="cijoballowfailure"></a>`allowFailure` | [`Boolean!`](#boolean) | Whether the job is allowed to fail. | +| <a id="cijobartifacts"></a>`artifacts` | [`CiJobArtifactConnection`](#cijobartifactconnection) | Artifacts generated by the job. (see [Connections](#connections)) | +| <a id="cijobcancelable"></a>`cancelable` | [`Boolean!`](#boolean) | Indicates the job can be canceled. | +| <a id="cijobcommitpath"></a>`commitPath` | [`String`](#string) | Path to the commit that triggered the job. | +| <a id="cijobcoverage"></a>`coverage` | [`Float`](#float) | Coverage level of the job. | +| <a id="cijobcreatedat"></a>`createdAt` | [`Time!`](#time) | When the job was created. | +| <a id="cijobcreatedbytag"></a>`createdByTag` | [`Boolean!`](#boolean) | Whether the job was created by a tag. | +| <a id="cijobdetailedstatus"></a>`detailedStatus` | [`DetailedStatus`](#detailedstatus) | Detailed status of the job. | +| <a id="cijobduration"></a>`duration` | [`Int`](#int) | Duration of the job in seconds. | +| <a id="cijobfinishedat"></a>`finishedAt` | [`Time`](#time) | When a job has finished running. | +| <a id="cijobid"></a>`id` | [`JobID`](#jobid) | ID of the job. | +| <a id="cijobmanualjob"></a>`manualJob` | [`Boolean`](#boolean) | Whether the job has a manual action. | +| <a id="cijobname"></a>`name` | [`String`](#string) | Name of the job. | +| <a id="cijobneeds"></a>`needs` | [`CiBuildNeedConnection`](#cibuildneedconnection) | References to builds that must complete before the jobs run. (see [Connections](#connections)) | +| <a id="cijobpipeline"></a>`pipeline` | [`Pipeline`](#pipeline) | Pipeline the job belongs to. | +| <a id="cijobplayable"></a>`playable` | [`Boolean!`](#boolean) | Indicates the job can be played. | +| <a id="cijobqueuedat"></a>`queuedAt` | [`Time`](#time) | When the job was enqueued and marked as pending. | +| <a id="cijobqueuedduration"></a>`queuedDuration` | [`Duration`](#duration) | How long the job was enqueued before starting. | +| <a id="cijobrefname"></a>`refName` | [`String`](#string) | Ref name of the job. | +| <a id="cijobrefpath"></a>`refPath` | [`String`](#string) | Path to the ref. | +| <a id="cijobretryable"></a>`retryable` | [`Boolean!`](#boolean) | Indicates the job can be retried. | +| <a id="cijobscheduledat"></a>`scheduledAt` | [`Time`](#time) | Schedule for the build. | +| <a id="cijobschedulingtype"></a>`schedulingType` | [`String`](#string) | Type of pipeline scheduling. Value is `dag` if the pipeline uses the `needs` keyword, and `stage` otherwise. | +| <a id="cijobshortsha"></a>`shortSha` | [`String!`](#string) | Short SHA1 ID of the commit. | +| <a id="cijobstage"></a>`stage` | [`CiStage`](#cistage) | Stage of the job. | +| <a id="cijobstartedat"></a>`startedAt` | [`Time`](#time) | When the job was started. | +| <a id="cijobstatus"></a>`status` | [`CiJobStatus`](#cijobstatus) | Status of the job. | +| <a id="cijobstuck"></a>`stuck` | [`Boolean!`](#boolean) | Indicates the job is stuck. | +| <a id="cijobtags"></a>`tags` | [`[String!]`](#string) | Tags for the current job. | +| <a id="cijobtriggered"></a>`triggered` | [`Boolean`](#boolean) | Whether the job was triggered. | +| <a id="cijobuserpermissions"></a>`userPermissions` | [`JobPermissions!`](#jobpermissions) | Permissions for the current user on the resource. | + +### `CiJobArtifact` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cijobartifactdownloadpath"></a>`downloadPath` | [`String`](#string) | URL for downloading the artifact's file. | +| <a id="cijobartifactfiletype"></a>`fileType` | [`JobArtifactFileType`](#jobartifactfiletype) | File type of the artifact. | + +### `CiRunner` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cirunneraccesslevel"></a>`accessLevel` | [`CiRunnerAccessLevel!`](#cirunneraccesslevel) | Access level of the runner. | +| <a id="cirunneractive"></a>`active` | [`Boolean!`](#boolean) | Indicates the runner is allowed to receive jobs. | +| <a id="cirunnercontactedat"></a>`contactedAt` | [`Time`](#time) | Last contact from the runner. | +| <a id="cirunnerdescription"></a>`description` | [`String`](#string) | Description of the runner. | +| <a id="cirunnerid"></a>`id` | [`CiRunnerID!`](#cirunnerid) | ID of the runner. | +| <a id="cirunneripaddress"></a>`ipAddress` | [`String!`](#string) | IP address of the runner. | +| <a id="cirunnerlocked"></a>`locked` | [`Boolean`](#boolean) | Indicates the runner is locked. | +| <a id="cirunnermaximumtimeout"></a>`maximumTimeout` | [`Int`](#int) | Maximum timeout (in seconds) for jobs processed by the runner. | +| <a id="cirunnerrevision"></a>`revision` | [`String!`](#string) | Revision of the runner. | +| <a id="cirunnerrununtagged"></a>`runUntagged` | [`Boolean!`](#boolean) | Indicates the runner is able to run untagged jobs. | +| <a id="cirunnerrunnertype"></a>`runnerType` | [`CiRunnerType!`](#cirunnertype) | Type of the runner. | +| <a id="cirunnershortsha"></a>`shortSha` | [`String`](#string) | First eight characters of the runner's token used to authenticate new job requests. Used as the runner's unique ID. | +| <a id="cirunnerstatus"></a>`status` | [`CiRunnerStatus!`](#cirunnerstatus) | Status of the runner. | +| <a id="cirunnertaglist"></a>`tagList` | [`[String!]`](#string) | Tags associated with the runner. | +| <a id="cirunnerversion"></a>`version` | [`String!`](#string) | Version of the runner. | + +### `CiStage` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cistagedetailedstatus"></a>`detailedStatus` | [`DetailedStatus`](#detailedstatus) | Detailed status of the stage. | +| <a id="cistagegroups"></a>`groups` | [`CiGroupConnection`](#cigroupconnection) | Group of jobs for the stage. (see [Connections](#connections)) | +| <a id="cistagejobs"></a>`jobs` | [`CiJobConnection`](#cijobconnection) | Jobs for the stage. (see [Connections](#connections)) | +| <a id="cistagename"></a>`name` | [`String`](#string) | Name of the stage. | + +### `CiTemplate` + +GitLab CI/CD configuration template. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="citemplatecontent"></a>`content` | [`String!`](#string) | Contents of the CI template. | +| <a id="citemplatename"></a>`name` | [`String!`](#string) | Name of the CI template. | + +### `ClusterAgent` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="clusteragentcreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp the cluster agent was created. | +| <a id="clusteragentcreatedbyuser"></a>`createdByUser` | [`UserCore`](#usercore) | User object, containing information about the person who created the agent. | +| <a id="clusteragentid"></a>`id` | [`ID!`](#id) | ID of the cluster agent. | +| <a id="clusteragentname"></a>`name` | [`String`](#string) | Name of the cluster agent. | +| <a id="clusteragentproject"></a>`project` | [`Project`](#project) | The project this cluster agent is associated with. | +| <a id="clusteragenttokens"></a>`tokens` | [`ClusterAgentTokenConnection`](#clusteragenttokenconnection) | Tokens associated with the cluster agent. (see [Connections](#connections)) | +| <a id="clusteragentupdatedat"></a>`updatedAt` | [`Time`](#time) | Timestamp the cluster agent was updated. | +| <a id="clusteragentwebpath"></a>`webPath` | [`String`](#string) | Web path of the cluster agent. | + +### `ClusterAgentToken` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="clusteragenttokenclusteragent"></a>`clusterAgent` | [`ClusterAgent`](#clusteragent) | Cluster agent this token is associated with. | +| <a id="clusteragenttokencreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp the token was created. | +| <a id="clusteragenttokencreatedbyuser"></a>`createdByUser` | [`UserCore`](#usercore) | The user who created the token. | +| <a id="clusteragenttokendescription"></a>`description` | [`String`](#string) | Description of the token. | +| <a id="clusteragenttokenid"></a>`id` | [`ClustersAgentTokenID!`](#clustersagenttokenid) | Global ID of the token. | +| <a id="clusteragenttokenlastusedat"></a>`lastUsedAt` | [`Time`](#time) | Timestamp the token was last used. | +| <a id="clusteragenttokenname"></a>`name` | [`String`](#string) | Name given to the token. | + +### `CodeCoverageActivity` + +Represents the code coverage activity for a group. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="codecoverageactivityaveragecoverage"></a>`averageCoverage` | [`Float`](#float) | Average percentage of the different code coverage results available for the group. | +| <a id="codecoverageactivitycoveragecount"></a>`coverageCount` | [`Int`](#int) | Number of different code coverage results available for the group. | +| <a id="codecoverageactivitydate"></a>`date` | [`Date!`](#date) | Date when the code coverage was created. | +| <a id="codecoverageactivityprojectcount"></a>`projectCount` | [`Int`](#int) | Number of projects with code coverage results for the group. | + +### `CodeCoverageSummary` + +Represents the code coverage summary for a project. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="codecoveragesummaryaveragecoverage"></a>`averageCoverage` | [`Float`](#float) | Average percentage of the different code coverage results available for the project. | +| <a id="codecoveragesummarycoveragecount"></a>`coverageCount` | [`Int`](#int) | Number of different code coverage results available. | +| <a id="codecoveragesummarylastupdatedon"></a>`lastUpdatedOn` | [`Date`](#date) | Latest date when the code coverage was created for the project. | + +### `CodeQualityDegradation` + +Represents a code quality degradation on the pipeline. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="codequalitydegradationdescription"></a>`description` | [`String!`](#string) | A description of the code quality degradation. | +| <a id="codequalitydegradationfingerprint"></a>`fingerprint` | [`String!`](#string) | A unique fingerprint to identify the code quality degradation. For example, an MD5 hash. | +| <a id="codequalitydegradationline"></a>`line` | [`Int!`](#int) | The line on which the code quality degradation occurred. | +| <a id="codequalitydegradationpath"></a>`path` | [`String!`](#string) | The relative path to the file containing the code quality degradation. | +| <a id="codequalitydegradationseverity"></a>`severity` | [`CodeQualityDegradationSeverity!`](#codequalitydegradationseverity) | Status of the degradation (BLOCKER, CRITICAL, MAJOR, MINOR, INFO). | + +### `Commit` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="commitauthor"></a>`author` | [`UserCore`](#usercore) | Author of the commit. | +| <a id="commitauthorgravatar"></a>`authorGravatar` | [`String`](#string) | Commit authors gravatar. | +| <a id="commitauthorname"></a>`authorName` | [`String`](#string) | Commit authors name. | +| <a id="commitauthoreddate"></a>`authoredDate` | [`Time`](#time) | Timestamp of when the commit was authored. | +| <a id="commitdescription"></a>`description` | [`String`](#string) | Description of the commit message. | +| <a id="commitdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="commitid"></a>`id` | [`ID!`](#id) | ID (global ID) of the commit. | +| <a id="commitmessage"></a>`message` | [`String`](#string) | Raw commit message. | +| <a id="commitsha"></a>`sha` | [`String!`](#string) | SHA1 ID of the commit. | +| <a id="commitshortid"></a>`shortId` | [`String!`](#string) | Short SHA1 ID of the commit. | +| <a id="commitsignaturehtml"></a>`signatureHtml` | [`String`](#string) | Rendered HTML of the commit signature. | +| <a id="committitle"></a>`title` | [`String`](#string) | Title of the commit message. | +| <a id="committitlehtml"></a>`titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | +| <a id="commitwebpath"></a>`webPath` | [`String!`](#string) | Web path of the commit. | +| <a id="commitweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the commit. | + +#### Fields with arguments + +##### `Commit.pipelines` + +Pipelines of the commit ordered latest first. + +Returns [`PipelineConnection`](#pipelineconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="commitpipelinesref"></a>`ref` | [`String`](#string) | Filter pipelines by the ref they are run for. | +| <a id="commitpipelinessha"></a>`sha` | [`String`](#string) | Filter pipelines by the sha of the commit they are run for. | +| <a id="commitpipelinesstatus"></a>`status` | [`PipelineStatusEnum`](#pipelinestatusenum) | Filter pipelines by their status. | + +### `ComplianceFramework` + +Represents a ComplianceFramework associated with a Project. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="complianceframeworkcolor"></a>`color` | [`String!`](#string) | Hexadecimal representation of compliance framework's label color. | +| <a id="complianceframeworkdescription"></a>`description` | [`String!`](#string) | Description of the compliance framework. | +| <a id="complianceframeworkid"></a>`id` | [`ID!`](#id) | Compliance framework ID. | +| <a id="complianceframeworkname"></a>`name` | [`String!`](#string) | Name of the compliance framework. | +| <a id="complianceframeworkpipelineconfigurationfullpath"></a>`pipelineConfigurationFullPath` | [`String`](#string) | Full path of the compliance pipeline configuration stored in a project repository, such as `.gitlab/.compliance-gitlab-ci.yml@compliance/hipaa` **(ULTIMATE)**. | + +### `ComposerMetadata` + +Composer metadata. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="composermetadatacomposerjson"></a>`composerJson` | [`PackageComposerJsonType!`](#packagecomposerjsontype) | Data of the Composer JSON file. | +| <a id="composermetadatatargetsha"></a>`targetSha` | [`String!`](#string) | Target SHA of the package. | + +### `ConanFileMetadata` + +Conan file metadata. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="conanfilemetadataconanfiletype"></a>`conanFileType` | [`ConanMetadatumFileTypeEnum!`](#conanmetadatumfiletypeenum) | Type of the Conan file. | +| <a id="conanfilemetadataconanpackagereference"></a>`conanPackageReference` | [`String`](#string) | Reference of the Conan package. | +| <a id="conanfilemetadatacreatedat"></a>`createdAt` | [`Time!`](#time) | Date of creation. | +| <a id="conanfilemetadataid"></a>`id` | [`PackagesConanFileMetadatumID!`](#packagesconanfilemetadatumid) | ID of the metadatum. | +| <a id="conanfilemetadatapackagerevision"></a>`packageRevision` | [`String`](#string) | Revision of the package. | +| <a id="conanfilemetadatareciperevision"></a>`recipeRevision` | [`String!`](#string) | Revision of the Conan recipe. | +| <a id="conanfilemetadataupdatedat"></a>`updatedAt` | [`Time!`](#time) | Date of most recent update. | + +### `ConanMetadata` + +Conan metadata. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="conanmetadatacreatedat"></a>`createdAt` | [`Time!`](#time) | Date of creation. | +| <a id="conanmetadataid"></a>`id` | [`PackagesConanMetadatumID!`](#packagesconanmetadatumid) | ID of the metadatum. | +| <a id="conanmetadatapackagechannel"></a>`packageChannel` | [`String!`](#string) | Channel of the Conan package. | +| <a id="conanmetadatapackageusername"></a>`packageUsername` | [`String!`](#string) | Username of the Conan package. | +| <a id="conanmetadatarecipe"></a>`recipe` | [`String!`](#string) | Recipe of the Conan package. | +| <a id="conanmetadatarecipepath"></a>`recipePath` | [`String!`](#string) | Recipe path of the Conan package. | +| <a id="conanmetadataupdatedat"></a>`updatedAt` | [`Time!`](#time) | Date of most recent update. | + +### `ContainerExpirationPolicy` + +A tag expiration policy designed to keep only the images that matter most. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="containerexpirationpolicycadence"></a>`cadence` | [`ContainerExpirationPolicyCadenceEnum!`](#containerexpirationpolicycadenceenum) | This container expiration policy schedule. | +| <a id="containerexpirationpolicycreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of when the container expiration policy was created. | +| <a id="containerexpirationpolicyenabled"></a>`enabled` | [`Boolean!`](#boolean) | Indicates whether this container expiration policy is enabled. | +| <a id="containerexpirationpolicykeepn"></a>`keepN` | [`ContainerExpirationPolicyKeepEnum`](#containerexpirationpolicykeepenum) | Number of tags to retain. | +| <a id="containerexpirationpolicynameregex"></a>`nameRegex` | [`UntrustedRegexp`](#untrustedregexp) | Tags with names matching this regex pattern will expire. | +| <a id="containerexpirationpolicynameregexkeep"></a>`nameRegexKeep` | [`UntrustedRegexp`](#untrustedregexp) | Tags with names matching this regex pattern will be preserved. | +| <a id="containerexpirationpolicynextrunat"></a>`nextRunAt` | [`Time`](#time) | Next time that this container expiration policy will get executed. | +| <a id="containerexpirationpolicyolderthan"></a>`olderThan` | [`ContainerExpirationPolicyOlderThanEnum`](#containerexpirationpolicyolderthanenum) | Tags older that this will expire. | +| <a id="containerexpirationpolicyupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of when the container expiration policy was updated. | + +### `ContainerRepository` + +A container repository. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="containerrepositorycandelete"></a>`canDelete` | [`Boolean!`](#boolean) | Can the current user delete the container repository. | +| <a id="containerrepositorycreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp when the container repository was created. | +| <a id="containerrepositoryexpirationpolicycleanupstatus"></a>`expirationPolicyCleanupStatus` | [`ContainerRepositoryCleanupStatus`](#containerrepositorycleanupstatus) | The tags cleanup status for the container repository. | +| <a id="containerrepositoryexpirationpolicystartedat"></a>`expirationPolicyStartedAt` | [`Time`](#time) | Timestamp when the cleanup done by the expiration policy was started on the container repository. | +| <a id="containerrepositoryid"></a>`id` | [`ID!`](#id) | ID of the container repository. | +| <a id="containerrepositorylocation"></a>`location` | [`String!`](#string) | URL of the container repository. | +| <a id="containerrepositoryname"></a>`name` | [`String!`](#string) | Name of the container repository. | +| <a id="containerrepositorypath"></a>`path` | [`String!`](#string) | Path of the container repository. | +| <a id="containerrepositoryproject"></a>`project` | [`Project!`](#project) | Project of the container registry. | +| <a id="containerrepositorystatus"></a>`status` | [`ContainerRepositoryStatus`](#containerrepositorystatus) | Status of the container repository. | +| <a id="containerrepositorytagscount"></a>`tagsCount` | [`Int!`](#int) | Number of tags associated with this image. | +| <a id="containerrepositoryupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp when the container repository was updated. | + +### `ContainerRepositoryDetails` + +Details of a container repository. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="containerrepositorydetailscandelete"></a>`canDelete` | [`Boolean!`](#boolean) | Can the current user delete the container repository. | +| <a id="containerrepositorydetailscreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp when the container repository was created. | +| <a id="containerrepositorydetailsexpirationpolicycleanupstatus"></a>`expirationPolicyCleanupStatus` | [`ContainerRepositoryCleanupStatus`](#containerrepositorycleanupstatus) | The tags cleanup status for the container repository. | +| <a id="containerrepositorydetailsexpirationpolicystartedat"></a>`expirationPolicyStartedAt` | [`Time`](#time) | Timestamp when the cleanup done by the expiration policy was started on the container repository. | +| <a id="containerrepositorydetailsid"></a>`id` | [`ID!`](#id) | ID of the container repository. | +| <a id="containerrepositorydetailslocation"></a>`location` | [`String!`](#string) | URL of the container repository. | +| <a id="containerrepositorydetailsname"></a>`name` | [`String!`](#string) | Name of the container repository. | +| <a id="containerrepositorydetailspath"></a>`path` | [`String!`](#string) | Path of the container repository. | +| <a id="containerrepositorydetailsproject"></a>`project` | [`Project!`](#project) | Project of the container registry. | +| <a id="containerrepositorydetailsstatus"></a>`status` | [`ContainerRepositoryStatus`](#containerrepositorystatus) | Status of the container repository. | +| <a id="containerrepositorydetailstags"></a>`tags` | [`ContainerRepositoryTagConnection`](#containerrepositorytagconnection) | Tags of the container repository. (see [Connections](#connections)) | +| <a id="containerrepositorydetailstagscount"></a>`tagsCount` | [`Int!`](#int) | Number of tags associated with this image. | +| <a id="containerrepositorydetailsupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp when the container repository was updated. | + +### `ContainerRepositoryTag` + +A tag from a container repository. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="containerrepositorytagcandelete"></a>`canDelete` | [`Boolean!`](#boolean) | Can the current user delete this tag. | +| <a id="containerrepositorytagcreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp when the tag was created. | +| <a id="containerrepositorytagdigest"></a>`digest` | [`String`](#string) | Digest of the tag. | +| <a id="containerrepositorytaglocation"></a>`location` | [`String!`](#string) | URL of the tag. | +| <a id="containerrepositorytagname"></a>`name` | [`String!`](#string) | Name of the tag. | +| <a id="containerrepositorytagpath"></a>`path` | [`String!`](#string) | Path of the tag. | +| <a id="containerrepositorytagrevision"></a>`revision` | [`String`](#string) | Revision of the tag. | +| <a id="containerrepositorytagshortrevision"></a>`shortRevision` | [`String`](#string) | Short revision of the tag. | +| <a id="containerrepositorytagtotalsize"></a>`totalSize` | [`BigInt`](#bigint) | The size of the tag. | + +### `CurrentLicense` + +Represents the current license. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="currentlicenseactivatedat"></a>`activatedAt` | [`Date`](#date) | Date when the license was activated. | +| <a id="currentlicensebillableuserscount"></a>`billableUsersCount` | [`Int`](#int) | Number of billable users on the system. | +| <a id="currentlicensecompany"></a>`company` | [`String`](#string) | Company of the licensee. | +| <a id="currentlicenseemail"></a>`email` | [`String`](#string) | Email of the licensee. | +| <a id="currentlicenseexpiresat"></a>`expiresAt` | [`Date`](#date) | Date when the license expires. | +| <a id="currentlicenseid"></a>`id` | [`ID!`](#id) | ID of the license. | +| <a id="currentlicenselastsync"></a>`lastSync` | [`Time`](#time) | Date when the license was last synced. | +| <a id="currentlicensemaximumusercount"></a>`maximumUserCount` | [`Int`](#int) | Highest number of billable users on the system during the term of the current license. | +| <a id="currentlicensename"></a>`name` | [`String`](#string) | Name of the licensee. | +| <a id="currentlicenseplan"></a>`plan` | [`String!`](#string) | Name of the subscription plan. | +| <a id="currentlicensestartsat"></a>`startsAt` | [`Date`](#date) | Date when the license started. | +| <a id="currentlicensetype"></a>`type` | [`String!`](#string) | Type of the license. | +| <a id="currentlicenseusersinlicensecount"></a>`usersInLicenseCount` | [`Int`](#int) | Number of paid users in the license. | +| <a id="currentlicenseusersoverlicensecount"></a>`usersOverLicenseCount` | [`Int`](#int) | Number of users over the paid users in the license. | + +### `CustomEmoji` + +A custom emoji uploaded by user. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="customemojiexternal"></a>`external` | [`Boolean!`](#boolean) | Whether the emoji is an external link. | +| <a id="customemojiid"></a>`id` | [`CustomEmojiID!`](#customemojiid) | The ID of the emoji. | +| <a id="customemojiname"></a>`name` | [`String!`](#string) | The name of the emoji. | +| <a id="customemojiurl"></a>`url` | [`String!`](#string) | The link to file of the emoji. | + +### `DastProfile` + +Represents a DAST Profile. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastprofilebranch"></a>`branch` | [`DastProfileBranch`](#dastprofilebranch) | The associated branch. | +| <a id="dastprofiledastscannerprofile"></a>`dastScannerProfile` | [`DastScannerProfile`](#dastscannerprofile) | The associated scanner profile. | +| <a id="dastprofiledastsiteprofile"></a>`dastSiteProfile` | [`DastSiteProfile`](#dastsiteprofile) | The associated site profile. | +| <a id="dastprofiledescription"></a>`description` | [`String`](#string) | The description of the scan. | +| <a id="dastprofileeditpath"></a>`editPath` | [`String`](#string) | Relative web path to the edit page of a profile. | +| <a id="dastprofileid"></a>`id` | [`DastProfileID!`](#dastprofileid) | ID of the profile. | +| <a id="dastprofilename"></a>`name` | [`String`](#string) | The name of the profile. | + +### `DastProfileBranch` + +Represents a DAST Profile Branch. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastprofilebranchexists"></a>`exists` | [`Boolean`](#boolean) | Indicates whether or not the branch exists. | +| <a id="dastprofilebranchname"></a>`name` | [`String`](#string) | The name of the branch. | + +### `DastScannerProfile` + +Represents a DAST scanner profile. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastscannerprofileeditpath"></a>`editPath` | [`String`](#string) | Relative web path to the edit page of a scanner profile. | +| <a id="dastscannerprofileglobalid"></a>`globalId` **{warning-solid}** | [`DastScannerProfileID!`](#dastscannerprofileid) | **Deprecated** in 13.6. Use `id`. | +| <a id="dastscannerprofileid"></a>`id` | [`DastScannerProfileID!`](#dastscannerprofileid) | ID of the DAST scanner profile. | +| <a id="dastscannerprofileprofilename"></a>`profileName` | [`String`](#string) | Name of the DAST scanner profile. | +| <a id="dastscannerprofilereferencedinsecuritypolicies"></a>`referencedInSecurityPolicies` | [`[String!]`](#string) | List of security policy names that are referencing given project. | +| <a id="dastscannerprofilescantype"></a>`scanType` | [`DastScanTypeEnum`](#dastscantypeenum) | Indicates the type of DAST scan that will run. Either a Passive Scan or an Active Scan. | +| <a id="dastscannerprofileshowdebugmessages"></a>`showDebugMessages` | [`Boolean!`](#boolean) | Indicates if debug messages should be included in DAST console output. True to include the debug messages. | +| <a id="dastscannerprofilespidertimeout"></a>`spiderTimeout` | [`Int`](#int) | The maximum number of minutes allowed for the spider to traverse the site. | +| <a id="dastscannerprofiletargettimeout"></a>`targetTimeout` | [`Int`](#int) | The maximum number of seconds allowed for the site under test to respond to a request. | +| <a id="dastscannerprofileuseajaxspider"></a>`useAjaxSpider` | [`Boolean!`](#boolean) | Indicates if the AJAX spider should be used to crawl the target site. True to run the AJAX spider in addition to the traditional spider, and false to run only the traditional spider. | + +### `DastSiteProfile` + +Represents a DAST Site Profile. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastsiteprofileauth"></a>`auth` | [`DastSiteProfileAuth`](#dastsiteprofileauth) | Target authentication details. Will always return `null` if `security_dast_site_profiles_additional_fields` feature flag is disabled. | +| <a id="dastsiteprofileeditpath"></a>`editPath` | [`String`](#string) | Relative web path to the edit page of a site profile. | +| <a id="dastsiteprofileexcludedurls"></a>`excludedUrls` | [`[String!]`](#string) | The URLs to skip during an authenticated scan. Will always return `null` if `security_dast_site_profiles_additional_fields` feature flag is disabled. | +| <a id="dastsiteprofileid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile. | +| <a id="dastsiteprofilenormalizedtargeturl"></a>`normalizedTargetUrl` | [`String`](#string) | Normalized URL of the target to be scanned. | +| <a id="dastsiteprofileprofilename"></a>`profileName` | [`String`](#string) | The name of the site profile. | +| <a id="dastsiteprofilereferencedinsecuritypolicies"></a>`referencedInSecurityPolicies` | [`[String!]`](#string) | List of security policy names that are referencing given project. | +| <a id="dastsiteprofilerequestheaders"></a>`requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. Will always return `null` if `security_dast_site_profiles_additional_fields` feature flag is disabled. | +| <a id="dastsiteprofiletargettype"></a>`targetType` | [`DastTargetTypeEnum`](#dasttargettypeenum) | The type of target to be scanned. Will always return `null` if `security_dast_site_profiles_api_option` feature flag is disabled. | +| <a id="dastsiteprofiletargeturl"></a>`targetUrl` | [`String`](#string) | The URL of the target to be scanned. | +| <a id="dastsiteprofileuserpermissions"></a>`userPermissions` | [`DastSiteProfilePermissions!`](#dastsiteprofilepermissions) | Permissions for the current user on the resource. | +| <a id="dastsiteprofilevalidationstatus"></a>`validationStatus` | [`DastSiteProfileValidationStatusEnum`](#dastsiteprofilevalidationstatusenum) | The current validation status of the site profile. | + +### `DastSiteProfileAuth` + +Input type for DastSiteProfile authentication. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastsiteprofileauthenabled"></a>`enabled` | [`Boolean`](#boolean) | Indicates whether authentication is enabled. | +| <a id="dastsiteprofileauthpassword"></a>`password` | [`String`](#string) | Redacted password to authenticate with on the target website. | +| <a id="dastsiteprofileauthpasswordfield"></a>`passwordField` | [`String`](#string) | The name of password field at the sign-in HTML form. | +| <a id="dastsiteprofileauthurl"></a>`url` | [`String`](#string) | The URL of the page containing the sign-in HTML form on the target website. | +| <a id="dastsiteprofileauthusername"></a>`username` | [`String`](#string) | The username to authenticate with on the target website. | +| <a id="dastsiteprofileauthusernamefield"></a>`usernameField` | [`String`](#string) | The name of username field at the sign-in HTML form. | + +### `DastSiteProfilePermissions` + +Check permissions for the current user on site profile. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastsiteprofilepermissionscreateondemanddastscan"></a>`createOnDemandDastScan` | [`Boolean!`](#boolean) | Indicates the user can perform `create_on_demand_dast_scan` on this resource. | + +### `DastSiteValidation` + +Represents a DAST Site Validation. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastsitevalidationid"></a>`id` | [`DastSiteValidationID!`](#dastsitevalidationid) | Global ID of the site validation. | +| <a id="dastsitevalidationnormalizedtargeturl"></a>`normalizedTargetUrl` | [`String`](#string) | Normalized URL of the target to be validated. | +| <a id="dastsitevalidationstatus"></a>`status` | [`DastSiteProfileValidationStatusEnum!`](#dastsiteprofilevalidationstatusenum) | Status of the site validation. | ### `DeleteJobsResponse` The response from the AdminSidekiqQueuesDeleteJobs mutation. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `completed` | [`Boolean`](#boolean) | Whether or not the entire queue was processed in time; if not, retrying the same request is safe. | -| `deletedJobs` | [`Int`](#int) | The number of matching jobs deleted. | -| `queueSize` | [`Int`](#int) | The queue size after processing. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="deletejobsresponsecompleted"></a>`completed` | [`Boolean`](#boolean) | Whether or not the entire queue was processed in time; if not, retrying the same request is safe. | +| <a id="deletejobsresponsedeletedjobs"></a>`deletedJobs` | [`Int`](#int) | The number of matching jobs deleted. | +| <a id="deletejobsresponsequeuesize"></a>`queueSize` | [`Int`](#int) | The queue size after processing. | ### `Design` A single design. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `currentUserTodos` | [`TodoConnection!`](#todoconnection) | To-do items for the current user. | -| `diffRefs` | [`DiffRefs!`](#diffrefs) | The diff refs for this design. | -| `discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. | -| `event` | [`DesignVersionEvent!`](#designversionevent) | How this design was changed in the current version. | -| `filename` | [`String!`](#string) | The filename of the design. | -| `fullPath` | [`String!`](#string) | The full path to the design file. | -| `id` | [`ID!`](#id) | The ID of this design. | -| `image` | [`String!`](#string) | The URL of the full-sized image. | -| `imageV432x230` | [`String`](#string) | The URL of the design resized to fit within the bounds of 432x230. This will be `null` if the image has not been generated. | -| `issue` | [`Issue!`](#issue) | The issue the design belongs to. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. | -| `notesCount` | [`Int!`](#int) | The total count of user-created notes for this design. | -| `project` | [`Project!`](#project) | The project the design belongs to. | -| `versions` | [`DesignVersionConnection!`](#designversionconnection) | All versions related to this design ordered newest first. | +#### Fields -### `DesignAtVersion` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designdiffrefs"></a>`diffRefs` | [`DiffRefs!`](#diffrefs) | The diff refs for this design. | +| <a id="designdiscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="designevent"></a>`event` | [`DesignVersionEvent!`](#designversionevent) | How this design was changed in the current version. | +| <a id="designfilename"></a>`filename` | [`String!`](#string) | The filename of the design. | +| <a id="designfullpath"></a>`fullPath` | [`String!`](#string) | The full path to the design file. | +| <a id="designid"></a>`id` | [`ID!`](#id) | The ID of this design. | +| <a id="designimage"></a>`image` | [`String!`](#string) | The URL of the full-sized image. | +| <a id="designimagev432x230"></a>`imageV432x230` | [`String`](#string) | The URL of the design resized to fit within the bounds of 432x230. This will be `null` if the image has not been generated. | +| <a id="designissue"></a>`issue` | [`Issue!`](#issue) | The issue the design belongs to. | +| <a id="designnotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | +| <a id="designnotescount"></a>`notesCount` | [`Int!`](#int) | The total count of user-created notes for this design. | +| <a id="designproject"></a>`project` | [`Project!`](#project) | The project the design belongs to. | -A design pinned to a specific version. The image field reflects the design as of the associated version. +#### Fields with arguments + +##### `Design.currentUserTodos` + +To-do items for the current user. + +Returns [`TodoConnection!`](#todoconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designcurrentusertodosstate"></a>`state` | [`TodoStateEnum`](#todostateenum) | State of the to-do items. | + +##### `Design.versions` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `design` | [`Design!`](#design) | The underlying design. | -| `diffRefs` | [`DiffRefs!`](#diffrefs) | The diff refs for this design. | -| `event` | [`DesignVersionEvent!`](#designversionevent) | How this design was changed in the current version. | -| `filename` | [`String!`](#string) | The filename of the design. | -| `fullPath` | [`String!`](#string) | The full path to the design file. | -| `id` | [`ID!`](#id) | The ID of this design. | -| `image` | [`String!`](#string) | The URL of the full-sized image. | -| `imageV432x230` | [`String`](#string) | The URL of the design resized to fit within the bounds of 432x230. This will be `null` if the image has not been generated. | -| `issue` | [`Issue!`](#issue) | The issue the design belongs to. | -| `notesCount` | [`Int!`](#int) | The total count of user-created notes for this design. | -| `project` | [`Project!`](#project) | The project the design belongs to. | -| `version` | [`DesignVersion!`](#designversion) | The version this design-at-versions is pinned to. | +All versions related to this design ordered newest first. -### `DesignAtVersionConnection` +Returns [`DesignVersionConnection!`](#designversionconnection). -The connection type for DesignAtVersion. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[DesignAtVersionEdge]`](#designatversionedge) | A list of edges. | -| `nodes` | [`[DesignAtVersion]`](#designatversion) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +###### Arguments -### `DesignAtVersionEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designversionsearlierorequaltoid"></a>`earlierOrEqualToId` | [`DesignManagementVersionID`](#designmanagementversionid) | The Global ID of the most recent acceptable version. | +| <a id="designversionsearlierorequaltosha"></a>`earlierOrEqualToSha` | [`String`](#string) | The SHA256 of the most recent acceptable version. | + +### `DesignAtVersion` + +A design pinned to a specific version. The image field reflects the design as of the associated version. -An edge in a connection. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`DesignAtVersion`](#designatversion) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designatversiondesign"></a>`design` | [`Design!`](#design) | The underlying design. | +| <a id="designatversiondiffrefs"></a>`diffRefs` | [`DiffRefs!`](#diffrefs) | The diff refs for this design. | +| <a id="designatversionevent"></a>`event` | [`DesignVersionEvent!`](#designversionevent) | How this design was changed in the current version. | +| <a id="designatversionfilename"></a>`filename` | [`String!`](#string) | The filename of the design. | +| <a id="designatversionfullpath"></a>`fullPath` | [`String!`](#string) | The full path to the design file. | +| <a id="designatversionid"></a>`id` | [`ID!`](#id) | The ID of this design. | +| <a id="designatversionimage"></a>`image` | [`String!`](#string) | The URL of the full-sized image. | +| <a id="designatversionimagev432x230"></a>`imageV432x230` | [`String`](#string) | The URL of the design resized to fit within the bounds of 432x230. This will be `null` if the image has not been generated. | +| <a id="designatversionissue"></a>`issue` | [`Issue!`](#issue) | The issue the design belongs to. | +| <a id="designatversionnotescount"></a>`notesCount` | [`Int!`](#int) | The total count of user-created notes for this design. | +| <a id="designatversionproject"></a>`project` | [`Project!`](#project) | The project the design belongs to. | +| <a id="designatversionversion"></a>`version` | [`DesignVersion!`](#designversion) | The version this design-at-versions is pinned to. | ### `DesignCollection` A collection of designs. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `copyState` | [`DesignCollectionCopyState`](#designcollectioncopystate) | Copy state of the design collection. | -| `design` | [`Design`](#design) | Find a specific design. | -| `designAtVersion` | [`DesignAtVersion`](#designatversion) | Find a design as of a version. | -| `designs` | [`DesignConnection!`](#designconnection) | All designs for the design collection. | -| `issue` | [`Issue!`](#issue) | Issue associated with the design collection. | -| `project` | [`Project!`](#project) | Project associated with the design collection. | -| `version` | [`DesignVersion`](#designversion) | A specific version. | -| `versions` | [`DesignVersionConnection!`](#designversionconnection) | All versions related to all designs, ordered newest first. | +#### Fields -### `DesignConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designcollectioncopystate"></a>`copyState` | [`DesignCollectionCopyState`](#designcollectioncopystate) | Copy state of the design collection. | +| <a id="designcollectionissue"></a>`issue` | [`Issue!`](#issue) | Issue associated with the design collection. | +| <a id="designcollectionproject"></a>`project` | [`Project!`](#project) | Project associated with the design collection. | -The connection type for Design. +#### Fields with arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[DesignEdge]`](#designedge) | A list of edges. | -| `nodes` | [`[Design]`](#design) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### `DesignCollection.design` -### `DesignEdge` +Find a specific design. -An edge in a connection. +Returns [`Design`](#design). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Design`](#design) | The item at the end of the edge. | +###### Arguments -### `DesignManagement` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designcollectiondesignfilename"></a>`filename` | [`String`](#string) | Find a design by its filename. | +| <a id="designcollectiondesignid"></a>`id` | [`DesignManagementDesignID`](#designmanagementdesignid) | Find a design by its ID. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `designAtVersion` | [`DesignAtVersion`](#designatversion) | Find a design as of a version. | -| `version` | [`DesignVersion`](#designversion) | Find a version. | +##### `DesignCollection.designAtVersion` -### `DesignManagementDeletePayload` +Find a design as of a version. -Autogenerated return type of DesignManagementDelete. +Returns [`DesignAtVersion`](#designatversion). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `version` | [`DesignVersion`](#designversion) | The new version in which the designs are deleted. | +###### Arguments -### `DesignManagementMovePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designcollectiondesignatversionid"></a>`id` | [`DesignManagementDesignAtVersionID!`](#designmanagementdesignatversionid) | The Global ID of the design at this version. | -Autogenerated return type of DesignManagementMove. +##### `DesignCollection.designs` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `designCollection` | [`DesignCollection`](#designcollection) | The current state of the collection. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +All designs for the design collection. -### `DesignManagementUploadPayload` +Returns [`DesignConnection!`](#designconnection). -Autogenerated return type of DesignManagementUpload. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `designs` | [`[Design!]!`](#design) | The designs that were uploaded by the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `skippedDesigns` | [`[Design!]!`](#design) | Any designs that were skipped from the upload due to there being no change to their content since their last version. | +###### Arguments -### `DesignVersion` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designcollectiondesignsatversion"></a>`atVersion` | [`DesignManagementVersionID`](#designmanagementversionid) | Filters designs to only those that existed at the version. If argument is omitted or nil then all designs will reflect the latest version. | +| <a id="designcollectiondesignsfilenames"></a>`filenames` | [`[String!]`](#string) | Filters designs by their filename. | +| <a id="designcollectiondesignsids"></a>`ids` | [`[DesignManagementDesignID!]`](#designmanagementdesignid) | Filters designs by their ID. | -A specific version in which designs were added, modified or deleted. +##### `DesignCollection.version` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `designAtVersion` | [`DesignAtVersion!`](#designatversion) | A particular design as of this version, provided it is visible at this version. | -| `designs` | [`DesignConnection!`](#designconnection) | All designs that were changed in the version. | -| `designsAtVersion` | [`DesignAtVersionConnection!`](#designatversionconnection) | All designs that are visible at this version, as of this version. | -| `id` | [`ID!`](#id) | ID of the design version. | -| `sha` | [`ID!`](#id) | SHA of the design version. | +A specific version. -### `DesignVersionConnection` +Returns [`DesignVersion`](#designversion). -The connection type for DesignVersion. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[DesignVersionEdge]`](#designversionedge) | A list of edges. | -| `nodes` | [`[DesignVersion]`](#designversion) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designcollectionversionid"></a>`id` | [`DesignManagementVersionID`](#designmanagementversionid) | The Global ID of the version. | +| <a id="designcollectionversionsha"></a>`sha` | [`String`](#string) | The SHA256 of a specific version. | -### `DesignVersionEdge` +##### `DesignCollection.versions` -An edge in a connection. +All versions related to all designs, ordered newest first. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`DesignVersion`](#designversion) | The item at the end of the edge. | +Returns [`DesignVersionConnection!`](#designversionconnection). -### `DestroyBoardListPayload` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Autogenerated return type of DestroyBoardList. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `list` | [`BoardList`](#boardlist) | The list after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designcollectionversionsearlierorequaltoid"></a>`earlierOrEqualToId` | [`DesignManagementVersionID`](#designmanagementversionid) | The Global ID of the most recent acceptable version. | +| <a id="designcollectionversionsearlierorequaltosha"></a>`earlierOrEqualToSha` | [`String`](#string) | The SHA256 of the most recent acceptable version. | -### `DestroyBoardPayload` +### `DesignManagement` -Autogenerated return type of DestroyBoard. +#### Fields with arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `board` | [`Board`](#board) | The board after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +##### `DesignManagement.designAtVersion` -### `DestroyComplianceFrameworkPayload` +Find a design as of a version. -Autogenerated return type of DestroyComplianceFramework. +Returns [`DesignAtVersion`](#designatversion). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +###### Arguments -### `DestroyContainerRepositoryPayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designmanagementdesignatversionid"></a>`id` | [`DesignManagementDesignAtVersionID!`](#designmanagementdesignatversionid) | The Global ID of the design at this version. | -Autogenerated return type of DestroyContainerRepository. +##### `DesignManagement.version` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `containerRepository` | [`ContainerRepository!`](#containerrepository) | The container repository policy after scheduling the deletion. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +Find a version. -### `DestroyContainerRepositoryTagsPayload` +Returns [`DesignVersion`](#designversion). -Autogenerated return type of DestroyContainerRepositoryTags. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `deletedTagNames` | [`[String!]!`](#string) | Deleted container repository tags. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designmanagementversionid"></a>`id` | [`DesignManagementVersionID!`](#designmanagementversionid) | The Global ID of the version. | -### `DestroyEpicBoardPayload` +### `DesignVersion` -Autogenerated return type of DestroyEpicBoard. +A specific version in which designs were added, modified or deleted. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `epicBoard` | [`EpicBoard`](#epicboard) | Epic board after mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### Fields -### `DestroyNotePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designversionauthor"></a>`author` | [`UserCore!`](#usercore) | Author of the version. | +| <a id="designversioncreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of when the version was created. | +| <a id="designversiondesigns"></a>`designs` | [`DesignConnection!`](#designconnection) | All designs that were changed in the version. (see [Connections](#connections)) | +| <a id="designversionid"></a>`id` | [`ID!`](#id) | ID of the design version. | +| <a id="designversionsha"></a>`sha` | [`ID!`](#id) | SHA of the design version. | -Autogenerated return type of DestroyNote. +#### Fields with arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `note` | [`Note`](#note) | The note after mutation. | +##### `DesignVersion.designAtVersion` -### `DestroySnippetPayload` +A particular design as of this version, provided it is visible at this version. -Autogenerated return type of DestroySnippet. +Returns [`DesignAtVersion!`](#designatversion). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `snippet` | [`Snippet`](#snippet) | The snippet after mutation. | +###### Arguments -### `DetailedStatus` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designversiondesignatversiondesignid"></a>`designId` | [`DesignManagementDesignID`](#designmanagementdesignid) | The ID of a specific design. | +| <a id="designversiondesignatversionfilename"></a>`filename` | [`String`](#string) | The filename of a specific design. | +| <a id="designversiondesignatversionid"></a>`id` | [`DesignManagementDesignAtVersionID`](#designmanagementdesignatversionid) | The ID of the DesignAtVersion. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `action` | [`StatusAction`](#statusaction) | Action information for the status. This includes method, button title, icon, path, and title. | -| `detailsPath` | [`String`](#string) | Path of the details for the status. | -| `favicon` | [`String`](#string) | Favicon of the status. | -| `group` | [`String`](#string) | Group of the status. | -| `hasDetails` | [`Boolean`](#boolean) | Indicates if the status has further details. | -| `icon` | [`String`](#string) | Icon of the status. | -| `label` | [`String`](#string) | Label of the status. | -| `text` | [`String`](#string) | Text of the status. | -| `tooltip` | [`String`](#string) | Tooltip associated with the status. | +##### `DesignVersion.designsAtVersion` -### `DevopsAdoptionSegment` +All designs that are visible at this version, as of this version. -Segment. +Returns [`DesignAtVersionConnection!`](#designatversionconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `id` | [`ID!`](#id) | ID of the segment. | -| `latestSnapshot` | [`DevopsAdoptionSnapshot`](#devopsadoptionsnapshot) | The latest adoption metrics for the segment. | -| `namespace` | [`Namespace`](#namespace) | Segment namespace. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `DevopsAdoptionSegmentConnection` +###### Arguments -The connection type for DevopsAdoptionSegment. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designversiondesignsatversionfilenames"></a>`filenames` | [`[String!]`](#string) | Filters designs by their filename. | +| <a id="designversiondesignsatversionids"></a>`ids` | [`[DesignManagementDesignID!]`](#designmanagementdesignid) | Filters designs by their ID. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[DevopsAdoptionSegmentEdge]`](#devopsadoptionsegmentedge) | A list of edges. | -| `nodes` | [`[DevopsAdoptionSegment]`](#devopsadoptionsegment) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +### `DetailedStatus` -### `DevopsAdoptionSegmentEdge` +#### Fields -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="detailedstatusaction"></a>`action` | [`StatusAction`](#statusaction) | Action information for the status. This includes method, button title, icon, path, and title. | +| <a id="detailedstatusdetailspath"></a>`detailsPath` | [`String`](#string) | Path of the details for the status. | +| <a id="detailedstatusfavicon"></a>`favicon` | [`String`](#string) | Favicon of the status. | +| <a id="detailedstatusgroup"></a>`group` | [`String`](#string) | Group of the status. | +| <a id="detailedstatushasdetails"></a>`hasDetails` | [`Boolean`](#boolean) | Indicates if the status has further details. | +| <a id="detailedstatusicon"></a>`icon` | [`String`](#string) | Icon of the status. | +| <a id="detailedstatuslabel"></a>`label` | [`String`](#string) | Label of the status. | +| <a id="detailedstatustext"></a>`text` | [`String`](#string) | Text of the status. | +| <a id="detailedstatustooltip"></a>`tooltip` | [`String`](#string) | Tooltip associated with the status. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`DevopsAdoptionSegment`](#devopsadoptionsegment) | The item at the end of the edge. | +### `DevopsAdoptionSegment` + +Segment. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="devopsadoptionsegmentid"></a>`id` | [`ID!`](#id) | ID of the segment. | +| <a id="devopsadoptionsegmentlatestsnapshot"></a>`latestSnapshot` | [`DevopsAdoptionSnapshot`](#devopsadoptionsnapshot) | The latest adoption metrics for the segment. | +| <a id="devopsadoptionsegmentnamespace"></a>`namespace` | [`Namespace`](#namespace) | Segment namespace. | ### `DevopsAdoptionSnapshot` Snapshot. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `deploySucceeded` | [`Boolean!`](#boolean) | At least one deployment succeeded. | -| `endTime` | [`Time!`](#time) | The end time for the snapshot where the data points were collected. | -| `issueOpened` | [`Boolean!`](#boolean) | At least one issue was opened. | -| `mergeRequestApproved` | [`Boolean!`](#boolean) | At least one merge request was approved. | -| `mergeRequestOpened` | [`Boolean!`](#boolean) | At least one merge request was opened. | -| `pipelineSucceeded` | [`Boolean!`](#boolean) | At least one pipeline succeeded. | -| `recordedAt` | [`Time!`](#time) | The time the snapshot was recorded. | -| `runnerConfigured` | [`Boolean!`](#boolean) | At least one runner was used. | -| `securityScanSucceeded` | [`Boolean!`](#boolean) | At least one security scan succeeded. | -| `startTime` | [`Time!`](#time) | The start time for the snapshot where the data points were collected. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="devopsadoptionsnapshotcodeownersusedcount"></a>`codeOwnersUsedCount` | [`Int`](#int) | Total number of projects with existing CODEOWNERS file. | +| <a id="devopsadoptionsnapshotdeploysucceeded"></a>`deploySucceeded` | [`Boolean!`](#boolean) | At least one deployment succeeded. | +| <a id="devopsadoptionsnapshotendtime"></a>`endTime` | [`Time!`](#time) | The end time for the snapshot where the data points were collected. | +| <a id="devopsadoptionsnapshotissueopened"></a>`issueOpened` | [`Boolean!`](#boolean) | At least one issue was opened. | +| <a id="devopsadoptionsnapshotmergerequestapproved"></a>`mergeRequestApproved` | [`Boolean!`](#boolean) | At least one merge request was approved. | +| <a id="devopsadoptionsnapshotmergerequestopened"></a>`mergeRequestOpened` | [`Boolean!`](#boolean) | At least one merge request was opened. | +| <a id="devopsadoptionsnapshotpipelinesucceeded"></a>`pipelineSucceeded` | [`Boolean!`](#boolean) | At least one pipeline succeeded. | +| <a id="devopsadoptionsnapshotrecordedat"></a>`recordedAt` | [`Time!`](#time) | The time the snapshot was recorded. | +| <a id="devopsadoptionsnapshotrunnerconfigured"></a>`runnerConfigured` | [`Boolean!`](#boolean) | At least one runner was used. | +| <a id="devopsadoptionsnapshotsecurityscansucceeded"></a>`securityScanSucceeded` | [`Boolean!`](#boolean) | At least one security scan succeeded. | +| <a id="devopsadoptionsnapshotstarttime"></a>`startTime` | [`Time!`](#time) | The start time for the snapshot where the data points were collected. | +| <a id="devopsadoptionsnapshottotalprojectscount"></a>`totalProjectsCount` | [`Int`](#int) | Total number of projects. | ### `DiffPosition` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `diffRefs` | [`DiffRefs!`](#diffrefs) | Information about the branch, HEAD, and base at the time of commenting. | -| `filePath` | [`String!`](#string) | Path of the file that was changed. | -| `height` | [`Int`](#int) | Total height of the image. | -| `newLine` | [`Int`](#int) | Line on HEAD SHA that was changed. | -| `newPath` | [`String`](#string) | Path of the file on the HEAD SHA. | -| `oldLine` | [`Int`](#int) | Line on start SHA that was changed. | -| `oldPath` | [`String`](#string) | Path of the file on the start SHA. | -| `positionType` | [`DiffPositionType!`](#diffpositiontype) | Type of file the position refers to. | -| `width` | [`Int`](#int) | Total width of the image. | -| `x` | [`Int`](#int) | X position of the note. | -| `y` | [`Int`](#int) | Y position of the note. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="diffpositiondiffrefs"></a>`diffRefs` | [`DiffRefs!`](#diffrefs) | Information about the branch, HEAD, and base at the time of commenting. | +| <a id="diffpositionfilepath"></a>`filePath` | [`String!`](#string) | Path of the file that was changed. | +| <a id="diffpositionheight"></a>`height` | [`Int`](#int) | Total height of the image. | +| <a id="diffpositionnewline"></a>`newLine` | [`Int`](#int) | Line on HEAD SHA that was changed. | +| <a id="diffpositionnewpath"></a>`newPath` | [`String`](#string) | Path of the file on the HEAD SHA. | +| <a id="diffpositionoldline"></a>`oldLine` | [`Int`](#int) | Line on start SHA that was changed. | +| <a id="diffpositionoldpath"></a>`oldPath` | [`String`](#string) | Path of the file on the start SHA. | +| <a id="diffpositionpositiontype"></a>`positionType` | [`DiffPositionType!`](#diffpositiontype) | Type of file the position refers to. | +| <a id="diffpositionwidth"></a>`width` | [`Int`](#int) | Total width of the image. | +| <a id="diffpositionx"></a>`x` | [`Int`](#int) | X position of the note. | +| <a id="diffpositiony"></a>`y` | [`Int`](#int) | Y position of the note. | ### `DiffRefs` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `baseSha` | [`String`](#string) | Merge base of the branch the comment was made on. | -| `headSha` | [`String!`](#string) | SHA of the HEAD at the time the comment was made. | -| `startSha` | [`String!`](#string) | SHA of the branch being compared against. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="diffrefsbasesha"></a>`baseSha` | [`String`](#string) | Merge base of the branch the comment was made on. | +| <a id="diffrefsheadsha"></a>`headSha` | [`String!`](#string) | SHA of the HEAD at the time the comment was made. | +| <a id="diffrefsstartsha"></a>`startSha` | [`String!`](#string) | SHA of the branch being compared against. | ### `DiffStats` Changes to a single file. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `additions` | [`Int!`](#int) | Number of lines added to this file. | -| `deletions` | [`Int!`](#int) | Number of lines deleted from this file. | -| `path` | [`String!`](#string) | File path, relative to repository root. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="diffstatsadditions"></a>`additions` | [`Int!`](#int) | Number of lines added to this file. | +| <a id="diffstatsdeletions"></a>`deletions` | [`Int!`](#int) | Number of lines deleted from this file. | +| <a id="diffstatspath"></a>`path` | [`String!`](#string) | File path, relative to repository root. | ### `DiffStatsSummary` Aggregated summary of changes. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `additions` | [`Int!`](#int) | Number of lines added. | -| `changes` | [`Int!`](#int) | Number of lines changed. | -| `deletions` | [`Int!`](#int) | Number of lines deleted. | -| `fileCount` | [`Int!`](#int) | Number of files changed. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="diffstatssummaryadditions"></a>`additions` | [`Int!`](#int) | Number of lines added. | +| <a id="diffstatssummarychanges"></a>`changes` | [`Int!`](#int) | Number of lines changed. | +| <a id="diffstatssummarydeletions"></a>`deletions` | [`Int!`](#int) | Number of lines deleted. | +| <a id="diffstatssummaryfilecount"></a>`fileCount` | [`Int!`](#int) | Number of files changed. | ### `Discussion` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | Timestamp of the discussion's creation. | -| `id` | [`DiscussionID!`](#discussionid) | ID of this discussion. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes in the discussion. | -| `replyId` | [`DiscussionID!`](#discussionid) | ID used to reply to this discussion. | -| `resolvable` | [`Boolean!`](#boolean) | Indicates if the object can be resolved. | -| `resolved` | [`Boolean!`](#boolean) | Indicates if the object is resolved. | -| `resolvedAt` | [`Time`](#time) | Timestamp of when the object was resolved. | -| `resolvedBy` | [`User`](#user) | User who resolved the object. | +#### Fields -### `DiscussionConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="discussioncreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of the discussion's creation. | +| <a id="discussionid"></a>`id` | [`DiscussionID!`](#discussionid) | ID of this discussion. | +| <a id="discussionnotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes in the discussion. (see [Connections](#connections)) | +| <a id="discussionreplyid"></a>`replyId` | [`DiscussionID!`](#discussionid) | ID used to reply to this discussion. | +| <a id="discussionresolvable"></a>`resolvable` | [`Boolean!`](#boolean) | Indicates if the object can be resolved. | +| <a id="discussionresolved"></a>`resolved` | [`Boolean!`](#boolean) | Indicates if the object is resolved. | +| <a id="discussionresolvedat"></a>`resolvedAt` | [`Time`](#time) | Timestamp of when the object was resolved. | +| <a id="discussionresolvedby"></a>`resolvedBy` | [`UserCore`](#usercore) | User who resolved the object. | -The connection type for Discussion. +### `Environment` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[DiscussionEdge]`](#discussionedge) | A list of edges. | -| `nodes` | [`[Discussion]`](#discussion) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Describes where code is deployed for a project. -### `DiscussionEdge` +#### Fields -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="environmentid"></a>`id` | [`ID!`](#id) | ID of the environment. | +| <a id="environmentlatestopenedmostseverealert"></a>`latestOpenedMostSevereAlert` | [`AlertManagementAlert`](#alertmanagementalert) | The most severe open alert for the environment. If multiple alerts have equal severity, the most recent is returned. | +| <a id="environmentname"></a>`name` | [`String!`](#string) | Human-readable name of the environment. | +| <a id="environmentpath"></a>`path` | [`String!`](#string) | The path to the environment. | +| <a id="environmentstate"></a>`state` | [`String!`](#string) | State of the environment, for example: available/stopped. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Discussion`](#discussion) | The item at the end of the edge. | +#### Fields with arguments -### `DiscussionToggleResolvePayload` +##### `Environment.metricsDashboard` -Autogenerated return type of DiscussionToggleResolve. +Metrics dashboard schema for the environment. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `discussion` | [`Discussion`](#discussion) | The discussion after mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +Returns [`MetricsDashboard`](#metricsdashboard). -### `DismissVulnerabilityPayload` +###### Arguments -Autogenerated return type of DismissVulnerability. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="environmentmetricsdashboardpath"></a>`path` | [`String!`](#string) | Path to a file which defines a metrics dashboard eg: `"config/prometheus/common_metrics.yml"`. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after dismissal. | +### `Epic` -### `Environment` +Represents an epic. -Describes where code is deployed for a project. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `id` | [`ID!`](#id) | ID of the environment. | -| `latestOpenedMostSevereAlert` | [`AlertManagementAlert`](#alertmanagementalert) | The most severe open alert for the environment. If multiple alerts have equal severity, the most recent is returned. | -| `metricsDashboard` | [`MetricsDashboard`](#metricsdashboard) | Metrics dashboard schema for the environment. | -| `name` | [`String!`](#string) | Human-readable name of the environment. | -| `path` | [`String!`](#string) | The path to the environment. | -| `state` | [`String!`](#string) | State of the environment, for example: available/stopped. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicauthor"></a>`author` | [`UserCore!`](#usercore) | Author of the epic. | +| <a id="epicawardemoji"></a>`awardEmoji` | [`AwardEmojiConnection`](#awardemojiconnection) | A list of award emojis associated with the epic. (see [Connections](#connections)) | +| <a id="epicclosedat"></a>`closedAt` | [`Time`](#time) | Timestamp of when the epic was closed. | +| <a id="epicconfidential"></a>`confidential` | [`Boolean`](#boolean) | Indicates if the epic is confidential. | +| <a id="epiccreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp of when the epic was created. | +| <a id="epicdescendantcounts"></a>`descendantCounts` | [`EpicDescendantCount`](#epicdescendantcount) | Number of open and closed descendant epics and issues. | +| <a id="epicdescendantweightsum"></a>`descendantWeightSum` | [`EpicDescendantWeights`](#epicdescendantweights) | Total weight of open and closed issues in the epic and its descendants. | +| <a id="epicdescription"></a>`description` | [`String`](#string) | Description of the epic. | +| <a id="epicdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="epicdiscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="epicdownvotes"></a>`downvotes` | [`Int!`](#int) | Number of downvotes the epic has received. | +| <a id="epicduedate"></a>`dueDate` | [`Time`](#time) | Due date of the epic. | +| <a id="epicduedatefixed"></a>`dueDateFixed` | [`Time`](#time) | Fixed due date of the epic. | +| <a id="epicduedatefrommilestones"></a>`dueDateFromMilestones` | [`Time`](#time) | Inherited due date of the epic from milestones. | +| <a id="epicduedateisfixed"></a>`dueDateIsFixed` | [`Boolean`](#boolean) | Indicates if the due date has been manually set. | +| <a id="epicevents"></a>`events` | [`EventConnection`](#eventconnection) | A list of events associated with the object. (see [Connections](#connections)) | +| <a id="epicgroup"></a>`group` | [`Group!`](#group) | Group to which the epic belongs. | +| <a id="epichaschildren"></a>`hasChildren` | [`Boolean!`](#boolean) | Indicates if the epic has children. | +| <a id="epichasissues"></a>`hasIssues` | [`Boolean!`](#boolean) | Indicates if the epic has direct issues. | +| <a id="epichasparent"></a>`hasParent` | [`Boolean!`](#boolean) | Indicates if the epic has a parent epic. | +| <a id="epichealthstatus"></a>`healthStatus` | [`EpicHealthStatus`](#epichealthstatus) | Current health status of the epic. | +| <a id="epicid"></a>`id` | [`ID!`](#id) | ID of the epic. | +| <a id="epiciid"></a>`iid` | [`ID!`](#id) | Internal ID of the epic. | +| <a id="epicissues"></a>`issues` | [`EpicIssueConnection`](#epicissueconnection) | A list of issues associated with the epic. (see [Connections](#connections)) | +| <a id="epiclabels"></a>`labels` | [`LabelConnection`](#labelconnection) | Labels assigned to the epic. (see [Connections](#connections)) | +| <a id="epicnotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | +| <a id="epicparent"></a>`parent` | [`Epic`](#epic) | Parent epic of the epic. | +| <a id="epicparticipants"></a>`participants` | [`UserCoreConnection`](#usercoreconnection) | List of participants for the epic. (see [Connections](#connections)) | +| <a id="epicrelationpath"></a>`relationPath` | [`String`](#string) | URI path of the epic-issue relationship. | +| <a id="epicrelativeposition"></a>`relativePosition` | [`Int`](#int) | The relative position of the epic in the epic tree. | +| <a id="epicstartdate"></a>`startDate` | [`Time`](#time) | Start date of the epic. | +| <a id="epicstartdatefixed"></a>`startDateFixed` | [`Time`](#time) | Fixed start date of the epic. | +| <a id="epicstartdatefrommilestones"></a>`startDateFromMilestones` | [`Time`](#time) | Inherited start date of the epic from milestones. | +| <a id="epicstartdateisfixed"></a>`startDateIsFixed` | [`Boolean`](#boolean) | Indicates if the start date has been manually set. | +| <a id="epicstate"></a>`state` | [`EpicState!`](#epicstate) | State of the epic. | +| <a id="epicsubscribed"></a>`subscribed` | [`Boolean!`](#boolean) | Indicates the currently logged in user is subscribed to the epic. | +| <a id="epictitle"></a>`title` | [`String`](#string) | Title of the epic. | +| <a id="epictitlehtml"></a>`titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | +| <a id="epicupdatedat"></a>`updatedAt` | [`Time`](#time) | Timestamp of when the epic was updated. | +| <a id="epicupvotes"></a>`upvotes` | [`Int!`](#int) | Number of upvotes the epic has received. | +| <a id="epicuserdiscussionscount"></a>`userDiscussionsCount` | [`Int!`](#int) | Number of user discussions in the epic. | +| <a id="epicusernotescount"></a>`userNotesCount` | [`Int!`](#int) | Number of user notes of the epic. | +| <a id="epicuserpermissions"></a>`userPermissions` | [`EpicPermissions!`](#epicpermissions) | Permissions for the current user on the resource. | +| <a id="epicwebpath"></a>`webPath` | [`String!`](#string) | Web path of the epic. | +| <a id="epicweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the epic. | + +#### Fields with arguments + +##### `Epic.children` + +Children (sub-epics) of the epic. + +Returns [`EpicConnection`](#epicconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -### `EnvironmentConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicchildrenauthorusername"></a>`authorUsername` | [`String`](#string) | Filter epics by author. | +| <a id="epicchildrenconfidential"></a>`confidential` | [`Boolean`](#boolean) | Filter epics by given confidentiality. | +| <a id="epicchildrenenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | +| <a id="epicchildreniid"></a>`iid` | [`ID`](#id) | IID of the epic, e.g., "1". | +| <a id="epicchildreniidstartswith"></a>`iidStartsWith` | [`String`](#string) | Filter epics by IID for autocomplete. | +| <a id="epicchildreniids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., [1, 2]. | +| <a id="epicchildrenincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include epics from descendant groups. | +| <a id="epicchildrenlabelname"></a>`labelName` | [`[String!]`](#string) | Filter epics by labels. | +| <a id="epicchildrenmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Filter epics by milestone title, computed from epic's issues. | +| <a id="epicchildrenmyreactionemoji"></a>`myReactionEmoji` | [`String`](#string) | Filter by reaction emoji applied by the current user. | +| <a id="epicchildrensearch"></a>`search` | [`String`](#string) | Search query for epic title or description. | +| <a id="epicchildrensort"></a>`sort` | [`EpicSort`](#epicsort) | List epics by sort order. | +| <a id="epicchildrenstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. | +| <a id="epicchildrenstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. | +| <a id="epicchildrentimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. | + +##### `Epic.currentUserTodos` + +To-do items for the current user. + +Returns [`TodoConnection!`](#todoconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -The connection type for Environment. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epiccurrentusertodosstate"></a>`state` | [`TodoStateEnum`](#todostateenum) | State of the to-do items. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[EnvironmentEdge]`](#environmentedge) | A list of edges. | -| `nodes` | [`[Environment]`](#environment) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### `Epic.reference` -### `EnvironmentEdge` +Internal reference of the epic. Returned in shortened format by default. -An edge in a connection. +Returns [`String!`](#string). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Environment`](#environment) | The item at the end of the edge. | +###### Arguments -### `EnvironmentsCanaryIngressUpdatePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicreferencefull"></a>`full` | [`Boolean`](#boolean) | Indicates if the reference should be returned in full. | -Autogenerated return type of EnvironmentsCanaryIngressUpdate. +### `EpicBoard` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +Represents an epic board. -### `Epic` +#### Fields -Represents an epic. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicboardhidebackloglist"></a>`hideBacklogList` | [`Boolean`](#boolean) | Whether or not backlog list is hidden. | +| <a id="epicboardhideclosedlist"></a>`hideClosedList` | [`Boolean`](#boolean) | Whether or not closed list is hidden. | +| <a id="epicboardid"></a>`id` | [`BoardsEpicBoardID!`](#boardsepicboardid) | Global ID of the epic board. | +| <a id="epicboardlabels"></a>`labels` | [`LabelConnection`](#labelconnection) | Labels of the board. (see [Connections](#connections)) | +| <a id="epicboardname"></a>`name` | [`String`](#string) | Name of the epic board. | +| <a id="epicboardwebpath"></a>`webPath` | [`String!`](#string) | Web path of the epic board. | +| <a id="epicboardweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the epic board. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `author` | [`User!`](#user) | Author of the epic. | -| `awardEmoji` | [`AwardEmojiConnection`](#awardemojiconnection) | A list of award emojis associated with the epic. | -| `children` | [`EpicConnection`](#epicconnection) | Children (sub-epics) of the epic. | -| `closedAt` | [`Time`](#time) | Timestamp of when the epic was closed. | -| `confidential` | [`Boolean`](#boolean) | Indicates if the epic is confidential. | -| `createdAt` | [`Time`](#time) | Timestamp of when the epic was created. | -| `currentUserTodos` | [`TodoConnection!`](#todoconnection) | To-do items for the current user. | -| `descendantCounts` | [`EpicDescendantCount`](#epicdescendantcount) | Number of open and closed descendant epics and issues. | -| `descendantWeightSum` | [`EpicDescendantWeights`](#epicdescendantweights) | Total weight of open and closed issues in the epic and its descendants. | -| `description` | [`String`](#string) | Description of the epic. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. | -| `downvotes` | [`Int!`](#int) | Number of downvotes the epic has received. | -| `dueDate` | [`Time`](#time) | Due date of the epic. | -| `dueDateFixed` | [`Time`](#time) | Fixed due date of the epic. | -| `dueDateFromMilestones` | [`Time`](#time) | Inherited due date of the epic from milestones. | -| `dueDateIsFixed` | [`Boolean`](#boolean) | Indicates if the due date has been manually set. | -| `events` | [`EventConnection`](#eventconnection) | A list of events associated with the object. | -| `group` | [`Group!`](#group) | Group to which the epic belongs. | -| `hasChildren` | [`Boolean!`](#boolean) | Indicates if the epic has children. | -| `hasIssues` | [`Boolean!`](#boolean) | Indicates if the epic has direct issues. | -| `hasParent` | [`Boolean!`](#boolean) | Indicates if the epic has a parent epic. | -| `healthStatus` | [`EpicHealthStatus`](#epichealthstatus) | Current health status of the epic. | -| `id` | [`ID!`](#id) | ID of the epic. | -| `iid` | [`ID!`](#id) | Internal ID of the epic. | -| `issues` | [`EpicIssueConnection`](#epicissueconnection) | A list of issues associated with the epic. | -| `labels` | [`LabelConnection`](#labelconnection) | Labels assigned to the epic. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. | -| `parent` | [`Epic`](#epic) | Parent epic of the epic. | -| `participants` | [`UserConnection`](#userconnection) | List of participants for the epic. | -| `reference` | [`String!`](#string) | Internal reference of the epic. Returned in shortened format by default. | -| `relationPath` | [`String`](#string) | URI path of the epic-issue relationship. | -| `relativePosition` | [`Int`](#int) | The relative position of the epic in the epic tree. | -| `startDate` | [`Time`](#time) | Start date of the epic. | -| `startDateFixed` | [`Time`](#time) | Fixed start date of the epic. | -| `startDateFromMilestones` | [`Time`](#time) | Inherited start date of the epic from milestones. | -| `startDateIsFixed` | [`Boolean`](#boolean) | Indicates if the start date has been manually set. | -| `state` | [`EpicState!`](#epicstate) | State of the epic. | -| `subscribed` | [`Boolean!`](#boolean) | Indicates the currently logged in user is subscribed to the epic. | -| `title` | [`String`](#string) | Title of the epic. | -| `titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | -| `updatedAt` | [`Time`](#time) | Timestamp of when the epic was updated. | -| `upvotes` | [`Int!`](#int) | Number of upvotes the epic has received. | -| `userDiscussionsCount` | [`Int!`](#int) | Number of user discussions in the epic. | -| `userNotesCount` | [`Int!`](#int) | Number of user notes of the epic. | -| `userPermissions` | [`EpicPermissions!`](#epicpermissions) | Permissions for the current user on the resource. | -| `webPath` | [`String!`](#string) | Web path of the epic. | -| `webUrl` | [`String!`](#string) | Web URL of the epic. | - -### `EpicAddIssuePayload` - -Autogenerated return type of EpicAddIssue. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `epic` | [`Epic`](#epic) | The epic after mutation. | -| `epicIssue` | [`EpicIssue`](#epicissue) | The epic-issue relation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### Fields with arguments -### `EpicBoard` +##### `EpicBoard.lists` -Represents an epic board. +Epic board lists. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `hideBacklogList` | [`Boolean`](#boolean) | Whether or not backlog list is hidden. | -| `hideClosedList` | [`Boolean`](#boolean) | Whether or not closed list is hidden. | -| `id` | [`BoardsEpicBoardID!`](#boardsepicboardid) | Global ID of the epic board. | -| `labels` | [`LabelConnection`](#labelconnection) | Labels of the board. | -| `lists` | [`EpicListConnection`](#epiclistconnection) | Epic board lists. | -| `name` | [`String`](#string) | Name of the epic board. | -| `webPath` | [`String!`](#string) | Web path of the epic board. | -| `webUrl` | [`String!`](#string) | Web URL of the epic board. | +Returns [`EpicListConnection`](#epiclistconnection). -### `EpicBoardConnection` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -The connection type for EpicBoard. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[EpicBoardEdge]`](#epicboardedge) | A list of edges. | -| `nodes` | [`[EpicBoard]`](#epicboard) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicboardlistsid"></a>`id` | [`BoardsEpicListID`](#boardsepiclistid) | Find an epic board list by ID. | -### `EpicBoardCreatePayload` +### `EpicDescendantCount` -Autogenerated return type of EpicBoardCreate. +Counts of descendent epics. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `epicBoard` | [`EpicBoard`](#epicboard) | The created epic board. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### Fields -### `EpicBoardEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicdescendantcountclosedepics"></a>`closedEpics` | [`Int`](#int) | Number of closed child epics. | +| <a id="epicdescendantcountclosedissues"></a>`closedIssues` | [`Int`](#int) | Number of closed epic issues. | +| <a id="epicdescendantcountopenedepics"></a>`openedEpics` | [`Int`](#int) | Number of opened child epics. | +| <a id="epicdescendantcountopenedissues"></a>`openedIssues` | [`Int`](#int) | Number of opened epic issues. | -An edge in a connection. +### `EpicDescendantWeights` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`EpicBoard`](#epicboard) | The item at the end of the edge. | +Total weight of open and closed descendant issues. -### `EpicBoardListCreatePayload` +#### Fields -Autogenerated return type of EpicBoardListCreate. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicdescendantweightsclosedissues"></a>`closedIssues` | [`Int`](#int) | Total weight of completed (closed) issues in this epic, including epic descendants. | +| <a id="epicdescendantweightsopenedissues"></a>`openedIssues` | [`Int`](#int) | Total weight of opened issues in this epic, including epic descendants. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `list` | [`EpicList`](#epiclist) | Epic list in the epic board. | +### `EpicHealthStatus` -### `EpicBoardUpdatePayload` +Health status of child issues. -Autogenerated return type of EpicBoardUpdate. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `epicBoard` | [`EpicBoard`](#epicboard) | The updated epic board. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epichealthstatusissuesatrisk"></a>`issuesAtRisk` | [`Int`](#int) | Number of issues at risk. | +| <a id="epichealthstatusissuesneedingattention"></a>`issuesNeedingAttention` | [`Int`](#int) | Number of issues that need attention. | +| <a id="epichealthstatusissuesontrack"></a>`issuesOnTrack` | [`Int`](#int) | Number of issues on track. | -### `EpicConnection` +### `EpicIssue` -The connection type for Epic. +Relationship between an epic and an issue. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[EpicEdge]`](#epicedge) | A list of edges. | -| `nodes` | [`[Epic]`](#epic) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### Fields -### `EpicDescendantCount` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicissuealertmanagementalert"></a>`alertManagementAlert` | [`AlertManagementAlert`](#alertmanagementalert) | Alert associated to this issue. | +| <a id="epicissueassignees"></a>`assignees` | [`UserCoreConnection`](#usercoreconnection) | Assignees of the issue. (see [Connections](#connections)) | +| <a id="epicissueauthor"></a>`author` | [`UserCore!`](#usercore) | User that created the issue. | +| <a id="epicissueblocked"></a>`blocked` | [`Boolean!`](#boolean) | Indicates the issue is blocked. | +| <a id="epicissueblockedbycount"></a>`blockedByCount` | [`Int`](#int) | Count of issues blocking this issue. | +| <a id="epicissueblockedbyissues"></a>`blockedByIssues` | [`IssueConnection`](#issueconnection) | Issues blocking this issue. (see [Connections](#connections)) | +| <a id="epicissueclosedat"></a>`closedAt` | [`Time`](#time) | Timestamp of when the issue was closed. | +| <a id="epicissueconfidential"></a>`confidential` | [`Boolean!`](#boolean) | Indicates the issue is confidential. | +| <a id="epicissuecreatenoteemail"></a>`createNoteEmail` | [`String`](#string) | User specific email address for the issue. | +| <a id="epicissuecreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of when the issue was created. | +| <a id="epicissuedescription"></a>`description` | [`String`](#string) | Description of the issue. | +| <a id="epicissuedescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="epicissuedesigncollection"></a>`designCollection` | [`DesignCollection`](#designcollection) | Collection of design images associated with this issue. | +| <a id="epicissuediscussionlocked"></a>`discussionLocked` | [`Boolean!`](#boolean) | Indicates discussion is locked on the issue. | +| <a id="epicissuediscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="epicissuedownvotes"></a>`downvotes` | [`Int!`](#int) | Number of downvotes the issue has received. | +| <a id="epicissueduedate"></a>`dueDate` | [`Time`](#time) | Due date of the issue. | +| <a id="epicissueemailsdisabled"></a>`emailsDisabled` | [`Boolean!`](#boolean) | Indicates if a project has email notifications disabled: `true` if email notifications are disabled. | +| <a id="epicissueepic"></a>`epic` | [`Epic`](#epic) | Epic to which this issue belongs. | +| <a id="epicissueepicissueid"></a>`epicIssueId` | [`ID!`](#id) | ID of the epic-issue relation. | +| <a id="epicissuehealthstatus"></a>`healthStatus` | [`HealthStatus`](#healthstatus) | Current health status. | +| <a id="epicissuehumantimeestimate"></a>`humanTimeEstimate` | [`String`](#string) | Human-readable time estimate of the issue. | +| <a id="epicissuehumantotaltimespent"></a>`humanTotalTimeSpent` | [`String`](#string) | Human-readable total time reported as spent on the issue. | +| <a id="epicissueid"></a>`id` | [`ID`](#id) | Global ID of the epic-issue relation. | +| <a id="epicissueiid"></a>`iid` | [`ID!`](#id) | Internal ID of the issue. | +| <a id="epicissueiteration"></a>`iteration` | [`Iteration`](#iteration) | Iteration of the issue. | +| <a id="epicissuelabels"></a>`labels` | [`LabelConnection`](#labelconnection) | Labels of the issue. (see [Connections](#connections)) | +| <a id="epicissuemetricimages"></a>`metricImages` | [`[MetricImage!]`](#metricimage) | Metric images associated to the issue. | +| <a id="epicissuemilestone"></a>`milestone` | [`Milestone`](#milestone) | Milestone of the issue. | +| <a id="epicissuemoved"></a>`moved` | [`Boolean`](#boolean) | Indicates if issue got moved from other project. | +| <a id="epicissuemovedto"></a>`movedTo` | [`Issue`](#issue) | Updated Issue after it got moved to another project. | +| <a id="epicissuenotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | +| <a id="epicissueparticipants"></a>`participants` | [`UserCoreConnection`](#usercoreconnection) | List of participants in the issue. (see [Connections](#connections)) | +| <a id="epicissuerelationpath"></a>`relationPath` | [`String`](#string) | URI path of the epic-issue relation. | +| <a id="epicissuerelativeposition"></a>`relativePosition` | [`Int`](#int) | Relative position of the issue (used for positioning in epic tree and issue boards). | +| <a id="epicissueseverity"></a>`severity` | [`IssuableSeverity`](#issuableseverity) | Severity level of the incident. | +| <a id="epicissuesladueat"></a>`slaDueAt` | [`Time`](#time) | Timestamp of when the issue SLA expires. | +| <a id="epicissuestate"></a>`state` | [`IssueState!`](#issuestate) | State of the issue. | +| <a id="epicissuestatuspagepublishedincident"></a>`statusPagePublishedIncident` | [`Boolean`](#boolean) | Indicates whether an issue is published to the status page. | +| <a id="epicissuesubscribed"></a>`subscribed` | [`Boolean!`](#boolean) | Indicates the currently logged in user is subscribed to the issue. | +| <a id="epicissuetaskcompletionstatus"></a>`taskCompletionStatus` | [`TaskCompletionStatus!`](#taskcompletionstatus) | Task completion status of the issue. | +| <a id="epicissuetimeestimate"></a>`timeEstimate` | [`Int!`](#int) | Time estimate of the issue. | +| <a id="epicissuetimelogs"></a>`timelogs` | [`TimelogConnection!`](#timelogconnection) | Timelogs on the issue. (see [Connections](#connections)) | +| <a id="epicissuetitle"></a>`title` | [`String!`](#string) | Title of the issue. | +| <a id="epicissuetitlehtml"></a>`titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | +| <a id="epicissuetotaltimespent"></a>`totalTimeSpent` | [`Int!`](#int) | Total time reported as spent on the issue. | +| <a id="epicissuetype"></a>`type` | [`IssueType`](#issuetype) | Type of the issue. | +| <a id="epicissueupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of when the issue was last updated. | +| <a id="epicissueupdatedby"></a>`updatedBy` | [`UserCore`](#usercore) | User that last updated the issue. | +| <a id="epicissueupvotes"></a>`upvotes` | [`Int!`](#int) | Number of upvotes the issue has received. | +| <a id="epicissueuserdiscussionscount"></a>`userDiscussionsCount` | [`Int!`](#int) | Number of user discussions in the issue. | +| <a id="epicissueusernotescount"></a>`userNotesCount` | [`Int!`](#int) | Number of user notes of the issue. | +| <a id="epicissueuserpermissions"></a>`userPermissions` | [`IssuePermissions!`](#issuepermissions) | Permissions for the current user on the resource. | +| <a id="epicissuewebpath"></a>`webPath` | [`String!`](#string) | Web path of the issue. | +| <a id="epicissueweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the issue. | +| <a id="epicissueweight"></a>`weight` | [`Int`](#int) | Weight of the issue. | + +#### Fields with arguments + +##### `EpicIssue.currentUserTodos` + +To-do items for the current user. + +Returns [`TodoConnection!`](#todoconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -Counts of descendent epics. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicissuecurrentusertodosstate"></a>`state` | [`TodoStateEnum`](#todostateenum) | State of the to-do items. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `closedEpics` | [`Int`](#int) | Number of closed child epics. | -| `closedIssues` | [`Int`](#int) | Number of closed epic issues. | -| `openedEpics` | [`Int`](#int) | Number of opened child epics. | -| `openedIssues` | [`Int`](#int) | Number of opened epic issues. | +##### `EpicIssue.reference` -### `EpicDescendantWeights` +Internal reference of the issue. Returned in shortened format by default. -Total weight of open and closed descendant issues. +Returns [`String!`](#string). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `closedIssues` | [`Int`](#int) | Total weight of completed (closed) issues in this epic, including epic descendants. | -| `openedIssues` | [`Int`](#int) | Total weight of opened issues in this epic, including epic descendants. | +###### Arguments -### `EpicEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicissuereferencefull"></a>`full` | [`Boolean`](#boolean) | Boolean option specifying whether the reference should be returned in full. | -An edge in a connection. +### `EpicList` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Epic`](#epic) | The item at the end of the edge. | +Represents an epic board list. -### `EpicHealthStatus` +#### Fields -Health status of child issues. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epiclistcollapsed"></a>`collapsed` | [`Boolean`](#boolean) | Indicates if this list is collapsed for this user. | +| <a id="epiclistepicscount"></a>`epicsCount` | [`Int`](#int) | Count of epics in the list. | +| <a id="epiclistid"></a>`id` | [`BoardsEpicListID!`](#boardsepiclistid) | Global ID of the board list. | +| <a id="epiclistlabel"></a>`label` | [`Label`](#label) | Label of the list. | +| <a id="epiclistlisttype"></a>`listType` | [`String!`](#string) | Type of the list. | +| <a id="epiclistposition"></a>`position` | [`Int`](#int) | Position of the list within the board. | +| <a id="epiclisttitle"></a>`title` | [`String!`](#string) | Title of the list. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `issuesAtRisk` | [`Int`](#int) | Number of issues at risk. | -| `issuesNeedingAttention` | [`Int`](#int) | Number of issues that need attention. | -| `issuesOnTrack` | [`Int`](#int) | Number of issues on track. | +#### Fields with arguments -### `EpicIssue` +##### `EpicList.epics` -Relationship between an epic and an issue. +List epics. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `alertManagementAlert` | [`AlertManagementAlert`](#alertmanagementalert) | Alert associated to this issue. | -| `assignees` | [`UserConnection`](#userconnection) | Assignees of the issue. | -| `author` | [`User!`](#user) | User that created the issue. | -| `blocked` | [`Boolean!`](#boolean) | Indicates the issue is blocked. | -| `blockedByCount` | [`Int`](#int) | Count of issues blocking this issue. | -| `blockedByIssues` | [`IssueConnection`](#issueconnection) | Issues blocking this issue. | -| `closedAt` | [`Time`](#time) | Timestamp of when the issue was closed. | -| `confidential` | [`Boolean!`](#boolean) | Indicates the issue is confidential. | -| `createNoteEmail` | [`String`](#string) | User specific email address for the issue. | -| `createdAt` | [`Time!`](#time) | Timestamp of when the issue was created. | -| `currentUserTodos` | [`TodoConnection!`](#todoconnection) | To-do items for the current user. | -| `description` | [`String`](#string) | Description of the issue. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `designCollection` | [`DesignCollection`](#designcollection) | Collection of design images associated with this issue. | -| `discussionLocked` | [`Boolean!`](#boolean) | Indicates discussion is locked on the issue. | -| `discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. | -| `downvotes` | [`Int!`](#int) | Number of downvotes the issue has received. | -| `dueDate` | [`Time`](#time) | Due date of the issue. | -| `emailsDisabled` | [`Boolean!`](#boolean) | Indicates if a project has email notifications disabled: `true` if email notifications are disabled. | -| `epic` | [`Epic`](#epic) | Epic to which this issue belongs. | -| `epicIssueId` | [`ID!`](#id) | ID of the epic-issue relation. | -| `healthStatus` | [`HealthStatus`](#healthstatus) | Current health status. | -| `humanTimeEstimate` | [`String`](#string) | Human-readable time estimate of the issue. | -| `humanTotalTimeSpent` | [`String`](#string) | Human-readable total time reported as spent on the issue. | -| `id` | [`ID`](#id) | Global ID of the epic-issue relation. | -| `iid` | [`ID!`](#id) | Internal ID of the issue. | -| `iteration` | [`Iteration`](#iteration) | Iteration of the issue. | -| `labels` | [`LabelConnection`](#labelconnection) | Labels of the issue. | -| `metricImages` | [`[MetricImage!]`](#metricimage) | Metric images associated to the issue. | -| `milestone` | [`Milestone`](#milestone) | Milestone of the issue. | -| `moved` | [`Boolean`](#boolean) | Indicates if issue got moved from other project. | -| `movedTo` | [`Issue`](#issue) | Updated Issue after it got moved to another project. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. | -| `participants` | [`UserConnection`](#userconnection) | List of participants in the issue. | -| `reference` | [`String!`](#string) | Internal reference of the issue. Returned in shortened format by default. | -| `relationPath` | [`String`](#string) | URI path of the epic-issue relation. | -| `relativePosition` | [`Int`](#int) | Relative position of the issue (used for positioning in epic tree and issue boards). | -| `severity` | [`IssuableSeverity`](#issuableseverity) | Severity level of the incident. | -| `slaDueAt` | [`Time`](#time) | Timestamp of when the issue SLA expires. | -| `state` | [`IssueState!`](#issuestate) | State of the issue. | -| `statusPagePublishedIncident` | [`Boolean`](#boolean) | Indicates whether an issue is published to the status page. | -| `subscribed` | [`Boolean!`](#boolean) | Indicates the currently logged in user is subscribed to the issue. | -| `taskCompletionStatus` | [`TaskCompletionStatus!`](#taskcompletionstatus) | Task completion status of the issue. | -| `timeEstimate` | [`Int!`](#int) | Time estimate of the issue. | -| `timelogs` | [`TimelogConnection!`](#timelogconnection) | Timelogs on the issue. | -| `title` | [`String!`](#string) | Title of the issue. | -| `titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | -| `totalTimeSpent` | [`Int!`](#int) | Total time reported as spent on the issue. | -| `type` | [`IssueType`](#issuetype) | Type of the issue. | -| `updatedAt` | [`Time!`](#time) | Timestamp of when the issue was last updated. | -| `updatedBy` | [`User`](#user) | User that last updated the issue. | -| `upvotes` | [`Int!`](#int) | Number of upvotes the issue has received. | -| `userDiscussionsCount` | [`Int!`](#int) | Number of user discussions in the issue. | -| `userNotesCount` | [`Int!`](#int) | Number of user notes of the issue. | -| `userPermissions` | [`IssuePermissions!`](#issuepermissions) | Permissions for the current user on the resource. | -| `webPath` | [`String!`](#string) | Web path of the issue. | -| `webUrl` | [`String!`](#string) | Web URL of the issue. | -| `weight` | [`Int`](#int) | Weight of the issue. | - -### `EpicIssueConnection` - -The connection type for EpicIssue. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[EpicIssueEdge]`](#epicissueedge) | A list of edges. | -| `nodes` | [`[EpicIssue]`](#epicissue) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| `weight` | [`Int!`](#int) | Total weight of issues collection. | - -### `EpicIssueEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`EpicIssue`](#epicissue) | The item at the end of the edge. | +Returns [`EpicConnection`](#epicconnection). -### `EpicList` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Represents an epic board list. +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epiclistepicsfilters"></a>`filters` | [`EpicFilters`](#epicfilters) | Filters applied when selecting epics in the board list. | + +### `EpicPermissions` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `collapsed` | [`Boolean`](#boolean) | Indicates if this list is collapsed for this user. | -| `epics` | [`EpicConnection`](#epicconnection) | List epics. | -| `epicsCount` | [`Int`](#int) | Count of epics in the list. | -| `id` | [`BoardsEpicListID!`](#boardsepiclistid) | Global ID of the board list. | -| `label` | [`Label`](#label) | Label of the list. | -| `listType` | [`String!`](#string) | Type of the list. | -| `position` | [`Int`](#int) | Position of the list within the board. | -| `title` | [`String!`](#string) | Title of the list. | +Check permissions for the current user on an epic. -### `EpicListConnection` +#### Fields -The connection type for EpicList. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicpermissionsadminepic"></a>`adminEpic` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_epic` on this resource. | +| <a id="epicpermissionsawardemoji"></a>`awardEmoji` | [`Boolean!`](#boolean) | Indicates the user can perform `award_emoji` on this resource. | +| <a id="epicpermissionscreateepic"></a>`createEpic` | [`Boolean!`](#boolean) | Indicates the user can perform `create_epic` on this resource. | +| <a id="epicpermissionscreatenote"></a>`createNote` | [`Boolean!`](#boolean) | Indicates the user can perform `create_note` on this resource. | +| <a id="epicpermissionsdestroyepic"></a>`destroyEpic` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_epic` on this resource. | +| <a id="epicpermissionsreadepic"></a>`readEpic` | [`Boolean!`](#boolean) | Indicates the user can perform `read_epic` on this resource. | +| <a id="epicpermissionsreadepiciid"></a>`readEpicIid` | [`Boolean!`](#boolean) | Indicates the user can perform `read_epic_iid` on this resource. | +| <a id="epicpermissionsupdateepic"></a>`updateEpic` | [`Boolean!`](#boolean) | Indicates the user can perform `update_epic` on this resource. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[EpicListEdge]`](#epiclistedge) | A list of edges. | -| `nodes` | [`[EpicList]`](#epiclist) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +### `Event` -### `EpicListEdge` +Representing an event. -An edge in a connection. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`EpicList`](#epiclist) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="eventaction"></a>`action` | [`EventAction!`](#eventaction) | Action of the event. | +| <a id="eventauthor"></a>`author` | [`UserCore!`](#usercore) | Author of this event. | +| <a id="eventcreatedat"></a>`createdAt` | [`Time!`](#time) | When this event was created. | +| <a id="eventid"></a>`id` | [`ID!`](#id) | ID of the event. | +| <a id="eventupdatedat"></a>`updatedAt` | [`Time!`](#time) | When this event was updated. | -### `EpicMoveListPayload` +### `ExternalIssue` -Autogenerated return type of EpicMoveList. +Represents an external issue. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### Fields -### `EpicPermissions` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="externalissuecreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp of when the issue was created. | +| <a id="externalissueexternaltracker"></a>`externalTracker` | [`String`](#string) | Type of external tracker. | +| <a id="externalissuerelativereference"></a>`relativeReference` | [`String`](#string) | Relative reference of the issue in the external tracker. | +| <a id="externalissuestatus"></a>`status` | [`String`](#string) | Status of the issue in the external tracker. | +| <a id="externalissuetitle"></a>`title` | [`String`](#string) | Title of the issue in the external tracker. | +| <a id="externalissueupdatedat"></a>`updatedAt` | [`Time`](#time) | Timestamp of when the issue was updated. | +| <a id="externalissueweburl"></a>`webUrl` | [`String`](#string) | URL to the issue in the external tracker. | -Check permissions for the current user on an epic. +### `GeoNode` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `adminEpic` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_epic` on this resource. | -| `awardEmoji` | [`Boolean!`](#boolean) | Indicates the user can perform `award_emoji` on this resource. | -| `createEpic` | [`Boolean!`](#boolean) | Indicates the user can perform `create_epic` on this resource. | -| `createNote` | [`Boolean!`](#boolean) | Indicates the user can perform `create_note` on this resource. | -| `destroyEpic` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_epic` on this resource. | -| `readEpic` | [`Boolean!`](#boolean) | Indicates the user can perform `read_epic` on this resource. | -| `readEpicIid` | [`Boolean!`](#boolean) | Indicates the user can perform `read_epic_iid` on this resource. | -| `updateEpic` | [`Boolean!`](#boolean) | Indicates the user can perform `update_epic` on this resource. | +#### Fields -### `EpicSetSubscriptionPayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="geonodecontainerrepositoriesmaxcapacity"></a>`containerRepositoriesMaxCapacity` | [`Int`](#int) | The maximum concurrency of container repository sync for this secondary node. | +| <a id="geonodeenabled"></a>`enabled` | [`Boolean`](#boolean) | Indicates whether this Geo node is enabled. | +| <a id="geonodefilesmaxcapacity"></a>`filesMaxCapacity` | [`Int`](#int) | The maximum concurrency of LFS/attachment backfill for this secondary node. | +| <a id="geonodeid"></a>`id` | [`ID!`](#id) | ID of this GeoNode. | +| <a id="geonodeinternalurl"></a>`internalUrl` | [`String`](#string) | The URL defined on the primary node that secondary nodes should use to contact it. | +| <a id="geonodeminimumreverificationinterval"></a>`minimumReverificationInterval` | [`Int`](#int) | The interval (in days) in which the repository verification is valid. Once expired, it will be reverified. | +| <a id="geonodename"></a>`name` | [`String`](#string) | The unique identifier for this Geo node. | +| <a id="geonodeprimary"></a>`primary` | [`Boolean`](#boolean) | Indicates whether this Geo node is the primary. | +| <a id="geonodereposmaxcapacity"></a>`reposMaxCapacity` | [`Int`](#int) | The maximum concurrency of repository backfill for this secondary node. | +| <a id="geonodeselectivesyncnamespaces"></a>`selectiveSyncNamespaces` | [`NamespaceConnection`](#namespaceconnection) | The namespaces that should be synced, if `selective_sync_type` == `namespaces`. (see [Connections](#connections)) | +| <a id="geonodeselectivesyncshards"></a>`selectiveSyncShards` | [`[String!]`](#string) | The repository storages whose projects should be synced, if `selective_sync_type` == `shards`. | +| <a id="geonodeselectivesynctype"></a>`selectiveSyncType` | [`String`](#string) | Indicates if syncing is limited to only specific groups, or shards. | +| <a id="geonodesyncobjectstorage"></a>`syncObjectStorage` | [`Boolean`](#boolean) | Indicates if this secondary node will replicate blobs in Object Storage. | +| <a id="geonodeurl"></a>`url` | [`String`](#string) | The user-facing URL for this Geo node. | +| <a id="geonodeverificationmaxcapacity"></a>`verificationMaxCapacity` | [`Int`](#int) | The maximum concurrency of repository verification for this secondary node. | -Autogenerated return type of EpicSetSubscription. +#### Fields with arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `epic` | [`Epic`](#epic) | The epic after mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +##### `GeoNode.groupWikiRepositoryRegistries` -### `EpicTreeReorderPayload` +Find group wiki repository registries on this Geo node. -Autogenerated return type of EpicTreeReorder. +Returns [`GroupWikiRepositoryRegistryConnection`](#groupwikirepositoryregistryconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `Event` +###### Arguments -Representing an event. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="geonodegroupwikirepositoryregistriesids"></a>`ids` | [`[ID!]`](#id) | Filters registries by their ID. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `action` | [`EventAction!`](#eventaction) | Action of the event. | -| `author` | [`User!`](#user) | Author of this event. | -| `createdAt` | [`Time!`](#time) | When this event was created. | -| `id` | [`ID!`](#id) | ID of the event. | -| `updatedAt` | [`Time!`](#time) | When this event was updated. | +##### `GeoNode.lfsObjectRegistries` -### `EventConnection` +Find LFS object registries on this Geo node. -The connection type for Event. +Returns [`LfsObjectRegistryConnection`](#lfsobjectregistryconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[EventEdge]`](#eventedge) | A list of edges. | -| `nodes` | [`[Event]`](#event) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `EventEdge` +###### Arguments -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="geonodelfsobjectregistriesids"></a>`ids` | [`[ID!]`](#id) | Filters registries by their ID. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Event`](#event) | The item at the end of the edge. | +##### `GeoNode.mergeRequestDiffRegistries` -### `ExportRequirementsPayload` +Find merge request diff registries on this Geo node. -Autogenerated return type of ExportRequirements. +Returns [`MergeRequestDiffRegistryConnection`](#mergerequestdiffregistryconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `ExternalIssue` +###### Arguments -Represents an external issue. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="geonodemergerequestdiffregistriesids"></a>`ids` | [`[ID!]`](#id) | Filters registries by their ID. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time`](#time) | Timestamp of when the issue was created. | -| `externalTracker` | [`String`](#string) | Type of external tracker. | -| `relativeReference` | [`String`](#string) | Relative reference of the issue in the external tracker. | -| `status` | [`String`](#string) | Status of the issue in the external tracker. | -| `title` | [`String`](#string) | Title of the issue in the external tracker. | -| `updatedAt` | [`Time`](#time) | Timestamp of when the issue was updated. | -| `webUrl` | [`String`](#string) | URL to the issue in the external tracker. | +##### `GeoNode.packageFileRegistries` -### `GeoNode` +Package file registries of the GeoNode. + +Returns [`PackageFileRegistryConnection`](#packagefileregistryconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="geonodepackagefileregistriesids"></a>`ids` | [`[ID!]`](#id) | Filters registries by their ID. | + +##### `GeoNode.pipelineArtifactRegistries` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `containerRepositoriesMaxCapacity` | [`Int`](#int) | The maximum concurrency of container repository sync for this secondary node. | -| `enabled` | [`Boolean`](#boolean) | Indicates whether this Geo node is enabled. | -| `filesMaxCapacity` | [`Int`](#int) | The maximum concurrency of LFS/attachment backfill for this secondary node. | -| `groupWikiRepositoryRegistries` | [`GroupWikiRepositoryRegistryConnection`](#groupwikirepositoryregistryconnection) | Find group wiki repository registries on this Geo node. | -| `id` | [`ID!`](#id) | ID of this GeoNode. | -| `internalUrl` | [`String`](#string) | The URL defined on the primary node that secondary nodes should use to contact it. | -| `mergeRequestDiffRegistries` | [`MergeRequestDiffRegistryConnection`](#mergerequestdiffregistryconnection) | Find merge request diff registries on this Geo node. | -| `minimumReverificationInterval` | [`Int`](#int) | The interval (in days) in which the repository verification is valid. Once expired, it will be reverified. | -| `name` | [`String`](#string) | The unique identifier for this Geo node. | -| `packageFileRegistries` | [`PackageFileRegistryConnection`](#packagefileregistryconnection) | Package file registries of the GeoNode. | -| `pipelineArtifactRegistries` | [`PipelineArtifactRegistryConnection`](#pipelineartifactregistryconnection) | Find pipeline artifact registries on this Geo node. | -| `primary` | [`Boolean`](#boolean) | Indicates whether this Geo node is the primary. | -| `reposMaxCapacity` | [`Int`](#int) | The maximum concurrency of repository backfill for this secondary node. | -| `selectiveSyncNamespaces` | [`NamespaceConnection`](#namespaceconnection) | The namespaces that should be synced, if `selective_sync_type` == `namespaces`. | -| `selectiveSyncShards` | [`[String!]`](#string) | The repository storages whose projects should be synced, if `selective_sync_type` == `shards`. | -| `selectiveSyncType` | [`String`](#string) | Indicates if syncing is limited to only specific groups, or shards. | -| `snippetRepositoryRegistries` | [`SnippetRepositoryRegistryConnection`](#snippetrepositoryregistryconnection) | Find snippet repository registries on this Geo node. | -| `syncObjectStorage` | [`Boolean`](#boolean) | Indicates if this secondary node will replicate blobs in Object Storage. | -| `terraformStateVersionRegistries` | [`TerraformStateVersionRegistryConnection`](#terraformstateversionregistryconnection) | Find terraform state version registries on this Geo node. | -| `url` | [`String`](#string) | The user-facing URL for this Geo node. | -| `verificationMaxCapacity` | [`Int`](#int) | The maximum concurrency of repository verification for this secondary node. | - -### `GitlabSubscriptionActivatePayload` - -Autogenerated return type of GitlabSubscriptionActivate. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `license` | [`CurrentLicense`](#currentlicense) | The current license. | +Find pipeline artifact registries on this Geo node. + +Returns [`PipelineArtifactRegistryConnection`](#pipelineartifactregistryconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="geonodepipelineartifactregistriesids"></a>`ids` | [`[ID!]`](#id) | Filters registries by their ID. | + +##### `GeoNode.snippetRepositoryRegistries` + +Find snippet repository registries on this Geo node. + +Returns [`SnippetRepositoryRegistryConnection`](#snippetrepositoryregistryconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="geonodesnippetrepositoryregistriesids"></a>`ids` | [`[ID!]`](#id) | Filters registries by their ID. | + +##### `GeoNode.terraformStateVersionRegistries` + +Find terraform state version registries on this Geo node. + +Returns [`TerraformStateVersionRegistryConnection`](#terraformstateversionregistryconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="geonodeterraformstateversionregistriesids"></a>`ids` | [`[ID!]`](#id) | Filters registries by their ID. | ### `GrafanaIntegration` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | Timestamp of the issue's creation. | -| `enabled` | [`Boolean!`](#boolean) | Indicates whether Grafana integration is enabled. | -| `grafanaUrl` | [`String!`](#string) | URL for the Grafana host for the Grafana integration. | -| `id` | [`ID!`](#id) | Internal ID of the Grafana integration. | -| `updatedAt` | [`Time!`](#time) | Timestamp of the issue's last activity. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="grafanaintegrationcreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of the issue's creation. | +| <a id="grafanaintegrationenabled"></a>`enabled` | [`Boolean!`](#boolean) | Indicates whether Grafana integration is enabled. | +| <a id="grafanaintegrationgrafanaurl"></a>`grafanaUrl` | [`String!`](#string) | URL for the Grafana host for the Grafana integration. | +| <a id="grafanaintegrationid"></a>`id` | [`ID!`](#id) | Internal ID of the Grafana integration. | +| <a id="grafanaintegrationupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of the issue's last activity. | ### `Group` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `actualRepositorySizeLimit` | [`Float`](#float) | Size limit for repositories in the namespace in bytes. | -| `additionalPurchasedStorageSize` | [`Float`](#float) | Additional storage purchased for the root namespace in bytes. | -| `autoDevopsEnabled` | [`Boolean`](#boolean) | Indicates whether Auto DevOps is enabled for all projects within this group. | -| `avatarUrl` | [`String`](#string) | Avatar URL of the group. | -| `billableMembersCount` | [`Int`](#int) | The number of billable users in the group. | -| `board` | [`Board`](#board) | A single board of the group. | -| `boards` | [`BoardConnection`](#boardconnection) | Boards of the group. | -| `codeCoverageActivities` | [`CodeCoverageActivityConnection`](#codecoverageactivityconnection) | Represents the code coverage activity for this group. | -| `complianceFrameworks` | [`ComplianceFrameworkConnection`](#complianceframeworkconnection) | Compliance frameworks available to projects in this namespace. Available only when feature flag `ff_custom_compliance_frameworks` is enabled. | -| `containerRepositories` | [`ContainerRepositoryConnection`](#containerrepositoryconnection) | Container repositories of the group. | -| `containerRepositoriesCount` | [`Int!`](#int) | Number of container repositories in the group. | -| `containsLockedProjects` | [`Boolean!`](#boolean) | Includes at least one project where the repository size exceeds the limit. | -| `customEmoji` | [`CustomEmojiConnection`](#customemojiconnection) | Custom emoji within this namespace. Available only when feature flag `custom_emoji` is enabled. | -| `description` | [`String`](#string) | Description of the namespace. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `emailsDisabled` | [`Boolean`](#boolean) | Indicates if a group has email notifications disabled. | -| `epic` | [`Epic`](#epic) | Find a single epic. | -| `epicBoard` | [`EpicBoard`](#epicboard) | Find a single epic board. | -| `epicBoards` | [`EpicBoardConnection`](#epicboardconnection) | Find epic boards. | -| `epics` | [`EpicConnection`](#epicconnection) | Find epics. | -| `epicsEnabled` | [`Boolean`](#boolean) | Indicates if Epics are enabled for namespace. | -| `fullName` | [`String!`](#string) | Full name of the namespace. | -| `fullPath` | [`ID!`](#id) | Full path of the namespace. | -| `groupMembers` | [`GroupMemberConnection`](#groupmemberconnection) | A membership of a user within this group. | -| `id` | [`ID!`](#id) | ID of the namespace. | -| `isTemporaryStorageIncreaseEnabled` | [`Boolean!`](#boolean) | Status of the temporary storage increase. | -| `issues` | [`IssueConnection`](#issueconnection) | Issues for projects in this group. | -| `iterationCadences` | [`IterationCadenceConnection`](#iterationcadenceconnection) | Find iteration cadences. | -| `iterations` | [`IterationConnection`](#iterationconnection) | Find iterations. | -| `label` | [`Label`](#label) | A label available on this group. | -| `labels` | [`LabelConnection`](#labelconnection) | Labels available on this group. | -| `lfsEnabled` | [`Boolean`](#boolean) | Indicates if Large File Storage (LFS) is enabled for namespace. | -| `mentionsDisabled` | [`Boolean`](#boolean) | Indicates if a group is disabled from getting mentioned. | -| `mergeRequests` | [`MergeRequestConnection`](#mergerequestconnection) | Merge requests for projects in this group. | -| `milestones` | [`MilestoneConnection`](#milestoneconnection) | Milestones of the group. | -| `name` | [`String!`](#string) | Name of the namespace. | -| `packageSettings` | [`PackageSettings`](#packagesettings) | The package settings for the namespace. | -| `packages` | [`PackageConnection`](#packageconnection) | Packages of the group. | -| `parent` | [`Group`](#group) | Parent group. | -| `path` | [`String!`](#string) | Path of the namespace. | -| `projectCreationLevel` | [`String`](#string) | The permission level required to create projects in the group. | -| `projects` | [`ProjectConnection!`](#projectconnection) | Projects within this namespace. | -| `repositorySizeExcessProjectCount` | [`Int!`](#int) | Number of projects in the root namespace where the repository size exceeds the limit. | -| `requestAccessEnabled` | [`Boolean`](#boolean) | Indicates if users can request access to namespace. | -| `requireTwoFactorAuthentication` | [`Boolean`](#boolean) | Indicates if all users in this group are required to set up two-factor authentication. | -| `rootStorageStatistics` | [`RootStorageStatistics`](#rootstoragestatistics) | Aggregated storage statistics of the namespace. Only available for root namespaces. | -| `shareWithGroupLock` | [`Boolean`](#boolean) | Indicates if sharing a project with another group within this group is prevented. | -| `stats` | [`GroupStats`](#groupstats) | Group statistics. | -| `storageSizeLimit` | [`Float`](#float) | Total storage limit of the root namespace in bytes. | -| `subgroupCreationLevel` | [`String`](#string) | The permission level required to create subgroups within the group. | -| `temporaryStorageIncreaseEndsOn` | [`Time`](#time) | Date until the temporary storage increase is active. | -| `timelogs` | [`TimelogConnection!`](#timelogconnection) | Time logged on issues in the group and its subgroups. | -| `totalRepositorySize` | [`Float`](#float) | Total repository size of all projects in the root namespace in bytes. | -| `totalRepositorySizeExcess` | [`Float`](#float) | Total excess repository size of all projects in the root namespace in bytes. | -| `twoFactorGracePeriod` | [`Int`](#int) | Time before two-factor authentication is enforced. | -| `userPermissions` | [`GroupPermissions!`](#grouppermissions) | Permissions for the current user on the resource. | -| `visibility` | [`String`](#string) | Visibility of the namespace. | -| `vulnerabilities` | [`VulnerabilityConnection`](#vulnerabilityconnection) | Vulnerabilities reported on the projects in the group and its subgroups. | -| `vulnerabilitiesCountByDay` | [`VulnerabilitiesCountByDayConnection`](#vulnerabilitiescountbydayconnection) | Number of vulnerabilities per day for the projects in the group and its subgroups. | -| `vulnerabilitiesCountByDayAndSeverity` **{warning-solid}** | [`VulnerabilitiesCountByDayAndSeverityConnection`](#vulnerabilitiescountbydayandseverityconnection) | **Deprecated** in 13.3. Use `vulnerabilitiesCountByDay`. | -| `vulnerabilityGrades` | [`[VulnerableProjectsByGrade!]!`](#vulnerableprojectsbygrade) | Represents vulnerable project counts for each grade. | -| `vulnerabilityScanners` | [`VulnerabilityScannerConnection`](#vulnerabilityscannerconnection) | Vulnerability scanners reported on the project vulnerabilities of the group and its subgroups. | -| `vulnerabilitySeveritiesCount` | [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount) | Counts for each vulnerability severity in the group and its subgroups. | -| `webUrl` | [`String!`](#string) | Web URL of the group. | +#### Fields -### `GroupMember` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupactualrepositorysizelimit"></a>`actualRepositorySizeLimit` | [`Float`](#float) | Size limit for repositories in the namespace in bytes. | +| <a id="groupadditionalpurchasedstoragesize"></a>`additionalPurchasedStorageSize` | [`Float`](#float) | Additional storage purchased for the root namespace in bytes. | +| <a id="groupautodevopsenabled"></a>`autoDevopsEnabled` | [`Boolean`](#boolean) | Indicates whether Auto DevOps is enabled for all projects within this group. | +| <a id="groupavatarurl"></a>`avatarUrl` | [`String`](#string) | Avatar URL of the group. | +| <a id="groupbillablememberscount"></a>`billableMembersCount` | [`Int`](#int) | The number of billable users in the group. | +| <a id="groupcontainerrepositoriescount"></a>`containerRepositoriesCount` | [`Int!`](#int) | Number of container repositories in the group. | +| <a id="groupcontainslockedprojects"></a>`containsLockedProjects` | [`Boolean!`](#boolean) | Includes at least one project where the repository size exceeds the limit. | +| <a id="groupcustomemoji"></a>`customEmoji` | [`CustomEmojiConnection`](#customemojiconnection) | Custom emoji within this namespace. Available only when feature flag `custom_emoji` is enabled. (see [Connections](#connections)) | +| <a id="groupdescription"></a>`description` | [`String`](#string) | Description of the namespace. | +| <a id="groupdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="groupemailsdisabled"></a>`emailsDisabled` | [`Boolean`](#boolean) | Indicates if a group has email notifications disabled. | +| <a id="groupepicboards"></a>`epicBoards` | [`EpicBoardConnection`](#epicboardconnection) | Find epic boards. (see [Connections](#connections)) | +| <a id="groupepicsenabled"></a>`epicsEnabled` | [`Boolean`](#boolean) | Indicates if Epics are enabled for namespace. | +| <a id="groupfullname"></a>`fullName` | [`String!`](#string) | Full name of the namespace. | +| <a id="groupfullpath"></a>`fullPath` | [`ID!`](#id) | Full path of the namespace. | +| <a id="groupid"></a>`id` | [`ID!`](#id) | ID of the namespace. | +| <a id="groupistemporarystorageincreaseenabled"></a>`isTemporaryStorageIncreaseEnabled` | [`Boolean!`](#boolean) | Status of the temporary storage increase. | +| <a id="grouplfsenabled"></a>`lfsEnabled` | [`Boolean`](#boolean) | Indicates if Large File Storage (LFS) is enabled for namespace. | +| <a id="groupmentionsdisabled"></a>`mentionsDisabled` | [`Boolean`](#boolean) | Indicates if a group is disabled from getting mentioned. | +| <a id="groupname"></a>`name` | [`String!`](#string) | Name of the namespace. | +| <a id="grouppackagesettings"></a>`packageSettings` | [`PackageSettings`](#packagesettings) | The package settings for the namespace. | +| <a id="groupparent"></a>`parent` | [`Group`](#group) | Parent group. | +| <a id="grouppath"></a>`path` | [`String!`](#string) | Path of the namespace. | +| <a id="groupprojectcreationlevel"></a>`projectCreationLevel` | [`String`](#string) | The permission level required to create projects in the group. | +| <a id="grouprepositorysizeexcessprojectcount"></a>`repositorySizeExcessProjectCount` | [`Int!`](#int) | Number of projects in the root namespace where the repository size exceeds the limit. | +| <a id="grouprequestaccessenabled"></a>`requestAccessEnabled` | [`Boolean`](#boolean) | Indicates if users can request access to namespace. | +| <a id="grouprequiretwofactorauthentication"></a>`requireTwoFactorAuthentication` | [`Boolean`](#boolean) | Indicates if all users in this group are required to set up two-factor authentication. | +| <a id="grouprootstoragestatistics"></a>`rootStorageStatistics` | [`RootStorageStatistics`](#rootstoragestatistics) | Aggregated storage statistics of the namespace. Only available for root namespaces. | +| <a id="groupsharewithgrouplock"></a>`shareWithGroupLock` | [`Boolean`](#boolean) | Indicates if sharing a project with another group within this group is prevented. | +| <a id="groupstats"></a>`stats` | [`GroupStats`](#groupstats) | Group statistics. | +| <a id="groupstoragesizelimit"></a>`storageSizeLimit` | [`Float`](#float) | Total storage limit of the root namespace in bytes. | +| <a id="groupsubgroupcreationlevel"></a>`subgroupCreationLevel` | [`String`](#string) | The permission level required to create subgroups within the group. | +| <a id="grouptemporarystorageincreaseendson"></a>`temporaryStorageIncreaseEndsOn` | [`Time`](#time) | Date until the temporary storage increase is active. | +| <a id="grouptotalrepositorysize"></a>`totalRepositorySize` | [`Float`](#float) | Total repository size of all projects in the root namespace in bytes. | +| <a id="grouptotalrepositorysizeexcess"></a>`totalRepositorySizeExcess` | [`Float`](#float) | Total excess repository size of all projects in the root namespace in bytes. | +| <a id="grouptwofactorgraceperiod"></a>`twoFactorGracePeriod` | [`Int`](#int) | Time before two-factor authentication is enforced. | +| <a id="groupuserpermissions"></a>`userPermissions` | [`GroupPermissions!`](#grouppermissions) | Permissions for the current user on the resource. | +| <a id="groupvisibility"></a>`visibility` | [`String`](#string) | Visibility of the namespace. | +| <a id="groupvulnerabilityscanners"></a>`vulnerabilityScanners` | [`VulnerabilityScannerConnection`](#vulnerabilityscannerconnection) | Vulnerability scanners reported on the project vulnerabilities of the group and its subgroups. (see [Connections](#connections)) | +| <a id="groupweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the group. | + +#### Fields with arguments + +##### `Group.board` + +A single board of the group. + +Returns [`Board`](#board). + +###### Arguments -Represents a Group Membership. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupboardid"></a>`id` | [`BoardID!`](#boardid) | The board's ID. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `accessLevel` | [`AccessLevel`](#accesslevel) | GitLab::Access level. | -| `createdAt` | [`Time`](#time) | Date and time the membership was created. | -| `createdBy` | [`User`](#user) | User that authorized membership. | -| `expiresAt` | [`Time`](#time) | Date and time the membership expires. | -| `group` | [`Group`](#group) | Group that a User is a member of. | -| `id` | [`ID!`](#id) | ID of the member. | -| `updatedAt` | [`Time`](#time) | Date and time the membership was last updated. | -| `user` | [`User!`](#user) | User that is associated with the member object. | -| `userPermissions` | [`GroupPermissions!`](#grouppermissions) | Permissions for the current user on the resource. | +##### `Group.boards` -### `GroupMemberConnection` +Boards of the group. -The connection type for GroupMember. +Returns [`BoardConnection`](#boardconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[GroupMemberEdge]`](#groupmemberedge) | A list of edges. | -| `nodes` | [`[GroupMember]`](#groupmember) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `GroupMemberEdge` +###### Arguments -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupboardsid"></a>`id` | [`BoardID`](#boardid) | Find a board by its ID. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`GroupMember`](#groupmember) | The item at the end of the edge. | +##### `Group.codeCoverageActivities` -### `GroupPermissions` +Represents the code coverage activity for this group. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `readGroup` | [`Boolean!`](#boolean) | Indicates the user can perform `read_group` on this resource. | +Returns [`CodeCoverageActivityConnection`](#codecoverageactivityconnection). -### `GroupReleaseStats` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Contains release-related statistics about a group. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `releasesCount` | [`Int`](#int) | Total number of releases in all descendant projects of the group. Will always return `null` if `group_level_release_statistics` feature flag is disabled. | -| `releasesPercentage` | [`Int`](#int) | Percentage of the group's descendant projects that have at least one release. Will always return `null` if `group_level_release_statistics` feature flag is disabled. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupcodecoverageactivitiesstartdate"></a>`startDate` | [`Date!`](#date) | First day for which to fetch code coverage activity (maximum time window is set to 90 days). | -### `GroupStats` +##### `Group.complianceFrameworks` -Contains statistics about a group. +Compliance frameworks available to projects in this namespace. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `releaseStats` | [`GroupReleaseStats`](#groupreleasestats) | Statistics related to releases within the group. | +Returns [`ComplianceFrameworkConnection`](#complianceframeworkconnection). -### `GroupWikiRepositoryRegistry` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Represents the Geo sync and verification state of a group wiki repository. +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupcomplianceframeworksid"></a>`id` | [`ComplianceManagementFrameworkID`](#compliancemanagementframeworkid) | Global ID of a specific compliance framework to return. | + +##### `Group.containerRepositories` + +Container repositories of the group. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time`](#time) | Timestamp when the GroupWikiRepositoryRegistry was created. | -| `groupWikiRepositoryId` | [`ID!`](#id) | ID of the Group Wiki Repository. | -| `id` | [`ID!`](#id) | ID of the GroupWikiRepositoryRegistry. | -| `lastSyncFailure` | [`String`](#string) | Error message during sync of the GroupWikiRepositoryRegistry. | -| `lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the GroupWikiRepositoryRegistry. | -| `retryAt` | [`Time`](#time) | Timestamp after which the GroupWikiRepositoryRegistry should be resynced. | -| `retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the GroupWikiRepositoryRegistry. | -| `state` | [`RegistryState`](#registrystate) | Sync state of the GroupWikiRepositoryRegistry. | +Returns [`ContainerRepositoryConnection`](#containerrepositoryconnection). -### `GroupWikiRepositoryRegistryConnection` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -The connection type for GroupWikiRepositoryRegistry. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[GroupWikiRepositoryRegistryEdge]`](#groupwikirepositoryregistryedge) | A list of edges. | -| `nodes` | [`[GroupWikiRepositoryRegistry]`](#groupwikirepositoryregistry) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupcontainerrepositoriesname"></a>`name` | [`String`](#string) | Filter the container repositories by their name. | +| <a id="groupcontainerrepositoriessort"></a>`sort` | [`ContainerRepositorySort`](#containerrepositorysort) | Sort container repositories by this criteria. | -### `GroupWikiRepositoryRegistryEdge` +##### `Group.epic` -An edge in a connection. +Find a single epic. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`GroupWikiRepositoryRegistry`](#groupwikirepositoryregistry) | The item at the end of the edge. | +Returns [`Epic`](#epic). -### `HttpIntegrationCreatePayload` +###### Arguments -Autogenerated return type of HttpIntegrationCreate. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupepicauthorusername"></a>`authorUsername` | [`String`](#string) | Filter epics by author. | +| <a id="groupepicconfidential"></a>`confidential` | [`Boolean`](#boolean) | Filter epics by given confidentiality. | +| <a id="groupepicenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | +| <a id="groupepiciid"></a>`iid` | [`ID`](#id) | IID of the epic, e.g., "1". | +| <a id="groupepiciidstartswith"></a>`iidStartsWith` | [`String`](#string) | Filter epics by IID for autocomplete. | +| <a id="groupepiciids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., [1, 2]. | +| <a id="groupepicincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include epics from descendant groups. | +| <a id="groupepiclabelname"></a>`labelName` | [`[String!]`](#string) | Filter epics by labels. | +| <a id="groupepicmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Filter epics by milestone title, computed from epic's issues. | +| <a id="groupepicmyreactionemoji"></a>`myReactionEmoji` | [`String`](#string) | Filter by reaction emoji applied by the current user. | +| <a id="groupepicsearch"></a>`search` | [`String`](#string) | Search query for epic title or description. | +| <a id="groupepicsort"></a>`sort` | [`EpicSort`](#epicsort) | List epics by sort order. | +| <a id="groupepicstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. | +| <a id="groupepicstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. | +| <a id="groupepictimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. | + +##### `Group.epicBoard` + +Find a single epic board. + +Returns [`EpicBoard`](#epicboard). + +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `integration` | [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) | The HTTP integration. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupepicboardid"></a>`id` | [`BoardsEpicBoardID!`](#boardsepicboardid) | Find an epic board by ID. | -### `HttpIntegrationDestroyPayload` +##### `Group.epics` -Autogenerated return type of HttpIntegrationDestroy. +Find epics. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `integration` | [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) | The HTTP integration. | +Returns [`EpicConnection`](#epicconnection). -### `HttpIntegrationResetTokenPayload` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Autogenerated return type of HttpIntegrationResetToken. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `integration` | [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) | The HTTP integration. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupepicsauthorusername"></a>`authorUsername` | [`String`](#string) | Filter epics by author. | +| <a id="groupepicsconfidential"></a>`confidential` | [`Boolean`](#boolean) | Filter epics by given confidentiality. | +| <a id="groupepicsenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | +| <a id="groupepicsiid"></a>`iid` | [`ID`](#id) | IID of the epic, e.g., "1". | +| <a id="groupepicsiidstartswith"></a>`iidStartsWith` | [`String`](#string) | Filter epics by IID for autocomplete. | +| <a id="groupepicsiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., [1, 2]. | +| <a id="groupepicsincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include epics from descendant groups. | +| <a id="groupepicslabelname"></a>`labelName` | [`[String!]`](#string) | Filter epics by labels. | +| <a id="groupepicsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Filter epics by milestone title, computed from epic's issues. | +| <a id="groupepicsmyreactionemoji"></a>`myReactionEmoji` | [`String`](#string) | Filter by reaction emoji applied by the current user. | +| <a id="groupepicssearch"></a>`search` | [`String`](#string) | Search query for epic title or description. | +| <a id="groupepicssort"></a>`sort` | [`EpicSort`](#epicsort) | List epics by sort order. | +| <a id="groupepicsstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. | +| <a id="groupepicsstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. | +| <a id="groupepicstimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. | + +##### `Group.groupMembers` + +A membership of a user within this group. + +Returns [`GroupMemberConnection`](#groupmemberconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -### `HttpIntegrationUpdatePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupgroupmembersrelations"></a>`relations` | [`[GroupMemberRelation!]`](#groupmemberrelation) | Filter members by the given member relations. | +| <a id="groupgroupmemberssearch"></a>`search` | [`String`](#string) | Search query. | -Autogenerated return type of HttpIntegrationUpdate. +##### `Group.issues` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `integration` | [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) | The HTTP integration. | +Issues for projects in this group. -### `IncidentManagementOncallRotation` +Returns [`IssueConnection`](#issueconnection). -Describes an incident management on-call rotation. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `activePeriod` | [`OncallRotationActivePeriodType`](#oncallrotationactiveperiodtype) | Active period for the on-call rotation. | -| `endsAt` | [`Time`](#time) | End date and time of the on-call rotation. | -| `id` | [`IncidentManagementOncallRotationID!`](#incidentmanagementoncallrotationid) | ID of the on-call rotation. | -| `length` | [`Int`](#int) | Length of the on-call schedule, in the units specified by lengthUnit. | -| `lengthUnit` | [`OncallRotationUnitEnum`](#oncallrotationunitenum) | Unit of the on-call rotation length. | -| `name` | [`String!`](#string) | Name of the on-call rotation. | -| `participants` | [`OncallParticipantTypeConnection`](#oncallparticipanttypeconnection) | Participants of the on-call rotation. | -| `shifts` | [`IncidentManagementOncallShiftConnection`](#incidentmanagementoncallshiftconnection) | Blocks of time for which a participant is on-call within a given time frame. Time frame cannot exceed one month. | -| `startsAt` | [`Time`](#time) | Start date of the on-call rotation. | +###### Arguments -### `IncidentManagementOncallRotationConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupissuesassigneeid"></a>`assigneeId` | [`String`](#string) | ID of a user assigned to the issues, "none" and "any" values are supported. | +| <a id="groupissuesassigneeusername"></a>`assigneeUsername` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.11. Use `assigneeUsernames`. | +| <a id="groupissuesassigneeusernames"></a>`assigneeUsernames` | [`[String!]`](#string) | Usernames of users assigned to the issue. | +| <a id="groupissuesauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author of the issue. | +| <a id="groupissuesclosedafter"></a>`closedAfter` | [`Time`](#time) | Issues closed after this date. | +| <a id="groupissuesclosedbefore"></a>`closedBefore` | [`Time`](#time) | Issues closed before this date. | +| <a id="groupissuescreatedafter"></a>`createdAfter` | [`Time`](#time) | Issues created after this date. | +| <a id="groupissuescreatedbefore"></a>`createdBefore` | [`Time`](#time) | Issues created before this date. | +| <a id="groupissuesepicid"></a>`epicId` | [`String`](#string) | ID of an epic associated with the issues, "none" and "any" values are supported. | +| <a id="groupissuesiid"></a>`iid` | [`String`](#string) | IID of the issue. For example, "1". | +| <a id="groupissuesiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, ["1", "2"]. | +| <a id="groupissuesincludesubgroups"></a>`includeSubgroups` | [`Boolean`](#boolean) | Include issues belonging to subgroups. | +| <a id="groupissuesiterationid"></a>`iterationId` | [`[ID]`](#id) | List of iteration Global IDs applied to the issue. | +| <a id="groupissuesiterationwildcardid"></a>`iterationWildcardId` | [`IterationWildcardId`](#iterationwildcardid) | Filter by iteration ID wildcard. | +| <a id="groupissueslabelname"></a>`labelName` | [`[String]`](#string) | Labels applied to this issue. | +| <a id="groupissuesmilestonetitle"></a>`milestoneTitle` | [`[String]`](#string) | Milestone applied to this issue. | +| <a id="groupissuesnot"></a>`not` | [`NegatedIssueFilterInput`](#negatedissuefilterinput) | Negated arguments. | +| <a id="groupissuessearch"></a>`search` | [`String`](#string) | Search query for issue title or description. | +| <a id="groupissuessort"></a>`sort` | [`IssueSort`](#issuesort) | Sort issues by this criteria. | +| <a id="groupissuesstate"></a>`state` | [`IssuableState`](#issuablestate) | Current state of this issue. | +| <a id="groupissuestypes"></a>`types` | [`[IssueType!]`](#issuetype) | Filter issues by the given issue types. | +| <a id="groupissuesupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Issues updated after this date. | +| <a id="groupissuesupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Issues updated before this date. | +| <a id="groupissuesweight"></a>`weight` | [`String`](#string) | Weight applied to the issue, "none" and "any" values are supported. | + +##### `Group.iterationCadences` + +Find iteration cadences. + +Returns [`IterationCadenceConnection`](#iterationcadenceconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -The connection type for IncidentManagementOncallRotation. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupiterationcadencesactive"></a>`active` | [`Boolean`](#boolean) | Whether the iteration cadence is active. | +| <a id="groupiterationcadencesautomatic"></a>`automatic` | [`Boolean`](#boolean) | Whether the iteration cadence should automatically generate future iterations. | +| <a id="groupiterationcadencesdurationinweeks"></a>`durationInWeeks` | [`Int`](#int) | Duration in weeks of the iterations within this cadence. | +| <a id="groupiterationcadencesid"></a>`id` | [`IterationsCadenceID`](#iterationscadenceid) | Global ID of the iteration cadence to look up. | +| <a id="groupiterationcadencesincludeancestorgroups"></a>`includeAncestorGroups` | [`Boolean`](#boolean) | Whether to include ancestor groups to search iterations cadences in. | +| <a id="groupiterationcadencestitle"></a>`title` | [`String`](#string) | Fuzzy search by title. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[IncidentManagementOncallRotationEdge]`](#incidentmanagementoncallrotationedge) | A list of edges. | -| `nodes` | [`[IncidentManagementOncallRotation]`](#incidentmanagementoncallrotation) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### `Group.iterations` -### `IncidentManagementOncallRotationEdge` +Find iterations. -An edge in a connection. +Returns [`IterationConnection`](#iterationconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation) | The item at the end of the edge. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `IncidentManagementOncallSchedule` +###### Arguments -Describes an incident management on-call schedule. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupiterationsenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | +| <a id="groupiterationsid"></a>`id` | [`ID`](#id) | Global ID of the Iteration to look up. | +| <a id="groupiterationsiid"></a>`iid` | [`ID`](#id) | Internal ID of the Iteration to look up. | +| <a id="groupiterationsincludeancestors"></a>`includeAncestors` | [`Boolean`](#boolean) | Whether to include ancestor iterations. Defaults to true. | +| <a id="groupiterationsiterationcadenceids"></a>`iterationCadenceIds` | [`[IterationsCadenceID!]`](#iterationscadenceid) | Global iteration cadence IDs by which to look up the iterations. | +| <a id="groupiterationsstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. | +| <a id="groupiterationsstate"></a>`state` | [`IterationState`](#iterationstate) | Filter iterations by state. | +| <a id="groupiterationstimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. | +| <a id="groupiterationstitle"></a>`title` | [`String`](#string) | Fuzzy search by title. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the on-call schedule. | -| `iid` | [`ID!`](#id) | Internal ID of the on-call schedule. | -| `name` | [`String!`](#string) | Name of the on-call schedule. | -| `rotation` | [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation) | On-call rotation for the on-call schedule. | -| `rotations` | [`IncidentManagementOncallRotationConnection!`](#incidentmanagementoncallrotationconnection) | On-call rotations for the on-call schedule. | -| `timezone` | [`String!`](#string) | Time zone of the on-call schedule. | +##### `Group.label` -### `IncidentManagementOncallScheduleConnection` +A label available on this group. -The connection type for IncidentManagementOncallSchedule. +Returns [`Label`](#label). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[IncidentManagementOncallScheduleEdge]`](#incidentmanagementoncallscheduleedge) | A list of edges. | -| `nodes` | [`[IncidentManagementOncallSchedule]`](#incidentmanagementoncallschedule) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +###### Arguments -### `IncidentManagementOncallScheduleEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="grouplabeltitle"></a>`title` | [`String!`](#string) | Title of the label. | -An edge in a connection. +##### `Group.labels` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`IncidentManagementOncallSchedule`](#incidentmanagementoncallschedule) | The item at the end of the edge. | +Labels available on this group. -### `IncidentManagementOncallShift` +Returns [`LabelConnection`](#labelconnection). -A block of time for which a participant is on-call. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `endsAt` | [`Time`](#time) | End time of the on-call shift. | -| `participant` | [`OncallParticipantType`](#oncallparticipanttype) | Participant assigned to the on-call shift. | -| `startsAt` | [`Time`](#time) | Start time of the on-call shift. | +###### Arguments -### `IncidentManagementOncallShiftConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="grouplabelsincludeancestorgroups"></a>`includeAncestorGroups` | [`Boolean`](#boolean) | Include labels from ancestor groups. | +| <a id="grouplabelsincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include labels from descendant groups. | +| <a id="grouplabelsonlygrouplabels"></a>`onlyGroupLabels` | [`Boolean`](#boolean) | Include only group level labels. | +| <a id="grouplabelssearchterm"></a>`searchTerm` | [`String`](#string) | A search term to find labels with. | -The connection type for IncidentManagementOncallShift. +##### `Group.mergeRequests` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[IncidentManagementOncallShiftEdge]`](#incidentmanagementoncallshiftedge) | A list of edges. | -| `nodes` | [`[IncidentManagementOncallShift]`](#incidentmanagementoncallshift) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Merge requests for projects in this group. -### `IncidentManagementOncallShiftEdge` +Returns [`MergeRequestConnection`](#mergerequestconnection). -An edge in a connection. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`IncidentManagementOncallShift`](#incidentmanagementoncallshift) | The item at the end of the edge. | +###### Arguments -### `InstanceSecurityDashboard` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupmergerequestsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of the assignee. | +| <a id="groupmergerequestsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author. | +| <a id="groupmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="groupmergerequestsincludesubgroups"></a>`includeSubgroups` | [`Boolean`](#boolean) | Include merge requests belonging to subgroups. | +| <a id="groupmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="groupmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="groupmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="groupmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="groupmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="groupmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="groupmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="groupmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="groupmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `projects` | [`ProjectConnection!`](#projectconnection) | Projects selected in Instance Security Dashboard. | -| `vulnerabilityGrades` | [`[VulnerableProjectsByGrade!]!`](#vulnerableprojectsbygrade) | Represents vulnerable project counts for each grade. | -| `vulnerabilityScanners` | [`VulnerabilityScannerConnection`](#vulnerabilityscannerconnection) | Vulnerability scanners reported on the vulnerabilities from projects selected in Instance Security Dashboard. | -| `vulnerabilitySeveritiesCount` | [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount) | Counts for each vulnerability severity from projects selected in Instance Security Dashboard. | +##### `Group.milestones` -### `Issue` +Milestones of the group. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `alertManagementAlert` | [`AlertManagementAlert`](#alertmanagementalert) | Alert associated to this issue. | -| `assignees` | [`UserConnection`](#userconnection) | Assignees of the issue. | -| `author` | [`User!`](#user) | User that created the issue. | -| `blocked` | [`Boolean!`](#boolean) | Indicates the issue is blocked. | -| `blockedByCount` | [`Int`](#int) | Count of issues blocking this issue. | -| `blockedByIssues` | [`IssueConnection`](#issueconnection) | Issues blocking this issue. | -| `closedAt` | [`Time`](#time) | Timestamp of when the issue was closed. | -| `confidential` | [`Boolean!`](#boolean) | Indicates the issue is confidential. | -| `createNoteEmail` | [`String`](#string) | User specific email address for the issue. | -| `createdAt` | [`Time!`](#time) | Timestamp of when the issue was created. | -| `currentUserTodos` | [`TodoConnection!`](#todoconnection) | To-do items for the current user. | -| `description` | [`String`](#string) | Description of the issue. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `designCollection` | [`DesignCollection`](#designcollection) | Collection of design images associated with this issue. | -| `discussionLocked` | [`Boolean!`](#boolean) | Indicates discussion is locked on the issue. | -| `discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. | -| `downvotes` | [`Int!`](#int) | Number of downvotes the issue has received. | -| `dueDate` | [`Time`](#time) | Due date of the issue. | -| `emailsDisabled` | [`Boolean!`](#boolean) | Indicates if a project has email notifications disabled: `true` if email notifications are disabled. | -| `epic` | [`Epic`](#epic) | Epic to which this issue belongs. | -| `healthStatus` | [`HealthStatus`](#healthstatus) | Current health status. | -| `humanTimeEstimate` | [`String`](#string) | Human-readable time estimate of the issue. | -| `humanTotalTimeSpent` | [`String`](#string) | Human-readable total time reported as spent on the issue. | -| `id` | [`ID!`](#id) | ID of the issue. | -| `iid` | [`ID!`](#id) | Internal ID of the issue. | -| `iteration` | [`Iteration`](#iteration) | Iteration of the issue. | -| `labels` | [`LabelConnection`](#labelconnection) | Labels of the issue. | -| `metricImages` | [`[MetricImage!]`](#metricimage) | Metric images associated to the issue. | -| `milestone` | [`Milestone`](#milestone) | Milestone of the issue. | -| `moved` | [`Boolean`](#boolean) | Indicates if issue got moved from other project. | -| `movedTo` | [`Issue`](#issue) | Updated Issue after it got moved to another project. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. | -| `participants` | [`UserConnection`](#userconnection) | List of participants in the issue. | -| `reference` | [`String!`](#string) | Internal reference of the issue. Returned in shortened format by default. | -| `relativePosition` | [`Int`](#int) | Relative position of the issue (used for positioning in epic tree and issue boards). | -| `severity` | [`IssuableSeverity`](#issuableseverity) | Severity level of the incident. | -| `slaDueAt` | [`Time`](#time) | Timestamp of when the issue SLA expires. | -| `state` | [`IssueState!`](#issuestate) | State of the issue. | -| `statusPagePublishedIncident` | [`Boolean`](#boolean) | Indicates whether an issue is published to the status page. | -| `subscribed` | [`Boolean!`](#boolean) | Indicates the currently logged in user is subscribed to the issue. | -| `taskCompletionStatus` | [`TaskCompletionStatus!`](#taskcompletionstatus) | Task completion status of the issue. | -| `timeEstimate` | [`Int!`](#int) | Time estimate of the issue. | -| `timelogs` | [`TimelogConnection!`](#timelogconnection) | Timelogs on the issue. | -| `title` | [`String!`](#string) | Title of the issue. | -| `titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | -| `totalTimeSpent` | [`Int!`](#int) | Total time reported as spent on the issue. | -| `type` | [`IssueType`](#issuetype) | Type of the issue. | -| `updatedAt` | [`Time!`](#time) | Timestamp of when the issue was last updated. | -| `updatedBy` | [`User`](#user) | User that last updated the issue. | -| `upvotes` | [`Int!`](#int) | Number of upvotes the issue has received. | -| `userDiscussionsCount` | [`Int!`](#int) | Number of user discussions in the issue. | -| `userNotesCount` | [`Int!`](#int) | Number of user notes of the issue. | -| `userPermissions` | [`IssuePermissions!`](#issuepermissions) | Permissions for the current user on the resource. | -| `webPath` | [`String!`](#string) | Web path of the issue. | -| `webUrl` | [`String!`](#string) | Web URL of the issue. | -| `weight` | [`Int`](#int) | Weight of the issue. | - -### `IssueConnection` - -The connection type for Issue. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[IssueEdge]`](#issueedge) | A list of edges. | -| `nodes` | [`[Issue]`](#issue) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| `weight` | [`Int!`](#int) | Total weight of issues collection. | - -### `IssueEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Issue`](#issue) | The item at the end of the edge. | - -### `IssueMoveListPayload` - -Autogenerated return type of IssueMoveList. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | - -### `IssueMovePayload` - -Autogenerated return type of IssueMove. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +Returns [`MilestoneConnection`](#milestoneconnection). -### `IssuePermissions` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Check permissions for the current user on a issue. +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupmilestonescontainingdate"></a>`containingDate` | [`Time`](#time) | A date that the milestone contains. | +| <a id="groupmilestonesenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | +| <a id="groupmilestonesids"></a>`ids` | [`[ID!]`](#id) | Array of global milestone IDs, e.g., `"gid://gitlab/Milestone/1"`. | +| <a id="groupmilestonesincludeancestors"></a>`includeAncestors` | [`Boolean`](#boolean) | Include milestones from all parent groups. | +| <a id="groupmilestonesincludedescendants"></a>`includeDescendants` | [`Boolean`](#boolean) | Include milestones from all subgroups and subprojects. | +| <a id="groupmilestonessearchtitle"></a>`searchTitle` | [`String`](#string) | A search string for the title. | +| <a id="groupmilestonesstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. | +| <a id="groupmilestonesstate"></a>`state` | [`MilestoneStateEnum`](#milestonestateenum) | Filter milestones by state. | +| <a id="groupmilestonestimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. | +| <a id="groupmilestonestitle"></a>`title` | [`String`](#string) | The title of the milestone. | + +##### `Group.packages` + +Packages of the group. + +Returns [`PackageConnection`](#packageconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="grouppackagesincludeversionless"></a>`includeVersionless` | [`Boolean`](#boolean) | Include versionless packages. | +| <a id="grouppackagespackagename"></a>`packageName` | [`String`](#string) | Search a package by name. | +| <a id="grouppackagespackagetype"></a>`packageType` | [`PackageTypeEnum`](#packagetypeenum) | Filter a package by type. | +| <a id="grouppackagessort"></a>`sort` | [`PackageGroupSort`](#packagegroupsort) | Sort packages by this criteria. | +| <a id="grouppackagesstatus"></a>`status` | [`PackageStatus`](#packagestatus) | Filter a package by status. | + +##### `Group.projects` + +Projects within this namespace. + +Returns [`ProjectConnection!`](#projectconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupprojectshascodecoverage"></a>`hasCodeCoverage` | [`Boolean`](#boolean) | Returns only the projects which have code coverage. | +| <a id="groupprojectshasvulnerabilities"></a>`hasVulnerabilities` | [`Boolean`](#boolean) | Returns only the projects which have vulnerabilities. | +| <a id="groupprojectsids"></a>`ids` | [`[ID!]`](#id) | Filter projects by IDs. | +| <a id="groupprojectsincludesubgroups"></a>`includeSubgroups` | [`Boolean`](#boolean) | Include also subgroup projects. | +| <a id="groupprojectssearch"></a>`search` | [`String`](#string) | Search project with most similar names or paths. | +| <a id="groupprojectssort"></a>`sort` | [`NamespaceProjectSort`](#namespaceprojectsort) | Sort projects by this criteria. | + +##### `Group.timelogs` + +Time logged on issues and merge requests in the group and its subgroups. + +Returns [`TimelogConnection!`](#timelogconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="grouptimelogsenddate"></a>`endDate` | [`Time`](#time) | List time logs within a date range where the logged date is equal to or before endDate. | +| <a id="grouptimelogsendtime"></a>`endTime` | [`Time`](#time) | List time-logs within a time range where the logged time is equal to or before endTime. | +| <a id="grouptimelogsstartdate"></a>`startDate` | [`Time`](#time) | List time logs within a date range where the logged date is equal to or after startDate. | +| <a id="grouptimelogsstarttime"></a>`startTime` | [`Time`](#time) | List time-logs within a time range where the logged time is equal to or after startTime. | + +##### `Group.vulnerabilities` + +Vulnerabilities reported on the projects in the group and its subgroups. + +Returns [`VulnerabilityConnection`](#vulnerabilityconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupvulnerabilitieshasissues"></a>`hasIssues` | [`Boolean`](#boolean) | Returns only the vulnerabilities which have linked issues. | +| <a id="groupvulnerabilitieshasresolution"></a>`hasResolution` | [`Boolean`](#boolean) | Returns only the vulnerabilities which have been resolved on default branch. | +| <a id="groupvulnerabilitiesprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. | +| <a id="groupvulnerabilitiesreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. | +| <a id="groupvulnerabilitiesscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by VulnerabilityScanner.externalId. | +| <a id="groupvulnerabilitiesscannerid"></a>`scannerId` | [`[VulnerabilitiesScannerID!]`](#vulnerabilitiesscannerid) | Filter vulnerabilities by scanner ID. | +| <a id="groupvulnerabilitiesseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. | +| <a id="groupvulnerabilitiessort"></a>`sort` | [`VulnerabilitySort`](#vulnerabilitysort) | List vulnerabilities by sort order. | +| <a id="groupvulnerabilitiesstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. | + +##### `Group.vulnerabilitiesCountByDay` + +Number of vulnerabilities per day for the projects in the group and its subgroups. + +Returns [`VulnerabilitiesCountByDayConnection`](#vulnerabilitiescountbydayconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupvulnerabilitiescountbydayenddate"></a>`endDate` | [`ISO8601Date!`](#iso8601date) | Last day for which to fetch vulnerability history. | +| <a id="groupvulnerabilitiescountbydaystartdate"></a>`startDate` | [`ISO8601Date!`](#iso8601date) | First day for which to fetch vulnerability history. | + +##### `Group.vulnerabilitiesCountByDayAndSeverity` + +Number of vulnerabilities per severity level, per day, for the projects in the group and its subgroups. + +WARNING: +**Deprecated** in 13.3. +Use `vulnerabilitiesCountByDay`. + +Returns [`VulnerabilitiesCountByDayAndSeverityConnection`](#vulnerabilitiescountbydayandseverityconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupvulnerabilitiescountbydayandseverityenddate"></a>`endDate` | [`ISO8601Date!`](#iso8601date) | Last day for which to fetch vulnerability history. | +| <a id="groupvulnerabilitiescountbydayandseveritystartdate"></a>`startDate` | [`ISO8601Date!`](#iso8601date) | First day for which to fetch vulnerability history. | + +##### `Group.vulnerabilityGrades` + +Represents vulnerable project counts for each grade. + +Returns [`[VulnerableProjectsByGrade!]!`](#vulnerableprojectsbygrade). + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupvulnerabilitygradesincludesubgroups"></a>`includeSubgroups` | [`Boolean`](#boolean) | Include grades belonging to subgroups. | + +##### `Group.vulnerabilitySeveritiesCount` + +Counts for each vulnerability severity in the group and its subgroups. + +Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount). + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. | +| <a id="groupvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. | +| <a id="groupvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. | +| <a id="groupvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. | +| <a id="groupvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. | + +### `GroupMember` + +Represents a Group Membership. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupmemberaccesslevel"></a>`accessLevel` | [`AccessLevel`](#accesslevel) | GitLab::Access level. | +| <a id="groupmembercreatedat"></a>`createdAt` | [`Time`](#time) | Date and time the membership was created. | +| <a id="groupmembercreatedby"></a>`createdBy` | [`UserCore`](#usercore) | User that authorized membership. | +| <a id="groupmemberexpiresat"></a>`expiresAt` | [`Time`](#time) | Date and time the membership expires. | +| <a id="groupmembergroup"></a>`group` | [`Group`](#group) | Group that a User is a member of. | +| <a id="groupmemberid"></a>`id` | [`ID!`](#id) | ID of the member. | +| <a id="groupmemberupdatedat"></a>`updatedAt` | [`Time`](#time) | Date and time the membership was last updated. | +| <a id="groupmemberuser"></a>`user` | [`UserCore!`](#usercore) | User that is associated with the member object. | +| <a id="groupmemberuserpermissions"></a>`userPermissions` | [`GroupPermissions!`](#grouppermissions) | Permissions for the current user on the resource. | + +### `GroupPermissions` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="grouppermissionsreadgroup"></a>`readGroup` | [`Boolean!`](#boolean) | Indicates the user can perform `read_group` on this resource. | + +### `GroupReleaseStats` + +Contains release-related statistics about a group. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupreleasestatsreleasescount"></a>`releasesCount` | [`Int`](#int) | Total number of releases in all descendant projects of the group. | +| <a id="groupreleasestatsreleasespercentage"></a>`releasesPercentage` | [`Int`](#int) | Percentage of the group's descendant projects that have at least one release. | + +### `GroupStats` + +Contains statistics about a group. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupstatsreleasestats"></a>`releaseStats` | [`GroupReleaseStats`](#groupreleasestats) | Statistics related to releases within the group. | + +### `GroupWikiRepositoryRegistry` + +Represents the Geo sync and verification state of a group wiki repository. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupwikirepositoryregistrycreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp when the GroupWikiRepositoryRegistry was created. | +| <a id="groupwikirepositoryregistrygroupwikirepositoryid"></a>`groupWikiRepositoryId` | [`ID!`](#id) | ID of the Group Wiki Repository. | +| <a id="groupwikirepositoryregistryid"></a>`id` | [`ID!`](#id) | ID of the GroupWikiRepositoryRegistry. | +| <a id="groupwikirepositoryregistrylastsyncfailure"></a>`lastSyncFailure` | [`String`](#string) | Error message during sync of the GroupWikiRepositoryRegistry. | +| <a id="groupwikirepositoryregistrylastsyncedat"></a>`lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the GroupWikiRepositoryRegistry. | +| <a id="groupwikirepositoryregistryretryat"></a>`retryAt` | [`Time`](#time) | Timestamp after which the GroupWikiRepositoryRegistry should be resynced. | +| <a id="groupwikirepositoryregistryretrycount"></a>`retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the GroupWikiRepositoryRegistry. | +| <a id="groupwikirepositoryregistrystate"></a>`state` | [`RegistryState`](#registrystate) | Sync state of the GroupWikiRepositoryRegistry. | + +### `IncidentManagementOncallRotation` + +Describes an incident management on-call rotation. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallrotationactiveperiod"></a>`activePeriod` | [`OncallRotationActivePeriodType`](#oncallrotationactiveperiodtype) | Active period for the on-call rotation. | +| <a id="incidentmanagementoncallrotationendsat"></a>`endsAt` | [`Time`](#time) | End date and time of the on-call rotation. | +| <a id="incidentmanagementoncallrotationid"></a>`id` | [`IncidentManagementOncallRotationID!`](#incidentmanagementoncallrotationid) | ID of the on-call rotation. | +| <a id="incidentmanagementoncallrotationlength"></a>`length` | [`Int`](#int) | Length of the on-call schedule, in the units specified by lengthUnit. | +| <a id="incidentmanagementoncallrotationlengthunit"></a>`lengthUnit` | [`OncallRotationUnitEnum`](#oncallrotationunitenum) | Unit of the on-call rotation length. | +| <a id="incidentmanagementoncallrotationname"></a>`name` | [`String!`](#string) | Name of the on-call rotation. | +| <a id="incidentmanagementoncallrotationparticipants"></a>`participants` | [`OncallParticipantTypeConnection`](#oncallparticipanttypeconnection) | Participants of the on-call rotation. (see [Connections](#connections)) | +| <a id="incidentmanagementoncallrotationstartsat"></a>`startsAt` | [`Time`](#time) | Start date of the on-call rotation. | + +#### Fields with arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `adminIssue` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_issue` on this resource. | -| `createDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `create_design` on this resource. | -| `createNote` | [`Boolean!`](#boolean) | Indicates the user can perform `create_note` on this resource. | -| `destroyDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_design` on this resource. | -| `readDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `read_design` on this resource. | -| `readIssue` | [`Boolean!`](#boolean) | Indicates the user can perform `read_issue` on this resource. | -| `reopenIssue` | [`Boolean!`](#boolean) | Indicates the user can perform `reopen_issue` on this resource. | -| `updateIssue` | [`Boolean!`](#boolean) | Indicates the user can perform `update_issue` on this resource. | +##### `IncidentManagementOncallRotation.shifts` -### `IssueSetAssigneesPayload` +Blocks of time for which a participant is on-call within a given time frame. Time frame cannot exceed one month. -Autogenerated return type of IssueSetAssignees. +Returns [`IncidentManagementOncallShiftConnection`](#incidentmanagementoncallshiftconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `IssueSetConfidentialPayload` +###### Arguments -Autogenerated return type of IssueSetConfidential. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallrotationshiftsendtime"></a>`endTime` | [`Time!`](#time) | End of timeframe to include shifts for. Cannot exceed one month after start. | +| <a id="incidentmanagementoncallrotationshiftsstarttime"></a>`startTime` | [`Time!`](#time) | Start of timeframe to include shifts for. | + +### `IncidentManagementOncallSchedule` + +Describes an incident management on-call schedule. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallscheduledescription"></a>`description` | [`String`](#string) | Description of the on-call schedule. | +| <a id="incidentmanagementoncallscheduleiid"></a>`iid` | [`ID!`](#id) | Internal ID of the on-call schedule. | +| <a id="incidentmanagementoncallschedulename"></a>`name` | [`String!`](#string) | Name of the on-call schedule. | +| <a id="incidentmanagementoncallschedulerotations"></a>`rotations` | [`IncidentManagementOncallRotationConnection!`](#incidentmanagementoncallrotationconnection) | On-call rotations for the on-call schedule. (see [Connections](#connections)) | +| <a id="incidentmanagementoncallscheduletimezone"></a>`timezone` | [`String!`](#string) | Time zone of the on-call schedule. | + +#### Fields with arguments + +##### `IncidentManagementOncallSchedule.rotation` + +On-call rotation for the on-call schedule. + +Returns [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation). + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallschedulerotationid"></a>`id` | [`IncidentManagementOncallRotationID!`](#incidentmanagementoncallrotationid) | ID of the on-call rotation. | + +### `IncidentManagementOncallShift` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +A block of time for which a participant is on-call. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="incidentmanagementoncallshiftendsat"></a>`endsAt` | [`Time`](#time) | End time of the on-call shift. | +| <a id="incidentmanagementoncallshiftparticipant"></a>`participant` | [`OncallParticipantType`](#oncallparticipanttype) | Participant assigned to the on-call shift. | +| <a id="incidentmanagementoncallshiftstartsat"></a>`startsAt` | [`Time`](#time) | Start time of the on-call shift. | -### `IssueSetDueDatePayload` +### `InstanceSecurityDashboard` -Autogenerated return type of IssueSetDueDate. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="instancesecuritydashboardprojects"></a>`projects` | [`ProjectConnection!`](#projectconnection) | Projects selected in Instance Security Dashboard. (see [Connections](#connections)) | +| <a id="instancesecuritydashboardvulnerabilitygrades"></a>`vulnerabilityGrades` | [`[VulnerableProjectsByGrade!]!`](#vulnerableprojectsbygrade) | Represents vulnerable project counts for each grade. | +| <a id="instancesecuritydashboardvulnerabilityscanners"></a>`vulnerabilityScanners` | [`VulnerabilityScannerConnection`](#vulnerabilityscannerconnection) | Vulnerability scanners reported on the vulnerabilities from projects selected in Instance Security Dashboard. (see [Connections](#connections)) | -### `IssueSetEpicPayload` +#### Fields with arguments -Autogenerated return type of IssueSetEpic. +##### `InstanceSecurityDashboard.vulnerabilitySeveritiesCount` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +Counts for each vulnerability severity from projects selected in Instance Security Dashboard. -### `IssueSetIterationPayload` +Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount). -Autogenerated return type of IssueSetIteration. +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="instancesecuritydashboardvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. | +| <a id="instancesecuritydashboardvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. | +| <a id="instancesecuritydashboardvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. | +| <a id="instancesecuritydashboardvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. | +| <a id="instancesecuritydashboardvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +### `Issue` -### `IssueSetLockedPayload` +#### Fields -Autogenerated return type of IssueSetLocked. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="issuealertmanagementalert"></a>`alertManagementAlert` | [`AlertManagementAlert`](#alertmanagementalert) | Alert associated to this issue. | +| <a id="issueassignees"></a>`assignees` | [`UserCoreConnection`](#usercoreconnection) | Assignees of the issue. (see [Connections](#connections)) | +| <a id="issueauthor"></a>`author` | [`UserCore!`](#usercore) | User that created the issue. | +| <a id="issueblocked"></a>`blocked` | [`Boolean!`](#boolean) | Indicates the issue is blocked. | +| <a id="issueblockedbycount"></a>`blockedByCount` | [`Int`](#int) | Count of issues blocking this issue. | +| <a id="issueblockedbyissues"></a>`blockedByIssues` | [`IssueConnection`](#issueconnection) | Issues blocking this issue. (see [Connections](#connections)) | +| <a id="issueclosedat"></a>`closedAt` | [`Time`](#time) | Timestamp of when the issue was closed. | +| <a id="issueconfidential"></a>`confidential` | [`Boolean!`](#boolean) | Indicates the issue is confidential. | +| <a id="issuecreatenoteemail"></a>`createNoteEmail` | [`String`](#string) | User specific email address for the issue. | +| <a id="issuecreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of when the issue was created. | +| <a id="issuedescription"></a>`description` | [`String`](#string) | Description of the issue. | +| <a id="issuedescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="issuedesigncollection"></a>`designCollection` | [`DesignCollection`](#designcollection) | Collection of design images associated with this issue. | +| <a id="issuediscussionlocked"></a>`discussionLocked` | [`Boolean!`](#boolean) | Indicates discussion is locked on the issue. | +| <a id="issuediscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="issuedownvotes"></a>`downvotes` | [`Int!`](#int) | Number of downvotes the issue has received. | +| <a id="issueduedate"></a>`dueDate` | [`Time`](#time) | Due date of the issue. | +| <a id="issueemailsdisabled"></a>`emailsDisabled` | [`Boolean!`](#boolean) | Indicates if a project has email notifications disabled: `true` if email notifications are disabled. | +| <a id="issueepic"></a>`epic` | [`Epic`](#epic) | Epic to which this issue belongs. | +| <a id="issuehealthstatus"></a>`healthStatus` | [`HealthStatus`](#healthstatus) | Current health status. | +| <a id="issuehumantimeestimate"></a>`humanTimeEstimate` | [`String`](#string) | Human-readable time estimate of the issue. | +| <a id="issuehumantotaltimespent"></a>`humanTotalTimeSpent` | [`String`](#string) | Human-readable total time reported as spent on the issue. | +| <a id="issueid"></a>`id` | [`ID!`](#id) | ID of the issue. | +| <a id="issueiid"></a>`iid` | [`ID!`](#id) | Internal ID of the issue. | +| <a id="issueiteration"></a>`iteration` | [`Iteration`](#iteration) | Iteration of the issue. | +| <a id="issuelabels"></a>`labels` | [`LabelConnection`](#labelconnection) | Labels of the issue. (see [Connections](#connections)) | +| <a id="issuemetricimages"></a>`metricImages` | [`[MetricImage!]`](#metricimage) | Metric images associated to the issue. | +| <a id="issuemilestone"></a>`milestone` | [`Milestone`](#milestone) | Milestone of the issue. | +| <a id="issuemoved"></a>`moved` | [`Boolean`](#boolean) | Indicates if issue got moved from other project. | +| <a id="issuemovedto"></a>`movedTo` | [`Issue`](#issue) | Updated Issue after it got moved to another project. | +| <a id="issuenotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | +| <a id="issueparticipants"></a>`participants` | [`UserCoreConnection`](#usercoreconnection) | List of participants in the issue. (see [Connections](#connections)) | +| <a id="issuerelativeposition"></a>`relativePosition` | [`Int`](#int) | Relative position of the issue (used for positioning in epic tree and issue boards). | +| <a id="issueseverity"></a>`severity` | [`IssuableSeverity`](#issuableseverity) | Severity level of the incident. | +| <a id="issuesladueat"></a>`slaDueAt` | [`Time`](#time) | Timestamp of when the issue SLA expires. | +| <a id="issuestate"></a>`state` | [`IssueState!`](#issuestate) | State of the issue. | +| <a id="issuestatuspagepublishedincident"></a>`statusPagePublishedIncident` | [`Boolean`](#boolean) | Indicates whether an issue is published to the status page. | +| <a id="issuesubscribed"></a>`subscribed` | [`Boolean!`](#boolean) | Indicates the currently logged in user is subscribed to the issue. | +| <a id="issuetaskcompletionstatus"></a>`taskCompletionStatus` | [`TaskCompletionStatus!`](#taskcompletionstatus) | Task completion status of the issue. | +| <a id="issuetimeestimate"></a>`timeEstimate` | [`Int!`](#int) | Time estimate of the issue. | +| <a id="issuetimelogs"></a>`timelogs` | [`TimelogConnection!`](#timelogconnection) | Timelogs on the issue. (see [Connections](#connections)) | +| <a id="issuetitle"></a>`title` | [`String!`](#string) | Title of the issue. | +| <a id="issuetitlehtml"></a>`titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | +| <a id="issuetotaltimespent"></a>`totalTimeSpent` | [`Int!`](#int) | Total time reported as spent on the issue. | +| <a id="issuetype"></a>`type` | [`IssueType`](#issuetype) | Type of the issue. | +| <a id="issueupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of when the issue was last updated. | +| <a id="issueupdatedby"></a>`updatedBy` | [`UserCore`](#usercore) | User that last updated the issue. | +| <a id="issueupvotes"></a>`upvotes` | [`Int!`](#int) | Number of upvotes the issue has received. | +| <a id="issueuserdiscussionscount"></a>`userDiscussionsCount` | [`Int!`](#int) | Number of user discussions in the issue. | +| <a id="issueusernotescount"></a>`userNotesCount` | [`Int!`](#int) | Number of user notes of the issue. | +| <a id="issueuserpermissions"></a>`userPermissions` | [`IssuePermissions!`](#issuepermissions) | Permissions for the current user on the resource. | +| <a id="issuewebpath"></a>`webPath` | [`String!`](#string) | Web path of the issue. | +| <a id="issueweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the issue. | +| <a id="issueweight"></a>`weight` | [`Int`](#int) | Weight of the issue. | + +#### Fields with arguments + +##### `Issue.currentUserTodos` + +To-do items for the current user. + +Returns [`TodoConnection!`](#todoconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="issuecurrentusertodosstate"></a>`state` | [`TodoStateEnum`](#todostateenum) | State of the to-do items. | -### `IssueSetSeverityPayload` +##### `Issue.reference` -Autogenerated return type of IssueSetSeverity. +Internal reference of the issue. Returned in shortened format by default. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +Returns [`String!`](#string). -### `IssueSetSubscriptionPayload` +###### Arguments -Autogenerated return type of IssueSetSubscription. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="issuereferencefull"></a>`full` | [`Boolean`](#boolean) | Boolean option specifying whether the reference should be returned in full. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +### `IssuePermissions` -### `IssueSetWeightPayload` +Check permissions for the current user on a issue. -Autogenerated return type of IssueSetWeight. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="issuepermissionsadminissue"></a>`adminIssue` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_issue` on this resource. | +| <a id="issuepermissionscreatedesign"></a>`createDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `create_design` on this resource. | +| <a id="issuepermissionscreatenote"></a>`createNote` | [`Boolean!`](#boolean) | Indicates the user can perform `create_note` on this resource. | +| <a id="issuepermissionsdestroydesign"></a>`destroyDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_design` on this resource. | +| <a id="issuepermissionsreaddesign"></a>`readDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `read_design` on this resource. | +| <a id="issuepermissionsreadissue"></a>`readIssue` | [`Boolean!`](#boolean) | Indicates the user can perform `read_issue` on this resource. | +| <a id="issuepermissionsreopenissue"></a>`reopenIssue` | [`Boolean!`](#boolean) | Indicates the user can perform `reopen_issue` on this resource. | +| <a id="issuepermissionsupdateissue"></a>`updateIssue` | [`Boolean!`](#boolean) | Indicates the user can perform `update_issue` on this resource. | ### `IssueStatusCountsType` Represents total number of issues for the represented statuses. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `all` | [`Int`](#int) | Number of issues with status ALL for the project. | -| `closed` | [`Int`](#int) | Number of issues with status CLOSED for the project. | -| `opened` | [`Int`](#int) | Number of issues with status OPENED for the project. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="issuestatuscountstypeall"></a>`all` | [`Int`](#int) | Number of issues with status ALL for the project. | +| <a id="issuestatuscountstypeclosed"></a>`closed` | [`Int`](#int) | Number of issues with status CLOSED for the project. | +| <a id="issuestatuscountstypeopened"></a>`opened` | [`Int`](#int) | Number of issues with status OPENED for the project. | ### `Iteration` Represents an iteration object. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | Timestamp of iteration creation. | -| `description` | [`String`](#string) | Description of the iteration. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `dueDate` | [`Time`](#time) | Timestamp of the iteration due date. | -| `id` | [`ID!`](#id) | ID of the iteration. | -| `iid` | [`ID!`](#id) | Internal ID of the iteration. | -| `iterationCadence` | [`IterationCadence!`](#iterationcadence) | Cadence of the iteration. | -| `report` | [`TimeboxReport`](#timeboxreport) | Historically accurate report about the timebox. | -| `scopedPath` | [`String`](#string) | Web path of the iteration, scoped to the query parent. Only valid for Project parents. Returns null in other contexts. | -| `scopedUrl` | [`String`](#string) | Web URL of the iteration, scoped to the query parent. Only valid for Project parents. Returns null in other contexts. | -| `startDate` | [`Time`](#time) | Timestamp of the iteration start date. | -| `state` | [`IterationState!`](#iterationstate) | State of the iteration. | -| `title` | [`String!`](#string) | Title of the iteration. | -| `updatedAt` | [`Time!`](#time) | Timestamp of last iteration update. | -| `webPath` | [`String!`](#string) | Web path of the iteration. | -| `webUrl` | [`String!`](#string) | Web URL of the iteration. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="iterationcreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of iteration creation. | +| <a id="iterationdescription"></a>`description` | [`String`](#string) | Description of the iteration. | +| <a id="iterationdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="iterationduedate"></a>`dueDate` | [`Time`](#time) | Timestamp of the iteration due date. | +| <a id="iterationid"></a>`id` | [`ID!`](#id) | ID of the iteration. | +| <a id="iterationiid"></a>`iid` | [`ID!`](#id) | Internal ID of the iteration. | +| <a id="iterationiterationcadence"></a>`iterationCadence` | [`IterationCadence!`](#iterationcadence) | Cadence of the iteration. | +| <a id="iterationreport"></a>`report` | [`TimeboxReport`](#timeboxreport) | Historically accurate report about the timebox. | +| <a id="iterationscopedpath"></a>`scopedPath` | [`String`](#string) | Web path of the iteration, scoped to the query parent. Only valid for Project parents. Returns null in other contexts. | +| <a id="iterationscopedurl"></a>`scopedUrl` | [`String`](#string) | Web URL of the iteration, scoped to the query parent. Only valid for Project parents. Returns null in other contexts. | +| <a id="iterationstartdate"></a>`startDate` | [`Time`](#time) | Timestamp of the iteration start date. | +| <a id="iterationstate"></a>`state` | [`IterationState!`](#iterationstate) | State of the iteration. | +| <a id="iterationtitle"></a>`title` | [`String!`](#string) | Title of the iteration. | +| <a id="iterationupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of last iteration update. | +| <a id="iterationwebpath"></a>`webPath` | [`String!`](#string) | Web path of the iteration. | +| <a id="iterationweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the iteration. | ### `IterationCadence` Represents an iteration cadence. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `active` | [`Boolean`](#boolean) | Whether the iteration cadence is active. | -| `automatic` | [`Boolean`](#boolean) | Whether the iteration cadence should automatically generate future iterations. | -| `durationInWeeks` | [`Int`](#int) | Duration in weeks of the iterations within this cadence. | -| `id` | [`IterationsCadenceID!`](#iterationscadenceid) | Global ID of the iteration cadence. | -| `iterationsInAdvance` | [`Int`](#int) | Future iterations to be created when iteration cadence is set to automatic. | -| `startDate` | [`Time`](#time) | Timestamp of the iteration cadence start date. | -| `title` | [`String!`](#string) | Title of the iteration cadence. | +#### Fields -### `IterationCadenceConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="iterationcadenceactive"></a>`active` | [`Boolean`](#boolean) | Whether the iteration cadence is active. | +| <a id="iterationcadenceautomatic"></a>`automatic` | [`Boolean`](#boolean) | Whether the iteration cadence should automatically generate future iterations. | +| <a id="iterationcadencedescription"></a>`description` | [`String`](#string) | Description of the iteration cadence. Maximum length is 5000 characters. | +| <a id="iterationcadencedurationinweeks"></a>`durationInWeeks` | [`Int`](#int) | Duration in weeks of the iterations within this cadence. | +| <a id="iterationcadenceid"></a>`id` | [`IterationsCadenceID!`](#iterationscadenceid) | Global ID of the iteration cadence. | +| <a id="iterationcadenceiterationsinadvance"></a>`iterationsInAdvance` | [`Int`](#int) | Future iterations to be created when iteration cadence is set to automatic. | +| <a id="iterationcadencerollover"></a>`rollOver` | [`Boolean!`](#boolean) | Whether the iteration cadence should roll over issues to the next iteration or not. | +| <a id="iterationcadencestartdate"></a>`startDate` | [`Time`](#time) | Timestamp of the iteration cadence start date. | +| <a id="iterationcadencetitle"></a>`title` | [`String!`](#string) | Title of the iteration cadence. | -The connection type for IterationCadence. +### `JiraImport` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[IterationCadenceEdge]`](#iterationcadenceedge) | A list of edges. | -| `nodes` | [`[IterationCadence]`](#iterationcadence) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### Fields -### `IterationCadenceCreatePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jiraimportcreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp of when the Jira import was created. | +| <a id="jiraimportfailedtoimportcount"></a>`failedToImportCount` | [`Int!`](#int) | Count of issues that failed to import. | +| <a id="jiraimportimportedissuescount"></a>`importedIssuesCount` | [`Int!`](#int) | Count of issues that were successfully imported. | +| <a id="jiraimportjiraprojectkey"></a>`jiraProjectKey` | [`String!`](#string) | Project key for the imported Jira project. | +| <a id="jiraimportscheduledat"></a>`scheduledAt` | [`Time`](#time) | Timestamp of when the Jira import was scheduled. | +| <a id="jiraimportscheduledby"></a>`scheduledBy` | [`UserCore`](#usercore) | User that started the Jira import. | +| <a id="jiraimporttotalissuecount"></a>`totalIssueCount` | [`Int!`](#int) | Total count of issues that were attempted to import. | -Autogenerated return type of IterationCadenceCreate. +### `JiraProject` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `iterationCadence` | [`IterationCadence`](#iterationcadence) | The created iteration cadence. | +#### Fields -### `IterationCadenceEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jiraprojectkey"></a>`key` | [`String!`](#string) | Key of the Jira project. | +| <a id="jiraprojectname"></a>`name` | [`String`](#string) | Name of the Jira project. | +| <a id="jiraprojectprojectid"></a>`projectId` | [`Int!`](#int) | ID of the Jira project. | -An edge in a connection. +### `JiraService` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`IterationCadence`](#iterationcadence) | The item at the end of the edge. | +#### Fields -### `IterationCadenceUpdatePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jiraserviceactive"></a>`active` | [`Boolean`](#boolean) | Indicates if the service is active. | +| <a id="jiraservicetype"></a>`type` | [`String`](#string) | Class name of the service. | -Autogenerated return type of IterationCadenceUpdate. +#### Fields with arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `iterationCadence` | [`IterationCadence`](#iterationcadence) | The updated iteration cadence. | +##### `JiraService.projects` -### `IterationConnection` +List of all Jira projects fetched through Jira REST API. -The connection type for Iteration. +Returns [`JiraProjectConnection`](#jiraprojectconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[IterationEdge]`](#iterationedge) | A list of edges. | -| `nodes` | [`[Iteration]`](#iteration) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `IterationEdge` +###### Arguments -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jiraserviceprojectsname"></a>`name` | [`String`](#string) | Project name or key. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Iteration`](#iteration) | The item at the end of the edge. | +### `JiraUser` -### `JiraImport` +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time`](#time) | Timestamp of when the Jira import was created. | -| `failedToImportCount` | [`Int!`](#int) | Count of issues that failed to import. | -| `importedIssuesCount` | [`Int!`](#int) | Count of issues that were successfully imported. | -| `jiraProjectKey` | [`String!`](#string) | Project key for the imported Jira project. | -| `scheduledAt` | [`Time`](#time) | Timestamp of when the Jira import was scheduled. | -| `scheduledBy` | [`User`](#user) | User that started the Jira import. | -| `totalIssueCount` | [`Int!`](#int) | Total count of issues that were attempted to import. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jirausergitlabid"></a>`gitlabId` | [`Int`](#int) | ID of the matched GitLab user. | +| <a id="jirausergitlabname"></a>`gitlabName` | [`String`](#string) | Name of the matched GitLab user. | +| <a id="jirausergitlabusername"></a>`gitlabUsername` | [`String`](#string) | Username of the matched GitLab user. | +| <a id="jirauserjiraaccountid"></a>`jiraAccountId` | [`String!`](#string) | Account ID of the Jira user. | +| <a id="jirauserjiradisplayname"></a>`jiraDisplayName` | [`String!`](#string) | Display name of the Jira user. | +| <a id="jirauserjiraemail"></a>`jiraEmail` | [`String`](#string) | Email of the Jira user, returned only for users with public emails. | -### `JiraImportConnection` +### `JobPermissions` -The connection type for JiraImport. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[JiraImportEdge]`](#jiraimportedge) | A list of edges. | -| `nodes` | [`[JiraImport]`](#jiraimport) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jobpermissionsreadbuild"></a>`readBuild` | [`Boolean!`](#boolean) | Indicates the user can perform `read_build` on this resource. | +| <a id="jobpermissionsreadjobartifacts"></a>`readJobArtifacts` | [`Boolean!`](#boolean) | Indicates the user can perform `read_job_artifacts` on this resource. | +| <a id="jobpermissionsupdatebuild"></a>`updateBuild` | [`Boolean!`](#boolean) | Indicates the user can perform `update_build` on this resource. | -### `JiraImportEdge` +### `Kas` -An edge in a connection. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`JiraImport`](#jiraimport) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="kasenabled"></a>`enabled` | [`Boolean!`](#boolean) | Indicates whether the Kubernetes Agent Server is enabled. | +| <a id="kasexternalurl"></a>`externalUrl` | [`String`](#string) | The URL used by the Agents to communicate with KAS. | +| <a id="kasversion"></a>`version` | [`String`](#string) | KAS version. | -### `JiraImportStartPayload` +### `Label` -Autogenerated return type of JiraImportStart. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `jiraImport` | [`JiraImport`](#jiraimport) | The Jira import data after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="labelcolor"></a>`color` | [`String!`](#string) | Background color of the label. | +| <a id="labelcreatedat"></a>`createdAt` | [`Time!`](#time) | When this label was created. | +| <a id="labeldescription"></a>`description` | [`String`](#string) | Description of the label (Markdown rendered as HTML for caching). | +| <a id="labeldescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="labelid"></a>`id` | [`ID!`](#id) | Label ID. | +| <a id="labelremoveonclose"></a>`removeOnClose` | [`Boolean!`](#boolean) | Whether the label should be removed from an issue when the issue is closed. | +| <a id="labeltextcolor"></a>`textColor` | [`String!`](#string) | Text color of the label. | +| <a id="labeltitle"></a>`title` | [`String!`](#string) | Content of the label. | +| <a id="labelupdatedat"></a>`updatedAt` | [`Time!`](#time) | When this label was last updated. | -### `JiraImportUsersPayload` +### `LfsObjectRegistry` -Autogenerated return type of JiraImportUsers. +Represents the Geo sync and verification state of an LFS object. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `jiraUsers` | [`[JiraUser!]`](#jirauser) | Users returned from Jira, matched by email and name if possible. | +#### Fields -### `JiraProject` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="lfsobjectregistrycreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp when the LfsObjectRegistry was created. | +| <a id="lfsobjectregistryid"></a>`id` | [`ID!`](#id) | ID of the LfsObjectRegistry. | +| <a id="lfsobjectregistrylastsyncfailure"></a>`lastSyncFailure` | [`String`](#string) | Error message during sync of the LfsObjectRegistry. | +| <a id="lfsobjectregistrylastsyncedat"></a>`lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the LfsObjectRegistry. | +| <a id="lfsobjectregistrylfsobjectid"></a>`lfsObjectId` | [`ID!`](#id) | ID of the LFS object. | +| <a id="lfsobjectregistryretryat"></a>`retryAt` | [`Time`](#time) | Timestamp after which the LfsObjectRegistry should be resynced. | +| <a id="lfsobjectregistryretrycount"></a>`retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the LfsObjectRegistry. | +| <a id="lfsobjectregistrystate"></a>`state` | [`RegistryState`](#registrystate) | Sync state of the LfsObjectRegistry. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | [`String!`](#string) | Key of the Jira project. | -| `name` | [`String`](#string) | Name of the Jira project. | -| `projectId` | [`Int!`](#int) | ID of the Jira project. | +### `LicenseHistoryEntry` -### `JiraProjectConnection` +Represents an entry from the Cloud License history. -The connection type for JiraProject. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[JiraProjectEdge]`](#jiraprojectedge) | A list of edges. | -| `nodes` | [`[JiraProject]`](#jiraproject) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="licensehistoryentryactivatedat"></a>`activatedAt` | [`Date`](#date) | Date when the license was activated. | +| <a id="licensehistoryentrycompany"></a>`company` | [`String`](#string) | Company of the licensee. | +| <a id="licensehistoryentryemail"></a>`email` | [`String`](#string) | Email of the licensee. | +| <a id="licensehistoryentryexpiresat"></a>`expiresAt` | [`Date`](#date) | Date when the license expires. | +| <a id="licensehistoryentryid"></a>`id` | [`ID!`](#id) | ID of the license. | +| <a id="licensehistoryentryname"></a>`name` | [`String`](#string) | Name of the licensee. | +| <a id="licensehistoryentryplan"></a>`plan` | [`String!`](#string) | Name of the subscription plan. | +| <a id="licensehistoryentrystartsat"></a>`startsAt` | [`Date`](#date) | Date when the license started. | +| <a id="licensehistoryentrytype"></a>`type` | [`String!`](#string) | Type of the license. | +| <a id="licensehistoryentryusersinlicensecount"></a>`usersInLicenseCount` | [`Int`](#int) | Number of paid users in the license. | -### `JiraProjectEdge` +### `MavenMetadata` -An edge in a connection. +Maven metadata. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`JiraProject`](#jiraproject) | The item at the end of the edge. | +#### Fields -### `JiraService` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mavenmetadataappgroup"></a>`appGroup` | [`String!`](#string) | App group of the Maven package. | +| <a id="mavenmetadataappname"></a>`appName` | [`String!`](#string) | App name of the Maven package. | +| <a id="mavenmetadataappversion"></a>`appVersion` | [`String`](#string) | App version of the Maven package. | +| <a id="mavenmetadatacreatedat"></a>`createdAt` | [`Time!`](#time) | Date of creation. | +| <a id="mavenmetadataid"></a>`id` | [`PackagesMavenMetadatumID!`](#packagesmavenmetadatumid) | ID of the metadatum. | +| <a id="mavenmetadatapath"></a>`path` | [`String!`](#string) | Path of the Maven package. | +| <a id="mavenmetadataupdatedat"></a>`updatedAt` | [`Time!`](#time) | Date of most recent update. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `active` | [`Boolean`](#boolean) | Indicates if the service is active. | -| `projects` | [`JiraProjectConnection`](#jiraprojectconnection) | List of all Jira projects fetched through Jira REST API. | -| `type` | [`String`](#string) | Class name of the service. | +### `MergeRequest` -### `JiraUser` +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `gitlabId` | [`Int`](#int) | ID of the matched GitLab user. | -| `gitlabName` | [`String`](#string) | Name of the matched GitLab user. | -| `gitlabUsername` | [`String`](#string) | Username of the matched GitLab user. | -| `jiraAccountId` | [`String!`](#string) | Account ID of the Jira user. | -| `jiraDisplayName` | [`String!`](#string) | Display name of the Jira user. | -| `jiraEmail` | [`String`](#string) | Email of the Jira user, returned only for users with public emails. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestallowcollaboration"></a>`allowCollaboration` | [`Boolean`](#boolean) | Indicates if members of the target project can push to the fork. | +| <a id="mergerequestapprovalsleft"></a>`approvalsLeft` | [`Int`](#int) | Number of approvals left. | +| <a id="mergerequestapprovalsrequired"></a>`approvalsRequired` | [`Int`](#int) | Number of approvals required. | +| <a id="mergerequestapproved"></a>`approved` | [`Boolean!`](#boolean) | Indicates if the merge request has all the required approvals. Returns true if no required approvals are configured. | +| <a id="mergerequestapprovedby"></a>`approvedBy` | [`UserCoreConnection`](#usercoreconnection) | Users who approved the merge request. (see [Connections](#connections)) | +| <a id="mergerequestassignees"></a>`assignees` | [`MergeRequestAssigneeConnection`](#mergerequestassigneeconnection) | Assignees of the merge request. (see [Connections](#connections)) | +| <a id="mergerequestauthor"></a>`author` | [`UserCore`](#usercore) | User who created this merge request. | +| <a id="mergerequestautomergeenabled"></a>`autoMergeEnabled` | [`Boolean!`](#boolean) | Indicates if auto merge is enabled for the merge request. | +| <a id="mergerequestautomergestrategy"></a>`autoMergeStrategy` | [`String`](#string) | Selected auto merge strategy. | +| <a id="mergerequestavailableautomergestrategies"></a>`availableAutoMergeStrategies` | [`[String!]`](#string) | Array of available auto merge strategies. | +| <a id="mergerequestcommitcount"></a>`commitCount` | [`Int`](#int) | Number of commits in the merge request. | +| <a id="mergerequestcommitswithoutmergecommits"></a>`commitsWithoutMergeCommits` | [`CommitConnection`](#commitconnection) | Merge request commits excluding merge commits. (see [Connections](#connections)) | +| <a id="mergerequestconflicts"></a>`conflicts` | [`Boolean!`](#boolean) | Indicates if the merge request has conflicts. | +| <a id="mergerequestcreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of when the merge request was created. | +| <a id="mergerequestdefaultmergecommitmessage"></a>`defaultMergeCommitMessage` | [`String`](#string) | Default merge commit message of the merge request. | +| <a id="mergerequestdefaultmergecommitmessagewithdescription"></a>`defaultMergeCommitMessageWithDescription` | [`String`](#string) | Default merge commit message of the merge request with description. | +| <a id="mergerequestdefaultsquashcommitmessage"></a>`defaultSquashCommitMessage` | [`String`](#string) | Default squash commit message of the merge request. | +| <a id="mergerequestdescription"></a>`description` | [`String`](#string) | Description of the merge request (Markdown rendered as HTML for caching). | +| <a id="mergerequestdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="mergerequestdiffheadsha"></a>`diffHeadSha` | [`String`](#string) | Diff head SHA of the merge request. | +| <a id="mergerequestdiffrefs"></a>`diffRefs` | [`DiffRefs`](#diffrefs) | References of the base SHA, the head SHA, and the start SHA for this merge request. | +| <a id="mergerequestdiffstatssummary"></a>`diffStatsSummary` | [`DiffStatsSummary`](#diffstatssummary) | Summary of which files were changed in this merge request. | +| <a id="mergerequestdiscussionlocked"></a>`discussionLocked` | [`Boolean!`](#boolean) | Indicates if comments on the merge request are locked to members only. | +| <a id="mergerequestdiscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="mergerequestdivergedfromtargetbranch"></a>`divergedFromTargetBranch` | [`Boolean!`](#boolean) | Indicates if the source branch is behind the target branch. | +| <a id="mergerequestdownvotes"></a>`downvotes` | [`Int!`](#int) | Number of downvotes for the merge request. | +| <a id="mergerequestdraft"></a>`draft` | [`Boolean!`](#boolean) | Indicates if the merge request is a draft. | +| <a id="mergerequestforceremovesourcebranch"></a>`forceRemoveSourceBranch` | [`Boolean`](#boolean) | Indicates if the project settings will lead to source branch deletion after merge. | +| <a id="mergerequesthasci"></a>`hasCi` | [`Boolean!`](#boolean) | Indicates if the merge request has CI. | +| <a id="mergerequesthassecurityreports"></a>`hasSecurityReports` | [`Boolean!`](#boolean) | Indicates if the source branch has any security reports. | +| <a id="mergerequestheadpipeline"></a>`headPipeline` | [`Pipeline`](#pipeline) | The pipeline running on the branch HEAD of the merge request. | +| <a id="mergerequestid"></a>`id` | [`ID!`](#id) | ID of the merge request. | +| <a id="mergerequestiid"></a>`iid` | [`String!`](#string) | Internal ID of the merge request. | +| <a id="mergerequestinprogressmergecommitsha"></a>`inProgressMergeCommitSha` | [`String`](#string) | Commit SHA of the merge request if merge is in progress. | +| <a id="mergerequestlabels"></a>`labels` | [`LabelConnection`](#labelconnection) | Labels of the merge request. (see [Connections](#connections)) | +| <a id="mergerequestmergecommitsha"></a>`mergeCommitSha` | [`String`](#string) | SHA of the merge request commit (set once merged). | +| <a id="mergerequestmergeerror"></a>`mergeError` | [`String`](#string) | Error message due to a merge error. | +| <a id="mergerequestmergeongoing"></a>`mergeOngoing` | [`Boolean!`](#boolean) | Indicates if a merge is currently occurring. | +| <a id="mergerequestmergestatus"></a>`mergeStatus` | [`String`](#string) | Status of the merge request. | +| <a id="mergerequestmergetrainscount"></a>`mergeTrainsCount` | [`Int`](#int) | Number of merge requests in the merge train. | +| <a id="mergerequestmergeuser"></a>`mergeUser` | [`UserCore`](#usercore) | User who merged this merge request. | +| <a id="mergerequestmergewhenpipelinesucceeds"></a>`mergeWhenPipelineSucceeds` | [`Boolean`](#boolean) | Indicates if the merge has been set to be merged when its pipeline succeeds (MWPS). | +| <a id="mergerequestmergeable"></a>`mergeable` | [`Boolean!`](#boolean) | Indicates if the merge request is mergeable. | +| <a id="mergerequestmergeablediscussionsstate"></a>`mergeableDiscussionsState` | [`Boolean`](#boolean) | Indicates if all discussions in the merge request have been resolved, allowing the merge request to be merged. | +| <a id="mergerequestmergedat"></a>`mergedAt` | [`Time`](#time) | Timestamp of when the merge request was merged, null if not merged. | +| <a id="mergerequestmilestone"></a>`milestone` | [`Milestone`](#milestone) | The milestone of the merge request. | +| <a id="mergerequestnotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | +| <a id="mergerequestparticipants"></a>`participants` | [`UserCoreConnection`](#usercoreconnection) | Participants in the merge request. This includes the author, assignees, reviewers, and users mentioned in notes. (see [Connections](#connections)) | +| <a id="mergerequestproject"></a>`project` | [`Project!`](#project) | Alias for target_project. | +| <a id="mergerequestprojectid"></a>`projectId` | [`Int!`](#int) | ID of the merge request project. | +| <a id="mergerequestrebasecommitsha"></a>`rebaseCommitSha` | [`String`](#string) | Rebase commit SHA of the merge request. | +| <a id="mergerequestrebaseinprogress"></a>`rebaseInProgress` | [`Boolean!`](#boolean) | Indicates if there is a rebase currently in progress for the merge request. | +| <a id="mergerequestreviewers"></a>`reviewers` | [`MergeRequestReviewerConnection`](#mergerequestreviewerconnection) | Users from whom a review has been requested. (see [Connections](#connections)) | +| <a id="mergerequestsecurityautofix"></a>`securityAutoFix` | [`Boolean`](#boolean) | Indicates if the merge request is created by @GitLab-Security-Bot. | +| <a id="mergerequestsecurityreportsuptodateontargetbranch"></a>`securityReportsUpToDateOnTargetBranch` | [`Boolean!`](#boolean) | Indicates if the target branch security reports are out of date. | +| <a id="mergerequestshouldberebased"></a>`shouldBeRebased` | [`Boolean!`](#boolean) | Indicates if the merge request will be rebased. | +| <a id="mergerequestshouldremovesourcebranch"></a>`shouldRemoveSourceBranch` | [`Boolean`](#boolean) | Indicates if the source branch of the merge request will be deleted after merge. | +| <a id="mergerequestsourcebranch"></a>`sourceBranch` | [`String!`](#string) | Source branch of the merge request. | +| <a id="mergerequestsourcebranchexists"></a>`sourceBranchExists` | [`Boolean!`](#boolean) | Indicates if the source branch of the merge request exists. | +| <a id="mergerequestsourcebranchprotected"></a>`sourceBranchProtected` | [`Boolean!`](#boolean) | Indicates if the source branch is protected. | +| <a id="mergerequestsourceproject"></a>`sourceProject` | [`Project`](#project) | Source project of the merge request. | +| <a id="mergerequestsourceprojectid"></a>`sourceProjectId` | [`Int`](#int) | ID of the merge request source project. | +| <a id="mergerequestsquash"></a>`squash` | [`Boolean!`](#boolean) | Indicates if squash on merge is enabled. | +| <a id="mergerequestsquashonmerge"></a>`squashOnMerge` | [`Boolean!`](#boolean) | Indicates if squash on merge is enabled. | +| <a id="mergerequeststate"></a>`state` | [`MergeRequestState!`](#mergerequeststate) | State of the merge request. | +| <a id="mergerequestsubscribed"></a>`subscribed` | [`Boolean!`](#boolean) | Indicates if the currently logged in user is subscribed to this merge request. | +| <a id="mergerequesttargetbranch"></a>`targetBranch` | [`String!`](#string) | Target branch of the merge request. | +| <a id="mergerequesttargetbranchexists"></a>`targetBranchExists` | [`Boolean!`](#boolean) | Indicates if the target branch of the merge request exists. | +| <a id="mergerequesttargetproject"></a>`targetProject` | [`Project!`](#project) | Target project of the merge request. | +| <a id="mergerequesttargetprojectid"></a>`targetProjectId` | [`Int!`](#int) | ID of the merge request target project. | +| <a id="mergerequesttaskcompletionstatus"></a>`taskCompletionStatus` | [`TaskCompletionStatus!`](#taskcompletionstatus) | Completion status of tasks. | +| <a id="mergerequesttimeestimate"></a>`timeEstimate` | [`Int!`](#int) | Time estimate of the merge request. | +| <a id="mergerequesttimelogs"></a>`timelogs` | [`TimelogConnection!`](#timelogconnection) | Timelogs on the merge request. (see [Connections](#connections)) | +| <a id="mergerequesttitle"></a>`title` | [`String!`](#string) | Title of the merge request. | +| <a id="mergerequesttitlehtml"></a>`titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | +| <a id="mergerequesttotaltimespent"></a>`totalTimeSpent` | [`Int!`](#int) | Total time reported as spent on the merge request. | +| <a id="mergerequestupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of when the merge request was last updated. | +| <a id="mergerequestupvotes"></a>`upvotes` | [`Int!`](#int) | Number of upvotes for the merge request. | +| <a id="mergerequestuserdiscussionscount"></a>`userDiscussionsCount` | [`Int`](#int) | Number of user discussions in the merge request. | +| <a id="mergerequestusernotescount"></a>`userNotesCount` | [`Int`](#int) | User notes count of the merge request. | +| <a id="mergerequestuserpermissions"></a>`userPermissions` | [`MergeRequestPermissions!`](#mergerequestpermissions) | Permissions for the current user on the resource. | +| <a id="mergerequestweburl"></a>`webUrl` | [`String`](#string) | Web URL of the merge request. | +| <a id="mergerequestworkinprogress"></a>`workInProgress` **{warning-solid}** | [`Boolean!`](#boolean) | **Deprecated** in 13.12. Use `draft`. | + +#### Fields with arguments + +##### `MergeRequest.currentUserTodos` + +To-do items for the current user. + +Returns [`TodoConnection!`](#todoconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -### `Label` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestcurrentusertodosstate"></a>`state` | [`TodoStateEnum`](#todostateenum) | State of the to-do items. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `color` | [`String!`](#string) | Background color of the label. | -| `createdAt` | [`Time!`](#time) | When this label was created. | -| `description` | [`String`](#string) | Description of the label (Markdown rendered as HTML for caching). | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `id` | [`ID!`](#id) | Label ID. | -| `textColor` | [`String!`](#string) | Text color of the label. | -| `title` | [`String!`](#string) | Content of the label. | -| `updatedAt` | [`Time!`](#time) | When this label was last updated. | +##### `MergeRequest.diffStats` -### `LabelConnection` +Details about which files were changed in this merge request. -The connection type for Label. +Returns [`[DiffStats!]`](#diffstats). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[LabelEdge]`](#labeledge) | A list of edges. | -| `nodes` | [`[Label]`](#label) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +###### Arguments -### `LabelCreatePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestdiffstatspath"></a>`path` | [`String`](#string) | A specific file-path. | -Autogenerated return type of LabelCreate. +##### `MergeRequest.pipelines` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `label` | [`Label`](#label) | The label after mutation. | +Pipelines for the merge request. Note: for performance reasons, no more than the most recent 500 pipelines will be returned. -### `LabelEdge` +Returns [`PipelineConnection`](#pipelineconnection). -An edge in a connection. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Label`](#label) | The item at the end of the edge. | +###### Arguments -### `LicenseHistoryEntry` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestpipelinesref"></a>`ref` | [`String`](#string) | Filter pipelines by the ref they are run for. | +| <a id="mergerequestpipelinessha"></a>`sha` | [`String`](#string) | Filter pipelines by the sha of the commit they are run for. | +| <a id="mergerequestpipelinesstatus"></a>`status` | [`PipelineStatusEnum`](#pipelinestatusenum) | Filter pipelines by their status. | -Represents an entry from the Cloud License history. +##### `MergeRequest.reference` + +Internal reference of the merge request. Returned in shortened format by default. + +Returns [`String!`](#string). + +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `activatedAt` | [`Date`](#date) | Date when the license was activated. | -| `company` | [`String`](#string) | Company of the licensee. | -| `email` | [`String`](#string) | Email of the licensee. | -| `expiresAt` | [`Date`](#date) | Date when the license expires. | -| `id` | [`ID!`](#id) | ID of the license. | -| `name` | [`String`](#string) | Name of the licensee. | -| `plan` | [`String!`](#string) | Name of the subscription plan. | -| `startsAt` | [`Date`](#date) | Date when the license started. | -| `type` | [`String!`](#string) | Type of the license. | -| `usersInLicenseCount` | [`Int`](#int) | Number of paid users in the license. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestreferencefull"></a>`full` | [`Boolean`](#boolean) | Boolean option specifying whether the reference should be returned in full. | + +### `MergeRequestAssignee` -### `LicenseHistoryEntryConnection` +A user assigned to a merge request. -The connection type for LicenseHistoryEntry. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[LicenseHistoryEntryEdge]`](#licensehistoryentryedge) | A list of edges. | -| `nodes` | [`[LicenseHistoryEntry]`](#licensehistoryentry) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestassigneeavatarurl"></a>`avatarUrl` | [`String`](#string) | URL of the user's avatar. | +| <a id="mergerequestassigneebot"></a>`bot` | [`Boolean!`](#boolean) | Indicates if the user is a bot. | +| <a id="mergerequestassigneecallouts"></a>`callouts` | [`UserCalloutConnection`](#usercalloutconnection) | User callouts that belong to the user. (see [Connections](#connections)) | +| <a id="mergerequestassigneeemail"></a>`email` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.7. This was renamed. Use: [`User.publicEmail`](#userpublicemail). | +| <a id="mergerequestassigneegroupcount"></a>`groupCount` | [`Int`](#int) | Group count for the user. | +| <a id="mergerequestassigneegroupmemberships"></a>`groupMemberships` | [`GroupMemberConnection`](#groupmemberconnection) | Group memberships of the user. (see [Connections](#connections)) | +| <a id="mergerequestassigneeid"></a>`id` | [`ID!`](#id) | ID of the user. | +| <a id="mergerequestassigneelocation"></a>`location` | [`String`](#string) | The location of the user. | +| <a id="mergerequestassigneemergerequestinteraction"></a>`mergeRequestInteraction` | [`UserMergeRequestInteraction`](#usermergerequestinteraction) | Details of this user's interactions with the merge request. | +| <a id="mergerequestassigneename"></a>`name` | [`String!`](#string) | Human-readable name of the user. | +| <a id="mergerequestassigneeprojectmemberships"></a>`projectMemberships` | [`ProjectMemberConnection`](#projectmemberconnection) | Project memberships of the user. (see [Connections](#connections)) | +| <a id="mergerequestassigneepublicemail"></a>`publicEmail` | [`String`](#string) | User's public email. | +| <a id="mergerequestassigneestate"></a>`state` | [`UserState!`](#userstate) | State of the user. | +| <a id="mergerequestassigneestatus"></a>`status` | [`UserStatus`](#userstatus) | User status. | +| <a id="mergerequestassigneeuserpermissions"></a>`userPermissions` | [`UserPermissions!`](#userpermissions) | Permissions for the current user on the resource. | +| <a id="mergerequestassigneeusername"></a>`username` | [`String!`](#string) | Username of the user. Unique within this instance of GitLab. | +| <a id="mergerequestassigneewebpath"></a>`webPath` | [`String!`](#string) | Web path of the user. | +| <a id="mergerequestassigneeweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the user. | + +#### Fields with arguments + +##### `MergeRequestAssignee.assignedMergeRequests` + +Merge requests assigned to the user. + +Returns [`MergeRequestConnection`](#mergerequestconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -### `LicenseHistoryEntryEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestassigneeassignedmergerequestsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author. | +| <a id="mergerequestassigneeassignedmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="mergerequestassigneeassignedmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="mergerequestassigneeassignedmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="mergerequestassigneeassignedmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="mergerequestassigneeassignedmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="mergerequestassigneeassignedmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="mergerequestassigneeassignedmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="mergerequestassigneeassignedmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="mergerequestassigneeassignedmergerequestsreviewerusername"></a>`reviewerUsername` | [`String`](#string) | Username of the reviewer. | +| <a id="mergerequestassigneeassignedmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="mergerequestassigneeassignedmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="mergerequestassigneeassignedmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="mergerequestassigneeassignedmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | -An edge in a connection. +##### `MergeRequestAssignee.authoredMergeRequests` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`LicenseHistoryEntry`](#licensehistoryentry) | The item at the end of the edge. | +Merge requests authored by the user. -### `MarkAsSpamSnippetPayload` +Returns [`MergeRequestConnection`](#mergerequestconnection). -Autogenerated return type of MarkAsSpamSnippet. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `snippet` | [`Snippet`](#snippet) | The snippet after mutation. | +###### Arguments -### `MemberInterfaceConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestassigneeauthoredmergerequestsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of the assignee. | +| <a id="mergerequestassigneeauthoredmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="mergerequestassigneeauthoredmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="mergerequestassigneeauthoredmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="mergerequestassigneeauthoredmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="mergerequestassigneeauthoredmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="mergerequestassigneeauthoredmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="mergerequestassigneeauthoredmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="mergerequestassigneeauthoredmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="mergerequestassigneeauthoredmergerequestsreviewerusername"></a>`reviewerUsername` | [`String`](#string) | Username of the reviewer. | +| <a id="mergerequestassigneeauthoredmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="mergerequestassigneeauthoredmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="mergerequestassigneeauthoredmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="mergerequestassigneeauthoredmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | -The connection type for MemberInterface. +##### `MergeRequestAssignee.reviewRequestedMergeRequests` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[MemberInterfaceEdge]`](#memberinterfaceedge) | A list of edges. | -| `nodes` | [`[MemberInterface]`](#memberinterface) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Merge requests assigned to the user for review. -### `MemberInterfaceEdge` +Returns [`MergeRequestConnection`](#mergerequestconnection). -An edge in a connection. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`MemberInterface`](#memberinterface) | The item at the end of the edge. | +###### Arguments -### `MergeRequest` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestassigneereviewrequestedmergerequestsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of the assignee. | +| <a id="mergerequestassigneereviewrequestedmergerequestsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author. | +| <a id="mergerequestassigneereviewrequestedmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="mergerequestassigneereviewrequestedmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="mergerequestassigneereviewrequestedmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="mergerequestassigneereviewrequestedmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="mergerequestassigneereviewrequestedmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="mergerequestassigneereviewrequestedmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="mergerequestassigneereviewrequestedmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="mergerequestassigneereviewrequestedmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="mergerequestassigneereviewrequestedmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="mergerequestassigneereviewrequestedmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="mergerequestassigneereviewrequestedmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="mergerequestassigneereviewrequestedmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | + +##### `MergeRequestAssignee.snippets` + +Snippets authored by the user. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `allowCollaboration` | [`Boolean`](#boolean) | Indicates if members of the target project can push to the fork. | -| `approvalsLeft` | [`Int`](#int) | Number of approvals left. | -| `approvalsRequired` | [`Int`](#int) | Number of approvals required. | -| `approved` | [`Boolean!`](#boolean) | Indicates if the merge request has all the required approvals. Returns true if no required approvals are configured. | -| `approvedBy` | [`UserConnection`](#userconnection) | Users who approved the merge request. | -| `assignees` | [`UserConnection`](#userconnection) | Assignees of the merge request. | -| `author` | [`User`](#user) | User who created this merge request. | -| `autoMergeEnabled` | [`Boolean!`](#boolean) | Indicates if auto merge is enabled for the merge request. | -| `autoMergeStrategy` | [`String`](#string) | Selected auto merge strategy. | -| `availableAutoMergeStrategies` | [`[String!]`](#string) | Array of available auto merge strategies. | -| `commitCount` | [`Int`](#int) | Number of commits in the merge request. | -| `commitsWithoutMergeCommits` | [`CommitConnection`](#commitconnection) | Merge request commits excluding merge commits. | -| `conflicts` | [`Boolean!`](#boolean) | Indicates if the merge request has conflicts. | -| `createdAt` | [`Time!`](#time) | Timestamp of when the merge request was created. | -| `currentUserTodos` | [`TodoConnection!`](#todoconnection) | To-do items for the current user. | -| `defaultMergeCommitMessage` | [`String`](#string) | Default merge commit message of the merge request. | -| `defaultMergeCommitMessageWithDescription` | [`String`](#string) | Default merge commit message of the merge request with description. | -| `defaultSquashCommitMessage` | [`String`](#string) | Default squash commit message of the merge request. | -| `description` | [`String`](#string) | Description of the merge request (Markdown rendered as HTML for caching). | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `diffHeadSha` | [`String`](#string) | Diff head SHA of the merge request. | -| `diffRefs` | [`DiffRefs`](#diffrefs) | References of the base SHA, the head SHA, and the start SHA for this merge request. | -| `diffStats` | [`[DiffStats!]`](#diffstats) | Details about which files were changed in this merge request. | -| `diffStatsSummary` | [`DiffStatsSummary`](#diffstatssummary) | Summary of which files were changed in this merge request. | -| `discussionLocked` | [`Boolean!`](#boolean) | Indicates if comments on the merge request are locked to members only. | -| `discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. | -| `divergedFromTargetBranch` | [`Boolean!`](#boolean) | Indicates if the source branch is behind the target branch. | -| `downvotes` | [`Int!`](#int) | Number of downvotes for the merge request. | -| `forceRemoveSourceBranch` | [`Boolean`](#boolean) | Indicates if the project settings will lead to source branch deletion after merge. | -| `hasCi` | [`Boolean!`](#boolean) | Indicates if the merge request has CI. | -| `hasSecurityReports` | [`Boolean!`](#boolean) | Indicates if the source branch has any security reports. | -| `headPipeline` | [`Pipeline`](#pipeline) | The pipeline running on the branch HEAD of the merge request. | -| `id` | [`ID!`](#id) | ID of the merge request. | -| `iid` | [`String!`](#string) | Internal ID of the merge request. | -| `inProgressMergeCommitSha` | [`String`](#string) | Commit SHA of the merge request if merge is in progress. | -| `labels` | [`LabelConnection`](#labelconnection) | Labels of the merge request. | -| `mergeCommitSha` | [`String`](#string) | SHA of the merge request commit (set once merged). | -| `mergeError` | [`String`](#string) | Error message due to a merge error. | -| `mergeOngoing` | [`Boolean!`](#boolean) | Indicates if a merge is currently occurring. | -| `mergeStatus` | [`String`](#string) | Status of the merge request. | -| `mergeTrainsCount` | [`Int`](#int) | Number of merge requests in the merge train. | -| `mergeUser` | [`User`](#user) | User who merged this merge request. | -| `mergeWhenPipelineSucceeds` | [`Boolean`](#boolean) | Indicates if the merge has been set to be merged when its pipeline succeeds (MWPS). | -| `mergeable` | [`Boolean!`](#boolean) | Indicates if the merge request is mergeable. | -| `mergeableDiscussionsState` | [`Boolean`](#boolean) | Indicates if all discussions in the merge request have been resolved, allowing the merge request to be merged. | -| `mergedAt` | [`Time`](#time) | Timestamp of when the merge request was merged, null if not merged. | -| `milestone` | [`Milestone`](#milestone) | The milestone of the merge request. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. | -| `participants` | [`UserConnection`](#userconnection) | Participants in the merge request. This includes the author, assignees, reviewers, and users mentioned in notes. | -| `pipelines` | [`PipelineConnection`](#pipelineconnection) | Pipelines for the merge request. Note: for performance reasons, no more than the most recent 500 pipelines will be returned. | -| `project` | [`Project!`](#project) | Alias for target_project. | -| `projectId` | [`Int!`](#int) | ID of the merge request project. | -| `rebaseCommitSha` | [`String`](#string) | Rebase commit SHA of the merge request. | -| `rebaseInProgress` | [`Boolean!`](#boolean) | Indicates if there is a rebase currently in progress for the merge request. | -| `reference` | [`String!`](#string) | Internal reference of the merge request. Returned in shortened format by default. | -| `reviewers` | [`MergeRequestReviewerConnection`](#mergerequestreviewerconnection) | Users from whom a review has been requested. | -| `securityAutoFix` | [`Boolean`](#boolean) | Indicates if the merge request is created by @GitLab-Security-Bot. | -| `securityReportsUpToDateOnTargetBranch` | [`Boolean!`](#boolean) | Indicates if the target branch security reports are out of date. | -| `shouldBeRebased` | [`Boolean!`](#boolean) | Indicates if the merge request will be rebased. | -| `shouldRemoveSourceBranch` | [`Boolean`](#boolean) | Indicates if the source branch of the merge request will be deleted after merge. | -| `sourceBranch` | [`String!`](#string) | Source branch of the merge request. | -| `sourceBranchExists` | [`Boolean!`](#boolean) | Indicates if the source branch of the merge request exists. | -| `sourceBranchProtected` | [`Boolean!`](#boolean) | Indicates if the source branch is protected. | -| `sourceProject` | [`Project`](#project) | Source project of the merge request. | -| `sourceProjectId` | [`Int`](#int) | ID of the merge request source project. | -| `squash` | [`Boolean!`](#boolean) | Indicates if squash on merge is enabled. | -| `squashOnMerge` | [`Boolean!`](#boolean) | Indicates if squash on merge is enabled. | -| `state` | [`MergeRequestState!`](#mergerequeststate) | State of the merge request. | -| `subscribed` | [`Boolean!`](#boolean) | Indicates if the currently logged in user is subscribed to this merge request. | -| `targetBranch` | [`String!`](#string) | Target branch of the merge request. | -| `targetBranchExists` | [`Boolean!`](#boolean) | Indicates if the target branch of the merge request exists. | -| `targetProject` | [`Project!`](#project) | Target project of the merge request. | -| `targetProjectId` | [`Int!`](#int) | ID of the merge request target project. | -| `taskCompletionStatus` | [`TaskCompletionStatus!`](#taskcompletionstatus) | Completion status of tasks. | -| `timeEstimate` | [`Int!`](#int) | Time estimate of the merge request. | -| `timelogs` | [`TimelogConnection!`](#timelogconnection) | Timelogs on the merge request. | -| `title` | [`String!`](#string) | Title of the merge request. | -| `titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | -| `totalTimeSpent` | [`Int!`](#int) | Total time reported as spent on the merge request. | -| `updatedAt` | [`Time!`](#time) | Timestamp of when the merge request was last updated. | -| `upvotes` | [`Int!`](#int) | Number of upvotes for the merge request. | -| `userDiscussionsCount` | [`Int`](#int) | Number of user discussions in the merge request. | -| `userNotesCount` | [`Int`](#int) | User notes count of the merge request. | -| `userPermissions` | [`MergeRequestPermissions!`](#mergerequestpermissions) | Permissions for the current user on the resource. | -| `webUrl` | [`String`](#string) | Web URL of the merge request. | -| `workInProgress` | [`Boolean!`](#boolean) | Indicates if the merge request is a draft. | - -### `MergeRequestAcceptPayload` - -Autogenerated return type of MergeRequestAccept. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | - -### `MergeRequestConnection` - -The connection type for MergeRequest. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[MergeRequestEdge]`](#mergerequestedge) | A list of edges. | -| `nodes` | [`[MergeRequest]`](#mergerequest) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | -| `totalTimeToMerge` | [`Float`](#float) | Total sum of time to merge, in seconds, for the collection of merge requests. | - -### `MergeRequestCreatePayload` - -Autogenerated return type of MergeRequestCreate. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | +Returns [`SnippetConnection`](#snippetconnection). -### `MergeRequestDiffRegistry` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Represents the Geo sync and verification state of a Merge Request diff. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time`](#time) | Timestamp when the MergeRequestDiffRegistry was created. | -| `id` | [`ID!`](#id) | ID of the MergeRequestDiffRegistry. | -| `lastSyncFailure` | [`String`](#string) | Error message during sync of the MergeRequestDiffRegistry. | -| `lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the MergeRequestDiffRegistry. | -| `mergeRequestDiffId` | [`ID!`](#id) | ID of the Merge Request diff. | -| `retryAt` | [`Time`](#time) | Timestamp after which the MergeRequestDiffRegistry should be resynced. | -| `retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the MergeRequestDiffRegistry. | -| `state` | [`RegistryState`](#registrystate) | Sync state of the MergeRequestDiffRegistry. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestassigneesnippetsids"></a>`ids` | [`[SnippetID!]`](#snippetid) | Array of global snippet IDs. For example, `gid://gitlab/ProjectSnippet/1`. | +| <a id="mergerequestassigneesnippetstype"></a>`type` | [`TypeEnum`](#typeenum) | The type of snippet. | +| <a id="mergerequestassigneesnippetsvisibility"></a>`visibility` | [`VisibilityScopesEnum`](#visibilityscopesenum) | The visibility of the snippet. | -### `MergeRequestDiffRegistryConnection` +##### `MergeRequestAssignee.starredProjects` -The connection type for MergeRequestDiffRegistry. +Projects starred by the user. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[MergeRequestDiffRegistryEdge]`](#mergerequestdiffregistryedge) | A list of edges. | -| `nodes` | [`[MergeRequestDiffRegistry]`](#mergerequestdiffregistry) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Returns [`ProjectConnection`](#projectconnection). -### `MergeRequestDiffRegistryEdge` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -An edge in a connection. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`MergeRequestDiffRegistry`](#mergerequestdiffregistry) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestassigneestarredprojectssearch"></a>`search` | [`String`](#string) | Search query. | -### `MergeRequestEdge` +##### `MergeRequestAssignee.todos` -An edge in a connection. +To-do items of the user. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`MergeRequest`](#mergerequest) | The item at the end of the edge. | +Returns [`TodoConnection`](#todoconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestassigneetodosaction"></a>`action` | [`[TodoActionEnum!]`](#todoactionenum) | The action to be filtered. | +| <a id="mergerequestassigneetodosauthorid"></a>`authorId` | [`[ID!]`](#id) | The ID of an author. | +| <a id="mergerequestassigneetodosgroupid"></a>`groupId` | [`[ID!]`](#id) | The ID of a group. | +| <a id="mergerequestassigneetodosprojectid"></a>`projectId` | [`[ID!]`](#id) | The ID of a project. | +| <a id="mergerequestassigneetodosstate"></a>`state` | [`[TodoStateEnum!]`](#todostateenum) | The state of the todo. | +| <a id="mergerequestassigneetodostype"></a>`type` | [`[TodoTargetEnum!]`](#todotargetenum) | The type of the todo. | + +### `MergeRequestDiffRegistry` + +Represents the Geo sync and verification state of a Merge Request diff. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestdiffregistrycreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp when the MergeRequestDiffRegistry was created. | +| <a id="mergerequestdiffregistryid"></a>`id` | [`ID!`](#id) | ID of the MergeRequestDiffRegistry. | +| <a id="mergerequestdiffregistrylastsyncfailure"></a>`lastSyncFailure` | [`String`](#string) | Error message during sync of the MergeRequestDiffRegistry. | +| <a id="mergerequestdiffregistrylastsyncedat"></a>`lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the MergeRequestDiffRegistry. | +| <a id="mergerequestdiffregistrymergerequestdiffid"></a>`mergeRequestDiffId` | [`ID!`](#id) | ID of the Merge Request diff. | +| <a id="mergerequestdiffregistryretryat"></a>`retryAt` | [`Time`](#time) | Timestamp after which the MergeRequestDiffRegistry should be resynced. | +| <a id="mergerequestdiffregistryretrycount"></a>`retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the MergeRequestDiffRegistry. | +| <a id="mergerequestdiffregistrystate"></a>`state` | [`RegistryState`](#registrystate) | Sync state of the MergeRequestDiffRegistry. | ### `MergeRequestPermissions` Check permissions for the current user on a merge request. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `adminMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_merge_request` on this resource. | -| `canMerge` | [`Boolean!`](#boolean) | Indicates the user can perform `can_merge` on this resource. | -| `cherryPickOnCurrentMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `cherry_pick_on_current_merge_request` on this resource. | -| `createNote` | [`Boolean!`](#boolean) | Indicates the user can perform `create_note` on this resource. | -| `pushToSourceBranch` | [`Boolean!`](#boolean) | Indicates the user can perform `push_to_source_branch` on this resource. | -| `readMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `read_merge_request` on this resource. | -| `removeSourceBranch` | [`Boolean!`](#boolean) | Indicates the user can perform `remove_source_branch` on this resource. | -| `revertOnCurrentMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `revert_on_current_merge_request` on this resource. | -| `updateMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `update_merge_request` on this resource. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestpermissionsadminmergerequest"></a>`adminMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_merge_request` on this resource. | +| <a id="mergerequestpermissionscanmerge"></a>`canMerge` | [`Boolean!`](#boolean) | Indicates the user can perform `can_merge` on this resource. | +| <a id="mergerequestpermissionscherrypickoncurrentmergerequest"></a>`cherryPickOnCurrentMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `cherry_pick_on_current_merge_request` on this resource. | +| <a id="mergerequestpermissionscreatenote"></a>`createNote` | [`Boolean!`](#boolean) | Indicates the user can perform `create_note` on this resource. | +| <a id="mergerequestpermissionspushtosourcebranch"></a>`pushToSourceBranch` | [`Boolean!`](#boolean) | Indicates the user can perform `push_to_source_branch` on this resource. | +| <a id="mergerequestpermissionsreadmergerequest"></a>`readMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `read_merge_request` on this resource. | +| <a id="mergerequestpermissionsremovesourcebranch"></a>`removeSourceBranch` | [`Boolean!`](#boolean) | Indicates the user can perform `remove_source_branch` on this resource. | +| <a id="mergerequestpermissionsrevertoncurrentmergerequest"></a>`revertOnCurrentMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `revert_on_current_merge_request` on this resource. | +| <a id="mergerequestpermissionsupdatemergerequest"></a>`updateMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `update_merge_request` on this resource. | ### `MergeRequestReviewer` -A user from whom a merge request review has been requested. +A user assigned to a merge request as a reviewer. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `assignedMergeRequests` | [`MergeRequestConnection`](#mergerequestconnection) | Merge requests assigned to the user. | -| `authoredMergeRequests` | [`MergeRequestConnection`](#mergerequestconnection) | Merge requests authored by the user. | -| `avatarUrl` | [`String`](#string) | URL of the user's avatar. | -| `bot` | [`Boolean!`](#boolean) | Indicates if the user is a bot. | -| `callouts` | [`UserCalloutConnection`](#usercalloutconnection) | User callouts that belong to the user. | -| `email` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.7. This was renamed. Use: `User.publicEmail`. | -| `groupCount` | [`Int`](#int) | Group count for the user. Available only when feature flag `user_group_counts` is enabled. | -| `groupMemberships` | [`GroupMemberConnection`](#groupmemberconnection) | Group memberships of the user. | -| `id` | [`ID!`](#id) | ID of the user. | -| `location` | [`String`](#string) | The location of the user. | -| `mergeRequestInteraction` | [`UserMergeRequestInteraction`](#usermergerequestinteraction) | Details of this user's interactions with the merge request. | -| `name` | [`String!`](#string) | Human-readable name of the user. | -| `projectMemberships` | [`ProjectMemberConnection`](#projectmemberconnection) | Project memberships of the user. | -| `publicEmail` | [`String`](#string) | User's public email. | -| `reviewRequestedMergeRequests` | [`MergeRequestConnection`](#mergerequestconnection) | Merge requests assigned to the user for review. | -| `snippets` | [`SnippetConnection`](#snippetconnection) | Snippets authored by the user. | -| `starredProjects` | [`ProjectConnection`](#projectconnection) | Projects starred by the user. | -| `state` | [`UserState!`](#userstate) | State of the user. | -| `status` | [`UserStatus`](#userstatus) | User status. | -| `todos` | [`TodoConnection`](#todoconnection) | To-do items of the user. | -| `userPermissions` | [`UserPermissions!`](#userpermissions) | Permissions for the current user on the resource. | -| `username` | [`String!`](#string) | Username of the user. Unique within this instance of GitLab. | -| `webPath` | [`String!`](#string) | Web path of the user. | -| `webUrl` | [`String!`](#string) | Web URL of the user. | +#### Fields -### `MergeRequestReviewerConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestrevieweravatarurl"></a>`avatarUrl` | [`String`](#string) | URL of the user's avatar. | +| <a id="mergerequestreviewerbot"></a>`bot` | [`Boolean!`](#boolean) | Indicates if the user is a bot. | +| <a id="mergerequestreviewercallouts"></a>`callouts` | [`UserCalloutConnection`](#usercalloutconnection) | User callouts that belong to the user. (see [Connections](#connections)) | +| <a id="mergerequestrevieweremail"></a>`email` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.7. This was renamed. Use: [`User.publicEmail`](#userpublicemail). | +| <a id="mergerequestreviewergroupcount"></a>`groupCount` | [`Int`](#int) | Group count for the user. | +| <a id="mergerequestreviewergroupmemberships"></a>`groupMemberships` | [`GroupMemberConnection`](#groupmemberconnection) | Group memberships of the user. (see [Connections](#connections)) | +| <a id="mergerequestreviewerid"></a>`id` | [`ID!`](#id) | ID of the user. | +| <a id="mergerequestreviewerlocation"></a>`location` | [`String`](#string) | The location of the user. | +| <a id="mergerequestreviewermergerequestinteraction"></a>`mergeRequestInteraction` | [`UserMergeRequestInteraction`](#usermergerequestinteraction) | Details of this user's interactions with the merge request. | +| <a id="mergerequestreviewername"></a>`name` | [`String!`](#string) | Human-readable name of the user. | +| <a id="mergerequestreviewerprojectmemberships"></a>`projectMemberships` | [`ProjectMemberConnection`](#projectmemberconnection) | Project memberships of the user. (see [Connections](#connections)) | +| <a id="mergerequestreviewerpublicemail"></a>`publicEmail` | [`String`](#string) | User's public email. | +| <a id="mergerequestreviewerstate"></a>`state` | [`UserState!`](#userstate) | State of the user. | +| <a id="mergerequestreviewerstatus"></a>`status` | [`UserStatus`](#userstatus) | User status. | +| <a id="mergerequestrevieweruserpermissions"></a>`userPermissions` | [`UserPermissions!`](#userpermissions) | Permissions for the current user on the resource. | +| <a id="mergerequestreviewerusername"></a>`username` | [`String!`](#string) | Username of the user. Unique within this instance of GitLab. | +| <a id="mergerequestreviewerwebpath"></a>`webPath` | [`String!`](#string) | Web path of the user. | +| <a id="mergerequestreviewerweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the user. | + +#### Fields with arguments + +##### `MergeRequestReviewer.assignedMergeRequests` + +Merge requests assigned to the user. + +Returns [`MergeRequestConnection`](#mergerequestconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -The connection type for MergeRequestReviewer. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestreviewerassignedmergerequestsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author. | +| <a id="mergerequestreviewerassignedmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="mergerequestreviewerassignedmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="mergerequestreviewerassignedmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="mergerequestreviewerassignedmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="mergerequestreviewerassignedmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="mergerequestreviewerassignedmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="mergerequestreviewerassignedmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="mergerequestreviewerassignedmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="mergerequestreviewerassignedmergerequestsreviewerusername"></a>`reviewerUsername` | [`String`](#string) | Username of the reviewer. | +| <a id="mergerequestreviewerassignedmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="mergerequestreviewerassignedmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="mergerequestreviewerassignedmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="mergerequestreviewerassignedmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[MergeRequestReviewerEdge]`](#mergerequestrevieweredge) | A list of edges. | -| `nodes` | [`[MergeRequestReviewer]`](#mergerequestreviewer) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### `MergeRequestReviewer.authoredMergeRequests` -### `MergeRequestReviewerEdge` +Merge requests authored by the user. -An edge in a connection. +Returns [`MergeRequestConnection`](#mergerequestconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`MergeRequestReviewer`](#mergerequestreviewer) | The item at the end of the edge. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `MergeRequestReviewerRereviewPayload` +###### Arguments -Autogenerated return type of MergeRequestReviewerRereview. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestreviewerauthoredmergerequestsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of the assignee. | +| <a id="mergerequestreviewerauthoredmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="mergerequestreviewerauthoredmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="mergerequestreviewerauthoredmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="mergerequestreviewerauthoredmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="mergerequestreviewerauthoredmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="mergerequestreviewerauthoredmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="mergerequestreviewerauthoredmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="mergerequestreviewerauthoredmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="mergerequestreviewerauthoredmergerequestsreviewerusername"></a>`reviewerUsername` | [`String`](#string) | Username of the reviewer. | +| <a id="mergerequestreviewerauthoredmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="mergerequestreviewerauthoredmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="mergerequestreviewerauthoredmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="mergerequestreviewerauthoredmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | +##### `MergeRequestReviewer.reviewRequestedMergeRequests` -### `MergeRequestSetAssigneesPayload` +Merge requests assigned to the user for review. -Autogenerated return type of MergeRequestSetAssignees. +Returns [`MergeRequestConnection`](#mergerequestconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `MergeRequestSetLabelsPayload` +###### Arguments -Autogenerated return type of MergeRequestSetLabels. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestreviewerreviewrequestedmergerequestsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of the assignee. | +| <a id="mergerequestreviewerreviewrequestedmergerequestsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author. | +| <a id="mergerequestreviewerreviewrequestedmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="mergerequestreviewerreviewrequestedmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="mergerequestreviewerreviewrequestedmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="mergerequestreviewerreviewrequestedmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="mergerequestreviewerreviewrequestedmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="mergerequestreviewerreviewrequestedmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="mergerequestreviewerreviewrequestedmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="mergerequestreviewerreviewrequestedmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="mergerequestreviewerreviewrequestedmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="mergerequestreviewerreviewrequestedmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="mergerequestreviewerreviewrequestedmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="mergerequestreviewerreviewrequestedmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | + +##### `MergeRequestReviewer.snippets` + +Snippets authored by the user. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | +Returns [`SnippetConnection`](#snippetconnection). -### `MergeRequestSetLockedPayload` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Autogenerated return type of MergeRequestSetLocked. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestreviewersnippetsids"></a>`ids` | [`[SnippetID!]`](#snippetid) | Array of global snippet IDs. For example, `gid://gitlab/ProjectSnippet/1`. | +| <a id="mergerequestreviewersnippetstype"></a>`type` | [`TypeEnum`](#typeenum) | The type of snippet. | +| <a id="mergerequestreviewersnippetsvisibility"></a>`visibility` | [`VisibilityScopesEnum`](#visibilityscopesenum) | The visibility of the snippet. | -### `MergeRequestSetMilestonePayload` +##### `MergeRequestReviewer.starredProjects` -Autogenerated return type of MergeRequestSetMilestone. +Projects starred by the user. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | +Returns [`ProjectConnection`](#projectconnection). -### `MergeRequestSetSubscriptionPayload` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Autogenerated return type of MergeRequestSetSubscription. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestreviewerstarredprojectssearch"></a>`search` | [`String`](#string) | Search query. | -### `MergeRequestSetWipPayload` +##### `MergeRequestReviewer.todos` -Autogenerated return type of MergeRequestSetWip. +To-do items of the user. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | +Returns [`TodoConnection`](#todoconnection). -### `MergeRequestUpdatePayload` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Autogenerated return type of MergeRequestUpdate. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestreviewertodosaction"></a>`action` | [`[TodoActionEnum!]`](#todoactionenum) | The action to be filtered. | +| <a id="mergerequestreviewertodosauthorid"></a>`authorId` | [`[ID!]`](#id) | The ID of an author. | +| <a id="mergerequestreviewertodosgroupid"></a>`groupId` | [`[ID!]`](#id) | The ID of a group. | +| <a id="mergerequestreviewertodosprojectid"></a>`projectId` | [`[ID!]`](#id) | The ID of a project. | +| <a id="mergerequestreviewertodosstate"></a>`state` | [`[TodoStateEnum!]`](#todostateenum) | The state of the todo. | +| <a id="mergerequestreviewertodostype"></a>`type` | [`[TodoTargetEnum!]`](#todotargetenum) | The type of the todo. | ### `Metadata` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `revision` | [`String!`](#string) | Revision. | -| `version` | [`String!`](#string) | Version. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="metadatakas"></a>`kas` | [`Kas!`](#kas) | Metadata about KAS. | +| <a id="metadatarevision"></a>`revision` | [`String!`](#string) | Revision. | +| <a id="metadataversion"></a>`version` | [`String!`](#string) | Version. | ### `MetricImage` Represents a metric image upload. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `fileName` | [`String`](#string) | File name of the metric image. | -| `filePath` | [`String`](#string) | File path of the metric image. | -| `id` | [`ID!`](#id) | ID of the metric upload. | -| `iid` | [`ID!`](#id) | Internal ID of the metric upload. | -| `url` | [`String!`](#string) | URL of the metric source. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="metricimagefilename"></a>`fileName` | [`String`](#string) | File name of the metric image. | +| <a id="metricimagefilepath"></a>`filePath` | [`String`](#string) | File path of the metric image. | +| <a id="metricimageid"></a>`id` | [`ID!`](#id) | ID of the metric upload. | +| <a id="metricimageiid"></a>`iid` | [`ID!`](#id) | Internal ID of the metric upload. | +| <a id="metricimageurl"></a>`url` | [`String!`](#string) | URL of the metric source. | ### `MetricsDashboard` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `annotations` | [`MetricsDashboardAnnotationConnection`](#metricsdashboardannotationconnection) | Annotations added to the dashboard. | -| `path` | [`String`](#string) | Path to a file with the dashboard definition. | -| `schemaValidationWarnings` | [`[String!]`](#string) | Dashboard schema validation warnings. | +#### Fields -### `MetricsDashboardAnnotation` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="metricsdashboardpath"></a>`path` | [`String`](#string) | Path to a file with the dashboard definition. | +| <a id="metricsdashboardschemavalidationwarnings"></a>`schemaValidationWarnings` | [`[String!]`](#string) | Dashboard schema validation warnings. | + +#### Fields with arguments + +##### `MetricsDashboard.annotations` + +Annotations added to the dashboard. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the annotation. | -| `endingAt` | [`Time`](#time) | Timestamp marking end of annotated time span. | -| `id` | [`ID!`](#id) | ID of the annotation. | -| `panelId` | [`String`](#string) | ID of a dashboard panel to which the annotation should be scoped. | -| `startingAt` | [`Time`](#time) | Timestamp marking start of annotated time span. | +Returns [`MetricsDashboardAnnotationConnection`](#metricsdashboardannotationconnection). -### `MetricsDashboardAnnotationConnection` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -The connection type for MetricsDashboardAnnotation. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[MetricsDashboardAnnotationEdge]`](#metricsdashboardannotationedge) | A list of edges. | -| `nodes` | [`[MetricsDashboardAnnotation]`](#metricsdashboardannotation) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="metricsdashboardannotationsfrom"></a>`from` | [`Time!`](#time) | Timestamp marking date and time from which annotations need to be fetched. | +| <a id="metricsdashboardannotationsto"></a>`to` | [`Time`](#time) | Timestamp marking date and time to which annotations need to be fetched. | -### `MetricsDashboardAnnotationEdge` +### `MetricsDashboardAnnotation` -An edge in a connection. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`MetricsDashboardAnnotation`](#metricsdashboardannotation) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="metricsdashboardannotationdescription"></a>`description` | [`String`](#string) | Description of the annotation. | +| <a id="metricsdashboardannotationendingat"></a>`endingAt` | [`Time`](#time) | Timestamp marking end of annotated time span. | +| <a id="metricsdashboardannotationid"></a>`id` | [`ID!`](#id) | ID of the annotation. | +| <a id="metricsdashboardannotationpanelid"></a>`panelId` | [`String`](#string) | ID of a dashboard panel to which the annotation should be scoped. | +| <a id="metricsdashboardannotationstartingat"></a>`startingAt` | [`Time`](#time) | Timestamp marking start of annotated time span. | ### `Milestone` Represents a milestone. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | Timestamp of milestone creation. | -| `description` | [`String`](#string) | Description of the milestone. | -| `dueDate` | [`Time`](#time) | Timestamp of the milestone due date. | -| `groupMilestone` | [`Boolean!`](#boolean) | Indicates if milestone is at group level. | -| `id` | [`ID!`](#id) | ID of the milestone. | -| `iid` | [`ID!`](#id) | Internal ID of the milestone. | -| `projectMilestone` | [`Boolean!`](#boolean) | Indicates if milestone is at project level. | -| `report` | [`TimeboxReport`](#timeboxreport) | Historically accurate report about the timebox. | -| `startDate` | [`Time`](#time) | Timestamp of the milestone start date. | -| `state` | [`MilestoneStateEnum!`](#milestonestateenum) | State of the milestone. | -| `stats` | [`MilestoneStats`](#milestonestats) | Milestone statistics. | -| `subgroupMilestone` | [`Boolean!`](#boolean) | Indicates if milestone is at subgroup level. | -| `title` | [`String!`](#string) | Title of the milestone. | -| `updatedAt` | [`Time!`](#time) | Timestamp of last milestone update. | -| `webPath` | [`String!`](#string) | Web path of the milestone. | - -### `MilestoneConnection` - -The connection type for Milestone. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[MilestoneEdge]`](#milestoneedge) | A list of edges. | -| `nodes` | [`[Milestone]`](#milestone) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `MilestoneEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Milestone`](#milestone) | The item at the end of the edge. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="milestonecreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of milestone creation. | +| <a id="milestonedescription"></a>`description` | [`String`](#string) | Description of the milestone. | +| <a id="milestoneduedate"></a>`dueDate` | [`Time`](#time) | Timestamp of the milestone due date. | +| <a id="milestonegroupmilestone"></a>`groupMilestone` | [`Boolean!`](#boolean) | Indicates if milestone is at group level. | +| <a id="milestoneid"></a>`id` | [`ID!`](#id) | ID of the milestone. | +| <a id="milestoneiid"></a>`iid` | [`ID!`](#id) | Internal ID of the milestone. | +| <a id="milestoneprojectmilestone"></a>`projectMilestone` | [`Boolean!`](#boolean) | Indicates if milestone is at project level. | +| <a id="milestonereport"></a>`report` | [`TimeboxReport`](#timeboxreport) | Historically accurate report about the timebox. | +| <a id="milestonestartdate"></a>`startDate` | [`Time`](#time) | Timestamp of the milestone start date. | +| <a id="milestonestate"></a>`state` | [`MilestoneStateEnum!`](#milestonestateenum) | State of the milestone. | +| <a id="milestonestats"></a>`stats` | [`MilestoneStats`](#milestonestats) | Milestone statistics. | +| <a id="milestonesubgroupmilestone"></a>`subgroupMilestone` | [`Boolean!`](#boolean) | Indicates if milestone is at subgroup level. | +| <a id="milestonetitle"></a>`title` | [`String!`](#string) | Title of the milestone. | +| <a id="milestoneupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of last milestone update. | +| <a id="milestonewebpath"></a>`webPath` | [`String!`](#string) | Web path of the milestone. | ### `MilestoneStats` Contains statistics about a milestone. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `closedIssuesCount` | [`Int`](#int) | Number of closed issues associated with the milestone. | -| `totalIssuesCount` | [`Int`](#int) | Total number of issues associated with the milestone. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="milestonestatsclosedissuescount"></a>`closedIssuesCount` | [`Int`](#int) | Number of closed issues associated with the milestone. | +| <a id="milestonestatstotalissuescount"></a>`totalIssuesCount` | [`Int`](#int) | Total number of issues associated with the milestone. | ### `Namespace` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `actualRepositorySizeLimit` | [`Float`](#float) | Size limit for repositories in the namespace in bytes. | -| `additionalPurchasedStorageSize` | [`Float`](#float) | Additional storage purchased for the root namespace in bytes. | -| `complianceFrameworks` | [`ComplianceFrameworkConnection`](#complianceframeworkconnection) | Compliance frameworks available to projects in this namespace. Available only when feature flag `ff_custom_compliance_frameworks` is enabled. | -| `containsLockedProjects` | [`Boolean!`](#boolean) | Includes at least one project where the repository size exceeds the limit. | -| `description` | [`String`](#string) | Description of the namespace. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `fullName` | [`String!`](#string) | Full name of the namespace. | -| `fullPath` | [`ID!`](#id) | Full path of the namespace. | -| `id` | [`ID!`](#id) | ID of the namespace. | -| `isTemporaryStorageIncreaseEnabled` | [`Boolean!`](#boolean) | Status of the temporary storage increase. | -| `lfsEnabled` | [`Boolean`](#boolean) | Indicates if Large File Storage (LFS) is enabled for namespace. | -| `name` | [`String!`](#string) | Name of the namespace. | -| `packageSettings` | [`PackageSettings`](#packagesettings) | The package settings for the namespace. | -| `path` | [`String!`](#string) | Path of the namespace. | -| `projects` | [`ProjectConnection!`](#projectconnection) | Projects within this namespace. | -| `repositorySizeExcessProjectCount` | [`Int!`](#int) | Number of projects in the root namespace where the repository size exceeds the limit. | -| `requestAccessEnabled` | [`Boolean`](#boolean) | Indicates if users can request access to namespace. | -| `rootStorageStatistics` | [`RootStorageStatistics`](#rootstoragestatistics) | Aggregated storage statistics of the namespace. Only available for root namespaces. | -| `storageSizeLimit` | [`Float`](#float) | Total storage limit of the root namespace in bytes. | -| `temporaryStorageIncreaseEndsOn` | [`Time`](#time) | Date until the temporary storage increase is active. | -| `totalRepositorySize` | [`Float`](#float) | Total repository size of all projects in the root namespace in bytes. | -| `totalRepositorySizeExcess` | [`Float`](#float) | Total excess repository size of all projects in the root namespace in bytes. | -| `visibility` | [`String`](#string) | Visibility of the namespace. | - -### `NamespaceConnection` - -The connection type for Namespace. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[NamespaceEdge]`](#namespaceedge) | A list of edges. | -| `nodes` | [`[Namespace]`](#namespace) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `NamespaceEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Namespace`](#namespace) | The item at the end of the edge. | - -### `NamespaceIncreaseStorageTemporarilyPayload` - -Autogenerated return type of NamespaceIncreaseStorageTemporarily. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `namespace` | [`Namespace`](#namespace) | The namespace after mutation. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="namespaceactualrepositorysizelimit"></a>`actualRepositorySizeLimit` | [`Float`](#float) | Size limit for repositories in the namespace in bytes. | +| <a id="namespaceadditionalpurchasedstoragesize"></a>`additionalPurchasedStorageSize` | [`Float`](#float) | Additional storage purchased for the root namespace in bytes. | +| <a id="namespacecontainslockedprojects"></a>`containsLockedProjects` | [`Boolean!`](#boolean) | Includes at least one project where the repository size exceeds the limit. | +| <a id="namespacedescription"></a>`description` | [`String`](#string) | Description of the namespace. | +| <a id="namespacedescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="namespacefullname"></a>`fullName` | [`String!`](#string) | Full name of the namespace. | +| <a id="namespacefullpath"></a>`fullPath` | [`ID!`](#id) | Full path of the namespace. | +| <a id="namespaceid"></a>`id` | [`ID!`](#id) | ID of the namespace. | +| <a id="namespaceistemporarystorageincreaseenabled"></a>`isTemporaryStorageIncreaseEnabled` | [`Boolean!`](#boolean) | Status of the temporary storage increase. | +| <a id="namespacelfsenabled"></a>`lfsEnabled` | [`Boolean`](#boolean) | Indicates if Large File Storage (LFS) is enabled for namespace. | +| <a id="namespacename"></a>`name` | [`String!`](#string) | Name of the namespace. | +| <a id="namespacepackagesettings"></a>`packageSettings` | [`PackageSettings`](#packagesettings) | The package settings for the namespace. | +| <a id="namespacepath"></a>`path` | [`String!`](#string) | Path of the namespace. | +| <a id="namespacerepositorysizeexcessprojectcount"></a>`repositorySizeExcessProjectCount` | [`Int!`](#int) | Number of projects in the root namespace where the repository size exceeds the limit. | +| <a id="namespacerequestaccessenabled"></a>`requestAccessEnabled` | [`Boolean`](#boolean) | Indicates if users can request access to namespace. | +| <a id="namespacerootstoragestatistics"></a>`rootStorageStatistics` | [`RootStorageStatistics`](#rootstoragestatistics) | Aggregated storage statistics of the namespace. Only available for root namespaces. | +| <a id="namespacestoragesizelimit"></a>`storageSizeLimit` | [`Float`](#float) | Total storage limit of the root namespace in bytes. | +| <a id="namespacetemporarystorageincreaseendson"></a>`temporaryStorageIncreaseEndsOn` | [`Time`](#time) | Date until the temporary storage increase is active. | +| <a id="namespacetotalrepositorysize"></a>`totalRepositorySize` | [`Float`](#float) | Total repository size of all projects in the root namespace in bytes. | +| <a id="namespacetotalrepositorysizeexcess"></a>`totalRepositorySizeExcess` | [`Float`](#float) | Total excess repository size of all projects in the root namespace in bytes. | +| <a id="namespacevisibility"></a>`visibility` | [`String`](#string) | Visibility of the namespace. | + +#### Fields with arguments + +##### `Namespace.complianceFrameworks` + +Compliance frameworks available to projects in this namespace. + +Returns [`ComplianceFrameworkConnection`](#complianceframeworkconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="namespacecomplianceframeworksid"></a>`id` | [`ComplianceManagementFrameworkID`](#compliancemanagementframeworkid) | Global ID of a specific compliance framework to return. | + +##### `Namespace.projects` + +Projects within this namespace. + +Returns [`ProjectConnection!`](#projectconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="namespaceprojectshascodecoverage"></a>`hasCodeCoverage` | [`Boolean`](#boolean) | Returns only the projects which have code coverage. | +| <a id="namespaceprojectshasvulnerabilities"></a>`hasVulnerabilities` | [`Boolean`](#boolean) | Returns only the projects which have vulnerabilities. | +| <a id="namespaceprojectsids"></a>`ids` | [`[ID!]`](#id) | Filter projects by IDs. | +| <a id="namespaceprojectsincludesubgroups"></a>`includeSubgroups` | [`Boolean`](#boolean) | Include also subgroup projects. | +| <a id="namespaceprojectssearch"></a>`search` | [`String`](#string) | Search project with most similar names or paths. | +| <a id="namespaceprojectssort"></a>`sort` | [`NamespaceProjectSort`](#namespaceprojectsort) | Sort projects by this criteria. | ### `Note` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `author` | [`User!`](#user) | User who wrote this note. | -| `body` | [`String!`](#string) | Content of the note. | -| `bodyHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `note`. | -| `confidential` | [`Boolean`](#boolean) | Indicates if this note is confidential. | -| `createdAt` | [`Time!`](#time) | Timestamp of the note creation. | -| `discussion` | [`Discussion`](#discussion) | The discussion this note is a part of. | -| `id` | [`NoteID!`](#noteid) | ID of the note. | -| `position` | [`DiffPosition`](#diffposition) | The position of this note on a diff. | -| `project` | [`Project`](#project) | Project associated with the note. | -| `resolvable` | [`Boolean!`](#boolean) | Indicates if the object can be resolved. | -| `resolved` | [`Boolean!`](#boolean) | Indicates if the object is resolved. | -| `resolvedAt` | [`Time`](#time) | Timestamp of when the object was resolved. | -| `resolvedBy` | [`User`](#user) | User who resolved the object. | -| `system` | [`Boolean!`](#boolean) | Indicates whether this note was created by the system or by a user. | -| `systemNoteIconName` | [`String`](#string) | Name of the icon corresponding to a system note. | -| `updatedAt` | [`Time!`](#time) | Timestamp of the note's last activity. | -| `url` | [`String`](#string) | URL to view this Note in the Web UI. | -| `userPermissions` | [`NotePermissions!`](#notepermissions) | Permissions for the current user on the resource. | - -### `NoteConnection` - -The connection type for Note. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[NoteEdge]`](#noteedge) | A list of edges. | -| `nodes` | [`[Note]`](#note) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `NoteEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Note`](#note) | The item at the end of the edge. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="noteauthor"></a>`author` | [`UserCore!`](#usercore) | User who wrote this note. | +| <a id="notebody"></a>`body` | [`String!`](#string) | Content of the note. | +| <a id="notebodyhtml"></a>`bodyHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `note`. | +| <a id="noteconfidential"></a>`confidential` | [`Boolean`](#boolean) | Indicates if this note is confidential. | +| <a id="notecreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of the note creation. | +| <a id="notediscussion"></a>`discussion` | [`Discussion`](#discussion) | The discussion this note is a part of. | +| <a id="noteid"></a>`id` | [`NoteID!`](#noteid) | ID of the note. | +| <a id="noteposition"></a>`position` | [`DiffPosition`](#diffposition) | The position of this note on a diff. | +| <a id="noteproject"></a>`project` | [`Project`](#project) | Project associated with the note. | +| <a id="noteresolvable"></a>`resolvable` | [`Boolean!`](#boolean) | Indicates if the object can be resolved. | +| <a id="noteresolved"></a>`resolved` | [`Boolean!`](#boolean) | Indicates if the object is resolved. | +| <a id="noteresolvedat"></a>`resolvedAt` | [`Time`](#time) | Timestamp of when the object was resolved. | +| <a id="noteresolvedby"></a>`resolvedBy` | [`UserCore`](#usercore) | User who resolved the object. | +| <a id="notesystem"></a>`system` | [`Boolean!`](#boolean) | Indicates whether this note was created by the system or by a user. | +| <a id="notesystemnoteiconname"></a>`systemNoteIconName` | [`String`](#string) | Name of the icon corresponding to a system note. | +| <a id="noteupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of the note's last activity. | +| <a id="noteurl"></a>`url` | [`String`](#string) | URL to view this Note in the Web UI. | +| <a id="noteuserpermissions"></a>`userPermissions` | [`NotePermissions!`](#notepermissions) | Permissions for the current user on the resource. | ### `NotePermissions` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `adminNote` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_note` on this resource. | -| `awardEmoji` | [`Boolean!`](#boolean) | Indicates the user can perform `award_emoji` on this resource. | -| `createNote` | [`Boolean!`](#boolean) | Indicates the user can perform `create_note` on this resource. | -| `readNote` | [`Boolean!`](#boolean) | Indicates the user can perform `read_note` on this resource. | -| `repositionNote` | [`Boolean!`](#boolean) | Indicates the user can perform `reposition_note` on this resource. | -| `resolveNote` | [`Boolean!`](#boolean) | Indicates the user can perform `resolve_note` on this resource. | +#### Fields -### `OncallParticipantType` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="notepermissionsadminnote"></a>`adminNote` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_note` on this resource. | +| <a id="notepermissionsawardemoji"></a>`awardEmoji` | [`Boolean!`](#boolean) | Indicates the user can perform `award_emoji` on this resource. | +| <a id="notepermissionscreatenote"></a>`createNote` | [`Boolean!`](#boolean) | Indicates the user can perform `create_note` on this resource. | +| <a id="notepermissionsreadnote"></a>`readNote` | [`Boolean!`](#boolean) | Indicates the user can perform `read_note` on this resource. | +| <a id="notepermissionsrepositionnote"></a>`repositionNote` | [`Boolean!`](#boolean) | Indicates the user can perform `reposition_note` on this resource. | +| <a id="notepermissionsresolvenote"></a>`resolveNote` | [`Boolean!`](#boolean) | Indicates the user can perform `resolve_note` on this resource. | -The rotation participant and color palette. +### `NugetMetadata` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `colorPalette` | [`String`](#string) | The color palette to assign to the on-call user. For example "blue". | -| `colorWeight` | [`String`](#string) | The color weight to assign to for the on-call user, for example "500". Max 4 chars. For easy identification of the user. | -| `id` | [`IncidentManagementOncallParticipantID!`](#incidentmanagementoncallparticipantid) | ID of the on-call participant. | -| `user` | [`User!`](#user) | The user who is participating. | +Nuget metadata. -### `OncallParticipantTypeConnection` +#### Fields -The connection type for OncallParticipantType. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="nugetmetadataiconurl"></a>`iconUrl` | [`String!`](#string) | Icon URL of the Nuget package. | +| <a id="nugetmetadataid"></a>`id` | [`PackagesNugetMetadatumID!`](#packagesnugetmetadatumid) | ID of the metadatum. | +| <a id="nugetmetadatalicenseurl"></a>`licenseUrl` | [`String!`](#string) | License URL of the Nuget package. | +| <a id="nugetmetadataprojecturl"></a>`projectUrl` | [`String!`](#string) | Project URL of the Nuget package. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[OncallParticipantTypeEdge]`](#oncallparticipanttypeedge) | A list of edges. | -| `nodes` | [`[OncallParticipantType]`](#oncallparticipanttype) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +### `OncallParticipantType` -### `OncallParticipantTypeEdge` +The rotation participant and color palette. -An edge in a connection. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`OncallParticipantType`](#oncallparticipanttype) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="oncallparticipanttypecolorpalette"></a>`colorPalette` | [`String`](#string) | The color palette to assign to the on-call user. For example "blue". | +| <a id="oncallparticipanttypecolorweight"></a>`colorWeight` | [`String`](#string) | The color weight to assign to for the on-call user, for example "500". Max 4 chars. For easy identification of the user. | +| <a id="oncallparticipanttypeid"></a>`id` | [`IncidentManagementOncallParticipantID!`](#incidentmanagementoncallparticipantid) | ID of the on-call participant. | +| <a id="oncallparticipanttypeuser"></a>`user` | [`UserCore!`](#usercore) | The user who is participating. | ### `OncallRotationActivePeriodType` Active period time range for on-call rotation. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `endTime` | [`String`](#string) | The end of the rotation active period. | -| `startTime` | [`String`](#string) | The start of the rotation active period. | +#### Fields -### `OncallRotationCreatePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="oncallrotationactiveperiodtypeendtime"></a>`endTime` | [`String`](#string) | The end of the rotation active period. | +| <a id="oncallrotationactiveperiodtypestarttime"></a>`startTime` | [`String`](#string) | The start of the rotation active period. | -Autogenerated return type of OncallRotationCreate. +### `Package` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `oncallRotation` | [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation) | The on-call rotation. | +Represents a package in the Package Registry. Note that this type is in beta and susceptible to changes. -### `OncallRotationDestroyPayload` +#### Fields -Autogenerated return type of OncallRotationDestroy. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagecreatedat"></a>`createdAt` | [`Time!`](#time) | Date of creation. | +| <a id="packageid"></a>`id` | [`PackagesPackageID!`](#packagespackageid) | ID of the package. | +| <a id="packagemetadata"></a>`metadata` | [`PackageMetadata`](#packagemetadata) | Package metadata. | +| <a id="packagename"></a>`name` | [`String!`](#string) | Name of the package. | +| <a id="packagepackagetype"></a>`packageType` | [`PackageTypeEnum!`](#packagetypeenum) | Package type. | +| <a id="packagepipelines"></a>`pipelines` | [`PipelineConnection`](#pipelineconnection) | Pipelines that built the package. (see [Connections](#connections)) | +| <a id="packageproject"></a>`project` | [`Project!`](#project) | Project where the package is stored. | +| <a id="packagestatus"></a>`status` | [`PackageStatus!`](#packagestatus) | Package status. | +| <a id="packagetags"></a>`tags` | [`PackageTagConnection`](#packagetagconnection) | Package tags. (see [Connections](#connections)) | +| <a id="packageupdatedat"></a>`updatedAt` | [`Time!`](#time) | Date of most recent update. | +| <a id="packageversion"></a>`version` | [`String`](#string) | Version string. | +| <a id="packageversions"></a>`versions` **{warning-solid}** | [`PackageConnection`](#packageconnection) | **Deprecated** in 13.11. This field is now only returned in the PackageDetailsType. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `oncallRotation` | [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation) | The on-call rotation. | +### `PackageComposerJsonType` -### `OncallRotationUpdatePayload` +Represents a composer JSON file. -Autogenerated return type of OncallRotationUpdate. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `oncallRotation` | [`IncidentManagementOncallRotation`](#incidentmanagementoncallrotation) | The on-call rotation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagecomposerjsontypelicense"></a>`license` | [`String`](#string) | The license set in the Composer JSON file. | +| <a id="packagecomposerjsontypename"></a>`name` | [`String`](#string) | The name set in the Composer JSON file. | +| <a id="packagecomposerjsontypetype"></a>`type` | [`String`](#string) | The type set in the Composer JSON file. | +| <a id="packagecomposerjsontypeversion"></a>`version` | [`String`](#string) | The version set in the Composer JSON file. | -### `OncallScheduleCreatePayload` +### `PackageDetailsType` -Autogenerated return type of OncallScheduleCreate. +Represents a package details in the Package Registry. Note that this type is in beta and susceptible to changes. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `oncallSchedule` | [`IncidentManagementOncallSchedule`](#incidentmanagementoncallschedule) | The on-call schedule. | +#### Fields -### `OncallScheduleDestroyPayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagedetailstypecreatedat"></a>`createdAt` | [`Time!`](#time) | Date of creation. | +| <a id="packagedetailstypeid"></a>`id` | [`PackagesPackageID!`](#packagespackageid) | ID of the package. | +| <a id="packagedetailstypemetadata"></a>`metadata` | [`PackageMetadata`](#packagemetadata) | Package metadata. | +| <a id="packagedetailstypename"></a>`name` | [`String!`](#string) | Name of the package. | +| <a id="packagedetailstypepackagefiles"></a>`packageFiles` | [`PackageFileConnection`](#packagefileconnection) | Package files. (see [Connections](#connections)) | +| <a id="packagedetailstypepackagetype"></a>`packageType` | [`PackageTypeEnum!`](#packagetypeenum) | Package type. | +| <a id="packagedetailstypepipelines"></a>`pipelines` | [`PipelineConnection`](#pipelineconnection) | Pipelines that built the package. (see [Connections](#connections)) | +| <a id="packagedetailstypeproject"></a>`project` | [`Project!`](#project) | Project where the package is stored. | +| <a id="packagedetailstypestatus"></a>`status` | [`PackageStatus!`](#packagestatus) | Package status. | +| <a id="packagedetailstypetags"></a>`tags` | [`PackageTagConnection`](#packagetagconnection) | Package tags. (see [Connections](#connections)) | +| <a id="packagedetailstypeupdatedat"></a>`updatedAt` | [`Time!`](#time) | Date of most recent update. | +| <a id="packagedetailstypeversion"></a>`version` | [`String`](#string) | Version string. | +| <a id="packagedetailstypeversions"></a>`versions` | [`PackageConnection`](#packageconnection) | The other versions of the package. (see [Connections](#connections)) | -Autogenerated return type of OncallScheduleDestroy. +### `PackageFile` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `oncallSchedule` | [`IncidentManagementOncallSchedule`](#incidentmanagementoncallschedule) | The on-call schedule. | +Represents a package file. -### `OncallScheduleUpdatePayload` +#### Fields -Autogenerated return type of OncallScheduleUpdate. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagefilecreatedat"></a>`createdAt` | [`Time!`](#time) | The created date. | +| <a id="packagefiledownloadpath"></a>`downloadPath` | [`String!`](#string) | Download path of the package file. | +| <a id="packagefilefilemd5"></a>`fileMd5` | [`String`](#string) | Md5 of the package file. | +| <a id="packagefilefilemetadata"></a>`fileMetadata` | [`PackageFileMetadata`](#packagefilemetadata) | File metadata. | +| <a id="packagefilefilename"></a>`fileName` | [`String!`](#string) | Name of the package file. | +| <a id="packagefilefilesha1"></a>`fileSha1` | [`String`](#string) | Sha1 of the package file. | +| <a id="packagefilefilesha256"></a>`fileSha256` | [`String`](#string) | Sha256 of the package file. | +| <a id="packagefileid"></a>`id` | [`PackagesPackageFileID!`](#packagespackagefileid) | ID of the file. | +| <a id="packagefilesize"></a>`size` | [`String!`](#string) | Size of the package file. | +| <a id="packagefileupdatedat"></a>`updatedAt` | [`Time!`](#time) | The updated date. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `oncallSchedule` | [`IncidentManagementOncallSchedule`](#incidentmanagementoncallschedule) | The on-call schedule. | +### `PackageFileRegistry` -### `Package` +Represents the Geo sync and verification state of a package file. -Represents a package in the Package Registry. Note that this type is in beta and susceptible to changes. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | Date of creation. | -| `id` | [`PackagesPackageID!`](#packagespackageid) | ID of the package. | -| `metadata` | [`PackageMetadata`](#packagemetadata) | Package metadata. | -| `name` | [`String!`](#string) | Name of the package. | -| `packageType` | [`PackageTypeEnum!`](#packagetypeenum) | Package type. | -| `pipelines` | [`PipelineConnection`](#pipelineconnection) | Pipelines that built the package. | -| `project` | [`Project!`](#project) | Project where the package is stored. | -| `tags` | [`PackageTagConnection`](#packagetagconnection) | Package tags. | -| `updatedAt` | [`Time!`](#time) | Date of most recent update. | -| `version` | [`String`](#string) | Version string. | -| `versions` **{warning-solid}** | [`PackageConnection`](#packageconnection) | **Deprecated** in 13.11. This field is now only returned in the PackageDetailsType. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagefileregistrycreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp when the PackageFileRegistry was created. | +| <a id="packagefileregistryid"></a>`id` | [`ID!`](#id) | ID of the PackageFileRegistry. | +| <a id="packagefileregistrylastsyncfailure"></a>`lastSyncFailure` | [`String`](#string) | Error message during sync of the PackageFileRegistry. | +| <a id="packagefileregistrylastsyncedat"></a>`lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the PackageFileRegistry. | +| <a id="packagefileregistrypackagefileid"></a>`packageFileId` | [`ID!`](#id) | ID of the PackageFile. | +| <a id="packagefileregistryretryat"></a>`retryAt` | [`Time`](#time) | Timestamp after which the PackageFileRegistry should be resynced. | +| <a id="packagefileregistryretrycount"></a>`retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the PackageFileRegistry. | +| <a id="packagefileregistrystate"></a>`state` | [`RegistryState`](#registrystate) | Sync state of the PackageFileRegistry. | -### `PackageComposerJsonType` +### `PackageSettings` -Represents a composer JSON file. +Namespace-level Package Registry settings. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `license` | [`String`](#string) | The license set in the Composer JSON file. | -| `name` | [`String`](#string) | The name set in the Composer JSON file. | -| `type` | [`String`](#string) | The type set in the Composer JSON file. | -| `version` | [`String`](#string) | The version set in the Composer JSON file. | +#### Fields -### `PackageConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagesettingsgenericduplicateexceptionregex"></a>`genericDuplicateExceptionRegex` | [`UntrustedRegexp`](#untrustedregexp) | When generic_duplicates_allowed is false, you can publish duplicate packages with names that match this regex. Otherwise, this setting has no effect. | +| <a id="packagesettingsgenericduplicatesallowed"></a>`genericDuplicatesAllowed` | [`Boolean!`](#boolean) | Indicates whether duplicate generic packages are allowed for this namespace. | +| <a id="packagesettingsmavenduplicateexceptionregex"></a>`mavenDuplicateExceptionRegex` | [`UntrustedRegexp`](#untrustedregexp) | When maven_duplicates_allowed is false, you can publish duplicate packages with names that match this regex. Otherwise, this setting has no effect. | +| <a id="packagesettingsmavenduplicatesallowed"></a>`mavenDuplicatesAllowed` | [`Boolean!`](#boolean) | Indicates whether duplicate Maven packages are allowed for this namespace. | -The connection type for Package. +### `PackageTag` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[PackageEdge]`](#packageedge) | A list of edges. | -| `nodes` | [`[Package]`](#package) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Represents a package tag. -### `PackageDetailsType` +#### Fields -Represents a package details in the Package Registry. Note that this type is in beta and susceptible to changes. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagetagcreatedat"></a>`createdAt` | [`Time!`](#time) | The created date. | +| <a id="packagetagid"></a>`id` | [`ID!`](#id) | The ID of the tag. | +| <a id="packagetagname"></a>`name` | [`String!`](#string) | The name of the tag. | +| <a id="packagetagupdatedat"></a>`updatedAt` | [`Time!`](#time) | The updated date. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | Date of creation. | -| `id` | [`PackagesPackageID!`](#packagespackageid) | ID of the package. | -| `metadata` | [`PackageMetadata`](#packagemetadata) | Package metadata. | -| `name` | [`String!`](#string) | Name of the package. | -| `packageFiles` | [`PackageFileConnection`](#packagefileconnection) | Package files. | -| `packageType` | [`PackageTypeEnum!`](#packagetypeenum) | Package type. | -| `pipelines` | [`PipelineConnection`](#pipelineconnection) | Pipelines that built the package. | -| `project` | [`Project!`](#project) | Project where the package is stored. | -| `tags` | [`PackageTagConnection`](#packagetagconnection) | Package tags. | -| `updatedAt` | [`Time!`](#time) | Date of most recent update. | -| `version` | [`String`](#string) | Version string. | -| `versions` | [`PackageConnection`](#packageconnection) | The other versions of the package. | - -### `PackageEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Package`](#package) | The item at the end of the edge. | +### `PageInfo` -### `PackageFile` +Information about pagination in a connection. -Represents a package file. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | The created date. | -| `downloadPath` | [`String!`](#string) | Download path of the package file. | -| `fileMd5` | [`String`](#string) | Md5 of the package file. | -| `fileMetadata` | [`PackageFileMetadata`](#packagefilemetadata) | File metadata. | -| `fileName` | [`String!`](#string) | Name of the package file. | -| `fileSha1` | [`String`](#string) | Sha1 of the package file. | -| `fileSha256` | [`String`](#string) | Sha256 of the package file. | -| `id` | [`PackagesPackageFileID!`](#packagespackagefileid) | ID of the file. | -| `size` | [`String!`](#string) | Size of the package file. | -| `updatedAt` | [`Time!`](#time) | The updated date. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pageinfoendcursor"></a>`endCursor` | [`String`](#string) | When paginating forwards, the cursor to continue. | +| <a id="pageinfohasnextpage"></a>`hasNextPage` | [`Boolean!`](#boolean) | When paginating forwards, are there more items?. | +| <a id="pageinfohaspreviouspage"></a>`hasPreviousPage` | [`Boolean!`](#boolean) | When paginating backwards, are there more items?. | +| <a id="pageinfostartcursor"></a>`startCursor` | [`String`](#string) | When paginating backwards, the cursor to continue. | -### `PackageFileConnection` +### `PathLock` -The connection type for PackageFile. +Represents a file or directory in the project repository that has been locked. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[PackageFileEdge]`](#packagefileedge) | A list of edges. | -| `nodes` | [`[PackageFile]`](#packagefile) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### Fields -### `PackageFileEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pathlockid"></a>`id` | [`PathLockID!`](#pathlockid) | ID of the path lock. | +| <a id="pathlockpath"></a>`path` | [`String`](#string) | The locked path. | +| <a id="pathlockuser"></a>`user` | [`UserCore`](#usercore) | The user that has locked this path. | -An edge in a connection. +### `Pipeline` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`PackageFile`](#packagefile) | The item at the end of the edge. | +#### Fields -### `PackageFileRegistry` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelineactive"></a>`active` | [`Boolean!`](#boolean) | Indicates if the pipeline is active. | +| <a id="pipelinebeforesha"></a>`beforeSha` | [`String`](#string) | Base SHA of the source branch. | +| <a id="pipelinecancelable"></a>`cancelable` | [`Boolean!`](#boolean) | Specifies if a pipeline can be canceled. | +| <a id="pipelinecodequalityreports"></a>`codeQualityReports` | [`CodeQualityDegradationConnection`](#codequalitydegradationconnection) | Code Quality degradations reported on the pipeline. (see [Connections](#connections)) | +| <a id="pipelinecommitpath"></a>`commitPath` | [`String`](#string) | Path to the commit that triggered the pipeline. | +| <a id="pipelinecommittedat"></a>`committedAt` | [`Time`](#time) | Timestamp of the pipeline's commit. | +| <a id="pipelinecomplete"></a>`complete` | [`Boolean!`](#boolean) | Indicates if a pipeline is complete. | +| <a id="pipelineconfigsource"></a>`configSource` | [`PipelineConfigSourceEnum`](#pipelineconfigsourceenum) | Configuration source of the pipeline (UNKNOWN_SOURCE, REPOSITORY_SOURCE, AUTO_DEVOPS_SOURCE, WEBIDE_SOURCE, REMOTE_SOURCE, EXTERNAL_PROJECT_SOURCE, BRIDGE_SOURCE, PARAMETER_SOURCE, COMPLIANCE_SOURCE). | +| <a id="pipelinecoverage"></a>`coverage` | [`Float`](#float) | Coverage percentage. | +| <a id="pipelinecreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of the pipeline's creation. | +| <a id="pipelinedetailedstatus"></a>`detailedStatus` | [`DetailedStatus!`](#detailedstatus) | Detailed status of the pipeline. | +| <a id="pipelinedownstream"></a>`downstream` | [`PipelineConnection`](#pipelineconnection) | Pipelines this pipeline will trigger. (see [Connections](#connections)) | +| <a id="pipelineduration"></a>`duration` | [`Int`](#int) | Duration of the pipeline in seconds. | +| <a id="pipelinefinishedat"></a>`finishedAt` | [`Time`](#time) | Timestamp of the pipeline's completion. | +| <a id="pipelineid"></a>`id` | [`ID!`](#id) | ID of the pipeline. | +| <a id="pipelineiid"></a>`iid` | [`String!`](#string) | Internal ID of the pipeline. | +| <a id="pipelinepath"></a>`path` | [`String`](#string) | Relative path to the pipeline's page. | +| <a id="pipelineproject"></a>`project` | [`Project`](#project) | Project the pipeline belongs to. | +| <a id="pipelinequeuedduration"></a>`queuedDuration` | [`Duration`](#duration) | How long the pipeline was queued before starting. | +| <a id="pipelineretryable"></a>`retryable` | [`Boolean!`](#boolean) | Specifies if a pipeline can be retried. | +| <a id="pipelinesecurityreportsummary"></a>`securityReportSummary` | [`SecurityReportSummary`](#securityreportsummary) | Vulnerability and scanned resource counts for each security scanner of the pipeline. | +| <a id="pipelinesha"></a>`sha` | [`String!`](#string) | SHA of the pipeline's commit. | +| <a id="pipelinesourcejob"></a>`sourceJob` | [`CiJob`](#cijob) | Job where pipeline was triggered from. | +| <a id="pipelinestages"></a>`stages` | [`CiStageConnection`](#cistageconnection) | Stages of the pipeline. (see [Connections](#connections)) | +| <a id="pipelinestartedat"></a>`startedAt` | [`Time`](#time) | Timestamp when the pipeline was started. | +| <a id="pipelinestatus"></a>`status` | [`PipelineStatusEnum!`](#pipelinestatusenum) | Status of the pipeline (CREATED, WAITING_FOR_RESOURCE, PREPARING, PENDING, RUNNING, FAILED, SUCCESS, CANCELED, SKIPPED, MANUAL, SCHEDULED). | +| <a id="pipelinetestreportsummary"></a>`testReportSummary` | [`TestReportSummary!`](#testreportsummary) | Summary of the test report generated by the pipeline. | +| <a id="pipelineupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of the pipeline's last activity. | +| <a id="pipelineupstream"></a>`upstream` | [`Pipeline`](#pipeline) | Pipeline that triggered the pipeline. | +| <a id="pipelineuser"></a>`user` | [`UserCore`](#usercore) | Pipeline user. | +| <a id="pipelineuserpermissions"></a>`userPermissions` | [`PipelinePermissions!`](#pipelinepermissions) | Permissions for the current user on the resource. | +| <a id="pipelineusesneeds"></a>`usesNeeds` | [`Boolean`](#boolean) | Indicates if the pipeline has jobs with `needs` dependencies. | +| <a id="pipelinewarnings"></a>`warnings` | [`Boolean!`](#boolean) | Indicates if a pipeline has warnings. | + +#### Fields with arguments + +##### `Pipeline.job` + +A specific job in this pipeline, either by name or ID. + +Returns [`CiJob`](#cijob). + +###### Arguments -Represents the Geo sync and verification state of a package file. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelinejobid"></a>`id` | [`JobID`](#jobid) | ID of the job. | +| <a id="pipelinejobname"></a>`name` | [`String`](#string) | Name of the job. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time`](#time) | Timestamp when the PackageFileRegistry was created. | -| `id` | [`ID!`](#id) | ID of the PackageFileRegistry. | -| `lastSyncFailure` | [`String`](#string) | Error message during sync of the PackageFileRegistry. | -| `lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the PackageFileRegistry. | -| `packageFileId` | [`ID!`](#id) | ID of the PackageFile. | -| `retryAt` | [`Time`](#time) | Timestamp after which the PackageFileRegistry should be resynced. | -| `retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the PackageFileRegistry. | -| `state` | [`RegistryState`](#registrystate) | Sync state of the PackageFileRegistry. | +##### `Pipeline.jobs` -### `PackageFileRegistryConnection` +Jobs belonging to the pipeline. -The connection type for PackageFileRegistry. +Returns [`CiJobConnection`](#cijobconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[PackageFileRegistryEdge]`](#packagefileregistryedge) | A list of edges. | -| `nodes` | [`[PackageFileRegistry]`](#packagefileregistry) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `PackageFileRegistryEdge` +###### Arguments -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelinejobssecurityreporttypes"></a>`securityReportTypes` | [`[SecurityReportTypeEnum!]`](#securityreporttypeenum) | Filter jobs by the type of security report they produce. | +| <a id="pipelinejobsstatuses"></a>`statuses` | [`[CiJobStatus!]`](#cijobstatus) | Filter jobs by status. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`PackageFileRegistry`](#packagefileregistry) | The item at the end of the edge. | +##### `Pipeline.securityReportFindings` -### `PackageSettings` +Vulnerability findings reported on the pipeline. -Namespace-level Package Registry settings. +Returns [`PipelineSecurityReportFindingConnection`](#pipelinesecurityreportfindingconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `mavenDuplicateExceptionRegex` | [`UntrustedRegexp`](#untrustedregexp) | When maven_duplicates_allowed is false, you can publish duplicate packages with names that match this regex. Otherwise, this setting has no effect. | -| `mavenDuplicatesAllowed` | [`Boolean!`](#boolean) | Indicates whether duplicate Maven packages are allowed for this namespace. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `PackageTag` +###### Arguments -Represents a package tag. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelinesecurityreportfindingsreporttype"></a>`reportType` | [`[String!]`](#string) | Filter vulnerability findings by report type. | +| <a id="pipelinesecurityreportfindingsscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerability findings by Scanner.externalId. | +| <a id="pipelinesecurityreportfindingsseverity"></a>`severity` | [`[String!]`](#string) | Filter vulnerability findings by severity. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | The created date. | -| `id` | [`ID!`](#id) | The ID of the tag. | -| `name` | [`String!`](#string) | The name of the tag. | -| `updatedAt` | [`Time!`](#time) | The updated date. | +##### `Pipeline.testSuite` -### `PackageTagConnection` +A specific test suite in a pipeline test report. -The connection type for PackageTag. +Returns [`TestSuite`](#testsuite). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[PackageTagEdge]`](#packagetagedge) | A list of edges. | -| `nodes` | [`[PackageTag]`](#packagetag) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +###### Arguments -### `PackageTagEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelinetestsuitebuildids"></a>`buildIds` | [`[ID!]!`](#id) | IDs of the builds used to run the test suite. | -An edge in a connection. +### `PipelineAnalytics` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`PackageTag`](#packagetag) | The item at the end of the edge. | +#### Fields -### `PageInfo` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelineanalyticsmonthpipelineslabels"></a>`monthPipelinesLabels` | [`[String!]`](#string) | Labels for the monthly pipeline count. | +| <a id="pipelineanalyticsmonthpipelinessuccessful"></a>`monthPipelinesSuccessful` | [`[Int!]`](#int) | Total monthly successful pipeline count. | +| <a id="pipelineanalyticsmonthpipelinestotals"></a>`monthPipelinesTotals` | [`[Int!]`](#int) | Total monthly pipeline count. | +| <a id="pipelineanalyticspipelinetimeslabels"></a>`pipelineTimesLabels` | [`[String!]`](#string) | Pipeline times labels. | +| <a id="pipelineanalyticspipelinetimesvalues"></a>`pipelineTimesValues` | [`[Int!]`](#int) | Pipeline times. | +| <a id="pipelineanalyticsweekpipelineslabels"></a>`weekPipelinesLabels` | [`[String!]`](#string) | Labels for the weekly pipeline count. | +| <a id="pipelineanalyticsweekpipelinessuccessful"></a>`weekPipelinesSuccessful` | [`[Int!]`](#int) | Total weekly successful pipeline count. | +| <a id="pipelineanalyticsweekpipelinestotals"></a>`weekPipelinesTotals` | [`[Int!]`](#int) | Total weekly pipeline count. | +| <a id="pipelineanalyticsyearpipelineslabels"></a>`yearPipelinesLabels` | [`[String!]`](#string) | Labels for the yearly pipeline count. | +| <a id="pipelineanalyticsyearpipelinessuccessful"></a>`yearPipelinesSuccessful` | [`[Int!]`](#int) | Total yearly successful pipeline count. | +| <a id="pipelineanalyticsyearpipelinestotals"></a>`yearPipelinesTotals` | [`[Int!]`](#int) | Total yearly pipeline count. | -Information about pagination in a connection. +### `PipelineArtifactRegistry` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `endCursor` | [`String`](#string) | When paginating forwards, the cursor to continue. | -| `hasNextPage` | [`Boolean!`](#boolean) | When paginating forwards, are there more items?. | -| `hasPreviousPage` | [`Boolean!`](#boolean) | When paginating backwards, are there more items?. | -| `startCursor` | [`String`](#string) | When paginating backwards, the cursor to continue. | +Represents the Geo sync and verification state of a pipeline artifact. -### `Pipeline` +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `active` | [`Boolean!`](#boolean) | Indicates if the pipeline is active. | -| `beforeSha` | [`String`](#string) | Base SHA of the source branch. | -| `cancelable` | [`Boolean!`](#boolean) | Specifies if a pipeline can be canceled. | -| `commitPath` | [`String`](#string) | Path to the commit that triggered the pipeline. | -| `committedAt` | [`Time`](#time) | Timestamp of the pipeline's commit. | -| `configSource` | [`PipelineConfigSourceEnum`](#pipelineconfigsourceenum) | Configuration source of the pipeline (UNKNOWN_SOURCE, REPOSITORY_SOURCE, AUTO_DEVOPS_SOURCE, WEBIDE_SOURCE, REMOTE_SOURCE, EXTERNAL_PROJECT_SOURCE, BRIDGE_SOURCE, PARAMETER_SOURCE, COMPLIANCE_SOURCE). | -| `coverage` | [`Float`](#float) | Coverage percentage. | -| `createdAt` | [`Time!`](#time) | Timestamp of the pipeline's creation. | -| `detailedStatus` | [`DetailedStatus!`](#detailedstatus) | Detailed status of the pipeline. | -| `downstream` | [`PipelineConnection`](#pipelineconnection) | Pipelines this pipeline will trigger. | -| `duration` | [`Int`](#int) | Duration of the pipeline in seconds. | -| `finishedAt` | [`Time`](#time) | Timestamp of the pipeline's completion. | -| `id` | [`ID!`](#id) | ID of the pipeline. | -| `iid` | [`String!`](#string) | Internal ID of the pipeline. | -| `job` | [`CiJob`](#cijob) | A specific job in this pipeline, either by name or ID. | -| `jobs` | [`CiJobConnection`](#cijobconnection) | Jobs belonging to the pipeline. | -| `path` | [`String`](#string) | Relative path to the pipeline's page. | -| `project` | [`Project`](#project) | Project the pipeline belongs to. | -| `retryable` | [`Boolean!`](#boolean) | Specifies if a pipeline can be retried. | -| `securityReportFindings` | [`PipelineSecurityReportFindingConnection`](#pipelinesecurityreportfindingconnection) | Vulnerability findings reported on the pipeline. | -| `securityReportSummary` | [`SecurityReportSummary`](#securityreportsummary) | Vulnerability and scanned resource counts for each security scanner of the pipeline. | -| `sha` | [`String!`](#string) | SHA of the pipeline's commit. | -| `sourceJob` | [`CiJob`](#cijob) | Job where pipeline was triggered from. | -| `stages` | [`CiStageConnection`](#cistageconnection) | Stages of the pipeline. | -| `startedAt` | [`Time`](#time) | Timestamp when the pipeline was started. | -| `status` | [`PipelineStatusEnum!`](#pipelinestatusenum) | Status of the pipeline (CREATED, WAITING_FOR_RESOURCE, PREPARING, PENDING, RUNNING, FAILED, SUCCESS, CANCELED, SKIPPED, MANUAL, SCHEDULED). | -| `testReportSummary` | [`TestReportSummary!`](#testreportsummary) | Summary of the test report generated by the pipeline. | -| `testSuite` | [`TestSuite`](#testsuite) | A specific test suite in a pipeline test report. | -| `updatedAt` | [`Time!`](#time) | Timestamp of the pipeline's last activity. | -| `upstream` | [`Pipeline`](#pipeline) | Pipeline that triggered the pipeline. | -| `user` | [`User`](#user) | Pipeline user. | -| `userPermissions` | [`PipelinePermissions!`](#pipelinepermissions) | Permissions for the current user on the resource. | -| `usesNeeds` | [`Boolean`](#boolean) | Indicates if the pipeline has jobs with `needs` dependencies. | -| `warnings` | [`Boolean!`](#boolean) | Indicates if a pipeline has warnings. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelineartifactregistrycreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp when the PipelineArtifactRegistry was created. | +| <a id="pipelineartifactregistryid"></a>`id` | [`ID!`](#id) | ID of the PipelineArtifactRegistry. | +| <a id="pipelineartifactregistrylastsyncfailure"></a>`lastSyncFailure` | [`String`](#string) | Error message during sync of the PipelineArtifactRegistry. | +| <a id="pipelineartifactregistrylastsyncedat"></a>`lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the PipelineArtifactRegistry. | +| <a id="pipelineartifactregistrypipelineartifactid"></a>`pipelineArtifactId` | [`ID!`](#id) | ID of the pipeline artifact. | +| <a id="pipelineartifactregistryretryat"></a>`retryAt` | [`Time`](#time) | Timestamp after which the PipelineArtifactRegistry should be resynced. | +| <a id="pipelineartifactregistryretrycount"></a>`retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the PipelineArtifactRegistry. | +| <a id="pipelineartifactregistrystate"></a>`state` | [`RegistryState`](#registrystate) | Sync state of the PipelineArtifactRegistry. | -### `PipelineAnalytics` +### `PipelinePermissions` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `monthPipelinesLabels` | [`[String!]`](#string) | Labels for the monthly pipeline count. | -| `monthPipelinesSuccessful` | [`[Int!]`](#int) | Total monthly successful pipeline count. | -| `monthPipelinesTotals` | [`[Int!]`](#int) | Total monthly pipeline count. | -| `pipelineTimesLabels` | [`[String!]`](#string) | Pipeline times labels. | -| `pipelineTimesValues` | [`[Int!]`](#int) | Pipeline times. | -| `weekPipelinesLabels` | [`[String!]`](#string) | Labels for the weekly pipeline count. | -| `weekPipelinesSuccessful` | [`[Int!]`](#int) | Total weekly successful pipeline count. | -| `weekPipelinesTotals` | [`[Int!]`](#int) | Total weekly pipeline count. | -| `yearPipelinesLabels` | [`[String!]`](#string) | Labels for the yearly pipeline count. | -| `yearPipelinesSuccessful` | [`[Int!]`](#int) | Total yearly successful pipeline count. | -| `yearPipelinesTotals` | [`[Int!]`](#int) | Total yearly pipeline count. | +#### Fields -### `PipelineArtifactRegistry` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelinepermissionsadminpipeline"></a>`adminPipeline` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_pipeline` on this resource. | +| <a id="pipelinepermissionsdestroypipeline"></a>`destroyPipeline` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_pipeline` on this resource. | +| <a id="pipelinepermissionsupdatepipeline"></a>`updatePipeline` | [`Boolean!`](#boolean) | Indicates the user can perform `update_pipeline` on this resource. | -Represents the Geo sync and verification state of a pipeline artifact. +### `PipelineSecurityReportFinding` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time`](#time) | Timestamp when the PipelineArtifactRegistry was created. | -| `id` | [`ID!`](#id) | ID of the PipelineArtifactRegistry. | -| `lastSyncFailure` | [`String`](#string) | Error message during sync of the PipelineArtifactRegistry. | -| `lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the PipelineArtifactRegistry. | -| `pipelineArtifactId` | [`ID!`](#id) | ID of the pipeline artifact. | -| `retryAt` | [`Time`](#time) | Timestamp after which the PipelineArtifactRegistry should be resynced. | -| `retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the PipelineArtifactRegistry. | -| `state` | [`RegistryState`](#registrystate) | Sync state of the PipelineArtifactRegistry. | +Represents vulnerability finding of a security report on the pipeline. -### `PipelineArtifactRegistryConnection` +#### Fields -The connection type for PipelineArtifactRegistry. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pipelinesecurityreportfindingconfidence"></a>`confidence` | [`String`](#string) | Type of the security report that found the vulnerability. | +| <a id="pipelinesecurityreportfindingdescription"></a>`description` | [`String`](#string) | Description of the vulnerability finding. | +| <a id="pipelinesecurityreportfindingidentifiers"></a>`identifiers` | [`[VulnerabilityIdentifier!]!`](#vulnerabilityidentifier) | Identifiers of the vulnerabilit finding. | +| <a id="pipelinesecurityreportfindinglocation"></a>`location` | [`VulnerabilityLocation`](#vulnerabilitylocation) | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability. | +| <a id="pipelinesecurityreportfindingname"></a>`name` | [`String`](#string) | Name of the vulnerability finding. | +| <a id="pipelinesecurityreportfindingproject"></a>`project` | [`Project`](#project) | The project on which the vulnerability finding was found. | +| <a id="pipelinesecurityreportfindingprojectfingerprint"></a>`projectFingerprint` | [`String`](#string) | Name of the vulnerability finding. | +| <a id="pipelinesecurityreportfindingreporttype"></a>`reportType` | [`VulnerabilityReportType`](#vulnerabilityreporttype) | Type of the security report that found the vulnerability finding. | +| <a id="pipelinesecurityreportfindingscanner"></a>`scanner` | [`VulnerabilityScanner`](#vulnerabilityscanner) | Scanner metadata for the vulnerability. | +| <a id="pipelinesecurityreportfindingseverity"></a>`severity` | [`VulnerabilitySeverity`](#vulnerabilityseverity) | Severity of the vulnerability finding. | +| <a id="pipelinesecurityreportfindingsolution"></a>`solution` | [`String`](#string) | URL to the vulnerability's details page. | +| <a id="pipelinesecurityreportfindinguuid"></a>`uuid` | [`String`](#string) | Name of the vulnerability finding. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[PipelineArtifactRegistryEdge]`](#pipelineartifactregistryedge) | A list of edges. | -| `nodes` | [`[PipelineArtifactRegistry]`](#pipelineartifactregistry) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +### `Project` -### `PipelineArtifactRegistryEdge` +#### Fields -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectactualrepositorysizelimit"></a>`actualRepositorySizeLimit` | [`Float`](#float) | Size limit for the repository in bytes. | +| <a id="projectallowmergeonskippedpipeline"></a>`allowMergeOnSkippedPipeline` | [`Boolean`](#boolean) | If `only_allow_merge_if_pipeline_succeeds` is true, indicates if merge requests of the project can also be merged with skipped jobs. | +| <a id="projectapifuzzingciconfiguration"></a>`apiFuzzingCiConfiguration` | [`ApiFuzzingCiConfiguration`](#apifuzzingciconfiguration) | API fuzzing configuration for the project. | +| <a id="projectarchived"></a>`archived` | [`Boolean`](#boolean) | Indicates the archived status of the project. | +| <a id="projectautoclosereferencedissues"></a>`autocloseReferencedIssues` | [`Boolean`](#boolean) | Indicates if issues referenced by merge requests and commits within the default branch are closed automatically. | +| <a id="projectavatarurl"></a>`avatarUrl` | [`String`](#string) | URL to avatar image file of the project. | +| <a id="projectcicdsettings"></a>`ciCdSettings` | [`ProjectCiCdSetting`](#projectcicdsetting) | CI/CD settings for the project. | +| <a id="projectclusteragents"></a>`clusterAgents` | [`ClusterAgentConnection`](#clusteragentconnection) | Cluster agents associated with the project. (see [Connections](#connections)) | +| <a id="projectcodecoveragesummary"></a>`codeCoverageSummary` | [`CodeCoverageSummary`](#codecoveragesummary) | Code coverage summary associated with the project. | +| <a id="projectcomplianceframeworks"></a>`complianceFrameworks` | [`ComplianceFrameworkConnection`](#complianceframeworkconnection) | Compliance frameworks associated with the project. (see [Connections](#connections)) | +| <a id="projectcontainerexpirationpolicy"></a>`containerExpirationPolicy` | [`ContainerExpirationPolicy`](#containerexpirationpolicy) | The container expiration policy of the project. | +| <a id="projectcontainerregistryenabled"></a>`containerRegistryEnabled` | [`Boolean`](#boolean) | Indicates if the project stores Docker container images in a container registry. | +| <a id="projectcontainerrepositoriescount"></a>`containerRepositoriesCount` | [`Int!`](#int) | Number of container repositories in the project. | +| <a id="projectcreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp of the project creation. | +| <a id="projectdastprofiles"></a>`dastProfiles` | [`DastProfileConnection`](#dastprofileconnection) | DAST Profiles associated with the project. (see [Connections](#connections)) | +| <a id="projectdastscannerprofiles"></a>`dastScannerProfiles` | [`DastScannerProfileConnection`](#dastscannerprofileconnection) | The DAST scanner profiles associated with the project. (see [Connections](#connections)) | +| <a id="projectdastsiteprofiles"></a>`dastSiteProfiles` | [`DastSiteProfileConnection`](#dastsiteprofileconnection) | DAST Site Profiles associated with the project. (see [Connections](#connections)) | +| <a id="projectdescription"></a>`description` | [`String`](#string) | Short description of the project. | +| <a id="projectdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="projectforkscount"></a>`forksCount` | [`Int!`](#int) | Number of times the project has been forked. | +| <a id="projectfullpath"></a>`fullPath` | [`ID!`](#id) | Full path of the project. | +| <a id="projectgrafanaintegration"></a>`grafanaIntegration` | [`GrafanaIntegration`](#grafanaintegration) | Grafana integration details for the project. | +| <a id="projectgroup"></a>`group` | [`Group`](#group) | Group of the project. | +| <a id="projecthttpurltorepo"></a>`httpUrlToRepo` | [`String`](#string) | URL to connect to the project via HTTPS. | +| <a id="projectid"></a>`id` | [`ID!`](#id) | ID of the project. | +| <a id="projectimportstatus"></a>`importStatus` | [`String`](#string) | Status of import background job of the project. | +| <a id="projectissuesenabled"></a>`issuesEnabled` | [`Boolean`](#boolean) | Indicates if Issues are enabled for the current user. | +| <a id="projectjiraimportstatus"></a>`jiraImportStatus` | [`String`](#string) | Status of Jira import background job of the project. | +| <a id="projectjiraimports"></a>`jiraImports` | [`JiraImportConnection`](#jiraimportconnection) | Jira imports into the project. (see [Connections](#connections)) | +| <a id="projectjobsenabled"></a>`jobsEnabled` | [`Boolean`](#boolean) | Indicates if CI/CD pipeline jobs are enabled for the current user. | +| <a id="projectlastactivityat"></a>`lastActivityAt` | [`Time`](#time) | Timestamp of the project last activity. | +| <a id="projectlfsenabled"></a>`lfsEnabled` | [`Boolean`](#boolean) | Indicates if the project has Large File Storage (LFS) enabled. | +| <a id="projectmergerequestsenabled"></a>`mergeRequestsEnabled` | [`Boolean`](#boolean) | Indicates if Merge Requests are enabled for the current user. | +| <a id="projectmergerequestsffonlyenabled"></a>`mergeRequestsFfOnlyEnabled` | [`Boolean`](#boolean) | Indicates if no merge commits should be created and all merges should instead be fast-forwarded, which means that merging is only allowed if the branch could be fast-forwarded. | +| <a id="projectname"></a>`name` | [`String!`](#string) | Name of the project (without namespace). | +| <a id="projectnamewithnamespace"></a>`nameWithNamespace` | [`String!`](#string) | Full name of the project with its namespace. | +| <a id="projectnamespace"></a>`namespace` | [`Namespace`](#namespace) | Namespace of the project. | +| <a id="projectonlyallowmergeifalldiscussionsareresolved"></a>`onlyAllowMergeIfAllDiscussionsAreResolved` | [`Boolean`](#boolean) | Indicates if merge requests of the project can only be merged when all the discussions are resolved. | +| <a id="projectonlyallowmergeifpipelinesucceeds"></a>`onlyAllowMergeIfPipelineSucceeds` | [`Boolean`](#boolean) | Indicates if merge requests of the project can only be merged with successful jobs. | +| <a id="projectopenissuescount"></a>`openIssuesCount` | [`Int`](#int) | Number of open issues for the project. | +| <a id="projectpath"></a>`path` | [`String!`](#string) | Path of the project. | +| <a id="projectpathlocks"></a>`pathLocks` | [`PathLockConnection`](#pathlockconnection) | The project's path locks. (see [Connections](#connections)) | +| <a id="projectpipelineanalytics"></a>`pipelineAnalytics` | [`PipelineAnalytics`](#pipelineanalytics) | Pipeline analytics. | +| <a id="projectprintingmergerequestlinkenabled"></a>`printingMergeRequestLinkEnabled` | [`Boolean`](#boolean) | Indicates if a link to create or view a merge request should display after a push to Git repositories of the project from the command line. | +| <a id="projectpublicjobs"></a>`publicJobs` | [`Boolean`](#boolean) | Indicates if there is public access to pipelines and job details of the project, including output logs and artifacts. | +| <a id="projectpushrules"></a>`pushRules` | [`PushRules`](#pushrules) | The project's push rules settings. | +| <a id="projectremovesourcebranchaftermerge"></a>`removeSourceBranchAfterMerge` | [`Boolean`](#boolean) | Indicates if `Delete source branch` option should be enabled by default for all new merge requests of the project. | +| <a id="projectrepository"></a>`repository` | [`Repository`](#repository) | Git repository of the project. | +| <a id="projectrepositorysizeexcess"></a>`repositorySizeExcess` | [`Float`](#float) | Size of repository that exceeds the limit in bytes. | +| <a id="projectrequestaccessenabled"></a>`requestAccessEnabled` | [`Boolean`](#boolean) | Indicates if users can request member access to the project. | +| <a id="projectrequirementstatescount"></a>`requirementStatesCount` | [`RequirementStatesCount`](#requirementstatescount) | Number of requirements for the project by their state. | +| <a id="projectsastciconfiguration"></a>`sastCiConfiguration` | [`SastCiConfiguration`](#sastciconfiguration) | SAST CI configuration for the project. | +| <a id="projectsecuritydashboardpath"></a>`securityDashboardPath` | [`String`](#string) | Path to project's security dashboard. | +| <a id="projectsecurityscanners"></a>`securityScanners` | [`SecurityScanners`](#securityscanners) | Information about security analyzers used in the project. | +| <a id="projectsentryerrors"></a>`sentryErrors` | [`SentryErrorCollection`](#sentryerrorcollection) | Paginated collection of Sentry errors on the project. | +| <a id="projectservicedeskaddress"></a>`serviceDeskAddress` | [`String`](#string) | E-mail address of the service desk. | +| <a id="projectservicedeskenabled"></a>`serviceDeskEnabled` | [`Boolean`](#boolean) | Indicates if the project has service desk enabled. | +| <a id="projectsharedrunnersenabled"></a>`sharedRunnersEnabled` | [`Boolean`](#boolean) | Indicates if shared runners are enabled for the project. | +| <a id="projectsnippetsenabled"></a>`snippetsEnabled` | [`Boolean`](#boolean) | Indicates if Snippets are enabled for the current user. | +| <a id="projectsquashreadonly"></a>`squashReadOnly` | [`Boolean!`](#boolean) | Indicates if `squashReadOnly` is enabled. | +| <a id="projectsshurltorepo"></a>`sshUrlToRepo` | [`String`](#string) | URL to connect to the project via SSH. | +| <a id="projectstarcount"></a>`starCount` | [`Int!`](#int) | Number of times the project has been starred. | +| <a id="projectstatistics"></a>`statistics` | [`ProjectStatistics`](#projectstatistics) | Statistics of the project. | +| <a id="projectsuggestioncommitmessage"></a>`suggestionCommitMessage` | [`String`](#string) | The commit message used to apply merge request suggestions. | +| <a id="projecttaglist"></a>`tagList` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.12. Use `topics`. | +| <a id="projectterraformstates"></a>`terraformStates` | [`TerraformStateConnection`](#terraformstateconnection) | Terraform states associated with the project. (see [Connections](#connections)) | +| <a id="projecttopics"></a>`topics` | [`[String!]`](#string) | List of project topics. | +| <a id="projectuserpermissions"></a>`userPermissions` | [`ProjectPermissions!`](#projectpermissions) | Permissions for the current user on the resource. | +| <a id="projectvisibility"></a>`visibility` | [`String`](#string) | Visibility of the project. | +| <a id="projectvulnerabilityscanners"></a>`vulnerabilityScanners` | [`VulnerabilityScannerConnection`](#vulnerabilityscannerconnection) | Vulnerability scanners reported on the project vulnerabilities. (see [Connections](#connections)) | +| <a id="projectweburl"></a>`webUrl` | [`String`](#string) | Web URL of the project. | +| <a id="projectwikienabled"></a>`wikiEnabled` | [`Boolean`](#boolean) | Indicates if Wikis are enabled for the current user. | + +#### Fields with arguments + +##### `Project.alertManagementAlert` + +A single Alert Management alert of the project. + +Returns [`AlertManagementAlert`](#alertmanagementalert). + +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`PipelineArtifactRegistry`](#pipelineartifactregistry) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectalertmanagementalertassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of a user assigned to the issue. | +| <a id="projectalertmanagementalertdomain"></a>`domain` | [`AlertManagementDomainFilter!`](#alertmanagementdomainfilter) | Filter query for given domain. | +| <a id="projectalertmanagementalertiid"></a>`iid` | [`String`](#string) | IID of the alert. For example, "1". | +| <a id="projectalertmanagementalertsearch"></a>`search` | [`String`](#string) | Search query for title, description, service, or monitoring_tool. | +| <a id="projectalertmanagementalertsort"></a>`sort` | [`AlertManagementAlertSort`](#alertmanagementalertsort) | Sort alerts by this criteria. | +| <a id="projectalertmanagementalertstatuses"></a>`statuses` | [`[AlertManagementStatus!]`](#alertmanagementstatus) | Alerts with the specified statues. For example, [TRIGGERED]. | -### `PipelineCancelPayload` +##### `Project.alertManagementAlertStatusCounts` -Autogenerated return type of PipelineCancel. +Counts of alerts by status for the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +Returns [`AlertManagementAlertStatusCountsType`](#alertmanagementalertstatuscountstype). -### `PipelineConnection` +###### Arguments -The connection type for Pipeline. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectalertmanagementalertstatuscountsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of a user assigned to the issue. | +| <a id="projectalertmanagementalertstatuscountssearch"></a>`search` | [`String`](#string) | Search query for title, description, service, or monitoring_tool. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[PipelineEdge]`](#pipelineedge) | A list of edges. | -| `nodes` | [`[Pipeline]`](#pipeline) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### `Project.alertManagementAlerts` -### `PipelineDestroyPayload` +Alert Management alerts of the project. -Autogenerated return type of PipelineDestroy. +Returns [`AlertManagementAlertConnection`](#alertmanagementalertconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `PipelineEdge` +###### Arguments -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectalertmanagementalertsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of a user assigned to the issue. | +| <a id="projectalertmanagementalertsdomain"></a>`domain` | [`AlertManagementDomainFilter!`](#alertmanagementdomainfilter) | Filter query for given domain. | +| <a id="projectalertmanagementalertsiid"></a>`iid` | [`String`](#string) | IID of the alert. For example, "1". | +| <a id="projectalertmanagementalertssearch"></a>`search` | [`String`](#string) | Search query for title, description, service, or monitoring_tool. | +| <a id="projectalertmanagementalertssort"></a>`sort` | [`AlertManagementAlertSort`](#alertmanagementalertsort) | Sort alerts by this criteria. | +| <a id="projectalertmanagementalertsstatuses"></a>`statuses` | [`[AlertManagementStatus!]`](#alertmanagementstatus) | Alerts with the specified statues. For example, [TRIGGERED]. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Pipeline`](#pipeline) | The item at the end of the edge. | +##### `Project.alertManagementHttpIntegrations` -### `PipelinePermissions` +HTTP Integrations which can receive alerts for the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `adminPipeline` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_pipeline` on this resource. | -| `destroyPipeline` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_pipeline` on this resource. | -| `updatePipeline` | [`Boolean!`](#boolean) | Indicates the user can perform `update_pipeline` on this resource. | +Returns [`AlertManagementHttpIntegrationConnection`](#alertmanagementhttpintegrationconnection). -### `PipelineRetryPayload` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Autogenerated return type of PipelineRetry. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `pipeline` | [`Pipeline`](#pipeline) | The pipeline after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectalertmanagementhttpintegrationsid"></a>`id` | [`AlertManagementHttpIntegrationID`](#alertmanagementhttpintegrationid) | ID of the integration. | -### `PipelineSecurityReportFinding` +##### `Project.alertManagementIntegrations` -Represents vulnerability finding of a security report on the pipeline. +Integrations which can receive alerts for the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `confidence` | [`String`](#string) | Type of the security report that found the vulnerability. | -| `description` | [`String`](#string) | Description of the vulnerability finding. | -| `identifiers` | [`[VulnerabilityIdentifier!]!`](#vulnerabilityidentifier) | Identifiers of the vulnerabilit finding. | -| `location` | [`VulnerabilityLocation`](#vulnerabilitylocation) | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability. | -| `name` | [`String`](#string) | Name of the vulnerability finding. | -| `project` | [`Project`](#project) | The project on which the vulnerability finding was found. | -| `projectFingerprint` | [`String`](#string) | Name of the vulnerability finding. | -| `reportType` | [`VulnerabilityReportType`](#vulnerabilityreporttype) | Type of the security report that found the vulnerability finding. | -| `scanner` | [`VulnerabilityScanner`](#vulnerabilityscanner) | Scanner metadata for the vulnerability. | -| `severity` | [`VulnerabilitySeverity`](#vulnerabilityseverity) | Severity of the vulnerability finding. | -| `solution` | [`String`](#string) | URL to the vulnerability's details page. | -| `uuid` | [`String`](#string) | Name of the vulnerability finding. | +Returns [`AlertManagementIntegrationConnection`](#alertmanagementintegrationconnection). -### `PipelineSecurityReportFindingConnection` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -The connection type for PipelineSecurityReportFinding. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[PipelineSecurityReportFindingEdge]`](#pipelinesecurityreportfindingedge) | A list of edges. | -| `nodes` | [`[PipelineSecurityReportFinding]`](#pipelinesecurityreportfinding) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectalertmanagementintegrationsid"></a>`id` | [`GlobalID`](#globalid) | ID of the integration. | -### `PipelineSecurityReportFindingEdge` +##### `Project.alertManagementPayloadFields` -An edge in a connection. +Extract alert fields from payload for custom mapping. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`PipelineSecurityReportFinding`](#pipelinesecurityreportfinding) | The item at the end of the edge. | +Returns [`[AlertManagementPayloadAlertField!]`](#alertmanagementpayloadalertfield). -### `Project` +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `actualRepositorySizeLimit` | [`Float`](#float) | Size limit for the repository in bytes. | -| `alertManagementAlert` | [`AlertManagementAlert`](#alertmanagementalert) | A single Alert Management alert of the project. | -| `alertManagementAlertStatusCounts` | [`AlertManagementAlertStatusCountsType`](#alertmanagementalertstatuscountstype) | Counts of alerts by status for the project. | -| `alertManagementAlerts` | [`AlertManagementAlertConnection`](#alertmanagementalertconnection) | Alert Management alerts of the project. | -| `alertManagementHttpIntegrations` | [`AlertManagementHttpIntegrationConnection`](#alertmanagementhttpintegrationconnection) | HTTP Integrations which can receive alerts for the project. | -| `alertManagementIntegrations` | [`AlertManagementIntegrationConnection`](#alertmanagementintegrationconnection) | Integrations which can receive alerts for the project. | -| `alertManagementPayloadFields` | [`[AlertManagementPayloadAlertField!]`](#alertmanagementpayloadalertfield) | Extract alert fields from payload for custom mapping. | -| `allowMergeOnSkippedPipeline` | [`Boolean`](#boolean) | If `only_allow_merge_if_pipeline_succeeds` is true, indicates if merge requests of the project can also be merged with skipped jobs. | -| `apiFuzzingCiConfiguration` | [`ApiFuzzingCiConfiguration`](#apifuzzingciconfiguration) | API fuzzing configuration for the project. | -| `archived` | [`Boolean`](#boolean) | Indicates the archived status of the project. | -| `autocloseReferencedIssues` | [`Boolean`](#boolean) | Indicates if issues referenced by merge requests and commits within the default branch are closed automatically. | -| `avatarUrl` | [`String`](#string) | URL to avatar image file of the project. | -| `board` | [`Board`](#board) | A single board of the project. | -| `boards` | [`BoardConnection`](#boardconnection) | Boards of the project. | -| `ciCdSettings` | [`ProjectCiCdSetting`](#projectcicdsetting) | CI/CD settings for the project. | -| `clusterAgent` | [`ClusterAgent`](#clusteragent) | Find a single cluster agent by name. | -| `clusterAgents` | [`ClusterAgentConnection`](#clusteragentconnection) | Cluster agents associated with the project. | -| `codeCoverageSummary` | [`CodeCoverageSummary`](#codecoveragesummary) | Code coverage summary associated with the project. | -| `complianceFrameworks` | [`ComplianceFrameworkConnection`](#complianceframeworkconnection) | Compliance frameworks associated with the project. | -| `containerExpirationPolicy` | [`ContainerExpirationPolicy`](#containerexpirationpolicy) | The container expiration policy of the project. | -| `containerRegistryEnabled` | [`Boolean`](#boolean) | Indicates if the project stores Docker container images in a container registry. | -| `containerRepositories` | [`ContainerRepositoryConnection`](#containerrepositoryconnection) | Container repositories of the project. | -| `containerRepositoriesCount` | [`Int!`](#int) | Number of container repositories in the project. | -| `createdAt` | [`Time`](#time) | Timestamp of the project creation. | -| `dastProfiles` | [`DastProfileConnection`](#dastprofileconnection) | DAST Profiles associated with the project. | -| `dastScannerProfiles` | [`DastScannerProfileConnection`](#dastscannerprofileconnection) | The DAST scanner profiles associated with the project. | -| `dastSiteProfile` | [`DastSiteProfile`](#dastsiteprofile) | DAST Site Profile associated with the project. | -| `dastSiteProfiles` | [`DastSiteProfileConnection`](#dastsiteprofileconnection) | DAST Site Profiles associated with the project. | -| `dastSiteValidations` | [`DastSiteValidationConnection`](#dastsitevalidationconnection) | DAST Site Validations associated with the project. | -| `description` | [`String`](#string) | Short description of the project. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `environment` | [`Environment`](#environment) | A single environment of the project. | -| `environments` | [`EnvironmentConnection`](#environmentconnection) | Environments of the project. | -| `forksCount` | [`Int!`](#int) | Number of times the project has been forked. | -| `fullPath` | [`ID!`](#id) | Full path of the project. | -| `grafanaIntegration` | [`GrafanaIntegration`](#grafanaintegration) | Grafana integration details for the project. | -| `group` | [`Group`](#group) | Group of the project. | -| `httpUrlToRepo` | [`String`](#string) | URL to connect to the project via HTTPS. | -| `id` | [`ID!`](#id) | ID of the project. | -| `importStatus` | [`String`](#string) | Status of import background job of the project. | -| `incidentManagementOncallSchedules` | [`IncidentManagementOncallScheduleConnection`](#incidentmanagementoncallscheduleconnection) | Incident Management On-call schedules of the project. | -| `issue` | [`Issue`](#issue) | A single issue of the project. | -| `issueStatusCounts` | [`IssueStatusCountsType`](#issuestatuscountstype) | Counts of issues by status for the project. | -| `issues` | [`IssueConnection`](#issueconnection) | Issues of the project. | -| `issuesEnabled` | [`Boolean`](#boolean) | Indicates if Issues are enabled for the current user. | -| `iterationCadences` | [`IterationCadenceConnection`](#iterationcadenceconnection) | Find iteration cadences. | -| `iterations` | [`IterationConnection`](#iterationconnection) | Find iterations. | -| `jiraImportStatus` | [`String`](#string) | Status of Jira import background job of the project. | -| `jiraImports` | [`JiraImportConnection`](#jiraimportconnection) | Jira imports into the project. | -| `jobs` | [`CiJobConnection`](#cijobconnection) | Jobs of a project. This field can only be resolved for one project in any single request. | -| `jobsEnabled` | [`Boolean`](#boolean) | Indicates if CI/CD pipeline jobs are enabled for the current user. | -| `label` | [`Label`](#label) | A label available on this project. | -| `labels` | [`LabelConnection`](#labelconnection) | Labels available on this project. | -| `lastActivityAt` | [`Time`](#time) | Timestamp of the project last activity. | -| `lfsEnabled` | [`Boolean`](#boolean) | Indicates if the project has Large File Storage (LFS) enabled. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | A single merge request of the project. | -| `mergeRequests` | [`MergeRequestConnection`](#mergerequestconnection) | Merge requests of the project. | -| `mergeRequestsEnabled` | [`Boolean`](#boolean) | Indicates if Merge Requests are enabled for the current user. | -| `mergeRequestsFfOnlyEnabled` | [`Boolean`](#boolean) | Indicates if no merge commits should be created and all merges should instead be fast-forwarded, which means that merging is only allowed if the branch could be fast-forwarded. | -| `milestones` | [`MilestoneConnection`](#milestoneconnection) | Milestones of the project. | -| `name` | [`String!`](#string) | Name of the project (without namespace). | -| `nameWithNamespace` | [`String!`](#string) | Full name of the project with its namespace. | -| `namespace` | [`Namespace`](#namespace) | Namespace of the project. | -| `onlyAllowMergeIfAllDiscussionsAreResolved` | [`Boolean`](#boolean) | Indicates if merge requests of the project can only be merged when all the discussions are resolved. | -| `onlyAllowMergeIfPipelineSucceeds` | [`Boolean`](#boolean) | Indicates if merge requests of the project can only be merged with successful jobs. | -| `openIssuesCount` | [`Int`](#int) | Number of open issues for the project. | -| `packages` | [`PackageConnection`](#packageconnection) | Packages of the project. | -| `path` | [`String!`](#string) | Path of the project. | -| `pipeline` | [`Pipeline`](#pipeline) | Build pipeline of the project. | -| `pipelineAnalytics` | [`PipelineAnalytics`](#pipelineanalytics) | Pipeline analytics. | -| `pipelines` | [`PipelineConnection`](#pipelineconnection) | Build pipelines of the project. | -| `printingMergeRequestLinkEnabled` | [`Boolean`](#boolean) | Indicates if a link to create or view a merge request should display after a push to Git repositories of the project from the command line. | -| `projectMembers` | [`MemberInterfaceConnection`](#memberinterfaceconnection) | Members of the project. | -| `publicJobs` | [`Boolean`](#boolean) | Indicates if there is public access to pipelines and job details of the project, including output logs and artifacts. | -| `pushRules` | [`PushRules`](#pushrules) | The project's push rules settings. | -| `release` | [`Release`](#release) | A single release of the project. | -| `releases` | [`ReleaseConnection`](#releaseconnection) | Releases of the project. | -| `removeSourceBranchAfterMerge` | [`Boolean`](#boolean) | Indicates if `Delete source branch` option should be enabled by default for all new merge requests of the project. | -| `repository` | [`Repository`](#repository) | Git repository of the project. | -| `repositorySizeExcess` | [`Float`](#float) | Size of repository that exceeds the limit in bytes. | -| `requestAccessEnabled` | [`Boolean`](#boolean) | Indicates if users can request member access to the project. | -| `requirement` | [`Requirement`](#requirement) | Find a single requirement. | -| `requirementStatesCount` | [`RequirementStatesCount`](#requirementstatescount) | Number of requirements for the project by their state. | -| `requirements` | [`RequirementConnection`](#requirementconnection) | Find requirements. | -| `sastCiConfiguration` | [`SastCiConfiguration`](#sastciconfiguration) | SAST CI configuration for the project. | -| `securityDashboardPath` | [`String`](#string) | Path to project's security dashboard. | -| `securityScanners` | [`SecurityScanners`](#securityscanners) | Information about security analyzers used in the project. | -| `sentryDetailedError` | [`SentryDetailedError`](#sentrydetailederror) | Detailed version of a Sentry error on the project. | -| `sentryErrors` | [`SentryErrorCollection`](#sentryerrorcollection) | Paginated collection of Sentry errors on the project. | -| `serviceDeskAddress` | [`String`](#string) | E-mail address of the service desk. | -| `serviceDeskEnabled` | [`Boolean`](#boolean) | Indicates if the project has service desk enabled. | -| `services` | [`ServiceConnection`](#serviceconnection) | Project services. | -| `sharedRunnersEnabled` | [`Boolean`](#boolean) | Indicates if shared runners are enabled for the project. | -| `snippets` | [`SnippetConnection`](#snippetconnection) | Snippets of the project. | -| `snippetsEnabled` | [`Boolean`](#boolean) | Indicates if Snippets are enabled for the current user. | -| `squashReadOnly` | [`Boolean!`](#boolean) | Indicates if `squashReadOnly` is enabled. | -| `sshUrlToRepo` | [`String`](#string) | URL to connect to the project via SSH. | -| `starCount` | [`Int!`](#int) | Number of times the project has been starred. | -| `statistics` | [`ProjectStatistics`](#projectstatistics) | Statistics of the project. | -| `suggestionCommitMessage` | [`String`](#string) | The commit message used to apply merge request suggestions. | -| `tagList` | [`String`](#string) | List of project topics (not Git tags). | -| `terraformState` | [`TerraformState`](#terraformstate) | Find a single Terraform state by name. | -| `terraformStates` | [`TerraformStateConnection`](#terraformstateconnection) | Terraform states associated with the project. | -| `userPermissions` | [`ProjectPermissions!`](#projectpermissions) | Permissions for the current user on the resource. | -| `visibility` | [`String`](#string) | Visibility of the project. | -| `vulnerabilities` | [`VulnerabilityConnection`](#vulnerabilityconnection) | Vulnerabilities reported on the project. | -| `vulnerabilitiesCountByDay` | [`VulnerabilitiesCountByDayConnection`](#vulnerabilitiescountbydayconnection) | Number of vulnerabilities per day for the project. | -| `vulnerabilityScanners` | [`VulnerabilityScannerConnection`](#vulnerabilityscannerconnection) | Vulnerability scanners reported on the project vulnerabilities. | -| `vulnerabilitySeveritiesCount` | [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount) | Counts for each vulnerability severity in the project. | -| `webUrl` | [`String`](#string) | Web URL of the project. | -| `wikiEnabled` | [`Boolean`](#boolean) | Indicates if Wikis are enabled for the current user. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectalertmanagementpayloadfieldspayloadexample"></a>`payloadExample` | [`String!`](#string) | Sample payload for extracting alert fields for custom mappings. | -### `ProjectCiCdSetting` +##### `Project.board` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `keepLatestArtifact` | [`Boolean`](#boolean) | Whether to keep the latest builds artifacts. | -| `mergePipelinesEnabled` | [`Boolean`](#boolean) | Whether merge pipelines are enabled. | -| `mergeTrainsEnabled` | [`Boolean`](#boolean) | Whether merge trains are enabled. | -| `project` | [`Project`](#project) | Project the CI/CD settings belong to. | +A single board of the project. -### `ProjectConnection` +Returns [`Board`](#board). -The connection type for Project. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ProjectEdge]`](#projectedge) | A list of edges. | -| `nodes` | [`[Project]`](#project) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectboardid"></a>`id` | [`BoardID!`](#boardid) | The board's ID. | -### `ProjectEdge` +##### `Project.boards` -An edge in a connection. +Boards of the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Project`](#project) | The item at the end of the edge. | +Returns [`BoardConnection`](#boardconnection). -### `ProjectMember` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Represents a Project Membership. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `accessLevel` | [`AccessLevel`](#accesslevel) | GitLab::Access level. | -| `createdAt` | [`Time`](#time) | Date and time the membership was created. | -| `createdBy` | [`User`](#user) | User that authorized membership. | -| `expiresAt` | [`Time`](#time) | Date and time the membership expires. | -| `id` | [`ID!`](#id) | ID of the member. | -| `project` | [`Project`](#project) | Project that User is a member of. | -| `updatedAt` | [`Time`](#time) | Date and time the membership was last updated. | -| `user` | [`User!`](#user) | User that is associated with the member object. | -| `userPermissions` | [`ProjectPermissions!`](#projectpermissions) | Permissions for the current user on the resource. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectboardsid"></a>`id` | [`BoardID`](#boardid) | Find a board by its ID. | -### `ProjectMemberConnection` +##### `Project.ciTemplate` -The connection type for ProjectMember. +Find a single CI/CD template by name. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ProjectMemberEdge]`](#projectmemberedge) | A list of edges. | -| `nodes` | [`[ProjectMember]`](#projectmember) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Returns [`CiTemplate`](#citemplate). -### `ProjectMemberEdge` +###### Arguments -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectcitemplatename"></a>`name` | [`String!`](#string) | Name of the CI/CD template to search for. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`ProjectMember`](#projectmember) | The item at the end of the edge. | +##### `Project.clusterAgent` -### `ProjectPermissions` +Find a single cluster agent by name. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `adminOperations` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_operations` on this resource. | -| `adminProject` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_project` on this resource. | -| `adminRemoteMirror` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_remote_mirror` on this resource. | -| `adminWiki` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_wiki` on this resource. | -| `archiveProject` | [`Boolean!`](#boolean) | Indicates the user can perform `archive_project` on this resource. | -| `changeNamespace` | [`Boolean!`](#boolean) | Indicates the user can perform `change_namespace` on this resource. | -| `changeVisibilityLevel` | [`Boolean!`](#boolean) | Indicates the user can perform `change_visibility_level` on this resource. | -| `createDeployment` | [`Boolean!`](#boolean) | Indicates the user can perform `create_deployment` on this resource. | -| `createDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `create_design` on this resource. | -| `createIssue` | [`Boolean!`](#boolean) | Indicates the user can perform `create_issue` on this resource. | -| `createLabel` | [`Boolean!`](#boolean) | Indicates the user can perform `create_label` on this resource. | -| `createMergeRequestFrom` | [`Boolean!`](#boolean) | Indicates the user can perform `create_merge_request_from` on this resource. | -| `createMergeRequestIn` | [`Boolean!`](#boolean) | Indicates the user can perform `create_merge_request_in` on this resource. | -| `createPages` | [`Boolean!`](#boolean) | Indicates the user can perform `create_pages` on this resource. | -| `createPipeline` | [`Boolean!`](#boolean) | Indicates the user can perform `create_pipeline` on this resource. | -| `createPipelineSchedule` | [`Boolean!`](#boolean) | Indicates the user can perform `create_pipeline_schedule` on this resource. | -| `createSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `create_snippet` on this resource. | -| `createWiki` | [`Boolean!`](#boolean) | Indicates the user can perform `create_wiki` on this resource. | -| `destroyDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_design` on this resource. | -| `destroyPages` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_pages` on this resource. | -| `destroyWiki` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_wiki` on this resource. | -| `downloadCode` | [`Boolean!`](#boolean) | Indicates the user can perform `download_code` on this resource. | -| `downloadWikiCode` | [`Boolean!`](#boolean) | Indicates the user can perform `download_wiki_code` on this resource. | -| `forkProject` | [`Boolean!`](#boolean) | Indicates the user can perform `fork_project` on this resource. | -| `pushCode` | [`Boolean!`](#boolean) | Indicates the user can perform `push_code` on this resource. | -| `pushToDeleteProtectedBranch` | [`Boolean!`](#boolean) | Indicates the user can perform `push_to_delete_protected_branch` on this resource. | -| `readCommitStatus` | [`Boolean!`](#boolean) | Indicates the user can perform `read_commit_status` on this resource. | -| `readCycleAnalytics` | [`Boolean!`](#boolean) | Indicates the user can perform `read_cycle_analytics` on this resource. | -| `readDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `read_design` on this resource. | -| `readMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `read_merge_request` on this resource. | -| `readPagesContent` | [`Boolean!`](#boolean) | Indicates the user can perform `read_pages_content` on this resource. | -| `readProject` | [`Boolean!`](#boolean) | Indicates the user can perform `read_project` on this resource. | -| `readProjectMember` | [`Boolean!`](#boolean) | Indicates the user can perform `read_project_member` on this resource. | -| `readWiki` | [`Boolean!`](#boolean) | Indicates the user can perform `read_wiki` on this resource. | -| `removeForkProject` | [`Boolean!`](#boolean) | Indicates the user can perform `remove_fork_project` on this resource. | -| `removePages` | [`Boolean!`](#boolean) | Indicates the user can perform `remove_pages` on this resource. | -| `removeProject` | [`Boolean!`](#boolean) | Indicates the user can perform `remove_project` on this resource. | -| `renameProject` | [`Boolean!`](#boolean) | Indicates the user can perform `rename_project` on this resource. | -| `requestAccess` | [`Boolean!`](#boolean) | Indicates the user can perform `request_access` on this resource. | -| `updatePages` | [`Boolean!`](#boolean) | Indicates the user can perform `update_pages` on this resource. | -| `updateWiki` | [`Boolean!`](#boolean) | Indicates the user can perform `update_wiki` on this resource. | -| `uploadFile` | [`Boolean!`](#boolean) | Indicates the user can perform `upload_file` on this resource. | +Returns [`ClusterAgent`](#clusteragent). -### `ProjectStatistics` +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `buildArtifactsSize` | [`Float!`](#float) | Build artifacts size of the project in bytes. | -| `commitCount` | [`Float!`](#float) | Commit count of the project. | -| `lfsObjectsSize` | [`Float!`](#float) | Large File Storage (LFS) object size of the project in bytes. | -| `packagesSize` | [`Float!`](#float) | Packages size of the project in bytes. | -| `repositorySize` | [`Float!`](#float) | Repository size of the project in bytes. | -| `snippetsSize` | [`Float`](#float) | Snippets size of the project in bytes. | -| `storageSize` | [`Float!`](#float) | Storage size of the project in bytes. | -| `uploadsSize` | [`Float`](#float) | Uploads size of the project in bytes. | -| `wikiSize` | [`Float`](#float) | Wiki size of the project in bytes. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectclusteragentname"></a>`name` | [`String!`](#string) | Name of the cluster agent. | -### `PrometheusAlert` +##### `Project.containerRepositories` -The alert condition for Prometheus. +Container repositories of the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `humanizedText` | [`String!`](#string) | The human-readable text of the alert condition. | -| `id` | [`ID!`](#id) | ID of the alert condition. | +Returns [`ContainerRepositoryConnection`](#containerrepositoryconnection). -### `PrometheusIntegrationCreatePayload` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Autogenerated return type of PrometheusIntegrationCreate. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `integration` | [`AlertManagementPrometheusIntegration`](#alertmanagementprometheusintegration) | The newly created integration. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectcontainerrepositoriesname"></a>`name` | [`String`](#string) | Filter the container repositories by their name. | +| <a id="projectcontainerrepositoriessort"></a>`sort` | [`ContainerRepositorySort`](#containerrepositorysort) | Sort container repositories by this criteria. | -### `PrometheusIntegrationResetTokenPayload` +##### `Project.dastSiteProfile` -Autogenerated return type of PrometheusIntegrationResetToken. +DAST Site Profile associated with the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `integration` | [`AlertManagementPrometheusIntegration`](#alertmanagementprometheusintegration) | The newly created integration. | +Returns [`DastSiteProfile`](#dastsiteprofile). -### `PrometheusIntegrationUpdatePayload` +###### Arguments -Autogenerated return type of PrometheusIntegrationUpdate. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectdastsiteprofileid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `integration` | [`AlertManagementPrometheusIntegration`](#alertmanagementprometheusintegration) | The newly created integration. | +##### `Project.dastSiteValidations` -### `PromoteToEpicPayload` +DAST Site Validations associated with the project. -Autogenerated return type of PromoteToEpic. +Returns [`DastSiteValidationConnection`](#dastsitevalidationconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `epic` | [`Epic`](#epic) | The epic after issue promotion. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `PushRules` +###### Arguments -Represents rules that commit pushes must follow. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectdastsitevalidationsnormalizedtargeturls"></a>`normalizedTargetUrls` | [`[String!]`](#string) | Normalized URL of the target to be scanned. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rejectUnsignedCommits` | [`Boolean!`](#boolean) | Indicates whether commits not signed through GPG will be rejected. | +##### `Project.environment` -### `RecentFailures` +A single environment of the project. -Recent failure history of a test case. +Returns [`Environment`](#environment). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `baseBranch` | [`String`](#string) | Name of the base branch of the project. | -| `count` | [`Int`](#int) | Number of times the test case has failed in the past 14 days. | +###### Arguments -### `Release` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectenvironmentname"></a>`name` | [`String`](#string) | Name of the environment. | +| <a id="projectenvironmentsearch"></a>`search` | [`String`](#string) | Search query for environment name. | +| <a id="projectenvironmentstates"></a>`states` | [`[String!]`](#string) | States of environments that should be included in result. | -Represents a release. +##### `Project.environments` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `assets` | [`ReleaseAssets`](#releaseassets) | Assets of the release. | -| `author` | [`User`](#user) | User that created the release. | -| `commit` | [`Commit`](#commit) | The commit associated with the release. | -| `createdAt` | [`Time`](#time) | Timestamp of when the release was created. | -| `description` | [`String`](#string) | Description (also known as "release notes") of the release. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `evidences` | [`ReleaseEvidenceConnection`](#releaseevidenceconnection) | Evidence for the release. | -| `links` | [`ReleaseLinks`](#releaselinks) | Links of the release. | -| `milestones` | [`MilestoneConnection`](#milestoneconnection) | Milestones associated to the release. | -| `name` | [`String`](#string) | Name of the release. | -| `releasedAt` | [`Time`](#time) | Timestamp of when the release was released. | -| `tagName` | [`String`](#string) | Name of the tag associated with the release. | -| `tagPath` | [`String`](#string) | Relative web path to the tag associated with the release. | -| `upcomingRelease` | [`Boolean`](#boolean) | Indicates the release is an upcoming release. | +Environments of the project. -### `ReleaseAssetLink` +Returns [`EnvironmentConnection`](#environmentconnection). -Represents an asset link associated with a release. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `directAssetUrl` | [`String`](#string) | Direct asset URL of the link. | -| `external` | [`Boolean`](#boolean) | Indicates the link points to an external resource. | -| `id` | [`ID!`](#id) | ID of the link. | -| `linkType` | [`ReleaseAssetLinkType`](#releaseassetlinktype) | Type of the link: `other`, `runbook`, `image`, `package`; defaults to `other`. | -| `name` | [`String`](#string) | Name of the link. | -| `url` | [`String`](#string) | URL of the link. | +###### Arguments -### `ReleaseAssetLinkConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectenvironmentsname"></a>`name` | [`String`](#string) | Name of the environment. | +| <a id="projectenvironmentssearch"></a>`search` | [`String`](#string) | Search query for environment name. | +| <a id="projectenvironmentsstates"></a>`states` | [`[String!]`](#string) | States of environments that should be included in result. | -The connection type for ReleaseAssetLink. +##### `Project.incidentManagementOncallSchedules` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ReleaseAssetLinkEdge]`](#releaseassetlinkedge) | A list of edges. | -| `nodes` | [`[ReleaseAssetLink]`](#releaseassetlink) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Incident Management On-call schedules of the project. -### `ReleaseAssetLinkCreatePayload` +Returns [`IncidentManagementOncallScheduleConnection`](#incidentmanagementoncallscheduleconnection). -Autogenerated return type of ReleaseAssetLinkCreate. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `link` | [`ReleaseAssetLink`](#releaseassetlink) | The asset link after mutation. | +###### Arguments -### `ReleaseAssetLinkDeletePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectincidentmanagementoncallschedulesiids"></a>`iids` | [`[ID!]`](#id) | IIDs of on-call schedules. | -Autogenerated return type of ReleaseAssetLinkDelete. +##### `Project.issue` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `link` | [`ReleaseAssetLink`](#releaseassetlink) | The deleted release asset link. | +A single issue of the project. -### `ReleaseAssetLinkEdge` +Returns [`Issue`](#issue). -An edge in a connection. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`ReleaseAssetLink`](#releaseassetlink) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectissueassigneeid"></a>`assigneeId` | [`String`](#string) | ID of a user assigned to the issues, "none" and "any" values are supported. | +| <a id="projectissueassigneeusername"></a>`assigneeUsername` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.11. Use `assigneeUsernames`. | +| <a id="projectissueassigneeusernames"></a>`assigneeUsernames` | [`[String!]`](#string) | Usernames of users assigned to the issue. | +| <a id="projectissueauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author of the issue. | +| <a id="projectissueclosedafter"></a>`closedAfter` | [`Time`](#time) | Issues closed after this date. | +| <a id="projectissueclosedbefore"></a>`closedBefore` | [`Time`](#time) | Issues closed before this date. | +| <a id="projectissuecreatedafter"></a>`createdAfter` | [`Time`](#time) | Issues created after this date. | +| <a id="projectissuecreatedbefore"></a>`createdBefore` | [`Time`](#time) | Issues created before this date. | +| <a id="projectissueepicid"></a>`epicId` | [`String`](#string) | ID of an epic associated with the issues, "none" and "any" values are supported. | +| <a id="projectissueiid"></a>`iid` | [`String`](#string) | IID of the issue. For example, "1". | +| <a id="projectissueiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, ["1", "2"]. | +| <a id="projectissueiterationid"></a>`iterationId` | [`[ID]`](#id) | List of iteration Global IDs applied to the issue. | +| <a id="projectissueiterationwildcardid"></a>`iterationWildcardId` | [`IterationWildcardId`](#iterationwildcardid) | Filter by iteration ID wildcard. | +| <a id="projectissuelabelname"></a>`labelName` | [`[String]`](#string) | Labels applied to this issue. | +| <a id="projectissuemilestonetitle"></a>`milestoneTitle` | [`[String]`](#string) | Milestone applied to this issue. | +| <a id="projectissuenot"></a>`not` | [`NegatedIssueFilterInput`](#negatedissuefilterinput) | Negated arguments. | +| <a id="projectissuesearch"></a>`search` | [`String`](#string) | Search query for issue title or description. | +| <a id="projectissuesort"></a>`sort` | [`IssueSort`](#issuesort) | Sort issues by this criteria. | +| <a id="projectissuestate"></a>`state` | [`IssuableState`](#issuablestate) | Current state of this issue. | +| <a id="projectissuetypes"></a>`types` | [`[IssueType!]`](#issuetype) | Filter issues by the given issue types. | +| <a id="projectissueupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Issues updated after this date. | +| <a id="projectissueupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Issues updated before this date. | +| <a id="projectissueweight"></a>`weight` | [`String`](#string) | Weight applied to the issue, "none" and "any" values are supported. | + +##### `Project.issueStatusCounts` + +Counts of issues by status for the project. + +Returns [`IssueStatusCountsType`](#issuestatuscountstype). + +###### Arguments -### `ReleaseAssetLinkUpdatePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectissuestatuscountsassigneeid"></a>`assigneeId` | [`String`](#string) | ID of a user assigned to the issues, "none" and "any" values are supported. | +| <a id="projectissuestatuscountsassigneeusername"></a>`assigneeUsername` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.11. Use `assigneeUsernames`. | +| <a id="projectissuestatuscountsassigneeusernames"></a>`assigneeUsernames` | [`[String!]`](#string) | Usernames of users assigned to the issue. | +| <a id="projectissuestatuscountsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author of the issue. | +| <a id="projectissuestatuscountsclosedafter"></a>`closedAfter` | [`Time`](#time) | Issues closed after this date. | +| <a id="projectissuestatuscountsclosedbefore"></a>`closedBefore` | [`Time`](#time) | Issues closed before this date. | +| <a id="projectissuestatuscountscreatedafter"></a>`createdAfter` | [`Time`](#time) | Issues created after this date. | +| <a id="projectissuestatuscountscreatedbefore"></a>`createdBefore` | [`Time`](#time) | Issues created before this date. | +| <a id="projectissuestatuscountsiid"></a>`iid` | [`String`](#string) | IID of the issue. For example, "1". | +| <a id="projectissuestatuscountsiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, ["1", "2"]. | +| <a id="projectissuestatuscountslabelname"></a>`labelName` | [`[String]`](#string) | Labels applied to this issue. | +| <a id="projectissuestatuscountsmilestonetitle"></a>`milestoneTitle` | [`[String]`](#string) | Milestone applied to this issue. | +| <a id="projectissuestatuscountsnot"></a>`not` | [`NegatedIssueFilterInput`](#negatedissuefilterinput) | Negated arguments. | +| <a id="projectissuestatuscountssearch"></a>`search` | [`String`](#string) | Search query for issue title or description. | +| <a id="projectissuestatuscountstypes"></a>`types` | [`[IssueType!]`](#issuetype) | Filter issues by the given issue types. | +| <a id="projectissuestatuscountsupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Issues updated after this date. | +| <a id="projectissuestatuscountsupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Issues updated before this date. | + +##### `Project.issues` + +Issues of the project. + +Returns [`IssueConnection`](#issueconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -Autogenerated return type of ReleaseAssetLinkUpdate. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectissuesassigneeid"></a>`assigneeId` | [`String`](#string) | ID of a user assigned to the issues, "none" and "any" values are supported. | +| <a id="projectissuesassigneeusername"></a>`assigneeUsername` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.11. Use `assigneeUsernames`. | +| <a id="projectissuesassigneeusernames"></a>`assigneeUsernames` | [`[String!]`](#string) | Usernames of users assigned to the issue. | +| <a id="projectissuesauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author of the issue. | +| <a id="projectissuesclosedafter"></a>`closedAfter` | [`Time`](#time) | Issues closed after this date. | +| <a id="projectissuesclosedbefore"></a>`closedBefore` | [`Time`](#time) | Issues closed before this date. | +| <a id="projectissuescreatedafter"></a>`createdAfter` | [`Time`](#time) | Issues created after this date. | +| <a id="projectissuescreatedbefore"></a>`createdBefore` | [`Time`](#time) | Issues created before this date. | +| <a id="projectissuesepicid"></a>`epicId` | [`String`](#string) | ID of an epic associated with the issues, "none" and "any" values are supported. | +| <a id="projectissuesiid"></a>`iid` | [`String`](#string) | IID of the issue. For example, "1". | +| <a id="projectissuesiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, ["1", "2"]. | +| <a id="projectissuesiterationid"></a>`iterationId` | [`[ID]`](#id) | List of iteration Global IDs applied to the issue. | +| <a id="projectissuesiterationwildcardid"></a>`iterationWildcardId` | [`IterationWildcardId`](#iterationwildcardid) | Filter by iteration ID wildcard. | +| <a id="projectissueslabelname"></a>`labelName` | [`[String]`](#string) | Labels applied to this issue. | +| <a id="projectissuesmilestonetitle"></a>`milestoneTitle` | [`[String]`](#string) | Milestone applied to this issue. | +| <a id="projectissuesnot"></a>`not` | [`NegatedIssueFilterInput`](#negatedissuefilterinput) | Negated arguments. | +| <a id="projectissuessearch"></a>`search` | [`String`](#string) | Search query for issue title or description. | +| <a id="projectissuessort"></a>`sort` | [`IssueSort`](#issuesort) | Sort issues by this criteria. | +| <a id="projectissuesstate"></a>`state` | [`IssuableState`](#issuablestate) | Current state of this issue. | +| <a id="projectissuestypes"></a>`types` | [`[IssueType!]`](#issuetype) | Filter issues by the given issue types. | +| <a id="projectissuesupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Issues updated after this date. | +| <a id="projectissuesupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Issues updated before this date. | +| <a id="projectissuesweight"></a>`weight` | [`String`](#string) | Weight applied to the issue, "none" and "any" values are supported. | + +##### `Project.iterationCadences` + +Find iteration cadences. + +Returns [`IterationCadenceConnection`](#iterationcadenceconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `link` | [`ReleaseAssetLink`](#releaseassetlink) | The asset link after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectiterationcadencesactive"></a>`active` | [`Boolean`](#boolean) | Whether the iteration cadence is active. | +| <a id="projectiterationcadencesautomatic"></a>`automatic` | [`Boolean`](#boolean) | Whether the iteration cadence should automatically generate future iterations. | +| <a id="projectiterationcadencesdurationinweeks"></a>`durationInWeeks` | [`Int`](#int) | Duration in weeks of the iterations within this cadence. | +| <a id="projectiterationcadencesid"></a>`id` | [`IterationsCadenceID`](#iterationscadenceid) | Global ID of the iteration cadence to look up. | +| <a id="projectiterationcadencesincludeancestorgroups"></a>`includeAncestorGroups` | [`Boolean`](#boolean) | Whether to include ancestor groups to search iterations cadences in. | +| <a id="projectiterationcadencestitle"></a>`title` | [`String`](#string) | Fuzzy search by title. | -### `ReleaseAssets` +##### `Project.iterations` -A container for all assets associated with a release. +Find iterations. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int`](#int) | Number of assets of the release. | -| `links` | [`ReleaseAssetLinkConnection`](#releaseassetlinkconnection) | Asset links of the release. | -| `sources` | [`ReleaseSourceConnection`](#releasesourceconnection) | Sources of the release. | +Returns [`IterationConnection`](#iterationconnection). -### `ReleaseConnection` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -The connection type for Release. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[ReleaseEdge]`](#releaseedge) | A list of edges. | -| `nodes` | [`[Release]`](#release) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectiterationsenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | +| <a id="projectiterationsid"></a>`id` | [`ID`](#id) | Global ID of the Iteration to look up. | +| <a id="projectiterationsiid"></a>`iid` | [`ID`](#id) | Internal ID of the Iteration to look up. | +| <a id="projectiterationsincludeancestors"></a>`includeAncestors` | [`Boolean`](#boolean) | Whether to include ancestor iterations. Defaults to true. | +| <a id="projectiterationsiterationcadenceids"></a>`iterationCadenceIds` | [`[IterationsCadenceID!]`](#iterationscadenceid) | Global iteration cadence IDs by which to look up the iterations. | +| <a id="projectiterationsstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. | +| <a id="projectiterationsstate"></a>`state` | [`IterationState`](#iterationstate) | Filter iterations by state. | +| <a id="projectiterationstimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. | +| <a id="projectiterationstitle"></a>`title` | [`String`](#string) | Fuzzy search by title. | -### `ReleaseCreatePayload` +##### `Project.jobs` -Autogenerated return type of ReleaseCreate. +Jobs of a project. This field can only be resolved for one project in any single request. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `release` | [`Release`](#release) | The release after mutation. | +Returns [`CiJobConnection`](#cijobconnection). -### `ReleaseDeletePayload` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Autogenerated return type of ReleaseDelete. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `release` | [`Release`](#release) | The deleted release. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectjobsstatuses"></a>`statuses` | [`[CiJobStatus!]`](#cijobstatus) | Filter jobs by status. | -### `ReleaseEdge` +##### `Project.label` -An edge in a connection. +A label available on this project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Release`](#release) | The item at the end of the edge. | +Returns [`Label`](#label). -### `ReleaseEvidence` +###### Arguments -Evidence for a release. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectlabeltitle"></a>`title` | [`String!`](#string) | Title of the label. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `collectedAt` | [`Time`](#time) | Timestamp when the evidence was collected. | -| `filepath` | [`String`](#string) | URL from where the evidence can be downloaded. | -| `id` | [`ID!`](#id) | ID of the evidence. | -| `sha` | [`String`](#string) | SHA1 ID of the evidence hash. | +##### `Project.labels` -### `ReleaseEvidenceConnection` +Labels available on this project. -The connection type for ReleaseEvidence. +Returns [`LabelConnection`](#labelconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ReleaseEvidenceEdge]`](#releaseevidenceedge) | A list of edges. | -| `nodes` | [`[ReleaseEvidence]`](#releaseevidence) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `ReleaseEvidenceEdge` +###### Arguments -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectlabelsincludeancestorgroups"></a>`includeAncestorGroups` | [`Boolean`](#boolean) | Include labels from ancestor groups. | +| <a id="projectlabelssearchterm"></a>`searchTerm` | [`String`](#string) | A search term to find labels with. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`ReleaseEvidence`](#releaseevidence) | The item at the end of the edge. | +##### `Project.mergeRequest` -### `ReleaseLinks` +A single merge request of the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `closedIssuesUrl` | [`String`](#string) | HTTP URL of the issues page, filtered by this release and `state=closed`. | -| `closedMergeRequestsUrl` | [`String`](#string) | HTTP URL of the merge request page , filtered by this release and `state=closed`. | -| `editUrl` | [`String`](#string) | HTTP URL of the release's edit page. | -| `mergedMergeRequestsUrl` | [`String`](#string) | HTTP URL of the merge request page , filtered by this release and `state=merged`. | -| `openedIssuesUrl` | [`String`](#string) | HTTP URL of the issues page, filtered by this release and `state=open`. | -| `openedMergeRequestsUrl` | [`String`](#string) | HTTP URL of the merge request page, filtered by this release and `state=open`. | -| `selfUrl` | [`String`](#string) | HTTP URL of the release. | +Returns [`MergeRequest`](#mergerequest). -### `ReleaseSource` +###### Arguments -Represents the source code attached to a release in a particular format. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectmergerequestiid"></a>`iid` | [`String!`](#string) | IID of the merge request, for example `1`. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `format` | [`String`](#string) | Format of the source. | -| `url` | [`String`](#string) | Download URL of the source. | +##### `Project.mergeRequests` -### `ReleaseSourceConnection` +Merge requests of the project. -The connection type for ReleaseSource. +Returns [`MergeRequestConnection`](#mergerequestconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ReleaseSourceEdge]`](#releasesourceedge) | A list of edges. | -| `nodes` | [`[ReleaseSource]`](#releasesource) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `ReleaseSourceEdge` +###### Arguments -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectmergerequestsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of the assignee. | +| <a id="projectmergerequestsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author. | +| <a id="projectmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="projectmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="projectmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="projectmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="projectmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="projectmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="projectmergerequestsreviewerusername"></a>`reviewerUsername` | [`String`](#string) | Username of the reviewer. | +| <a id="projectmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="projectmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="projectmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="projectmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`ReleaseSource`](#releasesource) | The item at the end of the edge. | +##### `Project.milestones` -### `ReleaseUpdatePayload` +Milestones of the project. -Autogenerated return type of ReleaseUpdate. +Returns [`MilestoneConnection`](#milestoneconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `release` | [`Release`](#release) | The release after mutation. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `RemoveAwardEmojiPayload` +###### Arguments -Autogenerated return type of RemoveAwardEmoji. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectmilestonescontainingdate"></a>`containingDate` | [`Time`](#time) | A date that the milestone contains. | +| <a id="projectmilestonesenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | +| <a id="projectmilestonesids"></a>`ids` | [`[ID!]`](#id) | Array of global milestone IDs, e.g., `"gid://gitlab/Milestone/1"`. | +| <a id="projectmilestonesincludeancestors"></a>`includeAncestors` | [`Boolean`](#boolean) | Also return milestones in the project's parent group and its ancestors. | +| <a id="projectmilestonessearchtitle"></a>`searchTitle` | [`String`](#string) | A search string for the title. | +| <a id="projectmilestonesstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. | +| <a id="projectmilestonesstate"></a>`state` | [`MilestoneStateEnum`](#milestonestateenum) | Filter milestones by state. | +| <a id="projectmilestonestimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. | +| <a id="projectmilestonestitle"></a>`title` | [`String`](#string) | The title of the milestone. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +##### `Project.packages` -### `RemoveProjectFromSecurityDashboardPayload` +Packages of the project. -Autogenerated return type of RemoveProjectFromSecurityDashboard. +Returns [`PackageConnection`](#packageconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `RepositionImageDiffNotePayload` +###### Arguments -Autogenerated return type of RepositionImageDiffNote. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectpackagesincludeversionless"></a>`includeVersionless` | [`Boolean`](#boolean) | Include versionless packages. | +| <a id="projectpackagespackagename"></a>`packageName` | [`String`](#string) | Search a package by name. | +| <a id="projectpackagespackagetype"></a>`packageType` | [`PackageTypeEnum`](#packagetypeenum) | Filter a package by type. | +| <a id="projectpackagessort"></a>`sort` | [`PackageSort`](#packagesort) | Sort packages by this criteria. | +| <a id="projectpackagesstatus"></a>`status` | [`PackageStatus`](#packagestatus) | Filter a package by status. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `note` | [`Note`](#note) | The note after mutation. | +##### `Project.pipeline` -### `Repository` +Build pipeline of the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `blobs` | [`RepositoryBlobConnection`](#repositoryblobconnection) | Blobs contained within the repository. | -| `branchNames` | [`[String!]`](#string) | Names of branches available in this repository that match the search pattern. | -| `empty` | [`Boolean!`](#boolean) | Indicates repository has no visible content. | -| `exists` | [`Boolean!`](#boolean) | Indicates a corresponding Git repository exists on disk. | -| `rootRef` | [`String`](#string) | Default branch of the repository. | -| `tree` | [`Tree`](#tree) | Tree of the repository. | +Returns [`Pipeline`](#pipeline). -### `RepositoryBlob` +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `id` | [`ID!`](#id) | ID of the blob. | -| `lfsOid` | [`String`](#string) | LFS OID of the blob. | -| `mode` | [`String`](#string) | Blob mode. | -| `name` | [`String`](#string) | Blob name. | -| `oid` | [`String!`](#string) | OID of the blob. | -| `path` | [`String!`](#string) | Path of the blob. | -| `webPath` | [`String`](#string) | Web path of the blob. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectpipelineiid"></a>`iid` | [`ID`](#id) | IID of the Pipeline. For example, "1". | +| <a id="projectpipelinesha"></a>`sha` | [`String`](#string) | SHA of the Pipeline. For example, "dyd0f15ay83993f5ab66k927w28673882x99100b". | -### `RepositoryBlobConnection` +##### `Project.pipelines` -The connection type for RepositoryBlob. +Build pipelines of the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[RepositoryBlobEdge]`](#repositoryblobedge) | A list of edges. | -| `nodes` | [`[RepositoryBlob]`](#repositoryblob) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Returns [`PipelineConnection`](#pipelineconnection). -### `RepositoryBlobEdge` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -An edge in a connection. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`RepositoryBlob`](#repositoryblob) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectpipelinesref"></a>`ref` | [`String`](#string) | Filter pipelines by the ref they are run for. | +| <a id="projectpipelinessha"></a>`sha` | [`String`](#string) | Filter pipelines by the sha of the commit they are run for. | +| <a id="projectpipelinesstatus"></a>`status` | [`PipelineStatusEnum`](#pipelinestatusenum) | Filter pipelines by their status. | -### `Requirement` +##### `Project.projectMembers` -Represents a requirement. +Members of the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `author` | [`User!`](#user) | Author of the requirement. | -| `createdAt` | [`Time!`](#time) | Timestamp of when the requirement was created. | -| `description` | [`String`](#string) | Description of the requirement. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `id` | [`ID!`](#id) | ID of the requirement. | -| `iid` | [`ID!`](#id) | Internal ID of the requirement. | -| `lastTestReportManuallyCreated` | [`Boolean`](#boolean) | Indicates if latest test report was created by user. | -| `lastTestReportState` | [`TestReportState`](#testreportstate) | Latest requirement test report state. | -| `project` | [`Project!`](#project) | Project to which the requirement belongs. | -| `state` | [`RequirementState!`](#requirementstate) | State of the requirement. | -| `testReports` | [`TestReportConnection`](#testreportconnection) | Test reports of the requirement. | -| `title` | [`String`](#string) | Title of the requirement. | -| `titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | -| `updatedAt` | [`Time!`](#time) | Timestamp of when the requirement was last updated. | -| `userPermissions` | [`RequirementPermissions!`](#requirementpermissions) | Permissions for the current user on the resource. | - -### `RequirementConnection` - -The connection type for Requirement. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[RequirementEdge]`](#requirementedge) | A list of edges. | -| `nodes` | [`[Requirement]`](#requirement) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `RequirementEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Requirement`](#requirement) | The item at the end of the edge. | +Returns [`MemberInterfaceConnection`](#memberinterfaceconnection). -### `RequirementPermissions` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Check permissions for the current user on a requirement. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `adminRequirement` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_requirement` on this resource. | -| `createRequirement` | [`Boolean!`](#boolean) | Indicates the user can perform `create_requirement` on this resource. | -| `destroyRequirement` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_requirement` on this resource. | -| `readRequirement` | [`Boolean!`](#boolean) | Indicates the user can perform `read_requirement` on this resource. | -| `updateRequirement` | [`Boolean!`](#boolean) | Indicates the user can perform `update_requirement` on this resource. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectprojectmembersrelations"></a>`relations` | [`[ProjectMemberRelation!]`](#projectmemberrelation) | Filter members by the given member relations. | +| <a id="projectprojectmemberssearch"></a>`search` | [`String`](#string) | Search query. | -### `RequirementStatesCount` +##### `Project.release` -Counts of requirements by their state. +A single release of the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `archived` | [`Int`](#int) | Number of archived requirements. | -| `opened` | [`Int`](#int) | Number of opened requirements. | +Returns [`Release`](#release). -### `RevertVulnerabilityToDetectedPayload` +###### Arguments -Autogenerated return type of RevertVulnerabilityToDetected. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectreleasetagname"></a>`tagName` | [`String!`](#string) | The name of the tag associated to the release. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after revert. | +##### `Project.releases` -### `RootStorageStatistics` +Releases of the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `buildArtifactsSize` | [`Float!`](#float) | The CI artifacts size in bytes. | -| `lfsObjectsSize` | [`Float!`](#float) | The LFS objects size in bytes. | -| `packagesSize` | [`Float!`](#float) | The packages size in bytes. | -| `pipelineArtifactsSize` | [`Float!`](#float) | The CI pipeline artifacts size in bytes. | -| `repositorySize` | [`Float!`](#float) | The Git repository size in bytes. | -| `snippetsSize` | [`Float!`](#float) | The snippets size in bytes. | -| `storageSize` | [`Float!`](#float) | The total storage in bytes. | -| `uploadsSize` | [`Float!`](#float) | The uploads size in bytes. | -| `wikiSize` | [`Float!`](#float) | The wiki size in bytes. | +Returns [`ReleaseConnection`](#releaseconnection). -### `RunDASTScanPayload` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Autogenerated return type of RunDASTScan. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `pipelineUrl` | [`String`](#string) | URL of the pipeline that was created. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectreleasessort"></a>`sort` | [`ReleaseSort`](#releasesort) | Sort releases by this criteria. | -### `RunnerArchitecture` +##### `Project.requirement` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `downloadLocation` | [`String!`](#string) | Download location for the runner for the platform architecture. | -| `name` | [`String!`](#string) | Name of the runner platform architecture. | +Find a single requirement. -### `RunnerArchitectureConnection` +Returns [`Requirement`](#requirement). -The connection type for RunnerArchitecture. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[RunnerArchitectureEdge]`](#runnerarchitectureedge) | A list of edges. | -| `nodes` | [`[RunnerArchitecture]`](#runnerarchitecture) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectrequirementauthorusername"></a>`authorUsername` | [`[String!]`](#string) | Filter requirements by author username. | +| <a id="projectrequirementiid"></a>`iid` | [`ID`](#id) | IID of the requirement, e.g., "1". | +| <a id="projectrequirementiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of requirements, e.g., [1, 2]. | +| <a id="projectrequirementlasttestreportstate"></a>`lastTestReportState` | [`RequirementStatusFilter`](#requirementstatusfilter) | The state of latest requirement test report. | +| <a id="projectrequirementsearch"></a>`search` | [`String`](#string) | Search query for requirement title. | +| <a id="projectrequirementsort"></a>`sort` | [`Sort`](#sort) | List requirements by sort order. | +| <a id="projectrequirementstate"></a>`state` | [`RequirementState`](#requirementstate) | Filter requirements by state. | -### `RunnerArchitectureEdge` +##### `Project.requirements` -An edge in a connection. +Find requirements. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`RunnerArchitecture`](#runnerarchitecture) | The item at the end of the edge. | +Returns [`RequirementConnection`](#requirementconnection). -### `RunnerPlatform` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `architectures` | [`RunnerArchitectureConnection`](#runnerarchitectureconnection) | Runner architectures supported for the platform. | -| `humanReadableName` | [`String!`](#string) | Human readable name of the runner platform. | -| `name` | [`String!`](#string) | Name slug of the runner platform. | +###### Arguments -### `RunnerPlatformConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectrequirementsauthorusername"></a>`authorUsername` | [`[String!]`](#string) | Filter requirements by author username. | +| <a id="projectrequirementsiid"></a>`iid` | [`ID`](#id) | IID of the requirement, e.g., "1". | +| <a id="projectrequirementsiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of requirements, e.g., [1, 2]. | +| <a id="projectrequirementslasttestreportstate"></a>`lastTestReportState` | [`RequirementStatusFilter`](#requirementstatusfilter) | The state of latest requirement test report. | +| <a id="projectrequirementssearch"></a>`search` | [`String`](#string) | Search query for requirement title. | +| <a id="projectrequirementssort"></a>`sort` | [`Sort`](#sort) | List requirements by sort order. | +| <a id="projectrequirementsstate"></a>`state` | [`RequirementState`](#requirementstate) | Filter requirements by state. | -The connection type for RunnerPlatform. +##### `Project.sentryDetailedError` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[RunnerPlatformEdge]`](#runnerplatformedge) | A list of edges. | -| `nodes` | [`[RunnerPlatform]`](#runnerplatform) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Detailed version of a Sentry error on the project. -### `RunnerPlatformEdge` +Returns [`SentryDetailedError`](#sentrydetailederror). -An edge in a connection. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`RunnerPlatform`](#runnerplatform) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectsentrydetailederrorid"></a>`id` | [`GitlabErrorTrackingDetailedErrorID!`](#gitlaberrortrackingdetailederrorid) | ID of the Sentry issue. | -### `RunnerSetup` +##### `Project.services` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `installInstructions` | [`String!`](#string) | Instructions for installing the runner on the specified architecture. | -| `registerInstructions` | [`String`](#string) | Instructions for registering the runner. | +Project services. -### `SastCiConfiguration` +Returns [`ServiceConnection`](#serviceconnection). -Represents a CI configuration of SAST. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `analyzers` | [`SastCiConfigurationAnalyzersEntityConnection`](#sastciconfigurationanalyzersentityconnection) | List of analyzers entities attached to SAST configuration. | -| `global` | [`SastCiConfigurationEntityConnection`](#sastciconfigurationentityconnection) | List of global entities related to SAST configuration. | -| `pipeline` | [`SastCiConfigurationEntityConnection`](#sastciconfigurationentityconnection) | List of pipeline entities related to SAST configuration. | +###### Arguments -### `SastCiConfigurationAnalyzersEntity` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectservicesactive"></a>`active` | [`Boolean`](#boolean) | Indicates if the service is active. | +| <a id="projectservicestype"></a>`type` | [`ServiceType`](#servicetype) | Class name of the service. | -Represents an analyzer entity in SAST CI configuration. +##### `Project.snippets` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Analyzer description that is displayed on the form. | -| `enabled` | [`Boolean`](#boolean) | Indicates whether an analyzer is enabled. | -| `label` | [`String`](#string) | Analyzer label used in the config UI. | -| `name` | [`String`](#string) | Name of the analyzer. | -| `variables` | [`SastCiConfigurationEntityConnection`](#sastciconfigurationentityconnection) | List of supported variables. | +Snippets of the project. -### `SastCiConfigurationAnalyzersEntityConnection` +Returns [`SnippetConnection`](#snippetconnection). -The connection type for SastCiConfigurationAnalyzersEntity. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[SastCiConfigurationAnalyzersEntityEdge]`](#sastciconfigurationanalyzersentityedge) | A list of edges. | -| `nodes` | [`[SastCiConfigurationAnalyzersEntity]`](#sastciconfigurationanalyzersentity) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +###### Arguments -### `SastCiConfigurationAnalyzersEntityEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectsnippetsids"></a>`ids` | [`[SnippetID!]`](#snippetid) | Array of global snippet IDs. For example, `gid://gitlab/ProjectSnippet/1`. | +| <a id="projectsnippetsvisibility"></a>`visibility` | [`VisibilityScopesEnum`](#visibilityscopesenum) | The visibility of the snippet. | -An edge in a connection. +##### `Project.terraformState` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`SastCiConfigurationAnalyzersEntity`](#sastciconfigurationanalyzersentity) | The item at the end of the edge. | +Find a single Terraform state by name. -### `SastCiConfigurationEntity` +Returns [`TerraformState`](#terraformstate). -Represents an entity in SAST CI configuration. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `defaultValue` | [`String`](#string) | Default value that is used if value is empty. | -| `description` | [`String`](#string) | Entity description that is displayed on the form. | -| `field` | [`String`](#string) | CI keyword of entity. | -| `label` | [`String`](#string) | Label for entity used in the form. | -| `options` | [`SastCiConfigurationOptionsEntityConnection`](#sastciconfigurationoptionsentityconnection) | Different possible values of the field. | -| `size` | [`SastUiComponentSize`](#sastuicomponentsize) | Size of the UI component. | -| `type` | [`String`](#string) | Type of the field value. | -| `value` | [`String`](#string) | Current value of the entity. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectterraformstatename"></a>`name` | [`String!`](#string) | Name of the Terraform state. | -### `SastCiConfigurationEntityConnection` +##### `Project.vulnerabilities` -The connection type for SastCiConfigurationEntity. +Vulnerabilities reported on the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[SastCiConfigurationEntityEdge]`](#sastciconfigurationentityedge) | A list of edges. | -| `nodes` | [`[SastCiConfigurationEntity]`](#sastciconfigurationentity) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Returns [`VulnerabilityConnection`](#vulnerabilityconnection). -### `SastCiConfigurationEntityEdge` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -An edge in a connection. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`SastCiConfigurationEntity`](#sastciconfigurationentity) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectvulnerabilitieshasissues"></a>`hasIssues` | [`Boolean`](#boolean) | Returns only the vulnerabilities which have linked issues. | +| <a id="projectvulnerabilitieshasresolution"></a>`hasResolution` | [`Boolean`](#boolean) | Returns only the vulnerabilities which have been resolved on default branch. | +| <a id="projectvulnerabilitiesprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. | +| <a id="projectvulnerabilitiesreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. | +| <a id="projectvulnerabilitiesscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by VulnerabilityScanner.externalId. | +| <a id="projectvulnerabilitiesscannerid"></a>`scannerId` | [`[VulnerabilitiesScannerID!]`](#vulnerabilitiesscannerid) | Filter vulnerabilities by scanner ID. | +| <a id="projectvulnerabilitiesseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. | +| <a id="projectvulnerabilitiessort"></a>`sort` | [`VulnerabilitySort`](#vulnerabilitysort) | List vulnerabilities by sort order. | +| <a id="projectvulnerabilitiesstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. | -### `SastCiConfigurationOptionsEntity` +##### `Project.vulnerabilitiesCountByDay` -Represents an entity for options in SAST CI configuration. +Number of vulnerabilities per day for the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `label` | [`String`](#string) | Label of option entity. | -| `value` | [`String`](#string) | Value of option entity. | +Returns [`VulnerabilitiesCountByDayConnection`](#vulnerabilitiescountbydayconnection). -### `SastCiConfigurationOptionsEntityConnection` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -The connection type for SastCiConfigurationOptionsEntity. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[SastCiConfigurationOptionsEntityEdge]`](#sastciconfigurationoptionsentityedge) | A list of edges. | -| `nodes` | [`[SastCiConfigurationOptionsEntity]`](#sastciconfigurationoptionsentity) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectvulnerabilitiescountbydayenddate"></a>`endDate` | [`ISO8601Date!`](#iso8601date) | Last day for which to fetch vulnerability history. | +| <a id="projectvulnerabilitiescountbydaystartdate"></a>`startDate` | [`ISO8601Date!`](#iso8601date) | First day for which to fetch vulnerability history. | -### `SastCiConfigurationOptionsEntityEdge` +##### `Project.vulnerabilitySeveritiesCount` -An edge in a connection. +Counts for each vulnerability severity in the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`SastCiConfigurationOptionsEntity`](#sastciconfigurationoptionsentity) | The item at the end of the edge. | +Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount). -### `Scan` +###### Arguments -Represents the security scan information. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectvulnerabilityseveritiescountprojectid"></a>`projectId` | [`[ID!]`](#id) | Filter vulnerabilities by project. | +| <a id="projectvulnerabilityseveritiescountreporttype"></a>`reportType` | [`[VulnerabilityReportType!]`](#vulnerabilityreporttype) | Filter vulnerabilities by report type. | +| <a id="projectvulnerabilityseveritiescountscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerabilities by scanner. | +| <a id="projectvulnerabilityseveritiescountseverity"></a>`severity` | [`[VulnerabilitySeverity!]`](#vulnerabilityseverity) | Filter vulnerabilities by severity. | +| <a id="projectvulnerabilityseveritiescountstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerabilities by state. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `errors` | [`[String!]!`](#string) | List of errors. | -| `name` | [`String!`](#string) | Name of the scan. | +### `ProjectCiCdSetting` -### `ScanConnection` +#### Fields -The connection type for Scan. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectcicdsettingkeeplatestartifact"></a>`keepLatestArtifact` | [`Boolean`](#boolean) | Whether to keep the latest builds artifacts. | +| <a id="projectcicdsettingmergepipelinesenabled"></a>`mergePipelinesEnabled` | [`Boolean`](#boolean) | Whether merge pipelines are enabled. | +| <a id="projectcicdsettingmergetrainsenabled"></a>`mergeTrainsEnabled` | [`Boolean`](#boolean) | Whether merge trains are enabled. | +| <a id="projectcicdsettingproject"></a>`project` | [`Project`](#project) | Project the CI/CD settings belong to. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ScanEdge]`](#scanedge) | A list of edges. | -| `nodes` | [`[Scan]`](#scan) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +### `ProjectMember` -### `ScanEdge` +Represents a Project Membership. -An edge in a connection. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Scan`](#scan) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectmemberaccesslevel"></a>`accessLevel` | [`AccessLevel`](#accesslevel) | GitLab::Access level. | +| <a id="projectmembercreatedat"></a>`createdAt` | [`Time`](#time) | Date and time the membership was created. | +| <a id="projectmembercreatedby"></a>`createdBy` | [`UserCore`](#usercore) | User that authorized membership. | +| <a id="projectmemberexpiresat"></a>`expiresAt` | [`Time`](#time) | Date and time the membership expires. | +| <a id="projectmemberid"></a>`id` | [`ID!`](#id) | ID of the member. | +| <a id="projectmemberproject"></a>`project` | [`Project`](#project) | Project that User is a member of. | +| <a id="projectmemberupdatedat"></a>`updatedAt` | [`Time`](#time) | Date and time the membership was last updated. | +| <a id="projectmemberuser"></a>`user` | [`UserCore!`](#usercore) | User that is associated with the member object. | +| <a id="projectmemberuserpermissions"></a>`userPermissions` | [`ProjectPermissions!`](#projectpermissions) | Permissions for the current user on the resource. | -### `ScannedResource` +### `ProjectPermissions` -Represents a resource scanned by a security scan. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `requestMethod` | [`String`](#string) | The HTTP request method used to access the URL. | -| `url` | [`String`](#string) | The URL scanned by the scanner. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectpermissionsadminoperations"></a>`adminOperations` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_operations` on this resource. | +| <a id="projectpermissionsadminpathlocks"></a>`adminPathLocks` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_path_locks` on this resource. | +| <a id="projectpermissionsadminproject"></a>`adminProject` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_project` on this resource. | +| <a id="projectpermissionsadminremotemirror"></a>`adminRemoteMirror` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_remote_mirror` on this resource. | +| <a id="projectpermissionsadminwiki"></a>`adminWiki` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_wiki` on this resource. | +| <a id="projectpermissionsarchiveproject"></a>`archiveProject` | [`Boolean!`](#boolean) | Indicates the user can perform `archive_project` on this resource. | +| <a id="projectpermissionschangenamespace"></a>`changeNamespace` | [`Boolean!`](#boolean) | Indicates the user can perform `change_namespace` on this resource. | +| <a id="projectpermissionschangevisibilitylevel"></a>`changeVisibilityLevel` | [`Boolean!`](#boolean) | Indicates the user can perform `change_visibility_level` on this resource. | +| <a id="projectpermissionscreatedeployment"></a>`createDeployment` | [`Boolean!`](#boolean) | Indicates the user can perform `create_deployment` on this resource. | +| <a id="projectpermissionscreatedesign"></a>`createDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `create_design` on this resource. | +| <a id="projectpermissionscreateissue"></a>`createIssue` | [`Boolean!`](#boolean) | Indicates the user can perform `create_issue` on this resource. | +| <a id="projectpermissionscreatelabel"></a>`createLabel` | [`Boolean!`](#boolean) | Indicates the user can perform `create_label` on this resource. | +| <a id="projectpermissionscreatemergerequestfrom"></a>`createMergeRequestFrom` | [`Boolean!`](#boolean) | Indicates the user can perform `create_merge_request_from` on this resource. | +| <a id="projectpermissionscreatemergerequestin"></a>`createMergeRequestIn` | [`Boolean!`](#boolean) | Indicates the user can perform `create_merge_request_in` on this resource. | +| <a id="projectpermissionscreatepages"></a>`createPages` | [`Boolean!`](#boolean) | Indicates the user can perform `create_pages` on this resource. | +| <a id="projectpermissionscreatepipeline"></a>`createPipeline` | [`Boolean!`](#boolean) | Indicates the user can perform `create_pipeline` on this resource. | +| <a id="projectpermissionscreatepipelineschedule"></a>`createPipelineSchedule` | [`Boolean!`](#boolean) | Indicates the user can perform `create_pipeline_schedule` on this resource. | +| <a id="projectpermissionscreatesnippet"></a>`createSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `create_snippet` on this resource. | +| <a id="projectpermissionscreatewiki"></a>`createWiki` | [`Boolean!`](#boolean) | Indicates the user can perform `create_wiki` on this resource. | +| <a id="projectpermissionsdestroydesign"></a>`destroyDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_design` on this resource. | +| <a id="projectpermissionsdestroypages"></a>`destroyPages` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_pages` on this resource. | +| <a id="projectpermissionsdestroywiki"></a>`destroyWiki` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_wiki` on this resource. | +| <a id="projectpermissionsdownloadcode"></a>`downloadCode` | [`Boolean!`](#boolean) | Indicates the user can perform `download_code` on this resource. | +| <a id="projectpermissionsdownloadwikicode"></a>`downloadWikiCode` | [`Boolean!`](#boolean) | Indicates the user can perform `download_wiki_code` on this resource. | +| <a id="projectpermissionsforkproject"></a>`forkProject` | [`Boolean!`](#boolean) | Indicates the user can perform `fork_project` on this resource. | +| <a id="projectpermissionspushcode"></a>`pushCode` | [`Boolean!`](#boolean) | Indicates the user can perform `push_code` on this resource. | +| <a id="projectpermissionspushtodeleteprotectedbranch"></a>`pushToDeleteProtectedBranch` | [`Boolean!`](#boolean) | Indicates the user can perform `push_to_delete_protected_branch` on this resource. | +| <a id="projectpermissionsreadcommitstatus"></a>`readCommitStatus` | [`Boolean!`](#boolean) | Indicates the user can perform `read_commit_status` on this resource. | +| <a id="projectpermissionsreadcycleanalytics"></a>`readCycleAnalytics` | [`Boolean!`](#boolean) | Indicates the user can perform `read_cycle_analytics` on this resource. | +| <a id="projectpermissionsreaddesign"></a>`readDesign` | [`Boolean!`](#boolean) | Indicates the user can perform `read_design` on this resource. | +| <a id="projectpermissionsreadmergerequest"></a>`readMergeRequest` | [`Boolean!`](#boolean) | Indicates the user can perform `read_merge_request` on this resource. | +| <a id="projectpermissionsreadpagescontent"></a>`readPagesContent` | [`Boolean!`](#boolean) | Indicates the user can perform `read_pages_content` on this resource. | +| <a id="projectpermissionsreadproject"></a>`readProject` | [`Boolean!`](#boolean) | Indicates the user can perform `read_project` on this resource. | +| <a id="projectpermissionsreadprojectmember"></a>`readProjectMember` | [`Boolean!`](#boolean) | Indicates the user can perform `read_project_member` on this resource. | +| <a id="projectpermissionsreadwiki"></a>`readWiki` | [`Boolean!`](#boolean) | Indicates the user can perform `read_wiki` on this resource. | +| <a id="projectpermissionsremoveforkproject"></a>`removeForkProject` | [`Boolean!`](#boolean) | Indicates the user can perform `remove_fork_project` on this resource. | +| <a id="projectpermissionsremovepages"></a>`removePages` | [`Boolean!`](#boolean) | Indicates the user can perform `remove_pages` on this resource. | +| <a id="projectpermissionsremoveproject"></a>`removeProject` | [`Boolean!`](#boolean) | Indicates the user can perform `remove_project` on this resource. | +| <a id="projectpermissionsrenameproject"></a>`renameProject` | [`Boolean!`](#boolean) | Indicates the user can perform `rename_project` on this resource. | +| <a id="projectpermissionsrequestaccess"></a>`requestAccess` | [`Boolean!`](#boolean) | Indicates the user can perform `request_access` on this resource. | +| <a id="projectpermissionsupdatepages"></a>`updatePages` | [`Boolean!`](#boolean) | Indicates the user can perform `update_pages` on this resource. | +| <a id="projectpermissionsupdatewiki"></a>`updateWiki` | [`Boolean!`](#boolean) | Indicates the user can perform `update_wiki` on this resource. | +| <a id="projectpermissionsuploadfile"></a>`uploadFile` | [`Boolean!`](#boolean) | Indicates the user can perform `upload_file` on this resource. | -### `ScannedResourceConnection` +### `ProjectStatistics` -The connection type for ScannedResource. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ScannedResourceEdge]`](#scannedresourceedge) | A list of edges. | -| `nodes` | [`[ScannedResource]`](#scannedresource) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="projectstatisticsbuildartifactssize"></a>`buildArtifactsSize` | [`Float!`](#float) | Build artifacts size of the project in bytes. | +| <a id="projectstatisticscommitcount"></a>`commitCount` | [`Float!`](#float) | Commit count of the project. | +| <a id="projectstatisticslfsobjectssize"></a>`lfsObjectsSize` | [`Float!`](#float) | Large File Storage (LFS) object size of the project in bytes. | +| <a id="projectstatisticspackagessize"></a>`packagesSize` | [`Float!`](#float) | Packages size of the project in bytes. | +| <a id="projectstatisticsrepositorysize"></a>`repositorySize` | [`Float!`](#float) | Repository size of the project in bytes. | +| <a id="projectstatisticssnippetssize"></a>`snippetsSize` | [`Float`](#float) | Snippets size of the project in bytes. | +| <a id="projectstatisticsstoragesize"></a>`storageSize` | [`Float!`](#float) | Storage size of the project in bytes. | +| <a id="projectstatisticsuploadssize"></a>`uploadsSize` | [`Float`](#float) | Uploads size of the project in bytes. | +| <a id="projectstatisticswikisize"></a>`wikiSize` | [`Float`](#float) | Wiki size of the project in bytes. | -### `ScannedResourceEdge` +### `PrometheusAlert` -An edge in a connection. +The alert condition for Prometheus. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`ScannedResource`](#scannedresource) | The item at the end of the edge. | +#### Fields -### `SecurityReportSummary` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="prometheusalerthumanizedtext"></a>`humanizedText` | [`String!`](#string) | The human-readable text of the alert condition. | +| <a id="prometheusalertid"></a>`id` | [`ID!`](#id) | ID of the alert condition. | -Represents summary of a security report. +### `PushRules` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `apiFuzzing` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `api_fuzzing` scan. | -| `containerScanning` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `container_scanning` scan. | -| `coverageFuzzing` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `coverage_fuzzing` scan. | -| `dast` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `dast` scan. | -| `dependencyScanning` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `dependency_scanning` scan. | -| `sast` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `sast` scan. | -| `secretDetection` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `secret_detection` scan. | +Represents rules that commit pushes must follow. -### `SecurityReportSummarySection` +#### Fields -Represents a section of a summary of a security report. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="pushrulesrejectunsignedcommits"></a>`rejectUnsignedCommits` | [`Boolean!`](#boolean) | Indicates whether commits not signed through GPG will be rejected. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `scannedResources` | [`ScannedResourceConnection`](#scannedresourceconnection) | A list of the first 20 scanned resources. | -| `scannedResourcesCount` | [`Int`](#int) | Total number of scanned resources. | -| `scannedResourcesCsvPath` | [`String`](#string) | Path to download all the scanned resources in CSV format. | -| `scans` | [`ScanConnection!`](#scanconnection) | List of security scans ran for the type. | -| `vulnerabilitiesCount` | [`Int`](#int) | Total number of vulnerabilities. | +### `RecentFailures` -### `SecurityScanners` +Recent failure history of a test case. -Represents a list of security scanners. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `available` | [`[SecurityScannerType!]`](#securityscannertype) | List of analyzers which are available for the project. | -| `enabled` | [`[SecurityScannerType!]`](#securityscannertype) | List of analyzers which are enabled for the project. | -| `pipelineRun` | [`[SecurityScannerType!]`](#securityscannertype) | List of analyzers which ran successfully in the latest pipeline. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="recentfailuresbasebranch"></a>`baseBranch` | [`String`](#string) | Name of the base branch of the project. | +| <a id="recentfailurescount"></a>`count` | [`Int`](#int) | Number of times the test case has failed in the past 14 days. | -### `SentryDetailedError` +### `Release` -A Sentry error. +Represents a release. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Count of occurrences. | -| `culprit` | [`String!`](#string) | Culprit of the error. | -| `externalBaseUrl` | [`String!`](#string) | External Base URL of the Sentry Instance. | -| `externalUrl` | [`String!`](#string) | External URL of the error. | -| `firstReleaseLastCommit` | [`String`](#string) | Commit the error was first seen. | -| `firstReleaseShortVersion` | [`String`](#string) | Release short version the error was first seen. | -| `firstReleaseVersion` | [`String`](#string) | Release version the error was first seen. | -| `firstSeen` | [`Time!`](#time) | Timestamp when the error was first seen. | -| `frequency` | [`[SentryErrorFrequency!]!`](#sentryerrorfrequency) | Last 24hr stats of the error. | -| `gitlabCommit` | [`String`](#string) | GitLab commit SHA attributed to the Error based on the release version. | -| `gitlabCommitPath` | [`String`](#string) | Path to the GitLab page for the GitLab commit attributed to the error. | -| `gitlabIssuePath` | [`String`](#string) | URL of GitLab Issue. | -| `id` | [`ID!`](#id) | ID (global ID) of the error. | -| `lastReleaseLastCommit` | [`String`](#string) | Commit the error was last seen. | -| `lastReleaseShortVersion` | [`String`](#string) | Release short version the error was last seen. | -| `lastReleaseVersion` | [`String`](#string) | Release version the error was last seen. | -| `lastSeen` | [`Time!`](#time) | Timestamp when the error was last seen. | -| `message` | [`String`](#string) | Sentry metadata message of the error. | -| `sentryId` | [`String!`](#string) | ID (Sentry ID) of the error. | -| `sentryProjectId` | [`ID!`](#id) | ID of the project (Sentry project). | -| `sentryProjectName` | [`String!`](#string) | Name of the project affected by the error. | -| `sentryProjectSlug` | [`String!`](#string) | Slug of the project affected by the error. | -| `shortId` | [`String!`](#string) | Short ID (Sentry ID) of the error. | -| `status` | [`SentryErrorStatus!`](#sentryerrorstatus) | Status of the error. | -| `tags` | [`SentryErrorTags!`](#sentryerrortags) | Tags associated with the Sentry Error. | -| `title` | [`String!`](#string) | Title of the error. | -| `type` | [`String!`](#string) | Type of the error. | -| `userCount` | [`Int!`](#int) | Count of users affected by the error. | +#### Fields -### `SentryError` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseassets"></a>`assets` | [`ReleaseAssets`](#releaseassets) | Assets of the release. | +| <a id="releaseauthor"></a>`author` | [`UserCore`](#usercore) | User that created the release. | +| <a id="releasecommit"></a>`commit` | [`Commit`](#commit) | The commit associated with the release. | +| <a id="releasecreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp of when the release was created. | +| <a id="releasedescription"></a>`description` | [`String`](#string) | Description (also known as "release notes") of the release. | +| <a id="releasedescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="releaseevidences"></a>`evidences` | [`ReleaseEvidenceConnection`](#releaseevidenceconnection) | Evidence for the release. (see [Connections](#connections)) | +| <a id="releaselinks"></a>`links` | [`ReleaseLinks`](#releaselinks) | Links of the release. | +| <a id="releasemilestones"></a>`milestones` | [`MilestoneConnection`](#milestoneconnection) | Milestones associated to the release. (see [Connections](#connections)) | +| <a id="releasename"></a>`name` | [`String`](#string) | Name of the release. | +| <a id="releasereleasedat"></a>`releasedAt` | [`Time`](#time) | Timestamp of when the release was released. | +| <a id="releasetagname"></a>`tagName` | [`String`](#string) | Name of the tag associated with the release. | +| <a id="releasetagpath"></a>`tagPath` | [`String`](#string) | Relative web path to the tag associated with the release. | +| <a id="releaseupcomingrelease"></a>`upcomingRelease` | [`Boolean`](#boolean) | Indicates the release is an upcoming release. | -A Sentry error. A simplified version of SentryDetailedError. +### `ReleaseAssetLink` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Count of occurrences. | -| `culprit` | [`String!`](#string) | Culprit of the error. | -| `externalUrl` | [`String!`](#string) | External URL of the error. | -| `firstSeen` | [`Time!`](#time) | Timestamp when the error was first seen. | -| `frequency` | [`[SentryErrorFrequency!]!`](#sentryerrorfrequency) | Last 24hr stats of the error. | -| `id` | [`ID!`](#id) | ID (global ID) of the error. | -| `lastSeen` | [`Time!`](#time) | Timestamp when the error was last seen. | -| `message` | [`String`](#string) | Sentry metadata message of the error. | -| `sentryId` | [`String!`](#string) | ID (Sentry ID) of the error. | -| `sentryProjectId` | [`ID!`](#id) | ID of the project (Sentry project). | -| `sentryProjectName` | [`String!`](#string) | Name of the project affected by the error. | -| `sentryProjectSlug` | [`String!`](#string) | Slug of the project affected by the error. | -| `shortId` | [`String!`](#string) | Short ID (Sentry ID) of the error. | -| `status` | [`SentryErrorStatus!`](#sentryerrorstatus) | Status of the error. | -| `title` | [`String!`](#string) | Title of the error. | -| `type` | [`String!`](#string) | Type of the error. | -| `userCount` | [`Int!`](#int) | Count of users affected by the error. | +Represents an asset link associated with a release. -### `SentryErrorCollection` +#### Fields -An object containing a collection of Sentry errors, and a detailed error. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseassetlinkdirectasseturl"></a>`directAssetUrl` | [`String`](#string) | Direct asset URL of the link. | +| <a id="releaseassetlinkexternal"></a>`external` | [`Boolean`](#boolean) | Indicates the link points to an external resource. | +| <a id="releaseassetlinkid"></a>`id` | [`ID!`](#id) | ID of the link. | +| <a id="releaseassetlinklinktype"></a>`linkType` | [`ReleaseAssetLinkType`](#releaseassetlinktype) | Type of the link: `other`, `runbook`, `image`, `package`; defaults to `other`. | +| <a id="releaseassetlinkname"></a>`name` | [`String`](#string) | Name of the link. | +| <a id="releaseassetlinkurl"></a>`url` | [`String`](#string) | URL of the link. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `detailedError` | [`SentryDetailedError`](#sentrydetailederror) | Detailed version of a Sentry error on the project. | -| `errorStackTrace` | [`SentryErrorStackTrace`](#sentryerrorstacktrace) | Stack Trace of Sentry Error. | -| `errors` | [`SentryErrorConnection`](#sentryerrorconnection) | Collection of Sentry Errors. | -| `externalUrl` | [`String`](#string) | External URL for Sentry. | +### `ReleaseAssets` -### `SentryErrorConnection` +A container for all assets associated with a release. -The connection type for SentryError. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[SentryErrorEdge]`](#sentryerroredge) | A list of edges. | -| `nodes` | [`[SentryError]`](#sentryerror) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseassetscount"></a>`count` | [`Int`](#int) | Number of assets of the release. | +| <a id="releaseassetslinks"></a>`links` | [`ReleaseAssetLinkConnection`](#releaseassetlinkconnection) | Asset links of the release. (see [Connections](#connections)) | +| <a id="releaseassetssources"></a>`sources` | [`ReleaseSourceConnection`](#releasesourceconnection) | Sources of the release. (see [Connections](#connections)) | -### `SentryErrorEdge` +### `ReleaseEvidence` -An edge in a connection. +Evidence for a release. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`SentryError`](#sentryerror) | The item at the end of the edge. | +#### Fields -### `SentryErrorFrequency` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseevidencecollectedat"></a>`collectedAt` | [`Time`](#time) | Timestamp when the evidence was collected. | +| <a id="releaseevidencefilepath"></a>`filepath` | [`String`](#string) | URL from where the evidence can be downloaded. | +| <a id="releaseevidenceid"></a>`id` | [`ID!`](#id) | ID of the evidence. | +| <a id="releaseevidencesha"></a>`sha` | [`String`](#string) | SHA1 ID of the evidence hash. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Count of errors received since the previously recorded time. | -| `time` | [`Time!`](#time) | Time the error frequency stats were recorded. | +### `ReleaseLinks` -### `SentryErrorStackTrace` +#### Fields -An object containing a stack trace entry for a Sentry error. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaselinksclosedissuesurl"></a>`closedIssuesUrl` | [`String`](#string) | HTTP URL of the issues page, filtered by this release and `state=closed`. | +| <a id="releaselinksclosedmergerequestsurl"></a>`closedMergeRequestsUrl` | [`String`](#string) | HTTP URL of the merge request page , filtered by this release and `state=closed`. | +| <a id="releaselinksediturl"></a>`editUrl` | [`String`](#string) | HTTP URL of the release's edit page. | +| <a id="releaselinksmergedmergerequestsurl"></a>`mergedMergeRequestsUrl` | [`String`](#string) | HTTP URL of the merge request page , filtered by this release and `state=merged`. | +| <a id="releaselinksopenedissuesurl"></a>`openedIssuesUrl` | [`String`](#string) | HTTP URL of the issues page, filtered by this release and `state=open`. | +| <a id="releaselinksopenedmergerequestsurl"></a>`openedMergeRequestsUrl` | [`String`](#string) | HTTP URL of the merge request page, filtered by this release and `state=open`. | +| <a id="releaselinksselfurl"></a>`selfUrl` | [`String`](#string) | HTTP URL of the release. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `dateReceived` | [`String!`](#string) | Time the stack trace was received by Sentry. | -| `issueId` | [`String!`](#string) | ID of the Sentry error. | -| `stackTraceEntries` | [`[SentryErrorStackTraceEntry!]!`](#sentryerrorstacktraceentry) | Stack trace entries for the Sentry error. | +### `ReleaseSource` -### `SentryErrorStackTraceContext` +Represents the source code attached to a release in a particular format. -An object context for a Sentry error stack trace. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `code` | [`String!`](#string) | Code number of the context. | -| `line` | [`Int!`](#int) | Line number of the context. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releasesourceformat"></a>`format` | [`String`](#string) | Format of the source. | +| <a id="releasesourceurl"></a>`url` | [`String`](#string) | Download URL of the source. | -### `SentryErrorStackTraceEntry` +### `Repository` -An object containing a stack trace entry for a Sentry error. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `col` | [`String`](#string) | Function in which the Sentry error occurred. | -| `fileName` | [`String`](#string) | File in which the Sentry error occurred. | -| `function` | [`String`](#string) | Function in which the Sentry error occurred. | -| `line` | [`String`](#string) | Function in which the Sentry error occurred. | -| `traceContext` | [`[SentryErrorStackTraceContext!]`](#sentryerrorstacktracecontext) | Context of the Sentry error. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="repositorydiskpath"></a>`diskPath` | [`String`](#string) | Shows a disk path of the repository. | +| <a id="repositoryempty"></a>`empty` | [`Boolean!`](#boolean) | Indicates repository has no visible content. | +| <a id="repositoryexists"></a>`exists` | [`Boolean!`](#boolean) | Indicates a corresponding Git repository exists on disk. | +| <a id="repositoryrootref"></a>`rootRef` | [`String`](#string) | Default branch of the repository. | -### `SentryErrorTags` +#### Fields with arguments -State of a Sentry error. +##### `Repository.blobs` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `level` | [`String`](#string) | Severity level of the Sentry Error. | -| `logger` | [`String`](#string) | Logger of the Sentry Error. | +Blobs contained within the repository. -### `ServiceConnection` +Returns [`RepositoryBlobConnection`](#repositoryblobconnection). -The connection type for Service. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[ServiceEdge]`](#serviceedge) | A list of edges. | -| `nodes` | [`[Service]`](#service) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +###### Arguments -### `ServiceEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="repositoryblobspaths"></a>`paths` | [`[String!]!`](#string) | Array of desired blob paths. | +| <a id="repositoryblobsref"></a>`ref` | [`String`](#string) | The commit ref to get the blobs from. Default value is HEAD. | -An edge in a connection. +##### `Repository.branchNames` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Service`](#service) | The item at the end of the edge. | +Names of branches available in this repository that match the search pattern. -### `Snippet` +Returns [`[String!]`](#string). -Represents a snippet entry. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `author` | [`User`](#user) | The owner of the snippet. | -| `blob` **{warning-solid}** | [`SnippetBlob!`](#snippetblob) | **Deprecated** in 13.3. Use `blobs`. | -| `blobs` | [`SnippetBlobConnection`](#snippetblobconnection) | Snippet blobs. | -| `createdAt` | [`Time!`](#time) | Timestamp this snippet was created. | -| `description` | [`String`](#string) | Description of the snippet. | -| `descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | -| `discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. | -| `fileName` | [`String`](#string) | File Name of the snippet. | -| `httpUrlToRepo` | [`String`](#string) | HTTP URL to the snippet repository. | -| `id` | [`SnippetID!`](#snippetid) | ID of the snippet. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. | -| `project` | [`Project`](#project) | The project the snippet is associated with. | -| `rawUrl` | [`String!`](#string) | Raw URL of the snippet. | -| `sshUrlToRepo` | [`String`](#string) | SSH URL to the snippet repository. | -| `title` | [`String!`](#string) | Title of the snippet. | -| `updatedAt` | [`Time!`](#time) | Timestamp this snippet was updated. | -| `userPermissions` | [`SnippetPermissions!`](#snippetpermissions) | Permissions for the current user on the resource. | -| `visibilityLevel` | [`VisibilityLevelsEnum!`](#visibilitylevelsenum) | Visibility Level of the snippet. | -| `webUrl` | [`String!`](#string) | Web URL of the snippet. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="repositorybranchnameslimit"></a>`limit` | [`Int!`](#int) | The number of branch names to return. | +| <a id="repositorybranchnamesoffset"></a>`offset` | [`Int!`](#int) | The number of branch names to skip. | +| <a id="repositorybranchnamessearchpattern"></a>`searchPattern` | [`String!`](#string) | The pattern to search for branch names by. | -### `SnippetBlob` +##### `Repository.tree` -Represents the snippet blob. +Tree of the repository. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `binary` | [`Boolean!`](#boolean) | Shows whether the blob is binary. | -| `externalStorage` | [`String`](#string) | Blob external storage. | -| `mode` | [`String`](#string) | Blob mode. | -| `name` | [`String`](#string) | Blob name. | -| `path` | [`String`](#string) | Blob path. | -| `plainData` | [`String`](#string) | Blob plain highlighted data. | -| `rawPath` | [`String!`](#string) | Blob raw content endpoint path. | -| `renderedAsText` | [`Boolean!`](#boolean) | Shows whether the blob is rendered as text. | -| `richData` | [`String`](#string) | Blob highlighted data. | -| `richViewer` | [`SnippetBlobViewer`](#snippetblobviewer) | Blob content rich viewer. | -| `simpleViewer` | [`SnippetBlobViewer!`](#snippetblobviewer) | Blob content simple viewer. | -| `size` | [`Int!`](#int) | Blob size. | +Returns [`Tree`](#tree). -### `SnippetBlobConnection` +###### Arguments -The connection type for SnippetBlob. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="repositorytreepath"></a>`path` | [`String`](#string) | The path to get the tree for. Default value is the root of the repository. | +| <a id="repositorytreerecursive"></a>`recursive` | [`Boolean`](#boolean) | Used to get a recursive tree. Default is false. | +| <a id="repositorytreeref"></a>`ref` | [`String`](#string) | The commit ref to get the tree for. Default value is HEAD. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[SnippetBlobEdge]`](#snippetblobedge) | A list of edges. | -| `nodes` | [`[SnippetBlob]`](#snippetblob) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +### `RepositoryBlob` -### `SnippetBlobEdge` +#### Fields -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="repositoryblobcanmodifyblob"></a>`canModifyBlob` | [`Boolean`](#boolean) | Whether the current user can modify the blob. | +| <a id="repositoryblobeditblobpath"></a>`editBlobPath` | [`String`](#string) | Web path to edit the blob in the old-style editor. | +| <a id="repositoryblobexternalstorageurl"></a>`externalStorageUrl` | [`String`](#string) | Web path to download the raw blob via external storage, if enabled. | +| <a id="repositoryblobfiletype"></a>`fileType` | [`String`](#string) | The expected format of the blob based on the extension. | +| <a id="repositoryblobforkandeditpath"></a>`forkAndEditPath` | [`String`](#string) | Web path to edit this blob using a forked project. | +| <a id="repositoryblobid"></a>`id` | [`ID!`](#id) | ID of the blob. | +| <a id="repositoryblobideeditpath"></a>`ideEditPath` | [`String`](#string) | Web path to edit this blob in the Web IDE. | +| <a id="repositoryblobideforkandeditpath"></a>`ideForkAndEditPath` | [`String`](#string) | Web path to edit this blob in the Web IDE using a forked project. | +| <a id="repositorybloblfsoid"></a>`lfsOid` | [`String`](#string) | LFS OID of the blob. | +| <a id="repositoryblobmode"></a>`mode` | [`String`](#string) | Blob mode. | +| <a id="repositoryblobname"></a>`name` | [`String`](#string) | Blob name. | +| <a id="repositorybloboid"></a>`oid` | [`String!`](#string) | OID of the blob. | +| <a id="repositoryblobpath"></a>`path` | [`String!`](#string) | Path of the blob. | +| <a id="repositoryblobplaindata"></a>`plainData` | [`String`](#string) | Blob plain highlighted data. | +| <a id="repositoryblobrawblob"></a>`rawBlob` | [`String`](#string) | The raw content of the blob. | +| <a id="repositoryblobrawpath"></a>`rawPath` | [`String`](#string) | Web path to download the raw blob. | +| <a id="repositoryblobrawsize"></a>`rawSize` | [`Int`](#int) | Size (in bytes) of the blob, or the blob target if stored externally. | +| <a id="repositoryblobrawtextblob"></a>`rawTextBlob` | [`String`](#string) | The raw content of the blob, if the blob is text data. | +| <a id="repositoryblobreplacepath"></a>`replacePath` | [`String`](#string) | Web path to replace the blob content. | +| <a id="repositoryblobrichviewer"></a>`richViewer` | [`BlobViewer`](#blobviewer) | Blob content rich viewer. | +| <a id="repositoryblobsimpleviewer"></a>`simpleViewer` | [`BlobViewer!`](#blobviewer) | Blob content simple viewer. | +| <a id="repositoryblobsize"></a>`size` | [`Int`](#int) | Size (in bytes) of the blob. | +| <a id="repositoryblobstoredexternally"></a>`storedExternally` | [`Boolean`](#boolean) | Whether the blob's content is stored externally (for instance, in LFS). | +| <a id="repositoryblobwebpath"></a>`webPath` | [`String`](#string) | Web path of the blob. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`SnippetBlob`](#snippetblob) | The item at the end of the edge. | +### `Requirement` -### `SnippetBlobViewer` +Represents a requirement. -Represents how the blob content should be displayed. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `collapsed` | [`Boolean!`](#boolean) | Shows whether the blob should be displayed collapsed. | -| `fileType` | [`String!`](#string) | Content file type. | -| `loadAsync` | [`Boolean!`](#boolean) | Shows whether the blob content is loaded asynchronously. | -| `loadingPartialName` | [`String!`](#string) | Loading partial name. | -| `renderError` | [`String`](#string) | Error rendering the blob content. | -| `tooLarge` | [`Boolean!`](#boolean) | Shows whether the blob too large to be displayed. | -| `type` | [`BlobViewersType!`](#blobviewerstype) | Type of blob viewer. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="requirementauthor"></a>`author` | [`UserCore!`](#usercore) | Author of the requirement. | +| <a id="requirementcreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of when the requirement was created. | +| <a id="requirementdescription"></a>`description` | [`String`](#string) | Description of the requirement. | +| <a id="requirementdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="requirementid"></a>`id` | [`ID!`](#id) | ID of the requirement. | +| <a id="requirementiid"></a>`iid` | [`ID!`](#id) | Internal ID of the requirement. | +| <a id="requirementlasttestreportmanuallycreated"></a>`lastTestReportManuallyCreated` | [`Boolean`](#boolean) | Indicates if latest test report was created by user. | +| <a id="requirementlasttestreportstate"></a>`lastTestReportState` | [`TestReportState`](#testreportstate) | Latest requirement test report state. | +| <a id="requirementproject"></a>`project` | [`Project!`](#project) | Project to which the requirement belongs. | +| <a id="requirementstate"></a>`state` | [`RequirementState!`](#requirementstate) | State of the requirement. | +| <a id="requirementtitle"></a>`title` | [`String`](#string) | Title of the requirement. | +| <a id="requirementtitlehtml"></a>`titleHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `title`. | +| <a id="requirementupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of when the requirement was last updated. | +| <a id="requirementuserpermissions"></a>`userPermissions` | [`RequirementPermissions!`](#requirementpermissions) | Permissions for the current user on the resource. | -### `SnippetConnection` +#### Fields with arguments -The connection type for Snippet. +##### `Requirement.testReports` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[SnippetEdge]`](#snippetedge) | A list of edges. | -| `nodes` | [`[Snippet]`](#snippet) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Test reports of the requirement. -### `SnippetEdge` +Returns [`TestReportConnection`](#testreportconnection). -An edge in a connection. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Snippet`](#snippet) | The item at the end of the edge. | +###### Arguments -### `SnippetPermissions` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="requirementtestreportssort"></a>`sort` | [`Sort`](#sort) | List test reports by sort order. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `adminSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_snippet` on this resource. | -| `awardEmoji` | [`Boolean!`](#boolean) | Indicates the user can perform `award_emoji` on this resource. | -| `createNote` | [`Boolean!`](#boolean) | Indicates the user can perform `create_note` on this resource. | -| `readSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `read_snippet` on this resource. | -| `reportSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `report_snippet` on this resource. | -| `updateSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `update_snippet` on this resource. | +### `RequirementPermissions` -### `SnippetRepositoryRegistry` +Check permissions for the current user on a requirement. -Represents the Geo sync and verification state of a snippet repository. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time`](#time) | Timestamp when the SnippetRepositoryRegistry was created. | -| `id` | [`ID!`](#id) | ID of the SnippetRepositoryRegistry. | -| `lastSyncFailure` | [`String`](#string) | Error message during sync of the SnippetRepositoryRegistry. | -| `lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the SnippetRepositoryRegistry. | -| `retryAt` | [`Time`](#time) | Timestamp after which the SnippetRepositoryRegistry should be resynced. | -| `retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the SnippetRepositoryRegistry. | -| `snippetRepositoryId` | [`ID!`](#id) | ID of the Snippet Repository. | -| `state` | [`RegistryState`](#registrystate) | Sync state of the SnippetRepositoryRegistry. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="requirementpermissionsadminrequirement"></a>`adminRequirement` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_requirement` on this resource. | +| <a id="requirementpermissionscreaterequirement"></a>`createRequirement` | [`Boolean!`](#boolean) | Indicates the user can perform `create_requirement` on this resource. | +| <a id="requirementpermissionsdestroyrequirement"></a>`destroyRequirement` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_requirement` on this resource. | +| <a id="requirementpermissionsreadrequirement"></a>`readRequirement` | [`Boolean!`](#boolean) | Indicates the user can perform `read_requirement` on this resource. | +| <a id="requirementpermissionsupdaterequirement"></a>`updateRequirement` | [`Boolean!`](#boolean) | Indicates the user can perform `update_requirement` on this resource. | -### `SnippetRepositoryRegistryConnection` +### `RequirementStatesCount` -The connection type for SnippetRepositoryRegistry. +Counts of requirements by their state. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[SnippetRepositoryRegistryEdge]`](#snippetrepositoryregistryedge) | A list of edges. | -| `nodes` | [`[SnippetRepositoryRegistry]`](#snippetrepositoryregistry) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### Fields -### `SnippetRepositoryRegistryEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="requirementstatescountarchived"></a>`archived` | [`Int`](#int) | Number of archived requirements. | +| <a id="requirementstatescountopened"></a>`opened` | [`Int`](#int) | Number of opened requirements. | -An edge in a connection. +### `RootStorageStatistics` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`SnippetRepositoryRegistry`](#snippetrepositoryregistry) | The item at the end of the edge. | +#### Fields -### `StatusAction` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="rootstoragestatisticsbuildartifactssize"></a>`buildArtifactsSize` | [`Float!`](#float) | The CI artifacts size in bytes. | +| <a id="rootstoragestatisticslfsobjectssize"></a>`lfsObjectsSize` | [`Float!`](#float) | The LFS objects size in bytes. | +| <a id="rootstoragestatisticspackagessize"></a>`packagesSize` | [`Float!`](#float) | The packages size in bytes. | +| <a id="rootstoragestatisticspipelineartifactssize"></a>`pipelineArtifactsSize` | [`Float!`](#float) | The CI pipeline artifacts size in bytes. | +| <a id="rootstoragestatisticsrepositorysize"></a>`repositorySize` | [`Float!`](#float) | The Git repository size in bytes. | +| <a id="rootstoragestatisticssnippetssize"></a>`snippetsSize` | [`Float!`](#float) | The snippets size in bytes. | +| <a id="rootstoragestatisticsstoragesize"></a>`storageSize` | [`Float!`](#float) | The total storage in bytes. | +| <a id="rootstoragestatisticsuploadssize"></a>`uploadsSize` | [`Float!`](#float) | The uploads size in bytes. | +| <a id="rootstoragestatisticswikisize"></a>`wikiSize` | [`Float!`](#float) | The wiki size in bytes. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `buttonTitle` | [`String`](#string) | Title for the button, for example: Retry this job. | -| `icon` | [`String`](#string) | Icon used in the action button. | -| `method` | [`String`](#string) | Method for the action, for example: :post. | -| `path` | [`String`](#string) | Path for the action. | -| `title` | [`String`](#string) | Title for the action, for example: Retry. | +### `RunDASTScanPayload` -### `Submodule` +Autogenerated return type of RunDASTScan. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `flatPath` | [`String!`](#string) | Flat path of the entry. | -| `id` | [`ID!`](#id) | ID of the entry. | -| `name` | [`String!`](#string) | Name of the entry. | -| `path` | [`String!`](#string) | Path of the entry. | -| `sha` | [`String!`](#string) | Last commit SHA for the entry. | -| `treeUrl` | [`String`](#string) | Tree URL for the sub-module. | -| `type` | [`EntryType!`](#entrytype) | Type of tree entry. | -| `webUrl` | [`String`](#string) | Web URL for the sub-module. | +#### Fields -### `SubmoduleConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="rundastscanpayloadclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="rundastscanpayloaderrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="rundastscanpayloadpipelineurl"></a>`pipelineUrl` | [`String`](#string) | URL of the pipeline that was created. | -The connection type for Submodule. +### `RunnerArchitecture` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[SubmoduleEdge]`](#submoduleedge) | A list of edges. | -| `nodes` | [`[Submodule]`](#submodule) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### Fields -### `SubmoduleEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="runnerarchitecturedownloadlocation"></a>`downloadLocation` | [`String!`](#string) | Download location for the runner for the platform architecture. | +| <a id="runnerarchitecturename"></a>`name` | [`String!`](#string) | Name of the runner platform architecture. | -An edge in a connection. +### `RunnerPlatform` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Submodule`](#submodule) | The item at the end of the edge. | +#### Fields -### `TaskCompletionStatus` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="runnerplatformarchitectures"></a>`architectures` | [`RunnerArchitectureConnection`](#runnerarchitectureconnection) | Runner architectures supported for the platform. (see [Connections](#connections)) | +| <a id="runnerplatformhumanreadablename"></a>`humanReadableName` | [`String!`](#string) | Human readable name of the runner platform. | +| <a id="runnerplatformname"></a>`name` | [`String!`](#string) | Name slug of the runner platform. | -Completion status of tasks. +### `RunnerSetup` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `completedCount` | [`Int!`](#int) | Number of completed tasks. | -| `count` | [`Int!`](#int) | Number of total tasks. | +#### Fields -### `TerraformState` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="runnersetupinstallinstructions"></a>`installInstructions` | [`String!`](#string) | Instructions for installing the runner on the specified architecture. | +| <a id="runnersetupregisterinstructions"></a>`registerInstructions` | [`String`](#string) | Instructions for registering the runner. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | Timestamp the Terraform state was created. | -| `id` | [`ID!`](#id) | ID of the Terraform state. | -| `latestVersion` | [`TerraformStateVersion`](#terraformstateversion) | The latest version of the Terraform state. | -| `lockedAt` | [`Time`](#time) | Timestamp the Terraform state was locked. | -| `lockedByUser` | [`User`](#user) | The user currently holding a lock on the Terraform state. | -| `name` | [`String!`](#string) | Name of the Terraform state. | -| `updatedAt` | [`Time!`](#time) | Timestamp the Terraform state was updated. | +### `SastCiConfiguration` -### `TerraformStateConnection` +Represents a CI configuration of SAST. -The connection type for TerraformState. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[TerraformStateEdge]`](#terraformstateedge) | A list of edges. | -| `nodes` | [`[TerraformState]`](#terraformstate) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationanalyzers"></a>`analyzers` | [`SastCiConfigurationAnalyzersEntityConnection`](#sastciconfigurationanalyzersentityconnection) | List of analyzers entities attached to SAST configuration. (see [Connections](#connections)) | +| <a id="sastciconfigurationglobal"></a>`global` | [`SastCiConfigurationEntityConnection`](#sastciconfigurationentityconnection) | List of global entities related to SAST configuration. (see [Connections](#connections)) | +| <a id="sastciconfigurationpipeline"></a>`pipeline` | [`SastCiConfigurationEntityConnection`](#sastciconfigurationentityconnection) | List of pipeline entities related to SAST configuration. (see [Connections](#connections)) | -### `TerraformStateDeletePayload` +### `SastCiConfigurationAnalyzersEntity` -Autogenerated return type of TerraformStateDelete. +Represents an analyzer entity in SAST CI configuration. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### Fields -### `TerraformStateEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationanalyzersentitydescription"></a>`description` | [`String`](#string) | Analyzer description that is displayed on the form. | +| <a id="sastciconfigurationanalyzersentityenabled"></a>`enabled` | [`Boolean`](#boolean) | Indicates whether an analyzer is enabled. | +| <a id="sastciconfigurationanalyzersentitylabel"></a>`label` | [`String`](#string) | Analyzer label used in the config UI. | +| <a id="sastciconfigurationanalyzersentityname"></a>`name` | [`String`](#string) | Name of the analyzer. | +| <a id="sastciconfigurationanalyzersentityvariables"></a>`variables` | [`SastCiConfigurationEntityConnection`](#sastciconfigurationentityconnection) | List of supported variables. (see [Connections](#connections)) | -An edge in a connection. +### `SastCiConfigurationEntity` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`TerraformState`](#terraformstate) | The item at the end of the edge. | +Represents an entity in SAST CI configuration. -### `TerraformStateLockPayload` +#### Fields -Autogenerated return type of TerraformStateLock. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationentitydefaultvalue"></a>`defaultValue` | [`String`](#string) | Default value that is used if value is empty. | +| <a id="sastciconfigurationentitydescription"></a>`description` | [`String`](#string) | Entity description that is displayed on the form. | +| <a id="sastciconfigurationentityfield"></a>`field` | [`String`](#string) | CI keyword of entity. | +| <a id="sastciconfigurationentitylabel"></a>`label` | [`String`](#string) | Label for entity used in the form. | +| <a id="sastciconfigurationentityoptions"></a>`options` | [`SastCiConfigurationOptionsEntityConnection`](#sastciconfigurationoptionsentityconnection) | Different possible values of the field. (see [Connections](#connections)) | +| <a id="sastciconfigurationentitysize"></a>`size` | [`SastUiComponentSize`](#sastuicomponentsize) | Size of the UI component. | +| <a id="sastciconfigurationentitytype"></a>`type` | [`String`](#string) | Type of the field value. | +| <a id="sastciconfigurationentityvalue"></a>`value` | [`String`](#string) | Current value of the entity. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +### `SastCiConfigurationOptionsEntity` -### `TerraformStateUnlockPayload` +Represents an entity for options in SAST CI configuration. -Autogenerated return type of TerraformStateUnlock. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationoptionsentitylabel"></a>`label` | [`String`](#string) | Label of option entity. | +| <a id="sastciconfigurationoptionsentityvalue"></a>`value` | [`String`](#string) | Value of option entity. | -### `TerraformStateVersion` +### `Scan` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | Timestamp the version was created. | -| `createdByUser` | [`User`](#user) | The user that created this version. | -| `downloadPath` | [`String`](#string) | URL for downloading the version's JSON file. | -| `id` | [`ID!`](#id) | ID of the Terraform state version. | -| `job` | [`CiJob`](#cijob) | The job that created this version. | -| `serial` | [`Int`](#int) | Serial number of the version. | -| `updatedAt` | [`Time!`](#time) | Timestamp the version was updated. | +Represents the security scan information. -### `TerraformStateVersionRegistry` +#### Fields -Represents the Geo sync and verification state of a terraform state version. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="scanerrors"></a>`errors` | [`[String!]!`](#string) | List of errors. | +| <a id="scanname"></a>`name` | [`String!`](#string) | Name of the scan. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time`](#time) | Timestamp when the TerraformStateVersionRegistry was created. | -| `id` | [`ID!`](#id) | ID of the TerraformStateVersionRegistry. | -| `lastSyncFailure` | [`String`](#string) | Error message during sync of the TerraformStateVersionRegistry. | -| `lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the TerraformStateVersionRegistry. | -| `retryAt` | [`Time`](#time) | Timestamp after which the TerraformStateVersionRegistry should be resynced. | -| `retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the TerraformStateVersionRegistry. | -| `state` | [`RegistryState`](#registrystate) | Sync state of the TerraformStateVersionRegistry. | -| `terraformStateVersionId` | [`ID!`](#id) | ID of the terraform state version. | +### `ScannedResource` -### `TerraformStateVersionRegistryConnection` +Represents a resource scanned by a security scan. -The connection type for TerraformStateVersionRegistry. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[TerraformStateVersionRegistryEdge]`](#terraformstateversionregistryedge) | A list of edges. | -| `nodes` | [`[TerraformStateVersionRegistry]`](#terraformstateversionregistry) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="scannedresourcerequestmethod"></a>`requestMethod` | [`String`](#string) | The HTTP request method used to access the URL. | +| <a id="scannedresourceurl"></a>`url` | [`String`](#string) | The URL scanned by the scanner. | -### `TerraformStateVersionRegistryEdge` +### `SecurityReportSummary` -An edge in a connection. +Represents summary of a security report. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`TerraformStateVersionRegistry`](#terraformstateversionregistry) | The item at the end of the edge. | +#### Fields -### `TestCase` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="securityreportsummaryapifuzzing"></a>`apiFuzzing` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `api_fuzzing` scan. | +| <a id="securityreportsummarycontainerscanning"></a>`containerScanning` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `container_scanning` scan. | +| <a id="securityreportsummarycoveragefuzzing"></a>`coverageFuzzing` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `coverage_fuzzing` scan. | +| <a id="securityreportsummarydast"></a>`dast` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `dast` scan. | +| <a id="securityreportsummarydependencyscanning"></a>`dependencyScanning` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `dependency_scanning` scan. | +| <a id="securityreportsummarysast"></a>`sast` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `sast` scan. | +| <a id="securityreportsummarysecretdetection"></a>`secretDetection` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `secret_detection` scan. | -Test case in pipeline test report. +### `SecurityReportSummarySection` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `attachmentUrl` | [`String`](#string) | URL of the test case attachment file. | -| `classname` | [`String`](#string) | Classname of the test case. | -| `executionTime` | [`Float`](#float) | Test case execution time in seconds. | -| `file` | [`String`](#string) | Path to the file of the test case. | -| `name` | [`String`](#string) | Name of the test case. | -| `recentFailures` | [`RecentFailures`](#recentfailures) | Recent failure history of the test case on the base branch. | -| `stackTrace` | [`String`](#string) | Stack trace of the test case. | -| `status` | [`TestCaseStatus`](#testcasestatus) | Status of the test case (error, failed, success, skipped). | -| `systemOutput` | [`String`](#string) | System output of the test case. | +Represents a section of a summary of a security report. -### `TestCaseConnection` +#### Fields -The connection type for TestCase. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="securityreportsummarysectionscannedresources"></a>`scannedResources` | [`ScannedResourceConnection`](#scannedresourceconnection) | A list of the first 20 scanned resources. (see [Connections](#connections)) | +| <a id="securityreportsummarysectionscannedresourcescount"></a>`scannedResourcesCount` | [`Int`](#int) | Total number of scanned resources. | +| <a id="securityreportsummarysectionscannedresourcescsvpath"></a>`scannedResourcesCsvPath` | [`String`](#string) | Path to download all the scanned resources in CSV format. | +| <a id="securityreportsummarysectionscans"></a>`scans` | [`ScanConnection!`](#scanconnection) | List of security scans ran for the type. (see [Connections](#connections)) | +| <a id="securityreportsummarysectionvulnerabilitiescount"></a>`vulnerabilitiesCount` | [`Int`](#int) | Total number of vulnerabilities. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[TestCaseEdge]`](#testcaseedge) | A list of edges. | -| `nodes` | [`[TestCase]`](#testcase) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +### `SecurityScanners` -### `TestCaseEdge` +Represents a list of security scanners. -An edge in a connection. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`TestCase`](#testcase) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="securityscannersavailable"></a>`available` | [`[SecurityScannerType!]`](#securityscannertype) | List of analyzers which are available for the project. | +| <a id="securityscannersenabled"></a>`enabled` | [`[SecurityScannerType!]`](#securityscannertype) | List of analyzers which are enabled for the project. | +| <a id="securityscannerspipelinerun"></a>`pipelineRun` | [`[SecurityScannerType!]`](#securityscannertype) | List of analyzers which ran successfully in the latest pipeline. | -### `TestReport` +### `SentryDetailedError` -Represents a requirement test report. +A Sentry error. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `author` | [`User`](#user) | Author of the test report. | -| `createdAt` | [`Time!`](#time) | Timestamp of when the test report was created. | -| `id` | [`ID!`](#id) | ID of the test report. | -| `state` | [`TestReportState!`](#testreportstate) | State of the test report. | +#### Fields -### `TestReportConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentrydetailederrorcount"></a>`count` | [`Int!`](#int) | Count of occurrences. | +| <a id="sentrydetailederrorculprit"></a>`culprit` | [`String!`](#string) | Culprit of the error. | +| <a id="sentrydetailederrorexternalbaseurl"></a>`externalBaseUrl` | [`String!`](#string) | External Base URL of the Sentry Instance. | +| <a id="sentrydetailederrorexternalurl"></a>`externalUrl` | [`String!`](#string) | External URL of the error. | +| <a id="sentrydetailederrorfirstreleaselastcommit"></a>`firstReleaseLastCommit` | [`String`](#string) | Commit the error was first seen. | +| <a id="sentrydetailederrorfirstreleaseshortversion"></a>`firstReleaseShortVersion` | [`String`](#string) | Release short version the error was first seen. | +| <a id="sentrydetailederrorfirstreleaseversion"></a>`firstReleaseVersion` | [`String`](#string) | Release version the error was first seen. | +| <a id="sentrydetailederrorfirstseen"></a>`firstSeen` | [`Time!`](#time) | Timestamp when the error was first seen. | +| <a id="sentrydetailederrorfrequency"></a>`frequency` | [`[SentryErrorFrequency!]!`](#sentryerrorfrequency) | Last 24hr stats of the error. | +| <a id="sentrydetailederrorgitlabcommit"></a>`gitlabCommit` | [`String`](#string) | GitLab commit SHA attributed to the Error based on the release version. | +| <a id="sentrydetailederrorgitlabcommitpath"></a>`gitlabCommitPath` | [`String`](#string) | Path to the GitLab page for the GitLab commit attributed to the error. | +| <a id="sentrydetailederrorgitlabissuepath"></a>`gitlabIssuePath` | [`String`](#string) | URL of GitLab Issue. | +| <a id="sentrydetailederrorid"></a>`id` | [`ID!`](#id) | ID (global ID) of the error. | +| <a id="sentrydetailederrorlastreleaselastcommit"></a>`lastReleaseLastCommit` | [`String`](#string) | Commit the error was last seen. | +| <a id="sentrydetailederrorlastreleaseshortversion"></a>`lastReleaseShortVersion` | [`String`](#string) | Release short version the error was last seen. | +| <a id="sentrydetailederrorlastreleaseversion"></a>`lastReleaseVersion` | [`String`](#string) | Release version the error was last seen. | +| <a id="sentrydetailederrorlastseen"></a>`lastSeen` | [`Time!`](#time) | Timestamp when the error was last seen. | +| <a id="sentrydetailederrormessage"></a>`message` | [`String`](#string) | Sentry metadata message of the error. | +| <a id="sentrydetailederrorsentryid"></a>`sentryId` | [`String!`](#string) | ID (Sentry ID) of the error. | +| <a id="sentrydetailederrorsentryprojectid"></a>`sentryProjectId` | [`ID!`](#id) | ID of the project (Sentry project). | +| <a id="sentrydetailederrorsentryprojectname"></a>`sentryProjectName` | [`String!`](#string) | Name of the project affected by the error. | +| <a id="sentrydetailederrorsentryprojectslug"></a>`sentryProjectSlug` | [`String!`](#string) | Slug of the project affected by the error. | +| <a id="sentrydetailederrorshortid"></a>`shortId` | [`String!`](#string) | Short ID (Sentry ID) of the error. | +| <a id="sentrydetailederrorstatus"></a>`status` | [`SentryErrorStatus!`](#sentryerrorstatus) | Status of the error. | +| <a id="sentrydetailederrortags"></a>`tags` | [`SentryErrorTags!`](#sentryerrortags) | Tags associated with the Sentry Error. | +| <a id="sentrydetailederrortitle"></a>`title` | [`String!`](#string) | Title of the error. | +| <a id="sentrydetailederrortype"></a>`type` | [`String!`](#string) | Type of the error. | +| <a id="sentrydetailederrorusercount"></a>`userCount` | [`Int!`](#int) | Count of users affected by the error. | -The connection type for TestReport. +### `SentryError` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[TestReportEdge]`](#testreportedge) | A list of edges. | -| `nodes` | [`[TestReport]`](#testreport) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +A Sentry error. A simplified version of SentryDetailedError. -### `TestReportEdge` +#### Fields -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrorcount"></a>`count` | [`Int!`](#int) | Count of occurrences. | +| <a id="sentryerrorculprit"></a>`culprit` | [`String!`](#string) | Culprit of the error. | +| <a id="sentryerrorexternalurl"></a>`externalUrl` | [`String!`](#string) | External URL of the error. | +| <a id="sentryerrorfirstseen"></a>`firstSeen` | [`Time!`](#time) | Timestamp when the error was first seen. | +| <a id="sentryerrorfrequency"></a>`frequency` | [`[SentryErrorFrequency!]!`](#sentryerrorfrequency) | Last 24hr stats of the error. | +| <a id="sentryerrorid"></a>`id` | [`ID!`](#id) | ID (global ID) of the error. | +| <a id="sentryerrorlastseen"></a>`lastSeen` | [`Time!`](#time) | Timestamp when the error was last seen. | +| <a id="sentryerrormessage"></a>`message` | [`String`](#string) | Sentry metadata message of the error. | +| <a id="sentryerrorsentryid"></a>`sentryId` | [`String!`](#string) | ID (Sentry ID) of the error. | +| <a id="sentryerrorsentryprojectid"></a>`sentryProjectId` | [`ID!`](#id) | ID of the project (Sentry project). | +| <a id="sentryerrorsentryprojectname"></a>`sentryProjectName` | [`String!`](#string) | Name of the project affected by the error. | +| <a id="sentryerrorsentryprojectslug"></a>`sentryProjectSlug` | [`String!`](#string) | Slug of the project affected by the error. | +| <a id="sentryerrorshortid"></a>`shortId` | [`String!`](#string) | Short ID (Sentry ID) of the error. | +| <a id="sentryerrorstatus"></a>`status` | [`SentryErrorStatus!`](#sentryerrorstatus) | Status of the error. | +| <a id="sentryerrortitle"></a>`title` | [`String!`](#string) | Title of the error. | +| <a id="sentryerrortype"></a>`type` | [`String!`](#string) | Type of the error. | +| <a id="sentryerrorusercount"></a>`userCount` | [`Int!`](#int) | Count of users affected by the error. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`TestReport`](#testreport) | The item at the end of the edge. | +### `SentryErrorCollection` -### `TestReportSummary` +An object containing a collection of Sentry errors, and a detailed error. -Test report for a pipeline. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `testSuites` | [`TestSuiteSummaryConnection!`](#testsuitesummaryconnection) | Test suites belonging to a pipeline test report. | -| `total` | [`TestReportTotal!`](#testreporttotal) | Total report statistics for a pipeline test report. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrorcollectionexternalurl"></a>`externalUrl` | [`String`](#string) | External URL for Sentry. | -### `TestReportTotal` +#### Fields with arguments -Total test report statistics. +##### `SentryErrorCollection.detailedError` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int`](#int) | Total number of the test cases. | -| `error` | [`Int`](#int) | Total number of test cases that had an error. | -| `failed` | [`Int`](#int) | Total number of test cases that failed. | -| `skipped` | [`Int`](#int) | Total number of test cases that were skipped. | -| `success` | [`Int`](#int) | Total number of test cases that succeeded. | -| `suiteError` | [`String`](#string) | Test suite error message. | -| `time` | [`Float`](#float) | Total duration of the tests. | +Detailed version of a Sentry error on the project. -### `TestSuite` +Returns [`SentryDetailedError`](#sentrydetailederror). -Test suite in a pipeline test report. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `errorCount` | [`Int`](#int) | Total number of test cases that had an error. | -| `failedCount` | [`Int`](#int) | Total number of test cases that failed in the test suite. | -| `name` | [`String`](#string) | Name of the test suite. | -| `skippedCount` | [`Int`](#int) | Total number of test cases that were skipped in the test suite. | -| `successCount` | [`Int`](#int) | Total number of test cases that succeeded in the test suite. | -| `suiteError` | [`String`](#string) | Test suite error message. | -| `testCases` | [`TestCaseConnection`](#testcaseconnection) | Test cases in the test suite. | -| `totalCount` | [`Int`](#int) | Total number of the test cases in the test suite. | -| `totalTime` | [`Float`](#float) | Total duration of the tests in the test suite. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrorcollectiondetailederrorid"></a>`id` | [`GitlabErrorTrackingDetailedErrorID!`](#gitlaberrortrackingdetailederrorid) | ID of the Sentry issue. | -### `TestSuiteSummary` +##### `SentryErrorCollection.errorStackTrace` -Test suite summary in a pipeline test report. +Stack Trace of Sentry Error. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `buildIds` | [`[ID!]`](#id) | IDs of the builds used to run the test suite. | -| `errorCount` | [`Int`](#int) | Total number of test cases that had an error. | -| `failedCount` | [`Int`](#int) | Total number of test cases that failed in the test suite. | -| `name` | [`String`](#string) | Name of the test suite. | -| `skippedCount` | [`Int`](#int) | Total number of test cases that were skipped in the test suite. | -| `successCount` | [`Int`](#int) | Total number of test cases that succeeded in the test suite. | -| `suiteError` | [`String`](#string) | Test suite error message. | -| `totalCount` | [`Int`](#int) | Total number of the test cases in the test suite. | -| `totalTime` | [`Float`](#float) | Total duration of the tests in the test suite. | +Returns [`SentryErrorStackTrace`](#sentryerrorstacktrace). -### `TestSuiteSummaryConnection` +###### Arguments -The connection type for TestSuiteSummary. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrorcollectionerrorstacktraceid"></a>`id` | [`GitlabErrorTrackingDetailedErrorID!`](#gitlaberrortrackingdetailederrorid) | ID of the Sentry issue. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Total count of collection. | -| `edges` | [`[TestSuiteSummaryEdge]`](#testsuitesummaryedge) | A list of edges. | -| `nodes` | [`[TestSuiteSummary]`](#testsuitesummary) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +##### `SentryErrorCollection.errors` -### `TestSuiteSummaryEdge` +Collection of Sentry Errors. -An edge in a connection. +Returns [`SentryErrorConnection`](#sentryerrorconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`TestSuiteSummary`](#testsuitesummary) | The item at the end of the edge. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `TimeReportStats` +###### Arguments -Represents the time report stats for timeboxes. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrorcollectionerrorssearchterm"></a>`searchTerm` | [`String`](#string) | Search query for the Sentry error details. | +| <a id="sentryerrorcollectionerrorssort"></a>`sort` | [`String`](#string) | Attribute to sort on. Options are frequency, first_seen, last_seen. last_seen is default. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `complete` | [`TimeboxMetrics`](#timeboxmetrics) | Completed issues metrics. | -| `incomplete` | [`TimeboxMetrics`](#timeboxmetrics) | Incomplete issues metrics. | -| `total` | [`TimeboxMetrics`](#timeboxmetrics) | Total issues metrics. | +### `SentryErrorFrequency` -### `TimeboxMetrics` +#### Fields -Represents measured stats metrics for timeboxes. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrorfrequencycount"></a>`count` | [`Int!`](#int) | Count of errors received since the previously recorded time. | +| <a id="sentryerrorfrequencytime"></a>`time` | [`Time!`](#time) | Time the error frequency stats were recorded. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | The count metric. | -| `weight` | [`Int!`](#int) | The weight metric. | +### `SentryErrorStackTrace` -### `TimeboxReport` +An object containing a stack trace entry for a Sentry error. -Represents a historically accurate report about the timebox. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `burnupTimeSeries` | [`[BurnupChartDailyTotals!]`](#burnupchartdailytotals) | Daily scope and completed totals for burnup charts. | -| `stats` | [`TimeReportStats`](#timereportstats) | Represents the time report stats for the timebox. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrorstacktracedatereceived"></a>`dateReceived` | [`String!`](#string) | Time the stack trace was received by Sentry. | +| <a id="sentryerrorstacktraceissueid"></a>`issueId` | [`String!`](#string) | ID of the Sentry error. | +| <a id="sentryerrorstacktracestacktraceentries"></a>`stackTraceEntries` | [`[SentryErrorStackTraceEntry!]!`](#sentryerrorstacktraceentry) | Stack trace entries for the Sentry error. | -### `Timelog` +### `SentryErrorStackTraceContext` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `issue` | [`Issue`](#issue) | The issue that logged time was added to. | -| `note` | [`Note`](#note) | The note where the quick action to add the logged time was executed. | -| `spentAt` | [`Time`](#time) | Timestamp of when the time tracked was spent at. | -| `timeSpent` | [`Int!`](#int) | The time spent displayed in seconds. | -| `user` | [`User!`](#user) | The user that logged the time. | +An object context for a Sentry error stack trace. -### `TimelogConnection` +#### Fields -The connection type for Timelog. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrorstacktracecontextcode"></a>`code` | [`String!`](#string) | Code number of the context. | +| <a id="sentryerrorstacktracecontextline"></a>`line` | [`Int!`](#int) | Line number of the context. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[TimelogEdge]`](#timelogedge) | A list of edges. | -| `nodes` | [`[Timelog]`](#timelog) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +### `SentryErrorStackTraceEntry` -### `TimelogEdge` +An object containing a stack trace entry for a Sentry error. -An edge in a connection. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Timelog`](#timelog) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrorstacktraceentrycol"></a>`col` | [`String`](#string) | Function in which the Sentry error occurred. | +| <a id="sentryerrorstacktraceentryfilename"></a>`fileName` | [`String`](#string) | File in which the Sentry error occurred. | +| <a id="sentryerrorstacktraceentryfunction"></a>`function` | [`String`](#string) | Function in which the Sentry error occurred. | +| <a id="sentryerrorstacktraceentryline"></a>`line` | [`String`](#string) | Function in which the Sentry error occurred. | +| <a id="sentryerrorstacktraceentrytracecontext"></a>`traceContext` | [`[SentryErrorStackTraceContext!]`](#sentryerrorstacktracecontext) | Context of the Sentry error. | -### `Todo` +### `SentryErrorTags` -Representing a to-do entry. +State of a Sentry error. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `action` | [`TodoActionEnum!`](#todoactionenum) | Action of the to-do item. | -| `author` | [`User!`](#user) | The author of this to-do item. | -| `body` | [`String!`](#string) | Body of the to-do item. | -| `createdAt` | [`Time!`](#time) | Timestamp this to-do item was created. | -| `group` | [`Group`](#group) | Group this to-do item is associated with. | -| `id` | [`ID!`](#id) | ID of the to-do item. | -| `project` | [`Project`](#project) | The project this to-do item is associated with. | -| `state` | [`TodoStateEnum!`](#todostateenum) | State of the to-do item. | -| `targetType` | [`TodoTargetEnum!`](#todotargetenum) | Target type of the to-do item. | +#### Fields -### `TodoConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sentryerrortagslevel"></a>`level` | [`String`](#string) | Severity level of the Sentry Error. | +| <a id="sentryerrortagslogger"></a>`logger` | [`String`](#string) | Logger of the Sentry Error. | -The connection type for Todo. +### `Snippet` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[TodoEdge]`](#todoedge) | A list of edges. | -| `nodes` | [`[Todo]`](#todo) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +Represents a snippet entry. -### `TodoCreatePayload` +#### Fields -Autogenerated return type of TodoCreate. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetauthor"></a>`author` | [`UserCore`](#usercore) | The owner of the snippet. | +| <a id="snippetblob"></a>`blob` **{warning-solid}** | [`SnippetBlob!`](#snippetblob) | **Deprecated** in 13.3. Use `blobs`. | +| <a id="snippetcreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp this snippet was created. | +| <a id="snippetdescription"></a>`description` | [`String`](#string) | Description of the snippet. | +| <a id="snippetdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="snippetdiscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="snippetfilename"></a>`fileName` | [`String`](#string) | File Name of the snippet. | +| <a id="snippethttpurltorepo"></a>`httpUrlToRepo` | [`String`](#string) | HTTP URL to the snippet repository. | +| <a id="snippetid"></a>`id` | [`SnippetID!`](#snippetid) | ID of the snippet. | +| <a id="snippetnotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | +| <a id="snippetproject"></a>`project` | [`Project`](#project) | The project the snippet is associated with. | +| <a id="snippetrawurl"></a>`rawUrl` | [`String!`](#string) | Raw URL of the snippet. | +| <a id="snippetsshurltorepo"></a>`sshUrlToRepo` | [`String`](#string) | SSH URL to the snippet repository. | +| <a id="snippettitle"></a>`title` | [`String!`](#string) | Title of the snippet. | +| <a id="snippetupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp this snippet was updated. | +| <a id="snippetuserpermissions"></a>`userPermissions` | [`SnippetPermissions!`](#snippetpermissions) | Permissions for the current user on the resource. | +| <a id="snippetvisibilitylevel"></a>`visibilityLevel` | [`VisibilityLevelsEnum!`](#visibilitylevelsenum) | Visibility Level of the snippet. | +| <a id="snippetweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the snippet. | + +#### Fields with arguments + +##### `Snippet.blobs` + +Snippet blobs. + +Returns [`SnippetBlobConnection`](#snippetblobconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `todo` | [`Todo`](#todo) | The to-do item created. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetblobspaths"></a>`paths` | [`[String!]`](#string) | Paths of the blobs. | -### `TodoEdge` +### `SnippetBlob` -An edge in a connection. +Represents the snippet blob. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Todo`](#todo) | The item at the end of the edge. | +#### Fields -### `TodoMarkDonePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetblobbinary"></a>`binary` | [`Boolean!`](#boolean) | Shows whether the blob is binary. | +| <a id="snippetblobexternalstorage"></a>`externalStorage` | [`String`](#string) | Blob external storage. | +| <a id="snippetblobmode"></a>`mode` | [`String`](#string) | Blob mode. | +| <a id="snippetblobname"></a>`name` | [`String`](#string) | Blob name. | +| <a id="snippetblobpath"></a>`path` | [`String`](#string) | Blob path. | +| <a id="snippetblobplaindata"></a>`plainData` | [`String`](#string) | Blob plain highlighted data. | +| <a id="snippetblobrawpath"></a>`rawPath` | [`String!`](#string) | Blob raw content endpoint path. | +| <a id="snippetblobrenderedastext"></a>`renderedAsText` | [`Boolean!`](#boolean) | Shows whether the blob is rendered as text. | +| <a id="snippetblobrichdata"></a>`richData` | [`String`](#string) | Blob highlighted data. | +| <a id="snippetblobrichviewer"></a>`richViewer` | [`SnippetBlobViewer`](#snippetblobviewer) | Blob content rich viewer. | +| <a id="snippetblobsimpleviewer"></a>`simpleViewer` | [`SnippetBlobViewer!`](#snippetblobviewer) | Blob content simple viewer. | +| <a id="snippetblobsize"></a>`size` | [`Int!`](#int) | Blob size. | -Autogenerated return type of TodoMarkDone. +### `SnippetBlobViewer` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `todo` | [`Todo!`](#todo) | The requested to-do item. | +Represents how the blob content should be displayed. -### `TodoRestoreManyPayload` +#### Fields -Autogenerated return type of TodoRestoreMany. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetblobviewercollapsed"></a>`collapsed` | [`Boolean!`](#boolean) | Shows whether the blob should be displayed collapsed. | +| <a id="snippetblobviewerfiletype"></a>`fileType` | [`String!`](#string) | Content file type. | +| <a id="snippetblobviewerloadasync"></a>`loadAsync` | [`Boolean!`](#boolean) | Shows whether the blob content is loaded asynchronously. | +| <a id="snippetblobviewerloadingpartialname"></a>`loadingPartialName` | [`String!`](#string) | Loading partial name. | +| <a id="snippetblobviewerrendererror"></a>`renderError` | [`String`](#string) | Error rendering the blob content. | +| <a id="snippetblobviewertoolarge"></a>`tooLarge` | [`Boolean!`](#boolean) | Shows whether the blob is too large to be displayed. | +| <a id="snippetblobviewertype"></a>`type` | [`BlobViewersType!`](#blobviewerstype) | Type of blob viewer. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `todos` | [`[Todo!]!`](#todo) | Updated to-do items. | -| `updatedIds` **{warning-solid}** | [`[TodoID!]!`](#todoid) | **Deprecated** in 13.2. Use to-do items. | +### `SnippetPermissions` -### `TodoRestorePayload` +#### Fields -Autogenerated return type of TodoRestore. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetpermissionsadminsnippet"></a>`adminSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_snippet` on this resource. | +| <a id="snippetpermissionsawardemoji"></a>`awardEmoji` | [`Boolean!`](#boolean) | Indicates the user can perform `award_emoji` on this resource. | +| <a id="snippetpermissionscreatenote"></a>`createNote` | [`Boolean!`](#boolean) | Indicates the user can perform `create_note` on this resource. | +| <a id="snippetpermissionsreadsnippet"></a>`readSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `read_snippet` on this resource. | +| <a id="snippetpermissionsreportsnippet"></a>`reportSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `report_snippet` on this resource. | +| <a id="snippetpermissionsupdatesnippet"></a>`updateSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `update_snippet` on this resource. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `todo` | [`Todo!`](#todo) | The requested to-do item. | +### `SnippetRepositoryRegistry` -### `TodosMarkAllDonePayload` +Represents the Geo sync and verification state of a snippet repository. -Autogenerated return type of TodosMarkAllDone. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `todos` | [`[Todo!]!`](#todo) | Updated to-do items. | -| `updatedIds` **{warning-solid}** | [`[TodoID!]!`](#todoid) | **Deprecated** in 13.2. Use to-do items. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetrepositoryregistrycreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp when the SnippetRepositoryRegistry was created. | +| <a id="snippetrepositoryregistryid"></a>`id` | [`ID!`](#id) | ID of the SnippetRepositoryRegistry. | +| <a id="snippetrepositoryregistrylastsyncfailure"></a>`lastSyncFailure` | [`String`](#string) | Error message during sync of the SnippetRepositoryRegistry. | +| <a id="snippetrepositoryregistrylastsyncedat"></a>`lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the SnippetRepositoryRegistry. | +| <a id="snippetrepositoryregistryretryat"></a>`retryAt` | [`Time`](#time) | Timestamp after which the SnippetRepositoryRegistry should be resynced. | +| <a id="snippetrepositoryregistryretrycount"></a>`retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the SnippetRepositoryRegistry. | +| <a id="snippetrepositoryregistrysnippetrepositoryid"></a>`snippetRepositoryId` | [`ID!`](#id) | ID of the Snippet Repository. | +| <a id="snippetrepositoryregistrystate"></a>`state` | [`RegistryState`](#registrystate) | Sync state of the SnippetRepositoryRegistry. | -### `ToggleAwardEmojiPayload` +### `StatusAction` -Autogenerated return type of ToggleAwardEmoji. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `awardEmoji` | [`AwardEmoji`](#awardemoji) | The award emoji after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `toggledOn` | [`Boolean!`](#boolean) | Indicates the status of the emoji. True if the toggle awarded the emoji, and false if the toggle removed the emoji. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="statusactionbuttontitle"></a>`buttonTitle` | [`String`](#string) | Title for the button, for example: Retry this job. | +| <a id="statusactionicon"></a>`icon` | [`String`](#string) | Icon used in the action button. | +| <a id="statusactionmethod"></a>`method` | [`String`](#string) | Method for the action, for example: :post. | +| <a id="statusactionpath"></a>`path` | [`String`](#string) | Path for the action. | +| <a id="statusactiontitle"></a>`title` | [`String`](#string) | Title for the action, for example: Retry. | -### `Tree` +### `Submodule` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `blobs` | [`BlobConnection!`](#blobconnection) | Blobs of the tree. | -| `lastCommit` | [`Commit`](#commit) | Last commit for the tree. | -| `submodules` | [`SubmoduleConnection!`](#submoduleconnection) | Sub-modules of the tree. | -| `trees` | [`TreeEntryConnection!`](#treeentryconnection) | Trees of the tree. | +#### Fields -### `TreeEntry` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="submoduleflatpath"></a>`flatPath` | [`String!`](#string) | Flat path of the entry. | +| <a id="submoduleid"></a>`id` | [`ID!`](#id) | ID of the entry. | +| <a id="submodulename"></a>`name` | [`String!`](#string) | Name of the entry. | +| <a id="submodulepath"></a>`path` | [`String!`](#string) | Path of the entry. | +| <a id="submodulesha"></a>`sha` | [`String!`](#string) | Last commit SHA for the entry. | +| <a id="submoduletreeurl"></a>`treeUrl` | [`String`](#string) | Tree URL for the sub-module. | +| <a id="submoduletype"></a>`type` | [`EntryType!`](#entrytype) | Type of tree entry. | +| <a id="submoduleweburl"></a>`webUrl` | [`String`](#string) | Web URL for the sub-module. | -Represents a directory. +### `TaskCompletionStatus` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `flatPath` | [`String!`](#string) | Flat path of the entry. | -| `id` | [`ID!`](#id) | ID of the entry. | -| `name` | [`String!`](#string) | Name of the entry. | -| `path` | [`String!`](#string) | Path of the entry. | -| `sha` | [`String!`](#string) | Last commit SHA for the entry. | -| `type` | [`EntryType!`](#entrytype) | Type of tree entry. | -| `webPath` | [`String`](#string) | Web path for the tree entry (directory). | -| `webUrl` | [`String`](#string) | Web URL for the tree entry (directory). | +Completion status of tasks. -### `TreeEntryConnection` +#### Fields -The connection type for TreeEntry. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="taskcompletionstatuscompletedcount"></a>`completedCount` | [`Int!`](#int) | Number of completed tasks. | +| <a id="taskcompletionstatuscount"></a>`count` | [`Int!`](#int) | Number of total tasks. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[TreeEntryEdge]`](#treeentryedge) | A list of edges. | -| `nodes` | [`[TreeEntry]`](#treeentry) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +### `TerraformState` -### `TreeEntryEdge` +#### Fields -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="terraformstatecreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp the Terraform state was created. | +| <a id="terraformstateid"></a>`id` | [`ID!`](#id) | ID of the Terraform state. | +| <a id="terraformstatelatestversion"></a>`latestVersion` | [`TerraformStateVersion`](#terraformstateversion) | The latest version of the Terraform state. | +| <a id="terraformstatelockedat"></a>`lockedAt` | [`Time`](#time) | Timestamp the Terraform state was locked. | +| <a id="terraformstatelockedbyuser"></a>`lockedByUser` | [`UserCore`](#usercore) | The user currently holding a lock on the Terraform state. | +| <a id="terraformstatename"></a>`name` | [`String!`](#string) | Name of the Terraform state. | +| <a id="terraformstateupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp the Terraform state was updated. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`TreeEntry`](#treeentry) | The item at the end of the edge. | +### `TerraformStateVersion` -### `UpdateAlertStatusPayload` +#### Fields -Autogenerated return type of UpdateAlertStatus. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="terraformstateversioncreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp the version was created. | +| <a id="terraformstateversioncreatedbyuser"></a>`createdByUser` | [`UserCore`](#usercore) | The user that created this version. | +| <a id="terraformstateversiondownloadpath"></a>`downloadPath` | [`String`](#string) | URL for downloading the version's JSON file. | +| <a id="terraformstateversionid"></a>`id` | [`ID!`](#id) | ID of the Terraform state version. | +| <a id="terraformstateversionjob"></a>`job` | [`CiJob`](#cijob) | The job that created this version. | +| <a id="terraformstateversionserial"></a>`serial` | [`Int`](#int) | Serial number of the version. | +| <a id="terraformstateversionupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp the version was updated. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `alert` | [`AlertManagementAlert`](#alertmanagementalert) | The alert after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue created after mutation. | -| `todo` | [`Todo`](#todo) | The to-do item after mutation. | +### `TerraformStateVersionRegistry` -### `UpdateBoardEpicUserPreferencesPayload` +Represents the Geo sync and verification state of a terraform state version. -Autogenerated return type of UpdateBoardEpicUserPreferences. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `epicUserPreferences` | [`BoardEpicUserPreferences`](#boardepicuserpreferences) | User preferences for the epic in the board after mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="terraformstateversionregistrycreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp when the TerraformStateVersionRegistry was created. | +| <a id="terraformstateversionregistryid"></a>`id` | [`ID!`](#id) | ID of the TerraformStateVersionRegistry. | +| <a id="terraformstateversionregistrylastsyncfailure"></a>`lastSyncFailure` | [`String`](#string) | Error message during sync of the TerraformStateVersionRegistry. | +| <a id="terraformstateversionregistrylastsyncedat"></a>`lastSyncedAt` | [`Time`](#time) | Timestamp of the most recent successful sync of the TerraformStateVersionRegistry. | +| <a id="terraformstateversionregistryretryat"></a>`retryAt` | [`Time`](#time) | Timestamp after which the TerraformStateVersionRegistry should be resynced. | +| <a id="terraformstateversionregistryretrycount"></a>`retryCount` | [`Int`](#int) | Number of consecutive failed sync attempts of the TerraformStateVersionRegistry. | +| <a id="terraformstateversionregistrystate"></a>`state` | [`RegistryState`](#registrystate) | Sync state of the TerraformStateVersionRegistry. | +| <a id="terraformstateversionregistryterraformstateversionid"></a>`terraformStateVersionId` | [`ID!`](#id) | ID of the terraform state version. | -### `UpdateBoardListPayload` +### `TestCase` -Autogenerated return type of UpdateBoardList. +Test case in pipeline test report. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `list` | [`BoardList`](#boardlist) | Mutated list. | +#### Fields -### `UpdateBoardPayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testcaseattachmenturl"></a>`attachmentUrl` | [`String`](#string) | URL of the test case attachment file. | +| <a id="testcaseclassname"></a>`classname` | [`String`](#string) | Classname of the test case. | +| <a id="testcaseexecutiontime"></a>`executionTime` | [`Float`](#float) | Test case execution time in seconds. | +| <a id="testcasefile"></a>`file` | [`String`](#string) | Path to the file of the test case. | +| <a id="testcasename"></a>`name` | [`String`](#string) | Name of the test case. | +| <a id="testcaserecentfailures"></a>`recentFailures` | [`RecentFailures`](#recentfailures) | Recent failure history of the test case on the base branch. | +| <a id="testcasestacktrace"></a>`stackTrace` | [`String`](#string) | Stack trace of the test case. | +| <a id="testcasestatus"></a>`status` | [`TestCaseStatus`](#testcasestatus) | Status of the test case (error, failed, success, skipped). | +| <a id="testcasesystemoutput"></a>`systemOutput` | [`String`](#string) | System output of the test case. | -Autogenerated return type of UpdateBoard. +### `TestReport` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `board` | [`Board`](#board) | The board after mutation. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +Represents a requirement test report. -### `UpdateComplianceFrameworkPayload` +#### Fields -Autogenerated return type of UpdateComplianceFramework. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testreportauthor"></a>`author` | [`UserCore`](#usercore) | Author of the test report. | +| <a id="testreportcreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of when the test report was created. | +| <a id="testreportid"></a>`id` | [`ID!`](#id) | ID of the test report. | +| <a id="testreportstate"></a>`state` | [`TestReportState!`](#testreportstate) | State of the test report. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `complianceFramework` | [`ComplianceFramework`](#complianceframework) | The compliance framework after mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +### `TestReportSummary` -### `UpdateContainerExpirationPolicyPayload` +Test report for a pipeline. -Autogenerated return type of UpdateContainerExpirationPolicy. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `containerExpirationPolicy` | [`ContainerExpirationPolicy`](#containerexpirationpolicy) | The container expiration policy after mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testreportsummarytestsuites"></a>`testSuites` | [`TestSuiteSummaryConnection!`](#testsuitesummaryconnection) | Test suites belonging to a pipeline test report. (see [Connections](#connections)) | +| <a id="testreportsummarytotal"></a>`total` | [`TestReportTotal!`](#testreporttotal) | Total report statistics for a pipeline test report. | -### `UpdateEpicPayload` +### `TestReportTotal` -Autogenerated return type of UpdateEpic. +Total test report statistics. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `epic` | [`Epic`](#epic) | The epic after mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +#### Fields -### `UpdateImageDiffNotePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testreporttotalcount"></a>`count` | [`Int`](#int) | Total number of the test cases. | +| <a id="testreporttotalerror"></a>`error` | [`Int`](#int) | Total number of test cases that had an error. | +| <a id="testreporttotalfailed"></a>`failed` | [`Int`](#int) | Total number of test cases that failed. | +| <a id="testreporttotalskipped"></a>`skipped` | [`Int`](#int) | Total number of test cases that were skipped. | +| <a id="testreporttotalsuccess"></a>`success` | [`Int`](#int) | Total number of test cases that succeeded. | +| <a id="testreporttotalsuiteerror"></a>`suiteError` | [`String`](#string) | Test suite error message. | +| <a id="testreporttotaltime"></a>`time` | [`Float`](#float) | Total duration of the tests. | -Autogenerated return type of UpdateImageDiffNote. +### `TestSuite` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `note` | [`Note`](#note) | The note after mutation. | +Test suite in a pipeline test report. -### `UpdateIssuePayload` +#### Fields -Autogenerated return type of UpdateIssue. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testsuiteerrorcount"></a>`errorCount` | [`Int`](#int) | Total number of test cases that had an error. | +| <a id="testsuitefailedcount"></a>`failedCount` | [`Int`](#int) | Total number of test cases that failed in the test suite. | +| <a id="testsuitename"></a>`name` | [`String`](#string) | Name of the test suite. | +| <a id="testsuiteskippedcount"></a>`skippedCount` | [`Int`](#int) | Total number of test cases that were skipped in the test suite. | +| <a id="testsuitesuccesscount"></a>`successCount` | [`Int`](#int) | Total number of test cases that succeeded in the test suite. | +| <a id="testsuitesuiteerror"></a>`suiteError` | [`String`](#string) | Test suite error message. | +| <a id="testsuitetestcases"></a>`testCases` | [`TestCaseConnection`](#testcaseconnection) | Test cases in the test suite. (see [Connections](#connections)) | +| <a id="testsuitetotalcount"></a>`totalCount` | [`Int`](#int) | Total number of the test cases in the test suite. | +| <a id="testsuitetotaltime"></a>`totalTime` | [`Float`](#float) | Total duration of the tests in the test suite. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `issue` | [`Issue`](#issue) | The issue after mutation. | +### `TestSuiteSummary` -### `UpdateIterationPayload` +Test suite summary in a pipeline test report. -Autogenerated return type of UpdateIteration. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `iteration` | [`Iteration`](#iteration) | Updated iteration. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="testsuitesummarybuildids"></a>`buildIds` | [`[ID!]`](#id) | IDs of the builds used to run the test suite. | +| <a id="testsuitesummaryerrorcount"></a>`errorCount` | [`Int`](#int) | Total number of test cases that had an error. | +| <a id="testsuitesummaryfailedcount"></a>`failedCount` | [`Int`](#int) | Total number of test cases that failed in the test suite. | +| <a id="testsuitesummaryname"></a>`name` | [`String`](#string) | Name of the test suite. | +| <a id="testsuitesummaryskippedcount"></a>`skippedCount` | [`Int`](#int) | Total number of test cases that were skipped in the test suite. | +| <a id="testsuitesummarysuccesscount"></a>`successCount` | [`Int`](#int) | Total number of test cases that succeeded in the test suite. | +| <a id="testsuitesummarysuiteerror"></a>`suiteError` | [`String`](#string) | Test suite error message. | +| <a id="testsuitesummarytotalcount"></a>`totalCount` | [`Int`](#int) | Total number of the test cases in the test suite. | +| <a id="testsuitesummarytotaltime"></a>`totalTime` | [`Float`](#float) | Total duration of the tests in the test suite. | + +### `TimeReportStats` + +Represents the time report stats for timeboxes. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="timereportstatscomplete"></a>`complete` | [`TimeboxMetrics`](#timeboxmetrics) | Completed issues metrics. | +| <a id="timereportstatsincomplete"></a>`incomplete` | [`TimeboxMetrics`](#timeboxmetrics) | Incomplete issues metrics. | +| <a id="timereportstatstotal"></a>`total` | [`TimeboxMetrics`](#timeboxmetrics) | Total issues metrics. | + +### `TimeboxMetrics` + +Represents measured stats metrics for timeboxes. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="timeboxmetricscount"></a>`count` | [`Int!`](#int) | The count metric. | +| <a id="timeboxmetricsweight"></a>`weight` | [`Int!`](#int) | The weight metric. | + +### `TimeboxReport` -### `UpdateNamespacePackageSettingsPayload` +Represents a historically accurate report about the timebox. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="timeboxreportburnuptimeseries"></a>`burnupTimeSeries` | [`[BurnupChartDailyTotals!]`](#burnupchartdailytotals) | Daily scope and completed totals for burnup charts. | +| <a id="timeboxreportstats"></a>`stats` | [`TimeReportStats`](#timereportstats) | Represents the time report stats for the timebox. | -Autogenerated return type of UpdateNamespacePackageSettings. +### `Timelog` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="timelogissue"></a>`issue` | [`Issue`](#issue) | The issue that logged time was added to. | +| <a id="timelogmergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | The merge request that logged time was added to. | +| <a id="timelognote"></a>`note` | [`Note`](#note) | The note where the quick action to add the logged time was executed. | +| <a id="timelogspentat"></a>`spentAt` | [`Time`](#time) | Timestamp of when the time tracked was spent at. | +| <a id="timelogtimespent"></a>`timeSpent` | [`Int!`](#int) | The time spent displayed in seconds. | +| <a id="timeloguser"></a>`user` | [`UserCore!`](#usercore) | The user that logged the time. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `packageSettings` | [`PackageSettings`](#packagesettings) | The namespace package setting after mutation. | +### `Todo` -### `UpdateNotePayload` +Representing a to-do entry. -Autogenerated return type of UpdateNote. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `note` | [`Note`](#note) | The note after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="todoaction"></a>`action` | [`TodoActionEnum!`](#todoactionenum) | Action of the to-do item. | +| <a id="todoauthor"></a>`author` | [`UserCore!`](#usercore) | The author of this to-do item. | +| <a id="todobody"></a>`body` | [`String!`](#string) | Body of the to-do item. | +| <a id="todocreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp this to-do item was created. | +| <a id="todogroup"></a>`group` | [`Group`](#group) | Group this to-do item is associated with. | +| <a id="todoid"></a>`id` | [`ID!`](#id) | ID of the to-do item. | +| <a id="todoproject"></a>`project` | [`Project`](#project) | The project this to-do item is associated with. | +| <a id="todostate"></a>`state` | [`TodoStateEnum!`](#todostateenum) | State of the to-do item. | +| <a id="todotargettype"></a>`targetType` | [`TodoTargetEnum!`](#todotargetenum) | Target type of the to-do item. | -### `UpdateRequirementPayload` +### `Tree` -Autogenerated return type of UpdateRequirement. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `requirement` | [`Requirement`](#requirement) | Requirement after mutation. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="treeblobs"></a>`blobs` | [`BlobConnection!`](#blobconnection) | Blobs of the tree. (see [Connections](#connections)) | +| <a id="treelastcommit"></a>`lastCommit` | [`Commit`](#commit) | Last commit for the tree. | +| <a id="treesubmodules"></a>`submodules` | [`SubmoduleConnection!`](#submoduleconnection) | Sub-modules of the tree. (see [Connections](#connections)) | +| <a id="treetrees"></a>`trees` | [`TreeEntryConnection!`](#treeentryconnection) | Trees of the tree. (see [Connections](#connections)) | -### `UpdateSnippetPayload` +### `TreeEntry` -Autogenerated return type of UpdateSnippet. +Represents a directory. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `captchaSiteKey` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.11. Use spam protection with HTTP headers instead. | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `needsCaptchaResponse` **{warning-solid}** | [`Boolean`](#boolean) | **Deprecated** in 13.11. Use spam protection with HTTP headers instead. | -| `snippet` | [`Snippet`](#snippet) | The snippet after mutation. | -| `spam` **{warning-solid}** | [`Boolean`](#boolean) | **Deprecated** in 13.11. Use spam protection with HTTP headers instead. | -| `spamLogId` **{warning-solid}** | [`Int`](#int) | **Deprecated** in 13.11. Use spam protection with HTTP headers instead. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="treeentryflatpath"></a>`flatPath` | [`String!`](#string) | Flat path of the entry. | +| <a id="treeentryid"></a>`id` | [`ID!`](#id) | ID of the entry. | +| <a id="treeentryname"></a>`name` | [`String!`](#string) | Name of the entry. | +| <a id="treeentrypath"></a>`path` | [`String!`](#string) | Path of the entry. | +| <a id="treeentrysha"></a>`sha` | [`String!`](#string) | Last commit SHA for the entry. | +| <a id="treeentrytype"></a>`type` | [`EntryType!`](#entrytype) | Type of tree entry. | +| <a id="treeentrywebpath"></a>`webPath` | [`String`](#string) | Web path for the tree entry (directory). | +| <a id="treeentryweburl"></a>`webUrl` | [`String`](#string) | Web URL for the tree entry (directory). | ### `UsageTrendsMeasurement` Represents a recorded measurement (object count) for the Admins. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Object count. | -| `identifier` | [`MeasurementIdentifier!`](#measurementidentifier) | The type of objects being measured. | -| `recordedAt` | [`Time`](#time) | The time the measurement was recorded. | +#### Fields -### `UsageTrendsMeasurementConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usagetrendsmeasurementcount"></a>`count` | [`Int!`](#int) | Object count. | +| <a id="usagetrendsmeasurementidentifier"></a>`identifier` | [`MeasurementIdentifier!`](#measurementidentifier) | The type of objects being measured. | +| <a id="usagetrendsmeasurementrecordedat"></a>`recordedAt` | [`Time`](#time) | The time the measurement was recorded. | -The connection type for UsageTrendsMeasurement. +### `UserCallout` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[UsageTrendsMeasurementEdge]`](#usagetrendsmeasurementedge) | A list of edges. | -| `nodes` | [`[UsageTrendsMeasurement]`](#usagetrendsmeasurement) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### Fields -### `UsageTrendsMeasurementEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercalloutdismissedat"></a>`dismissedAt` | [`Time`](#time) | Date when the callout was dismissed. | +| <a id="usercalloutfeaturename"></a>`featureName` | [`UserCalloutFeatureNameEnum!`](#usercalloutfeaturenameenum) | Name of the feature that the callout is for. | -An edge in a connection. +### `UserCore` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`UsageTrendsMeasurement`](#usagetrendsmeasurement) | The item at the end of the edge. | +Core represention of a GitLab user. -### `User` +#### Fields -Representation of a GitLab user. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercoreavatarurl"></a>`avatarUrl` | [`String`](#string) | URL of the user's avatar. | +| <a id="usercorebot"></a>`bot` | [`Boolean!`](#boolean) | Indicates if the user is a bot. | +| <a id="usercorecallouts"></a>`callouts` | [`UserCalloutConnection`](#usercalloutconnection) | User callouts that belong to the user. (see [Connections](#connections)) | +| <a id="usercoreemail"></a>`email` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.7. This was renamed. Use: [`User.publicEmail`](#userpublicemail). | +| <a id="usercoregroupcount"></a>`groupCount` | [`Int`](#int) | Group count for the user. | +| <a id="usercoregroupmemberships"></a>`groupMemberships` | [`GroupMemberConnection`](#groupmemberconnection) | Group memberships of the user. (see [Connections](#connections)) | +| <a id="usercoreid"></a>`id` | [`ID!`](#id) | ID of the user. | +| <a id="usercorelocation"></a>`location` | [`String`](#string) | The location of the user. | +| <a id="usercorename"></a>`name` | [`String!`](#string) | Human-readable name of the user. | +| <a id="usercoreprojectmemberships"></a>`projectMemberships` | [`ProjectMemberConnection`](#projectmemberconnection) | Project memberships of the user. (see [Connections](#connections)) | +| <a id="usercorepublicemail"></a>`publicEmail` | [`String`](#string) | User's public email. | +| <a id="usercorestate"></a>`state` | [`UserState!`](#userstate) | State of the user. | +| <a id="usercorestatus"></a>`status` | [`UserStatus`](#userstatus) | User status. | +| <a id="usercoreuserpermissions"></a>`userPermissions` | [`UserPermissions!`](#userpermissions) | Permissions for the current user on the resource. | +| <a id="usercoreusername"></a>`username` | [`String!`](#string) | Username of the user. Unique within this instance of GitLab. | +| <a id="usercorewebpath"></a>`webPath` | [`String!`](#string) | Web path of the user. | +| <a id="usercoreweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the user. | + +#### Fields with arguments + +##### `UserCore.assignedMergeRequests` + +Merge requests assigned to the user. + +Returns [`MergeRequestConnection`](#mergerequestconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `assignedMergeRequests` | [`MergeRequestConnection`](#mergerequestconnection) | Merge requests assigned to the user. | -| `authoredMergeRequests` | [`MergeRequestConnection`](#mergerequestconnection) | Merge requests authored by the user. | -| `avatarUrl` | [`String`](#string) | URL of the user's avatar. | -| `bot` | [`Boolean!`](#boolean) | Indicates if the user is a bot. | -| `callouts` | [`UserCalloutConnection`](#usercalloutconnection) | User callouts that belong to the user. | -| `email` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.7. This was renamed. Use: `User.publicEmail`. | -| `groupCount` | [`Int`](#int) | Group count for the user. Available only when feature flag `user_group_counts` is enabled. | -| `groupMemberships` | [`GroupMemberConnection`](#groupmemberconnection) | Group memberships of the user. | -| `id` | [`ID!`](#id) | ID of the user. | -| `location` | [`String`](#string) | The location of the user. | -| `name` | [`String!`](#string) | Human-readable name of the user. | -| `projectMemberships` | [`ProjectMemberConnection`](#projectmemberconnection) | Project memberships of the user. | -| `publicEmail` | [`String`](#string) | User's public email. | -| `reviewRequestedMergeRequests` | [`MergeRequestConnection`](#mergerequestconnection) | Merge requests assigned to the user for review. | -| `snippets` | [`SnippetConnection`](#snippetconnection) | Snippets authored by the user. | -| `starredProjects` | [`ProjectConnection`](#projectconnection) | Projects starred by the user. | -| `state` | [`UserState!`](#userstate) | State of the user. | -| `status` | [`UserStatus`](#userstatus) | User status. | -| `todos` | [`TodoConnection`](#todoconnection) | To-do items of the user. | -| `userPermissions` | [`UserPermissions!`](#userpermissions) | Permissions for the current user on the resource. | -| `username` | [`String!`](#string) | Username of the user. Unique within this instance of GitLab. | -| `webPath` | [`String!`](#string) | Web path of the user. | -| `webUrl` | [`String!`](#string) | Web URL of the user. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercoreassignedmergerequestsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author. | +| <a id="usercoreassignedmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="usercoreassignedmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="usercoreassignedmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="usercoreassignedmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="usercoreassignedmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="usercoreassignedmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="usercoreassignedmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="usercoreassignedmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="usercoreassignedmergerequestsreviewerusername"></a>`reviewerUsername` | [`String`](#string) | Username of the reviewer. | +| <a id="usercoreassignedmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="usercoreassignedmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="usercoreassignedmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="usercoreassignedmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | -### `UserCallout` +##### `UserCore.authoredMergeRequests` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `dismissedAt` | [`Time`](#time) | Date when the callout was dismissed. | -| `featureName` | [`UserCalloutFeatureNameEnum!`](#usercalloutfeaturenameenum) | Name of the feature that the callout is for. | +Merge requests authored by the user. -### `UserCalloutConnection` +Returns [`MergeRequestConnection`](#mergerequestconnection). -The connection type for UserCallout. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[UserCalloutEdge]`](#usercalloutedge) | A list of edges. | -| `nodes` | [`[UserCallout]`](#usercallout) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +###### Arguments -### `UserCalloutCreatePayload` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercoreauthoredmergerequestsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of the assignee. | +| <a id="usercoreauthoredmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="usercoreauthoredmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="usercoreauthoredmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="usercoreauthoredmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="usercoreauthoredmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="usercoreauthoredmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="usercoreauthoredmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="usercoreauthoredmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="usercoreauthoredmergerequestsreviewerusername"></a>`reviewerUsername` | [`String`](#string) | Username of the reviewer. | +| <a id="usercoreauthoredmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="usercoreauthoredmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="usercoreauthoredmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="usercoreauthoredmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | -Autogenerated return type of UserCalloutCreate. +##### `UserCore.reviewRequestedMergeRequests` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `userCallout` | [`UserCallout!`](#usercallout) | The user callout dismissed. | +Merge requests assigned to the user for review. -### `UserCalloutEdge` +Returns [`MergeRequestConnection`](#mergerequestconnection). -An edge in a connection. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`UserCallout`](#usercallout) | The item at the end of the edge. | +###### Arguments -### `UserConnection` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercorereviewrequestedmergerequestsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of the assignee. | +| <a id="usercorereviewrequestedmergerequestsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author. | +| <a id="usercorereviewrequestedmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="usercorereviewrequestedmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="usercorereviewrequestedmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="usercorereviewrequestedmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="usercorereviewrequestedmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="usercorereviewrequestedmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="usercorereviewrequestedmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="usercorereviewrequestedmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="usercorereviewrequestedmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="usercorereviewrequestedmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="usercorereviewrequestedmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="usercorereviewrequestedmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | + +##### `UserCore.snippets` + +Snippets authored by the user. -The connection type for User. +Returns [`SnippetConnection`](#snippetconnection). -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[UserEdge]`](#useredge) | A list of edges. | -| `nodes` | [`[User]`](#user) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -### `UserEdge` +###### Arguments -An edge in a connection. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercoresnippetsids"></a>`ids` | [`[SnippetID!]`](#snippetid) | Array of global snippet IDs. For example, `gid://gitlab/ProjectSnippet/1`. | +| <a id="usercoresnippetstype"></a>`type` | [`TypeEnum`](#typeenum) | The type of snippet. | +| <a id="usercoresnippetsvisibility"></a>`visibility` | [`VisibilityScopesEnum`](#visibilityscopesenum) | The visibility of the snippet. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`User`](#user) | The item at the end of the edge. | +##### `UserCore.starredProjects` -### `UserMergeRequestInteraction` +Projects starred by the user. -Information about a merge request given a specific user. +Returns [`ProjectConnection`](#projectconnection). -This object has two parts to its state: a `User` and a `MergeRequest`. All -fields relate to interactions between the two entities. +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `applicableApprovalRules` | [`[ApprovalRule!]`](#approvalrule) | Approval rules that apply to this user for this merge request. | -| `approved` | [`Boolean!`](#boolean) | Whether this user has approved this merge request. | -| `canMerge` | [`Boolean!`](#boolean) | Whether this user can merge this merge request. | -| `canUpdate` | [`Boolean!`](#boolean) | Whether this user can update this merge request. | -| `reviewState` | [`MergeRequestReviewState`](#mergerequestreviewstate) | The state of the review by this user. | -| `reviewed` | [`Boolean!`](#boolean) | Whether this user has provided a review for this merge request. | +###### Arguments -### `UserPermissions` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercorestarredprojectssearch"></a>`search` | [`String`](#string) | Search query. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `create_snippet` on this resource. | +##### `UserCore.todos` -### `UserStatus` +To-do items of the user. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `availability` | [`AvailabilityEnum!`](#availabilityenum) | User availability status. | -| `emoji` | [`String`](#string) | String representation of emoji. | -| `message` | [`String`](#string) | User status message. | -| `messageHtml` | [`String`](#string) | HTML of the user status message. | +Returns [`TodoConnection`](#todoconnection). -### `VulnerabilitiesCountByDay` +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. -Represents the count of vulnerabilities by severity on a particular day. This data is retained for 365 days. +###### Arguments -| Field | Type | Description | -| ----- | ---- | ----------- | -| `critical` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with critical severity. | -| `date` | [`ISO8601Date!`](#iso8601date) | Date for the count. | -| `high` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with high severity. | -| `info` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with info severity. | -| `low` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with low severity. | -| `medium` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with medium severity. | -| `total` | [`Int!`](#int) | Total number of vulnerabilities on a particular day. | -| `unknown` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with unknown severity. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usercoretodosaction"></a>`action` | [`[TodoActionEnum!]`](#todoactionenum) | The action to be filtered. | +| <a id="usercoretodosauthorid"></a>`authorId` | [`[ID!]`](#id) | The ID of an author. | +| <a id="usercoretodosgroupid"></a>`groupId` | [`[ID!]`](#id) | The ID of a group. | +| <a id="usercoretodosprojectid"></a>`projectId` | [`[ID!]`](#id) | The ID of a project. | +| <a id="usercoretodosstate"></a>`state` | [`[TodoStateEnum!]`](#todostateenum) | The state of the todo. | +| <a id="usercoretodostype"></a>`type` | [`[TodoTargetEnum!]`](#todotargetenum) | The type of the todo. | -### `VulnerabilitiesCountByDayAndSeverity` +### `UserMergeRequestInteraction` -Represents the number of vulnerabilities for a particular severity on a particular day. This data is retained for 365 days. +Information about a merge request given a specific user. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int`](#int) | Number of vulnerabilities. | -| `day` | [`ISO8601Date`](#iso8601date) | Date for the count. | -| `severity` | [`VulnerabilitySeverity`](#vulnerabilityseverity) | Severity of the counted vulnerabilities. | +This object has two parts to its state: a `User` and a `MergeRequest`. All +fields relate to interactions between the two entities. -### `VulnerabilitiesCountByDayAndSeverityConnection` +#### Fields -The connection type for VulnerabilitiesCountByDayAndSeverity. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usermergerequestinteractionapplicableapprovalrules"></a>`applicableApprovalRules` | [`[ApprovalRule!]`](#approvalrule) | Approval rules that apply to this user for this merge request. | +| <a id="usermergerequestinteractionapproved"></a>`approved` | [`Boolean!`](#boolean) | Whether this user has approved this merge request. | +| <a id="usermergerequestinteractioncanmerge"></a>`canMerge` | [`Boolean!`](#boolean) | Whether this user can merge this merge request. | +| <a id="usermergerequestinteractioncanupdate"></a>`canUpdate` | [`Boolean!`](#boolean) | Whether this user can update this merge request. | +| <a id="usermergerequestinteractionreviewstate"></a>`reviewState` | [`MergeRequestReviewState`](#mergerequestreviewstate) | The state of the review by this user. | +| <a id="usermergerequestinteractionreviewed"></a>`reviewed` | [`Boolean!`](#boolean) | Whether this user has provided a review for this merge request. | + +### `UserPermissions` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="userpermissionscreatesnippet"></a>`createSnippet` | [`Boolean!`](#boolean) | Indicates the user can perform `create_snippet` on this resource. | + +### `UserStatus` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[VulnerabilitiesCountByDayAndSeverityEdge]`](#vulnerabilitiescountbydayandseverityedge) | A list of edges. | -| `nodes` | [`[VulnerabilitiesCountByDayAndSeverity]`](#vulnerabilitiescountbydayandseverity) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### Fields -### `VulnerabilitiesCountByDayAndSeverityEdge` +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="userstatusavailability"></a>`availability` | [`AvailabilityEnum!`](#availabilityenum) | User availability status. | +| <a id="userstatusemoji"></a>`emoji` | [`String`](#string) | String representation of emoji. | +| <a id="userstatusmessage"></a>`message` | [`String`](#string) | User status message. | +| <a id="userstatusmessagehtml"></a>`messageHtml` | [`String`](#string) | HTML of the user status message. | -An edge in a connection. +### `VulnerabilitiesCountByDay` -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`VulnerabilitiesCountByDayAndSeverity`](#vulnerabilitiescountbydayandseverity) | The item at the end of the edge. | +Represents the count of vulnerabilities by severity on a particular day. This data is retained for 365 days. -### `VulnerabilitiesCountByDayConnection` +#### Fields -The connection type for VulnerabilitiesCountByDay. +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitiescountbydaycritical"></a>`critical` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with critical severity. | +| <a id="vulnerabilitiescountbydaydate"></a>`date` | [`ISO8601Date!`](#iso8601date) | Date for the count. | +| <a id="vulnerabilitiescountbydayhigh"></a>`high` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with high severity. | +| <a id="vulnerabilitiescountbydayinfo"></a>`info` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with info severity. | +| <a id="vulnerabilitiescountbydaylow"></a>`low` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with low severity. | +| <a id="vulnerabilitiescountbydaymedium"></a>`medium` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with medium severity. | +| <a id="vulnerabilitiescountbydaytotal"></a>`total` | [`Int!`](#int) | Total number of vulnerabilities on a particular day. | +| <a id="vulnerabilitiescountbydayunknown"></a>`unknown` | [`Int!`](#int) | Total number of vulnerabilities on a particular day with unknown severity. | -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[VulnerabilitiesCountByDayEdge]`](#vulnerabilitiescountbydayedge) | A list of edges. | -| `nodes` | [`[VulnerabilitiesCountByDay]`](#vulnerabilitiescountbyday) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +### `VulnerabilitiesCountByDayAndSeverity` -### `VulnerabilitiesCountByDayEdge` +Represents the number of vulnerabilities for a particular severity on a particular day. This data is retained for 365 days. -An edge in a connection. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`VulnerabilitiesCountByDay`](#vulnerabilitiescountbyday) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitiescountbydayandseveritycount"></a>`count` | [`Int`](#int) | Number of vulnerabilities. | +| <a id="vulnerabilitiescountbydayandseverityday"></a>`day` | [`ISO8601Date`](#iso8601date) | Date for the count. | +| <a id="vulnerabilitiescountbydayandseverityseverity"></a>`severity` | [`VulnerabilitySeverity`](#vulnerabilityseverity) | Severity of the counted vulnerabilities. | ### `Vulnerability` Represents a vulnerability. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `confirmedAt` | [`Time`](#time) | Timestamp of when the vulnerability state was changed to confirmed. | -| `confirmedBy` | [`User`](#user) | The user that confirmed the vulnerability. | -| `description` | [`String`](#string) | Description of the vulnerability. | -| `details` | [`[VulnerabilityDetail!]!`](#vulnerabilitydetail) | Details of the vulnerability. | -| `detectedAt` | [`Time!`](#time) | Timestamp of when the vulnerability was first detected. | -| `discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. | -| `dismissedAt` | [`Time`](#time) | Timestamp of when the vulnerability state was changed to dismissed. | -| `dismissedBy` | [`User`](#user) | The user that dismissed the vulnerability. | -| `externalIssueLinks` | [`VulnerabilityExternalIssueLinkConnection!`](#vulnerabilityexternalissuelinkconnection) | List of external issue links related to the vulnerability. | -| `hasSolutions` | [`Boolean`](#boolean) | Indicates whether there is a solution available for this vulnerability. | -| `id` | [`ID!`](#id) | GraphQL ID of the vulnerability. | -| `identifiers` | [`[VulnerabilityIdentifier!]!`](#vulnerabilityidentifier) | Identifiers of the vulnerability. | -| `issueLinks` | [`VulnerabilityIssueLinkConnection!`](#vulnerabilityissuelinkconnection) | List of issue links related to the vulnerability. | -| `location` | [`VulnerabilityLocation`](#vulnerabilitylocation) | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability. | -| `mergeRequest` | [`MergeRequest`](#mergerequest) | Merge request that fixes the vulnerability. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. | -| `primaryIdentifier` | [`VulnerabilityIdentifier`](#vulnerabilityidentifier) | Primary identifier of the vulnerability. | -| `project` | [`Project`](#project) | The project on which the vulnerability was found. | -| `reportType` | [`VulnerabilityReportType`](#vulnerabilityreporttype) | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING, API_FUZZING). `Scan Type` in the UI. | -| `resolvedAt` | [`Time`](#time) | Timestamp of when the vulnerability state was changed to resolved. | -| `resolvedBy` | [`User`](#user) | The user that resolved the vulnerability. | -| `resolvedOnDefaultBranch` | [`Boolean!`](#boolean) | Indicates whether the vulnerability is fixed on the default branch or not. | -| `scanner` | [`VulnerabilityScanner`](#vulnerabilityscanner) | Scanner metadata for the vulnerability. | -| `severity` | [`VulnerabilitySeverity`](#vulnerabilityseverity) | Severity of the vulnerability (INFO, UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL). | -| `state` | [`VulnerabilityState`](#vulnerabilitystate) | State of the vulnerability (DETECTED, CONFIRMED, RESOLVED, DISMISSED). | -| `title` | [`String`](#string) | Title of the vulnerability. | -| `userNotesCount` | [`Int!`](#int) | Number of user notes attached to the vulnerability. | -| `userPermissions` | [`VulnerabilityPermissions!`](#vulnerabilitypermissions) | Permissions for the current user on the resource. | -| `vulnerabilityPath` | [`String`](#string) | URL to the vulnerability's details page. | - -### `VulnerabilityConfirmPayload` - -Autogenerated return type of VulnerabilityConfirm. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after state change. | - -### `VulnerabilityConnection` - -The connection type for Vulnerability. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[VulnerabilityEdge]`](#vulnerabilityedge) | A list of edges. | -| `nodes` | [`[Vulnerability]`](#vulnerability) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityconfirmedat"></a>`confirmedAt` | [`Time`](#time) | Timestamp of when the vulnerability state was changed to confirmed. | +| <a id="vulnerabilityconfirmedby"></a>`confirmedBy` | [`UserCore`](#usercore) | The user that confirmed the vulnerability. | +| <a id="vulnerabilitydescription"></a>`description` | [`String`](#string) | Description of the vulnerability. | +| <a id="vulnerabilitydetails"></a>`details` | [`[VulnerabilityDetail!]!`](#vulnerabilitydetail) | Details of the vulnerability. | +| <a id="vulnerabilitydetectedat"></a>`detectedAt` | [`Time!`](#time) | Timestamp of when the vulnerability was first detected. | +| <a id="vulnerabilitydiscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="vulnerabilitydismissedat"></a>`dismissedAt` | [`Time`](#time) | Timestamp of when the vulnerability state was changed to dismissed. | +| <a id="vulnerabilitydismissedby"></a>`dismissedBy` | [`UserCore`](#usercore) | The user that dismissed the vulnerability. | +| <a id="vulnerabilityexternalissuelinks"></a>`externalIssueLinks` | [`VulnerabilityExternalIssueLinkConnection!`](#vulnerabilityexternalissuelinkconnection) | List of external issue links related to the vulnerability. (see [Connections](#connections)) | +| <a id="vulnerabilityhassolutions"></a>`hasSolutions` | [`Boolean`](#boolean) | Indicates whether there is a solution available for this vulnerability. | +| <a id="vulnerabilityid"></a>`id` | [`ID!`](#id) | GraphQL ID of the vulnerability. | +| <a id="vulnerabilityidentifiers"></a>`identifiers` | [`[VulnerabilityIdentifier!]!`](#vulnerabilityidentifier) | Identifiers of the vulnerability. | +| <a id="vulnerabilitylocation"></a>`location` | [`VulnerabilityLocation`](#vulnerabilitylocation) | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability. | +| <a id="vulnerabilitymergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | Merge request that fixes the vulnerability. | +| <a id="vulnerabilitynotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | +| <a id="vulnerabilityprimaryidentifier"></a>`primaryIdentifier` | [`VulnerabilityIdentifier`](#vulnerabilityidentifier) | Primary identifier of the vulnerability. | +| <a id="vulnerabilityproject"></a>`project` | [`Project`](#project) | The project on which the vulnerability was found. | +| <a id="vulnerabilityreporttype"></a>`reportType` | [`VulnerabilityReportType`](#vulnerabilityreporttype) | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING, API_FUZZING). `Scan Type` in the UI. | +| <a id="vulnerabilityresolvedat"></a>`resolvedAt` | [`Time`](#time) | Timestamp of when the vulnerability state was changed to resolved. | +| <a id="vulnerabilityresolvedby"></a>`resolvedBy` | [`UserCore`](#usercore) | The user that resolved the vulnerability. | +| <a id="vulnerabilityresolvedondefaultbranch"></a>`resolvedOnDefaultBranch` | [`Boolean!`](#boolean) | Indicates whether the vulnerability is fixed on the default branch or not. | +| <a id="vulnerabilityscanner"></a>`scanner` | [`VulnerabilityScanner`](#vulnerabilityscanner) | Scanner metadata for the vulnerability. | +| <a id="vulnerabilityseverity"></a>`severity` | [`VulnerabilitySeverity`](#vulnerabilityseverity) | Severity of the vulnerability (INFO, UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL). | +| <a id="vulnerabilitystate"></a>`state` | [`VulnerabilityState`](#vulnerabilitystate) | State of the vulnerability (DETECTED, CONFIRMED, RESOLVED, DISMISSED). | +| <a id="vulnerabilitytitle"></a>`title` | [`String`](#string) | Title of the vulnerability. | +| <a id="vulnerabilityusernotescount"></a>`userNotesCount` | [`Int!`](#int) | Number of user notes attached to the vulnerability. | +| <a id="vulnerabilityuserpermissions"></a>`userPermissions` | [`VulnerabilityPermissions!`](#vulnerabilitypermissions) | Permissions for the current user on the resource. | +| <a id="vulnerabilityvulnerabilitypath"></a>`vulnerabilityPath` | [`String`](#string) | URL to the vulnerability's details page. | + +#### Fields with arguments + +##### `Vulnerability.issueLinks` + +List of issue links related to the vulnerability. + +Returns [`VulnerabilityIssueLinkConnection!`](#vulnerabilityissuelinkconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityissuelinkslinktype"></a>`linkType` | [`VulnerabilityIssueLinkType`](#vulnerabilityissuelinktype) | Filter issue links by link type. | ### `VulnerabilityDetailBase` Represents the vulnerability details base. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `name` | [`String`](#string) | Name of the field. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailbasedescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailbasefieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailbasename"></a>`name` | [`String`](#string) | Name of the field. | ### `VulnerabilityDetailBoolean` Represents the vulnerability details boolean value. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `name` | [`String`](#string) | Name of the field. | -| `value` | [`Boolean!`](#boolean) | Value of the field. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailbooleandescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailbooleanfieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailbooleanname"></a>`name` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailbooleanvalue"></a>`value` | [`Boolean!`](#boolean) | Value of the field. | ### `VulnerabilityDetailCode` Represents the vulnerability details code field. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `lang` | [`String`](#string) | Language of the code. | -| `name` | [`String`](#string) | Name of the field. | -| `value` | [`String!`](#string) | Source code. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailcodedescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailcodefieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailcodelang"></a>`lang` | [`String`](#string) | Language of the code. | +| <a id="vulnerabilitydetailcodename"></a>`name` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailcodevalue"></a>`value` | [`String!`](#string) | Source code. | ### `VulnerabilityDetailCommit` Represents the vulnerability details commit field. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `name` | [`String`](#string) | Name of the field. | -| `value` | [`String!`](#string) | The commit SHA value. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailcommitdescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailcommitfieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailcommitname"></a>`name` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailcommitvalue"></a>`value` | [`String!`](#string) | The commit SHA value. | ### `VulnerabilityDetailDiff` Represents the vulnerability details diff field. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `after` | [`String!`](#string) | Value of the field after the change. | -| `before` | [`String!`](#string) | Value of the field before the change. | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `name` | [`String`](#string) | Name of the field. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetaildiffafter"></a>`after` | [`String!`](#string) | Value of the field after the change. | +| <a id="vulnerabilitydetaildiffbefore"></a>`before` | [`String!`](#string) | Value of the field before the change. | +| <a id="vulnerabilitydetaildiffdescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetaildifffieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetaildiffname"></a>`name` | [`String`](#string) | Name of the field. | ### `VulnerabilityDetailFileLocation` Represents the vulnerability details location within a file in the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `fileName` | [`String!`](#string) | File name. | -| `lineEnd` | [`Int!`](#int) | End line number of the file location. | -| `lineStart` | [`Int!`](#int) | Start line number of the file location. | -| `name` | [`String`](#string) | Name of the field. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailfilelocationdescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailfilelocationfieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailfilelocationfilename"></a>`fileName` | [`String!`](#string) | File name. | +| <a id="vulnerabilitydetailfilelocationlineend"></a>`lineEnd` | [`Int!`](#int) | End line number of the file location. | +| <a id="vulnerabilitydetailfilelocationlinestart"></a>`lineStart` | [`Int!`](#int) | Start line number of the file location. | +| <a id="vulnerabilitydetailfilelocationname"></a>`name` | [`String`](#string) | Name of the field. | ### `VulnerabilityDetailInt` Represents the vulnerability details integer value. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `name` | [`String`](#string) | Name of the field. | -| `value` | [`Int!`](#int) | Value of the field. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailintdescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailintfieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailintname"></a>`name` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailintvalue"></a>`value` | [`Int!`](#int) | Value of the field. | ### `VulnerabilityDetailList` Represents the vulnerability details list value. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `items` | [`[VulnerabilityDetail!]!`](#vulnerabilitydetail) | List of details. | -| `name` | [`String`](#string) | Name of the field. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetaillistdescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetaillistfieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetaillistitems"></a>`items` | [`[VulnerabilityDetail!]!`](#vulnerabilitydetail) | List of details. | +| <a id="vulnerabilitydetaillistname"></a>`name` | [`String`](#string) | Name of the field. | ### `VulnerabilityDetailMarkdown` Represents the vulnerability details Markdown field. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `name` | [`String`](#string) | Name of the field. | -| `value` | [`String!`](#string) | Value of the Markdown field. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailmarkdowndescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailmarkdownfieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailmarkdownname"></a>`name` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailmarkdownvalue"></a>`value` | [`String!`](#string) | Value of the Markdown field. | ### `VulnerabilityDetailModuleLocation` Represents the vulnerability details location within a file in the project. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `moduleName` | [`String!`](#string) | Module name. | -| `name` | [`String`](#string) | Name of the field. | -| `offset` | [`Int!`](#int) | Offset of the module location. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailmodulelocationdescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailmodulelocationfieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailmodulelocationmodulename"></a>`moduleName` | [`String!`](#string) | Module name. | +| <a id="vulnerabilitydetailmodulelocationname"></a>`name` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailmodulelocationoffset"></a>`offset` | [`Int!`](#int) | Offset of the module location. | ### `VulnerabilityDetailTable` Represents the vulnerability details table value. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `headers` | [`[VulnerabilityDetail!]!`](#vulnerabilitydetail) | Table headers. | -| `name` | [`String`](#string) | Name of the field. | -| `rows` | [`[VulnerabilityDetail!]!`](#vulnerabilitydetail) | Table rows. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailtabledescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailtablefieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailtableheaders"></a>`headers` | [`[VulnerabilityDetail!]!`](#vulnerabilitydetail) | Table headers. | +| <a id="vulnerabilitydetailtablename"></a>`name` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailtablerows"></a>`rows` | [`[VulnerabilityDetail!]!`](#vulnerabilitydetail) | Table rows. | ### `VulnerabilityDetailText` Represents the vulnerability details text field. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `name` | [`String`](#string) | Name of the field. | -| `value` | [`String!`](#string) | Value of the text field. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailtextdescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailtextfieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailtextname"></a>`name` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailtextvalue"></a>`value` | [`String!`](#string) | Value of the text field. | ### `VulnerabilityDetailUrl` Represents the vulnerability details URL field. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | [`String`](#string) | Description of the field. | -| `fieldName` | [`String`](#string) | Name of the field. | -| `href` | [`String!`](#string) | Href of the URL. | -| `name` | [`String`](#string) | Name of the field. | -| `text` | [`String`](#string) | Text of the URL. | - -### `VulnerabilityDismissPayload` - -Autogenerated return type of VulnerabilityDismiss. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after dismissal. | +#### Fields -### `VulnerabilityEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`Vulnerability`](#vulnerability) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitydetailurldescription"></a>`description` | [`String`](#string) | Description of the field. | +| <a id="vulnerabilitydetailurlfieldname"></a>`fieldName` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailurlhref"></a>`href` | [`String!`](#string) | Href of the URL. | +| <a id="vulnerabilitydetailurlname"></a>`name` | [`String`](#string) | Name of the field. | +| <a id="vulnerabilitydetailurltext"></a>`text` | [`String`](#string) | Text of the URL. | ### `VulnerabilityExternalIssueLink` Represents an external issue link of a vulnerability. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `externalIssue` | [`ExternalIssue`](#externalissue) | The external issue attached to the issue link. | -| `id` | [`VulnerabilitiesExternalIssueLinkID!`](#vulnerabilitiesexternalissuelinkid) | GraphQL ID of the external issue link. | -| `linkType` | [`VulnerabilityExternalIssueLinkType!`](#vulnerabilityexternalissuelinktype) | Type of the external issue link. | - -### `VulnerabilityExternalIssueLinkConnection` - -The connection type for VulnerabilityExternalIssueLink. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[VulnerabilityExternalIssueLinkEdge]`](#vulnerabilityexternalissuelinkedge) | A list of edges. | -| `nodes` | [`[VulnerabilityExternalIssueLink]`](#vulnerabilityexternalissuelink) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `VulnerabilityExternalIssueLinkCreatePayload` - -Autogenerated return type of VulnerabilityExternalIssueLinkCreate. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `externalIssueLink` | [`VulnerabilityExternalIssueLink`](#vulnerabilityexternalissuelink) | The created external issue link. | - -### `VulnerabilityExternalIssueLinkDestroyPayload` - -Autogenerated return type of VulnerabilityExternalIssueLinkDestroy. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | - -### `VulnerabilityExternalIssueLinkEdge` +#### Fields -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`VulnerabilityExternalIssueLink`](#vulnerabilityexternalissuelink) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityexternalissuelinkexternalissue"></a>`externalIssue` | [`ExternalIssue`](#externalissue) | The external issue attached to the issue link. | +| <a id="vulnerabilityexternalissuelinkid"></a>`id` | [`VulnerabilitiesExternalIssueLinkID!`](#vulnerabilitiesexternalissuelinkid) | GraphQL ID of the external issue link. | +| <a id="vulnerabilityexternalissuelinklinktype"></a>`linkType` | [`VulnerabilityExternalIssueLinkType!`](#vulnerabilityexternalissuelinktype) | Type of the external issue link. | ### `VulnerabilityIdentifier` Represents a vulnerability identifier. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `externalId` | [`String`](#string) | External ID of the vulnerability identifier. | -| `externalType` | [`String`](#string) | External type of the vulnerability identifier. | -| `name` | [`String`](#string) | Name of the vulnerability identifier. | -| `url` | [`String`](#string) | URL of the vulnerability identifier. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityidentifierexternalid"></a>`externalId` | [`String`](#string) | External ID of the vulnerability identifier. | +| <a id="vulnerabilityidentifierexternaltype"></a>`externalType` | [`String`](#string) | External type of the vulnerability identifier. | +| <a id="vulnerabilityidentifiername"></a>`name` | [`String`](#string) | Name of the vulnerability identifier. | +| <a id="vulnerabilityidentifierurl"></a>`url` | [`String`](#string) | URL of the vulnerability identifier. | ### `VulnerabilityIssueLink` Represents an issue link of a vulnerability. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `id` | [`ID!`](#id) | GraphQL ID of the vulnerability. | -| `issue` | [`Issue!`](#issue) | The issue attached to issue link. | -| `linkType` | [`VulnerabilityIssueLinkType!`](#vulnerabilityissuelinktype) | Type of the issue link. | - -### `VulnerabilityIssueLinkConnection` - -The connection type for VulnerabilityIssueLink. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[VulnerabilityIssueLinkEdge]`](#vulnerabilityissuelinkedge) | A list of edges. | -| `nodes` | [`[VulnerabilityIssueLink]`](#vulnerabilityissuelink) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `VulnerabilityIssueLinkEdge` +#### Fields -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`VulnerabilityIssueLink`](#vulnerabilityissuelink) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityissuelinkid"></a>`id` | [`ID!`](#id) | GraphQL ID of the vulnerability. | +| <a id="vulnerabilityissuelinkissue"></a>`issue` | [`Issue!`](#issue) | The issue attached to issue link. | +| <a id="vulnerabilityissuelinklinktype"></a>`linkType` | [`VulnerabilityIssueLinkType!`](#vulnerabilityissuelinktype) | Type of the issue link. | ### `VulnerabilityLocationContainerScanning` Represents the location of a vulnerability found by a container security scan. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `dependency` | [`VulnerableDependency`](#vulnerabledependency) | Dependency containing the vulnerability. | -| `image` | [`String`](#string) | Name of the vulnerable container image. | -| `operatingSystem` | [`String`](#string) | Operating system that runs on the vulnerable container image. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitylocationcontainerscanningdependency"></a>`dependency` | [`VulnerableDependency`](#vulnerabledependency) | Dependency containing the vulnerability. | +| <a id="vulnerabilitylocationcontainerscanningimage"></a>`image` | [`String`](#string) | Name of the vulnerable container image. | +| <a id="vulnerabilitylocationcontainerscanningoperatingsystem"></a>`operatingSystem` | [`String`](#string) | Operating system that runs on the vulnerable container image. | ### `VulnerabilityLocationCoverageFuzzing` Represents the location of a vulnerability found by a Coverage Fuzzing scan. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `blobPath` | [`String`](#string) | Blob path to the vulnerable file. | -| `endLine` | [`String`](#string) | Number of the last relevant line in the vulnerable file. | -| `file` | [`String`](#string) | Path to the vulnerable file. | -| `startLine` | [`String`](#string) | Number of the first relevant line in the vulnerable file. | -| `vulnerableClass` | [`String`](#string) | Class containing the vulnerability. | -| `vulnerableMethod` | [`String`](#string) | Method containing the vulnerability. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitylocationcoveragefuzzingblobpath"></a>`blobPath` | [`String`](#string) | Blob path to the vulnerable file. | +| <a id="vulnerabilitylocationcoveragefuzzingendline"></a>`endLine` | [`String`](#string) | Number of the last relevant line in the vulnerable file. | +| <a id="vulnerabilitylocationcoveragefuzzingfile"></a>`file` | [`String`](#string) | Path to the vulnerable file. | +| <a id="vulnerabilitylocationcoveragefuzzingstartline"></a>`startLine` | [`String`](#string) | Number of the first relevant line in the vulnerable file. | +| <a id="vulnerabilitylocationcoveragefuzzingvulnerableclass"></a>`vulnerableClass` | [`String`](#string) | Class containing the vulnerability. | +| <a id="vulnerabilitylocationcoveragefuzzingvulnerablemethod"></a>`vulnerableMethod` | [`String`](#string) | Method containing the vulnerability. | ### `VulnerabilityLocationDast` Represents the location of a vulnerability found by a DAST scan. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `hostname` | [`String`](#string) | Domain name of the vulnerable request. | -| `param` | [`String`](#string) | Query parameter for the URL on which the vulnerability occurred. | -| `path` | [`String`](#string) | URL path and query string of the vulnerable request. | -| `requestMethod` | [`String`](#string) | HTTP method of the vulnerable request. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitylocationdasthostname"></a>`hostname` | [`String`](#string) | Domain name of the vulnerable request. | +| <a id="vulnerabilitylocationdastparam"></a>`param` | [`String`](#string) | Query parameter for the URL on which the vulnerability occurred. | +| <a id="vulnerabilitylocationdastpath"></a>`path` | [`String`](#string) | URL path and query string of the vulnerable request. | +| <a id="vulnerabilitylocationdastrequestmethod"></a>`requestMethod` | [`String`](#string) | HTTP method of the vulnerable request. | ### `VulnerabilityLocationDependencyScanning` Represents the location of a vulnerability found by a dependency security scan. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `blobPath` | [`String`](#string) | Blob path to the vulnerable file. | -| `dependency` | [`VulnerableDependency`](#vulnerabledependency) | Dependency containing the vulnerability. | -| `file` | [`String`](#string) | Path to the vulnerable file. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitylocationdependencyscanningblobpath"></a>`blobPath` | [`String`](#string) | Blob path to the vulnerable file. | +| <a id="vulnerabilitylocationdependencyscanningdependency"></a>`dependency` | [`VulnerableDependency`](#vulnerabledependency) | Dependency containing the vulnerability. | +| <a id="vulnerabilitylocationdependencyscanningfile"></a>`file` | [`String`](#string) | Path to the vulnerable file. | ### `VulnerabilityLocationSast` Represents the location of a vulnerability found by a SAST scan. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `blobPath` | [`String`](#string) | Blob path to the vulnerable file. | -| `endLine` | [`String`](#string) | Number of the last relevant line in the vulnerable file. | -| `file` | [`String`](#string) | Path to the vulnerable file. | -| `startLine` | [`String`](#string) | Number of the first relevant line in the vulnerable file. | -| `vulnerableClass` | [`String`](#string) | Class containing the vulnerability. | -| `vulnerableMethod` | [`String`](#string) | Method containing the vulnerability. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitylocationsastblobpath"></a>`blobPath` | [`String`](#string) | Blob path to the vulnerable file. | +| <a id="vulnerabilitylocationsastendline"></a>`endLine` | [`String`](#string) | Number of the last relevant line in the vulnerable file. | +| <a id="vulnerabilitylocationsastfile"></a>`file` | [`String`](#string) | Path to the vulnerable file. | +| <a id="vulnerabilitylocationsaststartline"></a>`startLine` | [`String`](#string) | Number of the first relevant line in the vulnerable file. | +| <a id="vulnerabilitylocationsastvulnerableclass"></a>`vulnerableClass` | [`String`](#string) | Class containing the vulnerability. | +| <a id="vulnerabilitylocationsastvulnerablemethod"></a>`vulnerableMethod` | [`String`](#string) | Method containing the vulnerability. | ### `VulnerabilityLocationSecretDetection` Represents the location of a vulnerability found by a secret detection scan. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `blobPath` | [`String`](#string) | Blob path to the vulnerable file. | -| `endLine` | [`String`](#string) | Number of the last relevant line in the vulnerable file. | -| `file` | [`String`](#string) | Path to the vulnerable file. | -| `startLine` | [`String`](#string) | Number of the first relevant line in the vulnerable file. | -| `vulnerableClass` | [`String`](#string) | Class containing the vulnerability. | -| `vulnerableMethod` | [`String`](#string) | Method containing the vulnerability. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitylocationsecretdetectionblobpath"></a>`blobPath` | [`String`](#string) | Blob path to the vulnerable file. | +| <a id="vulnerabilitylocationsecretdetectionendline"></a>`endLine` | [`String`](#string) | Number of the last relevant line in the vulnerable file. | +| <a id="vulnerabilitylocationsecretdetectionfile"></a>`file` | [`String`](#string) | Path to the vulnerable file. | +| <a id="vulnerabilitylocationsecretdetectionstartline"></a>`startLine` | [`String`](#string) | Number of the first relevant line in the vulnerable file. | +| <a id="vulnerabilitylocationsecretdetectionvulnerableclass"></a>`vulnerableClass` | [`String`](#string) | Class containing the vulnerability. | +| <a id="vulnerabilitylocationsecretdetectionvulnerablemethod"></a>`vulnerableMethod` | [`String`](#string) | Method containing the vulnerability. | ### `VulnerabilityPermissions` Check permissions for the current user on a vulnerability. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `adminVulnerability` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_vulnerability` on this resource. | -| `adminVulnerabilityExternalIssueLink` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_vulnerability_external_issue_link` on this resource. | -| `adminVulnerabilityIssueLink` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_vulnerability_issue_link` on this resource. | -| `createVulnerability` | [`Boolean!`](#boolean) | Indicates the user can perform `create_vulnerability` on this resource. | -| `createVulnerabilityExport` | [`Boolean!`](#boolean) | Indicates the user can perform `create_vulnerability_export` on this resource. | -| `createVulnerabilityFeedback` | [`Boolean!`](#boolean) | Indicates the user can perform `create_vulnerability_feedback` on this resource. | -| `destroyVulnerabilityFeedback` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_vulnerability_feedback` on this resource. | -| `readVulnerabilityFeedback` | [`Boolean!`](#boolean) | Indicates the user can perform `read_vulnerability_feedback` on this resource. | -| `updateVulnerabilityFeedback` | [`Boolean!`](#boolean) | Indicates the user can perform `update_vulnerability_feedback` on this resource. | - -### `VulnerabilityResolvePayload` - -Autogenerated return type of VulnerabilityResolve. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after state change. | - -### `VulnerabilityRevertToDetectedPayload` +#### Fields -Autogenerated return type of VulnerabilityRevertToDetected. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | -| `vulnerability` | [`Vulnerability`](#vulnerability) | The vulnerability after revert. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilitypermissionsadminvulnerability"></a>`adminVulnerability` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_vulnerability` on this resource. | +| <a id="vulnerabilitypermissionsadminvulnerabilityexternalissuelink"></a>`adminVulnerabilityExternalIssueLink` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_vulnerability_external_issue_link` on this resource. | +| <a id="vulnerabilitypermissionsadminvulnerabilityissuelink"></a>`adminVulnerabilityIssueLink` | [`Boolean!`](#boolean) | Indicates the user can perform `admin_vulnerability_issue_link` on this resource. | +| <a id="vulnerabilitypermissionscreatevulnerability"></a>`createVulnerability` | [`Boolean!`](#boolean) | Indicates the user can perform `create_vulnerability` on this resource. | +| <a id="vulnerabilitypermissionscreatevulnerabilityexport"></a>`createVulnerabilityExport` | [`Boolean!`](#boolean) | Indicates the user can perform `create_vulnerability_export` on this resource. | +| <a id="vulnerabilitypermissionscreatevulnerabilityfeedback"></a>`createVulnerabilityFeedback` | [`Boolean!`](#boolean) | Indicates the user can perform `create_vulnerability_feedback` on this resource. | +| <a id="vulnerabilitypermissionsdestroyvulnerabilityfeedback"></a>`destroyVulnerabilityFeedback` | [`Boolean!`](#boolean) | Indicates the user can perform `destroy_vulnerability_feedback` on this resource. | +| <a id="vulnerabilitypermissionsreadvulnerabilityfeedback"></a>`readVulnerabilityFeedback` | [`Boolean!`](#boolean) | Indicates the user can perform `read_vulnerability_feedback` on this resource. | +| <a id="vulnerabilitypermissionsupdatevulnerabilityfeedback"></a>`updateVulnerabilityFeedback` | [`Boolean!`](#boolean) | Indicates the user can perform `update_vulnerability_feedback` on this resource. | ### `VulnerabilityScanner` Represents a vulnerability scanner. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `externalId` | [`String`](#string) | External ID of the vulnerability scanner. | -| `id` | [`ID`](#id) | ID of the scanner. | -| `name` | [`String`](#string) | Name of the vulnerability scanner. | -| `reportType` | [`VulnerabilityReportType`](#vulnerabilityreporttype) | Type of the vulnerability report. | -| `vendor` | [`String`](#string) | Vendor of the vulnerability scanner. | - -### `VulnerabilityScannerConnection` - -The connection type for VulnerabilityScanner. +#### Fields -| Field | Type | Description | -| ----- | ---- | ----------- | -| `edges` | [`[VulnerabilityScannerEdge]`](#vulnerabilityscanneredge) | A list of edges. | -| `nodes` | [`[VulnerabilityScanner]`](#vulnerabilityscanner) | A list of nodes. | -| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | - -### `VulnerabilityScannerEdge` - -An edge in a connection. - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cursor` | [`String!`](#string) | A cursor for use in pagination. | -| `node` | [`VulnerabilityScanner`](#vulnerabilityscanner) | The item at the end of the edge. | +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityscannerexternalid"></a>`externalId` | [`String`](#string) | External ID of the vulnerability scanner. | +| <a id="vulnerabilityscannerid"></a>`id` | [`ID`](#id) | ID of the scanner. | +| <a id="vulnerabilityscannername"></a>`name` | [`String`](#string) | Name of the vulnerability scanner. | +| <a id="vulnerabilityscannerreporttype"></a>`reportType` | [`VulnerabilityReportType`](#vulnerabilityreporttype) | Type of the vulnerability report. | +| <a id="vulnerabilityscannervendor"></a>`vendor` | [`String`](#string) | Vendor of the vulnerability scanner. | ### `VulnerabilitySeveritiesCount` Represents vulnerability counts by severity. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `critical` | [`Int`](#int) | Number of vulnerabilities of CRITICAL severity of the project. | -| `high` | [`Int`](#int) | Number of vulnerabilities of HIGH severity of the project. | -| `info` | [`Int`](#int) | Number of vulnerabilities of INFO severity of the project. | -| `low` | [`Int`](#int) | Number of vulnerabilities of LOW severity of the project. | -| `medium` | [`Int`](#int) | Number of vulnerabilities of MEDIUM severity of the project. | -| `unknown` | [`Int`](#int) | Number of vulnerabilities of UNKNOWN severity of the project. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabilityseveritiescountcritical"></a>`critical` | [`Int`](#int) | Number of vulnerabilities of CRITICAL severity of the project. | +| <a id="vulnerabilityseveritiescounthigh"></a>`high` | [`Int`](#int) | Number of vulnerabilities of HIGH severity of the project. | +| <a id="vulnerabilityseveritiescountinfo"></a>`info` | [`Int`](#int) | Number of vulnerabilities of INFO severity of the project. | +| <a id="vulnerabilityseveritiescountlow"></a>`low` | [`Int`](#int) | Number of vulnerabilities of LOW severity of the project. | +| <a id="vulnerabilityseveritiescountmedium"></a>`medium` | [`Int`](#int) | Number of vulnerabilities of MEDIUM severity of the project. | +| <a id="vulnerabilityseveritiescountunknown"></a>`unknown` | [`Int`](#int) | Number of vulnerabilities of UNKNOWN severity of the project. | ### `VulnerableDependency` Represents a vulnerable dependency. Used in vulnerability location data. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `package` | [`VulnerablePackage`](#vulnerablepackage) | The package associated with the vulnerable dependency. | -| `version` | [`String`](#string) | The version of the vulnerable dependency. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerabledependencypackage"></a>`package` | [`VulnerablePackage`](#vulnerablepackage) | The package associated with the vulnerable dependency. | +| <a id="vulnerabledependencyversion"></a>`version` | [`String`](#string) | The version of the vulnerable dependency. | ### `VulnerablePackage` Represents a vulnerable package. Used in vulnerability dependency data. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | [`String`](#string) | The name of the vulnerable package. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerablepackagename"></a>`name` | [`String`](#string) | The name of the vulnerable package. | ### `VulnerableProjectsByGrade` Represents vulnerability letter grades with associated projects. -| Field | Type | Description | -| ----- | ---- | ----------- | -| `count` | [`Int!`](#int) | Number of projects within this grade. | -| `grade` | [`VulnerabilityGrade!`](#vulnerabilitygrade) | Grade based on the highest severity vulnerability present. | -| `projects` | [`ProjectConnection!`](#projectconnection) | Projects within this grade. | +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="vulnerableprojectsbygradecount"></a>`count` | [`Int!`](#int) | Number of projects within this grade. | +| <a id="vulnerableprojectsbygradegrade"></a>`grade` | [`VulnerabilityGrade!`](#vulnerabilitygrade) | Grade based on the highest severity vulnerability present. | +| <a id="vulnerableprojectsbygradeprojects"></a>`projects` | [`ProjectConnection!`](#projectconnection) | Projects within this grade. (see [Connections](#connections)) | ## Enumeration types @@ -7573,13 +13505,13 @@ Access level to a resource. | Value | Description | | ----- | ----------- | -| `DEVELOPER` | Developer access. | -| `GUEST` | Guest access. | -| `MAINTAINER` | Maintainer access. | -| `MINIMAL_ACCESS` | Minimal access. | -| `NO_ACCESS` | No access. | -| `OWNER` | Owner access. | -| `REPORTER` | Reporter access. | +| <a id="accesslevelenumdeveloper"></a>`DEVELOPER` | Developer access. | +| <a id="accesslevelenumguest"></a>`GUEST` | Guest access. | +| <a id="accesslevelenummaintainer"></a>`MAINTAINER` | Maintainer access. | +| <a id="accesslevelenumminimal_access"></a>`MINIMAL_ACCESS` | Minimal access. | +| <a id="accesslevelenumno_access"></a>`NO_ACCESS` | No access. | +| <a id="accesslevelenumowner"></a>`OWNER` | Owner access. | +| <a id="accesslevelenumreporter"></a>`REPORTER` | Reporter access. | ### `AlertManagementAlertSort` @@ -7587,28 +13519,28 @@ Values for sorting alerts. | Value | Description | | ----- | ----------- | -| `CREATED_ASC` | Created at ascending order. | -| `CREATED_DESC` | Created at descending order. | -| `CREATED_TIME_ASC` | Created time by ascending order. | -| `CREATED_TIME_DESC` | Created time by descending order. | -| `ENDED_AT_ASC` | End time by ascending order. | -| `ENDED_AT_DESC` | End time by descending order. | -| `EVENT_COUNT_ASC` | Events count by ascending order. | -| `EVENT_COUNT_DESC` | Events count by descending order. | -| `SEVERITY_ASC` | Severity from less critical to more critical. | -| `SEVERITY_DESC` | Severity from more critical to less critical. | -| `STARTED_AT_ASC` | Start time by ascending order. | -| `STARTED_AT_DESC` | Start time by descending order. | -| `STATUS_ASC` | Status by order: Ignored > Resolved > Acknowledged > Triggered. | -| `STATUS_DESC` | Status by order: Triggered > Acknowledged > Resolved > Ignored. | -| `UPDATED_ASC` | Updated at ascending order. | -| `UPDATED_DESC` | Updated at descending order. | -| `UPDATED_TIME_ASC` | Created time by ascending order. | -| `UPDATED_TIME_DESC` | Created time by descending order. | -| `created_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_ASC`. Deprecated in 13.5. | -| `created_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_DESC`. Deprecated in 13.5. | -| `updated_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_ASC`. Deprecated in 13.5. | -| `updated_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_DESC`. Deprecated in 13.5. | +| <a id="alertmanagementalertsortcreated_asc"></a>`CREATED_ASC` | Created at ascending order. | +| <a id="alertmanagementalertsortcreated_desc"></a>`CREATED_DESC` | Created at descending order. | +| <a id="alertmanagementalertsortcreated_time_asc"></a>`CREATED_TIME_ASC` | Created time by ascending order. | +| <a id="alertmanagementalertsortcreated_time_desc"></a>`CREATED_TIME_DESC` | Created time by descending order. | +| <a id="alertmanagementalertsortended_at_asc"></a>`ENDED_AT_ASC` | End time by ascending order. | +| <a id="alertmanagementalertsortended_at_desc"></a>`ENDED_AT_DESC` | End time by descending order. | +| <a id="alertmanagementalertsortevent_count_asc"></a>`EVENT_COUNT_ASC` | Events count by ascending order. | +| <a id="alertmanagementalertsortevent_count_desc"></a>`EVENT_COUNT_DESC` | Events count by descending order. | +| <a id="alertmanagementalertsortseverity_asc"></a>`SEVERITY_ASC` | Severity from less critical to more critical. | +| <a id="alertmanagementalertsortseverity_desc"></a>`SEVERITY_DESC` | Severity from more critical to less critical. | +| <a id="alertmanagementalertsortstarted_at_asc"></a>`STARTED_AT_ASC` | Start time by ascending order. | +| <a id="alertmanagementalertsortstarted_at_desc"></a>`STARTED_AT_DESC` | Start time by descending order. | +| <a id="alertmanagementalertsortstatus_asc"></a>`STATUS_ASC` | Status by order: Ignored > Resolved > Acknowledged > Triggered. | +| <a id="alertmanagementalertsortstatus_desc"></a>`STATUS_DESC` | Status by order: Triggered > Acknowledged > Resolved > Ignored. | +| <a id="alertmanagementalertsortupdated_asc"></a>`UPDATED_ASC` | Updated at ascending order. | +| <a id="alertmanagementalertsortupdated_desc"></a>`UPDATED_DESC` | Updated at descending order. | +| <a id="alertmanagementalertsortupdated_time_asc"></a>`UPDATED_TIME_ASC` | Created time by ascending order. | +| <a id="alertmanagementalertsortupdated_time_desc"></a>`UPDATED_TIME_DESC` | Created time by descending order. | +| <a id="alertmanagementalertsortcreated_asc"></a>`created_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_ASC`. Deprecated in 13.5. | +| <a id="alertmanagementalertsortcreated_desc"></a>`created_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_DESC`. Deprecated in 13.5. | +| <a id="alertmanagementalertsortupdated_asc"></a>`updated_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_ASC`. Deprecated in 13.5. | +| <a id="alertmanagementalertsortupdated_desc"></a>`updated_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_DESC`. Deprecated in 13.5. | ### `AlertManagementDomainFilter` @@ -7616,8 +13548,8 @@ Filters the alerts based on given domain. | Value | Description | | ----- | ----------- | -| `operations` | Alerts for operations domain. | -| `threat_monitoring` | Alerts for threat monitoring domain. | +| <a id="alertmanagementdomainfilteroperations"></a>`operations` | Alerts for operations domain. | +| <a id="alertmanagementdomainfilterthreat_monitoring"></a>`threat_monitoring` | Alerts for threat monitoring domain. | ### `AlertManagementIntegrationType` @@ -7625,8 +13557,8 @@ Values of types of integrations. | Value | Description | | ----- | ----------- | -| `HTTP` | Integration with any monitoring tool. | -| `PROMETHEUS` | Prometheus integration. | +| <a id="alertmanagementintegrationtypehttp"></a>`HTTP` | Integration with any monitoring tool. | +| <a id="alertmanagementintegrationtypeprometheus"></a>`PROMETHEUS` | Prometheus integration. | ### `AlertManagementPayloadAlertFieldName` @@ -7634,16 +13566,16 @@ Values for alert field names used in the custom mapping. | Value | Description | | ----- | ----------- | -| `DESCRIPTION` | A high-level summary of the problem. | -| `END_TIME` | The resolved time of the incident. | -| `FINGERPRINT` | The unique identifier of the alert. This can be used to group occurrences of the same alert. | -| `GITLAB_ENVIRONMENT_NAME` | The name of the associated GitLab environment. | -| `HOSTS` | One or more hosts, as to where this incident occurred. | -| `MONITORING_TOOL` | The name of the associated monitoring tool. | -| `SERVICE` | The affected service. | -| `SEVERITY` | The severity of the alert. | -| `START_TIME` | The time of the incident. | -| `TITLE` | The title of the incident. | +| <a id="alertmanagementpayloadalertfieldnamedescription"></a>`DESCRIPTION` | A high-level summary of the problem. | +| <a id="alertmanagementpayloadalertfieldnameend_time"></a>`END_TIME` | The resolved time of the incident. | +| <a id="alertmanagementpayloadalertfieldnamefingerprint"></a>`FINGERPRINT` | The unique identifier of the alert. This can be used to group occurrences of the same alert. | +| <a id="alertmanagementpayloadalertfieldnamegitlab_environment_name"></a>`GITLAB_ENVIRONMENT_NAME` | The name of the associated GitLab environment. | +| <a id="alertmanagementpayloadalertfieldnamehosts"></a>`HOSTS` | One or more hosts, as to where this incident occurred. | +| <a id="alertmanagementpayloadalertfieldnamemonitoring_tool"></a>`MONITORING_TOOL` | The name of the associated monitoring tool. | +| <a id="alertmanagementpayloadalertfieldnameservice"></a>`SERVICE` | The affected service. | +| <a id="alertmanagementpayloadalertfieldnameseverity"></a>`SEVERITY` | The severity of the alert. | +| <a id="alertmanagementpayloadalertfieldnamestart_time"></a>`START_TIME` | The time of the incident. | +| <a id="alertmanagementpayloadalertfieldnametitle"></a>`TITLE` | The title of the incident. | ### `AlertManagementPayloadAlertFieldType` @@ -7651,9 +13583,9 @@ Values for alert field types used in the custom mapping. | Value | Description | | ----- | ----------- | -| `ARRAY` | Array field type. | -| `DATETIME` | DateTime field type. | -| `STRING` | String field type. | +| <a id="alertmanagementpayloadalertfieldtypearray"></a>`ARRAY` | Array field type. | +| <a id="alertmanagementpayloadalertfieldtypedatetime"></a>`DATETIME` | DateTime field type. | +| <a id="alertmanagementpayloadalertfieldtypestring"></a>`STRING` | String field type. | ### `AlertManagementSeverity` @@ -7661,12 +13593,12 @@ Alert severity values. | Value | Description | | ----- | ----------- | -| `CRITICAL` | Critical severity. | -| `HIGH` | High severity. | -| `INFO` | Info severity. | -| `LOW` | Low severity. | -| `MEDIUM` | Medium severity. | -| `UNKNOWN` | Unknown severity. | +| <a id="alertmanagementseveritycritical"></a>`CRITICAL` | Critical severity. | +| <a id="alertmanagementseverityhigh"></a>`HIGH` | High severity. | +| <a id="alertmanagementseverityinfo"></a>`INFO` | Info severity. | +| <a id="alertmanagementseveritylow"></a>`LOW` | Low severity. | +| <a id="alertmanagementseveritymedium"></a>`MEDIUM` | Medium severity. | +| <a id="alertmanagementseverityunknown"></a>`UNKNOWN` | Unknown severity. | ### `AlertManagementStatus` @@ -7674,10 +13606,10 @@ Alert status values. | Value | Description | | ----- | ----------- | -| `ACKNOWLEDGED` | Acknowledged status. | -| `IGNORED` | Ignored status. | -| `RESOLVED` | Resolved status. | -| `TRIGGERED` | Triggered status. | +| <a id="alertmanagementstatusacknowledged"></a>`ACKNOWLEDGED` | Someone is actively investigating the problem. | +| <a id="alertmanagementstatusignored"></a>`IGNORED` | No action will be taken on the alert. | +| <a id="alertmanagementstatusresolved"></a>`RESOLVED` | No further work is required. | +| <a id="alertmanagementstatustriggered"></a>`TRIGGERED` | Investigation has not started. | ### `ApiFuzzingScanMode` @@ -7685,9 +13617,9 @@ All possible ways to specify the API surface for an API fuzzing scan. | Value | Description | | ----- | ----------- | -| `HAR` | The API surface is specified by a HAR file. | -| `OPENAPI` | The API surface is specified by a OPENAPI file. | -| `POSTMAN` | The API surface is specified by a POSTMAN file. | +| <a id="apifuzzingscanmodehar"></a>`HAR` | The API surface is specified by a HAR file. | +| <a id="apifuzzingscanmodeopenapi"></a>`OPENAPI` | The API surface is specified by a OPENAPI file. | +| <a id="apifuzzingscanmodepostman"></a>`POSTMAN` | The API surface is specified by a POSTMAN file. | ### `ApprovalRuleType` @@ -7695,10 +13627,10 @@ The kind of an approval rule. | Value | Description | | ----- | ----------- | -| `ANY_APPROVER` | A `any_approver` approval rule. | -| `CODE_OWNER` | A `code_owner` approval rule. | -| `REGULAR` | A `regular` approval rule. | -| `REPORT_APPROVER` | A `report_approver` approval rule. | +| <a id="approvalruletypeany_approver"></a>`ANY_APPROVER` | A `any_approver` approval rule. | +| <a id="approvalruletypecode_owner"></a>`CODE_OWNER` | A `code_owner` approval rule. | +| <a id="approvalruletyperegular"></a>`REGULAR` | A `regular` approval rule. | +| <a id="approvalruletypereport_approver"></a>`REPORT_APPROVER` | A `report_approver` approval rule. | ### `AssigneeWildcardId` @@ -7706,8 +13638,8 @@ Assignee ID wildcard values. | Value | Description | | ----- | ----------- | -| `ANY` | An assignee is assigned. | -| `NONE` | No assignee is assigned. | +| <a id="assigneewildcardidany"></a>`ANY` | An assignee is assigned. | +| <a id="assigneewildcardidnone"></a>`NONE` | No assignee is assigned. | ### `AvailabilityEnum` @@ -7715,8 +13647,8 @@ User availability status. | Value | Description | | ----- | ----------- | -| `BUSY` | Busy. | -| `NOT_SET` | Not Set. | +| <a id="availabilityenumbusy"></a>`BUSY` | Busy. | +| <a id="availabilityenumnot_set"></a>`NOT_SET` | Not Set. | ### `BlobViewersType` @@ -7724,9 +13656,9 @@ Types of blob viewers. | Value | Description | | ----- | ----------- | -| `auxiliary` | Auxiliary blob viewers type. | -| `rich` | Rich blob viewers type. | -| `simple` | Simple blob viewers type. | +| <a id="blobviewerstypeauxiliary"></a>`auxiliary` | Auxiliary blob viewers type. | +| <a id="blobviewerstyperich"></a>`rich` | Rich blob viewers type. | +| <a id="blobviewerstypesimple"></a>`simple` | Simple blob viewers type. | ### `CiConfigStatus` @@ -7734,24 +13666,68 @@ Values for YAML processor result. | Value | Description | | ----- | ----------- | -| `INVALID` | The configuration file is not valid. | -| `VALID` | The configuration file is valid. | +| <a id="ciconfigstatusinvalid"></a>`INVALID` | The configuration file is not valid. | +| <a id="ciconfigstatusvalid"></a>`VALID` | The configuration file is valid. | ### `CiJobStatus` | Value | Description | | ----- | ----------- | -| `CANCELED` | A job that is canceled. | -| `CREATED` | A job that is created. | -| `FAILED` | A job that is failed. | -| `MANUAL` | A job that is manual. | -| `PENDING` | A job that is pending. | -| `PREPARING` | A job that is preparing. | -| `RUNNING` | A job that is running. | -| `SCHEDULED` | A job that is scheduled. | -| `SKIPPED` | A job that is skipped. | -| `SUCCESS` | A job that is success. | -| `WAITING_FOR_RESOURCE` | A job that is waiting for resource. | +| <a id="cijobstatuscanceled"></a>`CANCELED` | A job that is canceled. | +| <a id="cijobstatuscreated"></a>`CREATED` | A job that is created. | +| <a id="cijobstatusfailed"></a>`FAILED` | A job that is failed. | +| <a id="cijobstatusmanual"></a>`MANUAL` | A job that is manual. | +| <a id="cijobstatuspending"></a>`PENDING` | A job that is pending. | +| <a id="cijobstatuspreparing"></a>`PREPARING` | A job that is preparing. | +| <a id="cijobstatusrunning"></a>`RUNNING` | A job that is running. | +| <a id="cijobstatusscheduled"></a>`SCHEDULED` | A job that is scheduled. | +| <a id="cijobstatusskipped"></a>`SKIPPED` | A job that is skipped. | +| <a id="cijobstatussuccess"></a>`SUCCESS` | A job that is success. | +| <a id="cijobstatuswaiting_for_resource"></a>`WAITING_FOR_RESOURCE` | A job that is waiting for resource. | + +### `CiRunnerAccessLevel` + +| Value | Description | +| ----- | ----------- | +| <a id="cirunneraccesslevelnot_protected"></a>`NOT_PROTECTED` | A runner that is not protected. | +| <a id="cirunneraccesslevelref_protected"></a>`REF_PROTECTED` | A runner that is ref protected. | + +### `CiRunnerSort` + +Values for sorting runners. + +| Value | Description | +| ----- | ----------- | +| <a id="cirunnersortcontacted_asc"></a>`CONTACTED_ASC` | Ordered by contacted_at in ascending order. | +| <a id="cirunnersortcreated_desc"></a>`CREATED_DESC` | Ordered by created_date in descending order. | + +### `CiRunnerStatus` + +| Value | Description | +| ----- | ----------- | +| <a id="cirunnerstatusactive"></a>`ACTIVE` | A runner that is active. | +| <a id="cirunnerstatusnot_connected"></a>`NOT_CONNECTED` | A runner that is not connected. | +| <a id="cirunnerstatusoffline"></a>`OFFLINE` | A runner that is offline. | +| <a id="cirunnerstatusonline"></a>`ONLINE` | A runner that is online. | +| <a id="cirunnerstatuspaused"></a>`PAUSED` | A runner that is paused. | + +### `CiRunnerType` + +| Value | Description | +| ----- | ----------- | +| <a id="cirunnertypegroup_type"></a>`GROUP_TYPE` | A runner that is group type. | +| <a id="cirunnertypeinstance_type"></a>`INSTANCE_TYPE` | A runner that is instance type. | +| <a id="cirunnertypeproject_type"></a>`PROJECT_TYPE` | A runner that is project type. | + +### `CodeQualityDegradationSeverity` + +| Value | Description | +| ----- | ----------- | +| <a id="codequalitydegradationseverityblocker"></a>`BLOCKER` | Code Quality degradation has a status of blocker. | +| <a id="codequalitydegradationseveritycritical"></a>`CRITICAL` | Code Quality degradation has a status of critical. | +| <a id="codequalitydegradationseverityinfo"></a>`INFO` | Code Quality degradation has a status of info. | +| <a id="codequalitydegradationseveritymajor"></a>`MAJOR` | Code Quality degradation has a status of major. | +| <a id="codequalitydegradationseverityminor"></a>`MINOR` | Code Quality degradation has a status of minor. | ### `CommitActionMode` @@ -7759,18 +13735,18 @@ Mode of a commit action. | Value | Description | | ----- | ----------- | -| `CHMOD` | Chmod command. | -| `CREATE` | Create command. | -| `DELETE` | Delete command. | -| `MOVE` | Move command. | -| `UPDATE` | Update command. | +| <a id="commitactionmodechmod"></a>`CHMOD` | Chmod command. | +| <a id="commitactionmodecreate"></a>`CREATE` | Create command. | +| <a id="commitactionmodedelete"></a>`DELETE` | Delete command. | +| <a id="commitactionmodemove"></a>`MOVE` | Move command. | +| <a id="commitactionmodeupdate"></a>`UPDATE` | Update command. | ### `CommitEncoding` | Value | Description | | ----- | ----------- | -| `BASE64` | Base64 encoding. | -| `TEXT` | Text encoding. | +| <a id="commitencodingbase64"></a>`BASE64` | Base64 encoding. | +| <a id="commitencodingtext"></a>`TEXT` | Text encoding. | ### `ConanMetadatumFileTypeEnum` @@ -7778,38 +13754,38 @@ Conan file types. | Value | Description | | ----- | ----------- | -| `PACKAGE_FILE` | A package file type. | -| `RECIPE_FILE` | A recipe file type. | +| <a id="conanmetadatumfiletypeenumpackage_file"></a>`PACKAGE_FILE` | A package file type. | +| <a id="conanmetadatumfiletypeenumrecipe_file"></a>`RECIPE_FILE` | A recipe file type. | ### `ContainerExpirationPolicyCadenceEnum` | Value | Description | | ----- | ----------- | -| `EVERY_DAY` | Every day. | -| `EVERY_MONTH` | Every month. | -| `EVERY_THREE_MONTHS` | Every three months. | -| `EVERY_TWO_WEEKS` | Every two weeks. | -| `EVERY_WEEK` | Every week. | +| <a id="containerexpirationpolicycadenceenumevery_day"></a>`EVERY_DAY` | Every day. | +| <a id="containerexpirationpolicycadenceenumevery_month"></a>`EVERY_MONTH` | Every month. | +| <a id="containerexpirationpolicycadenceenumevery_three_months"></a>`EVERY_THREE_MONTHS` | Every three months. | +| <a id="containerexpirationpolicycadenceenumevery_two_weeks"></a>`EVERY_TWO_WEEKS` | Every two weeks. | +| <a id="containerexpirationpolicycadenceenumevery_week"></a>`EVERY_WEEK` | Every week. | ### `ContainerExpirationPolicyKeepEnum` | Value | Description | | ----- | ----------- | -| `FIFTY_TAGS` | 50 tags per image name. | -| `FIVE_TAGS` | 5 tags per image name. | -| `ONE_HUNDRED_TAGS` | 100 tags per image name. | -| `ONE_TAG` | 1 tag per image name. | -| `TEN_TAGS` | 10 tags per image name. | -| `TWENTY_FIVE_TAGS` | 25 tags per image name. | +| <a id="containerexpirationpolicykeepenumfifty_tags"></a>`FIFTY_TAGS` | 50 tags per image name. | +| <a id="containerexpirationpolicykeepenumfive_tags"></a>`FIVE_TAGS` | 5 tags per image name. | +| <a id="containerexpirationpolicykeepenumone_hundred_tags"></a>`ONE_HUNDRED_TAGS` | 100 tags per image name. | +| <a id="containerexpirationpolicykeepenumone_tag"></a>`ONE_TAG` | 1 tag per image name. | +| <a id="containerexpirationpolicykeepenumten_tags"></a>`TEN_TAGS` | 10 tags per image name. | +| <a id="containerexpirationpolicykeepenumtwenty_five_tags"></a>`TWENTY_FIVE_TAGS` | 25 tags per image name. | ### `ContainerExpirationPolicyOlderThanEnum` | Value | Description | | ----- | ----------- | -| `FOURTEEN_DAYS` | 14 days until tags are automatically removed. | -| `NINETY_DAYS` | 90 days until tags are automatically removed. | -| `SEVEN_DAYS` | 7 days until tags are automatically removed. | -| `THIRTY_DAYS` | 30 days until tags are automatically removed. | +| <a id="containerexpirationpolicyolderthanenumfourteen_days"></a>`FOURTEEN_DAYS` | 14 days until tags are automatically removed. | +| <a id="containerexpirationpolicyolderthanenumninety_days"></a>`NINETY_DAYS` | 90 days until tags are automatically removed. | +| <a id="containerexpirationpolicyolderthanenumseven_days"></a>`SEVEN_DAYS` | 7 days until tags are automatically removed. | +| <a id="containerexpirationpolicyolderthanenumthirty_days"></a>`THIRTY_DAYS` | 30 days until tags are automatically removed. | ### `ContainerRepositoryCleanupStatus` @@ -7817,10 +13793,10 @@ Status of the tags cleanup of a container repository. | Value | Description | | ----- | ----------- | -| `ONGOING` | The tags cleanup is ongoing. | -| `SCHEDULED` | The tags cleanup is scheduled and is going to be executed shortly. | -| `UNFINISHED` | The tags cleanup has been partially executed. There are still remaining tags to delete. | -| `UNSCHEDULED` | The tags cleanup is not scheduled. This is the default state. | +| <a id="containerrepositorycleanupstatusongoing"></a>`ONGOING` | The tags cleanup is ongoing. | +| <a id="containerrepositorycleanupstatusscheduled"></a>`SCHEDULED` | The tags cleanup is scheduled and is going to be executed shortly. | +| <a id="containerrepositorycleanupstatusunfinished"></a>`UNFINISHED` | The tags cleanup has been partially executed. There are still remaining tags to delete. | +| <a id="containerrepositorycleanupstatusunscheduled"></a>`UNSCHEDULED` | The tags cleanup is not scheduled. This is the default state. | ### `ContainerRepositorySort` @@ -7828,16 +13804,16 @@ Values for sorting container repositories. | Value | Description | | ----- | ----------- | -| `CREATED_ASC` | Created at ascending order. | -| `CREATED_DESC` | Created at descending order. | -| `NAME_ASC` | Name by ascending order. | -| `NAME_DESC` | Name by descending order. | -| `UPDATED_ASC` | Updated at ascending order. | -| `UPDATED_DESC` | Updated at descending order. | -| `created_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_ASC`. Deprecated in 13.5. | -| `created_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_DESC`. Deprecated in 13.5. | -| `updated_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_ASC`. Deprecated in 13.5. | -| `updated_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_DESC`. Deprecated in 13.5. | +| <a id="containerrepositorysortcreated_asc"></a>`CREATED_ASC` | Created at ascending order. | +| <a id="containerrepositorysortcreated_desc"></a>`CREATED_DESC` | Created at descending order. | +| <a id="containerrepositorysortname_asc"></a>`NAME_ASC` | Name by ascending order. | +| <a id="containerrepositorysortname_desc"></a>`NAME_DESC` | Name by descending order. | +| <a id="containerrepositorysortupdated_asc"></a>`UPDATED_ASC` | Updated at ascending order. | +| <a id="containerrepositorysortupdated_desc"></a>`UPDATED_DESC` | Updated at descending order. | +| <a id="containerrepositorysortcreated_asc"></a>`created_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_ASC`. Deprecated in 13.5. | +| <a id="containerrepositorysortcreated_desc"></a>`created_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_DESC`. Deprecated in 13.5. | +| <a id="containerrepositorysortupdated_asc"></a>`updated_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_ASC`. Deprecated in 13.5. | +| <a id="containerrepositorysortupdated_desc"></a>`updated_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_DESC`. Deprecated in 13.5. | ### `ContainerRepositoryStatus` @@ -7845,39 +13821,39 @@ Status of a container repository. | Value | Description | | ----- | ----------- | -| `DELETE_FAILED` | Delete Failed status. | -| `DELETE_SCHEDULED` | Delete Scheduled status. | +| <a id="containerrepositorystatusdelete_failed"></a>`DELETE_FAILED` | Delete Failed status. | +| <a id="containerrepositorystatusdelete_scheduled"></a>`DELETE_SCHEDULED` | Delete Scheduled status. | ### `DastScanTypeEnum` | Value | Description | | ----- | ----------- | -| `ACTIVE` | Active DAST scan. This scan will make active attacks against the target site. | -| `PASSIVE` | Passive DAST scan. This scan will not make active attacks against the target site. | +| <a id="dastscantypeenumactive"></a>`ACTIVE` | Active DAST scan. This scan will make active attacks against the target site. | +| <a id="dastscantypeenumpassive"></a>`PASSIVE` | Passive DAST scan. This scan will not make active attacks against the target site. | ### `DastSiteProfileValidationStatusEnum` | Value | Description | | ----- | ----------- | -| `FAILED_VALIDATION` | Site validation process finished but failed. | -| `INPROGRESS_VALIDATION` | Site validation process is in progress. | -| `NONE` | No site validation exists. | -| `PASSED_VALIDATION` | Site validation process finished successfully. | -| `PENDING_VALIDATION` | Site validation process has not started. | +| <a id="dastsiteprofilevalidationstatusenumfailed_validation"></a>`FAILED_VALIDATION` | Site validation process finished but failed. | +| <a id="dastsiteprofilevalidationstatusenuminprogress_validation"></a>`INPROGRESS_VALIDATION` | Site validation process is in progress. | +| <a id="dastsiteprofilevalidationstatusenumnone"></a>`NONE` | No site validation exists. | +| <a id="dastsiteprofilevalidationstatusenumpassed_validation"></a>`PASSED_VALIDATION` | Site validation process finished successfully. | +| <a id="dastsiteprofilevalidationstatusenumpending_validation"></a>`PENDING_VALIDATION` | Site validation process has not started. | ### `DastSiteValidationStrategyEnum` | Value | Description | | ----- | ----------- | -| `HEADER` | Header validation. | -| `TEXT_FILE` | Text file validation. | +| <a id="dastsitevalidationstrategyenumheader"></a>`HEADER` | Header validation. | +| <a id="dastsitevalidationstrategyenumtext_file"></a>`TEXT_FILE` | Text file validation. | ### `DastTargetTypeEnum` | Value | Description | | ----- | ----------- | -| `API` | API target. | -| `WEBSITE` | Website target. | +| <a id="dasttargettypeenumapi"></a>`API` | API target. | +| <a id="dasttargettypeenumwebsite"></a>`WEBSITE` | Website target. | ### `DataVisualizationColorEnum` @@ -7885,11 +13861,11 @@ Color of the data visualization palette. | Value | Description | | ----- | ----------- | -| `AQUA` | Aqua color. | -| `BLUE` | Blue color. | -| `GREEN` | Green color. | -| `MAGENTA` | Magenta color. | -| `ORANGE` | Orange color. | +| <a id="datavisualizationcolorenumaqua"></a>`AQUA` | Aqua color. | +| <a id="datavisualizationcolorenumblue"></a>`BLUE` | Blue color. | +| <a id="datavisualizationcolorenumgreen"></a>`GREEN` | Green color. | +| <a id="datavisualizationcolorenummagenta"></a>`MAGENTA` | Magenta color. | +| <a id="datavisualizationcolorenumorange"></a>`ORANGE` | Orange color. | ### `DataVisualizationWeightEnum` @@ -7897,17 +13873,17 @@ Weight of the data visualization palette. | Value | Description | | ----- | ----------- | -| `WEIGHT_100` | 100 weight. | -| `WEIGHT_200` | 200 weight. | -| `WEIGHT_300` | 300 weight. | -| `WEIGHT_400` | 400 weight. | -| `WEIGHT_50` | 50 weight. | -| `WEIGHT_500` | 500 weight. | -| `WEIGHT_600` | 600 weight. | -| `WEIGHT_700` | 700 weight. | -| `WEIGHT_800` | 800 weight. | -| `WEIGHT_900` | 900 weight. | -| `WEIGHT_950` | 950 weight. | +| <a id="datavisualizationweightenumweight_100"></a>`WEIGHT_100` | 100 weight. | +| <a id="datavisualizationweightenumweight_200"></a>`WEIGHT_200` | 200 weight. | +| <a id="datavisualizationweightenumweight_300"></a>`WEIGHT_300` | 300 weight. | +| <a id="datavisualizationweightenumweight_400"></a>`WEIGHT_400` | 400 weight. | +| <a id="datavisualizationweightenumweight_50"></a>`WEIGHT_50` | 50 weight. | +| <a id="datavisualizationweightenumweight_500"></a>`WEIGHT_500` | 500 weight. | +| <a id="datavisualizationweightenumweight_600"></a>`WEIGHT_600` | 600 weight. | +| <a id="datavisualizationweightenumweight_700"></a>`WEIGHT_700` | 700 weight. | +| <a id="datavisualizationweightenumweight_800"></a>`WEIGHT_800` | 800 weight. | +| <a id="datavisualizationweightenumweight_900"></a>`WEIGHT_900` | 900 weight. | +| <a id="datavisualizationweightenumweight_950"></a>`WEIGHT_950` | 950 weight. | ### `DesignCollectionCopyState` @@ -7915,9 +13891,9 @@ Copy state of a DesignCollection. | Value | Description | | ----- | ----------- | -| `ERROR` | The DesignCollection encountered an error during a copy. | -| `IN_PROGRESS` | The DesignCollection is being copied. | -| `READY` | The DesignCollection has no copy in progress. | +| <a id="designcollectioncopystateerror"></a>`ERROR` | The DesignCollection encountered an error during a copy. | +| <a id="designcollectioncopystatein_progress"></a>`IN_PROGRESS` | The DesignCollection is being copied. | +| <a id="designcollectioncopystateready"></a>`READY` | The DesignCollection has no copy in progress. | ### `DesignVersionEvent` @@ -7925,10 +13901,10 @@ Mutation event of a design within a version. | Value | Description | | ----- | ----------- | -| `CREATION` | A creation event. | -| `DELETION` | A deletion event. | -| `MODIFICATION` | A modification event. | -| `NONE` | No change. | +| <a id="designversioneventcreation"></a>`CREATION` | A creation event. | +| <a id="designversioneventdeletion"></a>`DELETION` | A deletion event. | +| <a id="designversioneventmodification"></a>`MODIFICATION` | A modification event. | +| <a id="designversioneventnone"></a>`NONE` | No change. | ### `DiffPositionType` @@ -7936,8 +13912,8 @@ Type of file the position refers to. | Value | Description | | ----- | ----------- | -| `image` | An image. | -| `text` | A text file. | +| <a id="diffpositiontypeimage"></a>`image` | An image. | +| <a id="diffpositiontypetext"></a>`text` | A text file. | ### `EntryType` @@ -7945,9 +13921,9 @@ Type of a tree entry. | Value | Description | | ----- | ----------- | -| `blob` | | -| `commit` | | -| `tree` | | +| <a id="entrytypeblob"></a>`blob` | File tree type. | +| <a id="entrytypecommit"></a>`commit` | Commit tree type. | +| <a id="entrytypetree"></a>`tree` | Directory tree type. | ### `EpicSort` @@ -7955,14 +13931,14 @@ Roadmap sort values. | Value | Description | | ----- | ----------- | -| `END_DATE_ASC` | Sort by end date in ascending order. | -| `END_DATE_DESC` | Sort by end date in descending order. | -| `START_DATE_ASC` | Sort by start date in ascending order. | -| `START_DATE_DESC` | Sort by start date in descending order. | -| `end_date_asc` **{warning-solid}** | **Deprecated:** Use END_DATE_ASC. Deprecated in 13.11. | -| `end_date_desc` **{warning-solid}** | **Deprecated:** Use END_DATE_DESC. Deprecated in 13.11. | -| `start_date_asc` **{warning-solid}** | **Deprecated:** Use START_DATE_ASC. Deprecated in 13.11. | -| `start_date_desc` **{warning-solid}** | **Deprecated:** Use START_DATE_DESC. Deprecated in 13.11. | +| <a id="epicsortend_date_asc"></a>`END_DATE_ASC` | Sort by end date in ascending order. | +| <a id="epicsortend_date_desc"></a>`END_DATE_DESC` | Sort by end date in descending order. | +| <a id="epicsortstart_date_asc"></a>`START_DATE_ASC` | Sort by start date in ascending order. | +| <a id="epicsortstart_date_desc"></a>`START_DATE_DESC` | Sort by start date in descending order. | +| <a id="epicsortend_date_asc"></a>`end_date_asc` **{warning-solid}** | **Deprecated:** Use END_DATE_ASC. Deprecated in 13.11. | +| <a id="epicsortend_date_desc"></a>`end_date_desc` **{warning-solid}** | **Deprecated:** Use END_DATE_DESC. Deprecated in 13.11. | +| <a id="epicsortstart_date_asc"></a>`start_date_asc` **{warning-solid}** | **Deprecated:** Use START_DATE_ASC. Deprecated in 13.11. | +| <a id="epicsortstart_date_desc"></a>`start_date_desc` **{warning-solid}** | **Deprecated:** Use START_DATE_DESC. Deprecated in 13.11. | ### `EpicState` @@ -7970,9 +13946,9 @@ State of an epic. | Value | Description | | ----- | ----------- | -| `all` | | -| `closed` | | -| `opened` | | +| <a id="epicstateall"></a>`all` | | +| <a id="epicstateclosed"></a>`closed` | | +| <a id="epicstateopened"></a>`opened` | | ### `EpicStateEvent` @@ -7980,8 +13956,8 @@ State event of an epic. | Value | Description | | ----- | ----------- | -| `CLOSE` | Close the epic. | -| `REOPEN` | Reopen the epic. | +| <a id="epicstateeventclose"></a>`CLOSE` | Close the epic. | +| <a id="epicstateeventreopen"></a>`REOPEN` | Reopen the epic. | ### `EpicWildcardId` @@ -7989,8 +13965,8 @@ Epic ID wildcard values. | Value | Description | | ----- | ----------- | -| `ANY` | Any epic is assigned. | -| `NONE` | No epic is assigned. | +| <a id="epicwildcardidany"></a>`ANY` | Any epic is assigned. | +| <a id="epicwildcardidnone"></a>`NONE` | No epic is assigned. | ### `EventAction` @@ -7998,19 +13974,19 @@ Event action. | Value | Description | | ----- | ----------- | -| `APPROVED` | Approved action. | -| `ARCHIVED` | Archived action. | -| `CLOSED` | Closed action. | -| `COMMENTED` | Commented action. | -| `CREATED` | Created action. | -| `DESTROYED` | Destroyed action. | -| `EXPIRED` | Expired action. | -| `JOINED` | Joined action. | -| `LEFT` | Left action. | -| `MERGED` | Merged action. | -| `PUSHED` | Pushed action. | -| `REOPENED` | Reopened action. | -| `UPDATED` | Updated action. | +| <a id="eventactionapproved"></a>`APPROVED` | Approved action. | +| <a id="eventactionarchived"></a>`ARCHIVED` | Archived action. | +| <a id="eventactionclosed"></a>`CLOSED` | Closed action. | +| <a id="eventactioncommented"></a>`COMMENTED` | Commented action. | +| <a id="eventactioncreated"></a>`CREATED` | Created action. | +| <a id="eventactiondestroyed"></a>`DESTROYED` | Destroyed action. | +| <a id="eventactionexpired"></a>`EXPIRED` | Expired action. | +| <a id="eventactionjoined"></a>`JOINED` | Joined action. | +| <a id="eventactionleft"></a>`LEFT` | Left action. | +| <a id="eventactionmerged"></a>`MERGED` | Merged action. | +| <a id="eventactionpushed"></a>`PUSHED` | Pushed action. | +| <a id="eventactionreopened"></a>`REOPENED` | Reopened action. | +| <a id="eventactionupdated"></a>`UPDATED` | Updated action. | ### `GroupMemberRelation` @@ -8018,9 +13994,9 @@ Group member relation. | Value | Description | | ----- | ----------- | -| `DESCENDANTS` | Descendants members. | -| `DIRECT` | Direct members. | -| `INHERITED` | Inherited members. | +| <a id="groupmemberrelationdescendants"></a>`DESCENDANTS` | Members in the group's subgroups. | +| <a id="groupmemberrelationdirect"></a>`DIRECT` | Members in the group itself. | +| <a id="groupmemberrelationinherited"></a>`INHERITED` | Members in the group's ancestor groups. | ### `HealthStatus` @@ -8028,9 +14004,9 @@ Health status of an issue or epic. | Value | Description | | ----- | ----------- | -| `atRisk` | | -| `needsAttention` | | -| `onTrack` | | +| <a id="healthstatusatrisk"></a>`atRisk` | | +| <a id="healthstatusneedsattention"></a>`needsAttention` | | +| <a id="healthstatusontrack"></a>`onTrack` | | ### `IssuableSeverity` @@ -8038,11 +14014,11 @@ Incident severity. | Value | Description | | ----- | ----------- | -| `CRITICAL` | Critical severity. | -| `HIGH` | High severity. | -| `LOW` | Low severity. | -| `MEDIUM` | Medium severity. | -| `UNKNOWN` | Unknown severity. | +| <a id="issuableseveritycritical"></a>`CRITICAL` | Critical severity. | +| <a id="issuableseverityhigh"></a>`HIGH` | High severity. | +| <a id="issuableseveritylow"></a>`LOW` | Low severity. | +| <a id="issuableseveritymedium"></a>`MEDIUM` | Medium severity. | +| <a id="issuableseverityunknown"></a>`UNKNOWN` | Unknown severity. | ### `IssuableState` @@ -8050,10 +14026,10 @@ State of a GitLab issue or merge request. | Value | Description | | ----- | ----------- | -| `all` | All available. | -| `closed` | In closed state. | -| `locked` | Discussion has been locked. | -| `opened` | In open state. | +| <a id="issuablestateall"></a>`all` | All available. | +| <a id="issuablestateclosed"></a>`closed` | In closed state. | +| <a id="issuablestatelocked"></a>`locked` | Discussion has been locked. | +| <a id="issuablestateopened"></a>`opened` | In open state. | ### `IssueSort` @@ -8061,31 +14037,31 @@ Values for sorting issues. | Value | Description | | ----- | ----------- | -| `CREATED_ASC` | Created at ascending order. | -| `CREATED_DESC` | Created at descending order. | -| `DUE_DATE_ASC` | Due date by ascending order. | -| `DUE_DATE_DESC` | Due date by descending order. | -| `LABEL_PRIORITY_ASC` | Label priority by ascending order. | -| `LABEL_PRIORITY_DESC` | Label priority by descending order. | -| `MILESTONE_DUE_ASC` | Milestone due date by ascending order. | -| `MILESTONE_DUE_DESC` | Milestone due date by descending order. | -| `PRIORITY_ASC` | Priority by ascending order. | -| `PRIORITY_DESC` | Priority by descending order. | -| `PUBLISHED_ASC` | Published issues shown last. | -| `PUBLISHED_DESC` | Published issues shown first. | -| `RELATIVE_POSITION_ASC` | Relative position by ascending order. | -| `SEVERITY_ASC` | Severity from less critical to more critical. | -| `SEVERITY_DESC` | Severity from more critical to less critical. | -| `SLA_DUE_AT_ASC` | Issues with earliest SLA due time shown first. | -| `SLA_DUE_AT_DESC` | Issues with latest SLA due time shown first. | -| `UPDATED_ASC` | Updated at ascending order. | -| `UPDATED_DESC` | Updated at descending order. | -| `WEIGHT_ASC` | Weight by ascending order. | -| `WEIGHT_DESC` | Weight by descending order. | -| `created_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_ASC`. Deprecated in 13.5. | -| `created_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_DESC`. Deprecated in 13.5. | -| `updated_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_ASC`. Deprecated in 13.5. | -| `updated_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_DESC`. Deprecated in 13.5. | +| <a id="issuesortcreated_asc"></a>`CREATED_ASC` | Created at ascending order. | +| <a id="issuesortcreated_desc"></a>`CREATED_DESC` | Created at descending order. | +| <a id="issuesortdue_date_asc"></a>`DUE_DATE_ASC` | Due date by ascending order. | +| <a id="issuesortdue_date_desc"></a>`DUE_DATE_DESC` | Due date by descending order. | +| <a id="issuesortlabel_priority_asc"></a>`LABEL_PRIORITY_ASC` | Label priority by ascending order. | +| <a id="issuesortlabel_priority_desc"></a>`LABEL_PRIORITY_DESC` | Label priority by descending order. | +| <a id="issuesortmilestone_due_asc"></a>`MILESTONE_DUE_ASC` | Milestone due date by ascending order. | +| <a id="issuesortmilestone_due_desc"></a>`MILESTONE_DUE_DESC` | Milestone due date by descending order. | +| <a id="issuesortpriority_asc"></a>`PRIORITY_ASC` | Priority by ascending order. | +| <a id="issuesortpriority_desc"></a>`PRIORITY_DESC` | Priority by descending order. | +| <a id="issuesortpublished_asc"></a>`PUBLISHED_ASC` | Published issues shown last. | +| <a id="issuesortpublished_desc"></a>`PUBLISHED_DESC` | Published issues shown first. | +| <a id="issuesortrelative_position_asc"></a>`RELATIVE_POSITION_ASC` | Relative position by ascending order. | +| <a id="issuesortseverity_asc"></a>`SEVERITY_ASC` | Severity from less critical to more critical. | +| <a id="issuesortseverity_desc"></a>`SEVERITY_DESC` | Severity from more critical to less critical. | +| <a id="issuesortsla_due_at_asc"></a>`SLA_DUE_AT_ASC` | Issues with earliest SLA due time shown first. | +| <a id="issuesortsla_due_at_desc"></a>`SLA_DUE_AT_DESC` | Issues with latest SLA due time shown first. | +| <a id="issuesortupdated_asc"></a>`UPDATED_ASC` | Updated at ascending order. | +| <a id="issuesortupdated_desc"></a>`UPDATED_DESC` | Updated at descending order. | +| <a id="issuesortweight_asc"></a>`WEIGHT_ASC` | Weight by ascending order. | +| <a id="issuesortweight_desc"></a>`WEIGHT_DESC` | Weight by descending order. | +| <a id="issuesortcreated_asc"></a>`created_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_ASC`. Deprecated in 13.5. | +| <a id="issuesortcreated_desc"></a>`created_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_DESC`. Deprecated in 13.5. | +| <a id="issuesortupdated_asc"></a>`updated_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_ASC`. Deprecated in 13.5. | +| <a id="issuesortupdated_desc"></a>`updated_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_DESC`. Deprecated in 13.5. | ### `IssueState` @@ -8093,10 +14069,10 @@ State of a GitLab issue. | Value | Description | | ----- | ----------- | -| `all` | All available. | -| `closed` | In closed state. | -| `locked` | Discussion has been locked. | -| `opened` | In open state. | +| <a id="issuestateall"></a>`all` | All available. | +| <a id="issuestateclosed"></a>`closed` | In closed state. | +| <a id="issuestatelocked"></a>`locked` | Discussion has been locked. | +| <a id="issuestateopened"></a>`opened` | In open state. | ### `IssueStateEvent` @@ -8104,8 +14080,8 @@ Values for issue state events. | Value | Description | | ----- | ----------- | -| `CLOSE` | Closes the issue. | -| `REOPEN` | Reopens the issue. | +| <a id="issuestateeventclose"></a>`CLOSE` | Closes the issue. | +| <a id="issuestateeventreopen"></a>`REOPEN` | Reopens the issue. | ### `IssueType` @@ -8113,9 +14089,10 @@ Issue type. | Value | Description | | ----- | ----------- | -| `INCIDENT` | Incident issue type. | -| `ISSUE` | Issue issue type. | -| `TEST_CASE` | Test Case issue type. | +| <a id="issuetypeincident"></a>`INCIDENT` | Incident issue type. | +| <a id="issuetypeissue"></a>`ISSUE` | Issue issue type. | +| <a id="issuetyperequirement"></a>`REQUIREMENT` | Requirement issue type. | +| <a id="issuetypetest_case"></a>`TEST_CASE` | Test Case issue type. | ### `IterationState` @@ -8123,11 +14100,11 @@ State of a GitLab iteration. | Value | Description | | ----- | ----------- | -| `all` | | -| `closed` | | -| `opened` | | -| `started` | | -| `upcoming` | | +| <a id="iterationstateall"></a>`all` | | +| <a id="iterationstateclosed"></a>`closed` | | +| <a id="iterationstateopened"></a>`opened` | | +| <a id="iterationstatestarted"></a>`started` | | +| <a id="iterationstateupcoming"></a>`upcoming` | | ### `IterationWildcardId` @@ -8135,41 +14112,41 @@ Iteration ID wildcard values. | Value | Description | | ----- | ----------- | -| `ANY` | An iteration is assigned. | -| `CURRENT` | Current iteration. | -| `NONE` | No iteration is assigned. | +| <a id="iterationwildcardidany"></a>`ANY` | An iteration is assigned. | +| <a id="iterationwildcardidcurrent"></a>`CURRENT` | Current iteration. | +| <a id="iterationwildcardidnone"></a>`NONE` | No iteration is assigned. | ### `JobArtifactFileType` | Value | Description | | ----- | ----------- | -| `ACCESSIBILITY` | ACCESSIBILITY job artifact file type. | -| `API_FUZZING` | API FUZZING job artifact file type. | -| `ARCHIVE` | ARCHIVE job artifact file type. | -| `BROWSER_PERFORMANCE` | BROWSER PERFORMANCE job artifact file type. | -| `CLUSTER_APPLICATIONS` | CLUSTER APPLICATIONS job artifact file type. | -| `COBERTURA` | COBERTURA job artifact file type. | -| `CODEQUALITY` | CODE QUALITY job artifact file type. | -| `CONTAINER_SCANNING` | CONTAINER SCANNING job artifact file type. | -| `COVERAGE_FUZZING` | COVERAGE FUZZING job artifact file type. | -| `DAST` | DAST job artifact file type. | -| `DEPENDENCY_SCANNING` | DEPENDENCY SCANNING job artifact file type. | -| `DOTENV` | DOTENV job artifact file type. | -| `JUNIT` | JUNIT job artifact file type. | -| `LICENSE_MANAGEMENT` | LICENSE MANAGEMENT job artifact file type. | -| `LICENSE_SCANNING` | LICENSE SCANNING job artifact file type. | -| `LOAD_PERFORMANCE` | LOAD PERFORMANCE job artifact file type. | -| `LSIF` | LSIF job artifact file type. | -| `METADATA` | METADATA job artifact file type. | -| `METRICS` | METRICS job artifact file type. | -| `METRICS_REFEREE` | METRICS REFEREE job artifact file type. | -| `NETWORK_REFEREE` | NETWORK REFEREE job artifact file type. | -| `PERFORMANCE` | PERFORMANCE job artifact file type. | -| `REQUIREMENTS` | REQUIREMENTS job artifact file type. | -| `SAST` | SAST job artifact file type. | -| `SECRET_DETECTION` | SECRET DETECTION job artifact file type. | -| `TERRAFORM` | TERRAFORM job artifact file type. | -| `TRACE` | TRACE job artifact file type. | +| <a id="jobartifactfiletypeaccessibility"></a>`ACCESSIBILITY` | ACCESSIBILITY job artifact file type. | +| <a id="jobartifactfiletypeapi_fuzzing"></a>`API_FUZZING` | API FUZZING job artifact file type. | +| <a id="jobartifactfiletypearchive"></a>`ARCHIVE` | ARCHIVE job artifact file type. | +| <a id="jobartifactfiletypebrowser_performance"></a>`BROWSER_PERFORMANCE` | BROWSER PERFORMANCE job artifact file type. | +| <a id="jobartifactfiletypecluster_applications"></a>`CLUSTER_APPLICATIONS` | CLUSTER APPLICATIONS job artifact file type. | +| <a id="jobartifactfiletypecobertura"></a>`COBERTURA` | COBERTURA job artifact file type. | +| <a id="jobartifactfiletypecodequality"></a>`CODEQUALITY` | CODE QUALITY job artifact file type. | +| <a id="jobartifactfiletypecontainer_scanning"></a>`CONTAINER_SCANNING` | CONTAINER SCANNING job artifact file type. | +| <a id="jobartifactfiletypecoverage_fuzzing"></a>`COVERAGE_FUZZING` | COVERAGE FUZZING job artifact file type. | +| <a id="jobartifactfiletypedast"></a>`DAST` | DAST job artifact file type. | +| <a id="jobartifactfiletypedependency_scanning"></a>`DEPENDENCY_SCANNING` | DEPENDENCY SCANNING job artifact file type. | +| <a id="jobartifactfiletypedotenv"></a>`DOTENV` | DOTENV job artifact file type. | +| <a id="jobartifactfiletypejunit"></a>`JUNIT` | JUNIT job artifact file type. | +| <a id="jobartifactfiletypelicense_management"></a>`LICENSE_MANAGEMENT` | LICENSE MANAGEMENT job artifact file type. | +| <a id="jobartifactfiletypelicense_scanning"></a>`LICENSE_SCANNING` | LICENSE SCANNING job artifact file type. | +| <a id="jobartifactfiletypeload_performance"></a>`LOAD_PERFORMANCE` | LOAD PERFORMANCE job artifact file type. | +| <a id="jobartifactfiletypelsif"></a>`LSIF` | LSIF job artifact file type. | +| <a id="jobartifactfiletypemetadata"></a>`METADATA` | METADATA job artifact file type. | +| <a id="jobartifactfiletypemetrics"></a>`METRICS` | METRICS job artifact file type. | +| <a id="jobartifactfiletypemetrics_referee"></a>`METRICS_REFEREE` | METRICS REFEREE job artifact file type. | +| <a id="jobartifactfiletypenetwork_referee"></a>`NETWORK_REFEREE` | NETWORK REFEREE job artifact file type. | +| <a id="jobartifactfiletypeperformance"></a>`PERFORMANCE` | PERFORMANCE job artifact file type. | +| <a id="jobartifactfiletyperequirements"></a>`REQUIREMENTS` | REQUIREMENTS job artifact file type. | +| <a id="jobartifactfiletypesast"></a>`SAST` | SAST job artifact file type. | +| <a id="jobartifactfiletypesecret_detection"></a>`SECRET_DETECTION` | SECRET DETECTION job artifact file type. | +| <a id="jobartifactfiletypeterraform"></a>`TERRAFORM` | TERRAFORM job artifact file type. | +| <a id="jobartifactfiletypetrace"></a>`TRACE` | TRACE job artifact file type. | ### `ListLimitMetric` @@ -8177,9 +14154,9 @@ List limit metric setting. | Value | Description | | ----- | ----------- | -| `all_metrics` | | -| `issue_count` | | -| `issue_weights` | | +| <a id="listlimitmetricall_metrics"></a>`all_metrics` | | +| <a id="listlimitmetricissue_count"></a>`issue_count` | | +| <a id="listlimitmetricissue_weights"></a>`issue_weights` | | ### `MeasurementIdentifier` @@ -8187,16 +14164,16 @@ Possible identifier types for a measurement. | Value | Description | | ----- | ----------- | -| `GROUPS` | Group count. | -| `ISSUES` | Issue count. | -| `MERGE_REQUESTS` | Merge request count. | -| `PIPELINES` | Pipeline count. | -| `PIPELINES_CANCELED` | Pipeline count with canceled status. | -| `PIPELINES_FAILED` | Pipeline count with failed status. | -| `PIPELINES_SKIPPED` | Pipeline count with skipped status. | -| `PIPELINES_SUCCEEDED` | Pipeline count with success status. | -| `PROJECTS` | Project count. | -| `USERS` | User count. | +| <a id="measurementidentifiergroups"></a>`GROUPS` | Group count. | +| <a id="measurementidentifierissues"></a>`ISSUES` | Issue count. | +| <a id="measurementidentifiermerge_requests"></a>`MERGE_REQUESTS` | Merge request count. | +| <a id="measurementidentifierpipelines"></a>`PIPELINES` | Pipeline count. | +| <a id="measurementidentifierpipelines_canceled"></a>`PIPELINES_CANCELED` | Pipeline count with canceled status. | +| <a id="measurementidentifierpipelines_failed"></a>`PIPELINES_FAILED` | Pipeline count with failed status. | +| <a id="measurementidentifierpipelines_skipped"></a>`PIPELINES_SKIPPED` | Pipeline count with skipped status. | +| <a id="measurementidentifierpipelines_succeeded"></a>`PIPELINES_SUCCEEDED` | Pipeline count with success status. | +| <a id="measurementidentifierprojects"></a>`PROJECTS` | Project count. | +| <a id="measurementidentifierusers"></a>`USERS` | User count. | ### `MergeRequestNewState` @@ -8204,8 +14181,8 @@ New state to apply to a merge request. | Value | Description | | ----- | ----------- | -| `CLOSED` | Close the merge request if it is open. | -| `OPEN` | Open the merge request if it is closed. | +| <a id="mergerequestnewstateclosed"></a>`CLOSED` | Close the merge request if it is open. | +| <a id="mergerequestnewstateopen"></a>`OPEN` | Open the merge request if it is closed. | ### `MergeRequestReviewState` @@ -8213,8 +14190,8 @@ State of a review of a GitLab merge request. | Value | Description | | ----- | ----------- | -| `REVIEWED` | The merge request is reviewed. | -| `UNREVIEWED` | The merge request is unreviewed. | +| <a id="mergerequestreviewstatereviewed"></a>`REVIEWED` | The merge request is reviewed. | +| <a id="mergerequestreviewstateunreviewed"></a>`UNREVIEWED` | The merge request is unreviewed. | ### `MergeRequestSort` @@ -8222,22 +14199,22 @@ Values for sorting merge requests. | Value | Description | | ----- | ----------- | -| `CREATED_ASC` | Created at ascending order. | -| `CREATED_DESC` | Created at descending order. | -| `LABEL_PRIORITY_ASC` | Label priority by ascending order. | -| `LABEL_PRIORITY_DESC` | Label priority by descending order. | -| `MERGED_AT_ASC` | Merge time by ascending order. | -| `MERGED_AT_DESC` | Merge time by descending order. | -| `MILESTONE_DUE_ASC` | Milestone due date by ascending order. | -| `MILESTONE_DUE_DESC` | Milestone due date by descending order. | -| `PRIORITY_ASC` | Priority by ascending order. | -| `PRIORITY_DESC` | Priority by descending order. | -| `UPDATED_ASC` | Updated at ascending order. | -| `UPDATED_DESC` | Updated at descending order. | -| `created_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_ASC`. Deprecated in 13.5. | -| `created_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_DESC`. Deprecated in 13.5. | -| `updated_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_ASC`. Deprecated in 13.5. | -| `updated_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_DESC`. Deprecated in 13.5. | +| <a id="mergerequestsortcreated_asc"></a>`CREATED_ASC` | Created at ascending order. | +| <a id="mergerequestsortcreated_desc"></a>`CREATED_DESC` | Created at descending order. | +| <a id="mergerequestsortlabel_priority_asc"></a>`LABEL_PRIORITY_ASC` | Label priority by ascending order. | +| <a id="mergerequestsortlabel_priority_desc"></a>`LABEL_PRIORITY_DESC` | Label priority by descending order. | +| <a id="mergerequestsortmerged_at_asc"></a>`MERGED_AT_ASC` | Merge time by ascending order. | +| <a id="mergerequestsortmerged_at_desc"></a>`MERGED_AT_DESC` | Merge time by descending order. | +| <a id="mergerequestsortmilestone_due_asc"></a>`MILESTONE_DUE_ASC` | Milestone due date by ascending order. | +| <a id="mergerequestsortmilestone_due_desc"></a>`MILESTONE_DUE_DESC` | Milestone due date by descending order. | +| <a id="mergerequestsortpriority_asc"></a>`PRIORITY_ASC` | Priority by ascending order. | +| <a id="mergerequestsortpriority_desc"></a>`PRIORITY_DESC` | Priority by descending order. | +| <a id="mergerequestsortupdated_asc"></a>`UPDATED_ASC` | Updated at ascending order. | +| <a id="mergerequestsortupdated_desc"></a>`UPDATED_DESC` | Updated at descending order. | +| <a id="mergerequestsortcreated_asc"></a>`created_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_ASC`. Deprecated in 13.5. | +| <a id="mergerequestsortcreated_desc"></a>`created_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_DESC`. Deprecated in 13.5. | +| <a id="mergerequestsortupdated_asc"></a>`updated_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_ASC`. Deprecated in 13.5. | +| <a id="mergerequestsortupdated_desc"></a>`updated_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_DESC`. Deprecated in 13.5. | ### `MergeRequestState` @@ -8245,19 +14222,19 @@ State of a GitLab merge request. | Value | Description | | ----- | ----------- | -| `all` | All available. | -| `closed` | In closed state. | -| `locked` | Discussion has been locked. | -| `merged` | Merge request has been merged. | -| `opened` | In open state. | +| <a id="mergerequeststateall"></a>`all` | All available. | +| <a id="mergerequeststateclosed"></a>`closed` | In closed state. | +| <a id="mergerequeststatelocked"></a>`locked` | Discussion has been locked. | +| <a id="mergerequeststatemerged"></a>`merged` | Merge request has been merged. | +| <a id="mergerequeststateopened"></a>`opened` | In open state. | ### `MergeStrategyEnum` | Value | Description | | ----- | ----------- | -| `ADD_TO_MERGE_TRAIN_WHEN_PIPELINE_SUCCEEDS` | Use the add_to_merge_train_when_pipeline_succeeds merge strategy. | -| `MERGE_TRAIN` | Use the merge_train merge strategy. | -| `MERGE_WHEN_PIPELINE_SUCCEEDS` | Use the merge_when_pipeline_succeeds merge strategy. | +| <a id="mergestrategyenumadd_to_merge_train_when_pipeline_succeeds"></a>`ADD_TO_MERGE_TRAIN_WHEN_PIPELINE_SUCCEEDS` | Use the add_to_merge_train_when_pipeline_succeeds merge strategy. | +| <a id="mergestrategyenummerge_train"></a>`MERGE_TRAIN` | Use the merge_train merge strategy. | +| <a id="mergestrategyenummerge_when_pipeline_succeeds"></a>`MERGE_WHEN_PIPELINE_SUCCEEDS` | Use the merge_when_pipeline_succeeds merge strategy. | ### `MilestoneStateEnum` @@ -8265,8 +14242,8 @@ Current state of milestone. | Value | Description | | ----- | ----------- | -| `active` | Milestone is currently active. | -| `closed` | Milestone is closed. | +| <a id="milestonestateenumactive"></a>`active` | Milestone is currently active. | +| <a id="milestonestateenumclosed"></a>`closed` | Milestone is closed. | ### `MoveType` @@ -8274,8 +14251,8 @@ The position to which the adjacent object should be moved. | Value | Description | | ----- | ----------- | -| `after` | The adjacent object will be moved after the object that is being moved. | -| `before` | The adjacent object will be moved before the object that is being moved. | +| <a id="movetypeafter"></a>`after` | The adjacent object will be moved after the object that is being moved. | +| <a id="movetypebefore"></a>`before` | The adjacent object will be moved before the object that is being moved. | ### `MutationOperationMode` @@ -8283,9 +14260,9 @@ Different toggles for changing mutator behavior. | Value | Description | | ----- | ----------- | -| `APPEND` | Performs an append operation. | -| `REMOVE` | Performs a removal operation. | -| `REPLACE` | Performs a replace operation. | +| <a id="mutationoperationmodeappend"></a>`APPEND` | Performs an append operation. | +| <a id="mutationoperationmoderemove"></a>`REMOVE` | Performs a removal operation. | +| <a id="mutationoperationmodereplace"></a>`REPLACE` | Performs a replace operation. | ### `NamespaceProjectSort` @@ -8293,8 +14270,8 @@ Values for sorting projects. | Value | Description | | ----- | ----------- | -| `SIMILARITY` | Most similar to the search query. | -| `STORAGE` | Sort by storage size. | +| <a id="namespaceprojectsortsimilarity"></a>`SIMILARITY` | Most similar to the search query. | +| <a id="namespaceprojectsortstorage"></a>`STORAGE` | Sort by storage size. | ### `NegatedIterationWildcardId` @@ -8302,7 +14279,7 @@ Negated Iteration ID wildcard values. | Value | Description | | ----- | ----------- | -| `CURRENT` | Current iteration. | +| <a id="negatediterationwildcardidcurrent"></a>`CURRENT` | Current iteration. | ### `OncallRotationUnitEnum` @@ -8310,54 +14287,95 @@ Rotation length unit of an on-call rotation. | Value | Description | | ----- | ----------- | -| `DAYS` | Days. | -| `HOURS` | Hours. | -| `WEEKS` | Weeks. | +| <a id="oncallrotationunitenumdays"></a>`DAYS` | Days. | +| <a id="oncallrotationunitenumhours"></a>`HOURS` | Hours. | +| <a id="oncallrotationunitenumweeks"></a>`WEEKS` | Weeks. | + +### `PackageGroupSort` + +Values for sorting group packages. + +| Value | Description | +| ----- | ----------- | +| <a id="packagegroupsortcreated_asc"></a>`CREATED_ASC` | Ordered by created_at in ascending order. | +| <a id="packagegroupsortcreated_desc"></a>`CREATED_DESC` | Ordered by created_at in descending order. | +| <a id="packagegroupsortname_asc"></a>`NAME_ASC` | Ordered by name in ascending order. | +| <a id="packagegroupsortname_desc"></a>`NAME_DESC` | Ordered by name in descending order. | +| <a id="packagegroupsorttype_asc"></a>`TYPE_ASC` | Ordered by type in ascending order. | +| <a id="packagegroupsorttype_desc"></a>`TYPE_DESC` | Ordered by type in descending order. | +| <a id="packagegroupsortversion_asc"></a>`VERSION_ASC` | Ordered by version in ascending order. | +| <a id="packagegroupsortversion_desc"></a>`VERSION_DESC` | Ordered by version in descending order. | + +### `PackageSort` + +Values for sorting package. + +| Value | Description | +| ----- | ----------- | +| <a id="packagesortcreated_asc"></a>`CREATED_ASC` | Ordered by created_at in ascending order. | +| <a id="packagesortcreated_desc"></a>`CREATED_DESC` | Ordered by created_at in descending order. | +| <a id="packagesortname_asc"></a>`NAME_ASC` | Ordered by name in ascending order. | +| <a id="packagesortname_desc"></a>`NAME_DESC` | Ordered by name in descending order. | +| <a id="packagesorttype_asc"></a>`TYPE_ASC` | Ordered by type in ascending order. | +| <a id="packagesorttype_desc"></a>`TYPE_DESC` | Ordered by type in descending order. | +| <a id="packagesortversion_asc"></a>`VERSION_ASC` | Ordered by version in ascending order. | +| <a id="packagesortversion_desc"></a>`VERSION_DESC` | Ordered by version in descending order. | + +### `PackageStatus` + +| Value | Description | +| ----- | ----------- | +| <a id="packagestatusdefault"></a>`DEFAULT` | Packages with a default status. | +| <a id="packagestatuserror"></a>`ERROR` | Packages with a error status. | +| <a id="packagestatushidden"></a>`HIDDEN` | Packages with a hidden status. | +| <a id="packagestatusprocessing"></a>`PROCESSING` | Packages with a processing status. | ### `PackageTypeEnum` | Value | Description | | ----- | ----------- | -| `COMPOSER` | Packages from the Composer package manager. | -| `CONAN` | Packages from the Conan package manager. | -| `DEBIAN` | Packages from the Debian package manager. | -| `GENERIC` | Packages from the Generic package manager. | -| `GOLANG` | Packages from the Golang package manager. | -| `MAVEN` | Packages from the Maven package manager. | -| `NPM` | Packages from the npm package manager. | -| `NUGET` | Packages from the Nuget package manager. | -| `PYPI` | Packages from the PyPI package manager. | -| `RUBYGEMS` | Packages from the Rubygems package manager. | +| <a id="packagetypeenumcomposer"></a>`COMPOSER` | Packages from the Composer package manager. | +| <a id="packagetypeenumconan"></a>`CONAN` | Packages from the Conan package manager. | +| <a id="packagetypeenumdebian"></a>`DEBIAN` | Packages from the Debian package manager. | +| <a id="packagetypeenumgeneric"></a>`GENERIC` | Packages from the Generic package manager. | +| <a id="packagetypeenumgolang"></a>`GOLANG` | Packages from the Golang package manager. | +| <a id="packagetypeenumhelm"></a>`HELM` | Packages from the Helm package manager. | +| <a id="packagetypeenummaven"></a>`MAVEN` | Packages from the Maven package manager. | +| <a id="packagetypeenumnpm"></a>`NPM` | Packages from the npm package manager. | +| <a id="packagetypeenumnuget"></a>`NUGET` | Packages from the Nuget package manager. | +| <a id="packagetypeenumpypi"></a>`PYPI` | Packages from the PyPI package manager. | +| <a id="packagetypeenumrubygems"></a>`RUBYGEMS` | Packages from the Rubygems package manager. | +| <a id="packagetypeenumterraform_module"></a>`TERRAFORM_MODULE` | Packages from the Terraform Module package manager. | ### `PipelineConfigSourceEnum` | Value | Description | | ----- | ----------- | -| `AUTO_DEVOPS_SOURCE` | Auto DevOps source. | -| `BRIDGE_SOURCE` | Bridge source. | -| `COMPLIANCE_SOURCE` | Compliance source. | -| `EXTERNAL_PROJECT_SOURCE` | External project source. | -| `PARAMETER_SOURCE` | Parameter source. | -| `REMOTE_SOURCE` | Remote source. | -| `REPOSITORY_SOURCE` | Repository source. | -| `UNKNOWN_SOURCE` | Unknown source. | -| `WEBIDE_SOURCE` | Webide source. | +| <a id="pipelineconfigsourceenumauto_devops_source"></a>`AUTO_DEVOPS_SOURCE` | Auto DevOps source. | +| <a id="pipelineconfigsourceenumbridge_source"></a>`BRIDGE_SOURCE` | Bridge source. | +| <a id="pipelineconfigsourceenumcompliance_source"></a>`COMPLIANCE_SOURCE` | Compliance source. | +| <a id="pipelineconfigsourceenumexternal_project_source"></a>`EXTERNAL_PROJECT_SOURCE` | External project source. | +| <a id="pipelineconfigsourceenumparameter_source"></a>`PARAMETER_SOURCE` | Parameter source. | +| <a id="pipelineconfigsourceenumremote_source"></a>`REMOTE_SOURCE` | Remote source. | +| <a id="pipelineconfigsourceenumrepository_source"></a>`REPOSITORY_SOURCE` | Repository source. | +| <a id="pipelineconfigsourceenumunknown_source"></a>`UNKNOWN_SOURCE` | Unknown source. | +| <a id="pipelineconfigsourceenumwebide_source"></a>`WEBIDE_SOURCE` | Webide source. | ### `PipelineStatusEnum` | Value | Description | | ----- | ----------- | -| `CANCELED` | Pipeline was canceled before completion. | -| `CREATED` | Pipeline has been created. | -| `FAILED` | At least one stage of the pipeline failed. | -| `MANUAL` | Pipeline needs to be manually started. | -| `PENDING` | Pipeline has not started running yet. | -| `PREPARING` | Pipeline is preparing to run. | -| `RUNNING` | Pipeline is running. | -| `SCHEDULED` | Pipeline is scheduled to run. | -| `SKIPPED` | Pipeline was skipped. | -| `SUCCESS` | Pipeline completed successfully. | -| `WAITING_FOR_RESOURCE` | A resource (for example, a runner) that the pipeline requires to run is unavailable. | +| <a id="pipelinestatusenumcanceled"></a>`CANCELED` | Pipeline was canceled before completion. | +| <a id="pipelinestatusenumcreated"></a>`CREATED` | Pipeline has been created. | +| <a id="pipelinestatusenumfailed"></a>`FAILED` | At least one stage of the pipeline failed. | +| <a id="pipelinestatusenummanual"></a>`MANUAL` | Pipeline needs to be manually started. | +| <a id="pipelinestatusenumpending"></a>`PENDING` | Pipeline has not started running yet. | +| <a id="pipelinestatusenumpreparing"></a>`PREPARING` | Pipeline is preparing to run. | +| <a id="pipelinestatusenumrunning"></a>`RUNNING` | Pipeline is running. | +| <a id="pipelinestatusenumscheduled"></a>`SCHEDULED` | Pipeline is scheduled to run. | +| <a id="pipelinestatusenumskipped"></a>`SKIPPED` | Pipeline was skipped. | +| <a id="pipelinestatusenumsuccess"></a>`SUCCESS` | Pipeline completed successfully. | +| <a id="pipelinestatusenumwaiting_for_resource"></a>`WAITING_FOR_RESOURCE` | A resource (for example, a runner) that the pipeline requires to run is unavailable. | ### `ProjectMemberRelation` @@ -8365,10 +14383,10 @@ Project member relation. | Value | Description | | ----- | ----------- | -| `DESCENDANTS` | Descendants members. | -| `DIRECT` | Direct members. | -| `INHERITED` | Inherited members. | -| `INVITED_GROUPS` | Invited Groups members. | +| <a id="projectmemberrelationdescendants"></a>`DESCENDANTS` | Descendants members. | +| <a id="projectmemberrelationdirect"></a>`DIRECT` | Direct members. | +| <a id="projectmemberrelationinherited"></a>`INHERITED` | Inherited members. | +| <a id="projectmemberrelationinvited_groups"></a>`INVITED_GROUPS` | Invited Groups members. | ### `RegistryState` @@ -8376,10 +14394,10 @@ State of a Geo registry. | Value | Description | | ----- | ----------- | -| `FAILED` | Registry that failed to sync. | -| `PENDING` | Registry waiting to be synced. | -| `STARTED` | Registry currently syncing. | -| `SYNCED` | Registry that is synced. | +| <a id="registrystatefailed"></a>`FAILED` | Registry that failed to sync. | +| <a id="registrystatepending"></a>`PENDING` | Registry waiting to be synced. | +| <a id="registrystatestarted"></a>`STARTED` | Registry currently syncing. | +| <a id="registrystatesynced"></a>`SYNCED` | Registry that is synced. | ### `ReleaseAssetLinkType` @@ -8387,10 +14405,10 @@ Type of the link: `other`, `runbook`, `image`, `package`. | Value | Description | | ----- | ----------- | -| `IMAGE` | Image link type. | -| `OTHER` | Other link type. | -| `PACKAGE` | Package link type. | -| `RUNBOOK` | Runbook link type. | +| <a id="releaseassetlinktypeimage"></a>`IMAGE` | Image link type. | +| <a id="releaseassetlinktypeother"></a>`OTHER` | Other link type. | +| <a id="releaseassetlinktypepackage"></a>`PACKAGE` | Package link type. | +| <a id="releaseassetlinktyperunbook"></a>`RUNBOOK` | Runbook link type. | ### `ReleaseSort` @@ -8398,10 +14416,10 @@ Values for sorting releases. | Value | Description | | ----- | ----------- | -| `CREATED_ASC` | Created at ascending order. | -| `CREATED_DESC` | Created at descending order. | -| `RELEASED_AT_ASC` | Released at by ascending order. | -| `RELEASED_AT_DESC` | Released at by descending order. | +| <a id="releasesortcreated_asc"></a>`CREATED_ASC` | Created at ascending order. | +| <a id="releasesortcreated_desc"></a>`CREATED_DESC` | Created at descending order. | +| <a id="releasesortreleased_at_asc"></a>`RELEASED_AT_ASC` | Released at by ascending order. | +| <a id="releasesortreleased_at_desc"></a>`RELEASED_AT_DESC` | Released at by descending order. | ### `RequirementState` @@ -8409,8 +14427,8 @@ State of a requirement. | Value | Description | | ----- | ----------- | -| `ARCHIVED` | | -| `OPENED` | | +| <a id="requirementstatearchived"></a>`ARCHIVED` | | +| <a id="requirementstateopened"></a>`OPENED` | | ### `RequirementStatusFilter` @@ -8418,9 +14436,9 @@ Status of a requirement based on last test report. | Value | Description | | ----- | ----------- | -| `FAILED` | | -| `MISSING` | Requirements without any test report. | -| `PASSED` | | +| <a id="requirementstatusfilterfailed"></a>`FAILED` | | +| <a id="requirementstatusfiltermissing"></a>`MISSING` | Requirements without any test report. | +| <a id="requirementstatusfilterpassed"></a>`PASSED` | | ### `SastUiComponentSize` @@ -8428,21 +14446,21 @@ Size of UI component in SAST configuration page. | Value | Description | | ----- | ----------- | -| `LARGE` | The size of UI component in SAST configuration page is large. | -| `MEDIUM` | The size of UI component in SAST configuration page is medium. | -| `SMALL` | The size of UI component in SAST configuration page is small. | +| <a id="sastuicomponentsizelarge"></a>`LARGE` | The size of UI component in SAST configuration page is large. | +| <a id="sastuicomponentsizemedium"></a>`MEDIUM` | The size of UI component in SAST configuration page is medium. | +| <a id="sastuicomponentsizesmall"></a>`SMALL` | The size of UI component in SAST configuration page is small. | ### `SecurityReportTypeEnum` | Value | Description | | ----- | ----------- | -| `API_FUZZING` | API FUZZING scan report. | -| `CONTAINER_SCANNING` | CONTAINER SCANNING scan report. | -| `COVERAGE_FUZZING` | COVERAGE FUZZING scan report. | -| `DAST` | DAST scan report. | -| `DEPENDENCY_SCANNING` | DEPENDENCY SCANNING scan report. | -| `SAST` | SAST scan report. | -| `SECRET_DETECTION` | SECRET DETECTION scan report. | +| <a id="securityreporttypeenumapi_fuzzing"></a>`API_FUZZING` | API FUZZING scan report. | +| <a id="securityreporttypeenumcontainer_scanning"></a>`CONTAINER_SCANNING` | CONTAINER SCANNING scan report. | +| <a id="securityreporttypeenumcoverage_fuzzing"></a>`COVERAGE_FUZZING` | COVERAGE FUZZING scan report. | +| <a id="securityreporttypeenumdast"></a>`DAST` | DAST scan report. | +| <a id="securityreporttypeenumdependency_scanning"></a>`DEPENDENCY_SCANNING` | DEPENDENCY SCANNING scan report. | +| <a id="securityreporttypeenumsast"></a>`SAST` | SAST scan report. | +| <a id="securityreporttypeenumsecret_detection"></a>`SECRET_DETECTION` | SECRET DETECTION scan report. | ### `SecurityScannerType` @@ -8450,13 +14468,13 @@ The type of the security scanner. | Value | Description | | ----- | ----------- | -| `API_FUZZING` | | -| `CONTAINER_SCANNING` | | -| `COVERAGE_FUZZING` | | -| `DAST` | | -| `DEPENDENCY_SCANNING` | | -| `SAST` | | -| `SECRET_DETECTION` | | +| <a id="securityscannertypeapi_fuzzing"></a>`API_FUZZING` | | +| <a id="securityscannertypecontainer_scanning"></a>`CONTAINER_SCANNING` | | +| <a id="securityscannertypecoverage_fuzzing"></a>`COVERAGE_FUZZING` | | +| <a id="securityscannertypedast"></a>`DAST` | | +| <a id="securityscannertypedependency_scanning"></a>`DEPENDENCY_SCANNING` | | +| <a id="securityscannertypesast"></a>`SAST` | | +| <a id="securityscannertypesecret_detection"></a>`SECRET_DETECTION` | | ### `SentryErrorStatus` @@ -8464,50 +14482,50 @@ State of a Sentry error. | Value | Description | | ----- | ----------- | -| `IGNORED` | Error has been ignored. | -| `RESOLVED` | Error has been resolved. | -| `RESOLVED_IN_NEXT_RELEASE` | Error has been ignored until next release. | -| `UNRESOLVED` | Error is unresolved. | +| <a id="sentryerrorstatusignored"></a>`IGNORED` | Error has been ignored. | +| <a id="sentryerrorstatusresolved"></a>`RESOLVED` | Error has been resolved. | +| <a id="sentryerrorstatusresolved_in_next_release"></a>`RESOLVED_IN_NEXT_RELEASE` | Error has been ignored until next release. | +| <a id="sentryerrorstatusunresolved"></a>`UNRESOLVED` | Error is unresolved. | ### `ServiceType` | Value | Description | | ----- | ----------- | -| `ASANA_SERVICE` | AsanaService type. | -| `ASSEMBLA_SERVICE` | AssemblaService type. | -| `BAMBOO_SERVICE` | BambooService type. | -| `BUGZILLA_SERVICE` | BugzillaService type. | -| `BUILDKITE_SERVICE` | BuildkiteService type. | -| `CAMPFIRE_SERVICE` | CampfireService type. | -| `CONFLUENCE_SERVICE` | ConfluenceService type. | -| `CUSTOM_ISSUE_TRACKER_SERVICE` | CustomIssueTrackerService type. | -| `DATADOG_SERVICE` | DatadogService type. | -| `DISCORD_SERVICE` | DiscordService type. | -| `DRONE_CI_SERVICE` | DroneCiService type. | -| `EMAILS_ON_PUSH_SERVICE` | EmailsOnPushService type. | -| `EWM_SERVICE` | EwmService type. | -| `EXTERNAL_WIKI_SERVICE` | ExternalWikiService type. | -| `FLOWDOCK_SERVICE` | FlowdockService type. | -| `GITHUB_SERVICE` | GithubService type. | -| `HANGOUTS_CHAT_SERVICE` | HangoutsChatService type. | -| `IRKER_SERVICE` | IrkerService type. | -| `JENKINS_SERVICE` | JenkinsService type. | -| `JIRA_SERVICE` | JiraService type. | -| `MATTERMOST_SERVICE` | MattermostService type. | -| `MATTERMOST_SLASH_COMMANDS_SERVICE` | MattermostSlashCommandsService type. | -| `MICROSOFT_TEAMS_SERVICE` | MicrosoftTeamsService type. | -| `PACKAGIST_SERVICE` | PackagistService type. | -| `PIPELINES_EMAIL_SERVICE` | PipelinesEmailService type. | -| `PIVOTALTRACKER_SERVICE` | PivotaltrackerService type. | -| `PROMETHEUS_SERVICE` | PrometheusService type. | -| `PUSHOVER_SERVICE` | PushoverService type. | -| `REDMINE_SERVICE` | RedmineService type. | -| `SLACK_SERVICE` | SlackService type. | -| `SLACK_SLASH_COMMANDS_SERVICE` | SlackSlashCommandsService type. | -| `TEAMCITY_SERVICE` | TeamcityService type. | -| `UNIFY_CIRCUIT_SERVICE` | UnifyCircuitService type. | -| `WEBEX_TEAMS_SERVICE` | WebexTeamsService type. | -| `YOUTRACK_SERVICE` | YoutrackService type. | +| <a id="servicetypeasana_service"></a>`ASANA_SERVICE` | AsanaService type. | +| <a id="servicetypeassembla_service"></a>`ASSEMBLA_SERVICE` | AssemblaService type. | +| <a id="servicetypebamboo_service"></a>`BAMBOO_SERVICE` | BambooService type. | +| <a id="servicetypebugzilla_service"></a>`BUGZILLA_SERVICE` | BugzillaService type. | +| <a id="servicetypebuildkite_service"></a>`BUILDKITE_SERVICE` | BuildkiteService type. | +| <a id="servicetypecampfire_service"></a>`CAMPFIRE_SERVICE` | CampfireService type. | +| <a id="servicetypeconfluence_service"></a>`CONFLUENCE_SERVICE` | ConfluenceService type. | +| <a id="servicetypecustom_issue_tracker_service"></a>`CUSTOM_ISSUE_TRACKER_SERVICE` | CustomIssueTrackerService type. | +| <a id="servicetypedatadog_service"></a>`DATADOG_SERVICE` | DatadogService type. | +| <a id="servicetypediscord_service"></a>`DISCORD_SERVICE` | DiscordService type. | +| <a id="servicetypedrone_ci_service"></a>`DRONE_CI_SERVICE` | DroneCiService type. | +| <a id="servicetypeemails_on_push_service"></a>`EMAILS_ON_PUSH_SERVICE` | EmailsOnPushService type. | +| <a id="servicetypeewm_service"></a>`EWM_SERVICE` | EwmService type. | +| <a id="servicetypeexternal_wiki_service"></a>`EXTERNAL_WIKI_SERVICE` | ExternalWikiService type. | +| <a id="servicetypeflowdock_service"></a>`FLOWDOCK_SERVICE` | FlowdockService type. | +| <a id="servicetypegithub_service"></a>`GITHUB_SERVICE` | GithubService type. | +| <a id="servicetypehangouts_chat_service"></a>`HANGOUTS_CHAT_SERVICE` | HangoutsChatService type. | +| <a id="servicetypeirker_service"></a>`IRKER_SERVICE` | IrkerService type. | +| <a id="servicetypejenkins_service"></a>`JENKINS_SERVICE` | JenkinsService type. | +| <a id="servicetypejira_service"></a>`JIRA_SERVICE` | JiraService type. | +| <a id="servicetypemattermost_service"></a>`MATTERMOST_SERVICE` | MattermostService type. | +| <a id="servicetypemattermost_slash_commands_service"></a>`MATTERMOST_SLASH_COMMANDS_SERVICE` | MattermostSlashCommandsService type. | +| <a id="servicetypemicrosoft_teams_service"></a>`MICROSOFT_TEAMS_SERVICE` | MicrosoftTeamsService type. | +| <a id="servicetypepackagist_service"></a>`PACKAGIST_SERVICE` | PackagistService type. | +| <a id="servicetypepipelines_email_service"></a>`PIPELINES_EMAIL_SERVICE` | PipelinesEmailService type. | +| <a id="servicetypepivotaltracker_service"></a>`PIVOTALTRACKER_SERVICE` | PivotaltrackerService type. | +| <a id="servicetypeprometheus_service"></a>`PROMETHEUS_SERVICE` | PrometheusService type. | +| <a id="servicetypepushover_service"></a>`PUSHOVER_SERVICE` | PushoverService type. | +| <a id="servicetyperedmine_service"></a>`REDMINE_SERVICE` | RedmineService type. | +| <a id="servicetypeslack_service"></a>`SLACK_SERVICE` | SlackService type. | +| <a id="servicetypeslack_slash_commands_service"></a>`SLACK_SLASH_COMMANDS_SERVICE` | SlackSlashCommandsService type. | +| <a id="servicetypeteamcity_service"></a>`TEAMCITY_SERVICE` | TeamcityService type. | +| <a id="servicetypeunify_circuit_service"></a>`UNIFY_CIRCUIT_SERVICE` | UnifyCircuitService type. | +| <a id="servicetypewebex_teams_service"></a>`WEBEX_TEAMS_SERVICE` | WebexTeamsService type. | +| <a id="servicetypeyoutrack_service"></a>`YOUTRACK_SERVICE` | YoutrackService type. | ### `SnippetBlobActionEnum` @@ -8515,10 +14533,10 @@ Type of a snippet blob input action. | Value | Description | | ----- | ----------- | -| `create` | | -| `delete` | | -| `move` | | -| `update` | | +| <a id="snippetblobactionenumcreate"></a>`create` | | +| <a id="snippetblobactionenumdelete"></a>`delete` | | +| <a id="snippetblobactionenummove"></a>`move` | | +| <a id="snippetblobactionenumupdate"></a>`update` | | ### `Sort` @@ -8526,23 +14544,23 @@ Common sort values. | Value | Description | | ----- | ----------- | -| `CREATED_ASC` | Created at ascending order. | -| `CREATED_DESC` | Created at descending order. | -| `UPDATED_ASC` | Updated at ascending order. | -| `UPDATED_DESC` | Updated at descending order. | -| `created_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_ASC`. Deprecated in 13.5. | -| `created_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_DESC`. Deprecated in 13.5. | -| `updated_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_ASC`. Deprecated in 13.5. | -| `updated_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_DESC`. Deprecated in 13.5. | +| <a id="sortcreated_asc"></a>`CREATED_ASC` | Created at ascending order. | +| <a id="sortcreated_desc"></a>`CREATED_DESC` | Created at descending order. | +| <a id="sortupdated_asc"></a>`UPDATED_ASC` | Updated at ascending order. | +| <a id="sortupdated_desc"></a>`UPDATED_DESC` | Updated at descending order. | +| <a id="sortcreated_asc"></a>`created_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_ASC`. Deprecated in 13.5. | +| <a id="sortcreated_desc"></a>`created_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `CREATED_DESC`. Deprecated in 13.5. | +| <a id="sortupdated_asc"></a>`updated_asc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_ASC`. Deprecated in 13.5. | +| <a id="sortupdated_desc"></a>`updated_desc` **{warning-solid}** | **Deprecated:** This was renamed. Please use `UPDATED_DESC`. Deprecated in 13.5. | ### `TestCaseStatus` | Value | Description | | ----- | ----------- | -| `error` | Test case that has a status of error. | -| `failed` | Test case that has a status of failed. | -| `skipped` | Test case that has a status of skipped. | -| `success` | Test case that has a status of success. | +| <a id="testcasestatuserror"></a>`error` | Test case that has a status of error. | +| <a id="testcasestatusfailed"></a>`failed` | Test case that has a status of failed. | +| <a id="testcasestatusskipped"></a>`skipped` | Test case that has a status of skipped. | +| <a id="testcasestatussuccess"></a>`success` | Test case that has a status of success. | ### `TestReportState` @@ -8550,47 +14568,47 @@ State of a test report. | Value | Description | | ----- | ----------- | -| `FAILED` | | -| `PASSED` | | +| <a id="testreportstatefailed"></a>`FAILED` | | +| <a id="testreportstatepassed"></a>`PASSED` | | ### `TodoActionEnum` | Value | Description | | ----- | ----------- | -| `approval_required` | User was set as an approver. | -| `assigned` | User was assigned. | -| `build_failed` | Build triggered by the user failed. | -| `directly_addressed` | User was directly addressed. | -| `marked` | User added a TODO. | -| `mentioned` | User was mentioned. | -| `merge_train_removed` | Merge request authored by the user was removed from the merge train. | -| `review_requested` | Review was requested from the user. | -| `unmergeable` | Merge request authored by the user could not be merged. | +| <a id="todoactionenumapproval_required"></a>`approval_required` | User was set as an approver. | +| <a id="todoactionenumassigned"></a>`assigned` | User was assigned. | +| <a id="todoactionenumbuild_failed"></a>`build_failed` | Build triggered by the user failed. | +| <a id="todoactionenumdirectly_addressed"></a>`directly_addressed` | User was directly addressed. | +| <a id="todoactionenummarked"></a>`marked` | User added a TODO. | +| <a id="todoactionenummentioned"></a>`mentioned` | User was mentioned. | +| <a id="todoactionenummerge_train_removed"></a>`merge_train_removed` | Merge request authored by the user was removed from the merge train. | +| <a id="todoactionenumreview_requested"></a>`review_requested` | Review was requested from the user. | +| <a id="todoactionenumunmergeable"></a>`unmergeable` | Merge request authored by the user could not be merged. | ### `TodoStateEnum` | Value | Description | | ----- | ----------- | -| `done` | The state of the todo is done. | -| `pending` | The state of the todo is pending. | +| <a id="todostateenumdone"></a>`done` | The state of the todo is done. | +| <a id="todostateenumpending"></a>`pending` | The state of the todo is pending. | ### `TodoTargetEnum` | Value | Description | | ----- | ----------- | -| `ALERT` | An Alert. | -| `COMMIT` | A Commit. | -| `DESIGN` | A Design. | -| `EPIC` | An Epic. | -| `ISSUE` | An Issue. | -| `MERGEREQUEST` | A MergeRequest. | +| <a id="todotargetenumalert"></a>`ALERT` | An Alert. | +| <a id="todotargetenumcommit"></a>`COMMIT` | A Commit. | +| <a id="todotargetenumdesign"></a>`DESIGN` | A Design. | +| <a id="todotargetenumepic"></a>`EPIC` | An Epic. | +| <a id="todotargetenumissue"></a>`ISSUE` | An Issue. | +| <a id="todotargetenummergerequest"></a>`MERGEREQUEST` | A MergeRequest. | ### `TypeEnum` | Value | Description | | ----- | ----------- | -| `personal` | | -| `project` | | +| <a id="typeenumpersonal"></a>`personal` | Snippet created independent of any project. | +| <a id="typeenumproject"></a>`project` | Snippet related to a specific project. | ### `UserCalloutFeatureNameEnum` @@ -8598,33 +14616,35 @@ Name of the feature that the callout is for. | Value | Description | | ----- | ----------- | -| `ACCOUNT_RECOVERY_REGULAR_CHECK` | Callout feature name for account_recovery_regular_check. | -| `ACTIVE_USER_COUNT_THRESHOLD` | Callout feature name for active_user_count_threshold. | -| `ADMIN_INTEGRATIONS_MOVED` | Callout feature name for admin_integrations_moved. | -| `BUY_PIPELINE_MINUTES_NOTIFICATION_DOT` | Callout feature name for buy_pipeline_minutes_notification_dot. | -| `CANARY_DEPLOYMENT` | Callout feature name for canary_deployment. | -| `CLUSTER_SECURITY_WARNING` | Callout feature name for cluster_security_warning. | -| `CUSTOMIZE_HOMEPAGE` | Callout feature name for customize_homepage. | -| `EOA_BRONZE_PLAN_BANNER` | Callout feature name for eoa_bronze_plan_banner. | -| `FEATURE_FLAGS_NEW_VERSION` | Callout feature name for feature_flags_new_version. | -| `GCP_SIGNUP_OFFER` | Callout feature name for gcp_signup_offer. | -| `GEO_ENABLE_HASHED_STORAGE` | Callout feature name for geo_enable_hashed_storage. | -| `GEO_MIGRATE_HASHED_STORAGE` | Callout feature name for geo_migrate_hashed_storage. | -| `GKE_CLUSTER_INTEGRATION` | Callout feature name for gke_cluster_integration. | -| `GOLD_TRIAL_BILLINGS` | Callout feature name for gold_trial_billings. | -| `NEW_USER_SIGNUPS_CAP_REACHED` | Callout feature name for new_user_signups_cap_reached. | -| `PERSONAL_ACCESS_TOKEN_EXPIRY` | Callout feature name for personal_access_token_expiry. | -| `PIPELINE_NEEDS_BANNER` | Callout feature name for pipeline_needs_banner. | -| `REGISTRATION_ENABLED_CALLOUT` | Callout feature name for registration_enabled_callout. | -| `SERVICE_TEMPLATES_DEPRECATED_CALLOUT` | Callout feature name for service_templates_deprecated_callout. | -| `SUGGEST_PIPELINE` | Callout feature name for suggest_pipeline. | -| `SUGGEST_POPOVER_DISMISSED` | Callout feature name for suggest_popover_dismissed. | -| `TABS_POSITION_HIGHLIGHT` | Callout feature name for tabs_position_highlight. | -| `THREAT_MONITORING_INFO` | Callout feature name for threat_monitoring_info. | -| `ULTIMATE_TRIAL` | Callout feature name for ultimate_trial. | -| `UNFINISHED_TAG_CLEANUP_CALLOUT` | Callout feature name for unfinished_tag_cleanup_callout. | -| `WEBHOOKS_MOVED` | Callout feature name for webhooks_moved. | -| `WEB_IDE_ALERT_DISMISSED` | Callout feature name for web_ide_alert_dismissed. | +| <a id="usercalloutfeaturenameenumaccount_recovery_regular_check"></a>`ACCOUNT_RECOVERY_REGULAR_CHECK` | Callout feature name for account_recovery_regular_check. | +| <a id="usercalloutfeaturenameenumactive_user_count_threshold"></a>`ACTIVE_USER_COUNT_THRESHOLD` | Callout feature name for active_user_count_threshold. | +| <a id="usercalloutfeaturenameenumadmin_integrations_moved"></a>`ADMIN_INTEGRATIONS_MOVED` | Callout feature name for admin_integrations_moved. | +| <a id="usercalloutfeaturenameenumbuy_pipeline_minutes_notification_dot"></a>`BUY_PIPELINE_MINUTES_NOTIFICATION_DOT` | Callout feature name for buy_pipeline_minutes_notification_dot. | +| <a id="usercalloutfeaturenameenumcanary_deployment"></a>`CANARY_DEPLOYMENT` | Callout feature name for canary_deployment. | +| <a id="usercalloutfeaturenameenumcluster_security_warning"></a>`CLUSTER_SECURITY_WARNING` | Callout feature name for cluster_security_warning. | +| <a id="usercalloutfeaturenameenumcustomize_homepage"></a>`CUSTOMIZE_HOMEPAGE` | Callout feature name for customize_homepage. | +| <a id="usercalloutfeaturenameenumeoa_bronze_plan_banner"></a>`EOA_BRONZE_PLAN_BANNER` | Callout feature name for eoa_bronze_plan_banner. | +| <a id="usercalloutfeaturenameenumfeature_flags_new_version"></a>`FEATURE_FLAGS_NEW_VERSION` | Callout feature name for feature_flags_new_version. | +| <a id="usercalloutfeaturenameenumgcp_signup_offer"></a>`GCP_SIGNUP_OFFER` | Callout feature name for gcp_signup_offer. | +| <a id="usercalloutfeaturenameenumgeo_enable_hashed_storage"></a>`GEO_ENABLE_HASHED_STORAGE` | Callout feature name for geo_enable_hashed_storage. | +| <a id="usercalloutfeaturenameenumgeo_migrate_hashed_storage"></a>`GEO_MIGRATE_HASHED_STORAGE` | Callout feature name for geo_migrate_hashed_storage. | +| <a id="usercalloutfeaturenameenumgke_cluster_integration"></a>`GKE_CLUSTER_INTEGRATION` | Callout feature name for gke_cluster_integration. | +| <a id="usercalloutfeaturenameenumgold_trial_billings"></a>`GOLD_TRIAL_BILLINGS` | Callout feature name for gold_trial_billings. | +| <a id="usercalloutfeaturenameenumnew_user_signups_cap_reached"></a>`NEW_USER_SIGNUPS_CAP_REACHED` | Callout feature name for new_user_signups_cap_reached. | +| <a id="usercalloutfeaturenameenumpersonal_access_token_expiry"></a>`PERSONAL_ACCESS_TOKEN_EXPIRY` | Callout feature name for personal_access_token_expiry. | +| <a id="usercalloutfeaturenameenumpipeline_needs_banner"></a>`PIPELINE_NEEDS_BANNER` | Callout feature name for pipeline_needs_banner. | +| <a id="usercalloutfeaturenameenumpipeline_needs_hover_tip"></a>`PIPELINE_NEEDS_HOVER_TIP` | Callout feature name for pipeline_needs_hover_tip. | +| <a id="usercalloutfeaturenameenumregistration_enabled_callout"></a>`REGISTRATION_ENABLED_CALLOUT` | Callout feature name for registration_enabled_callout. | +| <a id="usercalloutfeaturenameenumservice_templates_deprecated_callout"></a>`SERVICE_TEMPLATES_DEPRECATED_CALLOUT` | Callout feature name for service_templates_deprecated_callout. | +| <a id="usercalloutfeaturenameenumsuggest_pipeline"></a>`SUGGEST_PIPELINE` | Callout feature name for suggest_pipeline. | +| <a id="usercalloutfeaturenameenumsuggest_popover_dismissed"></a>`SUGGEST_POPOVER_DISMISSED` | Callout feature name for suggest_popover_dismissed. | +| <a id="usercalloutfeaturenameenumtabs_position_highlight"></a>`TABS_POSITION_HIGHLIGHT` | Callout feature name for tabs_position_highlight. | +| <a id="usercalloutfeaturenameenumthreat_monitoring_info"></a>`THREAT_MONITORING_INFO` | Callout feature name for threat_monitoring_info. | +| <a id="usercalloutfeaturenameenumultimate_trial"></a>`ULTIMATE_TRIAL` | Callout feature name for ultimate_trial. | +| <a id="usercalloutfeaturenameenumunfinished_tag_cleanup_callout"></a>`UNFINISHED_TAG_CLEANUP_CALLOUT` | Callout feature name for unfinished_tag_cleanup_callout. | +| <a id="usercalloutfeaturenameenumwebhooks_moved"></a>`WEBHOOKS_MOVED` | Callout feature name for webhooks_moved. | +| <a id="usercalloutfeaturenameenumweb_ide_alert_dismissed"></a>`WEB_IDE_ALERT_DISMISSED` | Callout feature name for web_ide_alert_dismissed. | +| <a id="usercalloutfeaturenameenumweb_ide_ci_environments_guidance"></a>`WEB_IDE_CI_ENVIRONMENTS_GUIDANCE` | Callout feature name for web_ide_ci_environments_guidance. | ### `UserState` @@ -8632,25 +14652,25 @@ Possible states of a user. | Value | Description | | ----- | ----------- | -| `active` | The user is active and is able to use the system. | -| `blocked` | The user has been blocked and is prevented from using the system. | -| `deactivated` | The user is no longer active and is unable to use the system. | +| <a id="userstateactive"></a>`active` | The user is active and is able to use the system. | +| <a id="userstateblocked"></a>`blocked` | The user has been blocked and is prevented from using the system. | +| <a id="userstatedeactivated"></a>`deactivated` | The user is no longer active and is unable to use the system. | ### `VisibilityLevelsEnum` | Value | Description | | ----- | ----------- | -| `internal` | Internal visibility level. | -| `private` | Private visibility level. | -| `public` | Public visibility level. | +| <a id="visibilitylevelsenuminternal"></a>`internal` | Internal visibility level. | +| <a id="visibilitylevelsenumprivate"></a>`private` | Private visibility level. | +| <a id="visibilitylevelsenumpublic"></a>`public` | Public visibility level. | ### `VisibilityScopesEnum` | Value | Description | | ----- | ----------- | -| `internal` | | -| `private` | | -| `public` | | +| <a id="visibilityscopesenuminternal"></a>`internal` | | +| <a id="visibilityscopesenumprivate"></a>`private` | | +| <a id="visibilityscopesenumpublic"></a>`public` | | ### `VulnerabilityDismissalReason` @@ -8658,11 +14678,11 @@ The dismissal reason of the Vulnerability. | Value | Description | | ----- | ----------- | -| `ACCEPTABLE_RISK` | The vulnerability is known, and has not been remediated or mitigated, but is considered to be an acceptable business risk. | -| `FALSE_POSITIVE` | An error in reporting in which a test result incorrectly indicates the presence of a vulnerability in a system when the vulnerability is not present. | -| `MITIGATING_CONTROL` | A management, operational, or technical control (that is, safeguard or countermeasure) employed by an organization that provides equivalent or comparable protection for an information system. | -| `NOT_APPLICABLE` | The vulnerability is known, and has not been remediated or mitigated, but is considered to be in a part of the application that will not be updated. | -| `USED_IN_TESTS` | The finding is not a vulnerability because it is part of a test or is test data. | +| <a id="vulnerabilitydismissalreasonacceptable_risk"></a>`ACCEPTABLE_RISK` | The vulnerability is known, and has not been remediated or mitigated, but is considered to be an acceptable business risk. | +| <a id="vulnerabilitydismissalreasonfalse_positive"></a>`FALSE_POSITIVE` | An error in reporting in which a test result incorrectly indicates the presence of a vulnerability in a system when the vulnerability is not present. | +| <a id="vulnerabilitydismissalreasonmitigating_control"></a>`MITIGATING_CONTROL` | A management, operational, or technical control (that is, safeguard or countermeasure) employed by an organization that provides equivalent or comparable protection for an information system. | +| <a id="vulnerabilitydismissalreasonnot_applicable"></a>`NOT_APPLICABLE` | The vulnerability is known, and has not been remediated or mitigated, but is considered to be in a part of the application that will not be updated. | +| <a id="vulnerabilitydismissalreasonused_in_tests"></a>`USED_IN_TESTS` | The finding is not a vulnerability because it is part of a test or is test data. | ### `VulnerabilityExternalIssueLinkExternalTracker` @@ -8670,7 +14690,7 @@ The external tracker of the external issue link related to a vulnerability. | Value | Description | | ----- | ----------- | -| `JIRA` | Jira external tracker. | +| <a id="vulnerabilityexternalissuelinkexternaltrackerjira"></a>`JIRA` | Jira external tracker. | ### `VulnerabilityExternalIssueLinkType` @@ -8678,7 +14698,7 @@ The type of the external issue link related to a vulnerability. | Value | Description | | ----- | ----------- | -| `CREATED` | Created link type. | +| <a id="vulnerabilityexternalissuelinktypecreated"></a>`CREATED` | Created link type. | ### `VulnerabilityGrade` @@ -8686,11 +14706,11 @@ The grade of the vulnerable project. | Value | Description | | ----- | ----------- | -| `A` | | -| `B` | | -| `C` | | -| `D` | | -| `F` | | +| <a id="vulnerabilitygradea"></a>`A` | | +| <a id="vulnerabilitygradeb"></a>`B` | | +| <a id="vulnerabilitygradec"></a>`C` | | +| <a id="vulnerabilitygraded"></a>`D` | | +| <a id="vulnerabilitygradef"></a>`F` | | ### `VulnerabilityIssueLinkType` @@ -8698,8 +14718,8 @@ The type of the issue link related to a vulnerability. | Value | Description | | ----- | ----------- | -| `CREATED` | | -| `RELATED` | | +| <a id="vulnerabilityissuelinktypecreated"></a>`CREATED` | | +| <a id="vulnerabilityissuelinktyperelated"></a>`RELATED` | | ### `VulnerabilityReportType` @@ -8707,13 +14727,13 @@ The type of the security scan that found the vulnerability. | Value | Description | | ----- | ----------- | -| `API_FUZZING` | | -| `CONTAINER_SCANNING` | | -| `COVERAGE_FUZZING` | | -| `DAST` | | -| `DEPENDENCY_SCANNING` | | -| `SAST` | | -| `SECRET_DETECTION` | | +| <a id="vulnerabilityreporttypeapi_fuzzing"></a>`API_FUZZING` | | +| <a id="vulnerabilityreporttypecontainer_scanning"></a>`CONTAINER_SCANNING` | | +| <a id="vulnerabilityreporttypecoverage_fuzzing"></a>`COVERAGE_FUZZING` | | +| <a id="vulnerabilityreporttypedast"></a>`DAST` | | +| <a id="vulnerabilityreporttypedependency_scanning"></a>`DEPENDENCY_SCANNING` | | +| <a id="vulnerabilityreporttypesast"></a>`SAST` | | +| <a id="vulnerabilityreporttypesecret_detection"></a>`SECRET_DETECTION` | | ### `VulnerabilitySeverity` @@ -8721,12 +14741,12 @@ The severity of the vulnerability. | Value | Description | | ----- | ----------- | -| `CRITICAL` | | -| `HIGH` | | -| `INFO` | | -| `LOW` | | -| `MEDIUM` | | -| `UNKNOWN` | | +| <a id="vulnerabilityseveritycritical"></a>`CRITICAL` | | +| <a id="vulnerabilityseverityhigh"></a>`HIGH` | | +| <a id="vulnerabilityseverityinfo"></a>`INFO` | | +| <a id="vulnerabilityseveritylow"></a>`LOW` | | +| <a id="vulnerabilityseveritymedium"></a>`MEDIUM` | | +| <a id="vulnerabilityseverityunknown"></a>`UNKNOWN` | | ### `VulnerabilitySort` @@ -8734,16 +14754,16 @@ Vulnerability sort values. | Value | Description | | ----- | ----------- | -| `detected_asc` | Detection timestamp in ascending order. | -| `detected_desc` | Detection timestamp in descending order. | -| `report_type_asc` | Report Type in ascending order. | -| `report_type_desc` | Report Type in descending order. | -| `severity_asc` | Severity in ascending order. | -| `severity_desc` | Severity in descending order. | -| `state_asc` | State in ascending order. | -| `state_desc` | State in descending order. | -| `title_asc` | Title in ascending order. | -| `title_desc` | Title in descending order. | +| <a id="vulnerabilitysortdetected_asc"></a>`detected_asc` | Detection timestamp in ascending order. | +| <a id="vulnerabilitysortdetected_desc"></a>`detected_desc` | Detection timestamp in descending order. | +| <a id="vulnerabilitysortreport_type_asc"></a>`report_type_asc` | Report Type in ascending order. | +| <a id="vulnerabilitysortreport_type_desc"></a>`report_type_desc` | Report Type in descending order. | +| <a id="vulnerabilitysortseverity_asc"></a>`severity_asc` | Severity in ascending order. | +| <a id="vulnerabilitysortseverity_desc"></a>`severity_desc` | Severity in descending order. | +| <a id="vulnerabilitysortstate_asc"></a>`state_asc` | State in ascending order. | +| <a id="vulnerabilitysortstate_desc"></a>`state_desc` | State in descending order. | +| <a id="vulnerabilitysorttitle_asc"></a>`title_asc` | Title in ascending order. | +| <a id="vulnerabilitysorttitle_desc"></a>`title_desc` | Title in descending order. | ### `VulnerabilityState` @@ -8751,10 +14771,19 @@ The state of the vulnerability. | Value | Description | | ----- | ----------- | -| `CONFIRMED` | | -| `DETECTED` | | -| `DISMISSED` | | -| `RESOLVED` | | +| <a id="vulnerabilitystateconfirmed"></a>`CONFIRMED` | | +| <a id="vulnerabilitystatedetected"></a>`DETECTED` | | +| <a id="vulnerabilitystatedismissed"></a>`DISMISSED` | | +| <a id="vulnerabilitystateresolved"></a>`RESOLVED` | | + +### `WeightWildcardId` + +Weight ID wildcard values. + +| Value | Description | +| ----- | ----------- | +| <a id="weightwildcardidany"></a>`ANY` | Weight is assigned. | +| <a id="weightwildcardidnone"></a>`NONE` | No weight is assigned. | ## Scalar types @@ -8811,12 +14840,24 @@ An example `BoardsEpicListID` is: `"gid://gitlab/Boards::EpicList/1"`. Represents `true` or `false` values. +### `CiBuildID` + +A `CiBuildID` is a global ID. It is encoded as a string. + +An example `CiBuildID` is: `"gid://gitlab/Ci::Build/1"`. + ### `CiPipelineID` A `CiPipelineID` is a global ID. It is encoded as a string. An example `CiPipelineID` is: `"gid://gitlab/Ci::Pipeline/1"`. +### `CiRunnerID` + +A `CiRunnerID` is a global ID. It is encoded as a string. + +An example `CiRunnerID` is: `"gid://gitlab/Ci::Runner/1"`. + ### `ClustersAgentID` A `ClustersAgentID` is a global ID. It is encoded as a string. @@ -8917,6 +14958,12 @@ A `DiscussionID` is a global ID. It is encoded as a string. An example `DiscussionID` is: `"gid://gitlab/Discussion/1"`. +### `Duration` + +Duration between two instants, represented as a fractional number of seconds. + +For example: 12.3334. + ### `EnvironmentID` A `EnvironmentID` is a global ID. It is encoded as a string. @@ -8984,6 +15031,12 @@ An example `IncidentManagementOncallRotationID` is: `"gid://gitlab/IncidentManag Represents non-fractional signed whole numeric values. Int can represent values between -(2^31) and 2^31 - 1. +### `IssuableID` + +A `IssuableID` is a global ID. It is encoded as a string. + +An example `IssuableID` is: `"gid://gitlab/Issuable/1"`. + ### `IssueID` A `IssueID` is a global ID. It is encoded as a string. @@ -9076,6 +15129,18 @@ A `PackagesConanMetadatumID` is a global ID. It is encoded as a string. An example `PackagesConanMetadatumID` is: `"gid://gitlab/Packages::Conan::Metadatum/1"`. +### `PackagesMavenMetadatumID` + +A `PackagesMavenMetadatumID` is a global ID. It is encoded as a string. + +An example `PackagesMavenMetadatumID` is: `"gid://gitlab/Packages::Maven::Metadatum/1"`. + +### `PackagesNugetMetadatumID` + +A `PackagesNugetMetadatumID` is a global ID. It is encoded as a string. + +An example `PackagesNugetMetadatumID` is: `"gid://gitlab/Packages::Nuget::Metadatum/1"`. + ### `PackagesPackageFileID` A `PackagesPackageFileID` is a global ID. It is encoded as a string. @@ -9088,6 +15153,12 @@ A `PackagesPackageID` is a global ID. It is encoded as a string. An example `PackagesPackageID` is: `"gid://gitlab/Packages::Package/1"`. +### `PathLockID` + +A `PathLockID` is a global ID. It is encoded as a string. + +An example `PathLockID` is: `"gid://gitlab/PathLock/1"`. + ### `PayloadAlertFieldPathSegment` String or integer. @@ -9193,6 +15264,16 @@ abstract types. ### Unions +#### `Issuable` + +Represents an issuable. + +One of: + +- [`Epic`](#epic) +- [`Issue`](#issue) +- [`MergeRequest`](#mergerequest) + #### `PackageMetadata` Represents metadata associated with a Package. @@ -9201,6 +15282,8 @@ One of: - [`ComposerMetadata`](#composermetadata) - [`ConanMetadata`](#conanmetadata) +- [`MavenMetadata`](#mavenmetadata) +- [`NugetMetadata`](#nugetmetadata) #### `VulnerabilityDetail` @@ -9244,15 +15327,17 @@ Implementations: - [`AlertManagementHttpIntegration`](#alertmanagementhttpintegration) - [`AlertManagementPrometheusIntegration`](#alertmanagementprometheusintegration) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `active` | [`Boolean`](#boolean) | Whether the endpoint is currently accepting alerts. | -| `apiUrl` | [`String`](#string) | URL at which Prometheus metrics can be queried to populate the metrics dashboard. | -| `id` | [`ID!`](#id) | ID of the integration. | -| `name` | [`String`](#string) | Name of the integration. | -| `token` | [`String`](#string) | Token used to authenticate alert notification requests. | -| `type` | [`AlertManagementIntegrationType!`](#alertmanagementintegrationtype) | Type of integration. | -| `url` | [`String`](#string) | Endpoint which accepts alert notifications. | +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementintegrationactive"></a>`active` | [`Boolean`](#boolean) | Whether the endpoint is currently accepting alerts. | +| <a id="alertmanagementintegrationapiurl"></a>`apiUrl` | [`String`](#string) | URL at which Prometheus metrics can be queried to populate the metrics dashboard. | +| <a id="alertmanagementintegrationid"></a>`id` | [`ID!`](#id) | ID of the integration. | +| <a id="alertmanagementintegrationname"></a>`name` | [`String`](#string) | Name of the integration. | +| <a id="alertmanagementintegrationtoken"></a>`token` | [`String`](#string) | Token used to authenticate alert notification requests. | +| <a id="alertmanagementintegrationtype"></a>`type` | [`AlertManagementIntegrationType!`](#alertmanagementintegrationtype) | Type of integration. | +| <a id="alertmanagementintegrationurl"></a>`url` | [`String`](#string) | Endpoint which accepts alert notifications. | #### `CurrentUserTodos` @@ -9265,9 +15350,23 @@ Implementations: - [`Issue`](#issue) - [`MergeRequest`](#mergerequest) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `currentUserTodos` | [`TodoConnection!`](#todoconnection) | To-do items for the current user. | +##### Fields with arguments + +###### `CurrentUserTodos.currentUserTodos` + +To-do items for the current user. + +Returns [`TodoConnection!`](#todoconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +####### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="currentusertodoscurrentusertodosstate"></a>`state` | [`TodoStateEnum`](#todostateenum) | State of the to-do items. | #### `DesignFields` @@ -9276,18 +15375,20 @@ Implementations: - [`Design`](#design) - [`DesignAtVersion`](#designatversion) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `diffRefs` | [`DiffRefs!`](#diffrefs) | The diff refs for this design. | -| `event` | [`DesignVersionEvent!`](#designversionevent) | How this design was changed in the current version. | -| `filename` | [`String!`](#string) | The filename of the design. | -| `fullPath` | [`String!`](#string) | The full path to the design file. | -| `id` | [`ID!`](#id) | The ID of this design. | -| `image` | [`String!`](#string) | The URL of the full-sized image. | -| `imageV432x230` | [`String`](#string) | The URL of the design resized to fit within the bounds of 432x230. This will be `null` if the image has not been generated. | -| `issue` | [`Issue!`](#issue) | The issue the design belongs to. | -| `notesCount` | [`Int!`](#int) | The total count of user-created notes for this design. | -| `project` | [`Project!`](#project) | The project the design belongs to. | +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="designfieldsdiffrefs"></a>`diffRefs` | [`DiffRefs!`](#diffrefs) | The diff refs for this design. | +| <a id="designfieldsevent"></a>`event` | [`DesignVersionEvent!`](#designversionevent) | How this design was changed in the current version. | +| <a id="designfieldsfilename"></a>`filename` | [`String!`](#string) | The filename of the design. | +| <a id="designfieldsfullpath"></a>`fullPath` | [`String!`](#string) | The full path to the design file. | +| <a id="designfieldsid"></a>`id` | [`ID!`](#id) | The ID of this design. | +| <a id="designfieldsimage"></a>`image` | [`String!`](#string) | The URL of the full-sized image. | +| <a id="designfieldsimagev432x230"></a>`imageV432x230` | [`String`](#string) | The URL of the design resized to fit within the bounds of 432x230. This will be `null` if the image has not been generated. | +| <a id="designfieldsissue"></a>`issue` | [`Issue!`](#issue) | The issue the design belongs to. | +| <a id="designfieldsnotescount"></a>`notesCount` | [`Int!`](#int) | The total count of user-created notes for this design. | +| <a id="designfieldsproject"></a>`project` | [`Project!`](#project) | The project the design belongs to. | #### `Entry` @@ -9297,14 +15398,16 @@ Implementations: - [`Submodule`](#submodule) - [`TreeEntry`](#treeentry) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `flatPath` | [`String!`](#string) | Flat path of the entry. | -| `id` | [`ID!`](#id) | ID of the entry. | -| `name` | [`String!`](#string) | Name of the entry. | -| `path` | [`String!`](#string) | Path of the entry. | -| `sha` | [`String!`](#string) | Last commit SHA for the entry. | -| `type` | [`EntryType!`](#entrytype) | Type of tree entry. | +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="entryflatpath"></a>`flatPath` | [`String!`](#string) | Flat path of the entry. | +| <a id="entryid"></a>`id` | [`ID!`](#id) | ID of the entry. | +| <a id="entryname"></a>`name` | [`String!`](#string) | Name of the entry. | +| <a id="entrypath"></a>`path` | [`String!`](#string) | Path of the entry. | +| <a id="entrysha"></a>`sha` | [`String!`](#string) | Last commit SHA for the entry. | +| <a id="entrytype"></a>`type` | [`EntryType!`](#entrytype) | Type of tree entry. | #### `Eventable` @@ -9313,9 +15416,11 @@ Implementations: - [`BoardEpic`](#boardepic) - [`Epic`](#epic) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `events` | [`EventConnection`](#eventconnection) | A list of events associated with the object. | +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="eventableevents"></a>`events` | [`EventConnection`](#eventconnection) | A list of events associated with the object. (see [Connections](#connections)) | #### `MemberInterface` @@ -9324,15 +15429,17 @@ Implementations: - [`GroupMember`](#groupmember) - [`ProjectMember`](#projectmember) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `accessLevel` | [`AccessLevel`](#accesslevel) | GitLab::Access level. | -| `createdAt` | [`Time`](#time) | Date and time the membership was created. | -| `createdBy` | [`User`](#user) | User that authorized membership. | -| `expiresAt` | [`Time`](#time) | Date and time the membership expires. | -| `id` | [`ID!`](#id) | ID of the member. | -| `updatedAt` | [`Time`](#time) | Date and time the membership was last updated. | -| `user` | [`User!`](#user) | User that is associated with the member object. | +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="memberinterfaceaccesslevel"></a>`accessLevel` | [`AccessLevel`](#accesslevel) | GitLab::Access level. | +| <a id="memberinterfacecreatedat"></a>`createdAt` | [`Time`](#time) | Date and time the membership was created. | +| <a id="memberinterfacecreatedby"></a>`createdBy` | [`UserCore`](#usercore) | User that authorized membership. | +| <a id="memberinterfaceexpiresat"></a>`expiresAt` | [`Time`](#time) | Date and time the membership expires. | +| <a id="memberinterfaceid"></a>`id` | [`ID!`](#id) | ID of the member. | +| <a id="memberinterfaceupdatedat"></a>`updatedAt` | [`Time`](#time) | Date and time the membership was last updated. | +| <a id="memberinterfaceuser"></a>`user` | [`UserCore!`](#usercore) | User that is associated with the member object. | #### `Noteable` @@ -9348,10 +15455,12 @@ Implementations: - [`Snippet`](#snippet) - [`Vulnerability`](#vulnerability) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. | -| `notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. | +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="noteablediscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="noteablenotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | #### `PackageFileMetadata` @@ -9361,10 +15470,12 @@ Implementations: - [`ConanFileMetadata`](#conanfilemetadata) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `createdAt` | [`Time!`](#time) | Date of creation. | -| `updatedAt` | [`Time!`](#time) | Date of most recent update. | +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="packagefilemetadatacreatedat"></a>`createdAt` | [`Time!`](#time) | Date of creation. | +| <a id="packagefilemetadataupdatedat"></a>`updatedAt` | [`Time!`](#time) | Date of most recent update. | #### `ResolvableInterface` @@ -9373,12 +15484,14 @@ Implementations: - [`Discussion`](#discussion) - [`Note`](#note) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `resolvable` | [`Boolean!`](#boolean) | Indicates if the object can be resolved. | -| `resolved` | [`Boolean!`](#boolean) | Indicates if the object is resolved. | -| `resolvedAt` | [`Time`](#time) | Timestamp of when the object was resolved. | -| `resolvedBy` | [`User`](#user) | User who resolved the object. | +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="resolvableinterfaceresolvable"></a>`resolvable` | [`Boolean!`](#boolean) | Indicates if the object can be resolved. | +| <a id="resolvableinterfaceresolved"></a>`resolved` | [`Boolean!`](#boolean) | Indicates if the object is resolved. | +| <a id="resolvableinterfaceresolvedat"></a>`resolvedAt` | [`Time`](#time) | Timestamp of when the object was resolved. | +| <a id="resolvableinterfaceresolvedby"></a>`resolvedBy` | [`UserCore`](#usercore) | User who resolved the object. | #### `Service` @@ -9387,10 +15500,12 @@ Implementations: - [`BaseService`](#baseservice) - [`JiraService`](#jiraservice) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `active` | [`Boolean`](#boolean) | Indicates if the service is active. | -| `type` | [`String`](#string) | Class name of the service. | +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="serviceactive"></a>`active` | [`Boolean`](#boolean) | Indicates if the service is active. | +| <a id="servicetype"></a>`type` | [`String`](#string) | Class name of the service. | #### `TimeboxReportInterface` @@ -9399,6 +15514,533 @@ Implementations: - [`Iteration`](#iteration) - [`Milestone`](#milestone) -| Field | Type | Description | -| ----- | ---- | ----------- | -| `report` | [`TimeboxReport`](#timeboxreport) | Historically accurate report about the timebox. | +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="timeboxreportinterfacereport"></a>`report` | [`TimeboxReport`](#timeboxreport) | Historically accurate report about the timebox. | + +#### `User` + +Representation of a GitLab user. + +Implementations: + +- [`MergeRequestAssignee`](#mergerequestassignee) +- [`MergeRequestReviewer`](#mergerequestreviewer) +- [`UserCore`](#usercore) + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="useravatarurl"></a>`avatarUrl` | [`String`](#string) | URL of the user's avatar. | +| <a id="userbot"></a>`bot` | [`Boolean!`](#boolean) | Indicates if the user is a bot. | +| <a id="usercallouts"></a>`callouts` | [`UserCalloutConnection`](#usercalloutconnection) | User callouts that belong to the user. (see [Connections](#connections)) | +| <a id="useremail"></a>`email` **{warning-solid}** | [`String`](#string) | **Deprecated** in 13.7. This was renamed. Use: [`User.publicEmail`](#userpublicemail). | +| <a id="usergroupcount"></a>`groupCount` | [`Int`](#int) | Group count for the user. | +| <a id="usergroupmemberships"></a>`groupMemberships` | [`GroupMemberConnection`](#groupmemberconnection) | Group memberships of the user. (see [Connections](#connections)) | +| <a id="userid"></a>`id` | [`ID!`](#id) | ID of the user. | +| <a id="userlocation"></a>`location` | [`String`](#string) | The location of the user. | +| <a id="username"></a>`name` | [`String!`](#string) | Human-readable name of the user. | +| <a id="userprojectmemberships"></a>`projectMemberships` | [`ProjectMemberConnection`](#projectmemberconnection) | Project memberships of the user. (see [Connections](#connections)) | +| <a id="userpublicemail"></a>`publicEmail` | [`String`](#string) | User's public email. | +| <a id="userstate"></a>`state` | [`UserState!`](#userstate) | State of the user. | +| <a id="userstatus"></a>`status` | [`UserStatus`](#userstatus) | User status. | +| <a id="useruserpermissions"></a>`userPermissions` | [`UserPermissions!`](#userpermissions) | Permissions for the current user on the resource. | +| <a id="userusername"></a>`username` | [`String!`](#string) | Username of the user. Unique within this instance of GitLab. | +| <a id="userwebpath"></a>`webPath` | [`String!`](#string) | Web path of the user. | +| <a id="userweburl"></a>`webUrl` | [`String!`](#string) | Web URL of the user. | + +##### Fields with arguments + +###### `User.assignedMergeRequests` + +Merge requests assigned to the user. + +Returns [`MergeRequestConnection`](#mergerequestconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +####### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="userassignedmergerequestsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author. | +| <a id="userassignedmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="userassignedmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="userassignedmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="userassignedmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="userassignedmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="userassignedmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="userassignedmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="userassignedmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="userassignedmergerequestsreviewerusername"></a>`reviewerUsername` | [`String`](#string) | Username of the reviewer. | +| <a id="userassignedmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="userassignedmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="userassignedmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="userassignedmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | + +###### `User.authoredMergeRequests` + +Merge requests authored by the user. + +Returns [`MergeRequestConnection`](#mergerequestconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +####### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="userauthoredmergerequestsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of the assignee. | +| <a id="userauthoredmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="userauthoredmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="userauthoredmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="userauthoredmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="userauthoredmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="userauthoredmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="userauthoredmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="userauthoredmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="userauthoredmergerequestsreviewerusername"></a>`reviewerUsername` | [`String`](#string) | Username of the reviewer. | +| <a id="userauthoredmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="userauthoredmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="userauthoredmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="userauthoredmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | + +###### `User.reviewRequestedMergeRequests` + +Merge requests assigned to the user for review. + +Returns [`MergeRequestConnection`](#mergerequestconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +####### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="userreviewrequestedmergerequestsassigneeusername"></a>`assigneeUsername` | [`String`](#string) | Username of the assignee. | +| <a id="userreviewrequestedmergerequestsauthorusername"></a>`authorUsername` | [`String`](#string) | Username of the author. | +| <a id="userreviewrequestedmergerequestsiids"></a>`iids` | [`[String!]`](#string) | Array of IIDs of merge requests, for example `[1, 2]`. | +| <a id="userreviewrequestedmergerequestslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will have all of these labels. | +| <a id="userreviewrequestedmergerequestsmergedafter"></a>`mergedAfter` | [`Time`](#time) | Merge requests merged after this date. | +| <a id="userreviewrequestedmergerequestsmergedbefore"></a>`mergedBefore` | [`Time`](#time) | Merge requests merged before this date. | +| <a id="userreviewrequestedmergerequestsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | +| <a id="userreviewrequestedmergerequestsnot"></a>`not` | [`MergeRequestsResolverNegatedParams`](#mergerequestsresolvernegatedparams) | List of negated arguments. Warning: this argument is experimental and a subject to change in future. | +| <a id="userreviewrequestedmergerequestsprojectid"></a>`projectId` | [`ProjectID`](#projectid) | The global ID of the project the authored merge requests should be in. Incompatible with projectPath. | +| <a id="userreviewrequestedmergerequestsprojectpath"></a>`projectPath` | [`String`](#string) | The full-path of the project the authored merge requests should be in. Incompatible with projectId. | +| <a id="userreviewrequestedmergerequestssort"></a>`sort` | [`MergeRequestSort`](#mergerequestsort) | Sort merge requests by this criteria. | +| <a id="userreviewrequestedmergerequestssourcebranches"></a>`sourceBranches` | [`[String!]`](#string) | Array of source branch names. All resolved merge requests will have one of these branches as their source. | +| <a id="userreviewrequestedmergerequestsstate"></a>`state` | [`MergeRequestState`](#mergerequeststate) | A merge request state. If provided, all resolved merge requests will have this state. | +| <a id="userreviewrequestedmergerequeststargetbranches"></a>`targetBranches` | [`[String!]`](#string) | Array of target branch names. All resolved merge requests will have one of these branches as their target. | + +###### `User.snippets` + +Snippets authored by the user. + +Returns [`SnippetConnection`](#snippetconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +####### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usersnippetsids"></a>`ids` | [`[SnippetID!]`](#snippetid) | Array of global snippet IDs. For example, `gid://gitlab/ProjectSnippet/1`. | +| <a id="usersnippetstype"></a>`type` | [`TypeEnum`](#typeenum) | The type of snippet. | +| <a id="usersnippetsvisibility"></a>`visibility` | [`VisibilityScopesEnum`](#visibilityscopesenum) | The visibility of the snippet. | + +###### `User.starredProjects` + +Projects starred by the user. + +Returns [`ProjectConnection`](#projectconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +####### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="userstarredprojectssearch"></a>`search` | [`String`](#string) | Search query. | + +###### `User.todos` + +To-do items of the user. + +Returns [`TodoConnection`](#todoconnection). + +This field returns a [connection](#connections). It accepts the +four standard [pagination arguments](#connection-pagination-arguments): +`before: String`, `after: String`, `first: Int`, `last: Int`. + +####### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="usertodosaction"></a>`action` | [`[TodoActionEnum!]`](#todoactionenum) | The action to be filtered. | +| <a id="usertodosauthorid"></a>`authorId` | [`[ID!]`](#id) | The ID of an author. | +| <a id="usertodosgroupid"></a>`groupId` | [`[ID!]`](#id) | The ID of a group. | +| <a id="usertodosprojectid"></a>`projectId` | [`[ID!]`](#id) | The ID of a project. | +| <a id="usertodosstate"></a>`state` | [`[TodoStateEnum!]`](#todostateenum) | The state of the todo. | +| <a id="usertodostype"></a>`type` | [`[TodoTargetEnum!]`](#todotargetenum) | The type of the todo. | + +## Input types + +Types that may be used as arguments (all scalar types may also +be used as arguments). + +Only general use input types are listed here. For mutation input types, +see the associated mutation type above. + +### `AlertManagementPayloadAlertFieldInput` + +Field that are available while modifying the custom mapping attributes for an HTTP integration. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="alertmanagementpayloadalertfieldinputfieldname"></a>`fieldName` | [`AlertManagementPayloadAlertFieldName!`](#alertmanagementpayloadalertfieldname) | A GitLab alert field name. | +| <a id="alertmanagementpayloadalertfieldinputlabel"></a>`label` | [`String`](#string) | Human-readable label of the payload path. | +| <a id="alertmanagementpayloadalertfieldinputpath"></a>`path` | [`[PayloadAlertFieldPathSegment!]!`](#payloadalertfieldpathsegment) | Path to value inside payload JSON. | +| <a id="alertmanagementpayloadalertfieldinputtype"></a>`type` | [`AlertManagementPayloadAlertFieldType!`](#alertmanagementpayloadalertfieldtype) | Type of the parsed value. | + +### `BoardIssueInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="boardissueinputassigneeusername"></a>`assigneeUsername` | [`[String]`](#string) | Filter by assignee username. | +| <a id="boardissueinputassigneewildcardid"></a>`assigneeWildcardId` | [`AssigneeWildcardId`](#assigneewildcardid) | Filter by assignee wildcard. Incompatible with assigneeUsername. | +| <a id="boardissueinputauthorusername"></a>`authorUsername` | [`String`](#string) | Filter by author username. | +| <a id="boardissueinputepicid"></a>`epicId` | [`EpicID`](#epicid) | Filter by epic ID. Incompatible with epicWildcardId. | +| <a id="boardissueinputepicwildcardid"></a>`epicWildcardId` | [`EpicWildcardId`](#epicwildcardid) | Filter by epic ID wildcard. Incompatible with epicId. | +| <a id="boardissueinputiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example ["1", "2"]. | +| <a id="boardissueinputiterationid"></a>`iterationId` | [`[IterationID!]`](#iterationid) | Filter by a list of iteration IDs. Incompatible with iterationWildcardId. | +| <a id="boardissueinputiterationtitle"></a>`iterationTitle` | [`String`](#string) | Filter by iteration title. | +| <a id="boardissueinputiterationwildcardid"></a>`iterationWildcardId` | [`IterationWildcardId`](#iterationwildcardid) | Filter by iteration ID wildcard. | +| <a id="boardissueinputlabelname"></a>`labelName` | [`[String]`](#string) | Filter by label name. | +| <a id="boardissueinputmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Filter by milestone title. | +| <a id="boardissueinputmyreactionemoji"></a>`myReactionEmoji` | [`String`](#string) | Filter by reaction emoji applied by the current user. | +| <a id="boardissueinputnot"></a>`not` | [`NegatedBoardIssueInput`](#negatedboardissueinput) | List of negated arguments. | +| <a id="boardissueinputreleasetag"></a>`releaseTag` | [`String`](#string) | Filter by release tag. | +| <a id="boardissueinputsearch"></a>`search` | [`String`](#string) | Search query for issue title or description. | +| <a id="boardissueinputweight"></a>`weight` | [`String`](#string) | Filter by weight. | +| <a id="boardissueinputweightwildcardid"></a>`weightWildcardId` | [`WeightWildcardId`](#weightwildcardid) | Filter by weight ID wildcard. Incompatible with weight. | + +### `CommitAction` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="commitactionaction"></a>`action` | [`CommitActionMode!`](#commitactionmode) | The action to perform, create, delete, move, update, chmod. | +| <a id="commitactioncontent"></a>`content` | [`String`](#string) | Content of the file. | +| <a id="commitactionencoding"></a>`encoding` | [`CommitEncoding`](#commitencoding) | Encoding of the file. Default is text. | +| <a id="commitactionexecutefilemode"></a>`executeFilemode` | [`Boolean`](#boolean) | Enables/disables the execute flag on the file. | +| <a id="commitactionfilepath"></a>`filePath` | [`String!`](#string) | Full path to the file. | +| <a id="commitactionlastcommitid"></a>`lastCommitId` | [`String`](#string) | Last known file commit ID. | +| <a id="commitactionpreviouspath"></a>`previousPath` | [`String`](#string) | Original full path to the file being moved. | + +### `ComplianceFrameworkInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="complianceframeworkinputcolor"></a>`color` | [`String`](#string) | New color representation of the compliance framework in hex format. e.g. #FCA121. | +| <a id="complianceframeworkinputdescription"></a>`description` | [`String`](#string) | New description for the compliance framework. | +| <a id="complianceframeworkinputname"></a>`name` | [`String`](#string) | New name for the compliance framework. | +| <a id="complianceframeworkinputpipelineconfigurationfullpath"></a>`pipelineConfigurationFullPath` | [`String`](#string) | Full path of the compliance pipeline configuration stored in a project repository, such as `.gitlab/.compliance-gitlab-ci.yml@compliance/hipaa` **(ULTIMATE)**. | + +### `DastSiteProfileAuthInput` + +Input type for DastSiteProfile authentication. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dastsiteprofileauthinputenabled"></a>`enabled` | [`Boolean`](#boolean) | Indicates whether authentication is enabled. | +| <a id="dastsiteprofileauthinputpassword"></a>`password` | [`String`](#string) | The password to authenticate with on the target website. | +| <a id="dastsiteprofileauthinputpasswordfield"></a>`passwordField` | [`String`](#string) | The name of password field at the sign-in HTML form. | +| <a id="dastsiteprofileauthinputurl"></a>`url` | [`String`](#string) | The URL of the page containing the sign-in HTML form on the target website. | +| <a id="dastsiteprofileauthinputusername"></a>`username` | [`String`](#string) | The username to authenticate with on the target website. | +| <a id="dastsiteprofileauthinputusernamefield"></a>`usernameField` | [`String`](#string) | The name of username field at the sign-in HTML form. | + +### `DiffImagePositionInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="diffimagepositioninputbasesha"></a>`baseSha` | [`String`](#string) | Merge base of the branch the comment was made on. | +| <a id="diffimagepositioninputheadsha"></a>`headSha` | [`String!`](#string) | SHA of the HEAD at the time the comment was made. | +| <a id="diffimagepositioninputheight"></a>`height` | [`Int!`](#int) | Total height of the image. | +| <a id="diffimagepositioninputpaths"></a>`paths` | [`DiffPathsInput!`](#diffpathsinput) | The paths of the file that was changed. Both of the properties of this input are optional, but at least one of them is required. | +| <a id="diffimagepositioninputstartsha"></a>`startSha` | [`String!`](#string) | SHA of the branch being compared against. | +| <a id="diffimagepositioninputwidth"></a>`width` | [`Int!`](#int) | Total width of the image. | +| <a id="diffimagepositioninputx"></a>`x` | [`Int!`](#int) | X position of the note. | +| <a id="diffimagepositioninputy"></a>`y` | [`Int!`](#int) | Y position of the note. | + +### `DiffPathsInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="diffpathsinputnewpath"></a>`newPath` | [`String`](#string) | The path of the file on the head sha. | +| <a id="diffpathsinputoldpath"></a>`oldPath` | [`String`](#string) | The path of the file on the start sha. | + +### `DiffPositionInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="diffpositioninputbasesha"></a>`baseSha` | [`String`](#string) | Merge base of the branch the comment was made on. | +| <a id="diffpositioninputheadsha"></a>`headSha` | [`String!`](#string) | SHA of the HEAD at the time the comment was made. | +| <a id="diffpositioninputnewline"></a>`newLine` | [`Int`](#int) | Line on HEAD SHA that was changed. | +| <a id="diffpositioninputoldline"></a>`oldLine` | [`Int`](#int) | Line on start SHA that was changed. | +| <a id="diffpositioninputpaths"></a>`paths` | [`DiffPathsInput!`](#diffpathsinput) | The paths of the file that was changed. Both of the properties of this input are optional, but at least one of them is required. | +| <a id="diffpositioninputstartsha"></a>`startSha` | [`String!`](#string) | SHA of the branch being compared against. | + +### `EpicFilters` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epicfiltersauthorusername"></a>`authorUsername` | [`String`](#string) | Filter by author username. | +| <a id="epicfilterslabelname"></a>`labelName` | [`[String]`](#string) | Filter by label name. | +| <a id="epicfiltersmyreactionemoji"></a>`myReactionEmoji` | [`String`](#string) | Filter by reaction emoji applied by the current user. | +| <a id="epicfiltersnot"></a>`not` | [`NegatedEpicBoardIssueInput`](#negatedepicboardissueinput) | Negated epic arguments. | +| <a id="epicfilterssearch"></a>`search` | [`String`](#string) | Search query for epic title or description. | + +### `EpicTreeNodeFieldsInputType` + +A node of an epic tree. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="epictreenodefieldsinputtypeadjacentreferenceid"></a>`adjacentReferenceId` | [`EpicTreeSortingID`](#epictreesortingid) | The ID of the epic_issue or issue that the actual epic or issue is switched with. | +| <a id="epictreenodefieldsinputtypeid"></a>`id` | [`EpicTreeSortingID!`](#epictreesortingid) | The ID of the epic_issue or epic that is being moved. | +| <a id="epictreenodefieldsinputtypenewparentid"></a>`newParentId` | [`EpicID`](#epicid) | ID of the new parent epic. | +| <a id="epictreenodefieldsinputtyperelativeposition"></a>`relativePosition` | [`MoveType`](#movetype) | The type of the switch, after or before allowed. | + +### `JiraUsersMappingInputType` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="jirausersmappinginputtypegitlabid"></a>`gitlabId` | [`Int`](#int) | ID of the GitLab user. | +| <a id="jirausersmappinginputtypejiraaccountid"></a>`jiraAccountId` | [`String!`](#string) | Jira account ID of the user. | + +### `MergeRequestsResolverNegatedParams` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mergerequestsresolvernegatedparamslabels"></a>`labels` | [`[String!]`](#string) | Array of label names. All resolved merge requests will not have these labels. | +| <a id="mergerequestsresolvernegatedparamsmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Title of the milestone. | + +### `NegatedBoardIssueInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="negatedboardissueinputassigneeusername"></a>`assigneeUsername` | [`[String]`](#string) | Filter by assignee username. | +| <a id="negatedboardissueinputauthorusername"></a>`authorUsername` | [`String`](#string) | Filter by author username. | +| <a id="negatedboardissueinputepicid"></a>`epicId` | [`EpicID`](#epicid) | Filter by epic ID. Incompatible with epicWildcardId. | +| <a id="negatedboardissueinputiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example ["1", "2"]. | +| <a id="negatedboardissueinputiterationid"></a>`iterationId` | [`[IterationID!]`](#iterationid) | Filter by a list of iteration IDs. Incompatible with iterationWildcardId. | +| <a id="negatedboardissueinputiterationtitle"></a>`iterationTitle` | [`String`](#string) | Filter by iteration title. | +| <a id="negatedboardissueinputiterationwildcardid"></a>`iterationWildcardId` | [`NegatedIterationWildcardId`](#negatediterationwildcardid) | Filter by iteration ID wildcard. | +| <a id="negatedboardissueinputlabelname"></a>`labelName` | [`[String]`](#string) | Filter by label name. | +| <a id="negatedboardissueinputmilestonetitle"></a>`milestoneTitle` | [`String`](#string) | Filter by milestone title. | +| <a id="negatedboardissueinputmyreactionemoji"></a>`myReactionEmoji` | [`String`](#string) | Filter by reaction emoji applied by the current user. | +| <a id="negatedboardissueinputreleasetag"></a>`releaseTag` | [`String`](#string) | Filter by release tag. | +| <a id="negatedboardissueinputweight"></a>`weight` | [`String`](#string) | Filter by weight. | + +### `NegatedEpicBoardIssueInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="negatedepicboardissueinputauthorusername"></a>`authorUsername` | [`String`](#string) | Filter by author username. | +| <a id="negatedepicboardissueinputlabelname"></a>`labelName` | [`[String]`](#string) | Filter by label name. | +| <a id="negatedepicboardissueinputmyreactionemoji"></a>`myReactionEmoji` | [`String`](#string) | Filter by reaction emoji applied by the current user. | + +### `NegatedIssueFilterInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="negatedissuefilterinputassigneeid"></a>`assigneeId` | [`String`](#string) | ID of a user not assigned to the issues. | +| <a id="negatedissuefilterinputassigneeusernames"></a>`assigneeUsernames` | [`[String!]`](#string) | Usernames of users not assigned to the issue. | +| <a id="negatedissuefilterinputepicid"></a>`epicId` | [`String`](#string) | ID of an epic not associated with the issues. | +| <a id="negatedissuefilterinputiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues to exclude. For example, [1, 2]. | +| <a id="negatedissuefilterinputiterationid"></a>`iterationId` | [`[ID!]`](#id) | List of iteration Global IDs not applied to the issue. | +| <a id="negatedissuefilterinputiterationwildcardid"></a>`iterationWildcardId` | [`IterationWildcardId`](#iterationwildcardid) | Filter by negated iteration ID wildcard. | +| <a id="negatedissuefilterinputlabelname"></a>`labelName` | [`[String!]`](#string) | Labels not applied to this issue. | +| <a id="negatedissuefilterinputmilestonetitle"></a>`milestoneTitle` | [`[String!]`](#string) | Milestone not applied to this issue. | +| <a id="negatedissuefilterinputweight"></a>`weight` | [`String`](#string) | Weight not applied to the issue. | + +### `OncallRotationActivePeriodInputType` + +Active period time range for on-call rotation. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="oncallrotationactiveperiodinputtypeendtime"></a>`endTime` | [`String!`](#string) | The end of the rotation active period in 24 hour format, for example "18:30". | +| <a id="oncallrotationactiveperiodinputtypestarttime"></a>`startTime` | [`String!`](#string) | The start of the rotation active period in 24 hour format, for example "18:30". | + +### `OncallRotationDateInputType` + +Date input type for on-call rotation. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="oncallrotationdateinputtypedate"></a>`date` | [`String!`](#string) | The date component of the date in YYYY-MM-DD format. | +| <a id="oncallrotationdateinputtypetime"></a>`time` | [`String!`](#string) | The time component of the date in 24hr HH:MM format. | + +### `OncallRotationLengthInputType` + +The rotation length of the on-call rotation. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="oncallrotationlengthinputtypelength"></a>`length` | [`Int!`](#int) | The rotation length of the on-call rotation. | +| <a id="oncallrotationlengthinputtypeunit"></a>`unit` | [`OncallRotationUnitEnum!`](#oncallrotationunitenum) | The unit of the rotation length of the on-call rotation. | + +### `OncallUserInputType` + +The rotation user and color palette. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="oncalluserinputtypecolorpalette"></a>`colorPalette` | [`DataVisualizationColorEnum`](#datavisualizationcolorenum) | A value of DataVisualizationColorEnum. The color from the palette to assign to the on-call user. | +| <a id="oncalluserinputtypecolorweight"></a>`colorWeight` | [`DataVisualizationWeightEnum`](#datavisualizationweightenum) | A value of DataVisualizationWeightEnum. The color weight to assign to for the on-call user. Note: To view on-call schedules in GitLab, do not provide a value below 500. A value between 500 and 950 ensures sufficient contrast. | +| <a id="oncalluserinputtypeusername"></a>`username` | [`String!`](#string) | The username of the user to participate in the on-call rotation, such as `user_one`. | + +### `ReleaseAssetLinkInput` + +Fields that are available when modifying a release asset link. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseassetlinkinputdirectassetpath"></a>`directAssetPath` | [`String`](#string) | Relative path for a direct asset link. | +| <a id="releaseassetlinkinputlinktype"></a>`linkType` | [`ReleaseAssetLinkType`](#releaseassetlinktype) | The type of the asset link. | +| <a id="releaseassetlinkinputname"></a>`name` | [`String!`](#string) | Name of the asset link. | +| <a id="releaseassetlinkinputurl"></a>`url` | [`String!`](#string) | URL of the asset link. | + +### `ReleaseAssetsInput` + +Fields that are available when modifying release assets. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="releaseassetsinputlinks"></a>`links` | [`[ReleaseAssetLinkInput!]`](#releaseassetlinkinput) | A list of asset links to associate to the release. | + +### `SastCiConfigurationAnalyzersEntityInput` + +Represents the analyzers entity in SAST CI configuration. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationanalyzersentityinputenabled"></a>`enabled` | [`Boolean!`](#boolean) | State of the analyzer. | +| <a id="sastciconfigurationanalyzersentityinputname"></a>`name` | [`String!`](#string) | Name of analyzer. | +| <a id="sastciconfigurationanalyzersentityinputvariables"></a>`variables` | [`[SastCiConfigurationEntityInput!]`](#sastciconfigurationentityinput) | List of variables for the analyzer. | + +### `SastCiConfigurationEntityInput` + +Represents an entity in SAST CI configuration. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationentityinputdefaultvalue"></a>`defaultValue` | [`String!`](#string) | Default value that is used if value is empty. | +| <a id="sastciconfigurationentityinputfield"></a>`field` | [`String!`](#string) | CI keyword of entity. | +| <a id="sastciconfigurationentityinputvalue"></a>`value` | [`String!`](#string) | Current value of the entity. | + +### `SastCiConfigurationInput` + +Represents a CI configuration of SAST. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="sastciconfigurationinputanalyzers"></a>`analyzers` | [`[SastCiConfigurationAnalyzersEntityInput!]`](#sastciconfigurationanalyzersentityinput) | List of analyzers and related variables for the SAST configuration. | +| <a id="sastciconfigurationinputglobal"></a>`global` | [`[SastCiConfigurationEntityInput!]`](#sastciconfigurationentityinput) | List of global entities related to SAST configuration. | +| <a id="sastciconfigurationinputpipeline"></a>`pipeline` | [`[SastCiConfigurationEntityInput!]`](#sastciconfigurationentityinput) | List of pipeline entities related to SAST configuration. | + +### `SnippetBlobActionInputType` + +Represents an action to perform over a snippet file. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="snippetblobactioninputtypeaction"></a>`action` | [`SnippetBlobActionEnum!`](#snippetblobactionenum) | Type of input action. | +| <a id="snippetblobactioninputtypecontent"></a>`content` | [`String`](#string) | Snippet file content. | +| <a id="snippetblobactioninputtypefilepath"></a>`filePath` | [`String!`](#string) | Path of the snippet file. | +| <a id="snippetblobactioninputtypepreviouspath"></a>`previousPath` | [`String`](#string) | Previous path of the snippet file. | + +### `Timeframe` + +A time-frame defined as a closed inclusive range of two dates. + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="timeframeend"></a>`end` | [`Date!`](#date) | The end of the range. | +| <a id="timeframestart"></a>`start` | [`Date!`](#date) | The start of the range. | + +### `UpdateDiffImagePositionInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="updatediffimagepositioninputheight"></a>`height` | [`Int`](#int) | Total height of the image. | +| <a id="updatediffimagepositioninputwidth"></a>`width` | [`Int`](#int) | Total width of the image. | +| <a id="updatediffimagepositioninputx"></a>`x` | [`Int`](#int) | X position of the note. | +| <a id="updatediffimagepositioninputy"></a>`y` | [`Int`](#int) | Y position of the note. | diff --git a/doc/api/graphql/sample_issue_boards.md b/doc/api/graphql/sample_issue_boards.md index bddf1ea9a7e..86881465ed6 100644 --- a/doc/api/graphql/sample_issue_boards.md +++ b/doc/api/graphql/sample_issue_boards.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Plan +group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/graphql/users_example.md b/doc/api/graphql/users_example.md index e4a697d11fd..1222cd8ee8e 100644 --- a/doc/api/graphql/users_example.md +++ b/doc/api/graphql/users_example.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- @@ -68,7 +68,7 @@ explorer. GraphiQL explorer is available for: } } } - } + } ``` 1. Open the [GraphiQL explorer tool](https://gitlab.com/-/graphql-explorer). diff --git a/doc/api/group_badges.md b/doc/api/group_badges.md index e3fcaa3db37..848d5735096 100644 --- a/doc/api/group_badges.md +++ b/doc/api/group_badges.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Manage +group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- @@ -192,6 +192,6 @@ Example response: "link_url": "http://example.com/ci_status.svg?project=%{project_path}&ref=%{default_branch}", "image_url": "https://shields.io/my/badge", "rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master", - "rendered_image_url": "https://shields.io/my/badge", + "rendered_image_url": "https://shields.io/my/badge" } ``` diff --git a/doc/api/group_clusters.md b/doc/api/group_clusters.md index 69b54591d0a..ea7c13637c4 100644 --- a/doc/api/group_clusters.md +++ b/doc/api/group_clusters.md @@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/30213) in GitLab 12.1. -Similar to [project-level](../user/project/clusters/index.md) and +Similarly to [project-level](../user/project/clusters/index.md) and [instance-level](../user/instance/clusters/index.md) Kubernetes clusters, group-level Kubernetes clusters allow you to connect a Kubernetes cluster to your group, enabling you to use the same cluster across multiple projects. diff --git a/doc/api/group_level_variables.md b/doc/api/group_level_variables.md index 500d5a60c9c..b548372b02d 100644 --- a/doc/api/group_level_variables.md +++ b/doc/api/group_level_variables.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Verify +group: Continuous Integration info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/group_relations_export.md b/doc/api/group_relations_export.md new file mode 100644 index 00000000000..bb19f7f0923 --- /dev/null +++ b/doc/api/group_relations_export.md @@ -0,0 +1,101 @@ +--- +stage: Manage +group: Import +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Group Relations Export API + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59978) in GitLab 13.12. + +With the Group Relations Export API, you can partially export group structure. This API is similar +to [group export](group_import_export.md), +but it exports each top-level relation (for example, milestones/boards/labels) as a separate file +instead of one archive. The group relations export API is primarily used in [group migration](../user/group/index.md). + +## Schedule new export + +Start a new group relations export: + +```plaintext +POST /groups/:id/export_relations +``` + +| Attribute | Type | Required | Description | +| --------- | -------------- | -------- | ---------------------------------------- | +| `id` | integer/string | yes | ID of the group owned by the authenticated user. | + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/1/export_relations" +``` + +```json +{ + "message": "202 Accepted" +} +``` + +## Export status + +View the status of the relations export: + +```plaintext +GET /groups/:id/export_relations/status +``` + +| Attribute | Type | Required | Description | +| --------- | -------------- | -------- | ---------------------------------------- | +| `id` | integer/string | yes | ID of the group owned by the authenticated user. | + +```shell +curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/1/export_relations/status" +``` + +The status can be one of the following: + +- `0`: `started` +- `1`: `finished` +- `-1`: `failed` + +- `0` - `started` +- `1` - `finished` +- `-1` - `failed` + +```json +[ + { + "relation": "badges", + "status": 1, + "error": null, + "updated_at": "2021-05-04T11:25:20.423Z" + }, + { + "relation": "boards", + "status": 1, + "error": null, + "updated_at": "2021-05-04T11:25:20.085Z" + } +] +``` + +## Export download + +Download the finished relations export: + +```plaintext +GET /groups/:id/export_relations/download +``` + +| Attribute | Type | Required | Description | +| --------------- | -------------- | -------- | ---------------------------------------- | +| `id` | integer/string | yes | ID of the group owned by the authenticated user. | +| `relation` | string | yes | Name of the group top-level relation to download. | + +```shell +curl --header "PRIVATE-TOKEN: <your_access_token>" --remote-header-name --remote-name "https://gitlab.example.com/api/v4/groups/1/export_relations/download?relation=labels" +``` + +```shell +ls labels.ndjson.gz +labels.ndjson.gz +``` diff --git a/doc/api/groups.md b/doc/api/groups.md index 6c01b2cf2a6..cbead18ff90 100644 --- a/doc/api/groups.md +++ b/doc/api/groups.md @@ -101,7 +101,7 @@ GET /groups?statistics=true "lfs_objects_size" : 123, "job_artifacts_size" : 57, "packages_size": 0, - "snippets_size" : 50, + "snippets_size" : 50 } } ] @@ -756,7 +756,7 @@ Parameters: | `two_factor_grace_period` | integer | no | Time before Two-factor authentication is enforced (in hours). | | `project_creation_level` | string | no | Determine if developers can create projects in the group. Can be `noone` (No one), `maintainer` (Maintainers), or `developer` (Developers + Maintainers). | | `auto_devops_enabled` | boolean | no | Default to Auto DevOps pipeline for all projects within this group. | -| `subgroup_creation_level` | string | no | Allowed to create subgroups. Can be `owner` (Owners), or `maintainer` (Maintainers). | +| `subgroup_creation_level` | string | no | Allowed to [create subgroups](../user/group/subgroups/index.md#creating-a-subgroup). Can be `owner` (Owners), or `maintainer` (Maintainers). | | `emails_disabled` | boolean | no | Disable email notifications | | `avatar` | mixed | no | Image file for avatar of the group. [Introduced in GitLab 12.9](https://gitlab.com/gitlab-org/gitlab/-/issues/36681) | | `mentions_disabled` | boolean | no | Disable the capability of a group from getting mentioned | @@ -830,7 +830,7 @@ PUT /groups/:id | `two_factor_grace_period` | integer | no | Time before Two-factor authentication is enforced (in hours). | | `project_creation_level` | string | no | Determine if developers can create projects in the group. Can be `noone` (No one), `maintainer` (Maintainers), or `developer` (Developers + Maintainers). | | `auto_devops_enabled` | boolean | no | Default to Auto DevOps pipeline for all projects within this group. | -| `subgroup_creation_level` | string | no | Allowed to create subgroups. Can be `owner` (Owners), or `maintainer` (Maintainers). | +| `subgroup_creation_level` | string | no | Allowed to [create subgroups](../user/group/subgroups/index.md#creating-a-subgroup). Can be `owner` (Owners), or `maintainer` (Maintainers). | | `emails_disabled` | boolean | no | Disable email notifications | | `avatar` | mixed | no | Image file for avatar of the group. [Introduced in GitLab 12.9](https://gitlab.com/gitlab-org/gitlab/-/issues/36681) | | `mentions_disabled` | boolean | no | Disable the capability of a group from getting mentioned | @@ -1087,7 +1087,7 @@ POST /groups/:id/hooks | `confidential_note_events` | boolean | no | Trigger hook on confidential note events | | `job_events` | boolean | no | Trigger hook on job events | | `pipeline_events` | boolean | no | Trigger hook on pipeline events | -| `wiki_page_events` | boolean | no | Trigger hook on wiki events | +| `wiki_page_events` | boolean | no | Trigger hook on wiki page events | | `deployment_events` | boolean | no | Trigger hook on deployment events | | `releases_events` | boolean | no | Trigger hook on release events | | `subgroup_events` | boolean | no | Trigger hook on subgroup events | @@ -1116,7 +1116,7 @@ PUT /groups/:id/hooks/:hook_id | `confidential_note_events` | boolean | no | Trigger hook on confidential note events | | `job_events` | boolean | no | Trigger hook on job events | | `pipeline_events` | boolean | no | Trigger hook on pipeline events | -| `wiki_events` | boolean | no | Trigger hook on wiki events | +| `wiki_page_events` | boolean | no | Trigger hook on wiki page events | | `deployment_events` | boolean | no | Trigger hook on deployment events | | `releases_events` | boolean | no | Trigger hook on release events | | `subgroup_events` | boolean | no | Trigger hook on subgroup events | @@ -1257,7 +1257,9 @@ Read more in the [Group Badges](group_badges.md) documentation. ## Group Import/Export -Read more in the [Group Import/Export](group_import_export.md) documentation. +Read more in the [Group Import/Export](group_import_export.md) +and [Group Relations Export](group_relations_export.md) +documentation. ## Share Groups with Groups diff --git a/doc/api/import.md b/doc/api/import.md index 2d978b7b6dd..e1585d02ae3 100644 --- a/doc/api/import.md +++ b/doc/api/import.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Manage +group: Import info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/instance_clusters.md b/doc/api/instance_clusters.md index 99717ba939d..1c4996975f7 100644 --- a/doc/api/instance_clusters.md +++ b/doc/api/instance_clusters.md @@ -84,7 +84,7 @@ Example response: }, "provider_gcp": null, "management_project": null - } + }, { "id": 11, "name": "cluster-3", diff --git a/doc/api/issue_links.md b/doc/api/issue_links.md index db65662c9cf..4dfa9b2f532 100644 --- a/doc/api/issue_links.md +++ b/doc/api/issue_links.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Plan +group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- @@ -30,7 +30,7 @@ Parameters: { "id" : 84, "iid" : 14, - "issue_link_id": 1 + "issue_link_id": 1, "project_id" : 4, "created_at" : "2016-01-07T12:44:33.959Z", "title" : "Issues with auth", @@ -51,7 +51,6 @@ Parameters: "description" : null, "updated_at" : "2016-01-07T12:44:33.959Z", "milestone" : null, - "subscribed" : true, "user_notes_count": 0, "due_date": null, "web_url": "http://example.com/example/example/issues/14", @@ -117,7 +116,7 @@ Example response: "due_date": null, "web_url": "http://example.com/example/example/issues/11", "confidential": false, - "weight": null, + "weight": null }, "target_issue" : { "id" : 84, @@ -147,7 +146,7 @@ Example response: "due_date": null, "web_url": "http://example.com/example/example/issues/14", "confidential": false, - "weight": null, + "weight": null }, "link_type": "relates_to" } @@ -198,7 +197,7 @@ DELETE /projects/:id/issues/:issue_iid/links/:issue_link_id "due_date": null, "web_url": "http://example.com/example/example/issues/11", "confidential": false, - "weight": null, + "weight": null }, "target_issue" : { "id" : 84, @@ -228,7 +227,7 @@ DELETE /projects/:id/issues/:issue_iid/links/:issue_link_id "due_date": null, "web_url": "http://example.com/example/example/issues/14", "confidential": false, - "weight": null, + "weight": null }, "link_type": "relates_to" } diff --git a/doc/api/issues.md b/doc/api/issues.md index 23028b44169..acfca50cb5e 100644 --- a/doc/api/issues.md +++ b/doc/api/issues.md @@ -27,6 +27,8 @@ When requested across groups or projects, it's expected to be the same as the `f ## List issues +> The `weight` property moved to GitLab Premium in 13.9. + Get all issues the authenticated user has access to. By default it returns only issues created by the current user. To get all issues, use parameter `scope=all`. @@ -60,6 +62,7 @@ GET /issues?state=opened | `due_date` | string | no | Return issues that have no due date, are overdue, or whose due date is this week, this month, or between two weeks ago and next month. Accepts: `0` (no due date), `overdue`, `week`, `month`, `next_month_and_previous_two_weeks`. _(Introduced in [GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/233420))_ | | `iids[]` | integer array | no | Return only the issues having the given `iid` | | `in` | string | no | Modify the scope of the `search` attribute. `title`, `description`, or a string joining them with comma. Default is `title,description` | +| `issue_type` | string | no | Filter to a given type of issue. One of `issue`, `incident`, or `test_case`. _(Introduced in [GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/issues/260375))_ | | `iteration_id` **(PREMIUM)** | integer | no | Return issues assigned to the given iteration ID. `None` returns issues that do not belong to an iteration. `Any` returns issues that belong to an iteration. Mutually exclusive with `iteration_title`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6)_ | | `iteration_title` **(PREMIUM)** | string | no | Return issues assigned to the iteration with the given title. Similar to `iteration_id` and mutually exclusive with `iteration_id`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6)_ | | `milestone` | string | no | The milestone title. `None` lists all issues with no milestone. `Any` lists all issues that have an assigned milestone. | @@ -75,7 +78,7 @@ GET /issues?state=opened | `state` | string | no | Return `all` issues or just those that are `opened` or `closed` | | `updated_after` | datetime | no | Return issues updated on or after the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | | `updated_before` | datetime | no | Return issues updated on or before the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | -| `weight` **(STARTER)** | integer | no | Return issues with the specified `weight`. `None` returns issues with no weight assigned. `Any` returns issues with a weight assigned. | +| `weight` **(PREMIUM)** | integer | no | Return issues with the specified `weight`. `None` returns issues with no weight assigned. `Any` returns issues with a weight assigned. | | `with_labels_details` | boolean | no | If `true`, the response returns more details for each label in labels field: `:name`, `:color`, `:description`, `:description_html`, `:text_color`. Default is `false`. The `description_html` attribute was introduced in [GitLab 12.7](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21413)| ```shell @@ -125,6 +128,7 @@ Example response: "avatar_url" : null, "username" : "root" }, + "type" : "ISSUE", "updated_at" : "2016-01-04T15:31:51.081Z", "closed_at" : null, "closed_by" : null, @@ -155,6 +159,7 @@ Example response: "task_status": "10 of 15 tasks completed", "confidential": false, "discussion_locked": false, + "issue_type": "issue", "_links":{ "self":"http://gitlab.example.com/api/v4/projects/1/issues/76", "notes":"http://gitlab.example.com/api/v4/projects/1/issues/76/notes", @@ -169,8 +174,7 @@ Example response: ] ``` -Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/) can also see -the `weight` parameter: +Issues created by users on GitLab Premium or higher include the `weight` property: ```json [ @@ -183,8 +187,25 @@ the `weight` parameter: ] ``` -Users of [GitLab Ultimate](https://about.gitlab.com/pricing/) can also see -the `health_status` parameter: +Issues created by users on GitLab Premium or higher include the `epic` property: + +```json +{ + "project_id" : 4, + "description" : "Omnis vero earum sunt corporis dolor et placeat.", + "epic_iid" : 5, //deprecated, use `iid` of the `epic` attribute + "epic": { + "id" : 42, + "iid" : 5, + "title": "My epic epic", + "url" : "/groups/h5bp/-/epics/5", + "group_id": 8 + }, + ... +} +``` + +Issues created by users on GitLab Ultimate include the `health_status` property: ```json [ @@ -201,6 +222,10 @@ WARNING: The `assignee` column is deprecated. We now show it as a single-sized array `assignees` to conform to the GitLab EE API. +WARNING: +The `epic_iid` attribute is deprecated and [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157). +Please use `iid` of the `epic` attribute instead. + NOTE: The `closed_by` attribute was [introduced in GitLab 10.6](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/17042). This value is only present for issues closed after GitLab 10.6 and if the user account @@ -208,6 +233,8 @@ that closed the issue still exists. ## List group issues +> The `weight` property moved to GitLab Premium in 13.9. + Get a list of a group's issues. If the group is private, credentials need to be provided for authorization. @@ -242,6 +269,9 @@ GET /groups/:id/issues?state=opened | `due_date` | string | no | Return issues that have no due date, are overdue, or whose due date is this week, this month, or between two weeks ago and next month. Accepts: `0` (no due date), `overdue`, `week`, `month`, `next_month_and_previous_two_weeks`. _(Introduced in [GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/233420))_ | | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | | `iids[]` | integer array | no | Return only the issues having the given `iid` | +| `issue_type` | string | no | Filter to a given type of issue. One of `issue`, `incident`, or `test_case`. _(Introduced in [GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/issues/260375))_ | +| `iteration_id` **(PREMIUM)** | integer | no | Return issues assigned to the given iteration ID. `None` returns issues that do not belong to an iteration. `Any` returns issues that belong to an iteration. Mutually exclusive with `iteration_title`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6)_ | +| `iteration_title` **(PREMIUM)** | string | no | Return issues assigned to the iteration with the given title. Similar to `iteration_id` and mutually exclusive with `iteration_id`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6)_ | | `labels` | string | no | Comma-separated list of label names, issues must have all labels to be returned. `None` lists all issues with no labels. `Any` lists all issues with at least one label. `No+Label` (Deprecated) lists all issues with no labels. Predefined names are case-insensitive. | | `milestone` | string | no | The milestone title. `None` lists all issues with no milestone. `Any` lists all issues that have an assigned milestone. | | `my_reaction_emoji` | string | no | Return issues reacted by the authenticated user by the given `emoji`. `None` returns issues not given a reaction. `Any` returns issues given at least one reaction. _([Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/14016) in GitLab 10.0)_ | @@ -254,7 +284,7 @@ GET /groups/:id/issues?state=opened | `state` | string | no | Return all issues or just those that are `opened` or `closed` | | `updated_after` | datetime | no | Return issues updated on or after the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | | `updated_before` | datetime | no | Return issues updated on or before the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | -| `weight` **(STARTER)** | integer | no | Return issues with the specified `weight`. `None` returns issues with no weight assigned. `Any` returns issues with a weight assigned. | +| `weight` **(PREMIUM)** | integer | no | Return issues with the specified `weight`. `None` returns issues with no weight assigned. `Any` returns issues with a weight assigned. | | `with_labels_details` | boolean | no | If `true`, the response returns more details for each label in labels field: `:name`, `:color`, `:description`, `:description_html`, `:text_color`. Default is `false`. The `description_html` attribute was introduced in [GitLab 12.7](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21413) | ```shell @@ -305,6 +335,7 @@ Example response: "id" : 9, "name" : "Dr. Luella Kovacek" }, + "type" : "ISSUE", "labels" : ["foo", "bar"], "upvotes": 4, "downvotes": 0, @@ -333,6 +364,7 @@ Example response: "task_status": "10 of 15 tasks completed", "confidential": false, "discussion_locked": false, + "issue_type": "issue", "_links":{ "self":"http://gitlab.example.com/api/v4/projects/4/issues/41", "notes":"http://gitlab.example.com/api/v4/projects/4/issues/41/notes", @@ -347,8 +379,7 @@ Example response: ] ``` -Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/) can also see -the `weight` parameter: +Issues created by users on GitLab Premium or higher include the `weight` property: ```json [ @@ -361,8 +392,25 @@ the `weight` parameter: ] ``` -Users of [GitLab Ultimate](https://about.gitlab.com/pricing/) can also see -the `health_status` parameter: +Issues created by users on GitLab Premium or higher include the `epic` property: + +```json +{ + "project_id" : 4, + "description" : "Omnis vero earum sunt corporis dolor et placeat.", + "epic_iid" : 5, //deprecated, use `iid` of the `epic` attribute + "epic": { + "id" : 42, + "iid" : 5, + "title": "My epic epic", + "url" : "/groups/h5bp/-/epics/5", + "group_id": 8 + }, + ... +} +``` + +Issues created by users on GitLab Ultimate include the `health_status` property: ```json [ @@ -378,6 +426,10 @@ the `health_status` parameter: WARNING: The `assignee` column is deprecated. We now show it as a single-sized array `assignees` to conform to the GitLab EE API. +WARNING: +The `epic_iid` attribute is deprecated and [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157). +Please use `iid` of the `epic` attribute instead. + NOTE: The `closed_by` attribute was [introduced in GitLab 10.6](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/17042). This value is only present for issues closed after GitLab 10.6 and if the user account that closed @@ -385,6 +437,8 @@ the issue still exists. ## List project issues +> The `weight` property moved to GitLab Premium in 13.9. + Get a list of a project's issues. If the project is private, you need to provide credentials to authorize. @@ -419,6 +473,9 @@ GET /projects/:id/issues?state=opened | `due_date` | string | no | Return issues that have no due date, are overdue, or whose due date is this week, this month, or between two weeks ago and next month. Accepts: `0` (no due date), `overdue`, `week`, `month`, `next_month_and_previous_two_weeks`. _(Introduced in [GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/233420))_ | | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | | `iids[]` | integer array | no | Return only the issues having the given `iid` | +| `issue_type` | string | no | Filter to a given type of issue. One of `issue`, `incident`, or `test_case`. _(Introduced in [GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/issues/260375))_ | +| `iteration_id` **(PREMIUM)** | integer | no | Return issues assigned to the given iteration ID. `None` returns issues that do not belong to an iteration. `Any` returns issues that belong to an iteration. Mutually exclusive with `iteration_title`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6)_ | +| `iteration_title` **(PREMIUM)** | string | no | Return issues assigned to the iteration with the given title. Similar to `iteration_id` and mutually exclusive with `iteration_id`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6)_ | | `labels` | string | no | Comma-separated list of label names, issues must have all labels to be returned. `None` lists all issues with no labels. `Any` lists all issues with at least one label. `No+Label` (Deprecated) lists all issues with no labels. Predefined names are case-insensitive. | | `milestone` | string | no | The milestone title. `None` lists all issues with no milestone. `Any` lists all issues that have an assigned milestone. | | `my_reaction_emoji` | string | no | Return issues reacted by the authenticated user by the given `emoji`. `None` returns issues not given a reaction. `Any` returns issues given at least one reaction. _([Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/14016) in GitLab 10.0)_ | @@ -430,7 +487,7 @@ GET /projects/:id/issues?state=opened | `state` | string | no | Return all issues or just those that are `opened` or `closed` | | `updated_after` | datetime | no | Return issues updated on or after the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | | `updated_before` | datetime | no | Return issues updated on or before the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | -| `weight` **(STARTER)** | integer | no | Return issues with the specified `weight`. `None` returns issues with no weight assigned. `Any` returns issues with a weight assigned. | +| `weight` **(PREMIUM)** | integer | no | Return issues with the specified `weight`. `None` returns issues with no weight assigned. `Any` returns issues with a weight assigned. | | `with_labels_details` | boolean | no | If `true`, the response returns more details for each label in labels field: `:name`, `:color`, `:description`, `:description_html`, `:text_color`. Default is `false`. `description_html` was introduced in [GitLab 12.7](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21413) | ```shell @@ -481,6 +538,7 @@ Example response: "id" : 9, "name" : "Dr. Luella Kovacek" }, + "type" : "ISSUE", "labels" : ["foo", "bar"], "upvotes": 4, "downvotes": 0, @@ -516,6 +574,7 @@ Example response: "task_status": "10 of 15 tasks completed", "confidential": false, "discussion_locked": false, + "issue_type": "issue", "_links":{ "self":"http://gitlab.example.com/api/v4/projects/4/issues/41", "notes":"http://gitlab.example.com/api/v4/projects/4/issues/41/notes", @@ -530,8 +589,7 @@ Example response: ] ``` -Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/) can also see -the `weight` parameter: +Issues created by users on GitLab Premium or higher include the `weight` property: ```json [ @@ -544,8 +602,25 @@ the `weight` parameter: ] ``` -Users of [GitLab Ultimate](https://about.gitlab.com/pricing/) can also see -the `health_status` parameter: +Issues created by users on GitLab Premium or higher include the `epic` property: + +```json +{ + "project_id" : 4, + "description" : "Omnis vero earum sunt corporis dolor et placeat.", + "epic_iid" : 5, //deprecated, use `iid` of the `epic` attribute + "epic": { + "id" : 42, + "iid" : 5, + "title": "My epic epic", + "url" : "/groups/h5bp/-/epics/5", + "group_id": 8 + }, + ... +} +``` + +Issues created by users on GitLab Ultimate include the `health_status` property: ```json [ @@ -561,6 +636,10 @@ the `health_status` parameter: WARNING: The `assignee` column is deprecated. We now show it as a single-sized array `assignees` to conform to the GitLab EE API. +WARNING: +The `epic_iid` attribute is deprecated and [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157). +Please use `iid` of the `epic` attribute instead. + NOTE: The `closed_by` attribute was [introduced in GitLab 10.6](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/17042). This value is only present for issues closed after GitLab 10.6 and if the user account that closed the issue still exists. @@ -587,83 +666,81 @@ Example response: ```json { - "id" : 1, - "milestone" : { - "due_date" : null, - "project_id" : 4, - "state" : "closed", - "description" : "Rerum est voluptatem provident consequuntur molestias similique ipsum dolor.", - "iid" : 3, - "id" : 11, - "title" : "v3.0", - "created_at" : "2016-01-04T15:31:39.788Z", - "updated_at" : "2016-01-04T15:31:39.788Z", - "closed_at" : "2016-01-05T15:31:46.176Z" - }, - "author" : { - "state" : "active", - "web_url" : "https://gitlab.example.com/root", - "avatar_url" : null, - "username" : "root", - "id" : 1, - "name" : "Administrator" - }, - "description" : "Omnis vero earum sunt corporis dolor et placeat.", - "state" : "closed", - "iid" : 1, - "assignees" : [{ - "avatar_url" : null, - "web_url" : "https://gitlab.example.com/lennie", - "state" : "active", - "username" : "lennie", - "id" : 9, - "name" : "Dr. Luella Kovacek" - }], - "assignee" : { - "avatar_url" : null, - "web_url" : "https://gitlab.example.com/lennie", - "state" : "active", - "username" : "lennie", - "id" : 9, - "name" : "Dr. Luella Kovacek" - }, - "labels" : [], - "upvotes": 4, - "downvotes": 0, - "merge_requests_count": 0, - "title" : "Ut commodi ullam eos dolores perferendis nihil sunt.", - "updated_at" : "2016-01-04T15:31:46.176Z", - "created_at" : "2016-01-04T15:31:46.176Z", - "closed_at" : null, - "closed_by" : null, - "subscribed": false, - "user_notes_count": 1, - "due_date": null, - "web_url": "http://example.com/my-group/my-project/issues/1", - "references": { - "short": "#1", - "relative": "#1", - "full": "my-group/my-project#1" - }, - "time_stats": { - "time_estimate": 0, - "total_time_spent": 0, - "human_time_estimate": null, - "human_total_time_spent": null - }, - "confidential": false, - "discussion_locked": false, - "_links": { - "self": "http://example.com/api/v4/projects/1/issues/2", - "notes": "http://example.com/api/v4/projects/1/issues/2/notes", - "award_emoji": "http://example.com/api/v4/projects/1/issues/2/award_emoji", - "project": "http://example.com/api/v4/projects/1" - }, - "task_completion_status":{ - "count":0, - "completed_count":0 - }, - "weight": null, + "id": 1, + "milestone": { + "due_date": null, + "project_id": 4, + "state": "closed", + "description": "Rerum est voluptatem provident consequuntur molestias similique ipsum dolor.", + "iid": 3, + "id": 11, + "title": "v3.0", + "created_at": "2016-01-04T15:31:39.788Z", + "updated_at": "2016-01-04T15:31:39.788Z", + "closed_at": "2016-01-05T15:31:46.176Z" + }, + "author": { + "state": "active", + "web_url": "https://gitlab.example.com/root", + "avatar_url": null, + "username": "root", + "id": 1, + "name": "Administrator" + }, + "description": "Omnis vero earum sunt corporis dolor et placeat.", + "state": "closed", + "iid": 1, + "assignees": [ + { + "avatar_url": null, + "web_url": "https://gitlab.example.com/lennie", + "state": "active", + "username": "lennie", + "id": 9, + "name": "Dr. Luella Kovacek" + } + ], + "assignee": { + "avatar_url": null, + "web_url": "https://gitlab.example.com/lennie", + "state": "active", + "username": "lennie", + "id": 9, + "name": "Dr. Luella Kovacek" + }, + "type": "ISSUE", + "labels": [], + "upvotes": 4, + "downvotes": 0, + "merge_requests_count": 0, + "title": "Ut commodi ullam eos dolores perferendis nihil sunt.", + "updated_at": "2016-01-04T15:31:46.176Z", + "created_at": "2016-01-04T15:31:46.176Z", + "closed_at": null, + "closed_by": null, + "subscribed": false, + "user_notes_count": 1, + "due_date": null, + "web_url": "http://example.com/my-group/my-project/issues/1", + "references": { + "short": "#1", + "relative": "#1", + "full": "my-group/my-project#1" + }, + "time_stats": { + "time_estimate": 0, + "total_time_spent": 0, + "human_time_estimate": null, + "human_total_time_spent": null + }, + "confidential": false, + "discussion_locked": false, + "issue_type": "issue", + "task_completion_status": { + "count": 0, + "completed_count": 0 + }, + "weight": null, "has_tasks": false, "_links": { "self": "http://gitlab.example:3000/api/v4/projects/1/issues/1", @@ -671,21 +748,12 @@ Example response: "award_emoji": "http://gitlab.example:3000/api/v4/projects/1/issues/1/award_emoji", "project": "http://gitlab.example:3000/api/v4/projects/1" }, - "references": { - "short": "#1", - "relative": "#1", - "full": "gitlab-org/gitlab-test#1" - }, - "subscribed": true, "moved_to_id": null, - "service_desk_reply_to": "service.desk@gitlab.com", - "epic_iid": null, - "epic": null + "service_desk_reply_to": "service.desk@gitlab.com" } ``` -Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/) can also see -the `weight` parameter: +Issues created by users on GitLab Premium or higher include the `weight` property: ```json { @@ -696,10 +764,9 @@ the `weight` parameter: } ``` -Users of [GitLab Ultimate](https://about.gitlab.com/pricing/) can also see -the `epic` property: +Issues created by users on GitLab Premium or higher include the `epic` property: -```javascript +```json { "project_id" : 4, "description" : "Omnis vero earum sunt corporis dolor et placeat.", @@ -712,10 +779,24 @@ the `epic` property: "url" : "/groups/h5bp/-/epics/5", "group_id": 8 }, - // ... + ... } ``` +Users of [GitLab Ultimate](https://about.gitlab.com/pricing/) can also see the `health_status` +property: + +```json +[ + { + "project_id" : 4, + "description" : "Omnis vero earum sunt corporis dolor et placeat.", + "health_status": "on_track", + ... + } +] +``` + WARNING: The `assignee` column is deprecated. We now show it as a single-sized array `assignees` to conform to the GitLab EE API. @@ -793,6 +874,7 @@ Example response: "id" : 9, "name" : "Dr. Luella Kovacek" }, + "type" : "ISSUE", "labels" : [], "upvotes": 4, "downvotes": 0, @@ -820,6 +902,7 @@ Example response: }, "confidential": false, "discussion_locked": false, + "issue_type": "issue", "_links": { "self": "http://gitlab.example.com/api/v4/projects/1/issues/2", "notes": "http://gitlab.example.com/api/v4/projects/1/issues/2/notes", @@ -833,8 +916,7 @@ Example response: } ``` -Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/) can also see -the `weight` parameter: +Issues created by users on GitLab Premium or higher include the `weight` property: ```json { @@ -845,10 +927,9 @@ the `weight` parameter: } ``` -Users of [GitLab Premium](https://about.gitlab.com/pricing/) can also see -the `epic` property: +Issues created by users on GitLab Premium or higher include the `epic` property: -```javascript +```json { "project_id" : 4, "description" : "Omnis vero earum sunt corporis dolor et placeat.", @@ -860,7 +941,7 @@ the `epic` property: "url" : "/groups/h5bp/-/epics/5", "group_id": 8 }, - // ... + ... } ``` @@ -891,6 +972,8 @@ the issue still exists. ## New issue +> The `weight` property moved to GitLab Premium in 13.9. + Creates a new project issue. ```plaintext @@ -899,7 +982,8 @@ POST /projects/:id/issues | Attribute | Type | Required | Description | |-------------------------------------------|----------------|----------|--------------| -| `assignee_ids` | integer array | no | The ID of the user(s) to assign the issue to. | +| `assignee_id` | integer | no | The ID of the user to assign the issue to. Only appears on GitLab Free. | +| `assignee_ids` **(PREMIUM)** | integer array | no | The IDs of the users to assign the issue to. | | `confidential` | boolean | no | Set an issue to be confidential. Default is `false`. | | `created_at` | string | no | When the issue was created. Date time string, ISO 8601 formatted, for example `2016-03-11T03:45:40Z`. Requires administrator or project/group owner rights. | | `description` | string | no | The description of an issue. Limited to 1,048,576 characters. | @@ -909,11 +993,12 @@ POST /projects/:id/issues | `epic_iid` **(PREMIUM)** | integer | no | IID of the epic to add the issue to. Valid values are greater than or equal to 0. (deprecated, [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157)) | | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | | `iid` | integer/string | no | The internal ID of the project's issue (requires administrator or project owner rights) | +| `issue_type` | string | no | The type of issue. One of `issue`, `incident`, or `test_case`. Default is `issue`. | | `labels` | string | no | Comma-separated label names for an issue | | `merge_request_to_resolve_discussions_of` | integer | no | The IID of a merge request in which to resolve all issues. This fills out the issue with a default description and mark all discussions as resolved. When passing a description or title, these values take precedence over the default values.| | `milestone_id` | integer | no | The global ID of a milestone to assign issue | | `title` | string | yes | The title of an issue | -| `weight` **(STARTER)** | integer | no | The weight of the issue. Valid values are greater than or equal to 0. | +| `weight` **(PREMIUM)** | integer | no | The weight of the issue. Valid values are greater than or equal to 0. | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/4/issues?title=Issues%20with%20auth&labels=bug" @@ -931,6 +1016,7 @@ Example response: "state" : "opened", "assignees" : [], "assignee" : null, + "type" : "ISSUE", "labels" : [ "bug" ], @@ -967,6 +1053,7 @@ Example response: }, "confidential": false, "discussion_locked": false, + "issue_type": "issue", "_links": { "self": "http://gitlab.example.com/api/v4/projects/1/issues/2", "notes": "http://gitlab.example.com/api/v4/projects/1/issues/2/notes", @@ -980,8 +1067,7 @@ Example response: } ``` -Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/) can also see -the `weight` parameter: +Issues created by users on GitLab Premium or higher include the `weight` property: ```json { @@ -992,8 +1078,25 @@ the `weight` parameter: } ``` -Users of [GitLab Ultimate](https://about.gitlab.com/pricing/) can also see -the `health_status` parameter: +Issues created by users on GitLab Premium or higher include the `epic` property: + +```json +{ + "project_id" : 4, + "description" : "Omnis vero earum sunt corporis dolor et placeat.", + "epic_iid" : 5, //deprecated, use `iid` of the `epic` attribute + "epic": { + "id" : 42, + "iid" : 5, + "title": "My epic epic", + "url" : "/groups/h5bp/-/epics/5", + "group_id": 8 + }, + ... +} +``` + +Issues created by users on GitLab Ultimate include the `health_status` property: ```json [ @@ -1009,6 +1112,10 @@ the `health_status` parameter: WARNING: The `assignee` column is deprecated. We now show it as a single-sized array `assignees` to conform to the GitLab EE API. +WARNING: +The `epic_iid` attribute is deprecated and [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157). +Please use `iid` of the `epic` attribute instead. + NOTE: The `closed_by` attribute was [introduced in GitLab 10.6](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/17042). This value is only present for issues closed after GitLab 10.6 and if the user account that closed the issue still exists. @@ -1020,6 +1127,8 @@ See [Issues rate limits](../user/admin_area/settings/rate_limit_on_issues_creati ## Edit issue +> The `weight` property moved to GitLab Premium in 13.9. + Updates an existing project issue. This call is also used to mark an issue as closed. @@ -1032,6 +1141,7 @@ At least one of the following parameters is required for the request to be succe - `:description` - `:discussion_locked` - `:due_date` +- `:issue_type` - `:labels` - `:milestone_id` - `:state_event` @@ -1053,13 +1163,14 @@ PUT /projects/:id/issues/:issue_iid | `epic_iid` **(PREMIUM)** | integer | no | IID of the epic to add the issue to. Valid values are greater than or equal to 0. (deprecated, [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157)) | | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | +| `issue_type` | string | no | Updates the type of issue. One of `issue`, `incident`, or `test_case`. | | `labels` | string | no | Comma-separated label names for an issue. Set to an empty string to unassign all labels. | | `milestone_id` | integer | no | The global ID of a milestone to assign the issue to. Set to `0` or provide an empty value to unassign a milestone.| | `remove_labels`| string | no | Comma-separated label names to remove from an issue. | | `state_event` | string | no | The state event of an issue. Set `close` to close the issue and `reopen` to reopen it | | `title` | string | no | The title of an issue | | `updated_at` | string | no | When the issue was updated. Date time string, ISO 8601 formatted, for example `2016-03-11T03:45:40Z` (requires administrator or project owner rights). Empty string or null values are not accepted.| -| `weight` **(STARTER)** | integer | no | The weight of the issue. Valid values are greater than or equal to 0. 0 | +| `weight` **(PREMIUM)** | integer | no | The weight of the issue. Valid values are greater than or equal to 0. 0 | ```shell curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/4/issues/85?state_event=close" @@ -1120,6 +1231,7 @@ Example response: }, "confidential": false, "discussion_locked": false, + "issue_type": "issue", "_links": { "self": "http://gitlab.example.com/api/v4/projects/1/issues/2", "notes": "http://gitlab.example.com/api/v4/projects/1/issues/2/notes", @@ -1133,8 +1245,7 @@ Example response: } ``` -Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/) can also see -the `weight` parameter: +Issues created by users on GitLab Premium or higher include the `weight` property: ```json { @@ -1145,8 +1256,25 @@ the `weight` parameter: } ``` -Users of [GitLab Ultimate](https://about.gitlab.com/pricing/) can also see -the `health_status` parameter: +Issues created by users on GitLab Premium or higher include the `epic` property: + +```json +{ + "project_id" : 4, + "description" : "Omnis vero earum sunt corporis dolor et placeat.", + "epic_iid" : 5, //deprecated, use `iid` of the `epic` attribute + "epic": { + "id" : 42, + "iid" : 5, + "title": "My epic epic", + "url" : "/groups/h5bp/-/epics/5", + "group_id": 8 + }, + ... +} +``` + +Issues created by users on GitLab Ultimate include the `health_status` property: ```json [ @@ -1164,6 +1292,10 @@ The `closed_by` attribute was [introduced in GitLab 10.6](https://gitlab.com/git the issue still exists. WARNING: +The `epic_iid` attribute is deprecated and [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157). +Please use `iid` of the `epic` attribute instead. + +WARNING: `assignee` column is deprecated. We now show it as a single-sized array `assignees` to conform to the GitLab EE API. ## Delete an issue @@ -1262,6 +1394,7 @@ Example response: "avatar_url": "http://www.gravatar.com/avatar/46f6f7dc858ada7be1853f7fb96e81da?s=80&d=identicon", "web_url": "https://gitlab.example.com/axel.block" }, + "type" : "ISSUE", "author": { "name": "Kris Steuber", "username": "solon.cremin", @@ -1285,6 +1418,7 @@ Example response: }, "confidential": false, "discussion_locked": false, + "issue_type": "issue", "_links": { "self": "http://gitlab.example.com/api/v4/projects/1/issues/2", "notes": "http://gitlab.example.com/api/v4/projects/1/issues/2/notes", @@ -1298,8 +1432,7 @@ Example response: } ``` -Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/) can also see -the `weight` parameter: +Issues created by users on GitLab Premium or higher include the `weight` property: ```json { @@ -1310,8 +1443,25 @@ the `weight` parameter: } ``` -Users of [GitLab Ultimate](https://about.gitlab.com/pricing/) can also see -the `health_status` parameter: +Issues created by users on GitLab Premium or higher include the `epic` property: + +```json +{ + "project_id" : 4, + "description" : "Omnis vero earum sunt corporis dolor et placeat.", + "epic_iid" : 5, //deprecated, use `iid` of the `epic` attribute + "epic": { + "id" : 42, + "iid" : 5, + "title": "My epic epic", + "url" : "/groups/h5bp/-/epics/5", + "group_id": 8 + }, + ... +} +``` + +Issues created by users on GitLab Ultimate include the `health_status` property: ```json [ @@ -1327,6 +1477,10 @@ the `health_status` parameter: WARNING: The `assignee` column is deprecated. We now show it as a single-sized array `assignees` to conform to the GitLab EE API. +WARNING: +The `epic_iid` attribute is deprecated and [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157). +Please use `iid` of the `epic` attribute instead. + NOTE: The `closed_by` attribute was [introduced in GitLab 10.6](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/17042). This value is only present for issues closed after GitLab 10.6 and if the user account that closed the issue still exists. @@ -1385,6 +1539,7 @@ Example response: "avatar_url": "http://www.gravatar.com/avatar/46f6f7dc858ada7be1853f7fb96e81da?s=80&d=identicon", "web_url": "https://gitlab.example.com/axel.block" }, + "type" : "ISSUE", "author": { "name": "Kris Steuber", "username": "solon.cremin", @@ -1408,6 +1563,7 @@ Example response: }, "confidential": false, "discussion_locked": false, + "issue_type": "issue", "_links": { "self": "http://gitlab.example.com/api/v4/projects/1/issues/2", "notes": "http://gitlab.example.com/api/v4/projects/1/issues/2/notes", @@ -1421,8 +1577,7 @@ Example response: } ``` -Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/) can also see -the `weight` parameter: +Issues created by users on GitLab Premium or higher include the `weight` property: ```json { @@ -1433,9 +1588,44 @@ the `weight` parameter: } ``` +Issues created by users on GitLab Premium or higher include the `epic` property: + +```json +{ + "project_id" : 4, + "description" : "Omnis vero earum sunt corporis dolor et placeat.", + "epic_iid" : 5, //deprecated, use `iid` of the `epic` attribute + "epic": { + "id" : 42, + "iid" : 5, + "title": "My epic epic", + "url" : "/groups/h5bp/-/epics/5", + "group_id": 8 + }, + ... +} +``` + +Issues created by users on GitLab Ultimate include the `health_status` property: + +```json +[ + { + "project_id" : 4, + "description" : "Omnis vero earum sunt corporis dolor et placeat.", + "health_status": "on_track", + ... + } +] +``` + WARNING: The `assignee` column is deprecated. We now show it as a single-sized array `assignees` to conform to the GitLab EE API. +WARNING: +The `epic_iid` attribute is deprecated and [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157). +Please use `iid` of the `epic` attribute instead. + NOTE: The `closed_by` attribute was [introduced in GitLab 10.6](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/17042). This value is only present for issues closed after GitLab 10.6 and if the user account that closed the issue still exists. @@ -1484,6 +1674,7 @@ Example response: "avatar_url": "http://www.gravatar.com/avatar/3e6f06a86cf27fa8b56f3f74f7615987?s=80&d=identicon", "web_url": "https://gitlab.example.com/keyon" }, + "type" : "ISSUE", "closed_at": null, "closed_by": null, "author": { @@ -1504,6 +1695,7 @@ Example response: }, "confidential": false, "discussion_locked": false, + "issue_type": "issue", "task_completion_status":{ "count":0, "completed_count":0 @@ -1589,6 +1781,7 @@ Example response: "avatar_url": "http://www.gravatar.com/avatar/a7fa515d53450023c83d62986d0658a8?s=80&d=identicon", "web_url": "https://gitlab.example.com/francisca" }, + "type" : "ISSUE", "author": { "name": "Maxie Medhurst", "username": "craig_rutherford", @@ -1611,6 +1804,7 @@ Example response: }, "confidential": false, "discussion_locked": false, + "issue_type": "issue", "task_completion_status":{ "count":0, "completed_count":0 @@ -1836,7 +2030,7 @@ If the project is private or the issue is confidential, you need to provide cred The preferred way to do this, is by using [personal access tokens](../user/profile/personal_access_tokens.md). ```plaintext -GET /projects/:id/issues/:issue_id/related_merge_requests +GET /projects/:id/issues/:issue_iid/related_merge_requests ``` | Attribute | Type | Required | Description | diff --git a/doc/api/issues_statistics.md b/doc/api/issues_statistics.md index 20f405774d5..de5f26141f5 100644 --- a/doc/api/issues_statistics.md +++ b/doc/api/issues_statistics.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Plan +group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/jobs.md b/doc/api/jobs.md index 78af6b881aa..6647b53bcb4 100644 --- a/doc/api/jobs.md +++ b/doc/api/jobs.md @@ -43,6 +43,7 @@ Example of response "started_at": "2015-12-24T17:54:27.722Z", "finished_at": "2015-12-24T17:54:27.895Z", "duration": 0.173, + "queued_duration": 0.010, "artifacts_file": { "filename": "artifacts.zip", "size": 1000 @@ -67,7 +68,6 @@ Example of response "status": "pending" }, "ref": "master", - "artifacts": [], "runner": null, "stage": "test", "status": "failed", @@ -107,6 +107,7 @@ Example of response "started_at": "2015-12-24T17:54:24.729Z", "finished_at": "2015-12-24T17:54:24.921Z", "duration": 0.192, + "queued_duration": 0.023, "artifacts_expire_at": "2016-01-23T17:54:24.921Z", "tag_list": [ "docker runner", "win10-2004" @@ -159,7 +160,7 @@ GET /projects/:id/pipelines/:pipeline_id/jobs | Attribute | Type | Required | Description | |-------------------|--------------------------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | -| `pipeline_id` | integer | yes | ID of a pipeline. | +| `pipeline_id` | integer | yes | ID of a pipeline. Can also be obtained in CI jobs via the [predefined CI variable](../ci/variables/predefined_variables.md) `CI_PIPELINE_ID`. | | `scope` | string **or** array of strings | no | Scope of jobs to show. Either one of or an array of the following: `created`, `pending`, `running`, `failed`, `success`, `canceled`, `skipped`, or `manual`. All jobs are returned if `scope` is not provided. | | `include_retried` | boolean | no | Include retried jobs in the response. Defaults to `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/272627) in GitLab 13.9. | @@ -187,6 +188,7 @@ Example of response "started_at": "2015-12-24T17:54:24.729Z", "finished_at": "2015-12-24T17:54:24.921Z", "duration": 0.192, + "queued_duration": 0.023, "artifacts_expire_at": "2016-01-23T17:54:24.921Z", "tag_list": [ "docker runner", "ubuntu18" @@ -241,6 +243,7 @@ Example of response "started_at": "2015-12-24T17:54:27.722Z", "finished_at": "2015-12-24T17:54:27.895Z", "duration": 0.173, + "queued_duration": 0.023, "artifacts_file": { "filename": "artifacts.zip", "size": 1000 @@ -339,6 +342,7 @@ Example of response "started_at": "2015-12-24T17:54:27.722Z", "finished_at": "2015-12-24T17:58:27.895Z", "duration": 240, + "queued_duration": 0.123, "id": 7, "name": "teaspoon", "pipeline": { @@ -422,6 +426,7 @@ Example of response "started_at": "2015-12-24T17:54:30.733Z", "finished_at": "2015-12-24T17:54:31.198Z", "duration": 0.465, + "queued_duration": 0.123, "artifacts_expire_at": "2016-01-23T17:54:31.198Z", "id": 8, "name": "rubocop", @@ -575,6 +580,7 @@ Example of response "started_at": "2015-12-24T17:54:30.733Z", "finished_at": "2015-12-24T17:54:31.198Z", "duration": 0.465, + "queued_duration": 0.010, "artifacts_expire_at": "2016-01-23T17:54:31.198Z", "tag_list": [ "docker runner", "macos-10.15" @@ -675,6 +681,7 @@ Example of response "started_at": "2016-01-11T10:14:09.526Z", "finished_at": null, "duration": 8, + "queued_duration": 0.010, "id": 42, "name": "rubocop", "ref": "master", @@ -724,6 +731,7 @@ Example of response "started_at": null, "finished_at": null, "duration": null, + "queued_duration": 0.010, "id": 42, "name": "rubocop", "ref": "master", @@ -784,6 +792,7 @@ Example of response "started_at": "2016-01-11T10:13:33.506Z", "finished_at": "2016-01-11T10:15:10.506Z", "duration": 97.0, + "queued_duration": 0.010, "status": "failed", "tag": false, "web_url": "https://example.com/foo/bar/-/jobs/42", @@ -827,13 +836,14 @@ Example of response "started_at": null, "finished_at": null, "duration": null, + "queued_duration": 0.010, "id": 42, "name": "rubocop", "ref": "master", "artifacts": [], "runner": null, "stage": "test", - "status": "started", + "status": "pending", "tag": false, "web_url": "https://example.com/foo/bar/-/jobs/42", "user": null diff --git a/doc/api/keys.md b/doc/api/keys.md index 98159bcf027..99c9745d8f2 100644 --- a/doc/api/keys.md +++ b/doc/api/keys.md @@ -31,7 +31,7 @@ curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/a "title": "Sample key 25", "key": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt1256k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0=", "created_at": "2015-09-03T07:24:44.627Z", - "expires_at": "2020-05-05T00:00:00.000Z" + "expires_at": "2020-05-05T00:00:00.000Z", "user": { "name": "John Smith", "username": "john_smith", @@ -59,7 +59,7 @@ curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/a "identities": [], "can_create_group": true, "can_create_project": true, - "two_factor_enabled": false + "two_factor_enabled": false, "external": false, "private_profile": null } @@ -100,7 +100,7 @@ Example response: "title": "Sample key 1", "key": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt1016k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0=", "created_at": "2019-11-14T15:11:13.222Z", - "expires_at": "2020-05-05T00:00:00.000Z" + "expires_at": "2020-05-05T00:00:00.000Z", "user": { "id": 1, "name": "Administrator", diff --git a/doc/api/labels.md b/doc/api/labels.md index 963d320a384..a9f2698a270 100644 --- a/doc/api/labels.md +++ b/doc/api/labels.md @@ -46,7 +46,8 @@ Example response: "open_merge_requests_count": 1, "subscribed": false, "priority": 10, - "is_project_label": true + "is_project_label": true, + "remove_on_close": false }, { "id" : 4, @@ -60,7 +61,8 @@ Example response: "open_merge_requests_count": 0, "subscribed": false, "priority": null, - "is_project_label": true + "is_project_label": true, + "remove_on_close": false }, { "id" : 7, @@ -74,7 +76,8 @@ Example response: "open_merge_requests_count": 1, "subscribed": false, "priority": null, - "is_project_label": true + "is_project_label": true, + "remove_on_close": true }, { "id" : 8, @@ -88,7 +91,8 @@ Example response: "open_merge_requests_count": 2, "subscribed": false, "priority": null, - "is_project_label": false + "is_project_label": false, + "remove_on_close": false }, { "id" : 9, @@ -102,7 +106,8 @@ Example response: "open_merge_requests_count": 1, "subscribed": true, "priority": null, - "is_project_label": true + "is_project_label": true, + "remove_on_close": false } ] ``` @@ -140,7 +145,8 @@ Example response: "open_merge_requests_count": 1, "subscribed": false, "priority": 10, - "is_project_label": true + "is_project_label": true, + "remove_on_close": true } ``` @@ -159,6 +165,7 @@ POST /projects/:id/labels | `color` | string | yes | The color of the label given in 6-digit hex notation with leading '#' sign (e.g. #FFAABB) or one of the [CSS color names](https://developer.mozilla.org/en-US/docs/Web/CSS/color_value#Color_keywords) | | `description` | string | no | The description of the label | | `priority` | integer | no | The priority of the label. Must be greater or equal than zero or `null` to remove the priority. | +| `remove_on_close` | boolean | no | Whether the label should be removed from an issue when the issue is closed. _([Introduced in GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/issues/17461))_ | ```shell curl --data "name=feature&color=#5843AD" --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/labels" @@ -179,7 +186,8 @@ Example response: "open_merge_requests_count": 0, "subscribed": false, "priority": null, - "is_project_label": true + "is_project_label": true, + "remove_on_close": true } ``` @@ -220,6 +228,7 @@ PUT /projects/:id/labels/:label_id | `color` | string | yes if `new_name` is not provided | The color of the label given in 6-digit hex notation with leading '#' sign (e.g. #FFAABB) or one of the [CSS color names](https://developer.mozilla.org/en-US/docs/Web/CSS/color_value#Color_keywords) | | `description` | string | no | The new description of the label | | `priority` | integer | no | The new priority of the label. Must be greater or equal than zero or `null` to remove the priority. | +| `remove_on_close` | boolean | no | Boolean option specifying whether the label should be removed from issues when they are closed. | ```shell curl --request PUT --data "new_name=docs&color=#8E44AD&description=Documentation" --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/labels/documentation" @@ -240,7 +249,8 @@ Example response: "open_merge_requests_count": 2, "subscribed": false, "priority": null, - "is_project_label": true + "is_project_label": true, + "remove_on_close": true } ``` @@ -281,7 +291,8 @@ Example response: "open_issues_count": 1, "closed_issues_count": 0, "open_merge_requests_count": 2, - "subscribed": false + "subscribed": false, + "remove_on_close": true } ``` @@ -322,7 +333,8 @@ Example response: "open_merge_requests_count": 1, "subscribed": true, "priority": null, - "is_project_label": true + "is_project_label": true, + "remove_on_close": true } ``` diff --git a/doc/api/license.md b/doc/api/license.md index 7aa00335933..b69a5e81ea6 100644 --- a/doc/api/license.md +++ b/doc/api/license.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Growth +group: Activation info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- @@ -80,7 +80,7 @@ GET /licenses "Name": "Doe John" }, "add_ons": { - "GitLab_FileLocks": 1, + "GitLab_FileLocks": 1 } } ] diff --git a/doc/api/managed_licenses.md b/doc/api/managed_licenses.md index d0944aefd64..68a19b9912f 100644 --- a/doc/api/managed_licenses.md +++ b/doc/api/managed_licenses.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Growth +group: Activation info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/members.md b/doc/api/members.md index adfe2df8f30..2a70e35b287 100644 --- a/doc/api/members.md +++ b/doc/api/members.md @@ -136,7 +136,7 @@ Example response: "avatar_url": "https://www.gravatar.com/avatar/c2525a7f58ae3776070e44c106c48e15?s=80&d=identicon", "web_url": "http://192.168.1.8:3000/root", "expires_at": "2012-10-22T14:13:35Z", - "access_level": 30 + "access_level": 30, "email": "john@example.com", "group_saml_identity": { "extern_uid":"ABC-1234567890", @@ -288,7 +288,9 @@ Example response: "state": "active", "avatar_url": "https://www.gravatar.com/avatar/c2525a7f58ae3776070e44c106c48e15?s=80&d=identicon", "web_url": "http://192.168.1.8:3000/root", - "last_activity_on": "2021-01-27" + "last_activity_on": "2021-01-27", + "membership_type": "group_member", + "removable": true }, { "id": 2, @@ -298,7 +300,9 @@ Example response: "avatar_url": "https://www.gravatar.com/avatar/c2525a7f58ae3776070e44c106c48e15?s=80&d=identicon", "web_url": "http://192.168.1.8:3000/root", "email": "john@example.com", - "last_activity_on": "2021-01-25" + "last_activity_on": "2021-01-25", + "membership_type": "group_member", + "removable": true }, { "id": 3, @@ -307,7 +311,9 @@ Example response: "state": "active", "avatar_url": "https://www.gravatar.com/avatar/c2525a7f58ae3776070e44c106c48e15?s=80&d=identicon", "web_url": "http://192.168.1.8:3000/root", - "last_activity_on": "2021-01-20" + "last_activity_on": "2021-01-20", + "membership_type": "group_invite", + "removable": false } ] ``` diff --git a/doc/api/merge_request_approvals.md b/doc/api/merge_request_approvals.md index be973518d89..978cbff625c 100644 --- a/doc/api/merge_request_approvals.md +++ b/doc/api/merge_request_approvals.md @@ -8,7 +8,7 @@ type: reference, api # Merge request approvals API **(PREMIUM)** Configuration for -[approvals on all merge requests](../user/project/merge_requests/merge_request_approvals.md) +[approvals on all merge requests](../user/project/merge_requests/approvals/index.md) in the project. Must be authenticated for all endpoints. ## Project-level MR approvals @@ -664,7 +664,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/approvals "web_url": "http://localhost:3000/root" } } - ], + ] } ``` @@ -1068,7 +1068,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/approve | `id` | integer | yes | The ID of a project | | `merge_request_iid` | integer | yes | The IID of MR | | `sha` | string | no | The HEAD of the MR | -| `approval_password` **(PREMIUM)** | string | no | Current user's password. Required if [**Require user password to approve**](../user/project/merge_requests/merge_request_approvals.md#require-authentication-when-approving-a-merge-request) is enabled in the project settings. | +| `approval_password` **(PREMIUM)** | string | no | Current user's password. Required if [**Require user password to approve**](../user/project/merge_requests/approvals/settings.md#require-authentication-for-approvals) is enabled in the project settings. | The `sha` parameter works in the same way as when [accepting a merge request](merge_requests.md#accept-mr): if it is passed, then it must @@ -1109,7 +1109,7 @@ does not match, the response code is `409`. "web_url": "http://localhost:3000/ryley" } } - ], + ] } ``` diff --git a/doc/api/merge_requests.md b/doc/api/merge_requests.md index d28c7d8e8a7..c4cb7753fc9 100644 --- a/doc/api/merge_requests.md +++ b/doc/api/merge_requests.md @@ -457,7 +457,7 @@ Parameters: | `author_id` | integer | no | Returns merge requests created by the given user `id`. Mutually exclusive with `author_username`. _([Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/13060) in GitLab 9.5)_. | | `author_username` | string | no | Returns merge requests created by the given `username`. Mutually exclusive with `author_id`. _([Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/13060) in GitLab 12.10)_. | | `assignee_id` | integer | no | Returns merge requests assigned to the given user `id`. `None` returns unassigned merge requests. `Any` returns merge requests with an assignee. _([Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/13060) in GitLab 9.5)_. | -| `approver_ids` **(PREMIUM))** | integer array | no | Returns merge requests which have specified all the users with the given `id`s as individual approvers. `None` returns merge requests without approvers. `Any` returns merge requests with an approver. | +| `approver_ids` **(PREMIUM)** | integer array | no | Returns merge requests which have specified all the users with the given `id`s as individual approvers. `None` returns merge requests without approvers. `Any` returns merge requests with an approver. | | `approved_by_ids` **(PREMIUM)** | integer array | no | Returns merge requests which have been approved by all the users with the given `id`s (Max: 5). `None` returns merge requests with no approvals. `Any` returns merge requests with an approval. | | `reviewer_id` | integer | no | Returns merge requests which have the user as a [reviewer](../user/project/merge_requests/getting_started.md#reviewer) with the given user `id`. `None` returns merge requests with no reviewers. `Any` returns merge requests with any reviewer. Mutually exclusive with `reviewer_username`. | | `reviewer_username` | string | no | Returns merge requests which have the user as a [reviewer](../user/project/merge_requests/getting_started.md#reviewer) with the given `username`. `None` returns merge requests with no reviewers. `Any` returns merge requests with any reviewer. Mutually exclusive with `reviewer_id`. | @@ -2319,7 +2319,7 @@ Example response: "short": "!1", "relative": "!1", "full": "my-group/my-project!1" - }, + } }, "target_url": "https://gitlab.example.com/gitlab-org/gitlab-ci/merge_requests/7", "body": "Et voluptas laudantium minus nihil recusandae ut accusamus earum aut non.", diff --git a/doc/api/namespaces.md b/doc/api/namespaces.md index c3e88532430..50b28e67c0a 100644 --- a/doc/api/namespaces.md +++ b/doc/api/namespaces.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Manage +group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/notes.md b/doc/api/notes.md index 8a443d57682..0fb13e56f78 100644 --- a/doc/api/notes.md +++ b/doc/api/notes.md @@ -4,7 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Notes API +# Notes API **(FREE)** Notes are comments on: @@ -19,15 +19,15 @@ assignee changes, GitLab posts a system note). ## Resource events > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/38096) in GitLab 13.3 for state, milestone, and weight events. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40850) in [GitLab Starter](https://about.gitlab.com/pricing/) 13.4 for iteration events. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40850) in GitLab 13.4 for iteration events. Some system notes are not part of this API, but are recorded as separate events: - [Resource label events](resource_label_events.md) - [Resource state events](resource_state_events.md) - [Resource milestone events](resource_milestone_events.md) -- [Resource weight events](resource_weight_events.md) **(STARTER)** -- [Resource iteration events](resource_iteration_events.md) **(STARTER)** +- [Resource weight events](resource_weight_events.md) +- [Resource iteration events](resource_iteration_events.md) ## Notes pagination @@ -507,7 +507,7 @@ Parameters: | `body` | string | yes | The content of a note. Limited to 1,000,000 characters. | ```shell -curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/snippet/11/notes?body=note" +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/epics/11/notes?body=note" ``` ### Modify existing epic note @@ -528,7 +528,7 @@ Parameters: | `body` | string | yes | The content of a note. Limited to 1,000,000 characters. | ```shell -curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/snippet/11/notes?body=note" +curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/epics/11/notes?body=note" ``` ### Delete an epic note diff --git a/doc/api/notification_settings.md b/doc/api/notification_settings.md index 57eac61de46..298c0ead8c1 100644 --- a/doc/api/notification_settings.md +++ b/doc/api/notification_settings.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Plan +group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- @@ -176,7 +176,9 @@ Example responses: { "level": "watch" } +``` +```json { "level": "custom", "events": { diff --git a/doc/api/oauth2.md b/doc/api/oauth2.md index 2bcf86a031c..dfb91283b50 100644 --- a/doc/api/oauth2.md +++ b/doc/api/oauth2.md @@ -41,7 +41,7 @@ how all those flows work and pick the right one for your use case. Both **authorization code** (with or without PKCE) and **implicit grant** flows require `application` to be registered first via the `/profile/applications` page in your user's account. During registration, by enabling proper scopes, you can limit the range of -resources which the `application` can access. Upon creation, you'll obtain the +resources which the `application` can access. Upon creation, you obtain the `application` credentials: _Application ID_ and _Client Secret_ - **keep them secure**. ### Prevent CSRF attacks @@ -63,7 +63,7 @@ and the [OAuth 2.0 Threat Model RFC](https://tools.ietf.org/html/rfc6819#section These factors are particularly important when using the [Implicit grant flow](#implicit-grant-flow), where actual credentials are included in the `redirect_uri`. -In the following sections you will find detailed instructions on how to obtain +In the following sections you can find detailed instructions on how to obtain authorization with each flow. ### Authorization code with Proof Key for Code Exchange (PKCE) @@ -213,12 +213,12 @@ To request the access token, you should redirect the user to the https://gitlab.example.com/oauth/authorize?client_id=APP_ID&redirect_uri=REDIRECT_URI&response_type=token&state=YOUR_UNIQUE_STATE_HASH&scope=REQUESTED_SCOPES ``` -This will ask the user to approve the applications access to their account +This prompts the user to approve the applications access to their account based on the scopes specified in `REQUESTED_SCOPES` and then redirect back to the `REDIRECT_URI` you provided. The [scope parameter](https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes#requesting-particular-scopes) is a space separated list of scopes you want to have access to (e.g. `scope=read_user+profile` would request `read_user` and `profile` scopes). The redirect -will include a fragment with `access_token` as well as token details in GET +includes a fragment with `access_token` as well as token details in GET parameters, for example: ```plaintext @@ -285,7 +285,7 @@ echo 'grant_type=password&username=<your_username>&password=<your_password>' > a curl --data "@auth.txt" --user client_id:client_secret --request POST "https://gitlab.example.com/oauth/token" ``` -Then, you'll receive the access token back in the response: +Then, you receive a response containing the access token: ```json { @@ -358,7 +358,7 @@ The fields `scopes` and `expires_in_seconds` are included in the response. These are aliases for `scope` and `expires_in` respectively, and have been included to prevent breaking changes introduced in [doorkeeper 5.0.2](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions#from-4x-to-5x). -Don't rely on these fields as they will be removed in a later release. +Don't rely on these fields as they are slated for removal in a later release. ## OAuth2 tokens and GitLab registries diff --git a/doc/api/openapi/openapi.yaml b/doc/api/openapi/openapi.yaml index 1a80daf304c..46267129b32 100644 --- a/doc/api/openapi/openapi.yaml +++ b/doc/api/openapi/openapi.yaml @@ -4,6 +4,8 @@ tags: description: Version - name: access_requests description: Access requests for projects and groups + - name: access_tokens + description: Access tokens for projects info: description: | An OpenAPI definition for the GitLab REST API. @@ -16,7 +18,8 @@ info: The feature uses the current [GitLab session cookie](https://docs.gitlab.com/ee/api/README.html#session-cookie), so each request is made using your account. - Read more at <https://docs.gitlab.com/ee/development/documentation/restful_api_styleguide.html>. + Instructions for using this tool can be found in [Interactive API Documentation](openapi_interactive.md). + version: v4 title: GitLab API termsOfService: 'https://about.gitlab.com/terms/' @@ -57,6 +60,12 @@ paths: /v4/groups/{id}/access_requests/{user_id}/approve: $ref: 'v4/access_requests.yaml#/accessRequestsGroupsApprove' - /v4/groupss/{id}/access_requests/{user_id}: + /v4/groups/{id}/access_requests/{user_id}: $ref: 'v4/access_requests.yaml#/accessRequestsGroupsDeny' + # ACCESS REQUESTS (PROJECTS) + /v4/projects/{id}/access_tokens: + $ref: 'v4/access_tokens.yaml#/accessTokens' + + /v4/projects/{id}/access_tokens/{token_id}: + $ref: 'v4/access_tokens.yaml#/accessTokensRevoke'
\ No newline at end of file diff --git a/doc/api/openapi/openapi_interactive.md b/doc/api/openapi/openapi_interactive.md index e34b003e32c..05fd7b20b75 100644 --- a/doc/api/openapi/openapi_interactive.md +++ b/doc/api/openapi/openapi_interactive.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/openapi/v4/access_tokens.yaml b/doc/api/openapi/v4/access_tokens.yaml new file mode 100644 index 00000000000..9a1a6960eea --- /dev/null +++ b/doc/api/openapi/v4/access_tokens.yaml @@ -0,0 +1,170 @@ +# Markdown documentation: https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/api/resource_access_tokens.md + +#/v4/projects/{id}/access_tokens +accessTokens: + get: + description: Lists access tokens for a project + summary: List access tokens for a project + operationId: accessTokens_get + tags: + - access_tokens + parameters: + - name: id + in: path + description: The ID or URL-encoded path of the project + required: true + schema: + oneOf: + - type: integer + - type: string + responses: + '404': + description: Not Found + '401': + description: Unauthorized operation + '200': + description: Successful operation + content: + application/json: + schema: + title: AccessTokenList + type: object + properties: + user_id: + type: integer + scopes: + type: array + name: + type: string + expires_at: + type: date + id: + type: integer + active: + type: boolean + created_at: + type: date + revoked: + type: boolean + example: + "user_id": 141 + "scopes" : ["api"] + "name": "token" + "expires_at": "2022-01-31" + "id": 42 + "active": true + "created_at": "2021-01-20T14:13:35Z" + "revoked" : false + post: + description: Creates an access token for a project + summary: Creates an access token for a project + operationId: accessTokens_post + tags: + - access_tokens + parameters: + - name: id + in: path + description: The ID or URL-encoded path of the project + required: true + schema: + oneOf: + - type: integer + - type: string + - name: name + in: query + description: The name of the project access token + required: true + schema: + type: string + - name: scopes + in: query + description: Defines read and write permissions for the token + required: true + schema: + type: array + items: + type: string + enum: ["api", "read_api", "read_registry", "write_registry", "read_repository", "write_repository"] + - name: expires_at + in: query + description: Date when the token expires. Time of day is Midnight UTC of that date. + required: false + schema: + type: date + responses: + '404': + description: Not Found + '401': + description: Unauthorized operation + '200': + description: Successful operation + content: + application/json: + schema: + title: AccessTokenList + type: object + properties: + user_id: + type: integer + scopes: + type: array + name: + type: string + expires_at: + type: date + id: + type: integer + active: + type: boolean + created_at: + type: date + revoked: + type: boolean + token: + type: string + example: + "user_id": 166 + "scopes" : [ + "api", + "read_repository" + ] + "name": "test" + "expires_at": "2022-01-31" + "id": 58 + "active": true + "created_at": "2021-01-20T14:13:35Z" + "revoked" : false + "token" : "D4y...Wzr" + +#/v4/projects/{id}/access_tokens/{token_id} +accessTokensRevoke: + delete: + description: Revokes an access token + summary: Revokes an access token + operationId: accessTokens_delete + tags: + - access_tokens + parameters: + - name: id + in: path + description: The ID or URL-encoded path of the project + required: true + schema: + oneOf: + - type: integer + - type: string + - name: token_id + in: path + description: The ID of the project access token + required: true + schema: + oneOf: + - type: integer + - type: string + responses: + '400': + description: Bad Request + '404': + description: Not Found + '204': + description: No content if successfully revoked diff --git a/doc/api/packages.md b/doc/api/packages.md index 112c7ef2e61..c257105f72e 100644 --- a/doc/api/packages.md +++ b/doc/api/packages.md @@ -287,6 +287,7 @@ Example response: "size": 2421, "file_md5": "58e6a45a629910c6ff99145a688971ac", "file_sha1": "ebd193463d3915d7e22219f52740056dfd26cbfe", + "file_sha256": "a903393463d3915d7e22219f52740056dfd26cbfeff321b", "pipelines": [ { "id": 123, @@ -310,7 +311,8 @@ Example response: "file_name": "my-app-1.5-20181107.152550-1.pom", "size": 1122, "file_md5": "d90f11d851e17c5513586b4a7e98f1b2", - "file_sha1": "9608d068fe88aff85781811a42f32d97feb440b5" + "file_sha1": "9608d068fe88aff85781811a42f32d97feb440b5", + "file_sha256": "2987d068fe88aff85781811a42f32d97feb4f092a399" }, { "id": 27, @@ -319,7 +321,8 @@ Example response: "file_name": "maven-metadata.xml", "size": 767, "file_md5": "6dfd0cce1203145a927fef5e3a1c650c", - "file_sha1": "d25932de56052d320a8ac156f745ece73f6a8cd2" + "file_sha1": "d25932de56052d320a8ac156f745ece73f6a8cd2", + "file_sha256": "ac849d002e56052d320a8ac156f745ece73f6a8cd2f3e82" } ] ``` @@ -349,3 +352,33 @@ Can return the following status codes: - `204 No Content`, if the package was deleted successfully. - `404 Not Found`, if the package was not found. + +## Delete a package file + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32107) in GitLab 13.12. + +WARNING: +Deleting a package file may corrupt your package making it unusable or unpullable from your package +manager client. When deleting a package file, be sure that you understand what you're doing. + +Delete a package file: + +```plaintext +DELETE /projects/:id/packages/:package_id/package_files/:package_file_id +``` + +| Attribute | Type | Required | Description | +| ----------------- | -------------- | -------- | ----------- | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `package_id` | integer | yes | ID of a package. | +| `package_file_id` | integer | yes | ID of a package file. | + +```shell +curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/:id/packages/:package_id/package_files/:package_file_id" +``` + +Can return the following status codes: + +- `204 No Content`: The package was deleted successfully. +- `403 Forbidden`: The user does not have permission to delete the file. +- `404 Not Found`: The package or package file was not found. diff --git a/doc/api/packages/npm.md b/doc/api/packages/npm.md new file mode 100644 index 00000000000..3992a042915 --- /dev/null +++ b/doc/api/packages/npm.md @@ -0,0 +1,269 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.example/handbook/engineering/ux/technical-writing/#assignments +--- + +# npm API + +This is the API documentation for [npm Packages](../../user/packages/npm_registry/index.md). + +WARNING: +This API is used by the [npm package manager client](https://docs.npmjs.com/) +and is not meant for manual consumption. + +For instructions on how to upload and install npm packages from the GitLab +package registry, see the [npm package registry documentation](../../user/packages/npm_registry/index.md). + +NOTE: +These endpoints do not adhere to the standard API authentication methods. +See the [npm package registry documentation](../../user/packages/npm_registry/index.md) +for details on which headers and token types are supported. + +## Download a package + +> Introduced in GitLab 11.8. + +Downloads the npm package. This URL is provided by the [metadata endpoint](#metadata). + +```plaintext +GET projects/:id/packages/npm/:package_name/-/:file_name +``` + +| Attribute | Type | Required | Description | +| ----------------- | ------ | -------- | ----------- | +| `id` | string | yes | The ID or full path of the project. | +| `package_name` | string | yes | The name of the package. | +| `file_name` | string | yes | The name of the package file. | + +```shell +curl --header "Authorization: Bearer <personal_access_token>" "https://gitlab.example.com/api/v4/projects/1/packages/npm/@myscope/my-pkg/-/@my-scope/my-pkg-0.0.1.tgz" +``` + +Write the output to a file: + +```shell +curl --header "Authorization: Bearer <personal_access_token>" "https://gitlab.example.com/api/v4/projects/1/packages/npm/@myscope/my-pkg/-/@my-scope/my-pkg-0.0.1.tgz" >> @myscope/my-pkg-0.0.1.tgz +``` + +This writes the downloaded file to `@myscope/my-pkg-0.0.1.tgz` in the current directory. + +## Upload a package file + +> Introduced in GitLab 11.8. + +Upload a package. + +```plaintext +PUT projects/:id/packages/npm/:package_name +``` + +| Attribute | Type | Required | Description | +| ----------------- | ------ | -------- | ----------- | +| `id` | string | yes | The ID or full path of the project. | +| `package_name` | string | yes | The name of the package. | +| `versions` | string | yes | Package version info. | + +```shell +curl --request PUT + --header "Content-Type: application/json" + --data @./path/to/metadata/file.json + --header "Authorization: Bearer <personal_access_token>" \ + "https://gitlab.example.com/api/v4/projects/1/packages/npm/@myscope/my-pkg" +``` + +The metadata file content is generated by npm, but looks something like this: + +```json +{ + "_attachments": { + "@myscope/my-pkg-1.3.7.tgz": { + "content_type": "application/octet-stream", + "data": "H4sIAAAAAAAAE+1TQUvDMBjdeb/iI4edZEldV2dPwhARPIjiyXlI26zN1iYhSeeK7L+bNJtednMg4l4OKe+9PF7DF0XzNS0ZVmEfr4wUgxODEJLEMRzjPRJyCYPJNCFRlCTE+dzH1PvJqYscQ2ss1a7KT3PCv8DX/kfwMQRAgjYMpYBuIoIzKtwy6MILG6YNl8Jr0XgyvgpswUyuubJ75TGMDuSaUcsKyDooa1C6De6G8t7GRcG2br4CGxKME3wDR1hmrLexvJKwQLdaS52CkOAFMIrlfMlZsUAwGgHbcgsRcid3fdqade9SFz7u9a1naGsrqX3gHbcPNINDyydWcmN1By+W19x2oU7NcyZMfwn3z/PAqTaruanmUix5+V3UXVKq9yEoRZW1yqQYl9zWNBvnssFUcbyJsdJyxXJrcHQdz8gsTg6PzGChGty3H+6Gvz0BZ5xxxn/FJ1EDRNIACAAA", + "length": 354 + } + }, + "_id": "@myscope/my-pkg", + "description": "Package created by me", + "dist-tags": { + "latest": "1.3.7" + }, + "name": "@myscope/my-pkg", + "readme": "ERROR: No README data found!", + "versions": { + "1.3.7": { + "_id": "@myscope/my-pkg@1.3.7", + "_nodeVersion": "12.18.4", + "_npmVersion": "6.14.6", + "author": { + "name": "GitLab Package Registry Utility" + }, + "description": "Package created by me", + "dist": { + "integrity": "sha512-loy16p+Dtw2S43lBmD3Nye+t+Vwv7Tbhv143UN2mwcjaHJyBfGZdNCTXnma3gJCUSE/AR4FPGWEyCOOTJ+ev9g==", + "shasum": "4a9dbd94ca6093feda03d909f3d7e6bd89d9d4bf", + "tarball": "https://gitlab.example.com/api/v4/projects/1/packages/npm/@myscope/my-pkg/-/@myscope/my-pkg-1.3.7.tgz" + }, + "keywords": [], + "license": "ISC", + "main": "index.js", + "name": "@myscope/my-pkg", + "publishConfig": { + "@myscope:registry": "https://gitlab.example.com/api/v4/projects/1/packages/npm" + }, + "readme": "ERROR: No README data found!", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "version": "1.3.7" + } + } +} +``` + +## Route prefix + +For the remaining routes, there are two sets of identical routes that each make requests in +different scopes: + +- Use the instance-level prefix to make requests in the scope of the entire instance. +- Use the project-level prefix to make requests in a single project's scope. + +The examples in this document all use the project-level prefix. + +### Instance-level + +```plaintext + /packages/npm` +``` + +| Attribute | Type | Required | Description | +| --------- | ------ | -------- | ----------- | +| `id` | string | yes | The group ID or full group path. | + +### Project-level + +```plaintext + /projects/:id/packages/npm` +``` + +| Attribute | Type | Required | Description | +| --------- | ------ | -------- | ----------- | +| `id` | string | yes | The project ID or full project path. | + +## Metadata + +> Introduced in GitLab 11.8. + +Returns the metadata for a given package. + +```plaintext +GET <route-prefix>/:package_name +``` + +| Attribute | Type | Required | Description | +| -------------- | ------ | -------- | ----------- | +| `package_name` | string | yes | The name of the package. | + +```shell +curl --header "Authorization: Bearer <personal_access_token>" "https://gitlab.example.com/api/v4/projects/1/packages/npm/@myscope/my-pkg" +``` + +Example response: + +```json +{ + "name": "@myscope/my-pkg", + "versions": { + "0.0.2": { + "name": "@myscope/my-pkg", + "version": "0.0.1", + "dist": { + "shasum": "93abb605b1110c0e3cca0a5b805e5cb01ac4ca9b", + "tarball": "https://gitlab.example.com/api/v4/projects/1/packages/npm/@myscope/my-pkg/-/@myscope/my-pkg-0.0.1.tgz" + } + } + }, + "dist-tags": { + "latest": "0.0.1" + } +} +``` + +The URLs in the response have the same route prefix used to request them. If you request them with +the instance-level route, the returned URLs contain `/api/v4/packages/npm`. + +## Dist-Tags + +### List tags + +> Introduced in GitLab 12.7. + +Lists the dist-tags for the package. + +```plaintext +GET <route-prefix>/-/package/:package_name/dist-tags +``` + +| Attribute | Type | Required | Description | +| -------------- | ------ | -------- | ----------- | +| `package_name` | string | yes | The name of the package. | + +```shell +curl --header "Authorization: Bearer <personal_access_token>" "https://gitlab.example.com/api/v4/projects/1/packages/npm/-/package/@myscope/my-pkg/dist-tags" +``` + +Example response: + +```json +{ + "latest": "2.1.1", + "stable": "1.0.0" +} +``` + +The URLs in the response have the same route prefix used to request them. If you request them with +the instance-level route, the returned URLs contain `/api/v4/packages/npm`. + +### Create or update a tag + +> Introduced in GitLab 12.7. + +Create or update a dist-tag. + +```plaintext +PUT <route-prefix>/-/package/:package_name/dist-tags/:tag +``` + +| Attribute | Type | Required | Description | +| -------------- | ------ | -------- | ----------- | +| `package_name` | string | yes | The name of the package. | +| `tag` | string | yes | The tag to be created or updated. | +| `version` | string | yes | The version to be tagged. | + +```shell +curl --request PUT --header "Authorization: Bearer <personal_access_token>" "https://gitlab.example.com/api/v4/projects/1/packages/npm/-/package/@myscope/my-pkg/dist-tags/stable" +``` + +This endpoint responds successfully with `204 No Content`. + +### Delete a tag + +> Introduced in GitLab 12.7. + +Delete a dist-tag. + +```plaintext +DELETE <route-prefix>/-/package/:package_name/dist-tags/:tag +``` + +| Attribute | Type | Required | Description | +| -------------- | ------ | -------- | ----------- | +| `package_name` | string | yes | The name of the package. | +| `tag` | string | yes | The tag to be created or updated. | + +```shell +curl --request DELETE --header "Authorization: Bearer <personal_access_token>" "https://gitlab.example.com/api/v4/projects/1/packages/npm/-/package/@myscope/my-pkg/dist-tags/stable" +``` + +This endpoint responds successfully with `204 No Content`. diff --git a/doc/api/pipeline_schedules.md b/doc/api/pipeline_schedules.md index 67529adee93..6b3b6f4f36b 100644 --- a/doc/api/pipeline_schedules.md +++ b/doc/api/pipeline_schedules.md @@ -370,8 +370,8 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" --form "value=u ```json { "key": "NEW_VARIABLE", - "value": "updated value" - "variable_type": "env_var", + "value": "updated value", + "variable_type": "env_var" } ``` diff --git a/doc/api/pipelines.md b/doc/api/pipelines.md index 975c4a5746f..497c70b19ba 100644 --- a/doc/api/pipelines.md +++ b/doc/api/pipelines.md @@ -60,7 +60,7 @@ Example of response "sha": "a91957a858320c0e17f3a0eca7cfacbff50ea29a", "web_url": "https://example.com/foo/bar/pipelines/47", "created_at": "2016-08-11T11:28:34.085Z", - "updated_at": "2016-08-11T11:32:35.169Z", + "updated_at": "2016-08-11T11:32:35.169Z" }, { "id": 48, @@ -70,7 +70,7 @@ Example of response "sha": "eb94b618fb5865b26e80fdd8ae531b7a63ad851a", "web_url": "https://example.com/foo/bar/pipelines/48", "created_at": "2016-08-12T10:06:04.561Z", - "updated_at": "2016-08-12T10:09:56.223Z", + "updated_at": "2016-08-12T10:09:56.223Z" } ] ``` @@ -117,7 +117,8 @@ Example of response "started_at": null, "finished_at": "2016-08-11T11:32:35.145Z", "committed_at": null, - "duration": null, + "duration": 123.65, + "queued_duration": 0.010, "coverage": "30.0", "web_url": "https://example.com/foo/bar/pipelines/46" } @@ -254,6 +255,7 @@ Example of response "finished_at": null, "committed_at": null, "duration": null, + "queued_duration": 0.010, "coverage": null, "web_url": "https://example.com/foo/bar/pipelines/61" } @@ -302,6 +304,7 @@ Response: "finished_at": "2016-08-11T11:32:35.145Z", "committed_at": null, "duration": null, + "queued_duration": 0.010, "coverage": null, "web_url": "https://example.com/foo/bar/pipelines/46" } @@ -350,6 +353,7 @@ Response: "finished_at": "2016-08-11T11:32:35.145Z", "committed_at": null, "duration": null, + "queued_duration": 0.010, "coverage": null, "web_url": "https://example.com/foo/bar/pipelines/46" } diff --git a/doc/api/project_analytics.md b/doc/api/project_analytics.md deleted file mode 100644 index d89c173dd3e..00000000000 --- a/doc/api/project_analytics.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: 'dora4_project_analytics.md' ---- - -This document was moved to [another location](dora4_project_analytics.md). - -<!-- This redirect file can be deleted after <2021-04-25>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/api/project_badges.md b/doc/api/project_badges.md index 58f5b000958..a17f7d15e76 100644 --- a/doc/api/project_badges.md +++ b/doc/api/project_badges.md @@ -59,7 +59,7 @@ Example response: "rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master", "rendered_image_url": "https://shields.io/my/badge", "kind": "group" - }, + } ] ``` @@ -202,6 +202,6 @@ Example response: "link_url": "http://example.com/ci_status.svg?project=%{project_path}&ref=%{default_branch}", "image_url": "https://shields.io/my/badge", "rendered_link_url": "http://example.com/ci_status.svg?project=example-org/example-project&ref=master", - "rendered_image_url": "https://shields.io/my/badge", + "rendered_image_url": "https://shields.io/my/badge" } ``` diff --git a/doc/api/project_import_export.md b/doc/api/project_import_export.md index c895a7c4155..a4ad496b667 100644 --- a/doc/api/project_import_export.md +++ b/doc/api/project_import_export.md @@ -104,7 +104,7 @@ an email notifying the user to download the file, uploading the exported file to "export_status": "finished", "_links": { "api_url": "https://gitlab.example.com/api/v4/projects/1/export/download", - "web_url": "https://gitlab.example.com/gitlab-org/gitlab-test/download_export", + "web_url": "https://gitlab.example.com/gitlab-org/gitlab-test/download_export" } } ``` @@ -196,6 +196,65 @@ NOTE: The maximum import file size can be set by the Administrator, default is `0` (unlimited).. As an administrator, you can modify the maximum import file size. To do so, use the `max_import_size` option in the [Application settings API](settings.md#change-application-settings) or the [Admin UI](../user/admin_area/settings/account_and_limit_settings.md). Default [modified](https://gitlab.com/gitlab-org/gitlab/-/issues/251106) from 50MB to 0 in GitLab 13.8. +## Import a file from a remote object storage + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/282503) in GitLab 13.12 in [Beta](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta). + +This endpoint is behind a feature flag that is disabled by default. + +To enable this endpoint: + +```ruby +Feature.enable(:import_project_from_remote_file) +``` + +To disable this endpoint: + +```ruby +Feature.disable(:import_project_from_remote_file) +``` + +```plaintext +POST /projects/remote-import +``` + +| Attribute | Type | Required | Description | +| ----------------- | -------------- | -------- | ---------------------------------------- | +| `namespace` | integer/string | no | The ID or path of the namespace to import the project to. Defaults to the current user's namespace. | +| `name` | string | no | The name of the project to import. If not provided, defaults to the path of the project. | +| `url` | string | yes | URL for the file to import. | +| `path` | string | yes | Name and path for the new project. | +| `overwrite` | boolean | no | Whether to overwrite a project with the same path when importing. Defaults to `false`. | +| `override_params` | Hash | no | Supports all fields defined in the [Project API](projects.md). | + +The passed override parameters take precedence over all values defined in the export file. + +```shell +curl --request POST \ + --header "PRIVATE-TOKEN: <your_access_token>" \ + --url "https://gitlab.example.com/api/v4/projects/remote-import" \ + --data '{"url":"https://remoteobject/file?token=123123","path":"remote-project"}' +``` + +```json +{ + "id": 1, + "description": null, + "name": "remote-project", + "name_with_namespace": "Administrator / remote-project", + "path": "remote-project", + "path_with_namespace": "root/remote-project", + "created_at": "2018-02-13T09:05:58.023Z", + "import_status": "scheduled", + "correlation_id": "mezklWso3Za", + "failed_relations": [], + "import_error": null +} +``` + +The `ContentType` header must return a valid number. The maximum file size is 10 gigabytes. +The `ContentLength` header must be `application/gzip`. + ## Import status Get the status of an import. diff --git a/doc/api/project_repository_storage_moves.md b/doc/api/project_repository_storage_moves.md index 94aeb665c7f..dd8954f2f0f 100644 --- a/doc/api/project_repository_storage_moves.md +++ b/doc/api/project_repository_storage_moves.md @@ -68,6 +68,7 @@ Example response: "path": "project1", "path_with_namespace": "namespace1/project1", "created_at": "2020-05-07T04:27:17.016Z" + } } ] ``` @@ -111,6 +112,7 @@ Example response: "path": "project1", "path_with_namespace": "namespace1/project1", "created_at": "2020-05-07T04:27:17.016Z" + } } ] ``` @@ -150,6 +152,7 @@ Example response: "path": "project1", "path_with_namespace": "namespace1/project1", "created_at": "2020-05-07T04:27:17.016Z" + } } ``` @@ -189,6 +192,7 @@ Example response: "path": "project1", "path_with_namespace": "namespace1/project1", "created_at": "2020-05-07T04:27:17.016Z" + } } ``` @@ -237,6 +241,7 @@ Example response: "path": "project1", "path_with_namespace": "namespace1/project1", "created_at": "2020-05-07T04:27:17.016Z" + } } ``` diff --git a/doc/api/project_snippets.md b/doc/api/project_snippets.md index fc8882be283..070429eafd5 100644 --- a/doc/api/project_snippets.md +++ b/doc/api/project_snippets.md @@ -114,7 +114,7 @@ curl --request POST "https://gitlab.com/api/v4/projects/:id/snippets" \ "files": [ { "file_path": "example.txt", - "content" : "source code \n with multiple lines\n", + "content" : "source code \n with multiple lines\n" } ] } diff --git a/doc/api/projects.md b/doc/api/projects.md index d9aabfbc337..b686d17a4a1 100644 --- a/doc/api/projects.md +++ b/doc/api/projects.md @@ -59,6 +59,7 @@ GET /projects | `sort` | string | **{dotted-circle}** No | Return projects sorted in `asc` or `desc` order. Default is `desc`. | | `starred` | boolean | **{dotted-circle}** No | Limit by projects starred by the current user. | | `statistics` | boolean | **{dotted-circle}** No | Include project statistics. | +| `topic` | string | **{dotted-circle}** No | Comma-separated topic names. Limit results to projects that match all of given topics. See `tag_list` attribute. | | `visibility` | string | **{dotted-circle}** No | Limit by visibility `public`, `internal`, or `private`. | | `wiki_checksum_failed` **(PREMIUM)** | boolean | **{dotted-circle}** No | Limit projects where the wiki checksum calculation has failed ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/6137) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.2). | | `with_custom_attributes` | boolean | **{dotted-circle}** No | Include [custom attributes](custom_attributes.md) in response. _(admins only)_ | @@ -93,7 +94,7 @@ When `simple=true` or the user is unauthenticated this returns something like: "last_activity_at": "2013-09-30T13:46:02Z", "forks_count": 0, "avatar_url": "http://example.com/uploads/project/avatar/4/uploads/avatar.png", - "star_count": 0, + "star_count": 0 }, { "id": 6, @@ -188,7 +189,7 @@ When the user is authenticated and `simple` is not set this returns something li "labels": "http://example.com/api/v4/projects/1/labels", "events": "http://example.com/api/v4/projects/1/events", "members": "http://example.com/api/v4/projects/1/members" - }, + } }, { "id": 6, @@ -901,7 +902,6 @@ GET /projects/:id "merge_method": "merge", "auto_devops_enabled": true, "auto_devops_deploy_strategy": "continuous", - "repository_storage": "default", "approvals_before_merge": 0, "mirror": false, "mirror_user_id": 45, @@ -985,7 +985,7 @@ If the project is a fork, and you provide a valid token to authenticate, the "name": "MIT License", "nickname": null, "html_url": "http://choosealicense.com/licenses/mit/", - "source_url": "https://opensource.org/licenses/MIT", + "source_url": "https://opensource.org/licenses/MIT" }, "star_count":3812, "forks_count":3561, @@ -1072,6 +1072,7 @@ GET /projects/:id/groups | `skip_groups` | array of integers | **{dotted-circle}** No | Skip the group IDs passed. | | `with_shared` | boolean | **{dotted-circle}** No | Include projects shared with this group. Default is `false`. | | `shared_min_access_level` | integer | **{dotted-circle}** No | Limit to shared groups with at least this [access level](members.md#valid-access-levels). | +| `shared_visible_only` | boolean | **{dotted-circle}** No | Limit to shared groups user has access to. | ```json [ @@ -1112,6 +1113,8 @@ POST /projects | Attribute | Type | Required | Description | |-------------------------------------------------------------|---------|------------------------|-------------| +| `name` | string | **{check-circle}** Yes (if path isn't provided) | The name of the new project. Equals path if not provided. | +| `path` | string | **{check-circle}** Yes (if name isn't provided) | Repository name for new project. Generated based on name if not provided (generated as lowercase with dashes). | | `allow_merge_on_skipped_pipeline` | boolean | **{dotted-circle}** No | Set whether or not merge requests can be merged with skipped jobs. | | `analytics_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private` or `enabled` | | `approvals_before_merge` **(PREMIUM)** | integer | **{dotted-circle}** No | How many approvers should approve merge requests by default. | @@ -1144,7 +1147,6 @@ POST /projects | `merge_requests_enabled` | boolean | **{dotted-circle}** No | _(Deprecated)_ Enable merge requests for this project. Use `merge_requests_access_level` instead. | | `mirror_trigger_builds` **(PREMIUM)** | boolean | **{dotted-circle}** No | Pull mirroring triggers builds. | | `mirror` **(PREMIUM)** | boolean | **{dotted-circle}** No | Enables pull mirroring in a project. | -| `name` | string | **{check-circle}** Yes (if path isn't provided) | The name of the new project. Equals path if not provided. | | `namespace_id` | integer | **{dotted-circle}** No | Namespace for the new project (defaults to the current user's namespace). | | `operations_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. | | `only_allow_merge_if_all_discussions_are_resolved` | boolean | **{dotted-circle}** No | Set whether merge requests can only be merged when all the discussions are resolved. | @@ -1152,7 +1154,6 @@ POST /projects | `packages_enabled` | boolean | **{dotted-circle}** No | Enable or disable packages repository feature. | | `pages_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, `enabled`, or `public`. | | `requirements_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, `enabled` or `public` | -| `path` | string | **{check-circle}** Yes (if name isn't provided) | Repository name for new project. Generated based on name if not provided (generated as lowercase with dashes). | | `printing_merge_request_link_enabled` | boolean | **{dotted-circle}** No | Show link to create/view merge request when pushing from the command line. | | `public_builds` | boolean | **{dotted-circle}** No | If `true`, jobs can be viewed by non-project members. | | `remove_source_branch_after_merge` | boolean | **{dotted-circle}** No | Enable `Delete source branch` option by default for all new merge requests. | @@ -1186,6 +1187,8 @@ POST /projects/user/:user_id | Attribute | Type | Required | Description | |-------------------------------------------------------------|---------|------------------------|-------------| +| `user_id` | integer | **{check-circle}** Yes | The user ID of the project owner. | +| `name` | string | **{check-circle}** Yes | The name of the new project. | | `allow_merge_on_skipped_pipeline` | boolean | **{dotted-circle}** No | Set whether or not merge requests can be merged with skipped jobs. | | `analytics_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private` or `enabled` | | `approvals_before_merge` **(PREMIUM)** | integer | **{dotted-circle}** No | How many approvers should approve merge requests by default. | @@ -1216,7 +1219,6 @@ POST /projects/user/:user_id | `merge_requests_enabled` | boolean | **{dotted-circle}** No | _(Deprecated)_ Enable merge requests for this project. Use `merge_requests_access_level` instead. | | `mirror_trigger_builds` **(PREMIUM)** | boolean | **{dotted-circle}** No | Pull mirroring triggers builds. | | `mirror` **(PREMIUM)** | boolean | **{dotted-circle}** No | Enables pull mirroring in a project. | -| `name` | string | **{check-circle}** Yes | The name of the new project. | | `namespace_id` | integer | **{dotted-circle}** No | Namespace for the new project (defaults to the current user's namespace). | | `operations_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. | | `only_allow_merge_if_all_discussions_are_resolved` | boolean | **{dotted-circle}** No | Set whether merge requests can only be merged when all the discussions are resolved. | @@ -1240,7 +1242,6 @@ POST /projects/user/:user_id | `tag_list` | array | **{dotted-circle}** No | The list of tags for a project; put array of tags, that should be finally assigned to a project. | | `template_name` | string | **{dotted-circle}** No | When used without `use_custom_template`, name of a [built-in project template](../user/project/working_with_projects.md#built-in-templates). When used with `use_custom_template`, name of a custom project template. | | `use_custom_template` **(PREMIUM)** | boolean | **{dotted-circle}** No | Use either custom [instance](../user/admin_area/custom_project_templates.md) or [group](../user/group/custom_project_templates.md) (with `group_with_project_templates_id`) project template. | -| `user_id` | integer | **{check-circle}** Yes | The user ID of the project owner. | | `visibility` | string | **{dotted-circle}** No | See [project visibility level](#project-visibility-level). | | `wiki_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. | | `wiki_enabled` | boolean | **{dotted-circle}** No | _(Deprecated)_ Enable wiki for this project. Use `wiki_access_level` instead. | @@ -1660,26 +1661,26 @@ Example responses: [ { "starred_since": "2019-01-28T14:47:30.642Z", - "user": - { + "user": { "id": 1, "username": "jane_smith", "name": "Jane Smith", "state": "active", "avatar_url": "http://localhost:3000/uploads/user/avatar/1/cd8.jpeg", "web_url": "http://localhost:3000/jane_smith" - } + } }, + { "starred_since": "2018-01-02T11:40:26.570Z", - "user": - { - "id": 2, - "username": "janine_smith", - "name": "Janine Smith", - "state": "blocked", - "avatar_url": "http://gravatar.com/../e32131cd8.jpeg", - "web_url": "http://localhost:3000/janine_smith" - } + "user": { + "id": 2, + "username": "janine_smith", + "name": "Janine Smith", + "state": "blocked", + "avatar_url": "http://gravatar.com/../e32131cd8.jpeg", + "web_url": "http://localhost:3000/janine_smith" + } + } ] ``` @@ -2221,7 +2222,7 @@ PUT /projects/:id/hooks/:hook_id | `tag_push_events` | boolean | **{dotted-circle}** No | Trigger hook on tag push events. | | `token` | string | **{dotted-circle}** No | Secret token to validate received payloads; this isn't returned in the response. | | `url` | string | **{check-circle}** Yes | The hook URL. | -| `wiki_events` | boolean | **{dotted-circle}** No | Trigger hook on wiki events. | +| `wiki_page_events` | boolean | **{dotted-circle}** No | Trigger hook on wiki page events. | | `releases_events` | boolean | **{dotted-circle}** No | Trigger hook on release events. | ### Delete project hook diff --git a/doc/api/releases/img/upcoming_release_v12_1.png b/doc/api/releases/img/upcoming_release_v12_1.png Binary files differdeleted file mode 100644 index cc3070fd19d..00000000000 --- a/doc/api/releases/img/upcoming_release_v12_1.png +++ /dev/null diff --git a/doc/api/releases/index.md b/doc/api/releases/index.md index 67e441ee7e4..b2dc562ad27 100644 --- a/doc/api/releases/index.md +++ b/doc/api/releases/index.md @@ -10,6 +10,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - Using this API you can manipulate GitLab [Release](../../user/project/releases/index.md) entries. > - For manipulating links as a release asset, see [Release Links API](links.md). > - Release Evidences were [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26019) in GitLab 12.5. +> - `description_html` field was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/299447) in GitLab 13.12. ## List Releases @@ -39,7 +40,6 @@ Example response: "tag_name":"v0.2", "description":"## CHANGELOG\r\n\r\n- Escape label and milestone titles to prevent XSS in GFM autocomplete. !2740\r\n- Prevent private snippets from being embeddable.\r\n- Add subresources removal to member destroy service.", "name":"Awesome app v0.2 beta", - "description_html":"\u003ch2 dir=\"auto\"\u003e\n\u003ca id=\"user-content-changelog\" class=\"anchor\" href=\"#changelog\" aria-hidden=\"true\"\u003e\u003c/a\u003eCHANGELOG\u003c/h2\u003e\n\u003cul dir=\"auto\"\u003e\n\u003cli\u003eEscape label and milestone titles to prevent XSS in GFM autocomplete. !2740\u003c/li\u003e\n\u003cli\u003ePrevent private snippets from being embeddable.\u003c/li\u003e\n\u003cli\u003eAdd subresources removal to member destroy service.\u003c/li\u003e\n\u003c/ul\u003e", "created_at":"2019-01-03T01:56:19.539Z", "released_at":"2019-01-03T01:56:19.539Z", "author":{ @@ -144,9 +144,9 @@ Example response: }, "evidences":[ { - sha: "760d6cdfb0879c3ffedec13af470e0f71cf52c6cde4d", - filepath: "https://gitlab.example.com/root/awesome-app/-/releases/v0.2/evidence.json", - collected_at: "2019-01-03T01:56:19.539Z" + "sha": "760d6cdfb0879c3ffedec13af470e0f71cf52c6cde4d", + "filepath": "https://gitlab.example.com/root/awesome-app/-/releases/v0.2/evidence.json", + "collected_at": "2019-01-03T01:56:19.539Z" } ] }, @@ -154,7 +154,6 @@ Example response: "tag_name":"v0.1", "description":"## CHANGELOG\r\n\r\n-Remove limit of 100 when searching repository code. !8671\r\n- Show error message when attempting to reopen an MR and there is an open MR for the same branch. !16447 (Akos Gyimesi)\r\n- Fix a bug where internal email pattern wasn't respected. !22516", "name":"Awesome app v0.1 alpha", - "description_html":"\u003ch2 dir=\"auto\"\u003e\n\u003ca id=\"user-content-changelog\" class=\"anchor\" href=\"#changelog\" aria-hidden=\"true\"\u003e\u003c/a\u003eCHANGELOG\u003c/h2\u003e\n\u003cul dir=\"auto\"\u003e\n\u003cli\u003eRemove limit of 100 when searching repository code. !8671\u003c/li\u003e\n\u003cli\u003eShow error message when attempting to reopen an MR and there is an open MR for the same branch. !16447 (Akos Gyimesi)\u003c/li\u003e\n\u003cli\u003eFix a bug where internal email pattern wasn't respected. !22516\u003c/li\u003e\n\u003c/ul\u003e", "created_at":"2019-01-03T01:55:18.203Z", "released_at":"2019-01-03T01:55:18.203Z", "author":{ @@ -208,9 +207,9 @@ Example response: }, "evidences":[ { - sha: "c3ffedec13af470e760d6cdfb08790f71cf52c6cde4d", - filepath: "https://gitlab.example.com/root/awesome-app/-/releases/v0.1/evidence.json", - collected_at: "2019-01-03T01:55:18.203Z" + "sha": "c3ffedec13af470e760d6cdfb08790f71cf52c6cde4d", + "filepath": "https://gitlab.example.com/root/awesome-app/-/releases/v0.1/evidence.json", + "collected_at": "2019-01-03T01:55:18.203Z" } ] } @@ -243,7 +242,6 @@ Example response: "tag_name":"v0.1", "description":"## CHANGELOG\r\n\r\n- Remove limit of 100 when searching repository code. !8671\r\n- Show error message when attempting to reopen an MR and there is an open MR for the same branch. !16447 (Akos Gyimesi)\r\n- Fix a bug where internal email pattern wasn't respected. !22516", "name":"Awesome app v0.1 alpha", - "description_html":"\u003ch2 dir=\"auto\"\u003e\n\u003ca id=\"user-content-changelog\" class=\"anchor\" href=\"#changelog\" aria-hidden=\"true\"\u003e\u003c/a\u003eCHANGELOG\u003c/h2\u003e\n\u003cul dir=\"auto\"\u003e\n\u003cli\u003eRemove limit of 100 when searching repository code. !8671\u003c/li\u003e\n\u003cli\u003eShow error message when attempting to reopen an MR and there is an open MR for the same branch. !16447 (Akos Gyimesi)\u003c/li\u003e\n\u003cli\u003eFix a bug where internal email pattern wasn't respected. !22516\u003c/li\u003e\n\u003c/ul\u003e", "created_at":"2019-01-03T01:55:18.203Z", "released_at":"2019-01-03T01:55:18.203Z", "author":{ @@ -340,9 +338,9 @@ Example response: }, "evidences":[ { - sha: "760d6cdfb0879c3ffedec13af470e0f71cf52c6cde4d", - filepath: "https://gitlab.example.com/root/awesome-app/-/releases/v0.1/evidence.json", - collected_at: "2019-07-16T14:00:12.256Z" + "sha": "760d6cdfb0879c3ffedec13af470e0f71cf52c6cde4d", + "filepath": "https://gitlab.example.com/root/awesome-app/-/releases/v0.1/evidence.json", + "collected_at": "2019-07-16T14:00:12.256Z" } ] } @@ -386,7 +384,6 @@ Example response: "tag_name":"v0.3", "description":"Super nice release", "name":"New release", - "description_html":"\u003cp dir=\"auto\"\u003eSuper nice release\u003c/p\u003e", "created_at":"2019-01-03T02:22:45.118Z", "released_at":"2019-01-03T02:22:45.118Z", "author":{ @@ -482,7 +479,7 @@ Example response: } ], "evidence_file_path":"https://gitlab.example.com/root/awesome-app/-/releases/v0.3/evidence.json" - }, + } } ``` @@ -552,7 +549,6 @@ Example response: "tag_name":"v0.1", "description":"## CHANGELOG\r\n\r\n- Remove limit of 100 when searching repository code. !8671\r\n- Show error message when attempting to reopen an MR and there is an open MR for the same branch. !16447 (Akos Gyimesi)\r\n- Fix a bug where internal email pattern wasn't respected. !22516", "name":"new name", - "description_html":"\u003ch2 dir=\"auto\"\u003e\n\u003ca id=\"user-content-changelog\" class=\"anchor\" href=\"#changelog\" aria-hidden=\"true\"\u003e\u003c/a\u003eCHANGELOG\u003c/h2\u003e\n\u003cul dir=\"auto\"\u003e\n\u003cli\u003eRemove limit of 100 when searching repository code. !8671\u003c/li\u003e\n\u003cli\u003eShow error message when attempting to reopen an MR and there is an open MR for the same branch. !16447 (Akos Gyimesi)\u003c/li\u003e\n\u003cli\u003eFix a bug where internal email pattern wasn't respected. !22516\u003c/li\u003e\n\u003c/ul\u003e", "created_at":"2019-01-03T01:55:18.203Z", "released_at":"2019-01-03T01:55:18.203Z", "author":{ @@ -625,7 +621,7 @@ Example response: ], "evidence_file_path":"https://gitlab.example.com/root/awesome-app/-/releases/v0.1/evidence.json" - }, + } } ``` @@ -655,7 +651,6 @@ Example response: "tag_name":"v0.1", "description":"## CHANGELOG\r\n\r\n- Remove limit of 100 when searching repository code. !8671\r\n- Show error message when attempting to reopen an MR and there is an open MR for the same branch. !16447 (Akos Gyimesi)\r\n- Fix a bug where internal email pattern wasn't respected. !22516", "name":"new name", - "description_html":"\u003ch2 dir=\"auto\"\u003e\n\u003ca id=\"user-content-changelog\" class=\"anchor\" href=\"#changelog\" aria-hidden=\"true\"\u003e\u003c/a\u003eCHANGELOG\u003c/h2\u003e\n\u003cul dir=\"auto\"\u003e\n\u003cli\u003eRemove limit of 100 when searching repository code. !8671\u003c/li\u003e\n\u003cli\u003eShow error message when attempting to reopen an MR and there is an open MR for the same branch. !16447 (Akos Gyimesi)\u003c/li\u003e\n\u003cli\u003eFix a bug where internal email pattern wasn't respected. !22516\u003c/li\u003e\n\u003c/ul\u003e", "created_at":"2019-01-03T01:55:18.203Z", "released_at":"2019-01-03T01:55:18.203Z", "author":{ @@ -709,7 +704,7 @@ Example response: ], "evidence_file_path":"https://gitlab.example.com/root/awesome-app/-/releases/v0.1/evidence.json" - }, + } } ``` @@ -717,6 +712,5 @@ Example response: > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/38105) in GitLab 12.1. -A release with a `released_at` attribute set to a future date is labeled an **Upcoming Release** in the UI: - - +A release with a `released_at` attribute set to a future date is labeled +as an **Upcoming Release** [in the UI](../../user/project/releases/index.md#upcoming-releases). diff --git a/doc/api/resource_access_tokens.md b/doc/api/resource_access_tokens.md index 2b6400a6f0d..ecc5b3bf172 100644 --- a/doc/api/resource_access_tokens.md +++ b/doc/api/resource_access_tokens.md @@ -55,6 +55,7 @@ POST projects/:id/access_tokens | Attribute | Type | required | Description | |-----------|---------|----------|---------------------| +| `id` | integer/string | yes | The ID of the project | | `name` | String | yes | The name of the project access token | | `scopes` | Array\[String] | yes | [List of scopes](../user/project/settings/project_access_tokens.md#limiting-scopes-of-a-project-access-token) | | `expires_at` | Date | no | The token expires at midnight UTC on that date | diff --git a/doc/api/resource_label_events.md b/doc/api/resource_label_events.md index 6b682eac29c..0c1735c0664 100644 --- a/doc/api/resource_label_events.md +++ b/doc/api/resource_label_events.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Manage +group: Compilance info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/runners.md b/doc/api/runners.md index c96ff1b0360..1f0209c3cae 100644 --- a/doc/api/runners.md +++ b/doc/api/runners.md @@ -126,7 +126,7 @@ Example response: "ip_address": "127.0.0.1", "is_shared": true, "name": null, - "online": false + "online": false, "status": "offline" }, { @@ -136,7 +136,7 @@ Example response: "ip_address": "127.0.0.1", "is_shared": false, "name": null, - "online": true + "online": true, "status": "paused" }, { @@ -156,7 +156,7 @@ Example response: Get details of a runner. -[Maintainer access or higher](../user/permissions.md) is required to get runner details at the project and group level. +[Maintainer access or higher](../user/permissions.md) is required to get runner details at the project and group level. Instance-level runner details via this endpoint are available to all signed in users. @@ -428,7 +428,7 @@ Example response: "ip_address": "127.0.0.1", "is_shared": true, "name": null, - "online": true + "online": true, "status": "paused" } ] diff --git a/doc/api/services.md b/doc/api/services.md index 0b840d907f8..e658c51f7e6 100644 --- a/doc/api/services.md +++ b/doc/api/services.md @@ -7,7 +7,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Services API **(FREE)** NOTE: -This API requires an access token with Maintainer or Owner permissions +This API requires an access token with Maintainer or Owner permissions. ## List all active services @@ -42,7 +42,7 @@ Example response: "wiki_page_events": true, "job_events": true, "comment_on_event_enabled": true - } + }, { "id": 76, "title": "Alerts endpoint", @@ -572,7 +572,9 @@ GET /projects/:id/services/external-wiki ## Flowdock -Flowdock is a collaboration web app for technical teams. +Flowdock is a ChatOps application for collaboration in software engineering +companies. You can send notifications from GitLab events to Flowdock flows. +For integration instructions, see the [Flowdock documentation](https://www.flowdock.com/help/gitlab). ### Create/Edit Flowdock service @@ -1251,7 +1253,7 @@ Parameters: | `confidential_issue_channel` | string | false | The name of the channel to receive confidential issues events notifications | | `merge_request_channel` | string | false | The name of the channel to receive merge request events notifications | | `note_channel` | string | false | The name of the channel to receive note events notifications | -| `confidential_note_channel` | boolean | The name of the channel to receive confidential note events notifications | +| `confidential_note_channel` | string | false | The name of the channel to receive confidential note events notifications | | `tag_push_channel` | string | false | The name of the channel to receive tag push events notifications | | `pipeline_channel` | string | false | The name of the channel to receive pipeline events notifications | | `wiki_page_channel` | string | false | The name of the channel to receive wiki page events notifications | @@ -1326,10 +1328,15 @@ PUT /projects/:id/services/jenkins Parameters: -- `jenkins_url` (**required**) - Jenkins URL like `http://jenkins.example.com` -- `project_name` (**required**) - The URL-friendly project name. Example: my_project_name -- `username` (optional) - A user with access to the Jenkins server, if applicable -- `password` (optional) - The password of the user +| Parameter | Type | Required | Description | +| --------- | ---- | -------- | ----------- | +| `jenkins_url` | string | true | Jenkins URL like `http://jenkins.example.com`. | +| `project_name` | string | true | The URL-friendly project name. Example: `my_project_name`. | +| `username` | string | false | Username for authentication with the Jenkins server, if authentication is required by the server. | +| `password` | string | false | Password for authentication with the Jenkins server, if authentication is required by the server. | +| `push_events` | boolean | false | Enable notifications for push events. | +| `merge_requests_events` | boolean | false | Enable notifications for merge request events. | +| `tag_push_events` | boolean | false | Enable notifications for tag push events. | ### Delete Jenkins CI service diff --git a/doc/api/settings.md b/doc/api/settings.md index 6322f14442c..ada1d0e7fc4 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Manage +group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- @@ -88,6 +88,7 @@ Example response: "rate_limiting_response_text": null, "keep_latest_artifact": true, "admin_mode": false, + "floc_enabled": false, "external_pipeline_validation_service_timeout": null, "external_pipeline_validation_service_token": null, "external_pipeline_validation_service_url": null @@ -216,17 +217,17 @@ listed in the descriptions of the relevant settings. | Attribute | Type | Required | Description | |------------------------------------------|------------------|:------------------------------------:|-------------| -| `admin_mode` | boolean | no | Require admins to enable Admin Mode by re-authenticating for administrative tasks. | -| `admin_notification_email` | string | no | Deprecated: Use `abuse_notification_email` instead. If set, [abuse reports](../user/admin_area/abuse_reports.md) are sent to this address. Abuse reports are always available in the Admin Area. | -| `abuse_notification_email` | string | no | If set, [abuse reports](../user/admin_area/abuse_reports.md) are sent to this address. Abuse reports are always available in the Admin Area. | +| `admin_mode` | boolean | no | Require administrators to enable Admin Mode by re-authenticating for administrative tasks. | +| `admin_notification_email` | string | no | Deprecated: Use `abuse_notification_email` instead. If set, [abuse reports](../user/admin_area/review_abuse_reports.md) are sent to this address. Abuse reports are always available in the Admin Area. | +| `abuse_notification_email` | string | no | If set, [abuse reports](../user/admin_area/review_abuse_reports.md) are sent to this address. Abuse reports are always available in the Admin Area. | | `after_sign_out_path` | string | no | Where to redirect users after logout. | -| `after_sign_up_text` | string | no | Text shown to the user after signing up | +| `after_sign_up_text` | string | no | Text shown to the user after signing up. | | `akismet_api_key` | string | required by: `akismet_enabled` | API key for Akismet spam protection. | | `akismet_enabled` | boolean | no | (**If enabled, requires:** `akismet_api_key`) Enable or disable Akismet spam protection. | -| `allow_group_owners_to_manage_ldap` | boolean | no | **(PREMIUM)** Set to `true` to allow group owners to manage LDAP | +| `allow_group_owners_to_manage_ldap` | boolean | no | **(PREMIUM)** Set to `true` to allow group owners to manage LDAP. | | `allow_local_requests_from_hooks_and_services` | boolean | no | (Deprecated: Use `allow_local_requests_from_web_hooks_and_services` instead) Allow requests to the local network from hooks and services. | -| `allow_local_requests_from_system_hooks` | boolean | no | Allow requests to the local network from system hooks. | -| `allow_local_requests_from_web_hooks_and_services` | boolean | no | Allow requests to the local network from web hooks and services. | +| `allow_local_requests_from_system_hooks` | boolean | no | Allow requests to the local network from system hooks. | +| `allow_local_requests_from_web_hooks_and_services` | boolean | no | Allow requests to the local network from web hooks and services. | | `archive_builds_in_human_readable` | string | no | Set the duration for which the jobs are considered as old and expired. After that time passes, the jobs are archived and no longer able to be retried. Make it empty to never expire jobs. It has to be no less than 1 day, for example: <code>15 days</code>, <code>1 month</code>, <code>2 years</code>. | | `asset_proxy_enabled` | boolean | no | (**If enabled, requires:** `asset_proxy_url`) Enable proxying of assets. GitLab restart is required to apply changes. | | `asset_proxy_secret_key` | string | no | Shared secret with the asset proxy server. GitLab restart is required to apply changes. | @@ -242,7 +243,7 @@ listed in the descriptions of the relevant settings. | `container_registry_token_expire_delay` | integer | no | Container Registry token duration in minutes. | | `default_artifacts_expire_in` | string | no | Set the default expiration time for each job's artifacts. | | `default_branch_protection` | integer | no | Determine if developers can push to the default branch. Can take: `0` _(not protected, both developers and maintainers can push new commits, force push, or delete the branch)_, `1` _(partially protected, developers and maintainers can push new commits, but cannot force push, or delete, the branch)_ or `2` _(fully protected, developers cannot push new commits, but maintainers can; no-one can force push or delete the branch)_ as a parameter. Default is `2`. | -| `default_ci_config_path` | string | no | Default CI configuration path for new projects (`.gitlab-ci.yml` if not set). | +| `default_ci_config_path` | string | no | Default CI configuration path for new projects (`.gitlab-ci.yml` if not set). | | `default_group_visibility` | string | no | What visibility level new groups receive. Can take `private`, `internal` and `public` as a parameter. Default is `private`. | | `default_project_creation` | integer | no | Default project creation protection. Can take: `0` _(No one)_, `1` _(Maintainers)_ or `2` _(Developers + Maintainers)_| | `default_project_visibility` | string | no | What visibility level new projects receive. Can take `private`, `internal` and `public` as a parameter. Default is `private`. | @@ -259,41 +260,43 @@ listed in the descriptions of the relevant settings. | `dsa_key_restriction` | integer | no | The minimum allowed bit length of an uploaded DSA key. Default is `0` (no restriction). `-1` disables DSA keys. | | `ecdsa_key_restriction` | integer | no | The minimum allowed curve size (in bits) of an uploaded ECDSA key. Default is `0` (no restriction). `-1` disables ECDSA keys. | | `ed25519_key_restriction` | integer | no | The minimum allowed curve size (in bits) of an uploaded ED25519 key. Default is `0` (no restriction). `-1` disables ED25519 keys. | -| `eks_access_key_id` | string | no | AWS IAM access key ID | -| `eks_account_id` | string | no | Amazon account ID | -| `eks_integration_enabled` | boolean | no | Enable integration with Amazon EKS | -| `eks_secret_access_key` | string | no | AWS IAM secret access key | -| `elasticsearch_aws_access_key` | string | no | **(PREMIUM)** AWS IAM access key | -| `elasticsearch_aws_region` | string | no | **(PREMIUM)** The AWS region the Elasticsearch domain is configured | -| `elasticsearch_aws_secret_access_key` | string | no | **(PREMIUM)** AWS IAM secret access key | -| `elasticsearch_aws` | boolean | no | **(PREMIUM)** Enable the use of AWS hosted Elasticsearch | -| `elasticsearch_indexed_field_length_limit` | integer | no | **(PREMIUM)** Maximum size of text fields to index by Elasticsearch. 0 value means no limit. This does not apply to repository and wiki indexing. | -| `elasticsearch_indexed_file_size_limit_kb` | integer | no | **(PREMIUM)** Maximum size of repository and wiki files that are indexed by Elasticsearch. | -| `elasticsearch_indexing` | boolean | no | **(PREMIUM)** Enable Elasticsearch indexing | -| `elasticsearch_limit_indexing` | boolean | no | **(PREMIUM)** Limit Elasticsearch to index certain namespaces and projects | -| `elasticsearch_max_bulk_concurrency` | integer | no | **(PREMIUM)** Maximum concurrency of Elasticsearch bulk requests per indexing operation. This only applies to repository indexing operations. | -| `elasticsearch_max_bulk_size_mb` | integer | no | **(PREMIUM)** Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations. | +| `eks_access_key_id` | string | no | AWS IAM access key ID. | +| `eks_account_id` | string | no | Amazon account ID. | +| `eks_integration_enabled` | boolean | no | Enable integration with Amazon EKS. | +| `eks_secret_access_key` | string | no | AWS IAM secret access key. | +| `elasticsearch_aws_access_key` | string | no | **(PREMIUM)** AWS IAM access key. | +| `elasticsearch_aws_region` | string | no | **(PREMIUM)** The AWS region the Elasticsearch domain is configured. | +| `elasticsearch_aws_secret_access_key` | string | no | **(PREMIUM)** AWS IAM secret access key. | +| `elasticsearch_aws` | boolean | no | **(PREMIUM)** Enable the use of AWS hosted Elasticsearch. | +| `elasticsearch_indexed_field_length_limit` | integer | no | **(PREMIUM)** Maximum size of text fields to index by Elasticsearch. 0 value means no limit. This does not apply to repository and wiki indexing. | +| `elasticsearch_indexed_file_size_limit_kb` | integer | no | **(PREMIUM)** Maximum size of repository and wiki files that are indexed by Elasticsearch. | +| `elasticsearch_indexing` | boolean | no | **(PREMIUM)** Enable Elasticsearch indexing. | +| `elasticsearch_limit_indexing` | boolean | no | **(PREMIUM)** Limit Elasticsearch to index certain namespaces and projects. | +| `elasticsearch_max_bulk_concurrency` | integer | no | **(PREMIUM)** Maximum concurrency of Elasticsearch bulk requests per indexing operation. This only applies to repository indexing operations. | +| `elasticsearch_max_bulk_size_mb` | integer | no | **(PREMIUM)** Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations. | | `elasticsearch_namespace_ids` | array of integers | no | **(PREMIUM)** The namespaces to index via Elasticsearch if `elasticsearch_limit_indexing` is enabled. | | `elasticsearch_project_ids` | array of integers | no | **(PREMIUM)** The projects to index via Elasticsearch if `elasticsearch_limit_indexing` is enabled. | -| `elasticsearch_search` | boolean | no | **(PREMIUM)** Enable Elasticsearch search | -| `elasticsearch_url` | string | no | **(PREMIUM)** The URL to use for connecting to Elasticsearch. Use a comma-separated list to support cluster (for example, `http://localhost:9200, http://localhost:9201"`). If your Elasticsearch instance is password protected, pass the `username:password` in the URL (for example, `http://<username>:<password>@<elastic_host>:9200/`). | -| `email_additional_text` | string | no | **(PREMIUM)** Additional text added to the bottom of every email for legal/auditing/compliance reasons | +| `elasticsearch_search` | boolean | no | **(PREMIUM)** Enable Elasticsearch search. | +| `elasticsearch_url` | string | no | **(PREMIUM)** The URL to use for connecting to Elasticsearch. Use a comma-separated list to support cluster (for example, `http://localhost:9200, http://localhost:9201"`). | +| `elasticsearch_username` | string | no | **(PREMIUM)** The `username` of your Elasticsearch instance. | +| `elasticsearch_password` | string | no | **(PREMIUM)** The password of your Elasticsearch instance. | +| `email_additional_text` | string | no | **(PREMIUM)** Additional text added to the bottom of every email for legal/auditing/compliance reasons. | | `email_author_in_body` | boolean | no | Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead. | | `enabled_git_access_protocol` | string | no | Enabled protocols for Git access. Allowed values are: `ssh`, `http`, and `nil` to allow both protocols. | | `enforce_namespace_storage_limit` | boolean | no | Enabling this permits enforcement of namespace storage limits. | | `enforce_terms` | boolean | no | (**If enabled, requires:** `terms`) Enforce application ToS to all users. | -| `external_auth_client_cert` | string | no | (**If enabled, requires:** `external_auth_client_key`) The certificate to use to authenticate with the external authorization service | -| `external_auth_client_key_pass` | string | no | Passphrase to use for the private key when authenticating with the external service this is encrypted when stored | -| `external_auth_client_key` | string | required by: `external_auth_client_cert` | Private key for the certificate when authentication is required for the external authorization service, this is encrypted when stored | +| `external_auth_client_cert` | string | no | (**If enabled, requires:** `external_auth_client_key`) The certificate to use to authenticate with the external authorization service. | +| `external_auth_client_key_pass` | string | no | Passphrase to use for the private key when authenticating with the external service this is encrypted when stored. | +| `external_auth_client_key` | string | required by: `external_auth_client_cert` | Private key for the certificate when authentication is required for the external authorization service, this is encrypted when stored. | | `external_authorization_service_default_label` | string | required by:<br>`external_authorization_service_enabled` | The default classification label to use when requesting authorization and no classification label has been specified on the project. | -| `external_authorization_service_enabled` | boolean | no | (**If enabled, requires:** `external_authorization_service_default_label`, `external_authorization_service_timeout` and `external_authorization_service_url`) Enable using an external authorization service for accessing projects | -| `external_authorization_service_timeout` | float | required by:<br>`external_authorization_service_enabled` | The timeout after which an authorization request is aborted, in seconds. When a request times out, access is denied to the user. (min: 0.001, max: 10, step: 0.001). | +| `external_authorization_service_enabled` | boolean | no | (**If enabled, requires:** `external_authorization_service_default_label`, `external_authorization_service_timeout` and `external_authorization_service_url`) Enable using an external authorization service for accessing projects. | +| `external_authorization_service_timeout` | float | required by:<br>`external_authorization_service_enabled` | The timeout after which an authorization request is aborted, in seconds. When a request times out, access is denied to the user. (min: 0.001, max: 10, step: 0.001). | | `external_authorization_service_url` | string | required by:<br>`external_authorization_service_enabled` | URL to which authorization requests are directed. | -| `external_pipeline_validation_service_url` | string | no | URL to which pipeline validation requests are directed. | -| `external_pipeline_validation_service_token` | string | no | An optional token to include as the `X-Gitlab-Token` header in requests to the URL in external_pipeline_validation_service_url. | -| `external_pipeline_validation_service_timeout` | integer | no | How long to wait for a response from the pipeline validation service before giving up and assuming 'OK'. | -| `file_template_project_id` | integer | no | **(PREMIUM)** The ID of a project to load custom file templates from | -| `first_day_of_week` | integer | no | Start day of the week for calendar views and date pickers. Valid values are `0` (default) for Sunday, `1` for Monday, and `6` for Saturday. | +| `external_pipeline_validation_service_url` | string | no | URL to use for pipeline validation requests. | +| `external_pipeline_validation_service_token` | string | no | (Optional) Token to include as the `X-Gitlab-Token` header in requests to the URL in `external_pipeline_validation_service_url`. | +| `external_pipeline_validation_service_timeout` | integer | no | How long to wait for a response from the pipeline validation service. Assumes `OK` if it times out. | +| `file_template_project_id` | integer | no | **(PREMIUM)** The ID of a project to load custom file templates from. | +| `first_day_of_week` | integer | no | Start day of the week for calendar views and date pickers. Valid values are `0` (default) for Sunday, `1` for Monday, and `6` for Saturday. | | `geo_node_allowed_ips` | string | yes | **(PREMIUM)** Comma-separated list of IPs and CIDRs of allowed secondary nodes. For example, `1.1.1.1, 2.2.2.0/24`. | | `geo_status_timeout` | integer | no | **(PREMIUM)** The amount of seconds after which a request to get a secondary node status times out. | | `git_two_factor_session_expiry` | integer | no | **(PREMIUM)** Maximum duration (in minutes) of a session for Git operations when 2FA is enabled. | @@ -307,7 +310,7 @@ listed in the descriptions of the relevant settings. | `help_page_hide_commercial_content` | boolean | no | Hide marketing-related entries from help. | | `help_page_support_url` | string | no | Alternate support URL for help page and help dropdown. | | `help_page_text` | string | no | Custom text displayed on the help page. | -| `help_text` | string | no | **(PREMIUM)** GitLab server administrator information | +| `help_text` | string | no | **(PREMIUM)** GitLab server administrator information. | | `hide_third_party_offers` | boolean | no | Do not display offers from third parties in GitLab. | | `home_page_url` | string | no | Redirect to this URL when not logged in. | | `housekeeping_bitmaps_enabled` | boolean | required by: `housekeeping_enabled` | Enable Git pack file bitmap creation. | @@ -322,27 +325,27 @@ listed in the descriptions of the relevant settings. | `issues_create_limit` | integer | no | Max number of issue creation requests per minute per user. Disabled by default.| | `keep_latest_artifact` | boolean | no | Prevent the deletion of the artifacts from the most recent successful jobs, regardless of the expiry time. Enabled by default. | | `local_markdown_version` | integer | no | Increase this value when any cached Markdown should be invalidated. | -| `maintenance_mode_message` | string | no | **(PREMIUM)** Message displayed when instance is in maintenance mode | -| `maintenance_mode` | boolean | no | **(PREMIUM)** When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests | -| `max_artifacts_size` | integer | no | Maximum artifacts size in MB | -| `max_attachment_size` | integer | no | Limit attachment size in MB | +| `maintenance_mode_message` | string | no | **(PREMIUM)** Message displayed when instance is in maintenance mode. | +| `maintenance_mode` | boolean | no | **(PREMIUM)** When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests. | +| `max_artifacts_size` | integer | no | Maximum artifacts size in MB. | +| `max_attachment_size` | integer | no | Limit attachment size in MB. | | `max_import_size` | integer | no | Maximum import size in MB. 0 for unlimited. Default = 0 (unlimited) [Modified](https://gitlab.com/gitlab-org/gitlab/-/issues/251106) from 50MB to 0 in GitLab 13.8. | -| `max_pages_size` | integer | no | Maximum size of pages repositories in MB | -| `max_personal_access_token_lifetime` | integer | no | **(ULTIMATE SELF)** Maximum allowable lifetime for personal access tokens in days | +| `max_pages_size` | integer | no | Maximum size of pages repositories in MB. | +| `max_personal_access_token_lifetime` | integer | no | **(ULTIMATE SELF)** Maximum allowable lifetime for personal access tokens in days. | | `metrics_method_call_threshold` | integer | no | A method call is only tracked when it takes longer than the given amount of milliseconds. | | `mirror_available` | boolean | no | Allow repository mirroring to configured by project Maintainers. If disabled, only Administrators can configure repository mirroring. | -| `mirror_capacity_threshold` | integer | no | **(PREMIUM)** Minimum capacity to be available before scheduling more mirrors preemptively | +| `mirror_capacity_threshold` | integer | no | **(PREMIUM)** Minimum capacity to be available before scheduling more mirrors preemptively. | | `mirror_max_capacity` | integer | no | **(PREMIUM)** Maximum number of mirrors that can be synchronizing at the same time. | | `mirror_max_delay` | integer | no | **(PREMIUM)** Maximum time (in minutes) between updates that a mirror can have when scheduled to synchronize. | -| `npm_package_requests_forwarding` | boolean | no | **(PREMIUM)** Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm | +| `npm_package_requests_forwarding` | boolean | no | **(PREMIUM)** Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm. | | `outbound_local_requests_whitelist` | array of strings | no | Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for hooks and services are disabled. -| `pages_domain_verification_enabled` | boolean | no | Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. | +| `pages_domain_verification_enabled` | boolean | no | Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. | | `password_authentication_enabled_for_git` | boolean | no | Enable authentication for Git over HTTP(S) via a GitLab account password. Default is `true`. | | `password_authentication_enabled_for_web` | boolean | no | Enable authentication for the web interface via a GitLab account password. Default is `true`. | | `performance_bar_allowed_group_id` | string | no | (Deprecated: Use `performance_bar_allowed_group_path` instead) Path of the group that is allowed to toggle the performance bar. | | `performance_bar_allowed_group_path` | string | no | Path of the group that is allowed to toggle the performance bar. | | `performance_bar_enabled` | boolean | no | (Deprecated: Pass `performance_bar_allowed_group_path: nil` instead) Allow enabling the performance bar. | -| `personal_access_token_prefix` | string | no | Prefix for all generated personal access tokens. | +| `personal_access_token_prefix` | string | no | Prefix for all generated personal access tokens. | | `plantuml_enabled` | boolean | no | (**If enabled, requires:** `plantuml_url`) Enable PlantUML integration. Default is `false`. | | `plantuml_url` | string | required by: `plantuml_enabled` | The PlantUML instance URL for integration. | | `polling_interval_multiplier` | decimal | no | Interval multiplier used by endpoints that perform polling. Set to `0` to disable polling. | @@ -362,12 +365,12 @@ listed in the descriptions of the relevant settings. | `repository_size_limit` | integer | no | **(PREMIUM)** Size limit per repository (MB) | | `repository_storages_weighted` | hash of strings to integers | no | (GitLab 13.1 and later) Hash of names of taken from `gitlab.yml` to [weights](../administration/repository_storage_paths.md#configure-where-new-repositories-are-stored). New projects are created in one of these stores, chosen by a weighted random selection. | | `repository_storages` | array of strings | no | (GitLab 13.0 and earlier) List of names of enabled storage paths, taken from `gitlab.yml`. New projects are created in one of these stores, chosen at random. | -| `require_admin_approval_after_user_signup` | boolean | no | When enabled, any user that signs up for an account using the registration form is placed under a **Pending approval** state and has to be explicitly [approved](../user/admin_area/approving_users.md) by an administrator. | +| `require_admin_approval_after_user_signup` | boolean | no | When enabled, any user that signs up for an account using the registration form is placed under a **Pending approval** state and has to be explicitly [approved](../user/admin_area/approving_users.md) by an administrator. | | `require_two_factor_authentication` | boolean | no | (**If enabled, requires:** `two_factor_grace_period`) Require all users to set up Two-factor authentication. | | `restricted_visibility_levels` | array of strings | no | Selected levels cannot be used by non-Administrator users for groups, projects or snippets. Can take `private`, `internal` and `public` as a parameter. Default is `null` which means there is no restriction. | | `rsa_key_restriction` | integer | no | The minimum allowed bit length of an uploaded RSA key. Default is `0` (no restriction). `-1` disables RSA keys. | -| `send_user_confirmation_email` | boolean | no | Send confirmation email on sign-up. | -| `session_expire_delay` | integer | no | Session duration in minutes. GitLab restart is required to apply changes | +| `send_user_confirmation_email` | boolean | no | Send confirmation email on sign-up. | +| `session_expire_delay` | integer | no | Session duration in minutes. GitLab restart is required to apply changes. | | `shared_runners_enabled` | boolean | no | (**If enabled, requires:** `shared_runners_text` and `shared_runners_minutes`) Enable shared runners for new projects. | | `shared_runners_minutes` | integer | required by: `shared_runners_enabled` | **(PREMIUM)** Set the maximum number of pipeline minutes that a group can use on shared runners per month. | | `shared_runners_text` | string | required by: `shared_runners_enabled` | Shared runners text. | @@ -375,29 +378,30 @@ listed in the descriptions of the relevant settings. | `signin_enabled` | string | no | (Deprecated: Use `password_authentication_enabled_for_web` instead) Flag indicating if password authentication is enabled for the web interface. | | `signup_enabled` | boolean | no | Enable registration. Default is `true`. | | `slack_app_enabled` | boolean | no | **(PREMIUM)** (**If enabled, requires:** `slack_app_id`, `slack_app_secret` and `slack_app_secret`) Enable Slack app. | -| `slack_app_id` | string | required by: `slack_app_enabled` | **(PREMIUM)** The app ID of the Slack-app. | -| `slack_app_secret` | string | required by: `slack_app_enabled` | **(PREMIUM)** The app secret of the Slack-app. | -| `slack_app_verification_token` | string | required by: `slack_app_enabled` | **(PREMIUM)** The verification token of the Slack-app. | +| `slack_app_id` | string | required by: `slack_app_enabled` | **(PREMIUM)** The app ID of the Slack-app. | +| `slack_app_secret` | string | required by: `slack_app_enabled` | **(PREMIUM)** The app secret of the Slack-app. | +| `slack_app_verification_token` | string | required by: `slack_app_enabled` | **(PREMIUM)** The verification token of the Slack-app. | | `snippet_size_limit` | integer | no | Max snippet content size in **bytes**. Default: 52428800 Bytes (50MB).| | `snowplow_app_id` | string | no | The Snowplow site name / application ID. (for example, `gitlab`) | | `snowplow_collector_hostname` | string | required by: `snowplow_enabled` | The Snowplow collector hostname. (for example, `snowplow.trx.gitlab.net`) | | `snowplow_cookie_domain` | string | no | The Snowplow cookie domain. (for example, `.gitlab.com`) | | `snowplow_enabled` | boolean | no | Enable snowplow tracking. | -| `sourcegraph_enabled` | boolean | no | Enables Sourcegraph integration. Default is `false`. **If enabled, requires** `sourcegraph_url`. | +| `sourcegraph_enabled` | boolean | no | Enables Sourcegraph integration. Default is `false`. **If enabled, requires** `sourcegraph_url`. | | `sourcegraph_public_only` | boolean | no | Blocks Sourcegraph from being loaded on private and internal projects. Default is `true`. | -| `sourcegraph_url` | string | required by: `sourcegraph_enabled` | The Sourcegraph instance URL for integration. | +| `sourcegraph_url` | string | required by: `sourcegraph_enabled` | The Sourcegraph instance URL for integration. | | `spam_check_endpoint_enabled` | boolean | no | Enables Spam Check via external API endpoint. Default is `false`. | | `spam_check_endpoint_url` | string | no | URL of the external Spam Check service endpoint. | +| `spam_check_api_key` | string | no | The API key used by GitLab for accessing the Spam Check service endpoint. | | `terminal_max_session_time` | integer | no | Maximum time for web terminal websocket connection (in seconds). Set to `0` for unlimited time. | | `terms` | text | required by: `enforce_terms` | (**Required by:** `enforce_terms`) Markdown content for the ToS. | | `throttle_authenticated_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_authenticated_api_period_in_seconds` and `throttle_authenticated_api_requests_per_period`) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | -| `throttle_authenticated_api_period_in_seconds` | integer | required by:<br>`throttle_authenticated_api_enabled` | Rate limit period in seconds. | +| `throttle_authenticated_api_period_in_seconds` | integer | required by:<br>`throttle_authenticated_api_enabled` | Rate limit period in seconds. | | `throttle_authenticated_api_requests_per_period` | integer | required by:<br>`throttle_authenticated_api_enabled` | Max requests per period per user. | | `throttle_authenticated_web_enabled` | boolean | no | (**If enabled, requires:** `throttle_authenticated_web_period_in_seconds` and `throttle_authenticated_web_requests_per_period`) Enable authenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | | `throttle_authenticated_web_period_in_seconds` | integer | required by:<br>`throttle_authenticated_web_enabled` | Rate limit period in seconds. | | `throttle_authenticated_web_requests_per_period` | integer | required by:<br>`throttle_authenticated_web_enabled` | Max requests per period per user. | | `throttle_unauthenticated_enabled` | boolean | no | (**If enabled, requires:** `throttle_unauthenticated_period_in_seconds` and `throttle_unauthenticated_requests_per_period`) Enable unauthenticated request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | -| `throttle_unauthenticated_period_in_seconds` | integer | required by:<br>`throttle_unauthenticated_enabled` | Rate limit period in seconds. | +| `throttle_unauthenticated_period_in_seconds` | integer | required by:<br>`throttle_unauthenticated_enabled` | Rate limit period in seconds. | | `throttle_unauthenticated_requests_per_period` | integer | required by:<br>`throttle_unauthenticated_enabled` | Max requests per period per IP. | | `time_tracking_limit_to_hours` | boolean | no | Limit display of time tracking units to hours. Default is `false`. | | `two_factor_grace_period` | integer | required by: `require_two_factor_authentication` | Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication. | @@ -408,8 +412,9 @@ listed in the descriptions of the relevant settings. | `user_default_external` | boolean | no | Newly registered users are external by default. | | `user_default_internal_regex` | string | no | Specify an e-mail address regex pattern to identify default internal users. | | `user_oauth_applications` | boolean | no | Allow users to register any application to use GitLab as an OAuth provider. | -| `user_show_add_ssh_key_message` | boolean | no | When set to `false` disable the "You won't be able to pull or push project code via SSH" warning shown to users with no uploaded SSH key. | +| `user_show_add_ssh_key_message` | boolean | no | When set to `false` disable the `You won't be able to pull or push project code via SSH` warning shown to users with no uploaded SSH key. | | `version_check_enabled` | boolean | no | Let GitLab inform you when an update is available. | +| `whats_new_variant` | string | no | What's new variant, possible values: `all_tiers`, `current_tier`, and `disabled`. | | `web_ide_clientside_preview_enabled` | boolean | no | Live Preview (allow live previews of JavaScript projects in the Web IDE using CodeSandbox Live Preview). | | `wiki_page_max_content_bytes` | integer | no | Maximum wiki page content size in **bytes**. Default: 52428800 Bytes (50 MB). The minimum value is 1024 bytes. | diff --git a/doc/api/sidekiq_metrics.md b/doc/api/sidekiq_metrics.md index 4791f066cd2..bcb59a6dad3 100644 --- a/doc/api/sidekiq_metrics.md +++ b/doc/api/sidekiq_metrics.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Enablement +group: Distribution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/statistics.md b/doc/api/statistics.md index 3899d5bde76..a57838e6496 100644 --- a/doc/api/statistics.md +++ b/doc/api/statistics.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Manage +group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/system_hooks.md b/doc/api/system_hooks.md index 3348157129d..101769e6323 100644 --- a/doc/api/system_hooks.md +++ b/doc/api/system_hooks.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/templates/gitignores.md b/doc/api/templates/gitignores.md index 6f2e5a83903..f1bf8120574 100644 --- a/doc/api/templates/gitignores.md +++ b/doc/api/templates/gitignores.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Create +group: Source Code info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- diff --git a/doc/api/templates/licenses.md b/doc/api/templates/licenses.md index fb76bd81e50..e7eaa6eb3e0 100644 --- a/doc/api/templates/licenses.md +++ b/doc/api/templates/licenses.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Secure +group: Composition Analysis info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- diff --git a/doc/api/todos.md b/doc/api/todos.md index 3b2e3acb38b..864f87f988e 100644 --- a/doc/api/todos.md +++ b/doc/api/todos.md @@ -102,7 +102,6 @@ Example Response: }, "merge_when_pipeline_succeeds": false, "merge_status": "cannot_be_merged", - "subscribed": true, "user_notes_count": 7 }, "target_url": "https://gitlab.example.com/gitlab-org/gitlab-foss/-/merge_requests/7", @@ -176,7 +175,6 @@ Example Response: }, "merge_when_pipeline_succeeds": false, "merge_status": "cannot_be_merged", - "subscribed": true, "user_notes_count": 7 }, "target_url": "https://gitlab.example.com/gitlab-org/gitlab-foss/-/merge_requests/7", diff --git a/doc/api/users.md b/doc/api/users.md index 0e4012935f9..ac8fbe8492f 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -190,7 +190,7 @@ GET /users ] ``` -Users on GitLab [Premium or higher](https://about.gitlab.com/pricing/) also see the `shared_runners_minutes_limit`, `extra_shared_runners_minutes_limit`, and `using_license_seat` parameters. +Users on GitLab [Premium or higher](https://about.gitlab.com/pricing/) also see the `shared_runners_minutes_limit`, `extra_shared_runners_minutes_limit`, `is_auditor`, and `using_license_seat` parameters. ```json [ @@ -199,6 +199,7 @@ Users on GitLab [Premium or higher](https://about.gitlab.com/pricing/) also see ... "shared_runners_minutes_limit": 133, "extra_shared_runners_minutes_limit": 133, + "is_auditor": false, "using_license_seat": true ... } @@ -359,12 +360,13 @@ NOTE: The `plan` and `trial` parameters are only available on GitLab Enterprise Edition. Users on GitLab [Premium or higher](https://about.gitlab.com/pricing/) also see -the `shared_runners_minutes_limit`, and `extra_shared_runners_minutes_limit` parameters. +the `shared_runners_minutes_limit`, `is_auditor`, and `extra_shared_runners_minutes_limit` parameters. ```json { "id": 1, "username": "john_smith", + "is_auditor": false, "shared_runners_minutes_limit": 133, "extra_shared_runners_minutes_limit": 133, ... @@ -628,6 +630,8 @@ GET /user } ``` +Users on GitLab [Premium or higher](https://about.gitlab.com/pricing/) also see the `shared_runners_minutes_limit`, `extra_shared_runners_minutes_limit`, `is_auditor`, and `using_license_seat` parameters. + ## User status Get the status of the currently signed in user. @@ -1762,6 +1766,6 @@ Example response: "source_name": "Group three", "source_type": "Namespace", "access_level": "20" - }, + } ] ``` diff --git a/doc/api/v3_to_v4.md b/doc/api/v3_to_v4.md index c63a04228a5..c6d883371a3 100644 --- a/doc/api/v3_to_v4.md +++ b/doc/api/v3_to_v4.md @@ -1,92 +1,18 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # API V3 to API V4 -In GitLab 9.0 and later, API V4 is the preferred version to be used. +WARNING: +The GitLab API v3 was removed in [GitLab 11.0](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/36819). -API V3 was unsupported from GitLab 9.5, released on August -22, 2017. API v3 was removed in [GitLab 11.0](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/36819). -The V3 API documentation is still -[available](https://gitlab.com/gitlab-org/gitlab-foss/blob/8-16-stable/doc/api/README.md). +For information about the current version of the GitLab API, read the [API documentation](README.md). -Below are the changes made between V3 and V4. +## Related links -## 8.17 - -- Removed `GET /projects/:search` (use: `GET /projects?search=x`) [!8877](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8877) -- `iid` filter has been removed from `GET /projects/:id/issues` [!8967](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8967) -- `GET /projects/:id/merge_requests?iid[]=x&iid[]=y` array filter has been renamed to `iids` [!8793](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8793) -- Endpoints under `GET /projects/merge_request/:id` have been removed (use: `GET /projects/merge_requests/:id`) [!8793](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8793) -- Project snippets do not return deprecated field `expires_at` [!8723](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8723) -- Endpoints under `GET /projects/:id/keys` have been removed (use `GET /projects/:id/deploy_keys`) [!8716](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8716) - -## 9.0 - -- Status 409 returned for `POST /projects/:id/members` when a member already exists [!9093](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9093) -- Moved `DELETE /projects/:id/star` to `POST /projects/:id/unstar` [!9328](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9328) -- Removed the following deprecated Templates endpoints (these are still accessible with `/templates` prefix) [!8853](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8853) - - `/licenses` - - `/licenses/:key` - - `/gitignores` - - `/gitlab_ci_ymls` - - `/dockerfiles` - - `/gitignores/:key` - - `/gitlab_ci_ymls/:key` - - `/dockerfiles/:key` -- Moved `POST /projects/fork/:id` to `POST /projects/:id/fork` [!8940](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8940) -- Moved `DELETE /todos` to `POST /todos/mark_as_done` and `DELETE /todos/:todo_id` to `POST /todos/:todo_id/mark_as_done` [!9410](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9410) -- Project filters are no longer available as `GET /projects/foo`, but as `GET /projects?foo=true` instead [!8962](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8962) - - `GET /projects/visible` & `GET /projects/all` are consolidated into `GET /projects` and can be used with or without authorization - - `GET /projects/owned` moved to `GET /projects?owned=true` - - `GET /projects/starred` moved to `GET /projects?starred=true` -- `GET /projects` returns all projects visible to current user, even if the user is not a member [!9674](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9674) - - To get projects the user is a member of, use `GET /projects?membership=true` -- Return pagination headers for all endpoints that return an array [!8606](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8606) -- Added `POST /environments/:environment_id/stop` to stop an environment [!8808](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8808) -- Removed `DELETE /projects/:id/deploy_keys/:key_id/disable`. Use `DELETE /projects/:id/deploy_keys/:key_id` instead [!9366](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9366) -- Moved `PUT /users/:id/(block|unblock)` to `POST /users/:id/(block|unblock)` [!9371](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9371) -- Make subscription API more RESTful. Use `POST /projects/:id/:subscribable_type/:subscribable_id/subscribe` to subscribe and `POST /projects/:id/:subscribable_type/:subscribable_id/unsubscribe` to unsubscribe from a resource. [!9325](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9325) -- Labels filter on `GET /projects/:id/issues` and `GET /issues` now matches only issues containing all labels (i.e.: Logical AND, not OR) [!8849](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8849) -- Renamed parameter `branch_name` to `branch` on the following endpoints [!8936](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8936) - - `POST /projects/:id/repository/branches` - - `POST /projects/:id/repository/commits` - - `POST/PUT/DELETE :id/repository/files` -- Renamed the `merge_when_build_succeeds` parameter to `merge_when_pipeline_succeeds` on the following endpoints: [!9335](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/) - - `PUT /projects/:id/merge_requests/:merge_request_id/merge` - - `POST /projects/:id/merge_requests/:merge_request_id/cancel_merge_when_pipeline_succeeds` - - `POST /projects` - - `POST /projects/user/:user_id` - - `PUT /projects/:id` -- Renamed `branch_name` to `branch` on `DELETE /projects/:id/repository/branches/:branch` response [!8936](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8936) -- Remove `public` parameter from create and edit actions of projects [!8736](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8736) -- Remove `subscribed` field from responses returning list of issues or merge - requests. Fetch individual issues or merge requests to obtain the value - of `subscribed` - [!9661](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9661) -- Use `visibility` as string parameter everywhere [!9337](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9337) -- Notes do not return deprecated field `upvote` and `downvote` [!9384](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9384) -- Return HTTP status code `400` for all validation errors when creating or updating a member instead of sometimes `422` error. [!9523](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9523) -- Remove `GET /groups/owned`. Use `GET /groups?owned=true` instead [!9505](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9505) -- Return 202 with JSON body on asynchronous removals on V4 API (`DELETE /projects/:id/repository/merged_branches` and `DELETE /projects/:id`) [!9449](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9449) -- `GET /projects/:id/milestones?iid[]=x&iid[]=y` array filter has been renamed to `iids` [!9096](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9096) -- Return basic information about pipeline in `GET /projects/:id/pipelines` [!8875](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8875) -- Renamed all `build` references to `job` [!9463](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9463) -- Drop `GET /projects/:id/repository/commits/:sha/jobs` [!9463](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9463) -- Rename Build Triggers to be Pipeline Triggers API [!9713](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9713) - - `POST /projects/:id/trigger/builds` to `POST /projects/:id/trigger/pipeline` - - Require description when creating a new trigger `POST /projects/:id/triggers` -- Simplify project payload exposed on Environment endpoints [!9675](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9675) -- API uses merge request `IID`s (internal ID, as in the web UI) rather than `ID`s. This affects the merge requests, award emoji, to-dos, and time tracking APIs. [!9530](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9530) -- API uses issue `IID`s (internal ID, as in the web UI) rather than `ID`s. This affects the issues, award emoji, to-dos, and time tracking APIs. [!9530](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9530) -- Change initial page from `0` to `1` on `GET /projects/:id/repository/commits` (like on the rest of the API) [!9679](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9679) -- Return correct `Link` header data for `GET /projects/:id/repository/commits` [!9679](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9679) -- Update endpoints for repository files [!9637](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9637) - - Moved `GET /projects/:id/repository/files?file_path=:file_path` to `GET /projects/:id/repository/files/:file_path` (`:file_path` should be URL-encoded) - - `GET /projects/:id/repository/blobs/:sha` now returns JSON attributes for the blob identified by `:sha`, instead of finding the commit identified by `:sha` and returning the raw content of the blob in that commit identified by the required `?filepath=:filepath` - - Moved `GET /projects/:id/repository/commits/:sha/blob?file_path=:file_path` and `GET /projects/:id/repository/blobs/:sha?file_path=:file_path` to `GET /projects/:id/repository/files/:file_path/raw?ref=:sha` - - `GET /projects/:id/repository/tree` parameter `ref_name` has been renamed to `ref` for consistency -- `confirm` parameter for `POST /users` has been deprecated in favor of `skip_confirmation` parameter +- [GitLab v3 API documentation](https://gitlab.com/gitlab-org/gitlab-foss/-/blob/8-16-stable/doc/api/README.md) +- [Migration guide](https://gitlab.com/gitlab-org/gitlab-foss/-/blob/11-0-stable/doc/api/v3_to_v4.md) from + v3 to v4 diff --git a/doc/api/version.md b/doc/api/version.md index 83b05dff1c8..313ba4da7d4 100644 --- a/doc/api/version.md +++ b/doc/api/version.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Create +group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- diff --git a/doc/api/vulnerabilities.md b/doc/api/vulnerabilities.md index a7412ca97f1..5ec769df08c 100644 --- a/doc/api/vulnerabilities.md +++ b/doc/api/vulnerabilities.md @@ -18,7 +18,7 @@ WARNING: This API is in the process of being deprecated and considered unstable. The response payload may be subject to change or breakage across GitLab releases. Please use the -[GraphQL API](graphql/reference/index.md#vulnerabilities) +[GraphQL API](graphql/reference/index.md#queryvulnerabilities) instead. Every API call to vulnerabilities must be [authenticated](README.md#authentication). diff --git a/doc/architecture/blueprints/ci_scale/ci_builds_cumulative_forecast.png b/doc/architecture/blueprints/ci_scale/ci_builds_cumulative_forecast.png Binary files differnew file mode 100644 index 00000000000..fa34c7d1c36 --- /dev/null +++ b/doc/architecture/blueprints/ci_scale/ci_builds_cumulative_forecast.png diff --git a/doc/architecture/blueprints/ci_scale/ci_builds_daily_forecast.png b/doc/architecture/blueprints/ci_scale/ci_builds_daily_forecast.png Binary files differnew file mode 100644 index 00000000000..b73a592fa6b --- /dev/null +++ b/doc/architecture/blueprints/ci_scale/ci_builds_daily_forecast.png diff --git a/doc/architecture/blueprints/ci_scale/index.md b/doc/architecture/blueprints/ci_scale/index.md new file mode 100644 index 00000000000..99997e7b19b --- /dev/null +++ b/doc/architecture/blueprints/ci_scale/index.md @@ -0,0 +1,205 @@ +--- +stage: none +group: unassigned +comments: false +description: 'Improve scalability of GitLab CI/CD' +--- + +# Next CI/CD scale target: 20M builds per day by 2024 + +## Summary + +GitLab CI/CD is one of the most data and compute intensive components of GitLab. +Since its [initial release in November 2012](https://about.gitlab.com/blog/2012/11/13/continuous-integration-server-from-gitlab/), +the CI/CD subsystem has evolved significantly. It was [integrated into GitLab in September 2015](https://about.gitlab.com/releases/2015/09/22/gitlab-8-0-released/) +and has become [one of the most beloved CI/CD solutions](https://about.gitlab.com/blog/2017/09/27/gitlab-leader-continuous-integration-forrester-wave/). + +GitLab CI/CD has come a long way since the initial release, but the design of +the data storage for pipeline builds remains almost the same since 2012. We +store all the builds in PostgreSQL in `ci_builds` table, and because we are +creating more than [2 million builds each day on GitLab.com](https://docs.google.com/spreadsheets/d/17ZdTWQMnTHWbyERlvj1GA7qhw_uIfCoI5Zfrrsh95zU), +we are reaching database limits that are slowing our development velocity down. + +On February 1st, 2021, a billionth CI/CD job was created and the number of +builds is growing exponentially. We will run out of the available primary keys +for builds before December 2021 unless we improve the database model used to +store CI/CD data. + +We expect to see 20M builds created daily on GitLab.com in the first half of +2024. + + + +## Goals + +**Enable future growth by making processing 20M builds in a day possible.** + +## Challenges + +The current state of CI/CD product architecture needs to be updated if we want +to sustain future growth. + +### We are running out of the capacity to store primary keys + +The primary key in `ci_builds` table is an integer generated in a sequence. +Historically, Rails used to use [integer](https://www.postgresql.org/docs/9.1/datatype-numeric.html) +type when creating primary keys for a table. We did use the default when we +[created the `ci_builds` table in 2012](https://gitlab.com/gitlab-org/gitlab/-/blob/046b28312704f3131e72dcd2dbdacc5264d4aa62/db/ci/migrate/20121004165038_create_builds.rb). +[The behavior of Rails has changed](https://github.com/rails/rails/pull/26266) +since the release of Rails 5. The framework is now using bigint type that is 8 +bytes long, however we have not migrated primary keys for `ci_builds` table to +bigint yet. + +We will run out of the capacity of the integer type to store primary keys in +`ci_builds` table before December 2021. When it happens without a viable +workaround or an emergency plan, GitLab.com will go down. + +`ci_builds` is just one of the tables that are running out of the primary keys +available in Int4 sequence. There are multiple other tables storing CI/CD data +that have the same problem. + +Primary keys problem will be tackled by our Database Team. + +### The table is too large + +There is more than a billion rows in `ci_builds` table. We store more than 2 +terabytes of data in that table, and the total size of indexes is more than 1 +terabyte (as of February 2021). + +This amount of data contributes to a significant performance problems we +experience on our primary PostgreSQL database. + +Most of the problem are related to how PostgreSQL database works internally, +and how it is making use of resources on a node the database runs on. We are at +the limits of vertical scaling of the primary database nodes and we frequently +see a negative impact of the `ci_builds` table on the overall performance, +stability, scalability and predictability of the database GitLab.com depends +on. + +The size of the table also hinders development velocity because queries that +seem fine in the development environment may not work on GitLab.com. The +difference in the dataset size between the environments makes it difficult to +predict the performance of even the most simple queries. + +We also expect a significant, exponential growth in the upcoming years. + +One of the forecasts done using [Facebook's +Prophet](https://facebook.github.io/prophet/) shows that in the first half of +2024 we expect seeing 20M builds created on GitLab.com each day. In comparison +to around 2M we see created today, this is 10x growth our product might need to +sustain in upcoming years. + + + +### Queuing mechanisms are using the large table + +Because of how large the table is, mechanisms that we use to build queues of +pending builds (there is more than one queue), are not very efficient. Pending +builds represent a small fraction of what we store in the `ci_builds` table, +yet we need to find them in this big dataset to determine an order in which we +want to process them. + +This mechanism is very inefficient, and it has been causing problems on the +production environment frequently. This usually results in a significant drop +of the CI/CD apdex score, and sometimes even causes a significant performance +degradation in the production environment. + +There are multiple other strategies that can improve performance and +reliability. We can use [Redis +queuing](https://gitlab.com/gitlab-org/gitlab/-/issues/322972), or [a separate +table that will accelerate SQL queries used to build +queues](https://gitlab.com/gitlab-org/gitlab/-/issues/322766) and we want to +explore them. + +### Moving big amounts of data is challenging + +We store a significant amount of data in `ci_builds` table. Some of the columns +in that table store a serialized user-provided data. Column `ci_builds.options` +stores more than 600 gigabytes of data, and `ci_builds.yaml_variables` more +than 300 gigabytes (as of February 2021). + +It is a lot of data that needs to be reliably moved to a different place. +Unfortunately, right now, our [background +migrations](https://docs.gitlab.com/ee/development/background_migrations.html) +are not reliable enough to migrate this amount of data at scale. We need to +build mechanisms that will give us confidence in moving this data between +columns, tables, partitions or database shards. + +Effort to improve background migrations will be owned by our Database Team. + +### Development velocity is negatively affected + +Team members and the wider community members are struggling to contribute the +Verify area, because we restricted the possibility of extending `ci_builds` +even further. Our static analysis tools prevent adding more columns to this +table. Adding new queries is unpredictable because of the size of the dataset +and the amount of queries executed using the table. This significantly hinders +the development velocity and contributes to incidents on the production +environment. + +## Proposal + +Making GitLab CI/CD product ready for the scale we expect to see in the +upcoming years is a multi-phase effort. + +First, we want to focus on things that are urgently needed right now. We need +to fix primary keys overflow risk and unblock other teams that are working on +database partitioning and sharding. + +We want to improve situation around bottlenecks that are known already, like +queuing mechanisms using the large table and things that are holding other +teams back. + +Extending CI/CD metrics is important to get a better sense of how the system +performs and to what growth should we expect. This will make it easier for us +to identify bottlenecks and perform more advanced capacity planning. + +As we work on first iterations we expect our Database Sharding team and +Database Scalability Working Group to make progress on patterns we will be able +to use to partition the large CI/CD dataset. We consider the strong time-decay +effect, related to the diminishing importance of pipelines with time, as an +opportunity we might want to seize. + +## Iterations + +Work required to achieve our next CI/CD scaling target is tracked in the +[GitLab CI/CD 20M builds per day scaling +target](https://gitlab.com/groups/gitlab-org/-/epics/5745) epic. + +## Status + +In progress. + +## Who + +Proposal: + +<!-- vale gitlab.Spelling = NO --> + +| Role | Who +|------------------------------|-------------------------| +| Author | Grzegorz Bizon | +| Architecture Evolution Coach | Kamil Trzciński | +| Engineering Leader | Darby Frey | +| Product Manager | Jackie Porter | +| Domain Expert / Verify | Fabio Pitino | +| Domain Expert / Database | Jose Finotto | +| Domain Expert / PostgreSQL | Nikolay Samokhvalov | + +DRIs: + +| Role | Who +|------------------------------|------------------------| +| Leadership | Darby Frey | +| Product | Jackie Porter | +| Engineering | Grzegorz Bizon | + +Domain experts: + +| Area | Who +|------------------------------|------------------------| +| Domain Expert / Verify | Fabio Pitino | +| Domain Expert / Database | Jose Finotto | +| Domain Expert / PostgreSQL | Nikolay Samokhvalov | + +<!-- vale gitlab.Spelling = YES --> diff --git a/doc/architecture/blueprints/container_registry_metadata_database/index.md b/doc/architecture/blueprints/container_registry_metadata_database/index.md index 4e40f249e56..86628b31536 100644 --- a/doc/architecture/blueprints/container_registry_metadata_database/index.md +++ b/doc/architecture/blueprints/container_registry_metadata_database/index.md @@ -26,7 +26,7 @@ graph LR R -- Write/read metadata --> B ``` -Client applications (e.g. GitLab Rails and Docker CLI) interact with the Container Registry through its [HTTP API](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs/spec/api.md). The most common operations are pushing and pulling images to/from the registry, which require a series of HTTP requests in a specific order. The request flow for these operations is detailed [here](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs-gitlab/push-pull-request-flow.md). +Client applications (e.g. GitLab Rails and Docker CLI) interact with the Container Registry through its [HTTP API](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs/spec/api.md). The most common operations are pushing and pulling images to/from the registry, which require a series of HTTP requests in a specific order. The request flow for these operations is detailed in the [Request flow](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs-gitlab/push-pull-request-flow.md). The registry supports multiple [storage backends](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs/configuration.md#storage), including Google Cloud Storage (GCS) which is used for the GitLab.com registry. In the storage backend, images are stored as blobs, deduplicated, and shared across repositories. These are then linked (like a symlink) to each repository that relies on them, giving them access to the central storage location. @@ -156,7 +156,7 @@ Running *online* and [*post deployment*](../../../development/post_deployment_mi The registry database will be partitioned from start to achieve greater performance (by limiting the amount of data to act upon and enable parallel execution), easier maintenance (by splitting tables and indexes into smaller units), and high availability (with partition independence). By partitioning the database from start we can also facilitate a sharding implementation later on if necessary. -Although blobs are shared across repositories, manifest and tag metadata are scoped by repository. This is also visible at the API level, where all write and read requests (except [listing repositories](https://gitlab.com/gitlab-org/container-registry/-/blob/a113d0f0ab29b49cf88e173ee871893a9fc56a90/docs/spec/api.md#listing-repositories)) are scoped by repository, with its namespace being part of the request URI. For this reason, after [identifying access patterns](https://gitlab.com/gitlab-org/gitlab/-/issues/234255), we decided to partition manifests and tags by repository and blobs by digest, ensuring that lookups are always performed by partition key for optimal performance. The initial version of the partitioned schema was documented [here](https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests/60918). +Although blobs are shared across repositories, manifest and tag metadata are scoped by repository. This is also visible at the API level, where all write and read requests (except [listing repositories](https://gitlab.com/gitlab-org/container-registry/-/blob/a113d0f0ab29b49cf88e173ee871893a9fc56a90/docs/spec/api.md#listing-repositories)) are scoped by repository, with its namespace being part of the request URI. For this reason, after [identifying access patterns](https://gitlab.com/gitlab-org/gitlab/-/issues/234255), we decided to partition manifests and tags by repository and blobs by digest, ensuring that lookups are always performed by partition key for optimal performance. The initial version of the partitioned schema was documented [in a merge request](https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests/60918). #### GitLab.com diff --git a/doc/architecture/blueprints/database_testing/index.md b/doc/architecture/blueprints/database_testing/index.md index a333ac12ef3..162b112732c 100644 --- a/doc/architecture/blueprints/database_testing/index.md +++ b/doc/architecture/blueprints/database_testing/index.md @@ -79,7 +79,7 @@ Database Lab provides an API we can interact with to manage thin clones. In orde The short-term focus is on testing regular migrations (typically schema changes) and using the existing Database Lab instance from postgres.ai for it. -In order to secure this process and meet compliance goals, the runner environment will be treated as a *production* environment and similarly locked down, monitored and audited. Only Database Maintainers will have access to the CI pipeline and its job output. Everyone else will only be able to see the results and statistics posted back on the merge request. +In order to secure this process and meet compliance goals, the runner environment is treated as a *production* environment and similarly locked down, monitored and audited. Only Database Maintainers have access to the CI pipeline and its job output. Everyone else can only see the results and statistics posted back on the merge request. We implement a secured CI pipeline on <https://ops.gitlab.net> that adds the execution steps outlined above. The goal is to secure this pipeline in order to solve the following problem: @@ -117,7 +117,7 @@ An alternative approach we have discussed and abandoned is to "scrub" and anonym - Anonymization is complex by nature - it is a hard problem to call a "scrubbed clone" actually safe to work with in public. Different data types may require different anonymization techniques (e.g. anonymizing sensitive information inside a JSON field) and only focusing on one attribute at a time does not guarantee that a dataset is fully anonymized (for example join attacks or using timestamps in conjunction to public profiles/projects to de-anonymize users by there activity). - Anonymization requires an additional process to keep track and update the set of attributes considered as sensitive, ongoing maintenance and security reviews every time the database schema changes. - Annotating data as "sensitive" is error prone, with the wrong anonymization approach used for a data type or one sensitive attribute accidentally not marked as such possibly leading to a data breach. -- Scrubbing not only removes sensitive data, but also changes data distribution, which greatly affects performance of migrations and queries. +- Scrubbing not only removes sensitive data, but it also changes data distribution, which greatly affects performance of migrations and queries. - Scrubbing heavily changes the database contents, potentially updating a lot of data, which leads to different data storage details (think MVC bloat), affecting performance of migrations and queries. ## Who diff --git a/doc/architecture/blueprints/graphql_api/index.md b/doc/architecture/blueprints/graphql_api/index.md index 99047eb5964..b856f7d96ad 100644 --- a/doc/architecture/blueprints/graphql_api/index.md +++ b/doc/architecture/blueprints/graphql_api/index.md @@ -143,11 +143,17 @@ state synchronization mechanisms and hooking into existing ones. ## Iterations -1. [Build comprehensive Grafana dashboard for GraphQL](https://gitlab.com/groups/gitlab-com/-/epics/1343) -1. [Improve logging of GraphQL requests in Elastic](https://gitlab.com/groups/gitlab-org/-/epics/4646) +### In the scope of the blueprint + +1. [GraphQL API architecture](https://gitlab.com/groups/gitlab-org/-/epics/5842) + 1. [Build comprehensive Grafana dashboard for GraphQL](https://gitlab.com/groups/gitlab-org/-/epics/5841) + 1. [Improve logging of GraphQL requests in Elastic](https://gitlab.com/groups/gitlab-org/-/epics/4646) + 1. [Build GraphQL query correlation mechanisms](https://gitlab.com/groups/gitlab-org/-/epics/5320) + 1. [Design a better data-informed deprecation policy](https://gitlab.com/groups/gitlab-org/-/epics/5321) + +### Future iterations + 1. [Build a scalable state synchronization for GraphQL](https://gitlab.com/groups/gitlab-org/-/epics/5319) -1. [Build GraphQL feature-to-query correlation mechanisms](https://gitlab.com/groups/gitlab-org/-/epics/5320) -1. [Design a better data-informed deprecation policy](https://gitlab.com/groups/gitlab-org/-/epics/5321) 1. [Add support for direct uploads for GraphQL](https://gitlab.com/gitlab-org/gitlab/-/issues/280819) 1. [Review GraphQL design choices related to security](https://gitlab.com/gitlab-org/security/gitlab/-/issues/339) @@ -179,6 +185,11 @@ DRIs: | Leadership | Darva Satcher | | Product | Patrick Deuley | | Engineering | Paul Slaughter | + +Domain Experts: + +| Area | Who +|------------------------------|------------------------| | Domain Expert / GraphQL | Charlie Ablett | | Domain Expert / GraphQL | Alex Kalderimis | | Domain Expert / GraphQL | Natalia Tepluhina | diff --git a/doc/architecture/blueprints/image_resizing/index.md b/doc/architecture/blueprints/image_resizing/index.md index 686a2f9c8f5..26c15d7a035 100644 --- a/doc/architecture/blueprints/image_resizing/index.md +++ b/doc/architecture/blueprints/image_resizing/index.md @@ -35,10 +35,10 @@ sequenceDiagram Content image resizing is a more complex problem to tackle. There are no set size restrictions and there are additional features or requirements to consider. -- Dynamic WebP support - the WebP format typically achieves an average of 30% more compression than JPEG without the loss of image quality. More details [here](https://developers.google.com/speed/webp/docs/c_study) +- Dynamic WebP support - the WebP format typically achieves an average of 30% more compression than JPEG without the loss of image quality. More details are in [this Google Comparative Study](https://developers.google.com/speed/webp/docs/c_study) - Extract first image of GIF's so we can prevent from loading 10MB pixels - Check Device Pixel Ratio to deliver nice images on High DPI screens -- Progressive image loading, similar to what is described [here](https://www.sitepoint.com/how-to-build-your-own-progressive-image-loader/) +- Progressive image loading, similar to what is described in [this article about how to build a progressive image loader](https://www.sitepoint.com/how-to-build-your-own-progressive-image-loader/) - Resizing recommendations (size, clarity, etc.) - Storage diff --git a/doc/ci/README.md b/doc/ci/README.md index b0ebbf920f9..30a6668dbfd 100644 --- a/doc/ci/README.md +++ b/doc/ci/README.md @@ -21,8 +21,6 @@ Out-of-the-box management systems can decrease hours spent on maintaining toolch Watch our ["Mastering continuous software development"](https://about.gitlab.com/webcast/mastering-ci-cd/) webcast to learn about continuous methods and how the GitLab built-in CI can help you simplify and scale software development. -## Overview - Continuous Integration works by pushing small code chunks to your application's codebase hosted in a Git repository, and to every push, run a pipeline of scripts to build, test, and validate the @@ -50,42 +48,6 @@ read the [Introduction to CI/CD with GitLab](introduction/index.md). <iframe src="https://www.youtube.com/embed/1iXFbchozdY" frameborder="0" allowfullscreen="true"> </iframe> </figure> -## Getting started - -GitLab CI/CD is configured by a file called `.gitlab-ci.yml` placed -at the repository's root. This file creates a [pipeline](pipelines/index.md), which runs for changes to the code in the repository. Pipelines consist of one or more stages that run in order and can each contain one or more jobs that run in parallel. These jobs (or scripts) get executed by the [GitLab Runner](https://docs.gitlab.com/runner/) agent. - -To get started with GitLab CI/CD, we recommend you read through -the following documents: - -- [Get started with GitLab CI/CD](quick_start/index.md). -- [Fundamental pipeline architectures](pipelines/pipeline_architectures.md). -- [GitLab CI/CD basic workflow](introduction/index.md#gitlab-cicd-workflow). -- [Step-by-step guide for writing `.gitlab-ci.yml` for the first time](../user/project/pages/getting_started/pages_from_scratch.md). - -If you're migrating from another CI/CD tool, check out our handy references: - -- [Migrating from CircleCI](migration/circleci.md) -- [Migrating from Jenkins](migration/jenkins.md) - -You can also get started by using one of the -[`.gitlab-ci.yml` templates](https://gitlab.com/gitlab-org/gitlab-foss/tree/master/lib/gitlab/ci/templates) -available through the UI. You can use them by creating a new file, -choosing a template that suits your application, and adjusting it -to your needs: - - - -While building your `.gitlab-ci.yml`, you can use the [CI/CD configuration visualization](pipeline_editor/index.md#visualize-ci-configuration) to facilitate your writing experience. - -For a broader overview, see the [CI/CD getting started](quick_start/index.md) guide. - -After you're familiar with how GitLab CI/CD works, see the -[`.gitlab-ci.yml` full reference](yaml/README.md) -for all the attributes you can set and use. - -GitLab CI/CD and [shared runners](runners/README.md#shared-runners) are enabled on GitLab.com and available for all users, limited only by the [pipeline quota](../user/gitlab_com/index.md#shared-runners). - ## Concepts GitLab CI/CD uses a number of concepts to describe and run your build and deploy. diff --git a/doc/ci/cloud_deployment/ecs/quick_start_guide.md b/doc/ci/cloud_deployment/ecs/quick_start_guide.md index b9ed38c2c03..a801be549df 100644 --- a/doc/ci/cloud_deployment/ecs/quick_start_guide.md +++ b/doc/ci/cloud_deployment/ecs/quick_start_guide.md @@ -65,7 +65,7 @@ GitLab [Auto Build](../../../topics/autodevops/stages.md#auto-build) and [Container Registry](../../../user/packages/container_registry/index.md). 1. Go to **ecs-demo** project on GitLab. -1. Click **Setup up CI/CD**. It brings you to a [`.gitlab-ci.yml`](../../README.md#getting-started) +1. Click **Setup up CI/CD**. It brings you to a `.gitlab-ci.yml` creation form. 1. Copy and paste the following content into the empty `.gitlab-ci.yml`. This defines [a pipeline for continuous deployment to ECS](../index.md#deploy-your-application-to-the-aws-elastic-container-service-ecs). @@ -77,9 +77,9 @@ and [Container Registry](../../../user/packages/container_registry/index.md). 1. Click **Commit Changes**. It automatically triggers a new pipeline. In this pipeline, the `build` job containerizes the application and pushes the image to [GitLab Container Registry](../../../user/packages/container_registry/index.md). - +  - + 1. Visit **Packages & Registries > Container Registry**. Make sure the application image has been pushed. @@ -232,7 +232,7 @@ These variables are injected into the pipeline jobs and can access the ECS API. Change a file in the project and see if it's reflected in the demo application on ECS: 1. Go to **ecs-demo** project on GitLab. -1. Open the file at **app > views > welcome > index.html.erb**. +1. Open the file at **app > views > welcome > `index.html.erb`**. 1. Click **Edit**. 1. Change the text to `You're on ECS!`. 1. Click **Commit Changes**. This automatically triggers a new pipeline. Wait until it finishes. diff --git a/doc/ci/directed_acyclic_graph/index.md b/doc/ci/directed_acyclic_graph/index.md index 5089aa6c9a5..dab9d8b78ae 100644 --- a/doc/ci/directed_acyclic_graph/index.md +++ b/doc/ci/directed_acyclic_graph/index.md @@ -94,3 +94,5 @@ To see the needs visualization, click on the **Needs** tab when viewing a pipeli Clicking a node highlights all the job paths it depends on.  + +You can also see `needs` relationships in [full pipeline graphs](../pipelines/index.md#view-full-pipeline-graph). diff --git a/doc/ci/environments/deployment_safety.md b/doc/ci/environments/deployment_safety.md index e38d9031ffd..6fda6bb0d8b 100644 --- a/doc/ci/environments/deployment_safety.md +++ b/doc/ci/environments/deployment_safety.md @@ -154,7 +154,7 @@ If you have multiple jobs for the same environment (including non-deployment job build:service-a: environment: name: production - + build:service-b: environment: name: production diff --git a/doc/ci/environments/index.md b/doc/ci/environments/index.md index 55d83887423..06618a820db 100644 --- a/doc/ci/environments/index.md +++ b/doc/ci/environments/index.md @@ -400,8 +400,8 @@ stop_review: when: manual ``` -Both jobs must have the same [`rules`](../yaml/README.md#onlyexcept-basic) -or [`only/except`](../yaml/README.md#onlyexcept-basic) configuration. Otherwise, +Both jobs must have the same [`rules`](../yaml/README.md#only--except) +or [`only/except`](../yaml/README.md#only--except) configuration. Otherwise, the `stop_review` job might not be included in all pipelines that include the `deploy_review` job, and you cannot trigger `action: stop` to stop the environment automatically. @@ -676,6 +676,7 @@ fetch = +refs/environments/*:refs/remotes/origin/environments/* > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2112) in [GitLab Premium](https://about.gitlab.com/pricing/) 9.4. > - [Environment scoping for CI/CD variables was moved to all tiers](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/30779) in GitLab 12.2. +> - [Environment scoping for Group CI/CD variables](https://gitlab.com/gitlab-org/gitlab/-/issues/2874) added to GitLab Premium in 13.11. You can limit the environment scope of a CI/CD variable by defining which environments it can be available for. diff --git a/doc/ci/examples/artifactory_and_gitlab/index.md b/doc/ci/examples/artifactory_and_gitlab/index.md deleted file mode 100644 index a1a7de26cf2..00000000000 --- a/doc/ci/examples/artifactory_and_gitlab/index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: '../README.md#contributed-examples' ---- - -This document was moved to [another location](../README.md#contributed-examples). - -<!-- This redirect file can be deleted after 2021-04-18. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/examples/deploy_spring_boot_to_cloud_foundry/index.md b/doc/ci/examples/deploy_spring_boot_to_cloud_foundry/index.md deleted file mode 100644 index a1a7de26cf2..00000000000 --- a/doc/ci/examples/deploy_spring_boot_to_cloud_foundry/index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: '../README.md#contributed-examples' ---- - -This document was moved to [another location](../README.md#contributed-examples). - -<!-- This redirect file can be deleted after 2021-04-18. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/examples/devops_and_game_dev_with_gitlab_ci_cd/index.md b/doc/ci/examples/devops_and_game_dev_with_gitlab_ci_cd/index.md deleted file mode 100644 index 9408c26f06f..00000000000 --- a/doc/ci/examples/devops_and_game_dev_with_gitlab_ci_cd/index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: '../README.md#contributed-examples' ---- - -This document was moved to [another location](../README.md#contributed-examples). - -<!-- This redirect file can be deleted after 2021-04-19. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/examples/test-scala-application.md b/doc/ci/examples/test-scala-application.md deleted file mode 100644 index 057b950289d..00000000000 --- a/doc/ci/examples/test-scala-application.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: 'README.md#contributed-examples' ---- - -This document was moved to [another location](README.md#contributed-examples). - -<!-- This redirect file can be deleted after 2021-04-18. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/examples/test_phoenix_app_with_gitlab_ci_cd/index.md b/doc/ci/examples/test_phoenix_app_with_gitlab_ci_cd/index.md deleted file mode 100644 index 057b6ec126f..00000000000 --- a/doc/ci/examples/test_phoenix_app_with_gitlab_ci_cd/index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: '../README.md' ---- - -This example is no longer available. [View other examples](../README.md). - -<!-- This redirect file can be deleted after <2021-04-05>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/jobs/index.md b/doc/ci/jobs/index.md index 1a31db09c92..a20fa1f8aa9 100644 --- a/doc/ci/jobs/index.md +++ b/doc/ci/jobs/index.md @@ -65,7 +65,7 @@ you can also see the reason it failed on the Job detail page. The order of jobs in a pipeline depends on the type of pipeline graph. -- For [regular pipeline graphs](../pipelines/index.md#regular-pipeline-graphs), jobs are sorted by name. +- For [full pipeline graphs](../pipelines/index.md#view-full-pipeline-graph), jobs are sorted by name. - For [pipeline mini graphs](../pipelines/index.md#pipeline-mini-graphs), jobs are sorted by severity and then by name. The order of severity is: diff --git a/doc/ci/jobs/job_control.md b/doc/ci/jobs/job_control.md new file mode 100644 index 00000000000..6e9197c223b --- /dev/null +++ b/doc/ci/jobs/job_control.md @@ -0,0 +1,317 @@ +--- +stage: Verify +group: Continuous Integration +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Choose when to run jobs **(FREE)** + +When a new pipeline starts, GitLab checks the pipeline configuration to determine +which jobs should run in that pipeline. You can configure jobs to run depending on +the status of variables, the pipeline type, and so on. + +To configure a job to be included or excluded from certain pipelines, you can use: + +- [`rules`](../yaml/README.md#rules) +- [`only`](../yaml/README.md#only--except) +- [`except`](../yaml/README.md#only--except) + +Use [`needs`](../yaml/README.md#needs) to configure a job to run as soon as the +earlier jobs it depends on finish running. + +## Specify when jobs run with `only` and `except` + +You can use [`only`](../yaml/README.md#only--except) and [`except`](../yaml/README.md#only--except) +to control when to add jobs to pipelines. + +- Use `only` to define when a job runs. +- Use `except` to define when a job **does not** run. + +### `only:refs` / `except:refs` examples + +`only` or `except` used without `refs` is the same as +[`only:refs` / `except/refs`](../yaml/README.md#onlyrefs--exceptrefs) + +In the following example, `job` runs only for: + +- Git tags +- [Triggers](../triggers/README.md#trigger-token) +- [Scheduled pipelines](../pipelines/schedules.md) + +```yaml +job: + # use special keywords + only: + - tags + - triggers + - schedules +``` + +To execute jobs only for the parent repository and not forks: + +```yaml +job: + only: + - branches@gitlab-org/gitlab + except: + - main@gitlab-org/gitlab + - /^release/.*$/@gitlab-org/gitlab +``` + +This example runs `job` for all branches on `gitlab-org/gitlab`, +except `main` and branches that start with `release/`. + +### `only: variables` / `except: variables` examples + +You can use [`except:variables`](../yaml/README.md#onlyvariables--exceptvariables) to exclude jobs based on a commit message: + +```yaml +end-to-end: + script: rake test:end-to-end + except: + variables: + - $CI_COMMIT_MESSAGE =~ /skip-end-to-end-tests/ +``` + +You can use [parentheses](../variables/README.md#parentheses) with `&&` and `||` +to build more complicated variable expressions: + +```yaml +job1: + script: + - echo This rule uses parentheses. + only: + variables: + - ($CI_COMMIT_BRANCH == "master" || $CI_COMMIT_BRANCH == "develop") && $MY_VARIABLE +``` + +### `only:changes` / `except:changes` examples + +You can skip a job if a change is detected in any file with a +`.md` extension in the root directory of the repository: + +```yaml +build: + script: npm run build + except: + changes: + - "*.md" +``` + +If you change multiple files, but only one file ends in `.md`, +the `build` job is still skipped. The job does not run for any of the files. + +Read more about how to use `only:changes` and `except:changes`: + +- [New branches or tags *without* pipelines for merge requests](#use-onlychanges-without-pipelines-for-merge-requests). +- [Scheduled pipelines](#use-onlychanges-with-scheduled-pipelines). + +#### Use `only:changes` with pipelines for merge requests + +With [pipelines for merge requests](../merge_request_pipelines/index.md), +it's possible to define a job to be created based on files modified +in a merge request. + +Use this keyword with `only: [merge_requests]` so GitLab can find the correct base +SHA of the source branch. File differences are correctly calculated from any further +commits, and all changes in the merge requests are properly tested in pipelines. + +For example: + +```yaml +docker build service one: + script: docker build -t my-service-one-image:$CI_COMMIT_REF_SLUG . + only: + refs: + - merge_requests + changes: + - Dockerfile + - service-one/**/* +``` + +In this scenario, if a merge request changes +files in the `service-one` directory or the `Dockerfile`, GitLab creates +the `docker build service one` job. + +For example: + +```yaml +docker build service one: + script: docker build -t my-service-one-image:$CI_COMMIT_REF_SLUG . + only: + changes: + - Dockerfile + - service-one/**/* +``` + +In this example, the pipeline might fail because of changes to a file in `service-one/**/*`. + +A later commit that doesn't have changes in `service-one/**/*` +but does have changes to the `Dockerfile` can pass. The job +only tests the changes to the `Dockerfile`. + +GitLab checks the **most recent pipeline** that **passed**. If the merge request is mergeable, +it doesn't matter that an earlier pipeline failed because of a change that has not been corrected. + +When you use this configuration, ensure that the most recent pipeline +properly corrects any failures from previous pipelines. + +#### Use `only:changes` without pipelines for merge requests + +Without [pipelines for merge requests](../merge_request_pipelines/index.md), pipelines +run on branches or tags that don't have an explicit association with a merge request. +In this case, a previous SHA is used to calculate the diff, which is equivalent to `git diff HEAD~`. +This can result in some unexpected behavior, including: + +- When pushing a new branch or a new tag to GitLab, the policy always evaluates to true. +- When pushing a new commit, the changed files are calculated by using the previous commit + as the base SHA. + +#### Use `only:changes` with scheduled pipelines + +`only:changes` always evaluates as true in [Scheduled pipelines](../pipelines/schedules.md). +All files are considered to have changed when a scheduled pipeline runs. + +### Combine multiple keywords with `only` or `except` + +If you use multiple keywords with `only` or `except`, the keywords are evaluated +as a single conjoined expression. That is: + +- `only:` includes the job if **all** of the keys have at least one condition that matches. +- `except:` excludes the job if **any** of the keys have at least one condition that matches. + +With `only`, individual keys are logically joined by an `AND`. A job is added to +the pipeline if the following is true: + +- `(any listed refs are true) AND (any listed variables are true) AND (any listed changes are true) AND (any chosen Kubernetes status matches)` + +In the following example, the `test` job is only created when **all** of the following are true: + +- The pipeline is [scheduled](../pipelines/schedules.md) **or** runs for `main`. +- The `variables` keyword matches. +- The `kubernetes` service is active on the project. + +```yaml +test: + script: npm run test + only: + refs: + - main + - schedules + variables: + - $CI_COMMIT_MESSAGE =~ /run-end-to-end-tests/ + kubernetes: active +``` + +With `except`, individual keys are logically joined by an `OR`. A job is **not** +added if the following is true: + +- `(any listed refs are true) OR (any listed variables are true) OR (any listed changes are true) OR (a chosen Kubernetes status matches)` + +In the following example, the `test` job is **not** created when **any** of the following are true: + +- The pipeline runs for the `main` branch. +- There are changes to the `README.md` file in the root directory of the repository. + +```yaml +test: + script: npm run test + except: + refs: + - main + changes: + - "README.md" +``` + +## Use predefined CI/CD variables to run jobs only in specific pipeline types + +You can use [predefined CI/CD variables](../variables/predefined_variables.md) to choose +which pipeline types jobs run in, with: + +- [`rules`](../yaml/README.md#rules) +- [`only:variables`](../yaml/README.md#onlyvariables--exceptvariables) +- [`except:variables`](../yaml/README.md#onlyvariables--exceptvariables) + +The following table lists some of the variables that you can use, and the pipeline +types the variables can control for: + +- Branch pipelines that run for Git `push` events to a branch, like new commits or tags. +- Tag pipelines that run only when a new Git tag is pushed to a branch. +- [Merge request pipelines](../merge_request_pipelines/index.md) that run for changes + to a merge request, like new commits or selecting the **Run pipeline** button + in a merge request's pipelines tab. +- [Scheduled pipelines](../pipelines/schedules.md). + +| Variables | Branch | Tag | Merge request | Scheduled | +|--------------------------------------------|--------|-----|---------------|-----------| +| `CI_COMMIT_BRANCH` | Yes | | | Yes | +| `CI_COMMIT_TAG` | | Yes | | Yes, if the scheduled pipeline is configured to run on a tag. | +| `CI_PIPELINE_SOURCE = push` | Yes | Yes | | | +| `CI_PIPELINE_SOURCE = scheduled` | | | | Yes | +| `CI_PIPELINE_SOURCE = merge_request_event` | | | Yes | | +| `CI_MERGE_REQUEST_IID` | | | Yes | | + +For example, to configure a job to run for merge request pipelines and scheduled pipelines, +but not branch or tag pipelines: + +```yaml +job1: + script: + - echo + rules: + - if: $CI_PIPELINE_SOURCE == "merge_request_event" + - if: $CI_PIPELINE_SOURCE == "scheduled" + - if: $CI_PIPELINE_SOURCE == "push" + when: never +``` + +## Regular expressions + +The `@` symbol denotes the beginning of a ref's repository path. +To match a ref name that contains the `@` character in a regular expression, +you must use the hex character code match `\x40`. + +Only the tag or branch name can be matched by a regular expression. +The repository path, if given, is always matched literally. + +To match the tag or branch name, +the entire ref name part of the pattern must be a regular expression surrounded by `/`. +For example, you can't use `issue-/.*/` to match all tag names or branch names +that begin with `issue-`, but you can use `/issue-.*/`. + +Regular expression flags must be appended after the closing `/`. Pattern matching +is case-sensitive by default. Use the `i` flag modifier, like `/pattern/i`, to make +a pattern case-insensitive: + +```yaml +job: + # use regexp + only: + - /^issue-.*$/i + # use special keyword + except: + - branches +``` + +Use anchors `^` and `$` to avoid the regular expression +matching only a substring of the tag name or branch name. +For example, `/^issue-.*$/` is equivalent to `/^issue-/`, +while just `/issue/` would also match a branch called `severe-issues`. + +### `only` / `except` regex syntax + +In GitLab 11.9.4, GitLab began internally converting the regexp used +in `only` and `except` keywords to [RE2](https://github.com/google/re2/wiki/Syntax). + +[RE2](https://github.com/google/re2/wiki/Syntax) limits the set of available features +due to computational complexity, and some features, like negative lookaheads, became unavailable. +Only a subset of features provided by [Ruby Regexp](https://ruby-doc.org/core/Regexp.html) +are now supported. + +From GitLab 11.9.7 to GitLab 12.0, GitLab provided a feature flag to +let you use unsafe regexp syntax. After migrating to safe syntax, you should disable +this feature flag again: + +```ruby +Feature.enable(:allow_unsafe_ruby_regexp) +``` diff --git a/doc/ci/merge_request_pipelines/index.md b/doc/ci/merge_request_pipelines/index.md index 024155bdde7..a55804432ca 100644 --- a/doc/ci/merge_request_pipelines/index.md +++ b/doc/ci/merge_request_pipelines/index.md @@ -137,7 +137,7 @@ save resources. #### Excluding certain branches Pipelines for merge requests require special treatment when -using [`only`/`except`](../yaml/README.md#onlyexcept-basic). Unlike ordinary +using [`only`/`except`](../yaml/README.md#only--except). Unlike ordinary branch refs (for example `refs/heads/my-feature-branch`), merge request refs use a special Git reference that looks like `refs/merge-requests/:iid/head`. Because of this, the following configuration will **not** work as expected: @@ -153,7 +153,7 @@ Instead, you can use the [`$CI_COMMIT_REF_NAME` predefined environment variable](../variables/predefined_variables.md) in combination with -[`only:variables`](../yaml/README.md#onlyvariablesexceptvariables) to +[`only:variables`](../yaml/README.md#onlyvariables--exceptvariables) to accomplish this behavior: ```yaml diff --git a/doc/ci/migration/jenkins.md b/doc/ci/migration/jenkins.md index c7dd4a46137..c278160d5ee 100644 --- a/doc/ci/migration/jenkins.md +++ b/doc/ci/migration/jenkins.md @@ -349,8 +349,8 @@ variable entry. GitLab does support a [`when` keyword](../yaml/README.md#when) which is used to indicate when a job should be run in case of (or despite) failure, but most of the logic for controlling pipelines can be found in -our very powerful [`only/except` rules system](../yaml/README.md#onlyexcept-basic) -(see also our [advanced syntax](../yaml/README.md#onlyexcept-basic)): +our very powerful [`only/except` rules system](../yaml/README.md#only--except) +(see also our [advanced syntax](../yaml/README.md#only--except)): ```yaml my_job: diff --git a/doc/ci/multi_project_pipelines.md b/doc/ci/multi_project_pipelines.md index 28505fb7519..c1e552f5a9d 100644 --- a/doc/ci/multi_project_pipelines.md +++ b/doc/ci/multi_project_pipelines.md @@ -67,7 +67,7 @@ When using: - CI/CD Variables or [`rules`](yaml/README.md#rulesif) to control job behavior, the value of the [`$CI_PIPELINE_SOURCE` predefined variable](variables/predefined_variables.md) is `pipeline` for multi-project pipeline triggered through the API with `CI_JOB_TOKEN`. -- [`only/except`](yaml/README.md#onlyexcept-basic) to control job behavior, use the +- [`only/except`](yaml/README.md#only--except) to control job behavior, use the `pipelines` keyword. ## Creating multi-project pipelines from `.gitlab-ci.yml` @@ -113,7 +113,7 @@ When using: the [`$CI_PIPELINE_SOURCE` predefined variable](variables/predefined_variables.md) is `pipeline` for multi-project pipelines triggered with a bridge job (using the [`trigger:`](yaml/README.md#trigger) keyword). -- [`only/except`](yaml/README.md#onlyexcept-basic) to control job behavior, use the +- [`only/except`](yaml/README.md#only--except) to control job behavior, use the `pipelines` keyword. In the example, `staging` is marked as successful as soon as a downstream pipeline diff --git a/doc/ci/parent_child_pipelines.md b/doc/ci/parent_child_pipelines.md index bc1c02bc48c..1a0421258fd 100644 --- a/doc/ci/parent_child_pipelines.md +++ b/doc/ci/parent_child_pipelines.md @@ -38,7 +38,7 @@ set of concurrently running child pipelines, but within the same project: Child pipelines work well with other GitLab CI/CD features: -- Use [`only: changes`](yaml/README.md#onlychangesexceptchanges) to trigger pipelines only when +- Use [`only: changes`](yaml/README.md#onlychanges--exceptchanges) to trigger pipelines only when certain files change. This is useful for monorepos, for example. - Since the parent pipeline in `.gitlab-ci.yml` and the child pipeline run as normal pipelines, they can have their own behaviors and sequencing in relation to triggers. diff --git a/doc/ci/pipeline_editor/index.md b/doc/ci/pipeline_editor/index.md index 57aea5d493b..1527a05d3d7 100644 --- a/doc/ci/pipeline_editor/index.md +++ b/doc/ci/pipeline_editor/index.md @@ -15,6 +15,7 @@ the `.gitlab-ci.yml` file in the root of your repository. To access the editor, From the pipeline editor page you can: +- Select the branch to work from. [Introduced in GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/issues/326189), disabled by default. - [Validate](#validate-ci-configuration) your configuration syntax while editing the file. - Do a deeper [lint](#lint-ci-configuration) of your configuration, that verifies it with any configuration added with the [`include`](../yaml/README.md#include) keyword. @@ -53,14 +54,7 @@ reflected in the CI lint. It displays the same results as the existing [CI Lint > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/241722) in GitLab 13.5. > - [Moved to **CI/CD > Editor**](https://gitlab.com/gitlab-org/gitlab/-/issues/263141) in GitLab 13.7. -> - It was [deployed behind a feature flag](../../user/feature_flags.md), disabled by default. -> - [Became enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/290117) in GitLab 13.8. -> - It's enabled on GitLab.com. -> - It's recommended for production use. -> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-cicd-configuration-visualization). **(FREE SELF)** - -WARNING: -This feature might not be available to you. Check the **version history** note above for details. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/290117) in GitLab 13.12. To view a visualization of your `gitlab-ci.yml` configuration, in your project, go to **CI/CD > Editor**, and then select the **Visualize** tab. The @@ -77,30 +71,10 @@ Hover over a job to highlight its `needs` relationships: If the configuration does not have any `needs` relationships, then no lines are drawn because each job depends only on the previous stage being completed successfully. -### Enable or disable CI/CD configuration visualization **(FREE SELF)** - -CI/CD configuration visualization is under development but ready for production use. -It is deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) -can opt to disable it. - -To disable it: - -```ruby -Feature.disable(:ci_config_visualization_tab) -``` - -To enable it: - -```ruby -Feature.enable(:ci_config_visualization_tab) -``` - ## View expanded configuration > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/246801) in GitLab 13.9. -> - It is [deployed behind a feature flag](../../user/feature_flags.md), enabled by default. -> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-expanded-configuration). **(FREE SELF)** +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/301103) in GitLab 13.12. To view the fully expanded CI/CD configuration as one combined file, go to the pipeline editor's **View merged YAML** tab. This tab displays an expanded configuration @@ -111,25 +85,6 @@ where: [extended configuration merged into the job](../yaml/README.md#merge-details). - YAML anchors are [replaced with the linked configuration](../yaml/README.md#anchors). -### Enable or disable expanded configuration **(FREE SELF)** - -Expanded CI/CD configuration is under development and not ready for production use. -It is deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) -can opt to enable it. - -To disable it: - -```ruby -Feature.disable(:ci_config_merged_tab) -``` - -To enable it: - -```ruby -Feature.enable(:ci_config_merged_tab) -``` - ## Commit changes to CI configuration The commit form appears at the bottom of each tab in the editor so you can commit diff --git a/doc/ci/pipelines/img/pipelines_graph_dependency_view_hover_v13_12.png b/doc/ci/pipelines/img/pipelines_graph_dependency_view_hover_v13_12.png Binary files differnew file mode 100644 index 00000000000..e73845b39b0 --- /dev/null +++ b/doc/ci/pipelines/img/pipelines_graph_dependency_view_hover_v13_12.png diff --git a/doc/ci/pipelines/img/pipelines_graph_dependency_view_links_v13_12.png b/doc/ci/pipelines/img/pipelines_graph_dependency_view_links_v13_12.png Binary files differnew file mode 100644 index 00000000000..1ce77881bc4 --- /dev/null +++ b/doc/ci/pipelines/img/pipelines_graph_dependency_view_links_v13_12.png diff --git a/doc/ci/pipelines/img/pipelines_graph_dependency_view_v13_12.png b/doc/ci/pipelines/img/pipelines_graph_dependency_view_v13_12.png Binary files differnew file mode 100644 index 00000000000..41840108441 --- /dev/null +++ b/doc/ci/pipelines/img/pipelines_graph_dependency_view_v13_12.png diff --git a/doc/ci/pipelines/img/pipelines_graph_stage_view_v13_12.png b/doc/ci/pipelines/img/pipelines_graph_stage_view_v13_12.png Binary files differnew file mode 100644 index 00000000000..d7d8f3c63d2 --- /dev/null +++ b/doc/ci/pipelines/img/pipelines_graph_stage_view_v13_12.png diff --git a/doc/ci/pipelines/img/pipelines_v13_11.png b/doc/ci/pipelines/img/pipelines_v13_11.png Binary files differdeleted file mode 100644 index 8981f4ce860..00000000000 --- a/doc/ci/pipelines/img/pipelines_v13_11.png +++ /dev/null diff --git a/doc/ci/pipelines/index.md b/doc/ci/pipelines/index.md index 6d013a43583..fa8a4cedf6f 100644 --- a/doc/ci/pipelines/index.md +++ b/doc/ci/pipelines/index.md @@ -325,23 +325,81 @@ Pipelines can be complex structures with many sequential and parallel jobs. To make it easier to understand the flow of a pipeline, GitLab has pipeline graphs for viewing pipelines and their statuses. -Pipeline graphs can be displayed in two different ways, depending on the page you +Pipeline graphs can be displayed as a large graph or a miniature representation, depending on the page you access the graph from. GitLab capitalizes the stages' names in the pipeline graphs. -### Regular pipeline graphs +### View full pipeline graph -> - [Visualization improved](https://gitlab.com/gitlab-org/gitlab/-/issues/276949) in GitLab 13.11. +> - [Visualization improvements introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276949) in GitLab 13.11. -Regular pipeline graphs show the names of the jobs in each stage. Regular pipeline graphs can -be found when you are on a [single pipeline page](#view-pipelines). For example: +The [pipeline details page](#view-pipelines) displays the full pipeline graph of +all the jobs in the pipeline. - +You can group the jobs by: + +- Stage, which arranges jobs in the same stage together in the same column. + +  + +- [Job dependencies](#view-job-dependencies-in-the-pipeline-graph), which arranges + jobs based on their [`needs`](../yaml/README.md#needs) dependencies. [Multi-project pipeline graphs](../multi_project_pipelines.md#multi-project-pipeline-visualization) help you visualize the entire pipeline, including all cross-project inter-dependencies. **(PREMIUM)** +### View job dependencies in the pipeline graph + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/298973) in GitLab 13.12. +> - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. +> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/328538) in GitLab 13.12. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - To disable in GitLab self-managed instances, ask a GitLab administrator to [disable it](#enable-or-disable-job-dependency-view). **(FREE SELF)** + +This in-development feature might not be available for your use. There can be +[risks when enabling features still in development](../../user/feature_flags.md#risks-when-enabling-features-still-in-development). +Refer to this feature's version history for more details. + +You can arrange jobs in the pipeline graph based on their [`needs`](../yaml/README.md#needs) +dependencies. + +Jobs in the leftmost column run first, and jobs that depend on them are grouped in the next columns. + +For example, `build-job2` depends only on jobs in the first column, so it displays +in the second column from the left. `deploy-job2` depends on jobs in both the first +and second column and displays in the third column: + + + +To add lines that show the `needs` relationships between jobs, select the **Show dependencies** toggle. +These lines are similar to the [needs visualization](../directed_acyclic_graph/index.md#needs-visualization): + + + +To see the full `needs` dependency tree for a job, hover over it: + + + +#### Enable or disable job dependency view **(FREE SELF)** + +The job dependency view is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) +can disable it. + +To enable it: + +```ruby +Feature.enable(:pipeline_graph_layers_view) +``` + +To disable it: + +```ruby +Feature.disable(:pipeline_graph_layers_view) +``` + ### Pipeline mini graphs Pipeline mini graphs take less space and can tell you at a @@ -356,6 +414,8 @@ Pipeline mini graphs allow you to see all related jobs for a single commit and t of each stage of your pipeline. This allows you to quickly see what failed and fix it. +Pipeline mini graphs only display jobs by stage. + Stages in pipeline mini graphs are collapsible. Hover your mouse over them and click to expand their jobs. | Mini graph | Mini graph expanded | diff --git a/doc/ci/pipelines/job_artifacts.md b/doc/ci/pipelines/job_artifacts.md index fa97f9bd75d..76f05f5e1e7 100644 --- a/doc/ci/pipelines/job_artifacts.md +++ b/doc/ci/pipelines/job_artifacts.md @@ -118,7 +118,7 @@ job with the same name, the job artifact from the parent pipeline is returned. ## Access the latest job artifacts by URL -You can download the latest job artifacts by using a URL. +You can download job artifacts from the latest successful pipeline by using a URL. To download the whole artifacts archive: @@ -173,9 +173,8 @@ https://gitlab.com/gitlab-org/gitlab/-/jobs/artifacts/master/file/htmlcov/index. ## When job artifacts are deleted -By default, the latest job artifacts from the most recent successful jobs are never deleted. -If a job is configured with [`expire_in`](../yaml/README.md#artifactsexpire_in), -its artifacts only expire if a more recent artifact exists. +See the [`expire_in`](../yaml/README.md#artifactsexpire_in) documentation for information on when +job artifacts are deleted. ### Keep artifacts from most recent successful jobs diff --git a/doc/ci/pipelines/pipeline_artifacts.md b/doc/ci/pipelines/pipeline_artifacts.md index e405258092d..bc770dd3d90 100644 --- a/doc/ci/pipelines/pipeline_artifacts.md +++ b/doc/ci/pipelines/pipeline_artifacts.md @@ -15,4 +15,7 @@ Pipeline artifacts are used by the [test coverage visualization feature](../../u Pipeline artifacts are saved to disk or object storage. They count towards a project's [storage usage quota](../../user/usage_quotas.md#storage-usage-quota). The **Artifacts** on the Usage Quotas page is the sum of all job artifacts and pipeline artifacts. -Pipeline artifacts are erased after one week. +## When pipeline artifacts are deleted + +See the [`expire_in`](../yaml/README.md#artifactsexpire_in) documentation for information on when +pipeline artifacts are deleted. diff --git a/doc/ci/pipelines/pipeline_efficiency.md b/doc/ci/pipelines/pipeline_efficiency.md index faebf40462e..2deb3b27748 100644 --- a/doc/ci/pipelines/pipeline_efficiency.md +++ b/doc/ci/pipelines/pipeline_efficiency.md @@ -110,6 +110,8 @@ and get the pipeline status and duration. In combination with a Grafana dashboar this helps build an actionable view for your operations team. Metric graphs can also be embedded into incidents making problem resolving easier. Additionally, it can also export metrics about jobs and environments. +If you use the GitLab CI Pipelines Exporter, you should start with the [example configuration](https://github.com/mvisonneau/gitlab-ci-pipelines-exporter/blob/main/docs/configuration_syntax.md). +  Alternatively, you can use a monitoring tool that can execute scripts, like diff --git a/doc/ci/pipelines/schedules.md b/doc/ci/pipelines/schedules.md index 752e2a97fad..fb8de034d2a 100644 --- a/doc/ci/pipelines/schedules.md +++ b/doc/ci/pipelines/schedules.md @@ -65,7 +65,7 @@ GitLab CI/CD so that they can be used in your [`.gitlab-ci.yml` file](../../ci/y To configure a job to be executed only when the pipeline has been scheduled (or the opposite), use -[only and except](../yaml/README.md#onlyexcept-basic) configuration keywords. +[only and except](../yaml/README.md#only--except) configuration keywords. In the example below `make world` runs in scheduled pipelines, and `make build` runs in pipelines that are not scheduled: diff --git a/doc/ci/services/gitlab.md b/doc/ci/services/gitlab.md index 8a582cc87eb..a0e15b4e960 100644 --- a/doc/ci/services/gitlab.md +++ b/doc/ci/services/gitlab.md @@ -28,7 +28,7 @@ tests access to the GitLab API. [assign them to a variable in the user interface](../variables/README.md#project-cicd-variables). Then assign that variable to the corresponding variable in your `.gitlab-ci.yml` file. - + Then, commands in `script:` sections in your `.gitlab-ci.yml` file can access the API at `http://gitlab/api/v4`. For more information about why `gitlab` is used for the `Host`, see diff --git a/doc/ci/services/mysql.md b/doc/ci/services/mysql.md index 2185af0141d..1e0762ca010 100644 --- a/doc/ci/services/mysql.md +++ b/doc/ci/services/mysql.md @@ -14,6 +14,8 @@ need it for your tests to run. If you want to use a MySQL container, you can use [GitLab Runner](../runners/README.md) with the Docker executor. +This example shows you how to set a username and password that GitLab uses to access the MySQL container. If you do not set a username and password, you must use `root`. + 1. [Create CI/CD variables](../variables/README.md#custom-cicd-variables) for your MySQL database and password by going to **Settings > CI/CD**, expanding **Variables**, and clicking **Add Variable**. @@ -54,6 +56,9 @@ If you want to use a MySQL container, you can use [GitLab Runner](../runners/REA Database: <your_mysql_database> ``` + In this example, the user is `runner`. You should use a user that has permission to + access your database. + ## Use MySQL with the Shell executor You can also use MySQL on manually-configured servers that use diff --git a/doc/ci/triggers/README.md b/doc/ci/triggers/README.md index 3cdf45a8cbc..434adb0c8f3 100644 --- a/doc/ci/triggers/README.md +++ b/doc/ci/triggers/README.md @@ -26,7 +26,7 @@ depending on which trigger method is used. | `pipeline` | Using the `trigger:` keyword in the CI/CD configuration file, or using the trigger API with `$CI_JOB_TOKEN`. | | `trigger` | Using the trigger API using a generated trigger token | -This also applies when using the `pipelines` or `triggers` keywords with the legacy [`only/except` basic syntax](../yaml/README.md#onlyexcept-basic). +This also applies when using the `pipelines` or `triggers` keywords with the legacy [`only/except` basic syntax](../yaml/README.md#only--except). ### Trigger token diff --git a/doc/ci/troubleshooting.md b/doc/ci/troubleshooting.md index d4b9282ac38..cc6d02cbf36 100644 --- a/doc/ci/troubleshooting.md +++ b/doc/ci/troubleshooting.md @@ -123,7 +123,7 @@ This is usually caused by the `rules` configuration, and there are several ways #### A job is not in the pipeline -GitLab determines if a job is added to a pipeline based on the [`only/except`](yaml/README.md#onlyexcept-basic) +GitLab determines if a job is added to a pipeline based on the [`only/except`](yaml/README.md#only--except) or [`rules`](yaml/README.md#rules) defined for the job. If it didn't run, it's probably not evaluating as you expect. @@ -150,7 +150,7 @@ A common reason a job is added to a pipeline unexpectedly is because the `change keyword always evaluates to true in certain cases. For example, `changes` is always true in certain pipeline types, including scheduled pipelines and pipelines for tags. -The `changes` keyword is used in combination with [`only/except`](yaml/README.md#onlychangesexceptchanges) +The `changes` keyword is used in combination with [`only/except`](yaml/README.md#onlychanges--exceptchanges) or [`rules`](yaml/README.md#ruleschanges)). It's recommended to use `changes` with `rules` or `only/except` configuration that ensures the job is only added to branch pipelines or merge request pipelines. @@ -269,7 +269,7 @@ which pipelines can run. resource_group = Project.find_by_full_path('...').resource_groups.find_by(key: 'the-group-name') busy_resources = resource_group.resources.where('build_id IS NOT NULL') -# identify which builds are occupying the resource +# identify which builds are occupying the resource # (I think it should be 1 as of today) busy_resources.pluck(:build_id) diff --git a/doc/ci/unit_test_reports.md b/doc/ci/unit_test_reports.md index c4f3073e142..bbb62f74caa 100644 --- a/doc/ci/unit_test_reports.md +++ b/doc/ci/unit_test_reports.md @@ -11,12 +11,12 @@ type: reference > - [Renamed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39737) from JUnit test reports to Unit test reports in GitLab 13.4. It is very common that a [CI/CD pipeline](pipelines/index.md) contains a -test job that will verify your code. +test job that verifies your code. If the tests fail, the pipeline fails and users get notified. The person that -works on the merge request will have to check the job logs and see where the +works on the merge request has to check the job logs and see where the tests failed so that they can fix them. -You can configure your job to use Unit test reports, and GitLab will display a +You can configure your job to use Unit test reports, and GitLab displays a report on the merge request so that it's easier and faster to identify the failure without having to check the entire log. Unit test reports currently only support test reports in the JUnit report format. @@ -49,7 +49,7 @@ comparing the head and base branch's JUnit report format XML files, where: The reports panel has a summary showing how many tests failed, how many had errors and how many were fixed. If no comparison can be done because data for the base branch -is not available, the panel will just show the list of failed tests for head. +is not available, the panel just shows the list of failed tests for head. There are four types of results: @@ -59,8 +59,8 @@ There are four types of results: 1. **Existing failures:** Test cases which failed on base branch and failed on head branch 1. **Resolved failures:** Test cases which failed on base branch and passed on head branch -Each entry in the panel will show the test name and its type from the list -above. Clicking on the test name will open a modal window with details of its +Each entry in the panel shows the test name and its type from the list +above. Clicking on the test name opens a modal window with details of its execution time and the error output.  @@ -115,7 +115,7 @@ ruby: ### Go example Use the following job in `.gitlab-ci.yml`, and ensure you use `-set-exit-code`, -otherwise the pipeline will be marked successful, even if the tests fail: +otherwise the pipeline is marked successful, even if the tests fail: ```yaml ## Use https://github.com/jstemmer/go-junit-report to generate a JUnit report format XML file with go @@ -137,7 +137,7 @@ There are a few tools that can produce JUnit report format XML file in Java. #### Gradle In the following example, `gradle` is used to generate the test reports. -If there are multiple test tasks defined, `gradle` will generate multiple +If there are multiple test tasks defined, `gradle` generates multiple directories under `build/test-results/`. In that case, you can leverage glob matching by defining the following path: `build/test-results/test/**/TEST-*.xml`: @@ -198,8 +198,8 @@ There are a few tools that can produce JUnit report format XML files in C/C++. In the following example, `gtest` is used to generate the test reports. If there are multiple `gtest` executables created for different architectures (`x86`, `x64` or `arm`), -you will be required to run each test providing a unique filename. The results -will then be aggregated together. +you are required to run each test providing a unique filename. The results +are then aggregated together. ```yaml cpp: @@ -313,8 +313,8 @@ test: > - The feature flag was removed and the feature was [made generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/216478) in GitLab 13.3. If JUnit report format XML files are generated and uploaded as part of a pipeline, these reports -can be viewed inside the pipelines details page. The **Tests** tab on this page will -display a list of test suites and cases reported from the XML file. +can be viewed inside the pipelines details page. The **Tests** tab on this page +displays a list of test suites and cases reported from the XML file.  @@ -333,32 +333,24 @@ If parsing JUnit report XML results in an error, an indicator is shown next to t ## Viewing JUnit screenshots on GitLab -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/202114) in GitLab 13.0. -> - It's deployed behind a feature flag, disabled by default. -> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enabling-the-junit-screenshots-feature). **(FREE SELF)** +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/202114) in GitLab 13.0 behind the `:junit_pipeline_screenshots_view` feature flag, disabled by default. +> - The feature flag was removed and was [made generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/216979) in GitLab 13.12. -WARNING: -This feature might not be available to you. Check the **version history** note above for details. +Upload your screenshots as [artifacts](yaml/README.md#artifactsreportsjunit) to GitLab. If JUnit +report format XML files contain an `attachment` tag, GitLab parses the attachment. Note that: -When [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/6061) is complete, the attached file will be visible on the pipeline details page. +- The `attachment` tag **must** contain the absolute path to the screenshots you uploaded. For + example: -If JUnit report format XML files contain an `attachment` tag, GitLab parses the attachment. + ```xml + <testcase time="1.00" name="Test"> + <system-out>[[ATTACHMENT|/absolute/path/to/some/file]]</system-out> + </testcase> + ``` -Upload your screenshots as [artifacts](yaml/README.md#artifactsreportsjunit) to GitLab. The `attachment` tag **must** contain the absolute path to the screenshots you uploaded. +- You should set the job that uploads the screenshot to + [`artifacts:when: always`](yaml/README.md#artifactswhen) so that it still uploads a screenshot + when a test fails. -```xml -<testcase time="1.00" name="Test"> - <system-out>[[ATTACHMENT|/absolute/path/to/some/file]]</system-out> -</testcase> -``` - -### Enabling the JUnit screenshots feature **(FREE SELF)** - -This feature comes with the `:junit_pipeline_screenshots_view` feature flag disabled by default. - -To enable this feature, ask a GitLab administrator with [Rails console access](../administration/feature_flags.md#how-to-enable-and-disable-features-behind-flags) to run the -following command: - -```ruby -Feature.enable(:junit_pipeline_screenshots_view) -``` +A link to the test case attachment appears in the test case details in +[the pipeline test report](#viewing-unit-test-reports-on-gitlab). diff --git a/doc/ci/variables/README.md b/doc/ci/variables/README.md index 20de736a6e6..272f379611e 100644 --- a/doc/ci/variables/README.md +++ b/doc/ci/variables/README.md @@ -43,7 +43,7 @@ predefined variable: test_variable: stage: test script: - - echo $CI_JOB_STAGE + - echo "$CI_JOB_STAGE" ``` The script outputs the `stage` for the `test_variable`, which is `test`: @@ -88,7 +88,7 @@ job1: variables: TEST_VAR_JOB: "Only job1 can use this variable's value" script: - - echo $TEST_VAR and $TEST_VAR_JOB + - echo "$TEST_VAR" and "$TEST_VAR_JOB" ``` Variables saved in the `.gitlab-ci.yml` file should store only non-sensitive project @@ -114,9 +114,9 @@ name inside another variable: ```yaml variables: FLAGS: '-al' - LS_CMD: 'ls $FLAGS $$TMP_DIR' + LS_CMD: 'ls "$FLAGS" $$TMP_DIR' script: - - 'eval $LS_CMD' # Executes 'ls -al $TMP_DIR' + - 'eval "$LS_CMD"' # Executes 'ls -al $TMP_DIR' ``` Use the [`value` and `description`](../yaml/README.md#prefill-variables-in-manual-pipelines) @@ -151,10 +151,10 @@ After you create a variable, you can use it in the `.gitlab-ci.yml` file: test_variable: stage: test script: - - echo $CI_JOB_STAGE # calls a predefined variable - - echo $TEST # calls a custom variable of type `env_var` - - echo $GREETING # calls a custom variable of type `file` that contains the path to the temp file - - cat $GREETING # the temp file itself contains the variable value + - echo "$CI_JOB_STAGE" # calls a predefined variable + - echo "$TEST" # calls a custom variable of type `env_var` + - echo "$GREETING" # calls a custom variable of type `file` that contains the path to the temp file + - cat "$GREETING" # the temp file itself contains the variable value ``` The output is: @@ -181,7 +181,7 @@ To add a group variable: - **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`. - **Value**: No limitations. - **Type**: [`File` or `Variable`](#cicd-variable-types). - - **Environment scope** (optional): `All`, or specific [environments](#limit-the-environment-scope-of-a-cicd-variable). + - **Environment scope** (optional): `All`, or specific [environments](#limit-the-environment-scope-of-a-cicd-variable). **(PREMIUM)** - **Protect variable** (Optional): If selected, the variable is only available in pipelines that run on protected branches or tags. - **Mask variable** (Optional): If selected, the variable's **Value** is masked @@ -298,6 +298,7 @@ The value of the variable must: - Characters from the Base64 alphabet (RFC4648). - The `@` and `:` characters ([In GitLab 12.2](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/63043) and later). - The `.` character ([In GitLab 12.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/29022) and later). + - The `~` character ([In GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61517) and later). - Not match the name of an existing predefined or custom CI/CD variable. ### Protect a CI/CD variable @@ -366,7 +367,7 @@ CI/CD variable with (`$`): ```yaml job_name: script: - - echo $CI_JOB_ID + - echo "$CI_JOB_ID" ``` ### Use variables with PowerShell @@ -506,7 +507,7 @@ build: deploy: stage: deploy script: - - echo $BUILD_VERSION # Output is: 'hello' + - echo "$BUILD_VERSION" # Output is: 'hello' dependencies: - build ``` @@ -525,7 +526,7 @@ build: deploy: stage: deploy script: - - echo $BUILD_VERSION # Output is: 'hello' + - echo "$BUILD_VERSION" # Output is: 'hello' needs: - job: build artifacts: true @@ -603,11 +604,18 @@ to enable the `restrict_user_defined_variables` setting. The setting is `disable ## Limit the environment scope of a CI/CD variable -You can limit the environment scope of a variable by -[defining which environments](../environments/index.md) it can be available for. +By default, all CI/CD variables are available to any job in a pipeline. Therefore, if a project uses a +compromised tool in a test job, it could expose all CI/CD variables that a deployment job used. This is +a common scenario in supply chain attacks. GitLab helps mitigate supply chain attacks by limiting +the environment scope of a variable. GitLab does this by +[defining which environments and corresponding jobs](../environments/index.md) +the variable can be available for. To learn more about scoping environments, see [Scoping environments with specs](../environments/index.md#scoping-environments-with-specs). +To learn more about ensuring CI/CD variables are only exposed in pipelines running from protected +branches or tags, see [Protect a CI/CD Variable](#protect-a-cicd-variable). + ## Deployment variables Integrations that are responsible for deployment configuration can define their own @@ -635,7 +643,7 @@ CI/CD variables with multi-line values are not supported. ## CI/CD variable expressions -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/37397) in GitLab 10.7 for [the `only` and `except` CI keywords](../yaml/README.md#onlyexcept-advanced) +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/37397) in GitLab 10.7 for [the `only` and `except` CI keywords](../yaml/README.md#onlyvariables--exceptvariables) > - [Expanded](https://gitlab.com/gitlab-org/gitlab/-/issues/27863) in GitLab 12.3 with [the `rules` keyword](../yaml/README.md#rules) Use variable expressions to limit which jobs are created @@ -644,7 +652,7 @@ in a pipeline after changes are pushed to GitLab. In `.gitlab-ci.yml`, variable expressions work with both: - [`rules`](../yaml/README.md#rules), which is the recommended approach, and -- [`only` and `except`](../yaml/README.md#onlyexcept-basic), which are candidates for deprecation. +- [`only` and `except`](../yaml/README.md#only--except), which are candidates for deprecation. This is particularly useful in combination with variables and triggered pipeline variables. @@ -665,7 +673,7 @@ If any of the conditions in `variables` evaluates to true when using `only`, a new job is created. If any of the expressions evaluates to true when `except` is being used, a job is not created. -This follows the usual rules for [`only` / `except` policies](../yaml/README.md#onlyexcept-advanced). +This follows the usual rules for [`only` / `except` policies](../yaml/README.md#onlyvariables--exceptvariables). ### Syntax of CI/CD variable expressions diff --git a/doc/ci/variables/deprecated_variables.md b/doc/ci/variables/deprecated_variables.md deleted file mode 100644 index 8d23ec1fd97..00000000000 --- a/doc/ci/variables/deprecated_variables.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: 'README.md' ---- - -This documentation page was removed. For information about variables, see [GitLab CI/CD environment variables](README.md) - -<!-- This redirect file can be deleted after 2021-04-14. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/variables/predefined_variables.md b/doc/ci/variables/predefined_variables.md index 5ceab9c0ff3..9cb960ae8ec 100644 --- a/doc/ci/variables/predefined_variables.md +++ b/doc/ci/variables/predefined_variables.md @@ -50,7 +50,7 @@ There are also [Kubernetes-specific deployment variables](../../user/project/clu | `CI_DEPLOY_USER` | 10.8 | all | The authentication username of the [GitLab Deploy Token](../../user/project/deploy_tokens/index.md#gitlab-deploy-token), if the project has one. | | `CI_DISPOSABLE_ENVIRONMENT` | all | 10.1 | Only available if the job is executed in a disposable environment (something that is created only for this job and disposed of/destroyed after the execution - all executors except `shell` and `ssh`). `true` when available. | | `CI_ENVIRONMENT_NAME` | 8.15 | all | The name of the environment for this job. Available if [`environment:name`](../yaml/README.md#environmentname) is set. | -| `CI_ENVIRONMENT_SLUG` | 8.15 | all | The simplified version of the environment name, suitable for inclusion in DNS, URLs, Kubernetes labels, and so on. Available if [`environment:name`](../yaml/README.md#environmentname) is set. | +| `CI_ENVIRONMENT_SLUG` | 8.15 | all | The simplified version of the environment name, suitable for inclusion in DNS, URLs, Kubernetes labels, and so on. Available if [`environment:name`](../yaml/README.md#environmentname) is set. The slug is [truncated to 24 characters](https://gitlab.com/gitlab-org/gitlab/-/issues/20941). | | `CI_ENVIRONMENT_URL` | 9.3 | all | The URL of the environment for this job. Available if [`environment:url`](../yaml/README.md#environmenturl) is set. | | `CI_HAS_OPEN_REQUIREMENTS` | 13.1 | all | Only available if the pipeline's project has an open [requirement](../../user/project/requirements/index.md). `true` when available. | | `CI_JOB_ID` | 9.0 | all | The internal ID of the job, unique across all jobs in the GitLab instance. | diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md index 49daa2b17fb..e9b3a2213c8 100644 --- a/doc/ci/yaml/README.md +++ b/doc/ci/yaml/README.md @@ -36,14 +36,14 @@ The keywords available for jobs are: | [`coverage`](#coverage) | Code coverage settings for a given job. | | [`dependencies`](#dependencies) | Restrict which artifacts are passed to a specific job by providing a list of jobs to fetch artifacts from. | | [`environment`](#environment) | Name of an environment to which the job deploys. | -| [`except`](#onlyexcept-basic) | Limit when jobs are not created. | +| [`except`](#only--except) | Control when jobs are not created. | | [`extends`](#extends) | Configuration entries that this job inherits from. | | [`image`](#image) | Use Docker images. | | [`include`](#include) | Include external YAML files. | | [`inherit`](#inherit) | Select which global defaults all jobs inherit. | | [`interruptible`](#interruptible) | Defines if a job can be canceled when made redundant by a newer run. | | [`needs`](#needs) | Execute jobs earlier than the stage ordering. | -| [`only`](#onlyexcept-basic) | Limit when jobs are created. | +| [`only`](#only--except) | Control when jobs are created. | | [`pages`](#pages) | Upload the result of a job to use with GitLab Pages. | | [`parallel`](#parallel) | How many instances of a job should be run in parallel. | | [`release`](#release) | Instructs the runner to generate a [release](../../user/project/releases/index.md) object. | @@ -152,6 +152,13 @@ are the default pipeline stages. If a job does not specify a [`stage`](#stage), the job is assigned the `test` stage. +If a stage is defined, but no jobs use it, the stage is not visible in the pipeline. This is +useful for [compliance pipeline configuration](../../user/project/settings/index.md#compliance-pipeline-configuration) +because: + +- Stages can be defined in the compliance configuration but remain hidden if not used. +- The defined stages become visible when developers use them in job definitions. + To make a job start earlier and ignore the stage order, use the [`needs`](#needs) keyword. @@ -226,13 +233,15 @@ If your rules match both branch pipelines and merge request pipelines, #### `workflow:rules:variables` > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/294232) in GitLab 13.11. -> - It's [deployed behind a feature flag](../../user/feature_flags.md), disabled by default. -> - It's disabled on GitLab.com. -> - It's not recommended for production use. -> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-workflowrulesvariables). **(CORE ONLY)** +> - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. +> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/300997) in GitLab 13.12. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-workflowrulesvariables). **(FREE SELF)** -WARNING: -This feature might not be available to you. Check the **version history** note above for details. +There can be +[risks when disabling released features](../../user/feature_flags.md#risks-when-disabling-released-features). +Refer to this feature's version history for more details. You can use [`variables`](#variables) in `workflow:rules:` to define variables for specific pipeline conditions. @@ -285,12 +294,12 @@ When the branch is something else: - job1's `DEPLOY_VARIABLE` is `job1-default-deploy`. - job2's `DEPLOY_VARIABLE` is `default-deploy`. -##### Enable or disable workflow:rules:variables **(CORE ONLY)** +##### Enable or disable workflow:rules:variables **(FREE SELF)** -rules:variables is under development and not ready for production use. -It is deployed behind a feature flag that is **disabled by default**. +workflow:rules:variables is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. [GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) -can enable it. +can opt to disable it. To enable it: @@ -480,12 +489,17 @@ Use local includes instead of symbolic links. ##### `include:local` with wildcard file paths > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25921) in GitLab 13.11. -> - It's [deployed behind a feature flag](../../user/feature_flags.md), disabled by default. -> - It's disabled on GitLab.com. -> - It's not recommended for production use. -> - To use it in GitLab self-managed instances, ask a GitLab administrator to enable it. **(CORE ONLY)** +> - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. +> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/327315) in GitLab 13.12. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to disable it. **(CORE ONLY)** -You can use wildcard paths (`*`) with `include:local`. +There can be +[risks when disabling released features](../../user/feature_flags.md#risks-when-disabling-released-features). +Refer to this feature's version history for more details. + +You can use wildcard paths (`*` and `**`) with `include:local`. Example: @@ -493,12 +507,24 @@ Example: include: 'configs/*.yml' ``` -When the pipeline runs, it adds all `.yml` files in the `configs` folder into the pipeline configuration. +When the pipeline runs, GitLab: + +- Adds all `.yml` files in the `configs` directory into the pipeline configuration. +- Does not add `.yml` files in subfolders of the `configs` directory. To allow this, + add the following configuration: + + ```yaml + # This matches all `.yml` files in `configs` and any subfolder in it. + include: 'configs/**.yml' -The wildcard file paths feature is under development and not ready for production use. It is -deployed behind a feature flag that is **disabled by default**. + # This matches all `.yml` files only in subfolders of `configs`. + include: 'configs/**/*.yml' + ``` + +The wildcard file paths feature is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. [GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) -can enable it. +can opt to disable it. To enable it: @@ -1090,7 +1116,7 @@ is either included or excluded from the pipeline, depending on the configuration The job can also have [certain attributes](#rules-attributes) added to it. -`rules` replaces [`only/except`](#onlyexcept-basic) and they can't be used together +`rules` replaces [`only/except`](#only--except) and they can't be used together in the same job. If you configure one job to use both keywords, the linter returns a `key may not be used with rules` error. @@ -1123,8 +1149,8 @@ Available rule clauses are: | Clause | Description | |----------------------------|------------------------------------------------------------------------------------------------------------------------------------| -| [`if`](#rulesif) | Add or exclude jobs from a pipeline by evaluating an `if` statement. Similar to [`only:variables`](#onlyvariablesexceptvariables). | -| [`changes`](#ruleschanges) | Add or exclude jobs from a pipeline based on what files are changed. Same as [`only:changes`](#onlychangesexceptchanges). | +| [`if`](#rulesif) | Add or exclude jobs from a pipeline by evaluating an `if` statement. Similar to [`only:variables`](#onlyvariables--exceptvariables). | +| [`changes`](#ruleschanges) | Add or exclude jobs from a pipeline based on what files are changed. Same as [`only:changes`](#onlychanges--exceptchanges). | | [`exists`](#rulesexists) | Add or exclude jobs from a pipeline based on the presence of specific files. | Rules are evaluated in order until a match is found. If a match is found, the attributes @@ -1281,7 +1307,7 @@ job-with-rules: For every change pushed to the branch, duplicate pipelines run. One branch pipeline runs a single job (`job-with-no-rules`), and one merge request pipeline runs the other job (`job-with-rules`). Jobs with no rules default -to [`except: merge_requests`](#onlyexcept-basic), so `job-with-no-rules` +to [`except: merge_requests`](#only--except), so `job-with-no-rules` runs in all cases except merge requests. #### `rules:if` @@ -1330,7 +1356,7 @@ Some details regarding the logic that determines the `when` for the job: ##### Common `if` clauses for `rules` -For behavior similar to the [`only`/`except` keywords](#onlyexcept-basic), you can +For behavior similar to the [`only`/`except` keywords](#only--except), you can check the value of the `$CI_PIPELINE_SOURCE` variable: | Value | Description | @@ -1392,7 +1418,7 @@ Other commonly used variables for `if` clauses: Use `rules:changes` to specify when to add a job to a pipeline by checking for changes to specific files. -`rules: changes` works the same way as [`only: changes` and `except: changes`](#onlychangesexceptchanges). +`rules: changes` works the same way as [`only: changes` and `except: changes`](#onlychanges--exceptchanges). It accepts an array of paths. You should use `rules: changes` only with branch pipelines or merge request pipelines. For example, it's common to use `rules: changes` with merge request pipelines: @@ -1423,7 +1449,7 @@ rules: - if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH ``` -To implement a rule similar to [`except:changes`](#onlychangesexceptchanges), +To implement a rule similar to [`except:changes`](#onlychanges--exceptchanges), use `when: never`. WARNING: @@ -1583,318 +1609,162 @@ WARNING: [Before GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/230938), rules that use both `||` and `&&` may evaluate with an unexpected order of operations. -### `only`/`except` (basic) +### `only` / `except` NOTE: -`only` and `except` are not being actively developed. To define when -to add jobs to pipelines, use [`rules`](#rules). +`only` and `except` are not being actively developed. [`rules`](#rules) is the preferred +keyword to control when to add jobs to pipelines. -`only` and `except` are two keywords that determine when to add jobs to pipelines: +You can use `only` and `except` to control when to add jobs to pipelines. -1. `only` defines the names of branches and tags the job runs for. -1. `except` defines the names of branches and tags the job does - **not** run for. +- Use `only` to define when a job runs. +- Use `except` to define when a job **does not** run. -A few rules apply to the usage of job policy: +Four keywords can be used with `only` and `except`: -- `only` and `except` are inclusive. If both `only` and `except` are defined - in a job specification, the ref is filtered by `only` and `except`. -- `only` and `except` can use regular expressions ([supported regexp syntax](#supported-onlyexcept-regexp-syntax)). -- `only` and `except` can specify a repository path to filter jobs for forks. +- [`refs`](#onlyrefs--exceptrefs) +- [`variables`](#onlyvariables--exceptvariables) +- [`changes`](#onlychanges--exceptchanges) +- [`kubernetes`](#onlykubernetes--exceptkubernetes) -In addition, `only` and `except` can use these keywords: +See [specify when jobs run with `only` and `except`](../jobs/job_control.md#specify-when-jobs-run-with-only-and-except) +for more details and examples. -| **Value** | **Description** | -|--------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `api` | For pipelines triggered by the [pipelines API](../../api/pipelines.md#create-a-new-pipeline). | -| `branches` | When the Git reference for a pipeline is a branch. | -| `chat` | For pipelines created by using a [GitLab ChatOps](../chatops/index.md) command. | -| `external` | When you use CI services other than GitLab. | -| `external_pull_requests` | When an external pull request on GitHub is created or updated (See [Pipelines for external pull requests](../ci_cd_for_external_repos/index.md#pipelines-for-external-pull-requests)). | -| `merge_requests` | For pipelines created when a merge request is created or updated. Enables [merge request pipelines](../merge_request_pipelines/index.md), [merged results pipelines](../merge_request_pipelines/pipelines_for_merged_results/index.md), and [merge trains](../merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). | -| `pipelines` | For [multi-project pipelines](../multi_project_pipelines.md) created by [using the API with `CI_JOB_TOKEN`](../multi_project_pipelines.md#triggering-multi-project-pipelines-through-api), or the [`trigger`](#trigger) keyword. | -| `pushes` | For pipelines triggered by a `git push` event, including for branches and tags. | -| `schedules` | For [scheduled pipelines](../pipelines/schedules.md). | -| `tags` | When the Git reference for a pipeline is a tag. | -| `triggers` | For pipelines created by using a [trigger token](../triggers/README.md#trigger-token). | -| `web` | For pipelines created by using **Run pipeline** button in the GitLab UI, from the project's **CI/CD > Pipelines** section. | +#### `only:refs` / `except:refs` -Scheduled pipelines run on specific branches, so jobs configured with `only: branches` -run on scheduled pipelines too. Add `except: schedules` to prevent jobs with `only: branches` -from running on scheduled pipelines. +Use the `only:refs` and `except:refs` keywords to control when to add jobs to a +pipeline based on branch names or pipeline types. -In the following example, `job` runs only for refs that start with `issue-`. -All branches are skipped: +**Keyword type**: Job keyword. You can use it only as part of a job. -```yaml -job: - # use regexp - only: - - /^issue-.*$/ - # use special keyword - except: - - branches -``` - -Pattern matching is case-sensitive by default. Use the `i` flag modifier, like -`/pattern/i`, to make a pattern case-insensitive: +**Possible inputs**: An array including any number of: -```yaml -job: - # use regexp - only: - - /^issue-.*$/i - # use special keyword - except: - - branches -``` +- Branch names, for example `main` or `my-feature-branch`. +- [Regular expressions](../jobs/job_control.md#only--except-regex-syntax) + that match against branch names, for example `/^feature-.*/`. +- The following keywords: -In the following example, `job` runs only for: + | **Value** | **Description** | + | -------------------------|-----------------| + | `api` | For pipelines triggered by the [pipelines API](../../api/pipelines.md#create-a-new-pipeline). | + | `branches` | When the Git reference for a pipeline is a branch. | + | `chat` | For pipelines created by using a [GitLab ChatOps](../chatops/index.md) command. | + | `external` | When you use CI services other than GitLab. | + | `external_pull_requests` | When an external pull request on GitHub is created or updated (See [Pipelines for external pull requests](../ci_cd_for_external_repos/index.md#pipelines-for-external-pull-requests)). | + | `merge_requests` | For pipelines created when a merge request is created or updated. Enables [merge request pipelines](../merge_request_pipelines/index.md), [merged results pipelines](../merge_request_pipelines/pipelines_for_merged_results/index.md), and [merge trains](../merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). | + | `pipelines` | For [multi-project pipelines](../multi_project_pipelines.md) created by [using the API with `CI_JOB_TOKEN`](../multi_project_pipelines.md#triggering-multi-project-pipelines-through-api), or the [`trigger`](#trigger) keyword. | + | `pushes` | For pipelines triggered by a `git push` event, including for branches and tags. | + | `schedules` | For [scheduled pipelines](../pipelines/schedules.md). | + | `tags` | When the Git reference for a pipeline is a tag. | + | `triggers` | For pipelines created by using a [trigger token](../triggers/README.md#trigger-token). | + | `web` | For pipelines created by using **Run pipeline** button in the GitLab UI, from the project's **CI/CD > Pipelines** section. | -- Git tags -- [Triggers](../triggers/README.md#trigger-token) -- [Scheduled pipelines](../pipelines/schedules.md) - -```yaml -job: - # use special keywords - only: - - tags - - triggers - - schedules -``` - -To execute jobs only for the parent repository and not forks: - -```yaml -job: - only: - - branches@gitlab-org/gitlab - except: - - master@gitlab-org/gitlab - - /^release/.*$/@gitlab-org/gitlab -``` - -This example runs `job` for all branches on `gitlab-org/gitlab`, -except `master` and branches that start with `release/`. - -If a job does not have an `only` rule, `only: ['branches', 'tags']` is set by -default. If the job does not have an `except` rule, it's empty. - -For example, `job1` and `job2` are essentially the same: +**Example of `only:refs` and `except:refs`**: ```yaml job1: - script: echo 'test' - -job2: - script: echo 'test' - only: ['branches', 'tags'] -``` - -#### Regular expressions - -The `@` symbol denotes the beginning of a ref's repository path. -To match a ref name that contains the `@` character in a regular expression, -you must use the hex character code match `\x40`. - -Only the tag or branch name can be matched by a regular expression. -The repository path, if given, is always matched literally. - -To match the tag or branch name, -the entire ref name part of the pattern must be a regular expression surrounded by `/`. -For example, you can't use `issue-/.*/` to match all tag names or branch names -that begin with `issue-`, but you can use `/issue-.*/`. - -Regular expression flags must be appended after the closing `/`. - -NOTE: -Use anchors `^` and `$` to avoid the regular expression -matching only a substring of the tag name or branch name. -For example, `/^issue-.*$/` is equivalent to `/^issue-/`, -while just `/issue/` would also match a branch called `severe-issues`. - -#### Supported `only`/`except` regexp syntax - -In GitLab 11.9.4, GitLab began internally converting the regexp used -in `only` and `except` keywords to [RE2](https://github.com/google/re2/wiki/Syntax). - -[RE2](https://github.com/google/re2/wiki/Syntax) limits the set of available features -due to computational complexity, and some features, like negative lookaheads, became unavailable. -Only a subset of features provided by [Ruby Regexp](https://ruby-doc.org/core/Regexp.html) -are now supported. - -From GitLab 11.9.7 to GitLab 12.0, GitLab provided a feature flag to -let you use unsafe regexp syntax. After migrating to safe syntax, you should disable -this feature flag again: - -```ruby -Feature.enable(:allow_unsafe_ruby_regexp) -``` - -### `only`/`except` (advanced) - -GitLab supports multiple strategies, and it's possible to use an -array or a hash configuration scheme. - -Four keys are available: - -- `refs` -- `variables` -- `changes` -- `kubernetes` - -If you use multiple keys under `only` or `except`, the keys are evaluated as a -single conjoined expression. That is: - -- `only:` includes the job if **all** of the keys have at least one condition that matches. -- `except:` excludes the job if **any** of the keys have at least one condition that matches. - -With `only`, individual keys are logically joined by an `AND`. A job is added to -the pipeline if the following is true: - -- `(any listed refs are true) AND (any listed variables are true) AND (any listed changes are true) AND (any chosen Kubernetes status matches)` - -In the following example, the `test` job is `only` created when **all** of the following are true: - -- The pipeline is [scheduled](../pipelines/schedules.md) **or** runs for `master`. -- The `variables` keyword matches. -- The `kubernetes` service is active on the project. - -```yaml -test: - script: npm run test + script: echo only: - refs: - - master - - schedules - variables: - - $CI_COMMIT_MESSAGE =~ /run-end-to-end-tests/ - kubernetes: active -``` - -With `except`, individual keys are logically joined by an `OR`. A job is **not** -added if the following is true: - -- `(any listed refs are true) OR (any listed variables are true) OR (any listed changes are true) OR (a chosen Kubernetes status matches)` - -In the following example, the `test` job is **not** created when **any** of the following are true: - -- The pipeline runs for the `master` branch. -- There are changes to the `README.md` file in the root directory of the repository. + - main + - /^issue-.*$/ + - merge_requests -```yaml -test: - script: npm run test +job2: + script: echo except: - refs: - - master - changes: - - "README.md" + - main + - /^stable-branch.*$/ + - schedules ``` -#### `only:refs`/`except:refs` +**Additional details:** -> `refs` policy introduced in GitLab 10.0. +- Scheduled pipelines run on specific branches, so jobs configured with `only: branches` + run on scheduled pipelines too. Add `except: schedules` to prevent jobs with `only: branches` + from running on scheduled pipelines. +- `only` or `except` used without any other keywords are equivalent to `only: refs` + or `except: refs`. For example, the following two jobs configurations have the same + behavior: -The `refs` strategy can take the same values as the -[simplified only/except configuration](#onlyexcept-basic). - -In the following example, the `deploy` job is created only when the -pipeline is [scheduled](../pipelines/schedules.md) or runs for the `master` branch: - -```yaml -deploy: - only: - refs: - - master - - schedules -``` + ```yaml + job1: + script: echo + only: + - branches -#### `only:kubernetes`/`except:kubernetes` + job2: + script: echo + only: + refs: + - branches + ``` -> `kubernetes` policy introduced in GitLab 10.0. +- If a job does not use `only`, `except`, or [`rules`](#rules), then `only` is set to `branches` + and `tags` by default. -The `kubernetes` strategy accepts only the `active` keyword. + For example, `job1` and `job2` are equivalent: -In the following example, the `deploy` job is created only when the -Kubernetes service is active in the project: + ```yaml + job1: + script: echo 'test' -```yaml -deploy: - only: - kubernetes: active -``` + job2: + script: echo 'test' + only: + - branches + - tags + ``` -#### `only:variables`/`except:variables` +#### `only:variables` / `except:variables` -> `variables` policy introduced in GitLab 10.7. +Use the `only:variables` or `except:variables` keywords to control when to add jobs +to a pipeline, based on the status of [CI/CD variables](../variables/README.md). -The `variables` keyword defines variable expressions. +**Keyword type**: Job keyword. You can use it only as part of a job. -These expressions determine whether or not a job should be created. +**Possible inputs**: An array of [CI/CD variable expressions](../variables/README.md#cicd-variable-expressions). -Examples of variable expressions: +**Example of `only:variables`**: ```yaml deploy: script: cap staging deploy only: - refs: - - branches variables: - $RELEASE == "staging" - $STAGING ``` -Another use case is excluding jobs depending on a commit message: - -```yaml -end-to-end: - script: rake test:end-to-end - except: - variables: - - $CI_COMMIT_MESSAGE =~ /skip-end-to-end-tests/ -``` - -You can use [parentheses](../variables/README.md#parentheses) with `&&` and `||` to build more complicated variable expressions. -[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/230938) in GitLab 13.3: +**Related topics**: -```yaml -job1: - script: - - echo This rule uses parentheses. - only: - variables: - - ($CI_COMMIT_BRANCH == "master" || $CI_COMMIT_BRANCH == "develop") && $MY_VARIABLE -``` +- [`only:variables` and `except:variables` examples](../jobs/job_control.md#only-variables--except-variables-examples). -#### `only:changes`/`except:changes` +#### `only:changes` / `except:changes` -> `changes` policy [introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/19232) in GitLab 11.4. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/19232) in GitLab 11.4. Use the `changes` keyword with `only` to run a job, or with `except` to skip a job, when a Git push event modifies a file. -Use `only:changes` with pipelines triggered by the following refs only: +Use `changes` in pipelines with the following refs: - `branches` - `external_pull_requests` -- `merge_requests` (see additional details about [using `only:changes` with pipelines for merge requests](#use-onlychanges-with-pipelines-for-merge-requests)) +- `merge_requests` (see additional details about [using `only:changes` with pipelines for merge requests](../jobs/job_control.md#use-onlychanges-with-pipelines-for-merge-requests)) -WARNING: -In pipelines with [sources other than the three above](../variables/predefined_variables.md) -`changes` can't determine if a given file is new or old and always returns `true`. -You can configure jobs to use `only: changes` with other `only: refs` keywords. However, -those jobs ignore the changes and always run. +**Keyword type**: Job keyword. You can use it only as part of a job. -In the following example, when you push commits to an existing branch, the `docker build` job -runs only if any of these files change: +**Possible inputs**: An array including any number of: -- The `Dockerfile` file. -- Files in the `docker/scripts/` directory. -- Files and subdirectories in the `dockerfiles` directory. -- Files with `rb`, `py`, `sh` extensions in the `more_scripts` directory. +- Paths to files. +- Wildcard paths for single directories, for example `path/to/directory/*`, or a directory + and all its subdirectories, for example `path/to/directory/**/*`. +- Wildcard ([glob](https://en.wikipedia.org/wiki/Glob_(programming))) paths for all + files with the same extension or multiple extensions, for example `*.md` or `path/to/directory/*.{rb,py,sh}`. +- Wildcard paths to files in the root directory, or all directories, wrapped in double quotes. + For example `"*.json"` or `"**/*.json"`. + +**Example of `only:changes`**: ```yaml docker build: @@ -1909,110 +1779,40 @@ docker build: - more_scripts/*.{rb,py,sh} ``` -WARNING: -If you use `only:changes` with [only allow merge requests to be merged if the pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md#only-allow-merge-requests-to-be-merged-if-the-pipeline-succeeds), -you should [also use `only:merge_requests`](#use-onlychanges-with-pipelines-for-merge-requests). Otherwise it may not work as expected. +**Additional details**: -You can also use [glob](https://en.wikipedia.org/wiki/Glob_(programming)) -patterns to match multiple files in either the root directory -of the repository, or in _any_ directory in the repository. However, they must be wrapped -in double quotes or GitLab can't parse them: +- If you use refs other than `branches`, `external_pull_requests`, or `merge_requests`, + `changes` can't determine if a given file is new or old and always returns `true`. +- If you use `only: changes` with other refs, jobs ignore the changes and always run. +- If you use `except: changes` with other refs, jobs ignore the changes and never run. -```yaml -test: - script: npm run test - only: - refs: - - branches - changes: - - "*.json" - - "**/*.sql" -``` +**Related topics**: -You can skip a job if a change is detected in any file with a -`.md` extension in the root directory of the repository: +- [`only: changes` and `except: changes` examples](../jobs/job_control.md#onlychanges--exceptchanges-examples). +- If you use `changes` with [only allow merge requests to be merged if the pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md#only-allow-merge-requests-to-be-merged-if-the-pipeline-succeeds), + you should [also use `only:merge_requests`](../jobs/job_control.md#use-onlychanges-with-pipelines-for-merge-requests). +- Use `changes` with [new branches or tags *without* pipelines for merge requests](../jobs/job_control.md#use-onlychanges-without-pipelines-for-merge-requests). +- Use `changes` with [scheduled pipelines](../jobs/job_control.md#use-onlychanges-with-scheduled-pipelines). -```yaml -build: - script: npm run build - except: - changes: - - "*.md" -``` +#### `only:kubernetes` / `except:kubernetes` -If you change multiple files, but only one file ends in `.md`, -the `build` job is still skipped. The job does not run for any of the files. +Use `only:kubernetes` or `except:kubernetes` to control if jobs are added to the pipeline +when the Kubernetes service is active in the project. -Read more about how to use this feature with: +**Keyword type**: Job-specific. You can use it only as part of a job. -- [New branches or tags *without* pipelines for merge requests](#use-onlychanges-without-pipelines-for-merge-requests). -- [Scheduled pipelines](#use-onlychanges-with-scheduled-pipelines). +**Possible inputs**: The `kubernetes` strategy accepts only the `active` keyword. -##### Use `only:changes` with pipelines for merge requests - -With [pipelines for merge requests](../merge_request_pipelines/index.md), -it's possible to define a job to be created based on files modified -in a merge request. - -Use this keyword with `only: [merge_requests]` so GitLab can find the correct base -SHA of the source branch. File differences are correctly calculated from any further -commits, and all changes in the merge requests are properly tested in pipelines. - -For example: +**Example of `only:kubernetes`**: ```yaml -docker build service one: - script: docker build -t my-service-one-image:$CI_COMMIT_REF_SLUG . - only: - refs: - - merge_requests - changes: - - Dockerfile - - service-one/**/* -``` - -In this scenario, if a merge request changes -files in the `service-one` directory or the `Dockerfile`, GitLab creates -the `docker build service one` job. - -For example: - -```yaml -docker build service one: - script: docker build -t my-service-one-image:$CI_COMMIT_REF_SLUG . +deploy: only: - changes: - - Dockerfile - - service-one/**/* + kubernetes: active ``` -In this example, the pipeline might fail because of changes to a file in `service-one/**/*`. - -A later commit that doesn't have changes in `service-one/**/*` -but does have changes to the `Dockerfile` can pass. The job -only tests the changes to the `Dockerfile`. - -GitLab checks the **most recent pipeline** that **passed**. If the merge request is mergeable, -it doesn't matter that an earlier pipeline failed because of a change that has not been corrected. - -When you use this configuration, ensure that the most recent pipeline -properly corrects any failures from previous pipelines. - -##### Use `only:changes` without pipelines for merge requests - -Without [pipelines for merge requests](../merge_request_pipelines/index.md), pipelines -run on branches or tags that don't have an explicit association with a merge request. -In this case, a previous SHA is used to calculate the diff, which is equivalent to `git diff HEAD~`. -This can result in some unexpected behavior, including: - -- When pushing a new branch or a new tag to GitLab, the policy always evaluates to true. -- When pushing a new commit, the changed files are calculated by using the previous commit - as the base SHA. - -##### Use `only:changes` with scheduled pipelines - -`only:changes` always evaluates as true in [Scheduled pipelines](../pipelines/schedules.md). -All files are considered to have changed when a scheduled pipeline runs. +In this example, the `deploy` job runs only when the Kubernetes service is active +in the project. ### `needs` @@ -2281,7 +2081,7 @@ This feature might not be available to you. Check the **version history** note a To need a job that sometimes does not exist in the pipeline, add `optional: true` to the `needs` configuration. If not defined, `optional: false` is the default. -Jobs that use [`rules`](#rules), [`only`, or `except`](#onlyexcept-basic), might +Jobs that use [`rules`](#rules), [`only`, or `except`](#only--except), might not always exist in a pipeline. When the pipeline starts, it checks the `needs` relationships before running. Without `optional: true`, needs relationships that point to a job that does not exist stops the pipeline from starting and causes a pipeline @@ -2755,8 +2555,8 @@ The `stop_review_app` job is **required** to have the following keywords defined - `environment:name` - `environment:action` -Additionally, both jobs should have matching [`rules`](#onlyexcept-basic) -or [`only/except`](#onlyexcept-basic) configuration. +Additionally, both jobs should have matching [`rules`](#only--except) +or [`only/except`](#only--except) configuration. In the examples above, if the configuration is not identical: @@ -2956,11 +2756,7 @@ You can specify a [fallback cache key](#fallback-cache-key) to use if the specif ##### Multiple caches > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32814) in GitLab 13.10. -> - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. -> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/321877) in GitLab 13.11. -> - Enabled on GitLab.com. -> - Recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-multiple-caches). **(FREE SELF)** +> - [Feature Flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/321877), in GitLab 13.12. You can have a maximum of four caches: @@ -2987,25 +2783,6 @@ test-job: If multiple caches are combined with a [Fallback cache key](#fallback-cache-key), the fallback is fetched multiple times if multiple caches are not found. -##### Enable or disable multiple caches **(FREE SELF)** - -The multiple caches feature is under development but ready for production use. -It is deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) -can opt to disable it. - -To enable it: - -```ruby -Feature.enable(:multiple_cache_per_job) -``` - -To disable it: - -```ruby -Feature.disable(:multiple_cache_per_job) -``` - #### Fallback cache key > [Introduced](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/1534) in GitLab Runner 13.4. @@ -3273,10 +3050,6 @@ If the artifacts of the job that is set as a dependency are [deleted](../pipelines/job_artifacts.md#delete-job-artifacts), then the dependent job fails. -You can ask your administrator to -[flip this switch](../../administration/job_artifacts.md#validation-for-dependencies) -and bring back the old behavior. - #### `artifacts:exclude` > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15122) in GitLab 13.1 @@ -3318,25 +3091,25 @@ Files matched by [`artifacts:untracked`](#artifactsuntracked) can be excluded us #### `artifacts:expire_in` -Use `expire_in` to specify how long artifacts are active before they -expire and are deleted. - -The expiration time period begins when the artifact is uploaded and -stored on GitLab. If the expiry time is not defined, it defaults to the -[instance wide setting](../../user/admin_area/settings/continuous_integration.md#default-artifacts-expiration) -(30 days by default). - -To override the expiration date and protect artifacts from being automatically deleted: +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16267) in GitLab 13.0 behind a disabled feature flag, the latest job artifacts are kept regardless of expiry time. +> - [Made default behavior](https://gitlab.com/gitlab-org/gitlab/-/issues/229936) in GitLab 13.4. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/241026) in GitLab 13.8, keeping latest job artifacts can be disabled at the project level. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276583) in GitLab 13.9, keeping latest job artifacts can be disabled instance-wide. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321323) in GitLab 13.12, the latest pipeline artifacts are kept regardless of expiry time. -- Use the **Keep** button on the job page. -- Set the value of `expire_in` to `never`. [Available](https://gitlab.com/gitlab-org/gitlab/-/issues/22761) - in GitLab 13.3 and later. +Use `expire_in` to specify how long [job artifacts](../pipelines/job_artifacts.md) are stored before +they expire and are deleted. The `expire_in` setting does not affect: -After their expiry, artifacts are deleted hourly by default (via a cron job), -and are not accessible anymore. +- Artifacts from the latest job, unless this keeping the latest job artifacts is: + - [Disabled at the project level](../pipelines/job_artifacts.md#keep-artifacts-from-most-recent-successful-jobs). + - [Disabled instance-wide](../../user/admin_area/settings/continuous_integration.md#keep-the-latest-artifacts-for-all-jobs-in-the-latest-successful-pipelines). +- [Pipeline artifacts](../pipelines/pipeline_artifacts.md). It's not possible to specify an + expiration date for these: + - Pipeline artifacts from the latest pipeline are kept forever. + - Other pipeline artifacts are erased after one week. -The value of `expire_in` is an elapsed time in seconds, unless a unit is -provided. Examples of valid values: +The value of `expire_in` is an elapsed time in seconds, unless a unit is provided. Valid values +include: - `'42'` - `42 seconds` @@ -3348,7 +3121,7 @@ provided. Examples of valid values: - `3 weeks and 2 days` - `never` -To expire artifacts 1 week after being uploaded: +To expire artifacts one week after being uploaded: ```yaml job: @@ -3356,12 +3129,19 @@ job: expire_in: 1 week ``` -The latest artifacts for refs are locked against deletion, and kept regardless of -the expiry time. [Introduced in](https://gitlab.com/gitlab-org/gitlab/-/issues/16267) -GitLab 13.0 behind a disabled feature flag, and [made the default behavior](https://gitlab.com/gitlab-org/gitlab/-/issues/229936) -in GitLab 13.4. +The expiration time period begins when the artifact is uploaded and stored on GitLab. If the expiry +time is not defined, it defaults to the +[instance wide setting](../../user/admin_area/settings/continuous_integration.md#default-artifacts-expiration) +(30 days by default). -In [GitLab 13.8 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/241026), you can [disable this behavior at the project level in the CI/CD settings](../pipelines/job_artifacts.md#keep-artifacts-from-most-recent-successful-jobs). In [GitLab 13.9 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/276583), you can [disable this behavior instance-wide](../../user/admin_area/settings/continuous_integration.md#keep-the-latest-artifacts-for-all-jobs-in-the-latest-successful-pipelines). +To override the expiration date and protect artifacts from being automatically deleted: + +- Use the **Keep** button on the job page. +- [In GitLab 13.3 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/22761), set the value of + `expire_in` to `never`. + +After their expiry, artifacts are deleted hourly by default (using a cron job), and are not +accessible anymore. #### `artifacts:expose_as` @@ -3612,8 +3392,8 @@ third party ports for other languages like JavaScript, Python, Ruby, and so on. ##### `artifacts:reports:codequality` -> - Introduced in [GitLab Starter](https://about.gitlab.com/pricing/) 11.5. -> - Made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/212499) in GitLab 13.2. +> - Introduced in GitLab 11.5. +> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/212499) to GitLab Free in 13.2. > - Requires GitLab Runner 11.5 and above. The `codequality` report collects [Code Quality issues](../../user/project/merge_requests/code_quality.md) @@ -3865,7 +3645,9 @@ failure. 1. `on_success` (default): Upload artifacts only when the job succeeds. 1. `on_failure`: Upload artifacts only when the job fails. -1. `always`: Always upload artifacts. +1. `always`: Always upload artifacts. Useful, for example, when + [uploading artifacts](../unit_test_reports.md#viewing-junit-screenshots-on-gitlab) required to + troubleshoot failing tests. For example, to upload artifacts only when a job fails: @@ -4472,6 +4254,7 @@ These keywords are supported: - [`ref`](#releaseref) (optional) - [`milestones`](#releasemilestones) (optional) - [`released_at`](#releasereleased_at) (optional) +- [`assets:links`](#releaseassetslinks) (optional) The release is created only if the job processes without error. If the Rails API returns an error during release creation, the `release` job fails. @@ -4680,6 +4463,26 @@ defined. Should be enclosed in quotes and expressed in ISO 8601 format. released_at: '2021-03-15T08:00:00Z' ``` +#### `release:assets:links` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/271454) in GitLab 13.12. + +Include [asset links](../../user/project/releases/index.md#release-assets) in the release. + +NOTE: +Requires `release-cli` version v0.4.0 or higher. + +```yaml +assets: + links: + - name: 'asset1' + url: 'https://example.com/assets/1' + - name: 'asset2' + url: 'https://example.com/assets/2' + filepath: '/pretty/url/1' # optional + link_type: 'other' # optional +``` + #### Complete example for `release` If you combine the previous examples for `release`, you get two options, depending on how you generate the @@ -4706,6 +4509,14 @@ tags. You can't use these options together, so choose one: - 'm2' - 'm3' released_at: '2020-07-15T08:00:00Z' # Optional, is auto generated if not defined, or can use a variable. + assets: # Optional, multiple asset links + links: + - name: 'asset1' + url: 'https://example.com/assets/1' + - name: 'asset2' + url: 'https://example.com/assets/2' + filepath: '/pretty/url/1' # optional + link_type: 'other' # optional ``` - To create a release automatically when commits are pushed or merged to the default branch, @@ -4752,6 +4563,14 @@ tags. You can't use these options together, so choose one: - 'm2' - 'm3' released_at: '2020-07-15T08:00:00Z' # Optional, is auto generated if not defined, or can use a variable. + assets: + links: + - name: 'asset1' + url: 'https://example.com/assets/1' + - name: 'asset2' + url: 'https://example.com/assets/2' + filepath: '/pretty/url/1' # optional + link_type: 'other' # optional ``` #### Release assets as Generic packages @@ -4769,7 +4588,7 @@ You can also call the `release-cli` directly from a `script` entry. For example, if you use the YAML described previously: ```shell -release-cli create --name "Release $CI_COMMIT_SHA" --description "Created using the release-cli $EXTRA_DESCRIPTION" --tag-name "v${MAJOR}.${MINOR}.${REVISION}" --ref "$CI_COMMIT_SHA" --released-at "2020-07-15T08:00:00Z" --milestone "m1" --milestone "m2" --milestone "m3" +release-cli create --name "Release $CI_COMMIT_SHA" --description "Created using the release-cli $EXTRA_DESCRIPTION" --tag-name "v${MAJOR}.${MINOR}.${REVISION}" --ref "$CI_COMMIT_SHA" --released-at "2020-07-15T08:00:00Z" --milestone "m1" --milestone "m2" --milestone "m3" --assets-link "{\"name\":\"asset1\",\"url\":\"https://example.com/assets/1\",\"link_type\":\"other\"} ``` ### `secrets` diff --git a/doc/ci/yaml/script.md b/doc/ci/yaml/script.md index 4fc52995fc1..f4e099c3128 100644 --- a/doc/ci/yaml/script.md +++ b/doc/ci/yaml/script.md @@ -86,7 +86,7 @@ Second command line. When you omit the `>` or `|` block scalar indicators, GitLab concatenates non-empty lines to form the command. Make sure the lines can run when concatenated. -[Shell here documents](https://en.wikipedia.org/wiki/Here_document) work with the +[These documents](https://en.wikipedia.org/wiki/Here_document) work with the `|` and `>` operators as well. The example below transliterates lower case letters to upper case: diff --git a/doc/ci/yaml/visualization.md b/doc/ci/yaml/visualization.md deleted file mode 100644 index ff3b0456eca..00000000000 --- a/doc/ci/yaml/visualization.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: '../pipeline_editor/index.md#visualize-ci-configuration' ---- - -This document was moved to [another location](../pipeline_editor/index.md#visualize-ci-configuration). - -<!-- This redirect file can be deleted after 2021-04-13. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/README.md b/doc/development/README.md index 3b6eb068c13..37d8a8fa570 100644 --- a/doc/development/README.md +++ b/doc/development/README.md @@ -26,7 +26,7 @@ GitLab instance, see the [administration documentation](../administration/index. ## Get started - Set up the GitLab development environment with the - [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/README.md) + [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/README.md) - [GitLab contributing guide](contributing/index.md) - [Issues workflow](contributing/issue_workflow.md) for more information about: - Issue tracker guidelines. @@ -207,6 +207,8 @@ In these cases, use the following workflow: - [Newlines style guide](newlines_styleguide.md) - [Image scaling guide](image_scaling.md) - [Export to CSV](export_csv.md) +- [Cascading Settings](cascading_settings.md) +- [FIPS compliance](fips_compliance.md) ## Performance guides @@ -301,6 +303,6 @@ See [database guidelines](database/index.md). ## Other GitLab Development Kit (GDK) guides -- [Run full Auto DevOps cycle in a GDK instance](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/auto_devops.md) -- [Using GitLab Runner with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/runner.md) -- [Using the Web IDE terminal with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/web_ide_terminal_gdk_setup.md) +- [Run full Auto DevOps cycle in a GDK instance](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/auto_devops.md) +- [Using GitLab Runner with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/runner.md) +- [Using the Web IDE terminal with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/web_ide_terminal_gdk_setup.md) diff --git a/doc/development/agent/local.md b/doc/development/agent/local.md index 670315db3a8..50959b5c450 100644 --- a/doc/development/agent/local.md +++ b/doc/development/agent/local.md @@ -116,7 +116,7 @@ Before performing any of these tests, if you have a `k3s` instance running, make stop it manually before running them. Otherwise, the tests might fail with the message `failed to remove k3s cluster`. -You might need to specify the correct Agent image version that matches the `kas` image version. You can use the `GITLAB_AGENTK_VERSION` local env for this. +You might need to specify the correct Agent image version that matches the `kas` image version. You can use the `GITLAB_AGENTK_VERSION` local environment for this. ### Against `staging` @@ -124,7 +124,7 @@ You might need to specify the correct Agent image version that matches the `kas` [this line](https://gitlab.com/gitlab-org/gitlab/-/blob/5b15540ea78298a106150c3a1d6ed26416109b9d/qa/qa/service/cluster_provider/k3s.rb#L8) and [this line](https://gitlab.com/gitlab-org/gitlab/-/blob/5b15540ea78298a106150c3a1d6ed26416109b9d/qa/qa/service/cluster_provider/k3s.rb#L36). We don't allow local connections on `staging` as they require an admin user. -1. Ensure you don't have an `EE_LICENSE` env var set as this would force an admin login. +1. Ensure you don't have an `EE_LICENSE` environment variable set as this would force an admin login. 1. Go to your GDK root folder and `cd gitlab/qa`. 1. Login with your user in staging and create a group to be used as sandbox. Something like: `username-qa-sandbox`. diff --git a/doc/development/api_graphql_styleguide.md b/doc/development/api_graphql_styleguide.md index 6256610ae6a..e8b71e0509a 100644 --- a/doc/development/api_graphql_styleguide.md +++ b/doc/development/api_graphql_styleguide.md @@ -79,7 +79,7 @@ Requests time out at 30 seconds. ## Breaking changes The GitLab GraphQL API is [versionless](https://graphql.org/learn/best-practices/#versioning) which means -developers must familiarize themselves with our [deprecation cycle of breaking changes](#breaking-changes). +developers must familiarize themselves with our [Deprecation and Removal process](../api/graphql/index.md#deprecation-and-removal-process). Breaking changes are: @@ -770,6 +770,29 @@ argument :title, GraphQL::STRING_TYPE, description: copy_field_description(Types::MergeRequestType, :title) ``` +### Documentation references + +Sometimes we want to refer to external URLs in our descriptions. To make this +easier, and provide proper markup in the generated reference documentation, we +provide a `see` property on fields. For example: + +```ruby +field :genus, + type: GraphQL::STRING_TYPE, + null: true, + description: 'A taxonomic genus.' + see: { 'Wikipedia page on genera' => 'https://wikipedia.org/wiki/Genus' } +``` + +This will render in our documentation as: + +```markdown +A taxonomic genus. See: [Wikipedia page on genera](https://wikipedia.org/wiki/Genus) +``` + +Multiple documentation references can be provided. The syntax for this property +is a `HashMap` where the keys are textual descriptions, and the values are URLs. + ## Authorization See: [GraphQL Authorization](graphql_guide/authorization.md) @@ -867,7 +890,7 @@ The main use case for this is one resolver to find all items, and another to find one specific one. For this, we supply convenience methods: - `BaseResolver.single`, which constructs a new resolver that selects the first item. -- `BaseResolver.last`, with constructs a resolver that selects the last item. +- `BaseResolver.last`, which constructs a resolver that selects the last item. The correct singular type is inferred from the collection type, so we don't have to define the `type` here. @@ -973,7 +996,7 @@ end For this reason, whenever you call a resolver (mainly in tests - as framework abstractions Resolvers should not be considered re-usable, finders are to be preferred), remember to call the `ready?` method and check the boolean flag -before calling `resolve`! An example can be seen in our [`GraphQLHelpers`](https://gitlab.com/gitlab-org/gitlab/-/blob/2d395f32d2efbb713f7bc861f96147a2a67e92f2/spec/support/helpers/graphql_helpers.rb#L20-27). +before calling `resolve`! An example can be seen in our [`GraphqlHelpers`](https://gitlab.com/gitlab-org/gitlab/-/blob/2d395f32d2efbb713f7bc861f96147a2a67e92f2/spec/support/helpers/graphql_helpers.rb#L20-27). ### Look-Ahead @@ -1161,8 +1184,8 @@ are returned as the result of the mutation. The service-oriented architecture in GitLab means that most mutations call a Create, Delete, or Update service, for example `UpdateMergeRequestService`. -For Update mutations, a you might want to only update one aspect of an object, and thus only need a -_fine-grained_ mutation, for example `MergeRequest::SetWip`. +For Update mutations, you might want to only update one aspect of an object, and thus only need a +_fine-grained_ mutation, for example `MergeRequest::SetDraft`. It's acceptable to have both fine-grained mutations and coarse-grained mutations, but be aware that too many fine-grained mutations can lead to organizational challenges in maintainability, code @@ -1258,7 +1281,7 @@ end [input type](https://graphql.org/learn/schema/#input-types). For example, the -[`mergeRequestSetWip` mutation](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/graphql/mutations/merge_requests/set_wip.rb) +[`mergeRequestSetDraft` mutation](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/graphql/mutations/merge_requests/set_draft.rb) defines these arguments (some [through inheritance](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/graphql/mutations/merge_requests/base.rb)): @@ -1271,17 +1294,16 @@ argument :iid, GraphQL::STRING_TYPE, required: true, description: "The IID of the merge request to mutate." -argument :wip, +argument :draft, GraphQL::BOOLEAN_TYPE, required: false, description: <<~DESC - Whether or not to set the merge request as a WIP. - If not passed, the value will be toggled. - DESC + Whether or not to set the merge request as a draft. + DESC ``` These arguments automatically generate an input type called -`MergeRequestSetWipInput` with the 3 arguments we specified and the +`MergeRequestSetDraftInput` with the 3 arguments we specified and the `clientMutationId`. ### Object identifier arguments @@ -1318,7 +1340,7 @@ From here, we can call the service that modifies the resource. The `resolve` method should then return a hash with the same field names as defined on the mutation including an `errors` array. For example, -the `Mutations::MergeRequests::SetWip` defines a `merge_request` +the `Mutations::MergeRequests::SetDraft` defines a `merge_request` field: ```ruby @@ -1356,13 +1378,13 @@ module Types graphql_name "Mutation" - mount_mutation Mutations::MergeRequests::SetWip + mount_mutation Mutations::MergeRequests::SetDraft end end ``` -Generates a field called `mergeRequestSetWip` that -`Mutations::MergeRequests::SetWip` to be resolved. +Generates a field called `mergeRequestSetDraft` that +`Mutations::MergeRequests::SetDraft` to be resolved. ### Authorizing resources @@ -1372,8 +1394,8 @@ To authorize resources inside a mutation, we first provide the required ```ruby module Mutations module MergeRequests - class SetWip < Base - graphql_name 'MergeRequestSetWip' + class SetDraft < Base + graphql_name 'MergeRequestSetDraft' authorize :update_merge_request end diff --git a/doc/development/approval_rules.md b/doc/development/approval_rules.md index 368987eb85f..922a0cd46a2 100644 --- a/doc/development/approval_rules.md +++ b/doc/development/approval_rules.md @@ -7,7 +7,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Approval Rules development guide **(FREE)** This document explains the backend design and flow of all related functionality -about [merge request approval rules](../user/project/merge_requests/merge_request_approvals.md). +about [merge request approval rules](../user/project/merge_requests/approvals/index.md). This should help contributors to understand the code design easier and to also help see if there are parts to improve as the feature and its implementation @@ -87,7 +87,7 @@ The `ApprovalState` model get these records when approval rules are not overwritten. The `protected_branches` attribute is set and used when a rule is scoped to -protected branches. See [Scoped to Protected Branch doc](../user/project/merge_requests/merge_request_approvals.md#scoped-to-protected-branch) +protected branches. See [Approvals for protected branches](../user/project/merge_requests/approvals/rules.md#approvals-for-protected-branches) for more information about the feature. ### `ApprovalMergeRequestRule` diff --git a/doc/development/architecture.md b/doc/development/architecture.md index 5564d0722b0..fdcaa91a639 100644 --- a/doc/development/architecture.md +++ b/doc/development/architecture.md @@ -302,7 +302,7 @@ GitLab can be considered to have two layers from a process perspective: - [Omnibus](https://docs.gitlab.com/omnibus/settings/ssl.html) - [Charts](https://docs.gitlab.com/charts/installation/tls.html) - [Source](../install/installation.md#using-https) - - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/https.md) + - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/https.md) - Layer: Core Service (Processor) - GitLab.com: [Secrets Management](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#secrets-management) @@ -332,7 +332,7 @@ Consul is a tool for service discovery and configuration. Consul is distributed, - [Omnibus](../integration/elasticsearch.md) - [Charts](../integration/elasticsearch.md) - [Source](../integration/elasticsearch.md) - - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/elasticsearch.md) + - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/elasticsearch.md) - Layer: Core Service (Data) - GitLab.com: [Get Advanced Search working on GitLab.com (Closed)](https://gitlab.com/groups/gitlab-org/-/epics/153) epic. @@ -369,9 +369,11 @@ repository updates to secondary nodes. - Configuration: - [Omnibus](../administration/geo/setup/index.md) - [Charts](https://docs.gitlab.com/charts/advanced/geo/) - - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/geo.md) + - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/geo.md) - Layer: Core Service (Processor) +Geo is a premium feature built to help speed up the development of distributed teams by providing one or more read-only mirrors of a primary GitLab instance. This mirror (a Geo secondary site) reduces the time to clone or fetch large repositories and projects, or can be part of a Disaster Recovery solution. + #### GitLab Exporter - [Project page](https://gitlab.com/gitlab-org/gitlab-exporter) @@ -403,7 +405,7 @@ You can use it to sync deployments onto your Kubernetes cluster. - [Omnibus](../administration/pages/index.md) - [Charts](https://gitlab.com/gitlab-org/charts/gitlab/-/issues/37) - [Source](../install/installation.md#install-gitlab-pages) - - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/pages.md) + - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/pages.md) - Layer: Core Service (Processor) - GitLab.com: [GitLab Pages](../user/gitlab_com/index.md#gitlab-pages) @@ -418,7 +420,7 @@ You can use it either for personal or business websites, such as portfolios, doc - [Omnibus](https://docs.gitlab.com/runner/) - [Charts](https://docs.gitlab.com/runner/install/kubernetes.html) - [Source](https://docs.gitlab.com/runner/) - - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/runner.md) + - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/runner.md) - Layer: Core Service (Processor) - GitLab.com: [Runner](../user/gitlab_com/index.md#shared-runners) @@ -507,7 +509,7 @@ Mattermost is an open source, private cloud, Slack-alternative from <https://mat - Configuration: - [Omnibus](https://min.io/download) - [Charts](https://docs.gitlab.com/charts/charts/minio/) - - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/object_storage.md) + - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/object_storage.md) - Layer: Core Service (Data) - GitLab.com: [Storage Architecture](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#storage-architecture) @@ -625,6 +627,8 @@ Redis is packaged to provide a place to store: - temporary cache information - background job queues +See our [Redis guidelines](redis.md) for more information about how GitLab uses Redis. + #### Redis Exporter - [Project page](https://github.com/oliver006/redis_exporter/blob/master/README.md) @@ -644,7 +648,7 @@ Redis is packaged to provide a place to store: - [Omnibus](../update/upgrading_from_source.md#10-install-libraries-migrations-etc) - [Charts](https://docs.gitlab.com/charts/charts/registry/) - [Source](../administration/packages/container_registry.md#enable-the-container-registry) - - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/registry.md) + - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/registry.md) - Layer: Core Service (Processor) - GitLab.com: [GitLab Container Registry](../user/packages/container_registry/index.md#build-and-push-by-using-gitlab-cicd) @@ -729,7 +733,7 @@ disabled by default. - [Omnibus](../administration/auth/ldap/index.md) - [Charts](https://docs.gitlab.com/charts/charts/globals.html#ldap) - [Source](https://gitlab.com/gitlab-org/gitlab/blob/master/config/gitlab.yml.example) - - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/ldap.md) + - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/ldap.md) - Layer: Core Service (Processor) - GitLab.com: [Product Tiers](https://about.gitlab.com/pricing/#gitlab-com) diff --git a/doc/development/audit_event_guide/index.md b/doc/development/audit_event_guide/index.md new file mode 100644 index 00000000000..0bff297f2a0 --- /dev/null +++ b/doc/development/audit_event_guide/index.md @@ -0,0 +1,181 @@ +--- +stage: Manage +group: Compliance +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Audit Event Guide + +This guide provides an overview of how Audit Events work, and how to instrument +new audit events. + +## What are Audit Events? + +Audit Events are a tool for GitLab owners and administrators to view records of important +actions performed across the application. + +## Audit Event Schemas + +To instrument an audit event, the following attributes should be provided: + +| Attribute | Type | Required? | Description | +|:-------------|:---------------------|:----------|:----------------------------------------------------| +| `name` | string | false | Action name to be audited. Used for error tracking | +| `author` | User | true | User who authors the change | +| `scope` | User, Project, Group | true | Scope which the audit event belongs to | +| `target` | Object | true | Target object being audited | +| `ip_address` | IPAddr | false | Request IP address | +| `message` | string | true | Message describing the action | + +## How to instrument new Audit Events + +There are three ways of instrumenting audit events: + +- Create a new class in `ee/lib/ee/audit/` and extend `AuditEventService` +- Call `AuditEventService` after a successful action +- Call `Gitlab::Audit::Auditor.audit` passing an action block + +This inconsistency leads to unexpected bugs, increases maintainer effort, and worsens the +developer experience. Therefore, we suggest you use `Gitlab::Audit::Auditor` to +instrument new audit events. + +With new service, we can instrument audit events in two ways: + +- Using block for multiple events. +- Using standard method call for single events. + +### Using block to record multiple events + +This method is useful when events are emitted deep in the call stack. + +For example, we can record multiple audit events when the user updates a merge +request approval rule. As part of this user flow, we would like to audit changes +to both approvers and approval groups. In the initiating service +(for example, `MergeRequestRuleUpdateService`), we can wrap the `execute` call as follows: + +```ruby +# in the initiating service +audit_context = { + name: 'merge_approval_rule_updated', + author: current_user, + scope: project_alpha, + target: merge_approval_rule, + ip_address: request.remote_ip, + message: 'Attempted to update an approval rule' +} + +Gitlab::Audit::Auditor.audit(audit_context) do + service.execute +end +``` + +In the model (for example, `ApprovalProjectRule`), we can push audit events on model +callbacks (for example, `after_save` or `after_add`). + +```ruby +# in the model +include Auditable + +def audit_add(model) + push_audit_event('Added an approver on Security rule') +end + +def audit_remove(model) + push_audit_event('Removed an approver on Security rule') +end +``` + +Please note that this method does not support actions that are asynchronous, or +span across multiple processes (for example, background jobs). + +### Using standard method call to record single event + +This method allows recording single audit event and involves fewer moving parts. + +```ruby +if merge_approval_rule.save + audit_context = { + name: 'merge_approval_rule_created', + author: current_user, + scope: project_alpha, + target: merge_approval_rule, + ip_address: request.remote_ip, + message: 'Created a new approval rule' + } + + Gitlab::Audit::Auditor.audit(audit_context) +end +``` + +## Audit Event instrumentation flows + +The two ways we can instrument audit events have different flows. + +### Using block to record multiple events + +We wrap the operation block in a `Gitlab::Audit::Auditor` which captures the +initial audit context (that is, `author`, `scope`, `target`, `ip_address`) object that are +available at the time the operation is initiated. + +Extra instrumentation is required in the interacted classes in the chain with +`Auditable` mixin to add audit events to the Audit Event queue via `Gitlab::Audit::EventQueue`. + +The `EventQueue` is stored in a local thread via `SafeRequestStore` and then later +extracted when we record an audit event in `Gitlab::Audit::Auditor`. + +```plantuml +skinparam shadowing false +skinparam BoxPadding 10 +skinparam ParticipantPadding 20 + +participant "Instrumented Class" as A +participant "Audit::Auditor" as A1 #LightBlue +participant "Audit::EventQueue" as B #LightBlue +participant "Interacted Class" as C +participant "AuditEvent" as D + +A->A1: audit <b>{ block } +activate A1 +A1->B: begin! +A1->C: <b>block.call +activate A1 #FFBBBB +activate C +C-->B: push [ message ] +C-->A1: true +deactivate A1 +deactivate C +A1->B: read +activate A1 #FFBBBB +activate B +B-->A1: [ messages ] +deactivate B +A1->D: bulk_insert! +deactivate A1 +A1->B: end! +A1-->A: +deactivate A1 +``` + +### Using standard method call to record single event + +This method has a more straight-forward flow, and does not rely on `EventQueue` +and local thread. + +```plantuml +skinparam shadowing false +skinparam BoxPadding 10 +skinparam ParticipantPadding 20 + +participant "Instrumented Class" as A +participant "Audit::Auditor" as B #LightBlue +participant "AuditEvent" as C + +A->B: audit +activate B +B->C: bulk_insert! +B-->A: +deactivate B +``` + +In addition to recording to the database, we also write these events to +[a log file](../../administration/logs.md#audit_jsonlog). diff --git a/doc/development/avoiding_downtime_in_migrations.md b/doc/development/avoiding_downtime_in_migrations.md index d8981ce0999..6b6c47cfece 100644 --- a/doc/development/avoiding_downtime_in_migrations.md +++ b/doc/development/avoiding_downtime_in_migrations.md @@ -365,6 +365,12 @@ if the application no longer uses the table. Renaming tables requires downtime as an application may continue using the old table name during/after a database migration. +If the table and the ActiveRecord model is not in use yet, removing the old +table and creating a new one is the preferred way to "rename" the table. + +Renaming a table is possible without downtime by following our multi-release +[rename table process](database/rename_database_tables.md#rename-table-without-downtime). + ## Adding Foreign Keys Adding foreign keys usually works in 3 steps: diff --git a/doc/development/cascading_settings.md b/doc/development/cascading_settings.md new file mode 100644 index 00000000000..631de544238 --- /dev/null +++ b/doc/development/cascading_settings.md @@ -0,0 +1,241 @@ +--- +stage: Manage +group: Access +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Cascading Settings + +> Introduced in [GitLab 13.11](https://gitlab.com/gitlab-org/gitlab/-/issues/321724). + +The cascading settings framework allows groups to essentially inherit settings +values from ancestors (parent group on up the group hierarchy) and from +instance-level application settings. The framework also allows settings values +to be enforced on groups lower in the hierarchy. + +Cascading settings can currently only be defined within `NamespaceSetting`, though +the framework may be extended to other objects in the future. + +## Add a new cascading setting + +Settings are not cascading by default. To define a cascading setting, take the following steps: + +1. In the `NamespaceSetting` model, define the new attribute using the `cascading_attr` + helper method. You can use an array to define multiple attributes on a single line. + + ```ruby + class NamespaceSetting + include CascadingNamespaceSettingAttribute + + cascading_attr :delayed_project_removal + end + ``` + +1. Create the database columns. + + You can use the following database migration helper for a completely new setting. + The helper creates four columns, two each in `namespace_settings` and + `application_settings`. + + ```ruby + class AddDelayedProjectRemovalCascadingSetting < ActiveRecord::Migration[6.0] + include Gitlab::Database::MigrationHelpers::CascadingNamespaceSettings + + def up + add_cascading_namespace_setting :delayed_project_removal, :boolean, default: false, null: false + end + + def down + remove_cascading_namespace_setting :delayed_project_removal + end + end + ``` + + Existing settings being converted to a cascading setting will require individual + migrations to add columns and change existing columns. Use the specifications + below to create migrations as required: + + 1. Columns in `namespace_settings` table: + - `delayed_project_removal`: No default value. Null values allowed. Use any column type. + - `lock_delayed_project_removal`: Boolean column. Default value is false. Null values not allowed. + 1. Columns in `application_settings` table: + - `delayed_project_removal`: Type matching for the column created in `namespace_settings`. + Set default value as desired. Null values not allowed. + - `lock_delayed_project_removal`: Boolean column. Default value is false. Null values not allowed. + +## Convenience methods + +By defining an attribute using the `cascading_attr` method, a number of convenience +methods are automatically defined. + +**Definition:** + +```ruby +cascading_attr :delayed_project_removal +``` + +**Convenience Methods Available:** + +- `delayed_project_removal` +- `delayed_project_removal=` +- `delayed_project_removal_locked?` +- `delayed_project_removal_locked_by_ancestor?` +- `delayed_project_removal_locked_by_application_setting?` +- `delayed_project_removal?` (Boolean attributes only) +- `delayed_project_removal_locked_ancestor` (Returns locked namespace settings object [namespace_id]) + +### Attribute reader method (`delayed_project_removal`) + +The attribute reader method (`delayed_project_removal`) returns the correct +cascaded value using the following criteria: + +1. Returns the dirty value, if the attribute has changed. This allows standard + Rails validators to be used on the attribute, though `nil` values *must* be allowed. +1. Return locked ancestor value. +1. Return locked instance-level application settings value. +1. Return this namespace's attribute, if not nil. +1. Return value from nearest ancestor where value is not nil. +1. Return instance-level application setting. + +### `_locked?` method + +By default, the `_locked?` method (`delayed_project_removal_locked?`) returns +`true` if an ancestor of the group or application setting locks the attribute. +It returns `false` when called from the group that locked the attribute. + +When `include_self: true` is specified, it returns `true` when called from the group that locked the attribute. +This would be relevant, for example, when checking if an attribute is locked from a project. + +## Display cascading settings on the frontend + +There are a few Rails view helpers, HAML partials, and JavaScript functions that can be used to display a cascading setting on the frontend. + +### Rails view helpers + +[`cascading_namespace_setting_locked?`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/helpers/namespaces_helper.rb#L86) + +Calls through to the [`_locked?` method](#_locked-method) to check if the setting is locked. + +| Argument | Description | Type | Required (default value) | +|:------------|:---------------------------------------------------------------------------------|:----------------------------------------------------------------------------------|:-------------------------| +| `attribute` | Name of the setting. For example, `:delayed_project_removal`. | `String` or `Symbol` | `true` | +| `group` | Current group. | [`Group`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/group.rb) | `true` | +| `**args` | Additional arguments to pass through to the [`_locked?` method](#_locked-method) | | `false` | + +### HAML partials + +[`_enforcement_checkbox.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/views/shared/namespaces/cascading_settings/_enforcement_checkbox.html.haml) + +Renders the enforcement checkbox. + +| Local | Description | Type | Required (default value) | +|:-----------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-----------------------------------------------------------------------------------------------|:------------------------------------------------| +| `attribute` | Name of the setting. For example, `:delayed_project_removal`. | `String` or `Symbol` | `true` | +| `form` | [Rails FormBuilder object](https://apidock.com/rails/ActionView/Helpers/FormBuilder). | [`ActionView::Helpers::FormBuilder`](https://apidock.com/rails/ActionView/Helpers/FormBuilder) | `true` | +| `setting_locked` | If the setting is locked by an ancestor group or admin setting. Can be calculated with [`cascading_namespace_setting_locked?`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/helpers/namespaces_helper.rb#L86). | `Boolean` | `true` | +| `help_text` | Text shown below the checkbox. | `String` | `false` (Subgroups cannot change this setting.) | + +[`_setting_label_checkbox.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/views/shared/namespaces/cascading_settings/_setting_label_checkbox.html.haml) + +Renders the label for a checkbox setting. + +| Local | Description | Type | Required (default value) | +|:-----------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-----------------------------------------------------------------------------------------------|:-------------------------| +| `attribute` | Name of the setting. For example, `:delayed_project_removal`. | `String` or `Symbol` | `true` | +| `form` | [Rails FormBuilder object](https://apidock.com/rails/ActionView/Helpers/FormBuilder). | [`ActionView::Helpers::FormBuilder`](https://apidock.com/rails/ActionView/Helpers/FormBuilder) | `true` | +| `setting_locked` | If the setting is locked by an ancestor group or admin setting. Can be calculated with [`cascading_namespace_setting_locked?`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/helpers/namespaces_helper.rb#L86). | `Boolean` | `true` | +| `settings_path_helper` | Lambda function that generates a path to the ancestor setting. For example, `settings_path_helper: -> (locked_ancestor) { edit_group_path(locked_ancestor, anchor: 'js-permissions-settings') }` | `Lambda` | `true` | +| `help_text` | Text shown below the checkbox. | `String` | `false` (`nil`) | + +[`_setting_label_fieldset.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/views/shared/namespaces/cascading_settings/_setting_label_fieldset.html.haml) + +Renders the label for a fieldset setting. + +| Local | Description | Type | Required (default value) | +|:-----------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:---------------------|:-------------------------| +| `attribute` | Name of the setting. For example, `:delayed_project_removal`. | `String` or `Symbol` | `true` | +| `setting_locked` | If the setting is locked. Can be calculated with [`cascading_namespace_setting_locked?`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/helpers/namespaces_helper.rb#L86). | `Boolean` | `true` | +| `settings_path_helper` | Lambda function that generates a path to the ancestor setting. For example, `-> (locked_ancestor) { edit_group_path(locked_ancestor, anchor: 'js-permissions-settings') }` | `Lambda` | `true` | +| `help_text` | Text shown below the checkbox. | `String` | `false` (`nil`) | + +[`_lock_popovers.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/b73353e47e283a7d9c9eda5bdedb345dcfb685b6/app/views/shared/namespaces/cascading_settings/_lock_popovers.html.haml) + +Renders the mount element needed to initialize the JavaScript used to display the popover when hovering over the lock icon. This partial is only needed once per page. + +### JavaScript + +[`initCascadingSettingsLockPopovers`](https://gitlab.com/gitlab-org/gitlab/-/blob/b73353e47e283a7d9c9eda5bdedb345dcfb685b6/app/assets/javascripts/namespaces/cascading_settings/index.js#L4) + +Initializes the JavaScript needed to display the popover when hovering over the lock icon (**{lock}**). +This function should be imported and called in the [page-specific JavaScript](fe_guide/performance.md#page-specific-javascript). + +### Put it all together + +```haml +-# app/views/groups/edit.html.haml + += render 'shared/namespaces/cascading_settings/lock_popovers' + +- delayed_project_removal_locked = cascading_namespace_setting_locked?(:delayed_project_removal, @group) +- merge_method_locked = cascading_namespace_setting_locked?(:merge_method, @group) + += form_for @group do |f| + .form-group{ data: { testid: 'delayed-project-removal-form-group' } } + .gl-form-checkbox.custom-control.custom-checkbox + = f.check_box :delayed_project_removal, checked: @group.namespace_settings.delayed_project_removal?, disabled: delayed_project_removal_locked, class: 'custom-control-input' + = render 'shared/namespaces/cascading_settings/setting_label_checkbox', attribute: :delayed_project_removal, + group: @group, + form: f, + setting_locked: delayed_project_removal_locked, + settings_path_helper: -> (locked_ancestor) { edit_group_path(locked_ancestor, anchor: 'js-permissions-settings') }, + help_text: s_('Settings|Projects will be permanently deleted after a 7-day delay. Inherited by subgroups.') do + = s_('Settings|Enable delayed project removal') + = render 'shared/namespaces/cascading_settings/enforcement_checkbox', + attribute: :delayed_project_removal, + group: @group, + form: f, + setting_locked: delayed_project_removal_locked + + %fieldset.form-group + = render 'shared/namespaces/cascading_settings/setting_label_fieldset', attribute: :merge_method, + group: @group, + setting_locked: merge_method_locked, + settings_path_helper: -> (locked_ancestor) { edit_group_path(locked_ancestor, anchor: 'js-permissions-settings') }, + help_text: s_('Settings|Determine what happens to the commit history when you merge a merge request.') do + = s_('Settings|Merge method') + + .gl-form-radio.custom-control.custom-radio + = f.radio_button :merge_method, :merge, class: "custom-control-input", disabled: merge_method_locked + = f.label :merge_method_merge, class: 'custom-control-label' do + = s_('Settings|Merge commit') + %p.help-text + = s_('Settings|Every merge creates a merge commit.') + + .gl-form-radio.custom-control.custom-radio + = f.radio_button :merge_method, :rebase_merge, class: "custom-control-input", disabled: merge_method_locked + = f.label :merge_method_rebase_merge, class: 'custom-control-label' do + = s_('Settings|Merge commit with semi-linear history') + %p.help-text + = s_('Settings|Every merge creates a merge commit.') + + .gl-form-radio.custom-control.custom-radio + = f.radio_button :merge_method, :ff, class: "custom-control-input", disabled: merge_method_locked + = f.label :merge_method_ff, class: 'custom-control-label' do + = s_('Settings|Fast-forward merge') + %p.help-text + = s_('Settings|No merge commits are created.') + + = render 'shared/namespaces/cascading_settings/enforcement_checkbox', + attribute: :merge_method, + group: @group, + form: f, + setting_locked: merge_method_locked +``` + +```javascript +// app/assets/javascripts/pages/groups/edit/index.js + +import { initCascadingSettingsLockPopovers } from '~/namespaces/cascading_settings'; + +initCascadingSettingsLockPopovers(); +``` diff --git a/doc/development/changelog.md b/doc/development/changelog.md index ee80d998c14..6412c303735 100644 --- a/doc/development/changelog.md +++ b/doc/development/changelog.md @@ -48,16 +48,13 @@ the `author` field. GitLab team members **should not**. - Any client-facing change to our REST and GraphQL APIs **must** have a changelog entry. See the [complete list what comprises a GraphQL breaking change](api_graphql_styleguide.md#breaking-changes). - Any change that introduces an [Advanced Search migration](elasticsearch.md#creating-a-new-advanced-search-migration) **must** have a changelog entry. - Performance improvements **should** have a changelog entry. - also require a changelog entry. - _Any_ contribution from a community member, no matter how small, **may** have a changelog entry regardless of these guidelines if the contributor wants one. Example: "Fixed a typo on the search results page." - Any docs-only changes **should not** have a changelog entry. -- Any change behind a feature flag **disabled** by default **should not** have a changelog entry. -- Any change behind a feature flag that is **enabled** by default **should** have a changelog entry. -- Any change that adds new Usage Data metrics and changes that needs to be documented in Product Intelligence [Metrics Dictionary](usage_ping/dictionary.md) **should** have a changelog entry. +- For changes related to feature flags, use [feature flag guide](feature_flags/index.md#changelog) to determine the changelog entry. +- Any change that adds new Usage Data metrics, sets the status of existing ones to `removed`, and changes that need to be documented in Product Intelligence [Metrics Dictionary](usage_ping/dictionary.md) **should** have a changelog entry. - A change that adds snowplow events **should** have a changelog entry - -- A change that [removes a feature flag, or removes a feature and its feature flag](feature_flags/index.md) **must** have a changelog entry. - A fix for a regression introduced and then fixed in the same release (i.e., fixing a bug introduced during a monthly release candidate) **should not** have a changelog entry. diff --git a/doc/development/cicd/cicd_reference_documentation_guide.md b/doc/development/cicd/cicd_reference_documentation_guide.md new file mode 100644 index 00000000000..a05916178a9 --- /dev/null +++ b/doc/development/cicd/cicd_reference_documentation_guide.md @@ -0,0 +1,154 @@ +--- +stage: Verify +group: Continuous Integration +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# CI/CD YAML reference style guide + +The CI/CD YAML reference uses a standard style to make it easier to use and update. + +The reference information should be kept as simple as possible, and expanded details +and examples documented in a separate page. + +## YAML reference structure + +Every YAML keyword must have its own section in the reference. The sections should +be nested so that the keywords follow a logical tree structure. For example: + +```plaintext +### `artifacts` +#### `artifacts:name` +#### `artifacts:paths` +#### `artifacts:reports` +##### `artifacts:reports:dast` +##### `artifacts:reports:sast` +``` + +## YAML reference style + +Each keyword entry in the reference should use the following style: + +````markdown +### `keyword-name` + +> Version information + +Keyword description and main details. + +**Keyword type**: + +**Possible inputs**: + +**Example of `keyword-name`**: + +(optional) In this example... + +(optional) **Additional details**: + +- List of extra details. + +(optional) **Related topics**: + +- List of links to topics related to the keyword. +```` + +- ``### `keyword-name` ``: The keyword name must always be in backticks. + If it is a subkey of another keyword, write out all the keywords, with each separated + by `:`, for example: `artifacts:reports:dast`. + +- ``> Version information``: The [version history details](../documentation/styleguide/index.md#version-text-in-the-version-history). + If the keyword is feature flagged, see the [feature flag documentation guide](../documentation/feature_flags.md) + as well. + +- `Keyword description and main details.`: A simple description of the keyword, and + how to use it. Additional use cases and benefits should be added to a page outside + the reference document. Link to that document in this section. + +- `**Keyword type**:`: Most keywords are defined at the job level, like `script`, + or at the pipeline level, like `stages`. Add the appropriate line: + + - `**Keyword type**: Job keyword. You can use it only as part of a job.` + - `**Keyword type**: Pipeline keyword. You cannot use it as part of a job.` + + If a keyword can be used at both the job and pipeline level, like `variables`, + explain it in detail instead of using the pre-written lines above. + +- `**Possible inputs**:`: Explain in detail which inputs the keyword can accept. + You can add the details in a sentence, paragraph, or list. + +- ``**Example of `keyword-name`**:``: An example configuration that uses the keyword. + Do not add extra keywords that are not required to understand the behavior. + +- (optional) `In this example...`: If the example needs extra details, + add the clarification text below the example. + +- (optional) `**Additional details**:` If there are any caveats or extra details you + want to document along with the keyword, add each one as a list item here. + +- (optional) `**Related topics**:` If there are any other keywords or pages that + relate to this keyword, add these links as list items here. + +### YAML reference style example + +See the [`only:changes` / `except:changes`](../../ci/yaml/README.md#onlychanges--exceptchanges) +documentation for an example of the YAML reference style. The following example is a +shortened version of that documentation's Markdown: + +````markdown +#### `only:changes` / `except:changes` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/19232) in GitLab 11.4. + +Use the `changes` keyword with `only` to run a job, or with `except` to skip a job, +when a Git push event modifies a file. + +Use `changes` in pipelines with the following refs: + +- `branches` +- `external_pull_requests` +- `merge_requests` (see additional details about [using `only:changes` with pipelines for merge requests](../jobs/job_control.md#use-onlychanges-with-pipelines-for-merge-requests)) + +**Keyword type**: Job keyword. You can use it only as part of a job. + +**Possible inputs**: An array including any number of: + +- Paths to files. +- Wildcard paths for single directories, for example `path/to/directory/*`, or a directory + and all its subdirectories, for example `path/to/directory/**/*`. + +**Example of `only:changes`**: + +```yaml +docker build: + script: docker build -t my-image:$CI_COMMIT_REF_SLUG . + only: + refs: + - branches + changes: + - Dockerfile + - docker/scripts/* + - dockerfiles/**/* +``` + +In this example, `docker build` only runs in branch pipelines, and only if at least one of +these files changed: + +- `Dockerfile`. +- Any file in `docker/scripts` +- Any file in `dockerfiles/` or any of its subdirectories. + +**Additional details**: + +- If you use refs other than `branches`, `external_pull_requests`, or `merge_requests`, + `changes` can't determine if a given file is new or old and always returns `true`. +- If you use `only: changes` with other refs, jobs ignore the changes and always run. +- If you use `except: changes` with other refs, jobs ignore the changes and never run. + +**Related topics**: + +- [`only: changes` and `except: changes` examples](../jobs/job_control.md#onlychanges--exceptchanges-examples). +- If you use `changes` with [only allow merge requests to be merged if the pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md#only-allow-merge-requests-to-be-merged-if-the-pipeline-succeeds), + you should [also use `only:merge_requests`](../jobs/job_control.md#use-onlychanges-with-pipelines-for-merge-requests). +- Use `changes` with [scheduled pipelines](../jobs/job_control.md#use-onlychanges-with-scheduled-pipelines). +```` diff --git a/doc/development/cicd/index.md b/doc/development/cicd/index.md index 35c4cc0694e..965ab3610dd 100644 --- a/doc/development/cicd/index.md +++ b/doc/development/cicd/index.md @@ -11,6 +11,9 @@ Development guides that are specific to CI/CD are listed here. If you are creating new CI/CD templates, please read [the development guide for GitLab CI/CD templates](templates.md). +See the [CI/CD YAML reference documentation guide](cicd_reference_documentation_guide.md) +to learn how to update the [reference page](../../ci/yaml/README.md). + ## CI Architecture overview The following is a simplified diagram of the CI architecture. Some details are left out in order to focus on diff --git a/doc/development/cicd/templates.md b/doc/development/cicd/templates.md index fd1456a1676..fc342794919 100644 --- a/doc/development/cicd/templates.md +++ b/doc/development/cicd/templates.md @@ -127,7 +127,7 @@ job2: #### Use `rules` instead of `only` or `except` -Avoid using [`only` or `except`](../../ci/yaml/README.md#onlyexcept-basic) if possible. +Avoid using [`only` or `except`](../../ci/yaml/README.md#only--except) if possible. Only and except is not being developed any more, and [`rules`](../../ci/yaml/README.md#rules) is now the preferred syntax: diff --git a/doc/development/code_review.md b/doc/development/code_review.md index 731fec98933..b91e27b7051 100644 --- a/doc/development/code_review.md +++ b/doc/development/code_review.md @@ -39,7 +39,7 @@ or more [maintainers](https://about.gitlab.com/handbook/engineering/workflow/cod For approvals, we use the approval functionality found in the merge request widget. For reviewers, we use the [reviewer functionality](../user/project/merge_requests/getting_started.md#reviewer) in the sidebar. -Reviewers can add their approval by [approving additionally](../user/project/merge_requests/merge_request_approvals.md#adding-or-removing-an-approval). +Reviewers can add their approval by [approving additionally](../user/project/merge_requests/approvals/index.md#approve-a-merge-request). Getting your merge request **merged** also requires a maintainer. If it requires more than one approval, the last maintainer to review and approve merges it. @@ -101,7 +101,7 @@ with [domain expertise](#domain-experts). 1. If your merge request includes frontend changes (*1*), it must be **approved by a [frontend maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab_maintainers_frontend)**. 1. If your merge request includes user-facing changes (*3*), it must be - **approved by a [Product Designer](https://about.gitlab.com/handbook/engineering/ux/product-design/)**, + **approved by a [Product Designer](https://about.gitlab.com/handbook/engineering/projects/#gitlab_reviewers_UX)**, based on assignments in the appropriate [DevOps stage group](https://about.gitlab.com/handbook/product/categories/#devops-stages). 1. If your merge request includes adding a new JavaScript library (*1*)... - If the library significantly increases the @@ -114,8 +114,8 @@ with [domain expertise](#domain-experts). 1. If your merge request includes a new dependency or a file system change, it must be **approved by a [Distribution team member](https://about.gitlab.com/company/team/)**. See how to work with the [Distribution team](https://about.gitlab.com/handbook/engineering/development/enablement/distribution/#how-to-work-with-distribution) for more details. 1. If your merge request includes documentation changes, it must be **approved - by a [Technical writer](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments)**, based on - the appropriate [product category](https://about.gitlab.com/handbook/product/categories/). + by a [Technical writer](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments)**, + based on assignments in the appropriate [DevOps stage group](https://about.gitlab.com/handbook/product/categories/#devops-stages). 1. If your merge request includes end-to-end **and** non-end-to-end changes (*4*), it must be **approved by a [Software Engineer in Test](https://about.gitlab.com/handbook/engineering/quality/#individual-contributors)**. 1. If your merge request only includes end-to-end changes (*4*) **or** if the MR author is a [Software Engineer in Test](https://about.gitlab.com/handbook/engineering/quality/#individual-contributors), it must be **approved by a [Quality maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab_maintainers_qa)** @@ -299,8 +299,10 @@ first time. of your shiny new branch, read through the entire diff. Does it make sense? Did you include something unrelated to the overall purpose of the changes? Did you forget to remove any debugging code? -- Consider providing instructions on how to test the merge request. This can be - helpful for reviewers not familiar with the product feature or area of the codebase. +- Write a detailed description as outlined in the [merge request guidelines](contributing/merge_request_workflow.md#merge-request-guidelines). + Some reviewers may not be familiar with the product feature or area of the + codebase. Thorough descriptions help all reviewers understand your request + and test effectively. - If you know your change depends on another being merged first, note it in the description and set an [merge request dependency](../user/project/merge_requests/merge_request_dependencies.md). - Be grateful for the reviewer's suggestions. (`Good call. I'll make that change.`) @@ -371,6 +373,9 @@ if necessary. If blocked by one or more open MRs, set an [MR dependency](../user "Looks good to me", or "Just a couple things to address." - Let the author know if changes are required following your review. +WARNING: +**If the merge request is from a fork, also check the [additional guidelines for community contributions](#community-contributions).** + ### Merging a merge request Before taking the decision to merge: @@ -385,7 +390,7 @@ If a merge request is fundamentally ready, but needs only trivial fixes (such as typos), consider demonstrating a [bias for action](https://about.gitlab.com/handbook/values/#bias-for-action) by making those changes directly without going back to the author. You can do this by -using the [suggest changes](../user/discussions/index.md#suggest-changes) feature to apply +using the [suggest changes](../user/project/merge_requests/reviews/suggestions.md) feature to apply your own suggestions to the merge request. Note that: - If the changes are not straightforward, please prefer allowing the author to make the change. @@ -399,6 +404,9 @@ your own suggestions to the merge request. Note that: When ready to merge: +WARNING: +**If the merge request is from a fork, also check the [additional guidelines for community contributions](#community-contributions).** + - Consider using the [Squash and merge](../user/project/merge_requests/squash_and_merge.md#squash-and-merge) feature when the merge request has a lot of commits. @@ -407,17 +415,6 @@ When ready to merge: messy commit history, it will be more efficient to squash commits instead of circling back with the author about that. Otherwise, if the MR only has a few commits, we'll be respecting the author's setting by not squashing them. - -WARNING: -**If the merge request is from a fork, review all changes thoroughly for malicious code before -starting a [Pipeline for Merged Results](../ci/merge_request_pipelines/index.md#run-pipelines-in-the-parent-project-for-merge-requests-from-a-forked-project).** -Pay particular attention to new dependencies and dependency updates, such as Ruby gems and Node packages. -While changes to files like `Gemfile.lock` or `yarn.lock` might appear trivial, they could lead to the -fetching of malicious packages. -If the MR source branch is more than 100 commits behind the target branch, ask the author to rebase it. -Review links and images, especially in documentation MRs. -When in doubt, ask someone from `@gitlab-com/gl-security/appsec` to review the merge request **before starting any merge request pipeline**. - - Start a new merge request pipeline with the `Run pipeline` button in the merge request's "Pipelines" tab, and enable "Merge When Pipeline Succeeds" (MWPS). Note that: @@ -430,6 +427,10 @@ When in doubt, ask someone from `@gitlab-com/gl-security/appsec` to review the m enough to `master`. - When you set the MR to "Merge When Pipeline Succeeds", you should take over subsequent revisions for anything that would be spotted after that. +- For merge requests that have had [Squash and + merge](../user/project/merge_requests/squash_and_merge.md#squash-and-merge) set, + the squashed commit’s default commit message is taken from the merge request title. + You're encouraged to [select a commit with a more informative commit message](../user/project/merge_requests/squash_and_merge.md#overview) before merging. Thanks to **Pipeline for Merged Results**, authors no longer have to rebase their branch as frequently anymore (only when there are conflicts) because the Merge @@ -439,6 +440,45 @@ for a final rebase: instead, they only have to start a MR pipeline and set MWPS. This step brings us very close to the actual Merge Trains feature by testing the Merge Results against the latest `master` at the time of the pipeline creation. +### Community contributions + +WARNING: +**Review all changes thoroughly for malicious code before starting a +[Pipeline for Merged Results](../ci/merge_request_pipelines/index.md#run-pipelines-in-the-parent-project-for-merge-requests-from-a-forked-project).** + +When reviewing merge requests added by wider community contributors: + +- Pay particular attention to new dependencies and dependency updates, such as Ruby gems and Node packages. + While changes to files like `Gemfile.lock` or `yarn.lock` might appear trivial, they could lead to the + fetching of malicious packages. +- Review links and images, especially in documentation MRs. +- When in doubt, ask someone from `@gitlab-com/gl-security/appsec` to review the merge request **before manually starting any merge request pipeline**. + +If the MR source branch is more than 1,000 commits behind the target branch: + +- Ask the author to rebase it, or consider taking a bias-for-action and rebasing it yourself + if the MR has "Allows commits from members who can merge to the target branch" enabled. +- Reviewing MRs in the context of recent changes can help prevent hidden runtime conflicts and + promote consistency. Depending on the nature of the change, you might also want to rebase if the + MR is less than 1,000 commits behind. +- A forced push could throw off the contributor, so it's a good idea to communicate that you've performed a rebase, + or check with the contributor first when they're actively working on the MR. +- The rebase can usually be done inside GitLab with the `/rebase` [quick action](../user/project/quick_actions.md). + +When an MR needs further changes but the author is not responding for a long period of time, +or unable to finish the MR, we can take it over in accordance with our +[Closing policy for issues and merge requests](contributing/#closing-policy-for-issues-and-merge-requests): + +1. Add a comment to their MR saying you'll take it over to be able to get it merged. +1. Add the label `~"coach will finish"` to their MR. +1. Create a new feature branch from the main branch. +1. Merge their branch into your new feature branch. +1. Open a new merge request to merge your feature branch into the main branch. +1. Link the community MR from your MR and label it as `~"Community contribution"`. +1. Make any necessary final adjustments and ping the contributor to give them the chance to review your changes, and to make them aware that their content is being merged into the main branch. +1. Make sure the content complies with all the merge request guidelines. +1. Follow the regular review process as we do for any merge request. + ### The right balance One of the most difficult things during code review is finding the right @@ -519,8 +559,9 @@ Enterprise Edition instance. This has some implications: 1. Try to avoid that, and add to `ApplicationSetting` instead. 1. Ensure that it is also [added to Omnibus](https://docs.gitlab.com/omnibus/settings/gitlab.yml.html#adding-a-new-setting-to-gitlab-yml). -1. **File system access** can be slow, so try to avoid - [shared files](shared_files.md) when an alternative solution is available. +1. **File system access** is not possible in a [cloud-native architecture](architecture.md#adapting-existing-and-introducing-new-components). + Ensure that we support object storage for any file storage we need to perform. For more + information, see the [uploads documentation](uploads.md). ### Review turnaround time diff --git a/doc/development/contributing/index.md b/doc/development/contributing/index.md index 227923b324e..26a32464041 100644 --- a/doc/development/contributing/index.md +++ b/doc/development/contributing/index.md @@ -123,7 +123,7 @@ The general flow of contributing to GitLab is: 1. [Create a fork](../../user/project/repository/forking_workflow.md#creating-a-fork) of GitLab. In some cases, you will want to set up the [GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit) to - [develop against your fork](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/index.md#develop-in-your-own-gitlab-fork). + [develop against your fork](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/index.md#develop-in-your-own-gitlab-fork). 1. Make your changes in your fork. 1. When you're ready, [create a new merge request](../../user/project/merge_requests/creating_merge_requests.md). 1. In the merge request's description: @@ -152,7 +152,7 @@ Keep the following in mind when submitting merge requests: reviewer will have reservations about the code's overall quality. When there is a reservation, the reviewer will inform the author and provide some guidance. - Though GitLab generally allows anyone to indicate - [approval](../../user/project/merge_requests/merge_request_approvals.md) of merge requests, the + [approval](../../user/project/merge_requests/approvals/index.md) of merge requests, the maintainer may require [approvals from certain reviewers](../code_review.md#approval-guidelines) before merging a merge request. - After review, the author may be asked to update the merge request. Once the merge request has been diff --git a/doc/development/contributing/issue_workflow.md b/doc/development/contributing/issue_workflow.md index c505b8cf467..dfabeca34ce 100644 --- a/doc/development/contributing/issue_workflow.md +++ b/doc/development/contributing/issue_workflow.md @@ -358,7 +358,7 @@ code snippet right after your description in a new line: `~feature`. Please keep feature proposals as small and simple as possible, complex ones might be edited to make them small and simple. -Please submit Feature Proposals using the ['Feature Proposal' issue template](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/issue_templates/Feature%20proposal.md) provided on the issue tracker. +Please submit Feature Proposals using the ['Feature Proposal' issue template](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/issue_templates/Feature%20proposal%20-%20detailed.md) provided on the issue tracker. For changes in the interface, it is helpful to include a mockup. Issues that add to, or change, the interface should be given the ~"UX" label. This will allow the UX team to provide input and guidance. You may diff --git a/doc/development/contributing/merge_request_workflow.md b/doc/development/contributing/merge_request_workflow.md index 32b0ff45847..922bc52773b 100644 --- a/doc/development/contributing/merge_request_workflow.md +++ b/doc/development/contributing/merge_request_workflow.md @@ -78,8 +78,7 @@ request is as follows: 1. If your MR touches code that executes shell commands, reads or opens files, or handles paths to files on disk, make sure it adheres to the [shell command guidelines](../shell_commands.md) -1. If your code creates new files on disk please read the - [shared files guidelines](../shared_files.md). +1. If your code needs to handle file storage, see the [uploads documentation](../uploads.md). 1. If your merge request adds one or more migrations, make sure to execute all migrations on a fresh database before the MR is reviewed. If the review leads to large changes in the MR, execute the migrations again once the review is complete. @@ -251,6 +250,8 @@ requirements. with any questions. 1. The new feature does not degrade the user experience of the product. +Contributions do not require approval from the [Product team](https://about.gitlab.com/handbook/product/product-processes/#gitlab-pms-arent-the-arbiters-of-community-contributions). + ## Dependencies If you add a dependency in GitLab (such as an operating system package) please diff --git a/doc/development/contributing/style_guides.md b/doc/development/contributing/style_guides.md index 444a067a780..20e47b501e6 100644 --- a/doc/development/contributing/style_guides.md +++ b/doc/development/contributing/style_guides.md @@ -100,6 +100,9 @@ Our codebase style is defined and enforced by [RuboCop](https://github.com/ruboc You can check for any offenses locally with `bundle exec rubocop --parallel`. On the CI, this is automatically checked by the `static-analysis` jobs. +In addition, you can [integrate RuboCop](../developing_with_solargraph.md) into +supported IDEs using the [Solargraph](https://github.com/castwide/solargraph) gem. + For RuboCop rules that we have not taken a decision on yet, we follow the [Ruby Style Guide](https://github.com/rubocop-hq/ruby-style-guide), [Rails Style Guide](https://github.com/rubocop-hq/rails-style-guide), and diff --git a/doc/development/creating_enums.md b/doc/development/creating_enums.md index 1a72d99112f..301c6031d28 100644 --- a/doc/development/creating_enums.md +++ b/doc/development/creating_enums.md @@ -53,7 +53,7 @@ module Enums end end -Enums::Pipeline.prepend_if_ee('EE::Enums::Pipeline') +Enums::Pipeline.prepend_mod_with('Enums::Pipeline') ``` ```ruby diff --git a/doc/development/database/index.md b/doc/development/database/index.md index 01f6753e7a0..b61a71ffb8e 100644 --- a/doc/development/database/index.md +++ b/doc/development/database/index.md @@ -60,6 +60,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w - [Updating multiple values](setting_multiple_values.md) - [Constraints naming conventions](constraint_naming_convention.md) - [Query performance guidelines](../query_performance.md) +- [Pagination guidelines](pagination_guidelines.md) + - [Pagination performance guidelines](pagination_performance_guidelines.md) ## Case studies diff --git a/doc/development/database/pagination_guidelines.md b/doc/development/database/pagination_guidelines.md new file mode 100644 index 00000000000..aa3915cd4b6 --- /dev/null +++ b/doc/development/database/pagination_guidelines.md @@ -0,0 +1,315 @@ +--- +stage: Enablement +group: Database +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Pagination guidelines + +This document gives an overview of the current capabilities and provides best practices for paginating over data in GitLab, and in particular for PostgreSQL. + +## Why do we need pagination? + +Pagination is a popular technique to avoid loading too much data in one web request. This usually happens when we render a list of records. A common scenario is visualizing parent-children relations (has many) on the UI. + +Example: listing issues within a project + +As the number of issues grows within the project, the list gets longer. To render the list, the backend does the following: + +1. Loads the records from the database, usually in a particular order. +1. Serializes the records in Ruby. Build Ruby (ActiveRecord) objects and then build a JSON or HTML string. +1. Sends the response back to the browser. +1. The browser renders the content. + +We have two options for rendering the content: + +- HTML: backend deals with the rendering (HAML template). +- JSON: the client (client-side JavaScript) transforms the payload into HTML. + +Rendering long lists can significantly affect both the frontend and backend performance: + +- The database will need to read a lot of data from the disk. +- The result of the query (records) will eventually be transformed to Ruby objects which increases memory allocation. +- Large responses will take more time to send over the wire, to the user's browser. +- Rendering long lists might freeze the browser (bad user experience). + +With pagination, the data is split into equal pieces (pages). On the first visit, the user receives only a limited number of items (page size). The user can see more items by paginating forward which results in a new HTTP request and a new database query. + + + +## General guidelines for paginating + +### Pick the right approach + +Let the database handle the pagination, filtering, and data retrieval. Implementing in-memory pagination on the backend (`paginate_array` from kaminari) or on the frontend (JavaScript) might work for a few hundreds of records. If application limits are not defined, things can get out of control quickly. + +### Reduce complexity + +When we list records on the page we often provide additional filters and different sort options. This can complicate things on the backend side significantly. + +For the MVC version, consider the following: + +- Reduce the number of sort options to the minimum. +- Reduce the number of filters (dropdown, search bar) to the minimum. + +To make sorting and pagination efficient, for each sort option we need at least two database indexes (ascending, descending order). If we add filter options (by state or by author), we might need more indexes to maintain good performance. Note that indexes are not free, they can significantly affect the `UPDATE` query timings. + +It's not possible to make all filter and sort combinations performant, so we should try optimizing the performance by usage patterns. + +### Prepare for scaling + +Offset-based pagination is the easiest way to paginate over records, however, it does not scale well for large tables. As a long-term solution, keyset pagination is preferred. The tooling around keyset pagination is not as mature as for offset pagination so currently, it's easier to start with offset pagination and then switch to keyset pagination. + +To avoid losing functionality and maintaining backward compatibility when switching pagination methods, it's advised to consider the following approach in the design phase: + +- Avoid presenting total counts, prefer limit counts. + - Example: count maximum 1001 records, and then on the UI show 1000+ if the count is 1001, show the actual number otherwise. + - See the [badge counters approach](../merge_request_performance_guidelines.md#badge-counters) for more information. +- Avoid using page numbers, use next and previous page buttons. + - Keyset pagination doesn't support page numbers. +- For APIs, advise against building URLs for the next page by "hand". + - Promote the usage of the [`Link` header](../../api/README.md#pagination-link-header) where the URLs for the next and previous page are provided by the backend. + - This way changing the URL structure is possible without breaking backward compatibility. + +NOTE: +Infinite scroll can use keyset pagination without affecting the user experience since there are no exposed page numbers. + +## Options for pagination + +### Offset pagination + +The most common way to paginate lists is using offset-based pagination (UI and REST API). It's backed by the popular [kaminari](https://github.com/kaminari/kaminari) Ruby gem, which provides convenient helper methods to implement pagination on ActiveRecord queries. + +Offset-based pagination is leveraging the `LIMIT` and `OFFSET` SQL clauses to take out a specific slice from the table. + +Example database query when looking for the 2nd page of the issues within our project: + +```sql +SELECT issues.* FROM issues WHERE project_id = 1 ORDER BY id LIMIT 20 OFFSET 20 +``` + +1. Move an imaginary pointer over the table rows and skip 20 rows. +1. Take the next 20 rows. + +Notice that the query also orders the rows by the primary key (`id`). When paginating data, specifying the order is very important. Without it, the returned rows are non-deterministic and can confuse the end-user. + +#### Page numbers + +Example pagination bar: + + + +The kaminari gem renders a nice pagination bar on the UI with page numbers and optionally quick shortcuts the next, previous, first, and last page buttons. To render these buttons, kaminari needs to know the number of rows, and for that, a count query is executed. + +```sql +SELECT COUNT(*) FROM issues WHERE project_id = 1 +``` + +#### Performance + +##### Index coverage + +To achieve the good performance, the `ORDER BY` clause needs to be covered by an index. + +Assuming that we have the following index: + +```sql +CREATE INDEX index_on_issues_project_id ON issues (project_id); +``` + +Let's try to request the first page: + +```sql +SELECT issues.* FROM issues WHERE project_id = 1 ORDER BY id LIMIT 20; +``` + +We can produce the same query in Rails: + +```ruby +Issue.where(project_id: 1).page(1).per(20) +``` + +The SQL query will return a maximum of 20 rows from the database. However, it doesn't mean that the database will only read 20 rows from the disk to produce the result. + +This is what will happen: + +1. The database will try to plan the execution in the most efficient way possible based on the table statistics and the available indexes. +1. The planner knows that we have an index covering the `project_id` column. +1. The database will read all rows using the index on `project_id`. +1. The rows at this point are not sorted, so the database will need to sort the rows. +1. The database returns the first 20 rows. + +In case the project has 10_000 rows, the database will read 10_000 rows and sort them in memory (or on disk). This is not going to scale well in the long term. + +To fix this we need the following index: + +```sql +CREATE INDEX index_on_issues_project_id ON issues (project_id, id); +``` + +By making the `id` column part of the index, the previous query will read maximum 20 rows. The query will perform well regardless of the number of issues within a project. So with this change, we've also improved the initial page load (when the user loads the issue page). + +NOTE: +Here we're leveraging the ordered property of the b-tree database index. Values in the index are sorted so reading 20 rows will not require further sorting. + +#### Limitations + +##### `COUNT(*)` on a large dataset + +Kaminari by default executes a count query to determine the number of pages for rendering the page links. Count queries can be quite expensive for a large table, in an unfortunate scenario the queries will simply time out. + +To work around this, we can run kaminari without invoking the count SQL query. + +```ruby +Issue.where(project_id: 1).page(1).per(20).without_count +``` + +In this case, the count query will not be executed and the pagination will no longer render the page numbers. We'll see only the next and previous links. + +##### `OFFSET` on a large dataset + +When we paginate over a large dataset, we might notice that the response time will get slower and slower. This is due to the `OFFSET` clause that seeks through the rows and skips N rows. + +From the user point of view, this might not be always noticeable. As the user paginates forward, the previous rows might be still in the buffer cache of the database. If the user shares the link with someone else and it's opened after a few minutes or hours, the response time might be significantly higher or it would even time out. + +When requesting a large page number, the database needs to read `PAGE * PAGE_SIZE` rows. This makes offset pagination **unsuitable for large database tables**. + +Example: listing users on the Admin page + +Listing users with a very simple SQL query: + +```sql +SELECT "users".* FROM "users" ORDER BY "users"."id" DESC LIMIT 20 OFFSET 0 +``` + +The query execution plan shows that this query is efficient, the database only read 20 rows from the database (`rows=20`): + +```plaintext + Limit (cost=0.43..3.19 rows=20 width=1309) (actual time=0.098..2.093 rows=20 loops=1) + Buffers: shared hit=103 + -> Index Scan Backward using users_pkey on users (cost=0.43..X rows=X width=1309) (actual time=0.097..2.087 rows=20 loops=1) + Buffers: shared hit=103 + Planning Time: 0.333 ms + Execution Time: 2.145 ms +(6 rows) +``` + +See the [Understanding EXPLAIN plans](../understanding_explain_plans.md) to find more information about reading execution plans. + +Let's visit the 50_000th page: + +```sql +SELECT "users".* FROM "users" ORDER BY "users"."id" DESC LIMIT 20 OFFSET 999980; +``` + +The plan shows that the database reads 1_000_000 rows to return 20 rows, with a very high execution time (5.5 seconds): + +```plaintext +Limit (cost=137878.89..137881.65 rows=20 width=1309) (actual time=5523.588..5523.667 rows=20 loops=1) + Buffers: shared hit=1007901 read=14774 written=609 + I/O Timings: read=420.591 write=57.344 + -> Index Scan Backward using users_pkey on users (cost=0.43..X rows=X width=1309) (actual time=0.060..5459.353 rows=1000000 loops=1) + Buffers: shared hit=1007901 read=14774 written=609 + I/O Timings: read=420.591 write=57.344 + Planning Time: 0.821 ms + Execution Time: 5523.745 ms +(8 rows) +``` + +We can argue that a normal user will not be going to visit these pages, however, API users could easily navigate to very high page numbers (scraping, collecting data). + +### Keyset pagination + +Keyset pagination addresses the performance concerns of "skipping" previous rows when requesting a large page, however, it's not a drop-in replacement for offset-based pagination. Keyset pagination is used only in the [GraphQL API](../graphql_guide/pagination.md) + +Consider the following `issues` table: + +|`id`|`project_id`| +|-|-| +|1|1| +|2|1| +|3|2| +|4|1| +|5|1| +|6|2| +|7|2| +|8|1| +|9|1| +|10|2| + +Let's paginate over the whole table ordered by the primary key (`id`). The query for the first page is the same as the offset pagination query, for simplicity, we use 5 as the page size: + +```sql +SELECT "issues".* FROM "issues" ORDER BY "issues"."id" ASC LIMIT 5 +``` + +Notice that we didn't add the `OFFSET` clause. + +To get to the next page, we need to extract values that are part of the `ORDER BY` clause from the last row. In this case, we just need the `id`, which is 5. Now we construct the query for the next page: + +```sql +SELECT "issues".* FROM "issues" WHERE "issues"."id" > 5 ORDER BY "issues"."id" ASC LIMIT 5 +``` + +Looking at the query execution plan, we can see that this query read only 5 rows (offset-based pagination would read 10 rows): + +```plaintext + Limit (cost=0.56..2.08 rows=5 width=1301) (actual time=0.093..0.137 rows=5 loops=1) + -> Index Scan using issues_pkey on issues (cost=0.56..X rows=X width=1301) (actual time=0.092..0.136 rows=5 loops=1) + Index Cond: (id > 5) + Planning Time: 7.710 ms + Execution Time: 0.224 ms +(5 rows) +``` + +#### Limitations + +##### No page numbers + +Offset pagination provides an easy way to request a specific page. We can simply edit the URL and modify the `page=` URL parameter. Keyset pagination cannot provide page numbers because the paging logic might depend on different columns. + +In the previous example, the column is the `id`, so we might see something like this in the `URL`: + +```plaintext +id_after=5 +``` + +In GraphQL, the parameters are serialized to JSON and then encoded: + +```plaintext +eyJpZCI6Ijk0NzMzNTk0IiwidXBkYXRlZF9hdCI6IjIwMjEtMDQtMDkgMDg6NTA6MDUuODA1ODg0MDAwIFVUQyJ9 +``` + +NOTE: +Pagination parameters will be visible to the user, so we need to be careful about which columns we order by. + +Keyset pagination can only provide the next, previous, first, and last pages. + +##### Complexity + +Building queries when we order by a single column is very easy, however, things get more complex if tie-breaker or multi-column ordering is used. The complexity increases if the columns are nullable. + +Example: ordering by `id` and `created_at` where `created_at` is nullable, query for getting the second page: + +```sql +SELECT "issues".* +FROM "issues" +WHERE (("issues"."id" > 99 + AND "issues"."created_at" = '2021-02-16 11:26:17.408466') + OR ("issues"."created_at" > '2021-02-16 11:26:17.408466') + OR ("issues"."created_at" IS NULL)) +ORDER BY "issues"."created_at" DESC NULLS LAST, "issues"."id" DESC +LIMIT 20 +``` + +##### Tooling + +Using keyset pagination outside of GraphQL is not straightforward. We have the low-level blocks for building keyset pagination database queries, however, the usage in application code is still not streamlined yet. + +#### Performance + +Keyset pagination provides stable performance regardless of the number of pages we moved forward. To achieve this performance, the paginated query needs an index that covers all the columns in the `ORDER BY` clause, similarly to the offset pagination. + +### General performance guidelines + +See the [pagination general performance guidelines page](pagination_performance_guidelines.md). diff --git a/doc/development/database/pagination_performance_guidelines.md b/doc/development/database/pagination_performance_guidelines.md new file mode 100644 index 00000000000..ade1e853027 --- /dev/null +++ b/doc/development/database/pagination_performance_guidelines.md @@ -0,0 +1,325 @@ +--- +stage: Enablement +group: Database +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Pagination performance guidelines + +The following document gives a few ideas for improving the pagination (sorting) performance. These apply both on [offset](pagination_guidelines.md#offset-pagination) and [keyset](pagination_guidelines.md#keyset-pagination) paginations. + +## Tie-breaker column + +When ordering the columns it's advised to order by distinct columns only. Consider the following example: + +|`id`|`created_at`| +|-|-| +|1|2021-01-04 14:13:43| +|2|2021-01-05 19:03:12| +|3|2021-01-05 19:03:12| + +If we order by `created_at`, the result would likely depend on how the records are located on the disk. + +Using the tie-breaker column is advised when the data is exposed via a well defined interface and its consumed +by an automated process, such as an API. Without the tie-breaker column, the order of the rows could change +(data is re-imported) which could cause problems that are hard to debug, such as: + +- An integration comparing the rows to determine changes breaks. +- E-tag cache values change, which requires a complete re-download. + +```sql +SELECT issues.* FROM issues ORDER BY created_at; +``` + +We can fix this by adding a second column to `ORDER BY`: + +```sql +SELECT issues.* FROM issues ORDER BY created_at, id; +``` + +This change makes the order distinct so we have "stable" sorting. + +NOTE: +To make the query efficient, we need an index covering both columns: `(created_at, id)`. The order of the columns **should match** the columns in the `ORDER BY` clause. + +## Ordering by joined table column + +Oftentimes, we want to order the data by a column on a joined database table. The following example orders `issues` records by the `first_mentioned_in_commit_at` metric column: + +```sql +SELECT issues.* FROM issues +INNER JOIN issue_metrics on issue_metrics.issue_id=issues.id +WHERE issues.project_id = 2 +ORDER BY issue_metrics.first_mentioned_in_commit_at DESC, issues.id DESC +LIMIT 20 +OFFSET 0 +``` + +With PostgreSQL version 11, the planner will first look up all issues matching the `project_id` filter and then join all `issue_metrics` rows. The ordering of rows will happen in memory. In case the joined relation is always present (1:1 relationship), the database will read `N * 2` rows where N is the number of rows matching the `project_id` filter. + +For performance reasons, we should avoid mixing columns from different tables when specifying the `ORDER BY` clause. + +In this particular case there is no simple way (like index creation) to improve the query. We might think that changing the `issues.id` column to `issue_metrics.issue_id` will help, however, this will likely make the query perform worse because it might force the database to process all rows in the `issue_metrics` table. + +One idea to address this problem is denormalization. Adding the `project_id` column to the `issue_metrics` table will make the filtering and sorting efficient: + +```sql +SELECT issues.* FROM issues +INNER JOIN issue_metrics on issue_metrics.issue_id=issues.id +WHERE issue_metrics.project_id = 2 +ORDER BY issue_metrics.first_mentioned_in_commit_at DESC, issue_metrics.issue_id DESC +LIMIT 20 +OFFSET 0 +``` + +NOTE: +The query will require an index on `issue_metrics` table with the following column configuration: `(project_id, first_mentioned_in_commit_at DESC, issue_id DESC)`. + +## Filtering + +### By project + +Filtering by a project is a very common use case since we have many features on the project level. Examples: merge requests, issues, boards, iterations. + +These features will have a filter on `project_id` in their base query. Loading issues for a project: + +```ruby +project = Project.find(5) + +# order by internal id +issues = project.issues.order(:iid).page(1).per(20) +``` + +To make the base query efficient, there is usually a database index covering the `project_id` column. This significantly reduces the number of rows the database needs to scan. Without the index, the whole `issues` table would be read (full table scan) by the database. + +Since `project_id` is a foreign key, we might have the following index available: + +```sql +"index_issues_on_project_id" btree (project_id) +``` + +GitLab 13.11 has the following index definition on the `issues` table: + +```sql +"index_issues_on_project_id_and_iid" UNIQUE, btree (project_id, iid) +``` + +This index fully covers the database query and the pagination. + +### By group + +Unfortunately, there is no efficient way to sort and paginate on the group level. The database query execution time will increase based on the number of records in the group. + +Things get worse when group level actually means group and its subgroups. To load the first page, the database needs to look up the group hierarchy, find all projects and then look up all issues. + +The main reason behind the inefficient queries on the group level is the way our database schema is designed; our core domain models are associated with a project, and projects are associated with groups. This doesn't mean that the database structure is bad, it's just in a well-normalized form that is not optimized for efficient group level queries. We might need to look into denormalization in the long term. + +Example: List issues in a group + +```ruby +group = Group.find(9970) + +Issue.where(project_id: group.projects).order(:iid).page(1).per(20) +``` + +The generated SQL query: + +```sql +SELECT "issues".* +FROM "issues" +WHERE "issues"."project_id" IN + (SELECT "projects"."id" + FROM "projects" + WHERE "projects"."namespace_id" = 5) +ORDER BY "issues"."iid" ASC +LIMIT 20 +OFFSET 0 +``` + +The execution plan shows that we read significantly more rows than requested (20), and the rows are sorted in memory: + +```plaintext + Limit (cost=10716.87..10716.92 rows=20 width=1300) (actual time=1472.305..1472.308 rows=20 loops=1) + -> Sort (cost=10716.87..10717.03 rows=61 width=1300) (actual time=1472.303..1472.305 rows=20 loops=1) + Sort Key: issues.iid + Sort Method: top-N heapsort Memory: 41kB + -> Nested Loop (cost=1.00..10715.25 rows=61 width=1300) (actual time=0.215..1331.647 rows=177267 loops=1) + -> Index Only Scan using index_projects_on_namespace_id_and_id on projects (cost=0.44..3.77 rows=19 width=4) (actual time=0.077..1.057 rows=270 loops=1) + Index Cond: (namespace_id = 9970) + Heap Fetches: 25 + -> Index Scan using index_issues_on_project_id_and_iid on issues (cost=0.56..559.28 rows=448 width=1300) (actual time=0.101..4.781 rows=657 loops=270) + Index Cond: (project_id = projects.id) + Planning Time: 12.281 ms + Execution Time: 1472.391 ms +(12 rows) +``` + +#### Columns in the same database table + +Filtering by columns located in the same database table can be improved with an index. In case we want to support filtering by the `state_id` column, we can add the following index: + +```sql +"index_issues_on_project_id_and_state_id_and_iid" UNIQUE, btree (project_id, state_id, iid) +``` + +Example query in Rails: + +```ruby +project = Project.find(5) + +# order by internal id +issues = project.issues.opened.order(:iid).page(1).per(20) +``` + +SQL query: + +```sql +SELECT "issues".* +FROM "issues" +WHERE + "issues"."project_id" = 5 + AND ("issues"."state_id" IN (1)) +ORDER BY "issues"."iid" ASC +LIMIT 20 +OFFSET 0 +``` + +Keep in mind that the index above will not support the following project level query: + +```sql +SELECT "issues".* +FROM "issues" +WHERE "issues"."project_id" = 5 +ORDER BY "issues"."iid" ASC +LIMIT 20 +OFFSET 0 +``` + +#### Special case: confidential flag + +In the `issues` table, we have a boolean field (`confidential`) that marks an issue confidential. This makes the issue invisible (filtered out) for non-member users. + +Example SQL query: + +```sql +SELECT "issues".* +FROM "issues" +WHERE "issues"."project_id" = 5 +AND "issues"."confidential" = FALSE +ORDER BY "issues"."iid" ASC +LIMIT 20 +OFFSET 0 +``` + +We might be tempted to add an index on `project_id`, `confidential`, and `iid` to improve the database query, however, in this case it's probably unnecessary. Based on the data distribution in the table, confidential issues are rare. Filtering them out does not make the database query significantly slower. The database might read a few extra rows, the performance difference might not even be visible to the end-user. + +On the other hand, if we would implement a special filter where we only show confidential issues, we will surely need the index. Finding 20 confidential issues might require the database to scan hundreds of rows or in the worst case, all issues in the project. + +NOTE: +Be aware of the data distribution and the table access patterns (how features work) when introducing a new database index. Sampling production data might be necessary to make the right decision. + +#### Columns in a different database table + +Example: filtering issues in a project by an assignee + +```ruby +project = Project.find(5) + +project + .issues + .joins(:issue_assignees) + .where(issue_assignees: { user_id: 10 }) + .order(:iid) + .page(1) + .per(20) +``` + +```sql +SELECT "issues".* +FROM "issues" +INNER JOIN "issue_assignees" ON "issue_assignees"."issue_id" = "issues"."id" +WHERE "issues"."project_id" = 5 + AND "issue_assignees"."user_id" = 10 +ORDER BY "issues"."iid" ASC +LIMIT 20 +OFFSET 0 +``` + +Example database (oversimplified) execution plan: + +1. The database parses the SQL query and detects the `JOIN`. +1. The database splits the query into two subqueries. + - `SELECT "issue_assignees".* FROM "issue_assignees" WHERE "issue_assignees"."user_id" = 10` + - `SELECT "issues".* FROM "issues" WHERE "issues"."project_id" = 5` +1. The database estimates the number of rows and the costs to run these queries. +1. The database executes the cheapest query first. +1. Using the query result, load the rows from the other table (from the other query) using the JOIN column and filter the rows further. + +In this particular example, the `issue_assignees` query would likely be executed first. + +Running the query in production for the GitLab project produces the following execution plan: + +```plaintext + Limit (cost=411.20..411.21 rows=1 width=1300) (actual time=24.071..24.077 rows=20 loops=1) + -> Sort (cost=411.20..411.21 rows=1 width=1300) (actual time=24.070..24.073 rows=20 loops=1) + Sort Key: issues.iid + Sort Method: top-N heapsort Memory: 91kB + -> Nested Loop (cost=1.00..411.19 rows=1 width=1300) (actual time=0.826..23.705 rows=190 loops=1) + -> Index Scan using index_issue_assignees_on_user_id on issue_assignees (cost=0.44..81.37 rows=92 width=4) (actual time=0.741..13.202 rows=215 loops=1) + Index Cond: (user_id = 4156052) + -> Index Scan using issues_pkey on issues (cost=0.56..3.58 rows=1 width=1300) (actual time=0.048..0.048 rows=1 loops=215) + Index Cond: (id = issue_assignees.issue_id) + Filter: (project_id = 278964) + Rows Removed by Filter: 0 + Planning Time: 1.141 ms + Execution Time: 24.170 ms +(13 rows) +``` + +The query looks up the `assignees` first, filtered by the `user_id` (`user_id = 4156052`) and it finds 215 rows. Using that 215 rows, the database will look up the 215 associated issue rows by the primary key. Notice that the filter on the `project_id` column is not backed by an index. + +In most cases, we are lucky that the joined relation will not be going to return too many rows, therefore, we will end up with a relatively efficient database query that accesses low number of rows. As the database grows, these queries might start to behave differently. Let's say the number `issue_assignees` records for a particular user is very high (millions), then this join query will not perform well, and it will likely time out. + +A similar problem could be a double join, where the filter exists in the 2nd JOIN query. Example: `Issue -> LabelLink -> Label(name=bug)`. + +There is no easy way to fix these problems. Denormalization of data could help significantly, however, it has also negative effects (data duplication and keeping the data up to date). + +Ideas for improving the `issue_assignees` filter: + +- Add `project_id` column to the `issue_assignees` table so when JOIN-ing, the extra `project_id` filter will further filter the rows. The sorting will likely happen in memory: + + ```sql + SELECT "issues".* + FROM "issues" + INNER JOIN "issue_assignees" ON "issue_assignees"."issue_id" = "issues"."id" + WHERE "issues"."project_id" = 5 + AND "issue_assignees"."user_id" = 10 + AND "issue_assignees"."project_id" = 5 + ORDER BY "issues"."iid" ASC + LIMIT 20 + OFFSET 0 + ``` + +- Add the `iid` column to the `issue_assignees` table. Notice that the `ORDER BY` column is different and the `project_id` filter is gone from the `issues` table: + + ```sql + SELECT "issues".* + FROM "issues" + INNER JOIN "issue_assignees" ON "issue_assignees"."issue_id" = "issues"."id" + WHERE "issue_assignees"."user_id" = 10 + AND "issue_assignees"."project_id" = 5 + ORDER BY "issue_assignees"."iid" ASC + LIMIT 20 + OFFSET 0 + ``` + +The query now performs well for any number of `issue_assignees` records, however, we pay a very high price for it: + +- Two columns are duplicated which increases the database size. +- We need to keep the two columns in sync. +- We need more indexes on the `issue_assignees` table to support the query. +- The new database query is very specific to the assignee search and needs complex backend code to build it. + - If the assignee is filtered by the user, then order by a different column, remove the `project_id` filter, etc. + +NOTE: +Currently we're not doing these kinds of denormalization at GitLab. diff --git a/doc/development/database/rename_database_tables.md b/doc/development/database/rename_database_tables.md new file mode 100644 index 00000000000..743558fae19 --- /dev/null +++ b/doc/development/database/rename_database_tables.md @@ -0,0 +1,140 @@ +--- +stage: Enablement +group: Database +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Rename table without downtime + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/54354) in GitLab 13.12. + +With our database helper methods built into GitLab, it's possible to rename a database table without downtime. + +The technique builds on top of database views, using the following steps: + +1. Rename the database table. +1. Create a database view using the old table name by pointing to the new table name. +1. Add workaround for ActiveRecord's schema cache. + +For example, consider that we are renaming the `issues` table name to `tickets`. Run: + +```sql +BEGIN; + ALTER TABLE issues RENAME TO tickets; + CREATE VIEW issues AS SELECT * FROM tickets; +COMMIT; +``` + +As database views do not expose the underlying table schema (default values, not null +constraints, and indexes), we need further steps to update the application to use the new +table name. ActiveRecord heavily relies on this data, for example, to initialize new +models. + +To work around this limitation, we need to tell ActiveRecord to acquire this information +from a different table using the new table name. + +## Migration strategy breakdown + +### Release N.M: Mark the ActiveRecord model's table + +Consider the current release as "Release N.M". + +In this release, register the database table so that it instructs ActiveRecord to fetch the +database table information (for `SchemaCache`) using the new table name (if it's present). Otherwise, fall back +to the old table name. This is necessary to avoid errors during a zero-downtime deployment. + +1. Edit the `TABLES_TO_BE_RENAMED` constant in: `lib/gitlab/database.rb` + + ```ruby + TABLES_TO_BE_RENAMED = { + 'issues' => 'tickets' + }.freeze + ``` + +Note that, in this release (N.M), the `tickets` database table does not exist yet. This step is preparing for the actual table rename in release N.M+1. + +### Release N.M+1: Rename the database table + +Consider the next release as "Release N.M". + +Execute a standard migration (not a post-migration): + +```ruby + include Gitlab::Database::MigrationHelpers + + def up + rename_table_safely(:issues, :tickets) + end + + def down + undo_rename_table_safely(:issues, :tickets) + end +``` + +**Important notes:** + +- Let other developers know that the table is going to be renamed. + - Ping the `@gl-database` group in your merge request. + - Add a note in the Engineering Week-in-Review document: `table_name` is going to be renamed in N.M. Modifications to this table are not allowed in release N.M and N.M+1. +- The helper method uses the standard `rename_table` helper from Rails for renaming the table. +- The helper renames the sequence and the indexes. Sometimes it diverges from the standard Rails convention +when naming indexes, so there is a possibility that not all indexes are properly renamed. After running +the migration locally, check if there are inconsistently named indexes (`db/structure.sql`). Those can be +renamed manually in a separate migration, which can be also part of the release M.N+1. +- Foreign key columns might still contain the old table name. For smaller tables, follow our [standard column +rename process](../avoiding_downtime_in_migrations.md#renaming-columns) +- Avoid renaming database tables which are using with triggers. +- Table modifications (add or remove columns) are not allowed during the rename process, please make sure that all changes to the table happen before the rename migration is started (or in the next release). +- As the index names might change, verify that the model does not use bulk insert +(for example, `insert_all` and `upsert_all`) with the `unique_by: index_name` option. +Renaming an index while using these methods may break functionality. +- Modify the model code to point to the new database table. Do this by +renaming the model directly or setting the `self.table_name` variable. + +At this point, we don't have applications using the old database table name in their queries. + +1. Remove the database view through a post-migration: + + ```ruby + include Gitlab::Database::MigrationHelpers + + def up + finalize_table_rename(:issues, :tickets) + end + + def down + undo_finalize_table_rename(:issues, :tickets) + end + ``` + +1. Additionally the table definition from `TABLES_TO_BE_RENAMED` **must** be removed. + +To do so, edit the `TABLES_TO_BE_RENAMED` constant in `lib/gitlab/database.rb`: + + From: + + ```ruby + TABLES_TO_BE_RENAMED = { + 'issues' => 'tickets' + }.freeze + ``` + + To: + + ```ruby + TABLES_TO_BE_RENAMED = {}.freeze + ``` + +#### Zero-downtime deployments + +When the application is upgraded without downtime, there can be application instances +running the old code. The old code still references the old database table. The queries +still function without any problems, because the backward-compatible database view is +in place. + +In case the old version of the application needs to be restarted or reconnected to the +database, ActiveRecord fetches the column information again. At this time, our previously +marked table (`TABLES_TO_BE_RENAMED`) instructs ActiveRecord to use the new database table name +when fetching the database table information. + +The new version of the application will use the new database table. diff --git a/doc/development/developing_with_solargraph.md b/doc/development/developing_with_solargraph.md new file mode 100644 index 00000000000..877fbad8ab2 --- /dev/null +++ b/doc/development/developing_with_solargraph.md @@ -0,0 +1,28 @@ +--- +stage: Create +group: Source Code +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Using Solargraph + +Gemfile packages [Solargraph](https://github.com/castwide/solargraph) language server for additional IntelliSense and code formatting capabilities with editors that support it. + +Example configuration for Solargraph can be found in [.solargraph.yml.example](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.solargraph.yml.example) file. Copy the contents of this file to `.solargraph.yml` file for language server to pick this configuration up. Since `.solargraph.yml` configuration file is ignored by Git, it's possible to adjust configuration according to your needs. + +Refer to particular IDE plugin documentation on how to integrate it with Solargraph language server: + +- **Visual Studio Code** + - GitHub: [`vscode-solargraph`](https://github.com/castwide/vscode-solargraph) + +- **Atom** + - GitHub: [`atom-solargraph`](https://github.com/castwide/atom-solargraph) + +- **Vim** + - GitHub: [`LanguageClient-neovim`](https://github.com/autozimu/LanguageClient-neovim) + +- **Emacs** + - GitHub: [`emacs-solargraph`](https://github.com/guskovd/emacs-solargraph) + +- **Eclipse** + - GitHub: [`eclipse-solargraph`](https://github.com/PyvesB/eclipse-solargraph) diff --git a/doc/development/distributed_tracing.md b/doc/development/distributed_tracing.md index e5293c0804c..8bd8599a0b0 100644 --- a/doc/development/distributed_tracing.md +++ b/doc/development/distributed_tracing.md @@ -89,8 +89,6 @@ The easiest way to access tracing from a GDK environment is through the [performance-bar](../administration/monitoring/performance/performance_bar.md). This can be shown by typing `p` `b` in the browser window. - - Once the performance bar is enabled, click on the **Trace** link in the performance bar to go to the Jaeger UI. diff --git a/doc/development/documentation/feature_flags.md b/doc/development/documentation/feature_flags.md index 7dd02c44afa..7fa80e2d0f5 100644 --- a/doc/development/documentation/feature_flags.md +++ b/doc/development/documentation/feature_flags.md @@ -52,7 +52,7 @@ Include details of the feature flag in the documentation: [by-project information](#features-enabled-by-project). Otherwise, do not say anything about it. - Say whether it's recommended for production use. -- Document how to enable and disable it. +- Document how to enable and disable it, preferably at the end of the file. - Add a warning to the user saying that the feature might be disabled. For example, for a feature disabled by default, disabled on GitLab.com, cannot @@ -110,7 +110,7 @@ default: [by-project information](#features-enabled-by-project). Otherwise, do not say anything about it. - Say whether it's recommended for production use. -- Document how to disable and enable it. +- Document how to disable and enable it, preferably at the end of the file. - Add a warning to the user saying that the feature might be disabled. For example, for a feature initially deployed disabled by default, that became @@ -169,7 +169,7 @@ For features enabled by default: [by-project information](#features-enabled-by-project). Otherwise, do not say anything about it. - Say whether it's recommended for production use. -- Document how to disable and enable it. +- Document how to disable and enable it, preferably at the end of the file. - Add a warning to the user saying that the feature might be disabled. For example, for a feature enabled by default, enabled on GitLab.com, that diff --git a/doc/development/documentation/index.md b/doc/development/documentation/index.md index f10396570a2..05aa003d89e 100644 --- a/doc/development/documentation/index.md +++ b/doc/development/documentation/index.md @@ -411,7 +411,7 @@ on how the left-side navigation menu is built and updated. NOTE: To preview your changes to documentation locally, follow this -[development guide](https://gitlab.com/gitlab-org/gitlab-docs/blob/master/README.md#development-when-contributing-to-gitlab-documentation) or [these instructions for GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/gitlab_docs.md). +[development guide](https://gitlab.com/gitlab-org/gitlab-docs/blob/master/README.md#development-when-contributing-to-gitlab-documentation) or [these instructions for GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/gitlab_docs.md). The live preview is currently enabled for the following projects: @@ -502,7 +502,7 @@ help of a configuration file known as **screenshot generator**. To run the tool on an existing screenshot generator, take the following steps: -1. Set up the [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/gitlab_docs.md). +1. Set up the [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/gitlab_docs.md). 1. Navigate to the subdirectory with your cloned GitLab repository, typically `gdk/gitlab`. 1. Make sure that your GDK database is fully migrated: `bin/rake db:migrate RAILS_ENV=development`. 1. Install `pngquant`, see the tool website for more information: [`pngquant`](https://pngquant.org/) diff --git a/doc/development/documentation/structure.md b/doc/development/documentation/structure.md index 33bfc040bb6..67bdbffa2a1 100644 --- a/doc/development/documentation/structure.md +++ b/doc/development/documentation/structure.md @@ -58,6 +58,9 @@ Don't tell them **how** to do this thing. Tell them **what it is**. If you start describing another topic, start a new concept and link to it. +Also, do not use "Overview" or "Introduction" for the topic title. Instead, +use a noun or phrase that someone would search for. + Concept topics should be in this format: ```markdown @@ -111,13 +114,16 @@ Prerequisites: To create an issue: 1. Go to **Issues > List**. -1. In the top right, click **New issue**. +1. In the top right, select **New issue**. 1. Complete the fields. (If you have a reference topic that lists each field, link to it here.) -1. Click **Create issue**. +1. Select **Create issue**. The issue is created. You can view it by going to **Issues > List**. ``` +If you have several tasks on a page that share prerequisites, you can make a +reference topic with the title **Prerequisites**, and link to it. + ## Reference A reference topic provides information in an easily-scannable format, @@ -133,6 +139,9 @@ Introductory sentence. | **Name** | Descriptive sentence about the setting. | ``` +If a feature or concept has its own prerequisites, you can use the reference +topic type to create a **Prerequisites** header for the information. + ## Troubleshooting Troubleshooting topics can be one of two categories: diff --git a/doc/development/documentation/styleguide/index.md b/doc/development/documentation/styleguide/index.md index 25cdbaf75ba..0ac393a8509 100644 --- a/doc/development/documentation/styleguide/index.md +++ b/doc/development/documentation/styleguide/index.md @@ -164,13 +164,12 @@ standard for GitLab documentation). A rule that could cause confusion is `MD044/proper-names`, as it might not be immediately clear what caused markdownlint to fail, or how to correct the -failure. This rule checks a list of known words, listed in the `.markdownlint.json` +failure. This rule checks a list of known words, listed in the `.markdownlint.yml` file in each project, to verify proper use of capitalization and backticks. Words in backticks are ignored by markdownlint. In general, product names should follow the exact capitalization of the official -names of the products, protocols, and so on. See [`.markdownlint.json`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.markdownlint.json) -for the words tested for proper capitalization in GitLab documentation. +names of the products, protocols, and so on. Some examples fail if incorrect capitalization is used: @@ -370,7 +369,7 @@ Capitalize names of: - Third-party organizations, software, and products. For example, Prometheus, Kubernetes, Git, and The Linux Foundation. - Methods or methodologies. For example, Continuous Integration, - Continuous Deployment, Scrum, and Agile. (Tested in [`.markdownlint.json`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.markdownlint.json).) + Continuous Deployment, Scrum, and Agile. Follow the capitalization style listed at the [authoritative source](#links-to-external-documentation) for the entity, which may use non-standard case styles. For example: GitLab and @@ -1112,13 +1111,9 @@ document to ensure it links to the most recent version of the file. When documenting navigation through the user interface: - Use the exact wording as shown in the UI, including any capital letters as-is. -- Use bold text for navigation items and the char "greater than" (`>`) as a - separator. For example: `From your project, go to **Settings > CI/CD**`. -- If there are any expandable menus, make sure to mention that the user needs to - expand the tab to find the settings you're referring to. For example: - `From your group, go to **Settings > CI/CD** and expand **General pipelines**`. +- Use bold text for navigation items. -### Navigational elements +### What to call the menus Use these terms when referring to the main GitLab user interface elements: @@ -1130,6 +1125,19 @@ elements: - **Right sidebar**: This is the navigation sidebar on the right of the user interface, specific to the open issue, merge request, or epic. +### How to document the left sidebar + +To be consistent, use this format when you refer to the left sidebar. + +- Go to your project and select **Settings > CI/CD**. +- Go to your group and select **Settings > CI/CD**. +- Go to the Admin Area (**{admin}**) and select **Overview > Projects**. + +For expandable menus, use this format: + +1. Go to your group and select **Settings > CI/CD**. +1. Expand **General pipelines**. + ## Images Images, including screenshots, can help a reader better understand a concept. diff --git a/doc/development/documentation/testing.md b/doc/development/documentation/testing.md index aee3144e6de..af95f3b9023 100644 --- a/doc/development/documentation/testing.md +++ b/doc/development/documentation/testing.md @@ -150,11 +150,11 @@ from those guidelines. markdownlint configuration is found in the following projects: -- [`gitlab`](https://gitlab.com/gitlab-org/gitlab/blob/master/.markdownlint.json) -- [`gitlab-runner`](https://gitlab.com/gitlab-org/gitlab-runner/blob/master/.markdownlint.json) -- [`omnibus-gitlab`](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/.markdownlint.json) -- [`charts`](https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/.markdownlint.json) -- [`gitlab-development-kit`](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/.markdownlint.json) +- [`gitlab`](https://gitlab.com/gitlab-org/gitlab) +- [`gitlab-runner`](https://gitlab.com/gitlab-org/gitlab-runner) +- [`omnibus-gitlab`](https://gitlab.com/gitlab-org/omnibus-gitlab) +- [`charts`](https://gitlab.com/gitlab-org/charts/gitlab) +- [`gitlab-development-kit`](https://gitlab.com/gitlab-org/gitlab-development-kit) This configuration is also used in build pipelines. diff --git a/doc/development/ee_features.md b/doc/development/ee_features.md index 35e7824721a..452b957c705 100644 --- a/doc/development/ee_features.md +++ b/doc/development/ee_features.md @@ -20,7 +20,7 @@ Since the implementation of [GitLab CE features to work with unlicensed EE instance](https://gitlab.com/gitlab-org/gitlab/-/issues/2500) GitLab Enterprise Edition should work like GitLab Community Edition when no license is active. So EE features always should be guarded by -`project.feature_available?` or `group.feature_available?` (or +`project.feature_available?` or `group.licensed_feature_available?` (or `License.feature_available?` if it is a system-wide feature). Frontend features should be guarded by pushing a flag from the backend by [using `push_licensed_feature`](licensed_feature_availability.md#restricting-frontend-features), and checked using `this.glFeatures.someFeature` in the frontend. @@ -94,11 +94,11 @@ class User < ActiveRecord::Base # ... lots of code here ... end -User.prepend_ee_mod +User.prepend_mod ``` Do not use methods such as `prepend`, `extend`, and `include`. Instead, use -`prepend_ee_mod`, `extend_ee_mod`, or `include_ee_mod`. These methods will try to +`prepend_mod`, `extend_mod`, or `include_mod`. These methods will try to find the relevant EE module by the name of the receiver module, for example; ```ruby @@ -108,13 +108,13 @@ module Vulnerabilities end end -Vulnerabilities::Finding.prepend_ee_mod +Vulnerabilities::Finding.prepend_mod ``` will prepend the module named `::EE::Vulnerabilities::Finding`. If the extending module does not follow this naming convention, you can also provide the module name -by using `prepend_if_ee`, `extend_if_ee`, or `include_if_ee`. These methods take a +by using `prepend_mod_with`, `extend_mod_with`, or `include_mod_with`. These methods take a _String_ containing the full module name as the argument, not the module itself, like so; ```ruby @@ -122,7 +122,7 @@ class User #... end -User.prepend_if_ee('::EE::UserExtension') +User.prepend_mod_with('UserExtension') ``` Since the module would require an `EE` namespace, the file should also be @@ -254,7 +254,7 @@ class ApplicationController < ActionController::Base # ... end -ApplicationController.prepend_if_ee('EE::ApplicationController') +ApplicationController.prepend_mod_with('ApplicationController') ``` And create a new file in the `ee/` sub-directory with the altered @@ -429,7 +429,7 @@ module Gitlab end end -Gitlab::BackgroundMigration::PruneOrphanedGeoEvents.prepend_if_ee('EE::Gitlab::BackgroundMigration::PruneOrphanedGeoEvents') +Gitlab::BackgroundMigration::PruneOrphanedGeoEvents.prepend_mod_with('Gitlab::BackgroundMigration::PruneOrphanedGeoEvents') ``` GitLab EE: @@ -563,7 +563,7 @@ EE-specific LDAP classes in `ee/lib/ee/gitlab/ldap`. ### Code in `lib/api/` -It can be very tricky to extend EE features by a single line of `prepend_if_ee`, +It can be very tricky to extend EE features by a single line of `prepend_mod_with`, and for each different [Grape](https://github.com/ruby-grape/grape) feature, we might need different strategies to extend it. To apply different strategies easily, we would use `extend ActiveSupport::Concern` in the EE module. @@ -602,7 +602,7 @@ constants. We can define `params` and use `use` in another `params` definition to include parameters defined in EE. However, we need to define the "interface" first in CE in order for EE to override it. We don't have to do this in other places -due to `prepend_if_ee`, but Grape is complex internally and we couldn't easily +due to `prepend_mod_with`, but Grape is complex internally and we couldn't easily do that, so we follow regular object-oriented practices that we define the interface first here. @@ -642,7 +642,7 @@ module API end end -API::Helpers::ProjectsHelpers.prepend_if_ee('EE::API::Helpers::ProjectsHelpers') +API::Helpers::ProjectsHelpers.prepend_mod_with('API::Helpers::ProjectsHelpers') ``` We could override it in EE module: @@ -683,7 +683,7 @@ module API end end -API::JobArtifacts.prepend_if_ee('EE::API::JobArtifacts') +API::JobArtifacts.prepend_mod_with('API::JobArtifacts') ``` And then we can follow regular object-oriented practices to override it: @@ -736,7 +736,7 @@ module API end end -API::MergeRequests.prepend_if_ee('EE::API::MergeRequests') +API::MergeRequests.prepend_mod_with('API::MergeRequests') ``` Note that `update_merge_request_ee` doesn't do anything in CE, but @@ -777,7 +777,7 @@ can't easily extend it with an EE module because Grape has different context in different blocks. In order to overcome this, we need to move the data to a class method that resides in a separate module or class. This allows us to extend that module or class before its data is used, without having to place a -`prepend_if_ee` in the middle of CE code. +`prepend_mod_with` in the middle of CE code. For example, in one place we need to pass an extra argument to `at_least_one_of` so that the API could consider an EE-only argument as the @@ -798,7 +798,7 @@ module API end end -API::MergeRequests::Parameters.prepend_if_ee('EE::API::MergeRequests::Parameters') +API::MergeRequests::Parameters.prepend_mod_with('API::MergeRequests::Parameters') # api/merge_requests.rb module API @@ -848,7 +848,7 @@ class Identity < ActiveRecord::Base [:provider] end - prepend_if_ee('EE::Identity') + prepend_mod_with('Identity') validates :extern_uid, allow_blank: true, @@ -900,7 +900,7 @@ class Identity < ActiveRecord::Base end end -Identity::UniquenessScopes.prepend_if_ee('EE::Identity::UniquenessScopes') +Identity::UniquenessScopes.prepend_mod_with('Identity::UniquenessScopes') # app/models/identity.rb class Identity < ActiveRecord::Base diff --git a/doc/development/elasticsearch.md b/doc/development/elasticsearch.md index 705a69765f7..6b829faf74d 100644 --- a/doc/development/elasticsearch.md +++ b/doc/development/elasticsearch.md @@ -25,7 +25,7 @@ Developers making significant changes to Elasticsearch queries should test their ## Setting up development environment -See the [Elasticsearch GDK setup instructions](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/elasticsearch.md) +See the [Elasticsearch GDK setup instructions](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/elasticsearch.md) ## Helpful Rake tasks @@ -241,8 +241,8 @@ cron worker runs. Default value is 5 minutes. - `pause_indexing!` - Pause indexing while the migration runs. This setting will record the indexing setting before the migration runs and set it back to that value when the migration is completed. -- `space_requirements!` - Verify that enough free space is available in the cluster when the migration runs. This setting - will halt the migration if the storage required is not available when the migration runs. The migration must provide +- `space_requirements!` - Verify that enough free space is available in the cluster when the migration runs. This setting + will halt the migration if the storage required is not available when the migration runs. The migration must provide the space required in bytes by defining a `space_required_bytes` method. ```ruby @@ -285,7 +285,7 @@ defer it to another release if there is risk of important data loss. Follow these best practices for best results: - When working in batches, keep the batch size under 9,000 documents - and `throttle_delay` over 3 minutes. The bulk indexer is set to run + and `throttle_delay` for at least 3 minutes. The bulk indexer is set to run every 1 minute and process a batch of 10,000 documents. These limits allow the bulk indexer time to process records before another migration batch is attempted. @@ -316,11 +316,11 @@ choose to remove the migration code and tests so that: anymore. To be extra safe, we will not delete migrations that were created in the last -minor version before the major upgrade. So, if the we are upgrading to `%14.0`, -we should not delete migrations that were only added in `%13.11`. This is an +minor version before the major upgrade. So, if we are upgrading to `%14.0`, +we should not delete migrations that were only added in `%13.12`. This is an extra safety net as we expect there are migrations that get merged that may take multiple weeks to finish on GitLab.com. It would be bad if we upgraded -GitLab.com to `%14.0` before the migrations in `%13.11` were finished. Since +GitLab.com to `%14.0` before the migrations in `%13.12` were finished. Since our deployments to GitLab.com are automated and we currently don't have automated checks to prevent this, the extra precaution is warranted. Additionally, even if we did have automated checks to prevent it, we wouldn't @@ -340,7 +340,7 @@ being upgraded to, we do the following: def migrate log_raise "Migration has been deleted in the last major version upgrade." \ "Migrations are supposed to be finished before upgrading major version https://docs.gitlab.com/ee/update/#upgrading-to-a-new-major-version ." \ - "In order to correct this issue you will need to reacreate your index from scratch https://docs.gitlab.com/ee/integration/elasticsearch.html#last-resort-to-recreate-an-index ." + "To correct this issue, recreate your index from scratch: https://docs.gitlab.com/ee/integration/elasticsearch.html#last-resort-to-recreate-an-index." end def completed? diff --git a/doc/development/experiment_guide/gitlab_experiment.md b/doc/development/experiment_guide/gitlab_experiment.md index 4b93105ea50..db9bc521cfd 100644 --- a/doc/development/experiment_guide/gitlab_experiment.md +++ b/doc/development/experiment_guide/gitlab_experiment.md @@ -503,7 +503,7 @@ so you can use it when resolving some concepts around experimentation in the cli ### Use experiments in Vue -With the `experiment` component, you can define slots that match the name of the +With the `gitlab-experiment` component, you can define slots that match the name of the variants pushed to `window.gon.experiment`. For example, if we alter the `pill_color` experiment to just use the default variants of `control` and `candidate` like so: @@ -520,15 +520,15 @@ We can make use of the named slots `control` and `candidate` in the Vue componen ```vue <script> -import Experiment from '~/experimentation/components/experiment.vue'; +import GitlabExperiment from '~/experimentation/components/gitlab_experiment.vue'; export default { - components: { Experiment } + components: { GitlabExperiment } } </script> <template> - <experiment name="pill_color"> + <gitlab-experiment name="pill_color"> <template #control> <button class="bg-default">Click default button</button> </template> @@ -536,7 +536,7 @@ export default { <template #candidate> <button class="bg-red">Click red button</button> </template> - </experiment> + </gitlab-experiment> </template> ``` @@ -545,7 +545,7 @@ For example, the Vue component for the previously-defined `pill_color` experimen ```vue <template> - <experiment name="pill_color"> + <gitlab-experiment name="pill_color"> <template #control> <button class="bg-default">Click default button</button> </template> @@ -557,7 +557,7 @@ For example, the Vue component for the previously-defined `pill_color` experimen <template #blue> <button class="bg-blue">Click blue button</button> </template> - </experiment> + </gitlab-experiment> </template> ``` diff --git a/doc/development/experiment_guide/index.md b/doc/development/experiment_guide/index.md index 15430831f4a..0d534a974a1 100644 --- a/doc/development/experiment_guide/index.md +++ b/doc/development/experiment_guide/index.md @@ -59,4 +59,4 @@ feature flags, and there is currently no strong suggestion to use one over the o Historical Context: `Experimentation Module` was built iteratively with the needs that appeared while implementing Growth sub-department experiments, while GLEX was built -with the learnings of the team and an easier to use API. +with the findings of the team and an easier to use API. diff --git a/doc/development/fe_guide/graphql.md b/doc/development/fe_guide/graphql.md index e87b4197269..49c511c2b85 100644 --- a/doc/development/fe_guide/graphql.md +++ b/doc/development/fe_guide/graphql.md @@ -118,6 +118,8 @@ To distinguish queries from mutations and fragments, the following naming conven - `add_user.mutation.graphql` for mutations; - `basic_user.fragment.graphql` for fragments. +If you are using queries for the [CustomersDot GraphQL endpoint](https://gitlab.com/gitlab-org/gitlab/-/blob/be78ccd832fd40315c5e63bb48ee1596ae146f56/app/controllers/customers_dot/proxy_controller.rb), end the filename with `.customer.query.graphql`, `.customer.mutation.graphql`, or `.customer.fragment.graphql`. + ### Fragments [Fragments](https://graphql.org/learn/queries/#fragments) are a way to make your complex GraphQL queries more readable and re-usable. Here is an example of GraphQL fragment: @@ -780,7 +782,7 @@ While the Apollo client has support for simple polling, for performance reasons, Once the backend is set up, there are a few changes to make on the frontend. -First, get your resource Etag path from the backend. In the example of the pipelines graph, this is called the `graphql_resource_etag`. This will be used to create new headers to add to the Apollo context: +First, get your resource ETag path from the backend. In the example of the pipelines graph, this is called the `graphql_resource_etag`. This will be used to create new headers to add to the Apollo context: ```javascript /* pipelines/components/graph/utils.js */ @@ -815,7 +817,7 @@ apollo: { }, ``` -Then, because Etags depend on the request being a `GET` instead of GraphQL's usual `POST`, but our default link library does not support `GET` we need to let our defaut Apollo client know to use a different library. +Then, because ETags depend on the request being a `GET` instead of GraphQL's usual `POST`, but our default link library does not support `GET` we need to let our default Apollo client know to use a different library. ```javascript /* componentMountIndex.js */ diff --git a/doc/development/fe_guide/icons.md b/doc/development/fe_guide/icons.md index ad344c00efd..3f7490b0221 100644 --- a/doc/development/fe_guide/icons.md +++ b/doc/development/fe_guide/icons.md @@ -198,3 +198,10 @@ export default { <img :src="svgIllustrationPath" /> </template> ``` + +### Minimize SVGs + +When you develop or export a new SVG illustration, minimize it with an [SVGO](https://github.com/svg/svgo) powered tool, like +[SVGOMG](https://jakearchibald.github.io/svgomg/), to save space. Illustrations +added to [GitLab SVG](https://gitlab.com/gitlab-org/gitlab-svgs) are automatically +minimized, so no manual action is needed. diff --git a/doc/development/fe_guide/performance.md b/doc/development/fe_guide/performance.md index b6130335654..dd3945ae324 100644 --- a/doc/development/fe_guide/performance.md +++ b/doc/development/fe_guide/performance.md @@ -246,6 +246,55 @@ Layout to be recalculated, which is much more expensive. For details on this, se If you _do_ need to change layout (for example, a sidebar that pushes main content over), prefer [FLIP](https://aerotwist.com/blog/flip-your-animations/). FLIP allows you to change expensive properties once, and handle the actual animation with transforms. +### Prefetching assets + +In addition to prefetching data from the [API](graphql.md#making-initial-queries-early-with-graphql-startup-calls) +we allow prefetching the named JavaScript "chunks" as +[defined in the Webpack configuration](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/webpack.config.js#L298-359). +We support two types of prefetching for the chunks: + +- The [`prefetch` link type](https://developer.mozilla.org/en-US/docs/Web/HTML/Link_types/prefetch) + is used to prefetch a chunk for the future navigation +- The [`preload` link type](https://developer.mozilla.org/en-US/docs/Web/HTML/Link_types/preloadh) + is used to prefetch a chunk that is crucial for the current navigation but is not + discovered until later in the rendering process + +Both `prefetch` and `preload` links bring the loading performance benefit to the pages. Both are +fetched asynchronously, but contrary to [deferring the loading](https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script#attr-defer) +of the assets which is used for other JavaScript resources in the product by default, `prefetch` and +`preload` neither parse nor execute the fetched script unless explicitly imported in any JavaScript +module. This allows to cache the fetched resources without blocking the execution of the +remaining page resources. + +To prefetch a JavaScript chunk in a HAML view, `:prefetch_asset_tags` with the combination of +the `webpack_preload_asset_tag` helper is provided: + +```javascript +- content_for :prefetch_asset_tags do + - webpack_preload_asset_tag('monaco') +``` + +This snippet will add a new `<link rel="preload">` element into the resulting HTML page: + +```HTML +<link rel="preload" href="/assets/webpack/monaco.chunk.js" as="script" type="text/javascript"> +``` + +By default, `webpack_preload_asset_tag` will `preload` the chunk. You don't need to worry about +`as` and `type` attributes for preloading the JavaScript chunks. However, when a chunk is not +critical, for the current navigation, one has to explicitly request `prefetch`: + +```javascript +- content_for :prefetch_asset_tags do + - webpack_preload_asset_tag('monaco', prefetch: true) +``` + +This snippet will add a new `<link rel="prefetch">` element into the resulting HTML page: + +```HTML +<link rel="prefetch" href="/assets/webpack/monaco.chunk.js"> +``` + ## Reducing Asset Footprint ### Universal code diff --git a/doc/development/fe_guide/vue.md b/doc/development/fe_guide/vue.md index 574faa0898f..1cce699218c 100644 --- a/doc/development/fe_guide/vue.md +++ b/doc/development/fe_guide/vue.md @@ -102,9 +102,9 @@ across the codebase. #### Providing Rails form fields to Vue applications When composing a form with Rails, the `name`, `id`, and `value` attributes of form inputs are generated -to match the backend. It can be helpful to have access to these generated attributes when converting +to match the backend. It can be helpful to have access to these generated attributes when converting a Rails form to Vue, or when [integrating components (datepicker, project selector, etc)](https://gitlab.com/gitlab-org/gitlab/-/blob/8956ad767d522f37a96e03840595c767de030968/app/assets/javascripts/access_tokens/index.js#L15) into it. -The [`parseRailsFormFields`](https://gitlab.com/gitlab-org/gitlab/-/blob/fe88797f682c7ff0b13f2c2223a3ff45ada751c1/app/assets/javascripts/lib/utils/forms.js#L107) utility can be used to parse the generated form input attributes so they can be passed to the Vue application. +The [`parseRailsFormFields`](https://gitlab.com/gitlab-org/gitlab/-/blob/fe88797f682c7ff0b13f2c2223a3ff45ada751c1/app/assets/javascripts/lib/utils/forms.js#L107) utility can be used to parse the generated form input attributes so they can be passed to the Vue application. This allows us to easily integrate Vue components without changing how the form submits. ```haml @@ -116,7 +116,7 @@ This allows us to easily integrate Vue components without changing how the form ``` > The `js_name` data attribute is used as the key in the resulting JavaScript object. -For example `= form.text_field :email, data: { js_name: 'fooBarBaz' }` would be translated +For example `= form.text_field :email, data: { js_name: 'fooBarBaz' }` would be translated to `{ fooBarBaz: { name: 'user[email]', id: 'user_email', value: '' } }` ```javascript diff --git a/doc/development/feature_flags/controls.md b/doc/development/feature_flags/controls.md index c9538c38850..08a4401181b 100644 --- a/doc/development/feature_flags/controls.md +++ b/doc/development/feature_flags/controls.md @@ -266,7 +266,7 @@ Changes to the issue format can be submitted in the Any feature flag change that affects any GitLab instance is automatically logged in [features_json.log](../../administration/logs.md#features_jsonlog). You can search the change history in [Kibana](https://about.gitlab.com/handbook/support/workflows/kibana.html). -You can access the feature flag change history for GitLab.com [here](https://log.gprd.gitlab.net/goto/d060337c017723084c6d97e09e591fc6). +You can also access the feature flag change history for GitLab.com [in Kibana](https://log.gprd.gitlab.net/goto/d060337c017723084c6d97e09e591fc6). ## Cleaning up diff --git a/doc/development/feature_flags/index.md b/doc/development/feature_flags/index.md index 560e4f8cb90..e18bcaa1f4e 100644 --- a/doc/development/feature_flags/index.md +++ b/doc/development/feature_flags/index.md @@ -15,12 +15,6 @@ This document provides guidelines on how to use feature flags in the GitLab codebase to conditionally enable features and test them. -Features that are developed and merged behind a feature flag -should not include a changelog entry. A changelog entry with `type: added` should be included in the merge -request removing the feature flag or the merge request where the default value of -the feature flag is set to enabled. If the feature contains any database migrations, it -*should* include a changelog entry for the database changes. - WARNING: All newly-introduced feature flags should be [disabled by default](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#feature-flags-in-gitlab-development). @@ -55,7 +49,7 @@ should be leveraged: a specific project and ensure that there are no issues with the implementation. 1. When the feature is ready to be announced, create a merge request that adds documentation about the feature, including [documentation for the feature flag itself](../documentation/feature_flags.md), - and a changelog entry. In the same merge request either flip the feature flag to + and a [changelog entry](#changelog). In the same merge request either flip the feature flag to be **on by default** or remove it entirely in order to enable the new behavior. One might be tempted to think that feature flags will delay the release of a @@ -461,6 +455,24 @@ as follows: Feature.remove(:feature_flag_name) ``` +## Changelog + +- Any change behind a feature flag **disabled** by default **should not** have a changelog entry. + - **Exception:** database migrations **should** have a changelog entry. +- Any change related to a feature flag itself (flag removal, default-on setting) **should** have a changelog entry. + Use the flowchart to determine the changelog entry type. + + ```mermaid + graph LR + A[flag: default off] -->|'added' / 'changed'| B(flag: default on) + B -->|'other'| C(remove flag, keep new code) + B -->|'removed' / 'changed'| D(remove flag, keep old code) + A -->|'added' / 'changed'| C + A -->|no changelog| D + ``` + +- Any change behind a feature flag that is **enabled** by default **should** have a changelog entry. + ## Feature flags in tests Introducing a feature flag into the codebase creates an additional code path that should be tested. diff --git a/doc/development/fips_compliance.md b/doc/development/fips_compliance.md new file mode 100644 index 00000000000..0b6d1751668 --- /dev/null +++ b/doc/development/fips_compliance.md @@ -0,0 +1,144 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# FIPS compliance + +FIPS is short for "Federal Information Processing Standard", a document which +defines certain security practices for a "cryptographic module" (CM). It aims +to ensure a certain security floor is met by vendors selling products to U.S. +Federal institutions. + +WARNING: +GitLab is not FIPS compliant, even when built and run on a FIPS-enforcing +system. Large parts of the build are broken, and many features use forbidden +cryptographic primitives. Running GitLab on a FIPS-enforcing system is not +supported and may result in data loss. This document is intended to help +engineers looking to develop FIPS-related fixes. It is not intended to be used +to run a production GitLab instance. + +There are two current FIPS standards: [140-2](https://en.wikipedia.org/wiki/FIPS_140-2) +and [140-3](https://en.wikipedia.org/wiki/FIPS_140-3). At GitLab we usually +mean FIPS 140-2. + +## Current status + +GitLab Inc has not committed to making GitLab FIPS-compliant at this time. We are +performing initial investigations to see how much work such an effort would be. + +Read [Epic &5104](https://gitlab.com/groups/gitlab-org/-/epics/5104) for more +information on the status of the investigation. + +## FIPS compliance at GitLab + +In a FIPS context, compliance is a form of self-certification - if we say we are +"FIPS compliant", we mean that we *believe* we are. There are no external +certifications to acquire, but if we are aware of non-compliant areas +in GitLab, we cannot self-certify in good faith. + +The known areas of non-compliance are tracked in [Epic &5104](https://gitlab.com/groups/gitlab-org/-/epics/5104). + +To be compliant, all components (GitLab itself, Gitaly, etc) must be compliant, +along with the communication between those components, and any storage used by +them. Where functionality cannot be brought into compliance, it must be disabled +when FIPS mode is enabled. + +## FIPS validation at GitLab + +Unlike FIPS compliance, FIPS validation is a formal declaration of compliance by +an accredited auditor. The requirements needed to pass the audit are the same as +for FIPS compliance. + +A list of FIPS-validated modules can be found at the +NIST (National Institute of Standards and Technology) +[cryptographic module validation program](https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules). + +## Setting up a FIPS-enabled development environment + +The simplest approach is to set up a virtual machine running +[Red Hat Enterprise Linux 8](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening#switching-the-system-to-fips-mode_using-the-system-wide-cryptographic-policies). + +Red Hat provide free licenses to developers, and permit the CD image to be +downloaded from the [Red Hat developer's portal](https://developers.redhat.com). +Registration is required. + +After the virtual machine is set up, you can follow the [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit) +installation instructions, including the [advanced instructions for RHEL](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/advanced.md#red-hat-enterprise-linux). +Note that `asdf` is not used for dependency management because it's essential to +use the RedHat-provided Go compiler and other system dependencies. + +### Working around broken frontend asset compilation + +A known bug affects asset compilation with FIPS mode enabled: [issue #322883](https://gitlab.com/gitlab-org/gitlab/-/issues/322883). +Until this is resolved, working on frontend issues is not feasible. We can still +work on backend issues by compiling the assets while FIPS is disabled, and +placing GDK into [static asset mode](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/configuration.md#webpack-settings): + +1. Modify your `gdk.yml` to contain the following: + + ```yaml + webpack: + host: 127.0.0.1 + port: 3808 + static: true + ``` + +1. In the GitLab repository, apply this patch to prevent the assets from being + automatically deleted whenever GDK is restarted: + + ```diff + diff --git a/scripts/frontend/webpack_dev_server.js b/scripts/frontend/webpack_dev_server.js + index fbb80c9617d..114720d457c 100755 + --- a/scripts/frontend/webpack_dev_server.js + +++ b/scripts/frontend/webpack_dev_server.js + @@ -15,7 +15,7 @@ const baseConfig = { + // run webpack in compile-once mode and watch for changes + if (STATIC_MODE) { + nodemon({ + - exec: `rm -rf public/assets/webpack ; yarn run webpack && exec ruby -run -e httpd public/ -p ${DEV_SERVER_PORT}`, + + exec: `ruby -run -e httpd public/ -p ${DEV_SERVER_PORT}`, + watch: [ + 'config/webpack.config.js', + 'app/assets/javascripts', + ``` + +1. Run this command in the GitLab repository to generate the asset files + to be served: + + ```shell + bin/rails gitlab:assets:compile + ``` + +Every time you change a frontend asset, you must re-run this command +(with FIPS mode disabled) before seeing the changes. + +### Enable FIPS mode + +After the assets are generated, run this command (as root) and restart the +virtual machine: + +```shell +fips-mode-setup --enable +``` + +You can check whether it's taken effect by running: + +```shell +fips-mode-setup --check +``` + +In this environment, OpenSSL refuses to perform cryptographic operations +forbidden by the FIPS standards. This enables you to reproduce FIPS-related bugs, +and validate fixes. + +You should be able to open a web browser inside the virtual machine and log in +to the GitLab instance. + +You can disable FIPS mode again by running this command, then restarting the +virtual machine: + +```shell +fips-mode-setup --disable +``` diff --git a/doc/development/gemfile.md b/doc/development/gemfile.md index f50e19bc383..e071aa4ffd9 100644 --- a/doc/development/gemfile.md +++ b/doc/development/gemfile.md @@ -19,6 +19,63 @@ dependencies and build times. Refer to [licensing guidelines](licensing.md) for ensuring license compliance. +## GitLab-created gems + +Sometimes we create libraries within our codebase that we want to +extract, either because we want to use them in other applications +ourselves, or because we think it would benefit the wider community. +Extracting code to a gem also means that we can be sure that the gem +does not contain any hidden dependencies on our application code. + +In general, we want to think carefully before doing this as there are +also disadvantages: + +1. Gems - even those maintained by GitLab - do not necessarily go + through the same [code review process](code_review.md) as the main + Rails application. +1. Extracting the code into a separate project means that we need a + minimum of two merge requests to change functionality: one in the gem + to make the functional change, and one in the Rails app to bump the + version. +1. Our needs for our own usage of the gem may not align with the wider + community's needs. In general, if we are not using the latest version + of our own gem, that might be a warning sign. + +In the case where we do want to extract some library code we've written +to a gem, go through these steps: + +1. Start with the code in the Rails application. Here it's fine to have + the code in `lib/` and loaded automatically. We can skip this step if + the step below makes more sense initially. +1. Before extracting to its own project, move the gem to `vendor/gems` and + load it in the `Gemfile` using the `path` option. This gives us a gem + that can be published to RubyGems.org, with its own test suite and + isolated set of dependencies, that is still in our main code tree and + goes through the standard code review process. + - For an example, see the [merge request !57805](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57805). +1. Once the gem is stable - we have been using it in production for a + while with few, if any, changes - extract to its own project under + the `gitlab-org` namespace. + 1. When creating the project, follow the [instructions for new projects](https://about.gitlab.com/handbook/engineering/#creating-a-new-project). + 1. Follow the instructions for setting up a [CI/CD configuration](https://about.gitlab.com/handbook/engineering/#cicd-configuration). + 1. Follow the instructions for [publishing a project](https://about.gitlab.com/handbook/engineering/#publishing-a-project). + - See [issue + #325463](https://gitlab.com/gitlab-org/gitlab/-/issues/325463) + for an example. + - In some cases we may want to move a gem to its own namespace. Some + examples might be that it will naturally have more than one project + (say, something that has plugins as separate libraries), or that we + expect non-GitLab-team-members to be maintainers on this project as + well as GitLab team members. + + The latter situation (maintainers from outside GitLab) could also + apply if someone who currently works at GitLab wants to maintain + the gem beyond their time working at GitLab. + +When publishing a gem to RubyGems.org, also note the section on [gem +owners](https://about.gitlab.com/handbook/developer-onboarding/#ruby-gems) +in the handbook. + ## Upgrade Rails When upgrading the Rails gem and its dependencies, you also should update the following: @@ -58,7 +115,7 @@ operator](https://thoughtbot.com/blog/rubys-pessimistic-operator)) making it possible to upgrade `license_finder` or any other gem to a version that depends on `thor 1.2`. -Simlarly, if `license_finder` had a vulnerability fixed in 6.0.1, we +Similarly, if `license_finder` had a vulnerability fixed in 6.0.1, we should add: ```ruby @@ -70,7 +127,7 @@ still depend on a newer version of `thor`, such as `6.0.2`, but would not be able to depend on the vulnerable version `6.0.0`. A downgrade like that could happen if we introduced a new dependency -that also relied on thor but had its version pinned to a vulnerable +that also relied on `thor` but had its version pinned to a vulnerable one. These changes are easy to miss in the `Gemfile.lock`. Pinning the version would result in a conflict that would need to be solved. diff --git a/doc/development/geo/framework.md b/doc/development/geo/framework.md index 2b3e4826de5..4460e6f66a8 100644 --- a/doc/development/geo/framework.md +++ b/doc/development/geo/framework.md @@ -164,7 +164,9 @@ Models that use [CarrierWave's](https://github.com/carrierwaveuploader/carrierwa Each file is expected to have its own primary ID and model. Geo strongly recommends treating *every single file* as a first-class citizen, because in our experience this greatly simplifies tracking replication and verification state. -To implement Geo replication of a new blob-type Model, [open an issue with the provided issue template](https://gitlab.com/gitlab-org/gitlab/-/issues/new?issuable_template=Geo%3A%20Replicate%20a%20new%20blob%20type). +To implement Geo replication of a new blob-type Model, [open an issue with the provided issue template](https://gitlab.com/gitlab-org/gitlab/-/issues/new?issuable_template=Geo%20Replicate%20a%20new%20blob%20type). + +To view the implementation steps without opening an issue, [view the issue template file](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/issue_templates/Geo%20Replicate%20a%20new%20blob%20type.md). ### Repository Replicator Strategy @@ -172,4 +174,6 @@ Models that refer to any Git repository on disk are supported by Geo with the `G Each Git repository is expected to have its own primary ID and model. -To implement Geo replication of a new Git repository-type Model, [open an issue with the provided issue template](https://gitlab.com/gitlab-org/gitlab/-/issues/new?issuable_template=Geo%3A%20Replicate%20a%20new%20Git%20repository%20type). +To implement Geo replication of a new Git repository-type Model, [open an issue with the provided issue template](https://gitlab.com/gitlab-org/gitlab/-/issues/new?issuable_template=Geo%20Replicate%20a%20new%20Git%20repository%20type). + +To view the implementation steps without opening an issue, [view the issue template file](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/issue_templates/Geo%20Replicate%20a%20new%20Git%20repository%20type.md). diff --git a/doc/development/git_object_deduplication.md b/doc/development/git_object_deduplication.md index d9ff88aef60..1607f3e7a12 100644 --- a/doc/development/git_object_deduplication.md +++ b/doc/development/git_object_deduplication.md @@ -35,9 +35,9 @@ to work, it is of course critical that **no objects ever get deleted from B** because A might need them. WARNING: -Do not run `git prune` or `git gc` in pool repositories! This can -cause data loss in "real" repositories that depend on the pool in -question. +Do not run `git prune` or `git gc` in object pool repositories, which are +stored in the `@pools` directory. This can cause data loss in the regular +repositories that depend on the object pool. The danger lies in `git prune`, and `git gc` calls `git prune`. The problem is that `git prune`, when running in a pool repository, cannot @@ -45,8 +45,8 @@ reliable decide if an object is no longer needed. ### Git alternates in GitLab: pool repositories -GitLab organizes this object borrowing by creating special **pool -repositories** which are hidden from the user. We then use Git +GitLab organizes this object borrowing by [creating special **pool +repositories**](../administration/repository_storage_types.md) which are hidden from the user. We then use Git alternates to let a collection of project repositories borrow from a single pool repository. We call such a collection of project repositories a pool. Pools form star-shaped networks of repositories diff --git a/doc/development/go_guide/index.md b/doc/development/go_guide/index.md index e8c0c751af9..1513b65d19f 100644 --- a/doc/development/go_guide/index.md +++ b/doc/development/go_guide/index.md @@ -449,12 +449,12 @@ Once you've picked a new Go version to use, the steps to update Omnibus and CNG are: - [Create a merge request in the CNG project](https://gitlab.com/gitlab-org/build/CNG/-/edit/master/ci_files/variables.yml?branch_name=update-go-version), - updating the `GO_VERSION` in `ci_files/variables.yml`. + update the `GO_VERSION` in `ci_files/variables.yml`. - [Create a merge request in the `gitlab-omnibus-builder` project](https://gitlab.com/gitlab-org/gitlab-omnibus-builder/-/edit/master/docker/VERSIONS?branch_name=update-go-version), - updating the `GO_VERSION` in `docker/VERSIONS`. + update the `GO_VERSION` in `docker/VERSIONS`. - Tag a new release of `gitlab-omnibus-builder` containing the change. - [Create a merge request in the `omnibus-gitlab` project](https://gitlab.com/gitlab-org/omnibus-gitlab/edit/master/.gitlab-ci.yml?branch_name=update-gitlab-omnibus-builder-version), - updating the `BUILDER_IMAGE_REVISION` to match the newly-created tag. + update the `BUILDER_IMAGE_REVISION` to match the newly-created tag. To reduce unnecessary differences between two distribution methods, Omnibus and CNG **should always use the same Go version**. @@ -501,7 +501,7 @@ up to run `goimports -local gitlab.com/gitlab-org` so that it's applied to every ### Analyzer Tests -The conventional Secure [analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/) has a [`convert` function](https://gitlab.com/gitlab-org/security-products/analyzers/command/-/blob/main/convert.go#L15-17) that converts SAST/DAST scanner reports into [GitLab Security Reports](https://gitlab.com/gitlab-org/security-products/security-report-schemas). When writing tests for the `convert` function, we should make use of [test fixtures](https://dave.cheney.net/2016/05/10/test-fixtures-in-go) using a `testdata` directory at the root of the analyzer's repo. The `testdata` directory should contain two subdirectories: `expect` and `reports`. The `reports` directory should contain sample SAST/DAST scanner reports which are passed into the `convert` function during the test setup. The `expect` directory should contain the expected GitLab Security Report that the `convert` returns. See Secret Detection for an [example](https://gitlab.com/gitlab-org/security-products/analyzers/secrets/-/blob/160424589ef1eed7b91b59484e019095bc7233bd/convert_test.go#L13-66). +The conventional Secure [analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/) has a [`convert` function](https://gitlab.com/gitlab-org/security-products/analyzers/command/-/blob/main/convert.go#L15-17) that converts SAST/DAST scanner reports into [GitLab Security Reports](https://gitlab.com/gitlab-org/security-products/security-report-schemas). When writing tests for the `convert` function, we should make use of [test fixtures](https://dave.cheney.net/2016/05/10/test-fixtures-in-go) using a `testdata` directory at the root of the analyzer's repository. The `testdata` directory should contain two subdirectories: `expect` and `reports`. The `reports` directory should contain sample SAST/DAST scanner reports which are passed into the `convert` function during the test setup. The `expect` directory should contain the expected GitLab Security Report that the `convert` returns. See Secret Detection for an [example](https://gitlab.com/gitlab-org/security-products/analyzers/secrets/-/blob/160424589ef1eed7b91b59484e019095bc7233bd/convert_test.go#L13-66). If the scanner report is small, less than 35 lines, then feel free to [inline the report](https://gitlab.com/gitlab-org/security-products/analyzers/sobelow/-/blob/8bd2428a/convert/convert_test.go#L13-77) rather than use a `testdata` directory. diff --git a/doc/development/graphql_guide/authorization.md b/doc/development/graphql_guide/authorization.md index ee5713f6fda..8f17a8b6c93 100644 --- a/doc/development/graphql_guide/authorization.md +++ b/doc/development/graphql_guide/authorization.md @@ -148,7 +148,7 @@ end ``` In this example, we use field authorization (such as -`Ability.allowed?(current_user, :read_transactions, bank_account)`) to avoid +`Ability.allowed?(current_user, :read_transactions, bank_account)`) to avoid a more expensive query: ```ruby diff --git a/doc/development/graphql_guide/pagination.md b/doc/development/graphql_guide/pagination.md index 55ff7942418..5db9238faed 100644 --- a/doc/development/graphql_guide/pagination.md +++ b/doc/development/graphql_guide/pagination.md @@ -12,6 +12,10 @@ GitLab uses two primary types of pagination: **offset** and **keyset** (sometimes called cursor-based) pagination. The GraphQL API mainly uses keyset pagination, falling back to offset pagination when needed. +### Performance considerations + +See the [general pagination guidelines section](../database/pagination_guidelines.md) for more information. + ### Offset pagination This is the traditional, page-by-page pagination, that is most common, diff --git a/doc/development/i18n/externalization.md b/doc/development/i18n/externalization.md index 0f7b8078933..b177a7e0138 100644 --- a/doc/development/i18n/externalization.md +++ b/doc/development/i18n/externalization.md @@ -19,7 +19,7 @@ All `rake` commands described on this page must be run on a GitLab instance, usu ## Setting up GitLab Development Kit (GDK) In order to be able to work on the [GitLab Community Edition](https://gitlab.com/gitlab-org/gitlab-foss) -project you must download and configure it through [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/set-up-gdk.md). +project you must download and configure it through [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/set-up-gdk.md). After you have the GitLab project ready, you can start working on the translation. @@ -491,6 +491,48 @@ To avoid this error, use the applicable HTML entity code (`<` or `>`) inst // => 'In < 1 hour' ``` +### Numbers + +Different locales may use different number formats. To support localization of numbers, we use `formatNumber`, +which leverages [`toLocaleString()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/toLocaleString). + +`formatNumber` formats numbers as strings using the current user locale by default. + +- In JavaScript + +```javascript +import { formatNumber } from '~/locale'; + +// Assuming "User Preferences > Language" is set to "English": + +const tenThousand = formatNumber(10000); // "10,000" (uses comma as decimal symbol in English locale) +const fiftyPercent = formatNumber(0.5, { style: 'percent' }) // "50%" (other options are passed to toLocaleString) +``` + +- In Vue templates + +```html +<script> +import { formatNumber } from '~/locale'; + +export default { + //... + methods: { + // ... + formatNumber, + }, +} +</script> +<template> +<div class="my-number"> + {{ formatNumber(10000) }} <!-- 10,000 --> +</div> +<div class="my-percent"> + {{ formatNumber(0.5, { style: 'percent' }) }} <!-- 50% --> +</div> +</template> +``` + ### Dates / times - In JavaScript: @@ -753,6 +795,10 @@ aren't in the message with ID `1 pipeline`. ## Adding a new language +A new language should only be added as an option in User Preferences once at least 10% of the +strings have been translated and approved. Even though a larger number of strings may have been +translated, only the approved translations display in the GitLab UI. + NOTE: [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/221012) in GitLab 13.3: Languages with less than 2% of translations are not available in the UI. diff --git a/doc/development/i18n/merging_translations.md b/doc/development/i18n/merging_translations.md index 553820733e7..48474a68d16 100644 --- a/doc/development/i18n/merging_translations.md +++ b/doc/development/i18n/merging_translations.md @@ -78,3 +78,10 @@ recreate it with the following steps: 1. Select the `gitlab-org/gitlab` repository. 1. In `Select Branches for Translation`, select `master`. 1. Ensure the `Service Branch Name` is `master-i18n`. + +## Manually update the translation levels + +There's no automated way to pull the translation levels from CrowdIn, to display +this information in the language selection dropdown. Therefore, the translation +levels are hard-coded in the `TRANSLATION_LEVELS` constant in [`i18n.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/i18n.rb), +and must be regularly updated. diff --git a/doc/development/img/distributed_tracing_performance_bar.png b/doc/development/img/distributed_tracing_performance_bar.png Binary files differdeleted file mode 100644 index 8c819045104..00000000000 --- a/doc/development/img/distributed_tracing_performance_bar.png +++ /dev/null diff --git a/doc/development/img/offset_pagination_ui_v13_11.jpg b/doc/development/img/offset_pagination_ui_v13_11.jpg Binary files differnew file mode 100644 index 00000000000..d17acc20dcb --- /dev/null +++ b/doc/development/img/offset_pagination_ui_v13_11.jpg diff --git a/doc/development/img/project_issues_pagination_v13_11.jpg b/doc/development/img/project_issues_pagination_v13_11.jpg Binary files differnew file mode 100644 index 00000000000..3f3c268cd16 --- /dev/null +++ b/doc/development/img/project_issues_pagination_v13_11.jpg diff --git a/doc/development/img/speedscope_v13_12.png b/doc/development/img/speedscope_v13_12.png Binary files differnew file mode 100644 index 00000000000..03ff46f4e0b --- /dev/null +++ b/doc/development/img/speedscope_v13_12.png diff --git a/doc/development/import_export.md b/doc/development/import_export.md index fd795880d2d..bc1927fffde 100644 --- a/doc/development/import_export.md +++ b/doc/development/import_export.md @@ -284,6 +284,27 @@ methods: - :type ``` +Customize the export order of the model relationships: + +```yaml +# Specify a custom export reordering for a given relationship +# For example for issues we use a custom export reordering by relative_position, so that on import, we can reset the +# relative position value, but still keep the issues order to the order in which issues were in the exported project. +# By default the ordering of relations is done by PK. +# column - specify the column by which to reorder, by default it is relation's PK +# direction - specify the ordering direction :asc or :desc, default :asc +# nulls_position - specify where would null values be positioned. Because custom ordering column can contain nulls we +# need to also specify where would the nulls be placed. It can be :nulls_last or :nulls_first, defaults +# to :nulls_last + +export_reorders: + project: + issues: + column: :relative_position + direction: :asc + nulls_position: :nulls_last +``` + ### Import The import job status moves from `none` to `finished` or `failed` into different states: diff --git a/doc/development/import_project.md b/doc/development/import_project.md index a4917cc0c3d..0c8406e2ebc 100644 --- a/doc/development/import_project.md +++ b/doc/development/import_project.md @@ -216,6 +216,6 @@ This is due to a [n+1 calls limit being set for development setups](gitaly.md#to Many of the tests also require a GitLab Personal Access Token. This is due to numerous endpoints themselves requiring authentication. -[The official GitLab docs detail how to create this token](../user/profile/personal_access_tokens.md#creating-a-personal-access-token). The tests require that the token is generated by an admin user and that it has the `API` and `read_repository` permissions. +[The official GitLab docs detail how to create this token](../user/profile/personal_access_tokens.md#create-a-personal-access-token). The tests require that the token is generated by an admin user and that it has the `API` and `read_repository` permissions. Details on how to use the Access Token with each type of test are found in their respective documentation. diff --git a/doc/development/integrations/codesandbox.md b/doc/development/integrations/codesandbox.md index 62acdda6d0d..234f8c7fe0b 100644 --- a/doc/development/integrations/codesandbox.md +++ b/doc/development/integrations/codesandbox.md @@ -15,7 +15,7 @@ creating upstream contributions like [this one](https://github.com/codesandbox/c Before using CodeSandbox with your local GitLab instance, you must: 1. Enable HTTPS on your GDK. CodeSandbox uses Service Workers that require `https`. - Follow the GDK [NGINX configuration instructions](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/nginx.md) to enable HTTPS for GDK. + Follow the GDK [NGINX configuration instructions](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/nginx.md) to enable HTTPS for GDK. 1. Clone the [`codesandbox-client` project](https://github.com/codesandbox/codesandbox-client) locally. If you plan on contributing upstream, you might want to fork and clone first. 1. (Optional) Use correct `python` and `nodejs` versions. Otherwise, `yarn` may fail to diff --git a/doc/development/integrations/jira_connect.md b/doc/development/integrations/jira_connect.md index 860fd88612f..98a48007238 100644 --- a/doc/development/integrations/jira_connect.md +++ b/doc/development/integrations/jira_connect.md @@ -16,7 +16,7 @@ The following are required to install and test the app: - [GDK in Gitpod](https://www.loom.com/share/9c9711d4876a40869b9294eecb24c54d) video. - - [GDK with Gitpod](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/gitpod.md) + - [GDK with Gitpod](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/gitpod.md) documentation. You **must not** use tunneling tools such as @@ -61,7 +61,7 @@ To install the app in Jira: If the app install failed, you might need to delete `jira_connect_installations` from your database. -1. Open the [database console](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/postgresql.md#access-postgresql). +1. Open the [database console](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/postgresql.md#access-postgresql). 1. Run `TRUNCATE TABLE jira_connect_installations CASCADE;`. ## Add a namespace diff --git a/doc/development/integrations/secure.md b/doc/development/integrations/secure.md index ae4e952d063..fe3135b72b6 100644 --- a/doc/development/integrations/secure.md +++ b/doc/development/integrations/secure.md @@ -69,7 +69,7 @@ so the [`allow_failure`](../../ci/yaml/README.md#allow_failure) parameter should Scanning jobs must declare a report that corresponds to the type of scanning they perform, using the [`artifacts:reports`](../../ci/yaml/README.md#artifactsreports) keyword. -Valid reports are: `dependency_scanning`, `container_scanning`, `dast`, and `sast`. +Valid reports are: `dependency_scanning`, `container_scanning`, `dast`, `api_fuzzing`, `coverage_fuzzing`, and `sast`. For example, here is the definition of a SAST job that generates a file named `gl-sast-report.json`, and uploads it as a SAST report: @@ -290,6 +290,8 @@ You can find the schemas for these scanners here: - [DAST](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/master/dist/dast-report-format.json) - [Dependency Scanning](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/master/dist/dependency-scanning-report-format.json) - [Container Scanning](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/master/dist/container-scanning-report-format.json) +- [Coverage Fuzzing](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/master/dist/coverage-fuzzing-report-format.json) +- [Secret Detection](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/master/dist/secret-detection-report-format.json) ### Version @@ -384,7 +386,7 @@ It is recommended to reuse the identifiers the GitLab scanners already define: | [ELSA](https://linux.oracle.com/security/) | `elsa` | ELSA-2020-0085 | The generic identifiers listed above are defined in the [common library](https://gitlab.com/gitlab-org/security-products/analyzers/common), -which is shared by the analyzers that GitLab maintains. You can [contribute](https://gitlab.com/gitlab-org/security-products/analyzers/common/blob/master/issue/identifier.go) +which is shared by some of the analyzers that GitLab maintains. You can [contribute](https://gitlab.com/gitlab-org/security-products/analyzers/common/blob/master/issue/identifier.go) new generic identifiers to if needed. Analyzers may also produce vendor-specific or product-specific identifiers, which don't belong in the [common library](https://gitlab.com/gitlab-org/security-products/analyzers/common). @@ -548,7 +550,7 @@ of the available SAST Analyzers and what data is currently available. The `remediations` field of the report is an array of remediation objects. Each remediation describes a patch that can be applied to -[automatically fix](../../user/application_security/#apply-an-automatic-remediation-for-a-vulnerability) +[automatically fix](../../user/application_security/vulnerabilities/index.md#remediate-a-vulnerability-automatically) a set of vulnerabilities. Here is an example of a report that contains remediations. diff --git a/doc/development/integrations/secure_partner_integration.md b/doc/development/integrations/secure_partner_integration.md index 3154dc83ea4..fedd424309d 100644 --- a/doc/development/integrations/secure_partner_integration.md +++ b/doc/development/integrations/secure_partner_integration.md @@ -47,7 +47,7 @@ best place to integrate your own product and its results into GitLab. displays the results of the pipeline's security checks and the developer can review them. The developer can review both a summary and a detailed version of the results. -- If certain policies (such as [merge request approvals](../../user/project/merge_requests/merge_request_approvals.md)) +- If certain policies (such as [merge request approvals](../../user/project/merge_requests/approvals/index.md)) are in place for a project, developers must resolve specific findings or get an approval from a specific list of people. - The [security dashboard](../../user/application_security/security_dashboard/index.md) @@ -101,7 +101,7 @@ and complete an integration with the Secure stage. - Users can interact with the findings from your artifact within their workflow. They can dismiss the findings or accept them and create a backlog issue. - To automatically create issues without user interaction, use the [issue API](../../api/issues.md). 1. Optional: Provide auto-remediation steps: - - If you specified `remediations` in your artifact, it is proposed through our [automatic remediation](../../user/application_security/index.md#apply-an-automatic-remediation-for-a-vulnerability) + - If you specified `remediations` in your artifact, it is proposed through our [automatic remediation](../../user/application_security/vulnerabilities/index.md#remediate-a-vulnerability-automatically) interface. 1. Demo the integration to GitLab: - After you have tested and are ready to demo your integration please diff --git a/doc/development/interacting_components.md b/doc/development/interacting_components.md index 4c2d0580428..f6fec0cde8c 100644 --- a/doc/development/interacting_components.md +++ b/doc/development/interacting_components.md @@ -20,7 +20,7 @@ change that affects uploads should also be tested against [object storage](https which is _not_ enabled by default in [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit). When working on a related feature, make sure to enable and test it -against [MinIO](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/object_storage.md). +against [MinIO](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/object_storage.md). See also [File Storage in GitLab](file_storage.md). diff --git a/doc/development/internal_api.md b/doc/development/internal_api.md index 7c4f869d1a7..57dd1c0a65b 100644 --- a/doc/development/internal_api.md +++ b/doc/development/internal_api.md @@ -14,6 +14,22 @@ working on the GitLab codebase. This documentation does not yet include the internal API used by GitLab Pages. +## Adding new endpoints + +API endpoints should be externally accessible by default, with proper authentication and authorization. +Before adding a new internal endpoint, consider if the API would potentially be +useful to the wider GitLab community and can be made externally accessible. + +One reason we might favor internal API endpoints sometimes is when using such an endpoint requires +internal data that external actors can not have. For example, in the internal Pages API we might use +a secret token that identifies a request as internal or sign a request with a public key that is +not available to a wider community. + +Another reason to separate something into an internal API is when request to such API endpoint +should never go through an edge (public) load balancer. This way we can configure different rate +limiting rules and policies around how the endpoint is being accessed, because we know that only +internal requests can be made to that endpoint going through an internal load balancer. + ## Authentication These methods are all authenticated using a shared secret. This secret @@ -437,7 +453,8 @@ metric counters. | Attribute | Type | Required | Description | |:----------|:-------|:---------|:------------| -| `gitops_sync_count` | integer| yes | The number to increase the `gitops_sync_count` counter by | +| `gitops_sync_count` | integer| no | The number to increase the `gitops_sync_count` counter by | +| `k8s_api_proxy_request_count` | integer| no | The number to increase the `k8s_api_proxy_request_count` counter by | ```plaintext POST /internal/kubernetes/usage_metrics diff --git a/doc/development/jh_features_review.md b/doc/development/jh_features_review.md new file mode 100644 index 00000000000..260da2d7ef2 --- /dev/null +++ b/doc/development/jh_features_review.md @@ -0,0 +1,80 @@ +--- +stage: none +group: unassigned +info: https://gitlab.com/gitlab-jh/gitlab +--- + +# Guidelines for reviewing JiHu (JH) Edition related merge requests + +We have two kinds of changes related to JH: + +- Inside `jh/` + - This is beyond EE repository and not the intention for this documentation. +- Outside `jh/` + - These will have to sit in EE repository, so reviewers and maintainers for + EE repository will have to review and maintain. This includes codes like + `Gitlab.jh?`, and how it attempts to load codes under `jh/` just like we + have codes which will load codes under `ee/`. + - This documentation intended to guide how those codes should look like, so + we'll have better understanding what are the changes needed for looking up + codes under `jh/`. + - We will generalize this so both EE and JH can share the same mechanism, + then we wouldn't have to treat them differently. + +If needed, review the corresponding JH merge request located at [JH repository](https://gitlab.com/gitlab-jh/gitlab) + +## Act as EE when `jh/` does not exist + +- In the case of EE repository, `jh/` does not exist so it should just act like EE (or CE when the license is absent) +- In the case of JH repository, `jh/` does exist but `EE_ONLY` environment variable can be set to force it run under EE mode. +- In the case of JH repository, `jh/` does exist but `FOSS_ONLY` environment variable can be set to force it run under CE mode. + +## CI pipelines in a JH context + +EE repository does not have `jh/` directory therefore there is no way to run +JH pipelines in the EE repository. All JH tests should go to [JH repository](https://gitlab.com/gitlab-jh/gitlab). + +The top-level JH CI configuration is located at `jh/.gitlab-ci.yml` (which +does not exist in EE repository) and it'll include EE CI configurations +accordingly. Sometimes it's needed to update the EE CI configurations for JH +to customize more easily. + +### JH features based on CE or EE features + +For features that build on existing CE/EE features, a module in the `JH` +namespace injected in the CE/EE class/module is needed. This aligns with +what we're doing with EE features. + +See [EE features based on CE features](ee_features.md#ee-features-based-on-ce-features) for more details. + +For example, to prepend a module into the `User` class you would use +the following approach: + +```ruby +class User < ActiveRecord::Base + # ... lots of code here ... +end + +User.prepend_mod +``` + +Under EE, `User.prepend_mod` will attempt to: + +- Load EE module + +Under JH, `User.prepend_mod` will attempt to: + +- Load EE module, and: +- Load JH module + +Do not use methods such as `prepend`, `extend`, and `include`. Instead, use +`prepend_mod`, `extend_mod`, or `include_mod`. These methods will try to find +the relevant EE and JH modules by the name of the receiver module. + +If reviewing the corresponding JH file is needed, it should be found at +[JH repository](https://gitlab.com/gitlab-jh/gitlab). + +### General guidance for writing JH extensions + +See [Guidelines for implementing Enterprise Edition features](ee_features.md) +for general guidance. diff --git a/doc/development/licensing.md b/doc/development/licensing.md index 1ab56e60a0b..5f03013a780 100644 --- a/doc/development/licensing.md +++ b/doc/development/licensing.md @@ -48,6 +48,12 @@ For all of the above, please include `--why "Reason"` and `--who "My Name"` so t More detailed information on how the gem and its commands work is available in the [License Finder README](https://github.com/pivotal/LicenseFinder). +## Encryption keys + +If your license was created in your local development or staging environment for Customers Portal or License App, an environment variable called `GITLAB_LICENSE_MODE` with the value `test` needs to be set to use the correct decryption key. + +Those projects are set to use a test license encryption key by default. + ## Additional information Please see the [Open Source](https://about.gitlab.com/handbook/engineering/open-source/#using-open-source-libraries) page for more information on licensing. diff --git a/doc/development/merge_request_performance_guidelines.md b/doc/development/merge_request_performance_guidelines.md index 0f696d39092..543ca809f45 100644 --- a/doc/development/merge_request_performance_guidelines.md +++ b/doc/development/merge_request_performance_guidelines.md @@ -162,7 +162,22 @@ query. This in turn makes it much harder for this code to overload a database. In a DB cluster we have many read replicas and one primary. A classic use of scaling the DB is to have read-only actions be performed by the replicas. We use [load balancing](../administration/database_load_balancing.md) to distribute this load. This allows for the replicas to grow as the pressure on the DB grows. -By default, queries use read-only replicas, but due to [primary sticking](../administration/database_load_balancing.md#primary-sticking), GitLab sticks to using the primary for a certain period of time and reverts back to secondaries after they have either caught up or after 30 seconds, which can lead to a considerable amount of unnecessary load on the primary. In this [merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/56849) we introduced the `without_sticky_writes` block to prevent switching to the primary. This [merge request example](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57328) provides a good use case for when queries can stick to the primary and how to prevent this by using `without_sticky_writes`. +By default, queries use read-only replicas, but due to +[primary sticking](../administration/database_load_balancing.md#primary-sticking), GitLab uses the +primary for some time and reverts to secondaries after they have either caught up or after 30 seconds. +Doing this can lead to a considerable amount of unnecessary load on the primary. +To prevent switching to the primary [merge request 56849](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/56849) introduced the +`without_sticky_writes` block. Typically, this method can be applied to prevent primary stickiness +after a trivial or insignificant write which doesn't affect the following queries in the same session. + +To learn when a usage timestamp update can lead the session to stick to the primary and how to +prevent it by using `without_sticky_writes`, see [merge request 57328](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57328) + +As a counterpart of the `without_sticky_writes` utility, +[merge request 59167](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59167) introduced +`use_replicas_for_read_queries`. This method forces all read-only queries inside its block to read +replicas regardless of the current primary stickiness. +This utility is reserved for cases where queries can tolerate replication lag. Internally, our database load balancer classifies the queries based on their main statement (`select`, `update`, `delete`, etc.). When in doubt, it redirects the queries to the primary database. Hence, there are some common cases the load balancer sends the queries to the primary unnecessarily: @@ -171,7 +186,12 @@ Internally, our database load balancer classifies the queries based on their mai - In-flight connection configuration set - Sidekiq background jobs -Worse, after the above queries are executed, GitLab [sticks to the primary](../administration/database_load_balancing.md#primary-sticking). In [this merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/56476), we introduced `use_replica_if_possible` to make the inside queries prefer to use the replicas. That MR is also an example how we redirected a costly, time-consuming query to the replicas. +After the above queries are executed, GitLab +[sticks to the primary](../administration/database_load_balancing.md#primary-sticking). +To make the inside queries prefer using the replicas, +[merge request 59086](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59086) introduced +`fallback_to_replicas_for_ambiguous_queries`. This MR is also an example of how we redirected a +costly, time-consuming query to the replicas. ## Use CTEs wisely @@ -406,6 +426,8 @@ Take into consideration the following when choosing a pagination strategy: The database has to sort and iterate all previous items, and this operation usually can result in substantial load put on database. +You can find useful tips related to pagination in the [pagination guidelines](database/pagination_guidelines.md). + ## Badge counters Counters should always be truncated. It means that we don't want to present diff --git a/doc/development/migration_style_guide.md b/doc/development/migration_style_guide.md index 40457dbb533..e1444f1a726 100644 --- a/doc/development/migration_style_guide.md +++ b/doc/development/migration_style_guide.md @@ -33,7 +33,7 @@ compatible. For GitLab.com, please take into consideration that regular migrations (under `db/migrate`) are run before [Canary is deployed](https://gitlab.com/gitlab-com/gl-infra/readiness/-/tree/master/library/canary/#configuration-and-deployment), -and post-deployment migrations (`db/post_migrate`) are run after the deployment to production has finished. +and [post-deployment migrations](post_deployment_migrations.md) (`db/post_migrate`) are run after the deployment to production has finished. ## Schema Changes @@ -114,6 +114,30 @@ rails schema statement: [`add_index`](https://api.rubyonrails.org/v5.2/classes/A This is a blocking operation, but it doesn't cause problems because the table is not yet used, and therefore it does not have any records yet. +## Naming conventions + +We keep column names consistent with [ActiveRecord's schema conventions](https://guides.rubyonrails.org/active_record_basics.html#schema-conventions). + +Custom index names should follow the pattern `index_#{table_name}_on_#{column_1}_and_#{column_2}_#{condition}`. + +Examples: + +- `index_services_on_type_and_id_and_template_when_active` +- `index_projects_on_id_service_desk_enabled` +- `index_clusters_on_enabled_cluster_type_id_and_created_at` + +### Truncate long index names + +PostgreSQL [limits the length of identifiers](https://www.postgresql.org/docs/current/limits.html), +like column or index names. Column names are not usually a problem, but index names tend +to be longer. Some methods for shortening a name that's too long: + +- Prefix it with `i_` instead of `index_`. +- Skip redundant prefixes. For example, + `index_vulnerability_findings_remediations_on_vulnerability_remediation_id` becomes + `index_vulnerability_findings_remediations_on_remediation_id`. +- Instead of columns, specify the purpose of the index, such as `index_users_for_unconfirmation_notification`. + ## Heavy operations in a single transaction When using a single-transaction migration, a transaction holds a database connection diff --git a/doc/development/multi_version_compatibility.md b/doc/development/multi_version_compatibility.md index ff831bfa348..44e93bfb8a8 100644 --- a/doc/development/multi_version_compatibility.md +++ b/doc/development/multi_version_compatibility.md @@ -65,7 +65,7 @@ Let's see how we can handle them safely. ### Route changes When changing routing we should pay attention to make sure a route generated from the new version can be served by the old one and vice versa. -As you can see in [an example later on this page](#some-links-to-issues-and-mrs-were-broken), not doing it can lead to an outage. +[As you can see](#some-links-to-issues-and-mrs-were-broken), not doing it can lead to an outage. This type of change may look like an immediate switch between the two implementations. However, especially with the canary stage, there is an extended period of time where both version of the code coexists in production. diff --git a/doc/development/packages.md b/doc/development/packages.md index d4982473d67..3727376d957 100644 --- a/doc/development/packages.md +++ b/doc/development/packages.md @@ -219,12 +219,12 @@ demonstrates adding an instance-level endpoint for Conan to workhorse. You can a implemented in the same file. Once the route has been added, you must add an additional `/authorize` version of the upload endpoint to your API file. -[Here is an example](https://gitlab.com/gitlab-org/gitlab/blob/398fef1ca26ae2b2c3dc89750f6b20455a1e5507/ee/lib/api/maven_packages.rb#L164) -of the additional endpoint added for Maven. The `/authorize` endpoint verifies and authorizes the request from workhorse, +[This example](https://gitlab.com/gitlab-org/gitlab/blob/398fef1ca26ae2b2c3dc89750f6b20455a1e5507/ee/lib/api/maven_packages.rb#L164) +shows the additional endpoint added for Maven. The `/authorize` endpoint verifies and authorizes the request from workhorse, then the normal upload endpoint is implemented below, consuming the metadata that workhorse provides in order to create the package record. Workhorse provides a variety of file metadata such as type, size, and different checksum formats. -For testing purposes, you may want to [enable object storage](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/object_storage.md) +For testing purposes, you may want to [enable object storage](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/object_storage.md) in your local development environment. #### File size limits @@ -256,6 +256,30 @@ These route prefixes guarantee a higher rate limit: /api/v4/groups/:group_id/-/packages/ ``` +### MVC Checklist + +When adding support to GitLab for a new package manager, the first iteration must contain the +following features. You can add the features through many merge requests as needed, but all the +features must be implemented when the feature flag is removed. + +- Project-level API +- Push event tracking +- Pull event tracking +- Authentication with Personal Access Tokens +- Authentication with Job Tokens +- Authentication with Deploy Tokens (group and project) +- File size [limit](#file-size-limits) +- File format guards (only accept valid file formats for the package type) +- Name regex with validation +- Version regex with validation +- Workhorse route for [accelerated](uploads.md#how-to-add-a-new-upload-route) uploads +- Background workers for extracting package metadata (if applicable) +- Documentation (how to use the feature) +- API Documentation (individual endpoints with curl examples) +- Seeding in [`db/fixtures/development/26_packages.rb`](https://gitlab.com/gitlab-org/gitlab/blob/master/db/fixtures/development/26_packages.rb) +- Update the [runbook](https://gitlab.com/gitlab-com/runbooks/-/blob/31fb4959e89db25fddf865bc81734c222daf32dd/dashboards/stage-groups/package.dashboard.jsonnet#L74) for the Grafana charts +- End-to-end feature tests for (at the minimum) publishing and installing a package + ### Future Work While working on the MVC, contributors might find features that are not mandatory for the MVC but can provide a better user experience. It's generally a good idea to keep an eye on those and open issues. diff --git a/doc/development/performance.md b/doc/development/performance.md index e93dc26e4fc..c6fe9f29b53 100644 --- a/doc/development/performance.md +++ b/doc/development/performance.md @@ -257,8 +257,8 @@ The following configuration options can be configured: Defaults to `cpu`. - `STACKPROF_INTERVAL`: Sampling interval. Unit semantics depend on `STACKPROF_MODE`. For `object` mode this is a per-event interval (every `nth` event is sampled) - and defaults to `1000`. - For other modes such as `cpu` this is a frequency and defaults to `10000` μs (100hz). + and defaults to `100`. + For other modes such as `cpu` this is a frequency interval and defaults to `10100` μs (99hz). - `STACKPROF_FILE_PREFIX`: File path prefix where profiles are stored. Defaults to `$TMPDIR` (often corresponds to `/tmp`). - `STACKPROF_TIMEOUT_S`: Profiling timeout in seconds. Profiling will @@ -363,16 +363,18 @@ This patch is available by default for [CNG](https://gitlab.com/gitlab-org/build/CNG/-/merge_requests/591), [GitLab CI](https://gitlab.com/gitlab-org/gitlab-build-images/-/merge_requests/355), [GCK](https://gitlab.com/gitlab-org/gitlab-compose-kit/-/merge_requests/149) -and can additionally be enabled for [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/advanced.md#apply-custom-patches-for-ruby). +and can additionally be enabled for [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/advanced.md#apply-custom-patches-for-ruby). -This patch provides a set of 3 metrics that makes it easier to understand efficiency of memory usage for a given codepath: +This patch provides the following metrics that make it easier to understand efficiency of memory use for a given codepath: +- `mem_total_bytes`: the number of bytes consumed both due to new objects being allocated into existing object slots + plus additional memory allocated for large objects (that is, `mem_bytes + slot_size * mem_objects`). +- `mem_bytes`: the number of bytes allocated by `malloc` for objects that did not fit into an existing object slot. - `mem_objects`: the number of objects allocated. -- `mem_bytes`: the number of bytes allocated by malloc. -- `mem_mallocs`: the number of malloc allocations. +- `mem_mallocs`: the number of `malloc` calls. The number of objects and bytes allocated impact how often GC cycles happen. -Fewer objects allocations result in a significantly more responsive application. +Fewer object allocations result in a significantly more responsive application. It is advised that web server requests do not allocate more than `100k mem_objects` and `100M mem_bytes`. You can view the current usage on [GitLab.com](https://log.gprd.gitlab.net/goto/3a9678bb595e3f89a0c7b5c61bcc47b9). diff --git a/doc/development/permissions.md b/doc/development/permissions.md index 2af451840d6..6ff0c6d5167 100644 --- a/doc/development/permissions.md +++ b/doc/development/permissions.md @@ -39,11 +39,16 @@ Additionally, the following project features can have different visibility level - Issues - Repository - Merge Request + - Forks - Pipelines - - Container Registry - - Git Large File Storage +- Analytics +- Requirements +- Security & Compliance - Wiki - Snippets +- Pages +- Operations +- Metrics Dashboard These features can be set to "Everyone with Access" or "Only Project Members". They make sense only for public or internal projects because private projects diff --git a/doc/development/pipelines.md b/doc/development/pipelines.md index 8a93a46247e..24f35bdab57 100644 --- a/doc/development/pipelines.md +++ b/doc/development/pipelines.md @@ -424,31 +424,85 @@ This experiment is only enabled when the CI/CD variable `RSPEC_FAIL_FAST_ENABLED The test files related to the Merge Request are determined using the [`test_file_finder`](https://gitlab.com/gitlab-org/ci-cd/test_file_finder) gem. We are using a custom mapping between source file to test files, maintained in the `tests.yml` file. +### RSpec minimal job experiment + +As part of the objective to improve overall pipeline duration, we are experimenting with a minimal set of RSpec tests. +The purpose of this experiment is to verify if we are able to run a minimal set of RSpec tests in a Merge Request pipeline, +without resulting in increased number of broken master. + +To identify the minimal set of tests needed, we use [Crystalball gem](https://github.com/toptal/crystalball) to create a test mapping. +The test mapping contains a map of each source files to a list of test files which is dependent of the source file. +This mapping is currently generated using a combination of test coverage tracing and a static mapping. +In the `detect-tests` job, we use this mapping to identify the minimal tests needed for the current Merge Request. + +In this experiment, each `rspec` job is accompanied with a `minimal` version. +For example, `rspec unit` job has a corresponding `rspec unit minimal` job. +During the experiment, each Merge Request pipeline will contain both versions of the job, running in parallel. + +To illustrate this: + +```mermaid +graph LR + A --"artifact: list of test files"--> C1 & D1 & E1 & F1 + + subgraph "prepare stage"; + A["detect-tests"]; + end + + subgraph "test stage"; + C["rspec migration"]; + C1["rspec migration minimal"]; + D["rspec unit"]; + D1["rspec unit minimal"]; + E["rspec integration"]; + E1["rspec integration minimal"]; + F["rspec system"]; + F1["rspec system minimal"]; + end +``` + +The result of both set of jobs in the pipeline is then compared to identify any false positive. +A list of such pipeline can be found in [Sisense](https://app.periscopedata.com/app/gitlab/496118/Engineering-Productivity-Sandbox?widget=10492739&udv=833427). + +A false positive is defined as a pipeline where the `minimal` jobs passed, but the non-`minimal` jobs failed. +This indicates that the changeset resulted in a test failure, which was not detected by the `minimal` jobs. +Consequently, this signifies a gap in the test mapping used, which would need to be rectified. + +#### Findings + +After a round of the experiment done in December 2020, +we discovered that it was challenging to achieve a mapping that gives high confidence at the moment, +because of 2 reasons: + +- Each identified gap in the test mapping is unique, each needing its own investigation and improvement to the creation of the test mapping. +- There is a large number of flaky tests which added a lot of noise in the data, slowing down the investigation process. + ### PostgreSQL versions testing -Even though [Omnibus defaults to PG12 for new installs and upgrades](https://docs.gitlab.com/omnibus/package-information/postgresql_versions.html), -our test suite is currently running against PG11, since GitLab.com still runs on PG11. +Our test suite runs against PG12 as GitLab.com runs on PG12 and +[Omnibus defaults to PG12 for new installs and upgrades](https://docs.gitlab.com/omnibus/package-information/postgresql_versions.html), +Our test suite is currently running against PG11, since GitLab.com still runs on PG11. -We do run our test suite against PG12 on nightly scheduled pipelines as well as upon specific -database library changes in MRs and `master` pipelines (with the `rspec db-library-code pg12` job). +We do run our test suite against PG11 on nightly scheduled pipelines as well as upon specific +database library changes in MRs and `master` pipelines (with the `rspec db-library-code pg11` job). #### Current versions testing | Where? | PostgreSQL version | | ------ | ------------------ | -| MRs | 11, 12 for DB library changes | -| `master` (non-scheduled pipelines) | 11, 12 for DB library changes | -| 2-hourly scheduled pipelines | 11, 12 for DB library changes | -| `nightly` scheduled pipelines | 11, 12 | +| MRs | 12, 11 for DB library changes | +| `master` (non-scheduled pipelines) | 12, 11 for DB library changes | +| 2-hourly scheduled pipelines | 12, 11 for DB library changes | +| `nightly` scheduled pipelines | 12, 11 | #### Long-term plan We follow the [PostgreSQL versions shipped with Omnibus GitLab](https://docs.gitlab.com/omnibus/package-information/postgresql_versions.html): -| PostgreSQL version | 13.7 (December 2020) | 13.8 (January 2021) | 13.9 (February 2021) | 13.10 (March 2021) | 13.11 (April 2021) | 14.0 (May 2021?) | -| -------------------| -------------------- | ------------------- | -------------------- | ------------------ | ------------------ | ---------------- | -| PG11 | MRs/`2-hour`/`nightly` | MRs/`2-hour`/`nightly` | MRs/`2-hour`/`nightly` | MRs/`2-hour`/`nightly` | MRs/`2-hour`/`nightly` | MRs/`2-hour`/`nightly` | -| PG12 | `nightly` | `nightly` | `nightly` | `nightly` | `nightly` | `nightly` | +| PostgreSQL version | 13.11 (April 2021) | 13.12 (May 2021) | 14.0 (June 2021?) | +| -------------------| ---------------------- | ---------------------- | ---------------------- | +| PG12 | `nightly` | MRs/`2-hour`/`nightly` | MRs/`2-hour`/`nightly` | +| PG11 | MRs/`2-hour`/`nightly` | `nightly` | `nightly` | ### Test jobs @@ -494,7 +548,7 @@ request, be sure to start the `dont-interrupt-me` job before pushing. 1. All jobs must only pull caches by default. 1. All jobs must be able to pass with an empty cache. In other words, caches are only there to speed up jobs. -1. We currently have several different caches defined in +1. We currently have several different cache definitions defined in [`.gitlab/ci/global.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/global.gitlab-ci.yml), with fixed keys: - `.setup-test-env-cache` @@ -505,17 +559,15 @@ request, be sure to start the `dont-interrupt-me` job before pushing. - `.qa-cache` - `.yarn-cache` - `.assets-compile-cache` (the key includes `${NODE_ENV}` so it's actually two different caches). +1. These cache definitions are composed of [multiple atomic caches](../ci/yaml/README.md#multiple-caches). 1. Only 6 specific jobs, running in 2-hourly scheduled pipelines, are pushing (i.e. updating) to the caches: - `update-setup-test-env-cache`, defined in [`.gitlab/ci/rails.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/rails.gitlab-ci.yml). - - `update-rails-cache`, defined in [`.gitlab/ci/rails.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/rails.gitlab-ci.yml). - `update-static-analysis-cache`, defined in [`.gitlab/ci/rails.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/rails.gitlab-ci.yml). - - `update-coverage-cache`, defined in [`.gitlab/ci/rails.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/rails.gitlab-ci.yml). - - `update-danger-review-cache`, defined in [`.gitlab/ci/review.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/review.gitlab-ci.yml). - `update-qa-cache`, defined in [`.gitlab/ci/qa.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/qa.gitlab-ci.yml). - `update-assets-compile-production-cache`, defined in [`.gitlab/ci/frontend.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/frontend.gitlab-ci.yml). - `update-assets-compile-test-cache`, defined in [`.gitlab/ci/frontend.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/frontend.gitlab-ci.yml). - `update-yarn-cache`, defined in [`.gitlab/ci/frontend.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/frontend.gitlab-ci.yml). -1. These jobs run in merge requests whose title include `UPDATE CACHE`. +1. These jobs can also be forced to run in merge requests whose title include `UPDATE CACHE` (this can be useful to warm the caches in a MR that updates the cache keys). ### Artifacts strategy @@ -539,12 +591,12 @@ The `CI_PRE_CLONE_SCRIPT` is currently defined as a project CI/CD variable: ( echo "Downloading archived master..." wget -O /tmp/gitlab.tar.gz https://storage.googleapis.com/gitlab-ci-git-repo-cache/project-278964/gitlab-master-shallow.tar.gz - + if [ ! -f /tmp/gitlab.tar.gz ]; then echo "Repository cache not available, cloning a new directory..." exit fi - + rm -rf $CI_PROJECT_DIR echo "Extracting tarball into $CI_PROJECT_DIR..." mkdir -p $CI_PROJECT_DIR diff --git a/doc/development/policies.md b/doc/development/policies.md index c1a87990bc9..315878e19d9 100644 --- a/doc/development/policies.md +++ b/doc/development/policies.md @@ -68,7 +68,7 @@ Within the rule DSL, you can use: - `can?(:other_ability)` delegates to the rules that apply to `:other_ability`. Note that this is distinct from the instance method `can?`, which can check dynamically - this only configures a delegation to another ability. `~`, `&` and `|` operators are overridden methods in -[`DeclarativePolicy::Rule::Base`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/declarative_policy/rule.rb). +[`DeclarativePolicy::Rule::Base`](https://gitlab.com/gitlab-org/declarative-policy/-/blob/main/lib/declarative_policy/rule.rb). Do not use boolean operators such as `&&` and `||` within the rule DSL, as conditions within rule blocks are objects, not booleans. The same diff --git a/doc/development/product_analytics/snowplow.md b/doc/development/product_analytics/snowplow.md deleted file mode 100644 index 4e2f6530126..00000000000 --- a/doc/development/product_analytics/snowplow.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: '../snowplow/index.md' ---- - -This document was moved to [another location](../snowplow/index.md). - -<!-- This redirect file can be deleted after April 1, 2021. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/product_analytics/usage_ping.md b/doc/development/product_analytics/usage_ping.md deleted file mode 100644 index 43acf5b7e3f..00000000000 --- a/doc/development/product_analytics/usage_ping.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: '../usage_ping/index.md' ---- - -This document was moved to [another location](../usage_ping/index.md). - -<!-- This redirect file can be deleted after April 1, 2021. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/profiling.md b/doc/development/profiling.md index 5c5ad5f9c39..81881a4d490 100644 --- a/doc/development/profiling.md +++ b/doc/development/profiling.md @@ -96,6 +96,16 @@ that builds on this to add some additional niceties, such as allowing configuration with a single YAML file for multiple URLs, and uploading of the profile and log output to S3. +## Speedscope flamegraphs + +You can generate a flamegraph for a particular URL by adding the `performance_bar=flamegraph` parameter to the request. + + + +More information about the views can be found in the [Speedscope docs](https://github.com/jlfwong/speedscope#views) + +This is enabled for all users that can access the performance bar. + ## Sherlock Sherlock is a custom profiling tool built into GitLab. Sherlock is _only_ @@ -106,7 +116,7 @@ environment variable `ENABLE_SHERLOCK` to a non empty value. For example: ENABLE_SHERLOCK=1 bundle exec rails s ``` -Sherlock is also [available though the GitLab GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/sherlock.md). +Sherlock is also [available though the GitLab GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/sherlock.md). Recorded transactions can be found by navigating to `/sherlock/transactions`. @@ -195,7 +205,7 @@ This endpoint is only available for Rails web workers. Sidekiq workers can not b To disable those features for profiling/benchmarking set the `RAILS_PROFILE` environment variable to `true` before starting GitLab. For example when using GDK: -- create a file [`env.runit`](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/runit.md#modifying-environment-configuration-for-services) in the root GDK directory +- create a file [`env.runit`](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/runit.md#modifying-environment-configuration-for-services) in the root GDK directory - add `export RAILS_PROFILE=true` to your `env.runit` file - restart GDK with `gdk restart` diff --git a/doc/development/rake_tasks.md b/doc/development/rake_tasks.md index f88424287b1..c6c3d39c57f 100644 --- a/doc/development/rake_tasks.md +++ b/doc/development/rake_tasks.md @@ -362,3 +362,7 @@ This uses GraphQL Ruby's built-in Rake tasks to generate files in both [IDL](htt ### Update documentation and schema definitions The following command combines the intent of [Update GraphQL documentation and schema definitions](#update-graphql-documentation-and-schema-definitions) and [Update machine-readable schema files](#update-machine-readable-schema-files): + +```shell +bundle exec rake gitlab:graphql:update_all +``` diff --git a/doc/development/service_measurement.md b/doc/development/service_measurement.md index 895ac540838..82fb9731bcb 100644 --- a/doc/development/service_measurement.md +++ b/doc/development/service_measurement.md @@ -52,7 +52,7 @@ class DummyService end end -DummyService.prepend_if_ee('EE::DummyService') +DummyService.prepend_mod_with('DummyService') DummyService.prepend(Measurable) ``` diff --git a/doc/development/shared_files.md b/doc/development/shared_files.md index 6c273f2899d..e26464a5d80 100644 --- a/doc/development/shared_files.md +++ b/doc/development/shared_files.md @@ -6,34 +6,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Shared files -Historically, GitLab has been storing shared files in many different -directories: `public/uploads`, `builds`, `tmp/repositories`, `tmp/rebase` (EE), -etc. Having so many shared directories makes it difficult to deploy GitLab on -shared storage (e.g. NFS). Working towards GitLab 9.0 we are consolidating -these different directories under the `shared` directory. +Historically, GitLab supported storing files that could be accessed from multiple application +servers in `shared/`, using a shared storage solution like NFS. Although this is still an option for +some GitLab installations, it must not be the only file storage option for a given feature. This is +because [cloud-native GitLab installations do not support it](architecture.md#adapting-existing-and-introducing-new-components). -This means that if GitLab begins storing puppies in some future version -then we should put them in `shared/puppies`. Temporary puppy files should be -stored in `shared/tmp`. - -In the GitLab application code you can get the full path to the `shared` -directory with `Gitlab.config.shared.path`. - -## What is not a 'shared file' - -Files that belong to only one process, or on only one server, should not go in -`shared`. Examples include PID files and sockets. - -## Temporary files and shared storage - -Sometimes you create a temporary file on disk with the intention of it becoming -'official'. For example you might be first streaming an upload from a user to -disk in a temporary file so you can perform some checks on it. When the checks -pass, you make the file official. In scenarios like this please follow these -rules: - -- Store the temporary file under `shared/tmp`, i.e. on the same file system you - want the official file to be on. -- Use move/rename operations when operating on the file instead of copy - operations where possible, because renaming a file is much faster than - copying it. +Our [uploads documentation](uploads.md) describes how to handle file storage in +such a way that it supports both options: direct disk access and object storage. diff --git a/doc/development/sidekiq_style_guide.md b/doc/development/sidekiq_style_guide.md index 4bcd5e50fae..82b6a54540f 100644 --- a/doc/development/sidekiq_style_guide.md +++ b/doc/development/sidekiq_style_guide.md @@ -15,6 +15,36 @@ All workers should include `ApplicationWorker` instead of `Sidekiq::Worker`, which adds some convenience methods and automatically sets the queue based on the worker's name. +## Retries + +Sidekiq defaults to using [25 +retries](https://github.com/mperham/sidekiq/wiki/Error-Handling#automatic-job-retry), +with back-off between each retry. 25 retries means that the last retry +would happen around three weeks after the first attempt (assuming all 24 +prior retries failed). + +For most workers - especially [idempotent workers](#idempotent-jobs) - +the default of 25 retries is more than sufficient. Many of our older +workers declare 3 retries, which used to be the default within the +GitLab application. 3 retries happen over the course of a couple of +minutes, so the jobs are prone to failing completely. + +A lower retry count may be applicable if any of the below apply: + +1. The worker contacts an external service and we do not provide + guarantees on delivery. For example, webhooks. +1. The worker is not idempotent and running it multiple times could + leave the system in an inconsistent state. For example, a worker that + posts a system note and then performs an action: if the second step + fails and the worker retries, the system note will be posted again. +1. The worker is a cronjob that runs frequently. For example, if a cron + job runs every hour, then we don't need to retry beyond an hour + because we don't need two of the same job running at once. + +Each retry for a worker is counted as a failure in our metrics. A worker +which always fails 9 times and succeeds on the 10th would have a 90% +error rate. + ## Dedicated Queues All workers should use their own queue, which is automatically set based on the @@ -719,6 +749,23 @@ possible situations: 1. A job is queued by a node running the newer version of the application, but executed on a node running an older version of the application. +### Adding new workers + +On GitLab.com, we [do not currently have a Sidekiq deployment in the +canary stage](https://gitlab.com/gitlab-org/gitlab/-/issues/19239). This +means that a new worker than can be scheduled from an HTTP endpoint may +be scheduled from canary but not run on Sidekiq until the full +production deployment is complete. This can be several hours later than +scheduling the job. For some workers, this will not be a problem. For +others - particularly [latency-sensitive +jobs](#latency-sensitive-jobs) - this will result in a poor user +experience. + +This only applies to new worker classes when they are first introduced. +As we recommend [using feature flags](feature_flags/) as a general +development process, it's best to control the entire change (including +scheduling of the new Sidekiq worker) with a feature flag. + ### Changing the arguments for a worker Jobs need to be backward and forward compatible between consecutive versions diff --git a/doc/development/snowplow/dictionary.md b/doc/development/snowplow/dictionary.md new file mode 100644 index 00000000000..f20ec41d558 --- /dev/null +++ b/doc/development/snowplow/dictionary.md @@ -0,0 +1,44 @@ +--- +stage: Growth +group: Product Intelligence +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + +<!--- + This documentation is auto generated by a script. + + Please do not edit this file directly, check generate_metrics_dictionary task on lib/tasks/gitlab/usage_data.rake. +---> + +<!-- vale gitlab.Spelling = NO --> + +# Event Dictionary + +This file is autogenerated, please do not edit it directly. + +To generate these files from the GitLab repository, run: + +```shell +bundle exec rake gitlab:snowplow:generate_event_dictionary +``` + +The Event Dictionary is based on the following event definition YAML files: + +- [`config/events`](https://gitlab.com/gitlab-org/gitlab/-/tree/f9a404301ca22d038e7b9a9eb08d9c1bbd6c4d84/config/events) +- [`ee/config/events`](https://gitlab.com/gitlab-org/gitlab/-/tree/f9a404301ca22d038e7b9a9eb08d9c1bbd6c4d84/ee/config/events) + +## Event definitions + +### `epics promote` + +| category | action | label | property | value | +|---|---|---|---|---| +| `epics` | `promote` | `` | `The string "issue_id"` | `ID of the issue` | + +Issue promoted to epic + +YAML definition: `/ee/config/events/epics_promote.yml` + +Owner: `group::product planning` + +Tiers: `premium`, `ultimate` diff --git a/doc/development/snowplow/event_dictionary_guide.md b/doc/development/snowplow/event_dictionary_guide.md new file mode 100644 index 00000000000..5ae81c3426d --- /dev/null +++ b/doc/development/snowplow/event_dictionary_guide.md @@ -0,0 +1,94 @@ +--- +stage: Growth +group: Product Intelligence +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Event dictionary guide + +NOTE: +The event dictionary is a work in progress, and this process is subject to change. + +This guide describes the event dictionary and how it's implemented. + +## Event definition and validation + +This process is meant to document all Snowplow events and ensure consistency. Event definitions must comply with the [JSON Schema](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/events/schema.json). + +All event definitions are stored in the following directories: + +- [`config/events`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/config/events) +- [`ee/config/events`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/ee/config/events) + +Each event is defined in a separate YAML file consisting of the following fields: + +| Field | Required | Additional information | +|------------------------|----------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `description` | yes | A description of the event. | +| `category` | yes | The event category (see [Structured event taxonomy](index.md#structured-event-taxonomy)). | +| `action` | yes | The event action (see [Structured event taxonomy](index.md#structured-event-taxonomy)). | +| `label_description` | no | A description of the event label (see [Structured event taxonomy](index.md#structured-event-taxonomy)). | +| `property_description` | no | A description of the event property (see [Structured event taxonomy](index.md#structured-event-taxonomy)). | +| `value_description` | no | A description of the event value (see [Structured event taxonomy](index.md#structured-event-taxonomy)). | +| `extra_properties` | no | The type and description of each extra property sent with the event. | +| `identifiers` | no | A list of identifiers sent with the event. Can be set to one or more of `project`, `user`, or `namespace`. | +| `iglu_schema_url` | no | The URL to the custom schema sent with the event, for example, `iglu:com.gitlab/gitlab_experiment/jsonschema/1-0-0`. | +| `product_section` | yes | The [section](https://gitlab.com/gitlab-com/www-gitlab-com/-/blob/master/data/sections.yml). | +| `product_stage` | no | The [stage](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/stages.yml) for the event. | +| `product_group` | yes | The [group](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/stages.yml) that owns the event. | +| `product_category` | no | The [product category](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/categories.yml) for the event. | +| `milestone` | no | The milestone when the event is introduced. | +| `introduced_by_url` | no | The URL to the merge request that introduced the event. | +| `distributions` | yes | The [distributions](https://about.gitlab.com/handbook/marketing/strategic-marketing/tiers/#definitions) where the tracked feature is available. Can be set to one or more of `ce` or `ee`. | +| `tiers` | yes | The [tiers]( https://about.gitlab.com/handbook/marketing/strategic-marketing/tiers/) where the tracked feature is available. Can be set to one or more of `free`, `premium`, or `ultimate`. | + +### Example event definition + +The linked [`uuid`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/events/epics_promote.yml) +YAML file includes an example event definition. + +```yaml +description: Issue promoted to epic +category: epics +action: promote +property_description: The string "issue_id" +value_description: ID of the issue +extra_properties: + weight: + type: integer + description: Weight of the issue +identifiers: +- project +- user +- namespace +product_section: dev +product_stage: plan +product_group: group::product planning +product_category: epics +milestone: "11.10" +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/10537 +distributions: +- ee +tiers: +- premium +- ultimate +``` + +## Create a new event definition + +Use the dedicated [event definition generator](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/generators/gitlab/snowplow_event_definition_generator.rb) +to create new event definitions. + +The `category` and `action` of each event are included in the filename to enforce uniqueness. + +The generator takes three options: + +- `--ee`: Indicates if the event is for EE. +- `--category=CATEGORY`: Indicates the `category` of the event. +- `--action=ACTION`: Indicates the `action` of the event. +- `--force`: Overwrites the existing event definition, if one already exists. + +```shell +bundle exec rails generate gitlab:snowplow_event_definition --category Groups::EmailCampaignsController --action click +create create config/events/groups__email_campaigns_controller_click.yml +``` diff --git a/doc/development/snowplow/index.md b/doc/development/snowplow/index.md index c07291d61f2..ece72dbbf03 100644 --- a/doc/development/snowplow/index.md +++ b/doc/development/snowplow/index.md @@ -114,13 +114,13 @@ The current method provides several attributes that are sent on each click event | category* | label | action | property** | value | |-------------|------------------|-----------------------|----------|:-----:| -| [root:index] | main_navigation | click_navigation_link | `[link_label]` | - | -| [groups:boards:show] | toggle_swimlanes | click_toggle_button | - | `[is_active]` | -| [projects:registry:index] | registry_delete | click_button | - | - | -| [projects:registry:index] | registry_delete | confirm_deletion | - | - | -| [projects:blob:show] | congratulate_first_pipeline | click_button | `[human_access]` | - | -| [projects:clusters:new] | chart_options | generate_link | `[chart_link]` | - | -| [projects:clusters:new] | chart_options | click_add_label_button | `[label_id]` | - | +| `[root:index]` | `main_navigation` | `click_navigation_link` | `[link_label]` | - | +| `[groups:boards:show]` | `toggle_swimlanes` | `click_toggle_button` | - | `[is_active]` | +| `[projects:registry:index]` | `registry_delete` | `click_button` | - | - | +| `[projects:registry:index]` | `registry_delete` | `confirm_deletion` | - | - | +| `[projects:blob:show]` | `congratulate_first_pipeline` | `click_button` | `[human_access]` | - | +| `[projects:clusters:new]` | `chart_options` | `generate_link` | `[chart_link]` | - | +| `[projects:clusters:new]` | `chart_options` | `click_add_label_button` | `[label_id]` | - | _* It's ok to omit the category, and use the default._<br> _** Property is usually the best place for variable strings._ @@ -131,8 +131,8 @@ _** Property is usually the best place for variable strings._ ```sql SELECT + session_id, event_id, - v_tracker, event_label, event_action, event_property, @@ -427,7 +427,7 @@ https://docs.gitlab.com/ee/development/testing_guide/best_practices.html#test-sn ### Performance -We use the [AsyncEmitter](https://github.com/snowplow/snowplow/wiki/Ruby-Tracker#52-the-asyncemitter-class) when tracking events, which allows for instrumentation calls to be run in a background thread. This is still an active area of development. +We use the [AsyncEmitter](https://docs.snowplowanalytics.com/docs/collecting-data/collecting-from-own-applications/ruby-tracker/emitters/#the-asyncemitter-class) when tracking events, which allows for instrumentation calls to be run in a background thread. This is still an active area of development. ## Developing and testing Snowplow @@ -579,6 +579,7 @@ The [`StandardContext`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/g | `namespace_id` | **{dotted-circle}** | integer | | | `environment` | **{check-circle}** | string (max 32 chars) | Name of the source environment, such as `production` or `staging` | | `source` | **{check-circle}** | string (max 32 chars) | Name of the source application, such as `gitlab-rails` or `gitlab-javascript` | +| `plan` | **{dotted-circle}** | string (max 32 chars) | Name of the plan for the namespace, such as `free`, `premium`, or `ultimate`. Automatically picked from the `namespace`. | | `extra` | **{dotted-circle}** | JSON | Any additional data associated with the event, in the form of key-value pairs | ### Default Schema diff --git a/doc/development/stage_group_dashboards.md b/doc/development/stage_group_dashboards.md index 58e998e46a8..44c738092ac 100644 --- a/doc/development/stage_group_dashboards.md +++ b/doc/development/stage_group_dashboards.md @@ -25,7 +25,7 @@ The dashboards for stage groups are at a very early stage. All contributions are Read more about how we are using error budgets overall in our [handbook](https://about.gitlab.com/handbook/engineering/error-budgets/). -By default, the first row of panels on the dashbhoard will show the [error +By default, the first row of panels on the dashboard will show the [error budget for the stage group](https://about.gitlab.com/handbook/engineering/error-budgets/#budget-spend-by-stage-group). This row shows how the features owned by @@ -57,7 +57,7 @@ component has 2 indicators: The calculation to a ratio then happens as follows: ```math -\frac {operations\_meeting\_apdex + (total\_operations - operations\_with_\errors)} {total\_apdex\_measurements + total\_operations} +\frac {operations\_meeting\_apdex + (total\_operations - operations\_with\_errors)} {total\_apdex\_measurements + total\_operations} ``` *Caveat:* Not all components are included, causing the diff --git a/doc/development/testing_guide/best_practices.md b/doc/development/testing_guide/best_practices.md index 828e9925d46..c3125f52cf2 100644 --- a/doc/development/testing_guide/best_practices.md +++ b/doc/development/testing_guide/best_practices.md @@ -168,7 +168,7 @@ can be used: ```ruby RSpec.describe API::Search, factory_default: :keep do - let_it_be(:namespace) { create_default(:namespace).freeze } + let_it_be(:namespace) { create_default(:namespace) } ``` Then every project we create uses this `namespace`, without us having to pass @@ -176,9 +176,9 @@ it as `namespace: namespace`. In order to make it work along with `let_it_be`, ` must be explicitly specified. That keeps the default factory for every example in a suite instead of recreating it for each example. -Objects created inside a `factory_default: :keep`, and using -`create_default` inside a `let_it_be` should be frozen to prevent accidental reliance -between test examples. +To prevent accidental reliance between test examples, objects created +with `create_default` are +[frozen](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/support/factory_default.rb). Maybe we don't need to create 208 different projects - we can create one and reuse it. In addition, we can see that only about 1/3 of the @@ -186,7 +186,7 @@ projects we create are ones we ask for (76/208). There is benefit in setting a default value for projects as well: ```ruby - let_it_be(:project) { create_default(:project).freeze } + let_it_be(:project) { create_default(:project) } ``` In this case, the `total time` and `top-level time` numbers match more closely: @@ -451,7 +451,7 @@ expect(page).to have_current_path 'gitlab/gitlab-test/-/issues' expect(page).to have_title 'Not Found' -# acceptable when a more specific matcher above is not possible +# acceptable when a more specific matcher above is not possible expect(page).to have_css 'h2', text: 'Issue title' expect(page).to have_css 'p', text: 'Issue description', exact: true expect(page).to have_css '[data-testid="weight"]', text: 2 @@ -895,6 +895,27 @@ When you want to ensure that no event got called, you can use `expect_no_snowplo end ``` +#### Test Snowplow context against the schema + +The [Snowplow schema matcher](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60480) +helps to reduce validation errors by testing Snowplow context against the JSON schema. +The schema matcher accepts the following parameters: + +- `schema path` +- `context` + +To add a schema matcher spec: + +1. Add a new schema to the [Iglu repository](https://gitlab.com/gitlab-org/iglu), + then copy the same schema to the `spec/fixtures/product_intelligence/` directory. +1. In the copied schema, remove the `"$schema"` key and value. We do not need it for specs + and the spec fails if we keep the key, as it tries to look for the schema in the URL. +1. Use the following snippet to call the schema matcher: + + ```ruby + match_snowplow_context_schema(schema_path: '<filename from step 1>', context: <Context Hash> ) + ``` + ### Table-based / Parameterized tests This style of testing is used to exercise one piece of code with a comprehensive diff --git a/doc/development/testing_guide/end_to_end/beginners_guide.md b/doc/development/testing_guide/end_to_end/beginners_guide.md index 29f6c93d65a..7cde2cad300 100644 --- a/doc/development/testing_guide/end_to_end/beginners_guide.md +++ b/doc/development/testing_guide/end_to_end/beginners_guide.md @@ -210,7 +210,7 @@ end Behind the scenes, `be_signed_in` is a [predicate matcher](https://relishapp.com/rspec/rspec-expectations/v/3-8/docs/built-in-matchers/predicate-matchers) -that [implements checking the user avatar](https://gitlab.com/gitlab-org/gitlab/-/blob/master/qa/qa/page/main/menu.rb#L74). +that [implements checking the user avatar](https://gitlab.com/gitlab-org/gitlab/-/blob/master/qa/qa/page/main/menu.rb#L92). ## De-duplicate your code @@ -339,11 +339,12 @@ Before running the spec, make sure that: - No additional [RSpec metadata tags](rspec_metadata_tests.md) have been applied. - Your working directory is `qa/` within your GDK GitLab installation. - Your GitLab instance-level settings are default. If you changed the default settings, some tests might have unexpected results. +- Because the GDK requires a password change on first login, you must include the GDK password for `root` user To run the spec, run the following command: ```ruby -bundle exec bin/qa Test::Instance::All http://localhost:3000 -- <test_file> +GITLAB_PASSWORD=<GDK root password> bundle exec bin/qa Test::Instance::All http://localhost:3000 -- <test_file> ``` Where `<test_file>` is: diff --git a/doc/development/testing_guide/end_to_end/capybara_to_chemlab_migration_guide.md b/doc/development/testing_guide/end_to_end/capybara_to_chemlab_migration_guide.md new file mode 100644 index 00000000000..9c7e0ef73a8 --- /dev/null +++ b/doc/development/testing_guide/end_to_end/capybara_to_chemlab_migration_guide.md @@ -0,0 +1,148 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Migration Guide Capybara → Chemlab + +Given the view: + +*_form.html* + +```html +<form id="my-form"> + <label for="first-name">First name</label> + <input type="text" name="first-name" data-qa-selector="first_name" /> + + <label for="last-name">Last name</label> + <input type="text" name="last-name" data-qa-selector="last_name" /> + + <label for="company-name">Company name</label> + <input type="text" name="company-name" data-qa-selector="company_name" /> + + <label for="user-name">User name</label> + <input type="text" name="user-name" data-qa-selector="user_name" /> + + <label for="password">Password</label> + <input type="password" name="password" data-qa-selector="password" /> + + <input type="submit" value="Continue" data-qa-selector="continue"/> +</form> +``` + +| Capybara | Chemlab | +| ------ | ----- | +|  |  | + +<!-- +```ruby +# frozen_string_literal: true + +module QA + module Page + class Form < Page::Base + view '_form.html' do + element :first_name + element :last_name + element :company_name + element :user_name + element :password + element :continue + end + end + end +end +``` +```ruby +# frozen_string_literal: true + +module QA + module Page + class Form < Chemlab::Page + text_field :first_name + text_field :last_name + text_field :company_name + text_field :user_name + text_field :password + + button :continue + end + end +end +``` +--> + +## Key Differences + +### Page Library Design vs Page Object Design + +Page Objects as implemented in the existing framework require you to define methods to perform actions on elements. (Usually one-liners) + +```ruby +def set_first_name(first_name) + fill_element(:first_name, first_name) +end + +def click_continue + click_element(:continue) +end + +it 'sets first name and clicks continue' do + Page::Form.perform do |form| + form.set_first_name('First Name') + form.click_continue + end +end +``` + +Page Libraries make this more efficient by providing methods based on the page's elements, making extra methods unnecessary. + +```ruby +it 'sets first name and clicks continue' do + Page::Form.perform do |form| + form.first_name = 'First Name' # sets the first_name + form.continue # clicks Continue + end +end +``` + +Consider if we needed to validate the text of the `First name` field using Capybara. We'd need to add a one-liner to fetch the text: + +```ruby +def get_first_name + find_element(:first_name).text +end + +Page::Form.perform do |form| + form.set_first_name('First Name') + expect(form.get_first_name).to eq('First Name') + form.click_continue +end +``` + +Instead, because the page library automatically creates methods from page elements, we can fetch the text by calling `first_name` without writing code to define the method ourselves: + +```ruby +Page::Form.perform do |form| + form.first_name = 'First Name' + expect(form.first_name).to eq('First Name') + form.continue +end +``` + +### Element Naming Convention + +Since the element type is preserved within the Page Library, there is no need to specify a `_field` or `_button` suffix to the data-qa-selector. + +```html +<!-- Before --> +<input type="text" name="first-name" data-qa-selector="first_name_field" /> +<input type="submit" name="continue" value="Continue" data-qa-selector="continue_button" /> + +<!-- After --> +<input type="text" name="first-name" data-qa-selector="first_name" /> +<input type="submit" name="continue" value="Continue" data-qa-selector="continue" /> +``` + +This makes it much easier for Developers to write tests and contributes to testability since we can write the Page Library while we look at the UI. diff --git a/doc/development/testing_guide/end_to_end/img/gl-capybara_V13_12.png b/doc/development/testing_guide/end_to_end/img/gl-capybara_V13_12.png Binary files differnew file mode 100644 index 00000000000..9ceccd39025 --- /dev/null +++ b/doc/development/testing_guide/end_to_end/img/gl-capybara_V13_12.png diff --git a/doc/development/testing_guide/end_to_end/img/gl-chemlab_V13_12.png b/doc/development/testing_guide/end_to_end/img/gl-chemlab_V13_12.png Binary files differnew file mode 100644 index 00000000000..489a043f52e --- /dev/null +++ b/doc/development/testing_guide/end_to_end/img/gl-chemlab_V13_12.png diff --git a/doc/development/testing_guide/end_to_end/page_objects.md b/doc/development/testing_guide/end_to_end/page_objects.md index b124ac430f6..9ffa7ea4f77 100644 --- a/doc/development/testing_guide/end_to_end/page_objects.md +++ b/doc/development/testing_guide/end_to_end/page_objects.md @@ -260,7 +260,7 @@ These modules must: These steps ensure the sanity selectors check detect problems properly. For example, `qa/qa/ee/page/merge_request/show.rb` adds EE-specific methods to `qa/qa/page/merge_request/show.rb` (with -`QA::Page::MergeRequest::Show.prepend_if_ee('QA::EE::Page::MergeRequest::Show')`) and following is how it's implemented +`QA::Page::MergeRequest::Show.prepend_mod_with('Page::MergeRequest::Show', namespace: QA)`) and following is how it's implemented (only showing the relevant part and referring to the 4 steps described above with inline comments): ```ruby diff --git a/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md b/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md index ea48a3aa8b8..549ab95a5d1 100644 --- a/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md +++ b/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md @@ -147,10 +147,10 @@ docker rm gitlab-gitaly-cluster praefect postgres gitaly3 gitaly2 gitaly1 To run the Monitor tests locally, against the GDK, please follow the preparation steps below: -1. Complete the [Prerequisites](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/auto_devops/index.md#prerequisites-for-gitlab-team-members-only), at least through step 5. Note that the monitor tests do not require permissions to work with GKE because they use [k3s as a Kubernetes cluster provider](https://github.com/rancher/k3s). +1. Complete the [Prerequisites](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/auto_devops/index.md#prerequisites-for-gitlab-team-members-only), at least through step 5. Note that the monitor tests do not require permissions to work with GKE because they use [k3s as a Kubernetes cluster provider](https://github.com/rancher/k3s). 1. The test setup deploys the app in a Kubernetes cluster, using the Auto DevOps deployment strategy. -To enable Auto DevOps in GDK, follow the [associated setup](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/auto_devops/index.md#setup) instructions. If you have problems, review the [troubleshooting guide](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/auto_devops/tips_and_troubleshooting.md) or reach out to the `#gdk` channel in the internal GitLab Slack. -1. Do [secure your GitLab instance](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/auto_devops/index.md#secure-your-gitlab-instance) since it is now publicly accessible on `https://[YOUR-PORT].qa-tunnel.gitlab.info`. +To enable Auto DevOps in GDK, follow the [associated setup](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/auto_devops/index.md#setup) instructions. If you have problems, review the [troubleshooting guide](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/auto_devops/tips_and_troubleshooting.md) or reach out to the `#gdk` channel in the internal GitLab Slack. +1. Do [secure your GitLab instance](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/auto_devops/index.md#secure-your-gitlab-instance) since it is now publicly accessible on `https://[YOUR-PORT].qa-tunnel.gitlab.info`. 1. Install the Kubernetes command line tool known as `kubectl`. Use the [official installation instructions](https://kubernetes.io/docs/tasks/tools/). You might see NGINX issues when you run `gdk start` or `gdk restart`. In that case, run `sft login` to revalidate your credentials and regain access the QA Tunnel. @@ -272,7 +272,7 @@ You can free some memory with either of the following commands: `docker prune sy ## Geo tests -Geo end-to-end tests can run locally against a [Geo GDK setup](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/geo.md) or on Geo spun up in Docker containers. +Geo end-to-end tests can run locally against a [Geo GDK setup](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/geo.md) or on Geo spun up in Docker containers. ### Using Geo GDK diff --git a/doc/development/testing_guide/flaky_tests.md b/doc/development/testing_guide/flaky_tests.md index a9af8f03d63..6b1c7a7eb58 100644 --- a/doc/development/testing_guide/flaky_tests.md +++ b/doc/development/testing_guide/flaky_tests.md @@ -76,6 +76,33 @@ For instance `RETRIES=1 bin/rspec ...` would retry the failing examples once. - [Replace FFaker factory data with sequences](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/29643): <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/10184> - [Transient failure in spec/finders/issues_finder_spec.rb](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/30211#note_26707685): <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/10404> +### Order-dependent flaky tests + +These flaky tests can fail depending on the order they run with other tests. For example: + +- <https://gitlab.com/gitlab-org/gitlab/-/issues/327668> + +To identify the tests that lead to such failure, we can use `rspec --bisect`, +which would give us the minimal test combination to reproduce the failure: + +```shell +rspec --bisect ee/spec/services/ee/merge_requests/update_service_spec.rb ee/spec/services/ee/notes/quick_actions_service_spec.rb ee/spec/services/epic_links/create_service_spec.rb ee/spec/services/ee/issuable/bulk_update_service_spec.rb +Bisect started using options: "ee/spec/services/ee/merge_requests/update_service_spec.rb ee/spec/services/ee/notes/quick_actions_service_spec.rb ee/spec/services/epic_links/create_service_spec.rb ee/spec/services/ee/issuable/bulk_update_service_spec.rb" +Running suite to find failures... (2 minutes 18.4 seconds) +Starting bisect with 3 failing examples and 144 non-failing examples. +Checking that failure(s) are order-dependent... failure appears to be order-dependent + +Round 1: bisecting over non-failing examples 1-144 . ignoring examples 1-72 (1 minute 11.33 seconds) +... +Round 7: bisecting over non-failing examples 132-133 . ignoring example 132 (43.78 seconds) +Bisect complete! Reduced necessary non-failing examples from 144 to 1 in 8 minutes 31 seconds. + +The minimal reproduction command is: + rspec ./ee/spec/services/ee/issuable/bulk_update_service_spec.rb[1:2:1:1:1:1,1:2:1:2:1:1,1:2:1:3:1] ./ee/spec/services/epic_links/create_service_spec.rb[1:1:2:2:6:4] +``` + +We can reproduce the test failure with the reproduction command above. If we change the order of the tests, the test would pass. + ### Time-sensitive flaky tests - <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/10046> diff --git a/doc/development/testing_guide/frontend_testing.md b/doc/development/testing_guide/frontend_testing.md index 7289e66a045..911fbd43989 100644 --- a/doc/development/testing_guide/frontend_testing.md +++ b/doc/development/testing_guide/frontend_testing.md @@ -890,8 +890,8 @@ helper method. For example: describe GraphQL::Query, type: :request do include GraphqlHelpers - all_releases_query_path = 'releases/queries/all_releases.query.graphql' - fragment_paths = ['releases/queries/release.fragment.graphql'] + all_releases_query_path = 'releases/graphql/queries/all_releases.query.graphql' + fragment_paths = ['releases/graphql/fragments/release.fragment.graphql'] before(:all) do clean_frontend_fixtures('graphql/releases/') @@ -908,7 +908,7 @@ end ``` This will create a new fixture located at -`tmp/tests/frontend/fixtures-ee/graphql/releases/queries/all_releases.query.graphql.json`. +`tmp/tests/frontend/fixtures-ee/graphql/releases/graphql/queries/all_releases.query.graphql.json`. You will need to provide the paths to all fragments used by the query. `get_graphql_query_as_string` reads all of the provided file paths and returns @@ -1151,8 +1151,8 @@ Both functions run `callback` on the next tick after the requests finish (using ### `shallowMountExtended` and `mountExtended` -The `shallowMountExtended` and `mountExtended` utilities provide you with the ability to perform -any of the available [DOM Testing Library queries](https://testing-library.com/docs/queries/about) +The `shallowMountExtended` and `mountExtended` utilities provide you with the ability to perform +any of the available [DOM Testing Library queries](https://testing-library.com/docs/queries/about) by prefixing them with `find` or `findAll`. ```javascript @@ -1302,7 +1302,7 @@ A good guideline to follow: the more complex the component you may want to steer - To capture large data structures just to have something - To just have some kind of test written -- To capture highly volatile ui elements without stubbing them (Think of GitLab UI version updates) +- To capture highly volatile UI elements without stubbing them (Think of GitLab UI version updates) --- diff --git a/doc/development/usage_ping/dictionary.md b/doc/development/usage_ping/dictionary.md index cb53d088907..75d65f8e5df 100644 --- a/doc/development/usage_ping/dictionary.md +++ b/doc/development/usage_ping/dictionary.md @@ -10,8 +10,6 @@ info: To determine the technical writer assigned to the Stage/Group associated w Please do not edit this file directly, check generate_metrics_dictionary task on lib/tasks/gitlab/usage_data.rake. ---> -<!-- vale gitlab.Spelling = NO --> - # Metrics Dictionary This file is autogenerated, please do not edit directly. @@ -30,6 +28,10 @@ The Metrics Dictionary is based on the following metrics definition YAML files: Each table includes a `milestone`, which corresponds to the GitLab version when the metric was released. +<!-- vale off --> +<!-- Docs linting disabled after this line. --> +<!-- See https://docs.gitlab.com/ee/development/documentation/testing.html#disable-vale-tests --> + ## Metrics Definitions ### `active_user_count` @@ -46,11 +48,11 @@ Tiers: `free`, `premium`, `ultimate` ### `analytics_unique_visits.analytics_unique_visits_for_any_target` -Visits to any of the pages listed above per week +Unique visitors to any analytics feature by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174908_analytics_unique_visits_for_any_target.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -58,11 +60,11 @@ Tiers: `free` ### `analytics_unique_visits.analytics_unique_visits_for_any_target_monthly` -Visits to any of the pages listed above per month +Unique visitors to any analytics feature by month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174910_analytics_unique_visits_for_any_target_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -70,11 +72,11 @@ Tiers: `free` ### `analytics_unique_visits.g_analytics_contribution` -Visits to /groups/:group/-/contribution_analytics +Unique visitors to /groups/:group/-/contribution_analytics -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174836_g_analytics_contribution.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174836_g_analytics_contribution.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -82,11 +84,11 @@ Tiers: `free` ### `analytics_unique_visits.g_analytics_insights` -Visits to /groups/:group/-/insights +Unique visitors to /groups/:group/-/insights -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174838_g_analytics_insights.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174838_g_analytics_insights.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -94,11 +96,11 @@ Tiers: `free` ### `analytics_unique_visits.g_analytics_issues` -Visits to /groups/:group/-/issues_analytics +Unique visitors to /groups/:group/-/issues_analytics -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174840_g_analytics_issues.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174840_g_analytics_issues.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -106,23 +108,23 @@ Tiers: `free` ### `analytics_unique_visits.g_analytics_merge_request` -Visits to /groups/:group/-/analytics/merge_request_analytics +Unique visitors to /groups/:group/-/analytics/merge_request_analytics [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174902_g_analytics_merge_request.yml) -Group: `group::analytics` +Group: `group::optimize` -Status: `data_available` +Status: `removed` Tiers: `free` ### `analytics_unique_visits.g_analytics_productivity` -Visits to /groups/:group/-/analytics/productivity_analytics +Unique visitors to /groups/:group/-/analytics/productivity_analytics -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174842_g_analytics_productivity.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174842_g_analytics_productivity.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -130,11 +132,11 @@ Tiers: `free` ### `analytics_unique_visits.g_analytics_valuestream` -Visits to /groups/:group/-/analytics/value_stream_analytics +Unique visitors to /groups/:group/-/analytics/value_stream_analytics -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174844_g_analytics_valuestream.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174844_g_analytics_valuestream.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -142,23 +144,35 @@ Tiers: `free` ### `analytics_unique_visits.i_analytics_cohorts` -Visits to /-/instance_statistics/cohorts +Unique visitors to /-/instance_statistics/cohorts [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174858_i_analytics_cohorts.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` Tiers: `free` +### `analytics_unique_visits.i_analytics_dev_ops_adoption` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210423005644_i_analytics_dev_ops_adoption.yml) + +Group: `` + +Status: `implemented` + +Tiers: + ### `analytics_unique_visits.i_analytics_dev_ops_score` -Visits to /-/instance_statistics/dev_ops_score +Unique visitors to /-/instance_statistics/dev_ops_score [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174900_i_analytics_dev_ops_score.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -166,11 +180,11 @@ Tiers: `free` ### `analytics_unique_visits.i_analytics_instance_statistics` -Visit to /admin/instance_statistics +Unique visitors to/admin/usage_trends [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174906_i_analytics_instance_statistics.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -178,11 +192,11 @@ Tiers: `free` ### `analytics_unique_visits.p_analytics_code_reviews` -Visits to /:group/:project/-/analytics/code_reviews +Unique visitors to /:group/:project/-/analytics/code_reviews -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174848_p_analytics_code_reviews.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174848_p_analytics_code_reviews.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -190,11 +204,11 @@ Tiers: `free` ### `analytics_unique_visits.p_analytics_insights` -Visits to /:group/:project/insights +Unique visitors to /:group/:project/insights -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174852_p_analytics_insights.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174852_p_analytics_insights.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -202,11 +216,11 @@ Tiers: `free` ### `analytics_unique_visits.p_analytics_issues` -Visits to /:group/:project/-/analytics/issues_analytics +Unique visitors to /:group/:project/-/analytics/issues_analytics -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174854_p_analytics_issues.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174854_p_analytics_issues.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -214,11 +228,11 @@ Tiers: `free` ### `analytics_unique_visits.p_analytics_merge_request` -Visits to /:group/:project/-/analytics/merge_request_analytics +Unique visitors to /:group/:project/-/analytics/merge_request_analytics -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174904_p_analytics_merge_request.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174904_p_analytics_merge_request.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -226,11 +240,11 @@ Tiers: `free` ### `analytics_unique_visits.p_analytics_pipelines` -Visits to /:group/:project/pipelines/charts +Unique visitors to /:group/:project/pipelines/charts [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174846_p_analytics_pipelines.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -238,11 +252,11 @@ Tiers: `free` ### `analytics_unique_visits.p_analytics_repo` -Visits to /:group/:project/-/graphs/master/charts +Unique visitors to /:group/:project/-/graphs/master/charts [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174856_p_analytics_repo.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -250,16 +264,28 @@ Tiers: `free` ### `analytics_unique_visits.p_analytics_valuestream` -Visits to /:group/:project/-/value_stream_analytics +Unique visitors to /:group/:project/-/value_stream_analytics [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174850_p_analytics_valuestream.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` Tiers: `free` +### `analytics_unique_visits.users_viewing_analytics_group_devops_adoption` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210428142406_users_viewing_analytics_group_devops_adoption.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `compliance_unique_visits.a_compliance_audit_events_api` Missing description @@ -454,7 +480,7 @@ Tiers: `free` ### `counts.auto_devops_enabled` -Projects with Auto DevOps template enabled +Projects with Auto DevOps template enabled (excluding implicit Auto DevOps enabled and Auto DevOps template includes) [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175229_auto_devops_enabled.yml) @@ -462,11 +488,11 @@ Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.boards` -Count of total Boards created +Count of Boards created [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181252_boards.yml) @@ -486,7 +512,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.ci_external_pipelines` @@ -510,7 +536,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.ci_pipeline_config_auto_devops` @@ -518,11 +544,11 @@ Total pipelines from an Auto DevOps template [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175516_ci_pipeline_config_auto_devops.yml) -Group: `group::continuous integration` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.ci_pipeline_config_repository` @@ -534,7 +560,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.ci_pipeline_schedules` @@ -546,7 +572,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.ci_runners` @@ -558,7 +584,91 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_group_type_active` + +Total active instance Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502050341_ci_runners_group_type_active.yml) + +Group: `group::continuous integration` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_group_type_active_online` + +Total active and online group Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502051922_ci_runners_group_type_active_online.yml) + +Group: `group::continuous integration` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_instance_type_active` + +Total active group Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502045402_ci_runners_instance_type_active.yml) + +Group: `group::continuous integration` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_instance_type_active_online` + +Total active and online instance Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502051651_ci_runners_instance_type_active_online.yml) + +Group: `group::continuous integration` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_online` + +Total online Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502050942_ci_runners_online.yml) + +Group: `group::continuous integration` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_project_type_active` + +Total active project Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502050834_ci_runners_project_type_active.yml) + +Group: `group::continuous integration` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_project_type_active_online` + +Total active and online project Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502052036_ci_runners_project_type_active_online.yml) + +Group: `group::continuous integration` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` ### `counts.ci_triggers` @@ -570,7 +680,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.clusters` @@ -706,7 +816,7 @@ Tiers: `free`, `premium`, `ultimate` ### `counts.clusters_disabled` -Total GitLab Managed disabled clusters +Number of Kubernetes clusters attached to GitLab currently disabled [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175242_clusters_disabled.yml) @@ -718,7 +828,7 @@ Tiers: `free`, `premium`, `ultimate` ### `counts.clusters_enabled` -Total GitLab Managed clusters currently enabled +Number of Kubernetes clusters attached to GitLab currently enabled [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175234_clusters_enabled.yml) @@ -778,7 +888,7 @@ Tiers: `free`, `premium`, `ultimate` ### `counts.commit_comment` -Missing description +Count of total unique commit comments. Does not include MR diff comments [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182004_commit_comment.yml) @@ -786,7 +896,7 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.confidential_epics` @@ -830,7 +940,7 @@ Missing description [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174832_cycle_analytics_views.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -1016,6 +1126,54 @@ Status: `data_available` Tiers: `free` +### `counts.g_project_management_users_checking_epic_task_monthly` + +Counts of MAU checking epic task + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210421080207_g_project_management_users_checking_epic_task_monthly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `counts.g_project_management_users_checking_epic_task_weekly` + +Counts of WAU checking epic task + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210421075943_g_project_management_users_checking_epic_task_weekly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `counts.g_project_management_users_unchecking_epic_task_monthly` + +Counts of MAU unchecking epic task + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210421102516_g_project_management_users_unchecking_epic_task_monthly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `counts.g_project_management_users_unchecking_epic_task_weekly` + +Counts of WAU unchecking epic task + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210421102812_g_project_management_users_unchecking_epic_task_weekly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + ### `counts.geo_event_log_max_id` Number of replication events on a Geo primary @@ -1042,7 +1200,7 @@ Tiers: `premium`, `ultimate` ### `counts.grafana_integrated_projects` -Missing description +Total Grafana integrations attached to projects [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180927_grafana_integrated_projects.yml) @@ -1300,7 +1458,7 @@ Count of groups with active integrations for HipChat Group: `group::ecosystem` -Status: `data_available` +Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -1516,7 +1674,7 @@ Count of active groups inheriting integrations for HipChat Group: `group::ecosystem` -Status: `data_available` +Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2000,6 +2158,294 @@ Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `counts.in_product_marketing_email_create_0_cta_clicked` + +Total clicks on the create track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510201919_in_product_marketing_email_create_0_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_0_sent` + +Total sent emails of the create track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510201537_in_product_marketing_email_create_0_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_1_cta_clicked` + +Total clicks on the create track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202356_in_product_marketing_email_create_1_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_1_sent` + +Total sent emails of the create track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202148_in_product_marketing_email_create_1_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_2_cta_clicked` + +Total clicks on the create track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202724_in_product_marketing_email_create_2_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_2_sent` + +Total sent emails of the create track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202604_in_product_marketing_email_create_2_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_0_cta_clicked` + +Total clicks on the team track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203143_in_product_marketing_email_team_0_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_0_sent` + +Total sent emails of the team track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203134_in_product_marketing_email_team_0_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_1_cta_clicked` + +Total clicks on the team track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203203_in_product_marketing_email_team_1_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_1_sent` + +Total sent emails of the team track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203153_in_product_marketing_email_team_1_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_2_cta_clicked` + +Total clicks on the team track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203223_in_product_marketing_email_team_2_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_2_sent` + +Total sent emails of the team track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203213_in_product_marketing_email_team_2_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_0_cta_clicked` + +Total clicks on the verify trial's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203044_in_product_marketing_email_trial_0_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_0_sent` + +Total sent emails of the trial track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203035_in_product_marketing_email_trial_0_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_1_cta_clicked` + +Total clicks on the trial track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203104_in_product_marketing_email_trial_1_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_1_sent` + +Total sent emails of the trial track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203054_in_product_marketing_email_trial_1_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_2_cta_clicked` + +Total clicks on the trial track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203124_in_product_marketing_email_trial_2_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_2_sent` + +Total sent emails of the trial track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203114_in_product_marketing_email_trial_2_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_0_cta_clicked` + +Total clicks on the verify track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202943_in_product_marketing_email_verify_0_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_0_sent` + +Total sent emails of the verify track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202807_in_product_marketing_email_verify_0_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_1_cta_clicked` + +Total clicks on the verify track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203005_in_product_marketing_email_verify_1_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_1_sent` + +Total sent emails of the verify track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202955_in_product_marketing_email_verify_1_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_2_cta_clicked` + +Total clicks on the verify track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203025_in_product_marketing_email_verify_2_cta_clicked.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_2_sent` + +Total sent emails of the verify track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203015_in_product_marketing_email_verify_2_sent.yml) + +Group: `group::activation` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `counts.in_review_folder` Missing description @@ -2356,7 +2802,7 @@ Count of active instance-level integrations for HipChat Group: `group::ecosystem` -Status: `data_available` +Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2758,7 +3204,7 @@ Tiers: `free` ### `counts.kubernetes_agent_gitops_sync` -Count of GitOps Sync events +Count of events when an Agent is asked to synchronize the manifests or its configuration [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175328_kubernetes_agent_gitops_sync.yml) @@ -2768,9 +3214,21 @@ Status: `data_available` Tiers: `premium`, `ultimate` +### `counts.kubernetes_agent_k8s_api_proxy_request` + +Count of Kubernetes API proxy requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210505015532_kubernetes_agent_k8s_api_proxy_request.yml) + +Group: `group::configure` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + ### `counts.kubernetes_agents` -Count of Kubernetes agents +Count of Kubernetes registered agents [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175316_kubernetes_agents.yml) @@ -2890,7 +3348,7 @@ Tiers: `ultimate` ### `counts.merge_request_comment` -Missing description +Count of the number of merge request comments [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175041_merge_request_comment.yml) @@ -2898,11 +3356,11 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.merge_request_create` -Missing description +Count of the number of merge requests created [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175043_merge_request_create.yml) @@ -2910,11 +3368,11 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.merge_requests` -Missing description +Count of the number of merge requests [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175039_merge_requests.yml) @@ -2922,7 +3380,7 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.merged_merge_requests_using_approval_rules` @@ -3018,7 +3476,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.operations_dashboard_users_with_projects_added` @@ -3030,7 +3488,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.package_events_i_package_composer_delete_package` @@ -3608,6 +4066,42 @@ Status: `data_available` Tiers: `free` +### `counts.package_events_i_package_terraform_module_delete_package` + +Total count of Terraform Module packages delete events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210410012200_package_events_i_package_terraform_module_delete_package.yml) + +Group: `group::configure` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_terraform_module_pull_package` + +Total count of pull Terraform Module packages events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210410012202_package_events_i_package_terraform_module_pull_package.yml) + +Group: `group::configure` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_terraform_module_push_package` + +Total count of push Terraform Module packages events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210410012204_package_events_i_package_terraform_module_push_package.yml) + +Group: `group::configure` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `counts.packages` Number of packages @@ -3672,9 +4166,9 @@ Tiers: `free`, `premium`, `ultimate` Missing description -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174834_productivity_analytics_views.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174834_productivity_analytics_views.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -3952,7 +4446,7 @@ Count of projects with active integrations for HipChat Group: `group::ecosystem` -Status: `data_available` +Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -4180,7 +4674,7 @@ Count of active projects inheriting integrations for HipChat Group: `group::ecosystem` -Status: `data_available` +Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -4560,13 +5054,13 @@ Tiers: `free`, `premium`, `ultimate` Projects with repository mirroring enabled -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181920_projects_mirrored_with_pipelines_enabled.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181920_projects_mirrored_with_pipelines_enabled.yml) -Group: `group::release` +Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `counts.projects_mock_ci_active` @@ -4756,7 +5250,7 @@ Count of projects that have enabled the Alerts service Group: `group::health` -Status: `data_available` +Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -5038,15 +5532,15 @@ Tiers: `free` ### `counts.projects_with_repositories_enabled` -Missing description +Count of users creating projects that have a matching Git repository, result of a Git push action. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181959_projects_with_repositories_enabled.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181959_projects_with_repositories_enabled.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `counts.projects_with_terraform_reports` @@ -5058,7 +5552,7 @@ Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.projects_with_terraform_states` @@ -5070,7 +5564,7 @@ Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.projects_with_tracing_enabled` @@ -5082,7 +5576,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.projects_youtrack_active` @@ -5098,27 +5592,27 @@ Tiers: `free`, `premium`, `ultimate` ### `counts.protected_branches` -Missing description +Count of total protected branches -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182001_protected_branches.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182001_protected_branches.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `counts.protected_branches_except_default` -Missing description +Count of branches that have been protected and are not the default branch [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182454_protected_branches_except_default.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.releases` @@ -5134,7 +5628,7 @@ Tiers: `free` ### `counts.remote_mirrors` -Missing description +Count of total remote mirrors. Includes both push and pull mirrors [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182002_remote_mirrors.yml) @@ -5142,7 +5636,7 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.requirement_test_reports_ci` @@ -5290,7 +5784,7 @@ Tiers: `free`, `premium`, `ultimate` ### `counts.source_code_pushes` -Missing description +Count of total Git push operations [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182006_source_code_pushes.yml) @@ -5298,7 +5792,7 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.static_site_editor_commits` @@ -5398,7 +5892,7 @@ Tiers: `free` ### `counts.suggestions` -Missing description +Count of all comments that contain suggested changes [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175037_suggestions.yml) @@ -5406,19 +5900,19 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.template_repositories` -Missing description +Count of total repo templates used to aggregate all file templates -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182008_template_repositories.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182008_template_repositories.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `counts.templates_asana_active` @@ -5632,7 +6126,7 @@ Count of active service templates for HipChat Group: `group::ecosystem` -Status: `data_available` +Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -5886,11 +6380,11 @@ Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.terraform_states` -Count of GitLab Managed Terraform States used +Count of GitLab Managed Terraform States [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175326_terraform_states.yml) @@ -5898,7 +6392,7 @@ Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.todos` @@ -6092,6 +6586,42 @@ Status: `data_available` Tiers: `free` +### `counts_monthly.aggregated_metrics.code_review_category_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210427102618_code_review_category_monthly_active_users.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.aggregated_metrics.code_review_extension_category_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210427103010_code_review_extension_category_monthly_active_users.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.aggregated_metrics.code_review_group_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210427103119_code_review_group_monthly_active_users.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `counts_monthly.aggregated_metrics.compliance_features_track_unique_visits_union` Missing description @@ -6226,15 +6756,15 @@ Tiers: `free`, `premium`, `ultimate` ### `counts_monthly.projects_with_alerts_created` -Missing description +Monthly count of unique projects with HTTP alerting enabled [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183159_projects_with_alerts_created.yml) -Group: `` +Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts_monthly.snippets` @@ -6260,6 +6790,42 @@ Status: `data_available` Tiers: `free` +### `counts_weekly.aggregated_metrics.code_review_category_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210427103407_code_review_category_monthly_active_users.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_weekly.aggregated_metrics.code_review_extension_category_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210427103452_code_review_extension_category_monthly_active_users.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_weekly.aggregated_metrics.code_review_group_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210427103328_code_review_group_monthly_active_users.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `counts_weekly.aggregated_metrics.compliance_features_track_unique_visits_union` Missing description @@ -6346,11 +6912,11 @@ Tiers: `free`, `premium`, `ultimate` ### `database.pg_system_id` -Missing description +TBD -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183248_pg_system_id.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216183248_pg_system_id.yml) -Group: `` +Group: `group::distribution` Status: `data_available` @@ -6360,13 +6926,13 @@ Tiers: `free` The version of the PostgreSQL database. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210216175609_version.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216175609_version.yml) Group: `group::distribution` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `dependency_proxy_enabled` @@ -6382,9 +6948,9 @@ Tiers: `free` ### `edition` -Edition of GitLab such as EE, CE, Bronze, Silver, Gold +Edition of GitLab such as EE or CE -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210216175604_edition.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216175604_edition.yml) Group: `group::distribution` @@ -6444,7 +7010,7 @@ Tiers: `free` Missing description -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183241_filesystems.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216183241_filesystems.yml) Group: `` @@ -6506,11 +7072,11 @@ Whether shared runners is enabled [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124902_gitlab_shared_runners_enabled.yml) -Group: `group::product intelligence` +Group: `group::runner` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `gitpod_enabled` @@ -6602,11 +7168,11 @@ Whether auto DevOps is enabled [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124856_instance_auto_devops_enabled.yml) -Group: `group::product intelligence` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `ldap_enabled` @@ -6840,7 +7406,7 @@ Tiers: `free`, `premium`, `ultimate` What Object Storage provider has been configured for Artifacts -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180843_provider.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180843_provider.yml) Group: `group::memory` @@ -6900,7 +7466,7 @@ Tiers: `free`, `premium`, `ultimate` What Object Storage provider has been configured for External Diffs -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180852_provider.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180852_provider.yml) Group: `group::memory` @@ -6960,7 +7526,7 @@ Tiers: `free`, `premium`, `ultimate` What Object Storage provider has been configured for LFS -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180902_provider.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180902_provider.yml) Group: `group::memory` @@ -7020,7 +7586,7 @@ Tiers: `free`, `premium`, `ultimate` What Object Storage provider has been configured for Packages -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180920_provider.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180920_provider.yml) Group: `group::memory` @@ -7032,7 +7598,7 @@ Tiers: `free`, `premium`, `ultimate` Whether Object Storage is enabled for Uploads -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180903_enabled.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180903_enabled.yml) Group: `group::memory` @@ -7080,7 +7646,7 @@ Tiers: `free`, `premium`, `ultimate` What Object Storage provider has been configured for Uploads -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180911_provider.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180911_provider.yml) Group: `group::memory` @@ -7162,11 +7728,11 @@ Tiers: ### `redis_hll_counters.analytics.analytics_total_unique_counts_monthly` -Missing description +The number of unique users who visited any analytics feature by month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175016_analytics_total_unique_counts_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7174,11 +7740,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.analytics_total_unique_counts_weekly` -Missing description +The number of unique users who visited any analytics feature by week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175014_analytics_total_unique_counts_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175014_analytics_total_unique_counts_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7186,11 +7752,11 @@ Tiers: ### `redis_hll_counters.analytics.g_analytics_contribution_monthly` -Missing description +Unique visitors to /groups/:group/-/contribution_analytics by month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174914_g_analytics_contribution_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174914_g_analytics_contribution_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7198,11 +7764,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.g_analytics_contribution_weekly` -Missing description +Unique visitors to /groups/:group/-/contribution_analytics by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174912_g_analytics_contribution_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7210,11 +7776,11 @@ Tiers: ### `redis_hll_counters.analytics.g_analytics_insights_monthly` -Missing description +Unique visitors to /groups/:group/-/insights/ by month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174918_g_analytics_insights_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174918_g_analytics_insights_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7222,11 +7788,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.g_analytics_insights_weekly` -Missing description +Unique visitors to /groups/:group/-/insights/ by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174916_g_analytics_insights_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7234,11 +7800,11 @@ Tiers: ### `redis_hll_counters.analytics.g_analytics_issues_monthly` -Missing description +Unique visitors to /groups/:group/-/issues_analytics by month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174921_g_analytics_issues_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174921_g_analytics_issues_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7246,11 +7812,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.g_analytics_issues_weekly` -Missing description +Unique visitors to /groups/:group/-/issues_analytics by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174919_g_analytics_issues_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7262,9 +7828,9 @@ Missing description [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175004_g_analytics_merge_request_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` -Status: `data_available` +Status: `removed` Tiers: `free` @@ -7274,19 +7840,19 @@ Missing description [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175002_g_analytics_merge_request_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` -Status: `data_available` +Status: `removed` Tiers: ### `redis_hll_counters.analytics.g_analytics_productivity_monthly` -Missing description +Unique visitors to /groups/:group/-/analytics/productivity_analytics by month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174926_g_analytics_productivity_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174926_g_analytics_productivity_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7294,11 +7860,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.g_analytics_productivity_weekly` -Missing description +Unique visitors to /groups/:group/-/analytics/productivity_analytics by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174923_g_analytics_productivity_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7306,11 +7872,11 @@ Tiers: ### `redis_hll_counters.analytics.g_analytics_valuestream_monthly` -Missing description +Unique visitors to /groups/:group/-/analytics/value_stream_analytics by month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174929_g_analytics_valuestream_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174929_g_analytics_valuestream_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7318,11 +7884,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.g_analytics_valuestream_weekly` -Missing description +Unique visitors to /groups/:group/-/analytics/value_stream_analytics by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174927_g_analytics_valuestream_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7334,7 +7900,7 @@ Missing description [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174956_i_analytics_cohorts_monthly.yml) -Group: `group::analytics` +Group: `group::utilization` Status: `data_available` @@ -7346,7 +7912,7 @@ Missing description [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174955_i_analytics_cohorts_weekly.yml) -Group: `group::analytics` +Group: `group::utilization` Status: `data_available` @@ -7378,11 +7944,11 @@ Tiers: `premium`, `ultimate` ### `redis_hll_counters.analytics.i_analytics_dev_ops_score_monthly` -Missing description +Unique visitors to /admin/dev_ops_report by month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175000_i_analytics_dev_ops_score_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7390,11 +7956,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.i_analytics_dev_ops_score_weekly` -Missing description +Unique visitors to /admin/dev_ops_report by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174958_i_analytics_dev_ops_score_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7402,11 +7968,11 @@ Tiers: ### `redis_hll_counters.analytics.i_analytics_instance_statistics_monthly` -Missing description +Unique visitors to /admin/usage_trends by month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175012_i_analytics_instance_statistics_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7414,11 +7980,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.i_analytics_instance_statistics_weekly` -Missing description +Unique visitors to /admin/usage_trends by week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175010_i_analytics_instance_statistics_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175010_i_analytics_instance_statistics_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7426,11 +7992,11 @@ Tiers: ### `redis_hll_counters.analytics.p_analytics_code_reviews_monthly` -Missing description +Unique visitors to /:group/:project/-/analytics/code_reviews by month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174937_p_analytics_code_reviews_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174937_p_analytics_code_reviews_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7438,11 +8004,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.p_analytics_code_reviews_weekly` -Missing description +Unique visitors to /:group/:project/-/analytics/code_reviews by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174935_p_analytics_code_reviews_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7450,11 +8016,11 @@ Tiers: ### `redis_hll_counters.analytics.p_analytics_insights_monthly` -Missing description +Unique visitors to /:group/:project/insights/ by month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174945_p_analytics_insights_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174945_p_analytics_insights_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7462,11 +8028,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.p_analytics_insights_weekly` -Missing description +Unique visitors to /:group/:project/insights/ by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174943_p_analytics_insights_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7474,11 +8040,11 @@ Tiers: ### `redis_hll_counters.analytics.p_analytics_issues_monthly` -Missing description +Unique visitors to /:group/:project/-/analytics/issues_analytics by week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174949_p_analytics_issues_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174949_p_analytics_issues_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7486,11 +8052,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.p_analytics_issues_weekly` -Missing description +Unique visitors to /:group/:project/-/analytics/issues_analytics by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174947_p_analytics_issues_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7498,11 +8064,11 @@ Tiers: ### `redis_hll_counters.analytics.p_analytics_merge_request_monthly` -Missing description +Unique visitors to /:group/:project/-/analytics/merge_request_analytics by month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175008_p_analytics_merge_request_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175008_p_analytics_merge_request_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7510,11 +8076,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.p_analytics_merge_request_weekly` -Missing description +Unique visitors to /:group/:project/-/analytics/merge_request_analytics by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175006_p_analytics_merge_request_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7522,11 +8088,11 @@ Tiers: ### `redis_hll_counters.analytics.p_analytics_pipelines_monthly` -Missing description +Unique visitors to /groups/:group/-/analytics/ci_cd by month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174933_p_analytics_pipelines_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7534,11 +8100,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.p_analytics_pipelines_weekly` -Missing description +Unique visitors to /groups/:group/-/analytics/ci_cd by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174931_p_analytics_pipelines_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7546,11 +8112,11 @@ Tiers: ### `redis_hll_counters.analytics.p_analytics_repo_monthly` -Missing description +Unique visitors to /:group/:project/-/graphs/master/charts by month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174953_p_analytics_repo_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174953_p_analytics_repo_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7558,11 +8124,11 @@ Tiers: `free` ### `redis_hll_counters.analytics.p_analytics_repo_weekly` -Missing description +Unique visitors to /:group/:project/-/graphs/master/charts by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174951_p_analytics_repo_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7570,11 +8136,11 @@ Tiers: ### `redis_hll_counters.analytics.p_analytics_valuestream_monthly` -Missing description +Unique visitors to /:group/:project/-/value_stream_analytics by month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174941_p_analytics_valuestream_monthly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` @@ -7582,27 +8148,51 @@ Tiers: `free` ### `redis_hll_counters.analytics.p_analytics_valuestream_weekly` -Missing description +Unique visitors to /:group/:project/-/value_stream_analytics by week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174939_p_analytics_valuestream_weekly.yml) -Group: `group::analytics` +Group: `group::optimize` Status: `data_available` Tiers: +### `redis_hll_counters.analytics.users_viewing_analytics_group_devops_adoption_monthly` + +Counts visits to DevOps Adoption page per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210419105414_users_viewing_analytics_group_devops_adoption_monthly.yml) + +Group: `group::optimize` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.analytics.users_viewing_analytics_group_devops_adoption_weekly` + +Counts visits to DevOps Adoption page per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210419105408_users_viewing_analytics_group_devops_adoption_weekly.yml) + +Group: `group::optimize` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + ### `redis_hll_counters.ci_secrets_management.i_ci_secrets_management_vault_build_created_monthly` -Missing description +Monthly active users creating pipelines that that have the Vault JWT with it.' -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184251_i_ci_secrets_management_vault_build_created_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216184251_i_ci_secrets_management_vault_build_created_monthly.yml) -Group: `` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `redis_hll_counters.ci_secrets_management.i_ci_secrets_management_vault_build_created_weekly` @@ -7642,39 +8232,39 @@ Tiers: ### `redis_hll_counters.ci_templates.p_ci_templates_5_min_production_app_monthly` -Missing description +Number of projects using 5 min production app CI template in last 7 days. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184517_p_ci_templates_5_min_production_app_monthly.yml) -Group: `` +Group: `group::5-min-app` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_5_min_production_app_weekly` -Missing description +Number of projects using 5 min production app CI template in last 7 days. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184515_p_ci_templates_5_min_production_app_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184515_p_ci_templates_5_min_production_app_weekly.yml) -Group: `` +Group: `group::5-min-app` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_build_monthly` -Missing description +Count of pipelines using the Auto Build template [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184534_p_ci_templates_auto_devops_build_monthly.yml) -Group: `` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_build_weekly` @@ -7690,15 +8280,15 @@ Tiers: ### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_deploy_latest_monthly` -Missing description +Count of pipelines using the latest Auto Deploy template [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184542_p_ci_templates_auto_devops_deploy_latest_monthly.yml) -Group: `` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_deploy_latest_weekly` @@ -7714,15 +8304,15 @@ Tiers: ### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_deploy_monthly` -Missing description +Count of pipelines using the stable Auto Deploy template [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184538_p_ci_templates_auto_devops_deploy_monthly.yml) -Group: `` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_deploy_weekly` @@ -7738,15 +8328,15 @@ Tiers: ### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_monthly` -Missing description +Count of pipelines using the Auto DevOps template [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184523_p_ci_templates_auto_devops_monthly.yml) -Group: `` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_weekly` @@ -7762,63 +8352,63 @@ Tiers: ### `redis_hll_counters.ci_templates.p_ci_templates_aws_cf_deploy_ec2_monthly` -Missing description +Count of projects using `AWS/CF-Provision-and-Deploy-EC2.gitlab-ci.yml` template in last 28 days. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184526_p_ci_templates_aws_cf_deploy_ec2_monthly.yml) -Group: `` +Group: `group::release` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_aws_cf_deploy_ec2_weekly` -Missing description +Count of projects using `AWS/CF-Provision-and-Deploy-EC2.gitlab-ci.yml` template in last 7 days. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184524_p_ci_templates_aws_cf_deploy_ec2_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184524_p_ci_templates_aws_cf_deploy_ec2_weekly.yml) -Group: `` +Group: `group::release` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_aws_deploy_ecs_monthly` -Missing description +Count of projects using `AWS/Deploy-ECS.gitlab-ci.yml` template in last 28 days. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184530_p_ci_templates_aws_deploy_ecs_monthly.yml) -Group: `` +Group: `group::release` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_aws_deploy_ecs_weekly` -Missing description +Count of projects using `AWS/Deploy-ECS.gitlab-ci.yml` template in last 7 days. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184528_p_ci_templates_aws_deploy_ecs_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184528_p_ci_templates_aws_deploy_ecs_weekly.yml) -Group: `` +Group: `group::release` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_build_monthly` -Missing description +Count of pipelines with implicit Auto Build runs [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184502_p_ci_templates_implicit_auto_devops_build_monthly.yml) -Group: `` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_build_weekly` @@ -7834,15 +8424,15 @@ Tiers: ### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_deploy_monthly` -Missing description +Count of pipelines with implicit Auto Deploy runs [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184506_p_ci_templates_implicit_auto_devops_deploy_monthly.yml) -Group: `` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_deploy_weekly` @@ -7858,15 +8448,15 @@ Tiers: ### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_monthly` -Missing description +Count of pipelines with implicit Auto DevOps runs [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184458_p_ci_templates_implicit_auto_devops_monthly.yml) -Group: `` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_weekly` @@ -7978,15 +8568,15 @@ Tiers: ### `redis_hll_counters.ci_templates.p_ci_templates_terraform_base_latest_monthly` -Missing description +Count of pipelines that include the terraform base template from GitLab [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184555_p_ci_templates_terraform_base_latest_monthly.yml) -Group: `` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.ci_templates.p_ci_templates_terraform_base_latest_weekly` @@ -8002,79 +8592,343 @@ Tiers: ### `redis_hll_counters.code_review.code_review_total_unique_counts_monthly` -Missing description +Count of unique users per month who interact with a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184454_code_review_total_unique_counts_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.code_review_total_unique_counts_weekly` -Missing description +Count of unique users per week who interact with a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184452_code_review_total_unique_counts_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184452_code_review_total_unique_counts_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_file_browser_setting_monthly` + +Count of users clicking merge request file browser setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210421145818_i_code_review_click_file_browser_setting_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_file_browser_setting_weekly` + +Count of users with merge request file list setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210421145814_i_code_review_click_file_browser_setting_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_single_file_mode_setting_monthly` + +Count of users clicking single file mode setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210421144352_i_code_review_click_single_file_mode_setting_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_single_file_mode_setting_weekly` + +Count of users clicking single file mode setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210421144349_i_code_review_click_single_file_mode_setting_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_whitespace_setting_monthly` + +Count of users clicking merge request whitespae setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210421145945_i_code_review_click_whitespace_setting_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_whitespace_setting_weekly` + +Count of users clicking merge request whitespae setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210421145942_i_code_review_click_whitespace_setting_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_hide_whitespace_monthly` + +Count of users with show whitespace disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422102010_i_code_review_diff_hide_whitespace_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_hide_whitespace_weekly` + +Count of users with show whitespace disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422102007_i_code_review_diff_hide_whitespace_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_multiple_files_monthly` + +Count of users with single mode disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422102202_i_code_review_diff_multiple_files_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_multiple_files_weekly` + +Count of users with single mode disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422102159_i_code_review_diff_multiple_files_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_show_whitespace_monthly` + +Count of users with show whitespace enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422101928_i_code_review_diff_show_whitespace_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_show_whitespace_weekly` + +Count of users with show whitespace enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422101925_i_code_review_diff_show_whitespace_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_single_file_monthly` + +Count of users with single file mode enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422102121_i_code_review_diff_single_file_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_single_file_weekly` + +Count of users with single file mode enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422102118_i_code_review_diff_single_file_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_view_inline_monthly` + +Count of users with merge request view type as inline + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422101516_i_code_review_diff_view_inline_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_view_inline_weekly` + +Count of users with merge request view type as inline + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422101512_i_code_review_diff_view_inline_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_view_parallel_monthly` + +Count of users with merge request view type as parallel + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422101613_i_code_review_diff_view_parallel_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_view_parallel_weekly` + +Count of users with merge request view type as parallel + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422101609_i_code_review_diff_view_parallel_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_edit_mr_desc_monthly` -Missing description +Count of unique users per month who edit the description of a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184342_i_code_review_edit_mr_desc_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_edit_mr_desc_weekly` -Missing description +Count of unique users per week who edit the description of a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184340_i_code_review_edit_mr_desc_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184340_i_code_review_edit_mr_desc_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_edit_mr_title_monthly` -Missing description +Count of unique users per month who edit the title of a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184338_i_code_review_edit_mr_title_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_edit_mr_title_weekly` -Missing description +Count of unique users per week who edit the title of a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184336_i_code_review_edit_mr_title_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184336_i_code_review_edit_mr_title_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_file_browser_list_view_monthly` + +Count of users with merge request file list setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422101852_i_code_review_file_browser_list_view_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_file_browser_list_view_weekly` + +Count of users with merge request file list setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422101849_i_code_review_file_browser_list_view_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_file_browser_tree_view_monthly` + +Count of users with merge request file tree setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422101753_i_code_review_file_browser_tree_view_monthly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_file_browser_tree_view_weekly` + +Count of users with merge request file tree setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422101750_i_code_review_file_browser_tree_view_weekly.yml) + +Group: `group::code review` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_mr_diffs_monthly` -Count of unique merge requests per week|month with diffs viewed +Count of unique merge requests per month with diffs viewed [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175120_i_code_review_mr_diffs_monthly.yml) @@ -8082,23 +8936,23 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_mr_diffs_weekly` -Count of unique merge requests per week|month with diffs viewed +Count of unique merge requests per week with diffs viewed -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175118_i_code_review_mr_diffs_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175118_i_code_review_mr_diffs_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_mr_single_file_diffs_monthly` -Count of unique merge requests per week|month with diffs viewed file by file +Count of unique merge requests per month with diffs viewed file by file [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175128_i_code_review_mr_single_file_diffs_monthly.yml) @@ -8106,19 +8960,19 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_mr_single_file_diffs_weekly` -Count of unique merge requests per week|month with diffs viewed file by file +Count of unique merge requests per week with diffs viewed file by file -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175126_i_code_review_mr_single_file_diffs_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175126_i_code_review_mr_single_file_diffs_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_add_suggestion_monthly` @@ -8130,19 +8984,19 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_add_suggestion_weekly` Count of unique users per week who added a suggestion -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175158_i_code_review_user_add_suggestion_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175158_i_code_review_user_add_suggestion_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_apply_suggestion_monthly` @@ -8154,139 +9008,139 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_apply_suggestion_weekly` Count of unique users per week who applied a suggestion -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175201_i_code_review_user_apply_suggestion_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175201_i_code_review_user_apply_suggestion_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_approval_rule_added_monthly` -Missing description +Count of unique users per month who add an approval rule to a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184434_i_code_review_user_approval_rule_added_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_approval_rule_added_weekly` -Missing description +Count of unique users per week who add an approval rule to a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184432_i_code_review_user_approval_rule_added_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184432_i_code_review_user_approval_rule_added_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_approval_rule_deleted_monthly` -Missing description +Count of unique users per month who delete an approval rule to a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184438_i_code_review_user_approval_rule_deleted_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_approval_rule_deleted_weekly` -Missing description +Count of unique users per week who delete an approval rule to a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184436_i_code_review_user_approval_rule_deleted_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184436_i_code_review_user_approval_rule_deleted_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_approval_rule_edited_monthly` -Missing description +Count of unique users per month who delete an approval rule to a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184442_i_code_review_user_approval_rule_edited_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_approval_rule_edited_weekly` -Missing description +Count of unique users per week who edit an approval rule to a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184440_i_code_review_user_approval_rule_edited_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184440_i_code_review_user_approval_rule_edited_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_approve_mr_monthly` -Missing description +Count of unique users per month who approve a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184322_i_code_review_user_approve_mr_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_approve_mr_weekly` -Missing description +Count of unique users per week who approve a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184320_i_code_review_user_approve_mr_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184320_i_code_review_user_approve_mr_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_assigned_monthly` -Missing description +Count of unique users per month who are assigned to a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184418_i_code_review_user_assigned_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_assigned_weekly` -Missing description +Count of unique users per week who are assigned to a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184416_i_code_review_user_assigned_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184416_i_code_review_user_assigned_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_assignees_changed_monthly` @@ -8314,7 +9168,7 @@ Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_close_mr_monthly` -Count of unique users per week|month who closed a MR +Count of unique users per month who closed a MR [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175136_i_code_review_user_close_mr_monthly.yml) @@ -8322,23 +9176,23 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_close_mr_weekly` -Count of unique users per week|month who closed a MR +Count of unique users per week who closed a MR -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175134_i_code_review_user_close_mr_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175134_i_code_review_user_close_mr_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_create_mr_comment_monthly` -Count of unique users per week|month who commented on a MR +Count of unique users per month who commented on a MR [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175148_i_code_review_user_create_mr_comment_monthly.yml) @@ -8346,47 +9200,47 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_create_mr_comment_weekly` -Count of unique users per week|month who commented on a MR +Count of unique users per week who commented on a MR -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175146_i_code_review_user_create_mr_comment_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175146_i_code_review_user_create_mr_comment_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_create_mr_from_issue_monthly` -Missing description +Count of unique users per month who create a merge request from an issue [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184450_i_code_review_user_create_mr_from_issue_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_create_mr_from_issue_weekly` -Missing description +Count of unique users per week who create a merge request from an issue -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184448_i_code_review_user_create_mr_from_issue_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184448_i_code_review_user_create_mr_from_issue_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_create_mr_monthly` -Count of unique users per week|month who created a MR +Count of unique users per month who created a MR [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175132_i_code_review_user_create_mr_monthly.yml) @@ -8394,71 +9248,71 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_create_mr_weekly` -Count of unique users per week|month who created a MR +Count of unique users per week who created a MR -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175130_i_code_review_user_create_mr_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175130_i_code_review_user_create_mr_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_create_multiline_mr_comment_monthly` -Missing description +Count of unique users per month who create a multiline comment in a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184401_i_code_review_user_create_multiline_mr_comment_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_create_multiline_mr_comment_weekly` -Missing description +Count of unique users per week who create a multiline comment in a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184359_i_code_review_user_create_multiline_mr_comment_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184359_i_code_review_user_create_multiline_mr_comment_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_create_review_note_monthly` -Missing description +Count of unique users per month who create a note as part of a merge request review [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184353_i_code_review_user_create_review_note_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_create_review_note_weekly` -Missing description +Count of unique users per week who create a note as part of a merge request review -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184351_i_code_review_user_create_review_note_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184351_i_code_review_user_create_review_note_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_edit_mr_comment_monthly` -Count of unique users per week|month who edited a comment on a MR +Count of unique users per month who edited a comment on a MR [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175152_i_code_review_user_edit_mr_comment_monthly.yml) @@ -8466,43 +9320,43 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_edit_mr_comment_weekly` -Count of unique users per week|month who edited a comment on a MR +Count of unique users per week who edited a comment on a MR -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175150_i_code_review_user_edit_mr_comment_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175150_i_code_review_user_edit_mr_comment_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_edit_multiline_mr_comment_monthly` -Missing description +Count of unique users per week who edit a multiline comment in a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184405_i_code_review_user_edit_multiline_mr_comment_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_edit_multiline_mr_comment_weekly` -Missing description +Count of unique users per week who edit a multiline comment in a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184403_i_code_review_user_edit_multiline_mr_comment_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184403_i_code_review_user_edit_multiline_mr_comment_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_labels_changed_monthly` @@ -8530,31 +9384,31 @@ Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_marked_as_draft_monthly` -Missing description +Count of unique users per month who mark a merge request as a draft [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184422_i_code_review_user_marked_as_draft_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_marked_as_draft_weekly` -Missing description +Count of unique users per week who mark a merge request as a draft -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184420_i_code_review_user_marked_as_draft_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184420_i_code_review_user_marked_as_draft_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_merge_mr_monthly` -Count of unique users per week|month who merged a MR +Count of unique users per month who merged a MR [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175144_i_code_review_user_merge_mr_monthly.yml) @@ -8562,19 +9416,19 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_merge_mr_weekly` -Count of unique users per week|month who merged a MR +Count of unique users per week who merged a MR -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175142_i_code_review_user_merge_mr_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175142_i_code_review_user_merge_mr_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_milestone_changed_monthly` @@ -8650,31 +9504,31 @@ Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_publish_review_monthly` -Missing description +Count of unique users per month who publish their review as part of a merge request review [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184357_i_code_review_user_publish_review_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_publish_review_weekly` -Missing description +Count of unique users per week who publish their review as part of a merge request review -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184355_i_code_review_user_publish_review_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184355_i_code_review_user_publish_review_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_remove_mr_comment_monthly` -Count of unique users per week|month who removed a comment on a MR +Count of unique users per month who removed a comment on a MR [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175156_i_code_review_user_remove_mr_comment_monthly.yml) @@ -8682,47 +9536,47 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_remove_mr_comment_weekly` -Count of unique users per week|month who removed a comment on a MR +Count of unique users per month who removed a comment on a MR -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175154_i_code_review_user_remove_mr_comment_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175154_i_code_review_user_remove_mr_comment_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_remove_multiline_mr_comment_monthly` -Missing description +Count of unique users per month who remove a multiline comment in a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184409_i_code_review_user_remove_multiline_mr_comment_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_remove_multiline_mr_comment_weekly` -Missing description +Count of unique users per week who remove a multiline comment in a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184407_i_code_review_user_remove_multiline_mr_comment_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184407_i_code_review_user_remove_multiline_mr_comment_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_reopen_mr_monthly` -Count of unique users per week|month who reopened a MR +Count of unique users per month who reopened a MR [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175140_i_code_review_user_reopen_mr_monthly.yml) @@ -8730,67 +9584,67 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_reopen_mr_weekly` -Count of unique users per week|month who reopened a MR +Count of unique users per week who reopened a MR -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175138_i_code_review_user_reopen_mr_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175138_i_code_review_user_reopen_mr_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_resolve_thread_monthly` -Missing description +Count of unique users per month who resolve a thread in a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184330_i_code_review_user_resolve_thread_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_resolve_thread_weekly` -Missing description +Count of unique users per week who resolve a thread in a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184328_i_code_review_user_resolve_thread_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184328_i_code_review_user_resolve_thread_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_review_requested_monthly` -Missing description +Count of unique users per month who request a review of a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184430_i_code_review_user_review_requested_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_review_requested_weekly` -Missing description +Count of unique users per week who request a review of a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184428_i_code_review_user_review_requested_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184428_i_code_review_user_review_requested_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_reviewers_changed_monthly` @@ -8818,7 +9672,7 @@ Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_single_file_diffs_monthly` -Count of unique users per week|month with diffs viewed file by file +Count of unique users per month with diffs viewed file by file [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175124_i_code_review_user_single_file_diffs_monthly.yml) @@ -8826,19 +9680,19 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_single_file_diffs_weekly` -Count of unique users per week|month with diffs viewed file by file +Count of unique users per week with diffs viewed file by file -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175122_i_code_review_user_single_file_diffs_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175122_i_code_review_user_single_file_diffs_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_time_estimate_changed_monthly` @@ -8890,123 +9744,123 @@ Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_toggled_task_item_status_monthly` -Missing description +Count of unique users per month who toggled a task item in a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184312_i_code_review_user_toggled_task_item_status_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_toggled_task_item_status_weekly` -Missing description +Count of unique users per week who toggled a task item in a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184310_i_code_review_user_toggled_task_item_status_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184310_i_code_review_user_toggled_task_item_status_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_unapprove_mr_monthly` -Missing description +Count of unique users per month who unapprove a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184326_i_code_review_user_unapprove_mr_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_unapprove_mr_weekly` -Missing description +Count of unique users per week who unapprove a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184324_i_code_review_user_unapprove_mr_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184324_i_code_review_user_unapprove_mr_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_unmarked_as_draft_monthly` -Missing description +Count of unique users per month who unmark a merge request as a draft [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184426_i_code_review_user_unmarked_as_draft_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_unmarked_as_draft_weekly` -Missing description +Count of unique users per week who unmark a merge request as a draft -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184424_i_code_review_user_unmarked_as_draft_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184424_i_code_review_user_unmarked_as_draft_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_unresolve_thread_monthly` -Missing description +Count of unique users per month who unresolve a thread in a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184334_i_code_review_user_unresolve_thread_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_unresolve_thread_weekly` -Missing description +Count of unique users per week who unresolve a thread in a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184332_i_code_review_user_unresolve_thread_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184332_i_code_review_user_unresolve_thread_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_vs_code_api_request_monthly` -Missing description +Count of unique users per month who use GitLab Workflow for VS Code [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184446_i_code_review_user_vs_code_api_request_monthly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.code_review.i_code_review_user_vs_code_api_request_weekly` -Missing description +Count of unique users per week who use GitLab Workflow for VS Code -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184444_i_code_review_user_vs_code_api_request_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184444_i_code_review_user_vs_code_api_request_weekly.yml) -Group: `` +Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.compliance.a_compliance_audit_events_api_monthly` @@ -9464,6 +10318,30 @@ Status: `data_available` Tiers: +### `redis_hll_counters.deploy_token_packages.i_package_terraform_module_deploy_token_monthly` + +Number of distinct users authorized via deploy token creating Terraform Module packages in recent 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210410012206_i_package_terraform_module_deploy_token_monthly.yml) + +Group: `group::configure` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_terraform_module_deploy_token_weekly` + +Number of distinct users authorized via deploy token creating Terraform Module packages in recent 7 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210410012207_i_package_terraform_module_deploy_token_weekly.yml) + +Group: `group::configure` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `redis_hll_counters.ecosystem.ecosystem_total_unique_counts_monthly` Missing description @@ -9800,6 +10678,78 @@ Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `redis_hll_counters.epic_boards_usage.g_project_management_users_creating_epic_boards_monthly` + +Count of MAU creating epic boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210428072511_g_project_management_users_creating_epic_boards_monthly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_creating_epic_boards_weekly` + +Count of WAU creating epic boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210428072508_g_project_management_users_creating_epic_boards_weekly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_updating_epic_board_names_monthly` + +Count of MAU updating epic board names + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210428073607_g_project_management_users_updating_epic_board_names_monthly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_updating_epic_board_names_weekly` + +Count of WAU updating epic board names + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210428073604_g_project_management_users_updating_epic_board_names_weekly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_viewing_epic_boards_monthly` + +Count of MAU viewing epic boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210428073329_g_project_management_users_viewing_epic_boards_monthly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_viewing_epic_boards_weekly` + +Count of WAU viewing epic boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210428073327_g_project_management_users_viewing_epic_boards_weekly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + ### `redis_hll_counters.epics_usage.epics_usage_total_unique_counts_monthly` Total monthly users count for epics_usage @@ -9872,6 +10822,30 @@ Status: `data_available` Tiers: `premium`, `ultimate` +### `redis_hll_counters.epics_usage.g_project_management_epic_cross_referenced_monthly` + +Count of MAU cross referencing epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210430174100_g_project_management_epic_cross_referenced_monthly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_cross_referenced_weekly` + +Counts of WAU cross referencing epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210430173650_g_project_management_epic_cross_referenced_weekly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + ### `redis_hll_counters.epics_usage.g_project_management_epic_destroyed_monthly` Count of MAU destroying epics @@ -10040,6 +11014,30 @@ Status: `implemented` Tiers: `premium`, `ultimate` +### `redis_hll_counters.epics_usage.g_project_management_users_awarding_epic_emoji_monthly` + +Counts of MAU awarding emoji on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210503011217_g_project_management_users_awarding_epic_emoji_monthly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_awarding_epic_emoji_weekly` + +Counts of WAU awarding emoji on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210503011355_g_project_management_users_awarding_epic_emoji_weekly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + ### `redis_hll_counters.epics_usage.g_project_management_users_creating_epic_notes_monthly` Counts of MAU adding epic notes @@ -10088,6 +11086,30 @@ Status: `implemented` Tiers: `premium`, `ultimate` +### `redis_hll_counters.epics_usage.g_project_management_users_removing_epic_emoji_monthly` + +Counts of MAU removing emoji on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210505071850_g_project_management_users_removing_epic_emoji_monthly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_removing_epic_emoji_weekly` + +Counts of WAU removing emoji on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210505071932_g_project_management_users_removing_epic_emoji_weekly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + ### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_confidential_monthly` Count of MAU making epics confidential @@ -10280,6 +11302,30 @@ Status: `implemented` Tiers: `premium`, `ultimate` +### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_parent_monthly` + +Counts of MAU updating parent on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210423011841_g_project_management_users_updating_epic_parent_monthly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_parent_weekly` + +Counts of WAU updating parent on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210423012053_g_project_management_users_updating_epic_parent_weekly.yml) + +Group: `group::product planning` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + ### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_titles_monthly` Counts of MAU changing epic titles @@ -10472,30 +11518,6 @@ Status: `data_available` Tiers: -### `redis_hll_counters.incident_management.i_incident_management_oncall_notification_sent_monthly` - -Count of unique users to receive a notification while on-call - -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210405222005_i_incident_management_oncall_notification_sent_monthly.yml) - -Group: `group::monitor` - -Status: `implemented` - -Tiers: `premium`, `ultimate` - -### `redis_hll_counters.incident_management.i_incident_management_oncall_notification_sent_weekly` - -Count of unique users to receive a notification while on-call - -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210405220139_i_incident_management_oncall_notification_sent_weekly.yml) - -Group: `group::monitor` - -Status: `implemented` - -Tiers: `premium`, `ultimate` - ### `redis_hll_counters.incident_management.incident_management_alert_assigned_monthly` Missing description @@ -10880,6 +11902,30 @@ Status: `data_available` Tiers: +### `redis_hll_counters.incident_management_oncall.i_incident_management_oncall_notification_sent_monthly` + +Count of unique users to receive a notification while on-call + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210405222005_i_incident_management_oncall_notification_sent_monthly.yml) + +Group: `group::monitor` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.incident_management_oncall.i_incident_management_oncall_notification_sent_weekly` + +Count of unique users to receive a notification while on-call + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210405220139_i_incident_management_oncall_notification_sent_weekly.yml) + +Group: `group::monitor` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + ### `redis_hll_counters.issues_edit.g_project_management_issue_added_to_epic_monthly` Count of MAU adding an issue to an epic @@ -11744,6 +12790,30 @@ Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `redis_hll_counters.pipeline_authoring.pipeline_authoring_total_unique_counts_monthly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210427105033_pipeline_authoring_total_unique_counts_monthly.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.pipeline_authoring.pipeline_authoring_total_unique_counts_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210427105030_pipeline_authoring_total_unique_counts_weekly.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `redis_hll_counters.quickactions.i_quickactions_approve_monthly` Count of MAU using the `/approve` quick action @@ -13522,7 +14592,7 @@ Tiers: ### `redis_hll_counters.source_code.design_action_monthly` -Missing description +Count of total design actions (upload, delete, comment, reply) [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182106_design_action_monthly.yml) @@ -13530,71 +14600,71 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.design_action_weekly` -Missing description +Count of total design actions (upload, delete, comment, reply) -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216182104_design_action_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216182104_design_action_weekly.yml) Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.git_write_action_monthly` -Missing description +Count of unique Git write actions [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184047_git_write_action_monthly.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.git_write_action_weekly` -Missing description +Count of unique Git write actions -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184045_git_write_action_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184045_git_write_action_weekly.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.i_source_code_code_intelligence_monthly` -Missing description +Count of unique users who use code intelligence [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175117_i_source_code_code_intelligence_monthly.yml) -Group: `group::code review` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.i_source_code_code_intelligence_weekly` -Missing description +Count of unique users who use code intelligence -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175114_i_source_code_code_intelligence_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175114_i_source_code_code_intelligence_weekly.yml) -Group: `group::code review` +Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.merge_request_action_monthly` -Missing description +Count of unique users who perform an action on a merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175113_merge_request_action_monthly.yml) @@ -13602,23 +14672,23 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.merge_request_action_weekly` -Missing description +Count of unique users who perform an action on a merge request -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175111_merge_request_action_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175111_merge_request_action_weekly.yml) Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.project_action_monthly` -Missing description +Count of unique actions done on projects and related resources (create, edit, delete, comment) [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182109_project_action_monthly.yml) @@ -13626,23 +14696,23 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.project_action_weekly` -Missing description +Count of unique actions done on projects and related resources (create, edit, delete, comment) -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216182107_project_action_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216182107_project_action_weekly.yml) Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.wiki_action_monthly` -Missing description +Count of unique actions done on a wiki (create, edit, delete) [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182102_wiki_action_monthly.yml) @@ -13650,31 +14720,31 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.source_code.wiki_action_weekly` -Missing description +Count of unique actions done on a wiki (create, edit, delete) -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216182100_wiki_action_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216182100_wiki_action_weekly.yml) Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.terraform.p_terraform_state_api_unique_users_monthly` -Missing description +Monthly active users of GitLab Managed Terraform states [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184259_p_terraform_state_api_unique_users_monthly.yml) -Group: `` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.terraform.p_terraform_state_api_unique_users_weekly` @@ -14264,6 +15334,30 @@ Status: `data_available` Tiers: +### `redis_hll_counters.user_packages.i_package_terraform_module_user_monthly` + +Number of distinct users creating Terraform Module packages in recent 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210410012208_i_package_terraform_module_user_monthly.yml) + +Group: `group::configure` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_terraform_module_user_weekly` + +Number of distinct users creating Terraform Module packages in recent 7 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210410012209_i_package_terraform_module_user_weekly.yml) + +Group: `group::configure` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `redis_hll_counters.user_packages.user_packages_total_unique_counts_monthly` Missing description @@ -14360,6 +15454,18 @@ Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `settings.gitaly_apdex` + +Gitaly application performance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210321224827_gitaly_apdex.yml) + +Group: `group::gitaly` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `settings.ldap_encrypted_secrets_enabled` Is encrypted LDAP secrets configured? @@ -14640,7 +15746,7 @@ Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.create.approval_project_rules` -Number of project approval rules +Total number of project approval rules [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182030_approval_project_rules.yml) @@ -14648,47 +15754,47 @@ Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.approval_project_rules_with_exact_required_approvers` -Missing description +Number of approval rules with the exact number of required approvers. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183355_approval_project_rules_with_exact_required_approvers.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183355_approval_project_rules_with_exact_required_approvers.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.approval_project_rules_with_less_approvers_than_required` -Missing description +Number of approval rules with fewer approvers than required. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183354_approval_project_rules_with_less_approvers_than_required.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183354_approval_project_rules_with_less_approvers_than_required.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.approval_project_rules_with_more_approvers_than_required` -Missing description +Number of approval rules with more approvers than required. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183352_approval_project_rules_with_more_approvers_than_required.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183352_approval_project_rules_with_more_approvers_than_required.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.approval_project_rules_with_target_branch` -Number of project approval rules with not default target branch +Number of project approval rules scoped to a specific repo branch. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182032_approval_project_rules_with_target_branch.yml) @@ -14696,11 +15802,11 @@ Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.deploy_keys` -Missing description +Count of users creating deploy keys. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182010_deploy_keys.yml) @@ -14708,11 +15814,11 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.create.keys` -Missing description +Count of users creating regular keys. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182012_keys.yml) @@ -14720,11 +15826,11 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.create.merge_requests` -Missing description +Count of the number of users creating merge requests [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175045_merge_requests.yml) @@ -14732,7 +15838,7 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.create.merge_requests_with_added_rules` @@ -14744,55 +15850,55 @@ Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.merge_requests_with_optional_codeowners` -Missing description +Count of merge requests with optional codeowner approval rules [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175049_merge_requests_with_optional_codeowners.yml) -Group: `group::code review` +Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.merge_requests_with_overridden_project_rules` -Missing description +Number of merge requests that have overridden rules created at the project level. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183339_merge_requests_with_overridden_project_rules.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183339_merge_requests_with_overridden_project_rules.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.merge_requests_with_required_codeowners` -Missing description +Count of merge requests with required codeowner approval rules [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175051_merge_requests_with_required_codeowners.yml) -Group: `group::code review` +Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.projects_enforcing_code_owner_approval` -Missing description +Count of users creating projects that require approval by code owners for code changes. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182019_projects_enforcing_code_owner_approval.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182019_projects_enforcing_code_owner_approval.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.projects_imported_from_github` @@ -14808,7 +15914,7 @@ Tiers: `free` ### `usage_activity_by_stage.create.projects_with_disable_overriding_approvers_per_merge_request` -Missing description +Total count of projects that do not allow overriding approvers on discrete merge requests [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182014_projects_with_disable_overriding_approvers_per_merge_request.yml) @@ -14816,35 +15922,35 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.create.projects_with_repositories_enabled` -Missing description +Count of projects that have a matching Git repository, result of a Git push action -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182023_projects_with_repositories_enabled.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182023_projects_with_repositories_enabled.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.projects_with_sectional_code_owner_rules` -Missing description +Count of projects using code owners with code owners section feature -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182021_projects_with_sectional_code_owner_rules.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182021_projects_with_sectional_code_owner_rules.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.projects_without_disable_overriding_approvers_per_merge_request` -Missing description +Count of total projects that do not disable overriding approvers per discrete merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182015_projects_without_disable_overriding_approvers_per_merge_request.yml) @@ -14852,23 +15958,23 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.create.protected_branches` -Missing description +Count of users creating projects with repositories making use of at least one protected branch. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182025_protected_branches.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182025_protected_branches.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.remote_mirrors` -Missing description +Count of users creating projects with remote mirrors. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182017_remote_mirrors.yml) @@ -14876,7 +15982,7 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.create.snippets` @@ -14892,7 +15998,7 @@ Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.create.suggestions` -Missing description +Count of unique users who create suggestions in merge request comments [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175053_suggestions.yml) @@ -14900,55 +16006,55 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.create.total_number_of_locked_files` -The total number of exclusive file locks (through the CLI) +The total number of files which have been locked via the GitLab UI -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182028_total_number_of_locked_files.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182028_total_number_of_locked_files.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.total_number_of_path_locks` -The total number of default branch locks done through the GitLab UI +Number of paths/directories manually locked through the UI -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182027_total_number_of_path_locks.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182027_total_number_of_path_locks.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.users_using_lfs_locks` -Missing description +Number of unique users who have locked files or directories using LFS via the command line -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183346_users_using_lfs_locks.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183346_users_using_lfs_locks.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.create.users_using_path_locks` -Missing description +Number of users who have manually locked paths/directories through the UI -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183344_users_using_path_locks.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183344_users_using_path_locks.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.enablement.counts.geo_node_usage.git_fetch_event_count_weekly` @@ -14962,6 +16068,18 @@ Status: `data_available` Tiers: `premium`, `ultimate` +### `usage_activity_by_stage.enablement.geo_secondary_web_oauth_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210427212450_geo_secondary_web_oauth_users.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `usage_activity_by_stage.manage.bulk_imports.gitlab` Distinct count of users that triggered an import using the Group Migration tool @@ -14986,6 +16104,18 @@ Status: `data_available` Tiers: `free` +### `usage_activity_by_stage.manage.custom_compliance_frameworks` + +Total count of all custom compliance framework labels + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210430081610_custom_compliance_frameworks.yml) + +Group: `compliance` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + ### `usage_activity_by_stage.manage.events` Missing description @@ -15552,7 +16682,7 @@ Tiers: ### `usage_activity_by_stage.monitor.clusters` -Total GitLab Managed clusters both enabled and disabled +Users creating clusters. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180945_clusters.yml) @@ -15560,11 +16690,11 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.monitor.clusters_applications_prometheus` -Total GitLab Managed clusters with Prometheus enabled +Users creating clusters with Prometheus enabled. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180947_clusters_applications_prometheus.yml) @@ -15572,7 +16702,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.monitor.operations_dashboard_default_dashboard` @@ -15584,7 +16714,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium` ### `usage_activity_by_stage.monitor.operations_dashboard_users_with_projects_added` @@ -15596,7 +16726,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.monitor.projects_incident_sla_enabled` @@ -15626,6 +16756,8 @@ Tiers: `free` Histogram (buckets 1 to 100) of projects with at least 1 enabled integration. +[Object JSON schema](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/objects_schemas/projects_with_enabled_alert_integrations_histogram.json) + [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210309165717_projects_with_enabled_alert_integrations_histogram.yml) Group: `group::monitor` @@ -15668,7 +16800,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.package.projects_with_packages` @@ -15864,15 +16996,15 @@ Tiers: `free` ### `usage_activity_by_stage.release.projects_mirrored_with_pipelines_enabled` -Projects with repository mirroring enabled +Count creator_id from projects with repository mirroring enabled. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181934_projects_mirrored_with_pipelines_enabled.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181934_projects_mirrored_with_pipelines_enabled.yml) -Group: `group::release` +Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.release.releases` @@ -16116,7 +17248,7 @@ Tiers: `free` ### `usage_activity_by_stage.verify.ci_builds` -Unique builds in project +Unique count of builds in project [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175525_ci_builds.yml) @@ -16124,7 +17256,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.verify.ci_external_pipelines` @@ -16136,7 +17268,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.verify.ci_internal_pipelines` @@ -16148,7 +17280,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.verify.ci_pipeline_config_auto_devops` @@ -16156,11 +17288,11 @@ Total pipelines from an Auto DevOps template [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175531_ci_pipeline_config_auto_devops.yml) -Group: `group::continuous integration` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.verify.ci_pipeline_config_repository` @@ -16172,7 +17304,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.verify.ci_pipeline_schedules` @@ -16184,7 +17316,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.verify.ci_pipelines` @@ -16196,7 +17328,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.verify.ci_triggers` @@ -16208,15 +17340,15 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.verify.clusters_applications_runner` -Total GitLab Managed clusters with Runner enabled +Count of users creating managed clusters with Runner enabled [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181949_clusters_applications_runner.yml) -Group: `group::runner` +Group: `group::configure` Status: `data_available` @@ -16308,7 +17440,7 @@ Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.configure.clusters_management_project` -Total GitLab Managed clusters with defined cluster management project +Number of Kubernetes clusters with clusters management project being set [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175413_clusters_management_project.yml) @@ -16428,7 +17560,7 @@ Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.configure.projects_slack_notifications_active` -Unique projects with Slack webhook enabled +Unique projects created in the past 28 days that have Slack notifications enabled [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175436_projects_slack_notifications_active.yml) @@ -16436,11 +17568,11 @@ Group: `group::configure` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.configure.projects_slack_slash_active` -Unique projects with Slack ‘/’ commands enabled +Unique projects created in the past 28 days that have Slack ‘/’ commands enabled [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175437_projects_slack_slash_active.yml) @@ -16448,7 +17580,7 @@ Group: `group::configure` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.configure.projects_with_prometheus_alerts` @@ -16460,7 +17592,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.action_monthly_active_users_design_management` @@ -16476,7 +17608,7 @@ Tiers: `free` ### `usage_activity_by_stage_monthly.create.action_monthly_active_users_git_write` -Aggregated value for wiki, design and project repo actions +Aggregated value for wiki, design, and project repo Git write actions [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182041_action_monthly_active_users_git_write.yml) @@ -16484,7 +17616,7 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.action_monthly_active_users_ide_edit` @@ -16500,7 +17632,7 @@ Tiers: `free` ### `usage_activity_by_stage_monthly.create.action_monthly_active_users_project_repo` -Missing description +Count of monthly active users who have performed any Git operation (read/write/push) [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182040_action_monthly_active_users_project_repo.yml) @@ -16508,7 +17640,7 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.action_monthly_active_users_sfe_edit` @@ -16572,7 +17704,7 @@ Tiers: `free` ### `usage_activity_by_stage_monthly.create.approval_project_rules` -Number of project approval rules +Total number of project approval rules [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182056_approval_project_rules.yml) @@ -16580,47 +17712,47 @@ Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.approval_project_rules_with_exact_required_approvers` -Missing description +Number of approval rules with the exact number of required approvers. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183622_approval_project_rules_with_exact_required_approvers.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183622_approval_project_rules_with_exact_required_approvers.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.approval_project_rules_with_less_approvers_than_required` -Missing description +Number of approval rules with fewer approvers than required. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183620_approval_project_rules_with_less_approvers_than_required.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183620_approval_project_rules_with_less_approvers_than_required.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.approval_project_rules_with_more_approvers_than_required` -Missing description +Number of approval rules with more approvers than required. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183618_approval_project_rules_with_more_approvers_than_required.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183618_approval_project_rules_with_more_approvers_than_required.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.approval_project_rules_with_target_branch` -Number of project approval rules with not default target branch +Number of project approval rules scoped to a specific repo branch. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182058_approval_project_rules_with_target_branch.yml) @@ -16628,11 +17760,11 @@ Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.deploy_keys` -Missing description +Count of users creating deploy keys in last 28 days. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182034_deploy_keys.yml) @@ -16640,11 +17772,11 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.keys` -Missing description +Count of users creating regular keys in last 28 days. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182036_keys.yml) @@ -16652,11 +17784,11 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.merge_requests` -Missing description +Count of the number of users creating merge requests [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175055_merge_requests.yml) @@ -16664,11 +17796,11 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.merge_requests_users` -Missing description +Monthly count of the number of merge request users [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175101_merge_requests_users.yml) @@ -16676,7 +17808,7 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.merge_requests_with_added_rules` @@ -16688,23 +17820,23 @@ Group: `group::code review` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.merge_requests_with_optional_codeowners` -Missing description +Count of merge requests with optional codeowner approval rules [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175105_merge_requests_with_optional_codeowners.yml) -Group: `group::code review` +Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.merge_requests_with_overridden_project_rules` -Number of merge requests that have local rules that have overwritten a project rule +Number of merge requests which have overriden rules created at the project level [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182047_merge_requests_with_overridden_project_rules.yml) @@ -16712,31 +17844,31 @@ Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.merge_requests_with_required_codeowners` -Missing description +Count of merge requests with required codeowner approval rules [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175107_merge_requests_with_required_codeowners.yml) -Group: `group::code review` +Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.projects_enforcing_code_owner_approval` -Missing description +Count of total projects that require approval by code owners for code changes -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182043_projects_enforcing_code_owner_approval.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182043_projects_enforcing_code_owner_approval.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.projects_imported_from_github` @@ -16752,55 +17884,55 @@ Tiers: `free` ### `usage_activity_by_stage_monthly.create.projects_with_disable_overriding_approvers_per_merge_request` -Missing description +Count of the number of projects with setting to disable overriding approvers per merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175057_projects_with_disable_overriding_approvers_per_merge_request.yml) -Group: `group::code review` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.projects_with_repositories_enabled` -Missing description +Count of users creating projects that have a matching Git repository, result of a Git push action, for last 28 days. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182049_projects_with_repositories_enabled.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182049_projects_with_repositories_enabled.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.projects_with_sectional_code_owner_rules` -Missing description +Count of projects using code owners with code owners section feature -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182045_projects_with_sectional_code_owner_rules.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182045_projects_with_sectional_code_owner_rules.yml) Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.projects_without_disable_overriding_approvers_per_merge_request` -Missing description +Count of the number of projects without setting to disable overriding approvers per merge request [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175059_projects_without_disable_overriding_approvers_per_merge_request.yml) -Group: `group::code review` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.protected_branches` -Missing description +Count of users creating projects with repositories making use of at least one protected branch in last 28 days. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182051_protected_branches.yml) @@ -16808,11 +17940,11 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.remote_mirrors` -Missing description +Count of users creating projects with remote mirrors. Includes both push and pull mirrors. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182038_remote_mirrors.yml) @@ -16820,7 +17952,7 @@ Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.snippets` @@ -16836,7 +17968,7 @@ Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.suggestions` -Missing description +Count of unique users per month who create suggestions in merge request comments [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175109_suggestions.yml) @@ -16844,35 +17976,35 @@ Group: `group::code review` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.total_number_of_locked_files` -Missing description +The total number of files which have been locked via the GitLab UI -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183614_total_number_of_locked_files.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183614_total_number_of_locked_files.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.total_number_of_path_locks` -Missing description +Number of paths/directories manually locked through the UI -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183613_total_number_of_path_locks.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183613_total_number_of_path_locks.yml) -Group: `` +Group: `group::source code` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.users_using_lfs_locks` -Number of users that have used default branch locks through the UI +Number of unique users who have locked files or directories using LFS via the command line [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182054_users_using_lfs_locks.yml) @@ -16880,11 +18012,11 @@ Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.create.users_using_path_locks` -Number of users that have used exclusive file locks through the CLI +Number of users creating path_locks in last 28 days. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182053_users_using_path_locks.yml) @@ -16892,7 +18024,19 @@ Group: `group::source code` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.enablement.geo_secondary_web_oauth_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210427213346_geo_secondary_web_oauth_users.yml) + +Group: `` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.manage.bulk_imports.gitlab` @@ -17484,7 +18628,7 @@ Tiers: ### `usage_activity_by_stage_monthly.monitor.clusters` -Total GitLab Managed clusters both enabled and disabled +Count users creating clusters in last 28 days. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180956_clusters.yml) @@ -17492,11 +18636,11 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.monitor.clusters_applications_prometheus` -Total GitLab Managed clusters with Prometheus enabled +Users creating clusters with Prometheus enabled in last 28 days. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180958_clusters_applications_prometheus.yml) @@ -17504,7 +18648,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.monitor.operations_dashboard_default_dashboard` @@ -17516,7 +18660,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.monitor.operations_dashboard_users_with_projects_added` @@ -17528,19 +18672,19 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.monitor.projects_incident_sla_enabled` -Missing description +Count of projects with Incident SLA enabled -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183753_projects_incident_sla_enabled.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183753_projects_incident_sla_enabled.yml) -Group: `` +Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.monitor.projects_with_alert_incidents` @@ -17556,7 +18700,7 @@ Tiers: `free` ### `usage_activity_by_stage_monthly.monitor.projects_with_error_tracking_enabled` -Missing description +Count of users creating projects with error tracking enabled. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181004_projects_with_error_tracking_enabled.yml) @@ -17564,7 +18708,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.monitor.projects_with_incidents` @@ -17588,7 +18732,7 @@ Group: `group::monitor` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.package.projects_with_packages` @@ -17628,7 +18772,7 @@ Tiers: `free` ### `usage_activity_by_stage_monthly.plan.issues` -Count of MAU creating issues +Count of users creating Issues in last 28 days. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181139_issues.yml) @@ -17784,15 +18928,15 @@ Tiers: `free` ### `usage_activity_by_stage_monthly.release.projects_mirrored_with_pipelines_enabled` -Projects with repository mirroring enabled +Count creator_id from projects with repository mirroring enabled. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181943_projects_mirrored_with_pipelines_enabled.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181943_projects_mirrored_with_pipelines_enabled.yml) -Group: `group::release` +Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.release.releases` @@ -18120,7 +19264,7 @@ Tiers: `free` ### `usage_activity_by_stage_monthly.verify.ci_builds` -Unique builds in project +Unique monthly builds in project [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175542_ci_builds.yml) @@ -18128,11 +19272,11 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.verify.ci_external_pipelines` -Total pipelines in external repositories +Total pipelines in external repositories in a month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175544_ci_external_pipelines.yml) @@ -18140,11 +19284,11 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.verify.ci_internal_pipelines` -Total pipelines in GitLab repositories +Total pipelines in GitLab repositories in a month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175546_ci_internal_pipelines.yml) @@ -18152,7 +19296,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.verify.ci_pipeline_config_auto_devops` @@ -18160,15 +19304,15 @@ Total pipelines from an Auto DevOps template [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175548_ci_pipeline_config_auto_devops.yml) -Group: `group::continuous integration` +Group: `group::configure` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.verify.ci_pipeline_config_repository` -Total Pipelines from templates in repository +Total Monthly Pipelines from templates in repository [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175550_ci_pipeline_config_repository.yml) @@ -18176,11 +19320,11 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.verify.ci_pipeline_schedules` -Pipeline schedules in GitLab +Total monthly Pipeline schedules in GitLab [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175552_ci_pipeline_schedules.yml) @@ -18188,11 +19332,11 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.verify.ci_pipelines` - Distinct users triggering pipelines in a month +Distinct users triggering pipelines in a month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175554_ci_pipelines.yml) @@ -18200,7 +19344,7 @@ Group: `group::continuous integration` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate`, `free` ### `usage_activity_by_stage_monthly.verify.ci_triggers` @@ -18228,7 +19372,7 @@ Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.verify.projects_reporting_ci_cd_back_to_github` -Projects with a GitHub service pipeline enabled +Projects with a GitHub repository mirror pipeline enabled [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175558_projects_reporting_ci_cd_back_to_github.yml) diff --git a/doc/development/usage_ping/index.md b/doc/development/usage_ping/index.md index bf423d68700..292e1256cb8 100644 --- a/doc/development/usage_ping/index.md +++ b/doc/development/usage_ping/index.md @@ -178,10 +178,132 @@ The correct approach is to add a new metric for GitLab 12.6 release with updated and update existing business analysis artefacts to use `example_metric_without_archived` instead of `example_metric` -### 3. Metrics deprecation and removal +### 3. Deprecate a metric -The process for deprecating and removing metrics is under development. For -more information, see the following [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/284637). +If a metric is obsolete and you no longer use it, you can mark it as deprecated. + +For an example of the metric deprecation process take a look at this [example merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59899) + +To deprecate a metric: + +1. Check the following YAML files and verify the metric is not used in an aggregate: + - [`config/metrics/aggregates/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/aggregates/) + - [`ee/config/metrics/aggregates/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/aggregates/) + +1. Create an issue in the [GitLab Data Team + project](https://gitlab.com/gitlab-data/analytics/-/issues). Ask for + confirmation that the metric is not used by other teams, or in any of the SiSense + dashboards. + +1. Verify the metric is not used to calculate the conversational index. The + conversational index is a measure that reports back to self-managed instances + to inform administrators of the progress of DevOps adoption for the instance. + + You can check + [`CalculateConvIndexService`](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/app/services/calculate_conv_index_service.rb) + to view the metrics that are used. The metrics are represented + as the keys that are passed as a field argument into the `get_value` method. + +1. Document the deprecation in the metric's YAML definition. Set + the `status:` attribute to `deprecated`, for example: + + ```yaml + --- + key_path: analytics_unique_visits.analytics_unique_visits_for_any_target_monthly + description: Visits to any of the pages listed above per month + product_section: dev + product_stage: manage + product_group: group::analytics + product_category: + value_type: number + status: deprecated + time_frame: 28d + data_source: + distribution: + - ce + tier: + - free + ``` + +1. Replace the metric's instrumentation with a fixed value. This avoids wasting + resources to calculate the deprecated metric. In + [`lib/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data.rb) + or + [`ee/lib/ee/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/ee/gitlab/usage_data.rb), + replace the code that calculates the metric's value with a fixed value that + indicates it's deprecated: + + ```ruby + module Gitlab + class UsageData + DEPRECATED_VALUE = -1000 + + def analytics_unique_visits_data + results['analytics_unique_visits_for_any_target'] = redis_usage_data { unique_visit_service.unique_visits_for(targets: :analytics) } + results['analytics_unique_visits_for_any_target_monthly'] = DEPRECATED_VALUE + + { analytics_unique_visits: results } + end + # ... + end + end + ``` + +1. Update the Metrics Dictionary following [guidelines instructions](dictionary.md). + +### 4. Remove a metric + +Only deprecated metrics can be removed from Usage Ping. + +For an example of the metric removal process take a look at this [example issue](https://gitlab.com/gitlab-org/gitlab/-/issues/297029) + +To remove a deprecated metric: + +1. Verify that removing the metric from the Usage Ping payload does not cause + errors in [Version App](https://gitlab.com/gitlab-services/version-gitlab-com) + when the updated payload is collected and processed. Version App collects + and persists all Usage Ping reports. To do that you can modify + [fixtures](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/spec/support/usage_data_helpers.rb#L540) + used to test + [`UsageDataController#create`](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/3760ef28/spec/controllers/usage_data_controller_spec.rb#L75) + endpoint, and assure that test suite does not fail when metric that you wish to remove is not included into test payload. + +1. Create an issue in the + [GitLab Data Team project](https://gitlab.com/gitlab-data/analytics/-/issues). + Ask for confirmation that the metric is not referred to in any SiSense dashboards and + can be safely removed from Usage Ping. Use this + [example issue](https://gitlab.com/gitlab-data/analytics/-/issues/7539) for guidance. + This step can be skipped if verification done during [deprecation process](#3-deprecate-a-metric) + reported that metric is not required by any data transformation in Snowflake data warehouse nor it is + used by any of SiSense dashboards. + +1. After you verify the metric can be safely removed, + update the attributes of the metric's YAML definition: + + - Set the `status:` to `removed`. + - Set `milestone_removed:` to the number of the + milestone in which the metric was removed. + + Do not remove the metric's YAML definition altogether. Some self-managed + instances might not immediately update to the latest version of GitLab, and + therefore continue to report the removed metric. The Product Intelligence team + requires a record of all removed metrics in order to identify and filter them. + + For example please take a look at this [merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60149/diffs#b01f429a54843feb22265100c0e4fec1b7da1240_10_10). + +1. After you verify the metric can be safely removed, + remove the metric's instrumentation from + [`lib/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data.rb) + or + [`ee/lib/ee/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/ee/gitlab/usage_data.rb). + + For example please take a look at this [merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60149/diffs#6335dc533bd21df26db9de90a02dd66278c2390d_167_167). + +1. Remove any other records related to the metric: + - The feature flag YAML file at [`config/feature_flags/*/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/config/feature_flags). + - The entry in the known events YAML file at [`lib/gitlab/usage_data_counters/known_events/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/usage_data_counters/known_events). + +1. Update the Metrics Dictionary following [guidelines instructions](dictionary.md). ## Implementing Usage Ping @@ -492,39 +614,33 @@ Implemented using Redis methods [PFADD](https://redis.io/commands/pfadd) and [PF Example event: ```yaml - - name: i_compliance_credential_inventory - category: compliance - redis_slot: compliance - expiry: 42 # 6 weeks + - name: users_creating_epics + category: epics_usage + redis_slot: users aggregation: weekly - feature_flag: usage_data_i_compliance_credential_inventory + feature_flag: track_epics_activity ``` Keys: - `name`: unique event name. - Name format `<prefix>_<redis_slot>_name`. + Name format for Redis HLL events `<name>_<redis_slot>`. - Use one of the following prefixes for the event's name: - - - `g_` for group, as an event which is tracked for group. - - `p_` for project, as an event which is tracked for project. - - `i_` for instance, as an event which is tracked for instance. - - `a_` for events encompassing all `g_`, `p_`, `i_`. - - `o_` for other. + [See Metric name](metrics_dictionary.md#metric-name) for a complete guide on metric naming suggestion. Consider including in the event's name the Redis slot to be able to count totals for a specific category. - Example names: `i_compliance_credential_inventory`, `g_analytics_contribution`. + Example names: `users_creating_epics`, `users_triggering_security_scans`. - `category`: event category. Used for getting total counts for events in a category, for easier access to a group of events. - - `redis_slot`: optional Redis slot; default value: event name. Used if needed to calculate totals - for a group of metrics. Ensure keys are in the same slot. For example: - `i_compliance_credential_inventory` with `redis_slot: 'compliance'` builds Redis key - `i_{compliance}_credential_inventory-2020-34`. If `redis_slot` is not defined the Redis key will - be `{i_compliance_credential_inventory}-2020-34`. + - `redis_slot`: optional Redis slot. Default value: event name. Only event data that is stored in the same slot + can be aggregated. Ensure keys are in the same slot. For example: + `users_creating_epics` with `redis_slot: 'users'` builds Redis key + `{users}_creating_epics-2020-34`. If `redis_slot` is not defined the Redis key will + be `{users_creating_epics}-2020-34`. + Recommended slots to use are: `users`, `projects`. This is the value we count. - `expiry`: expiry time in days. Default: 29 days for daily aggregation and 6 weeks for weekly aggregation. - `aggregation`: may be set to a `:daily` or `:weekly` key. Defines how counting data is stored in Redis. @@ -550,7 +666,7 @@ Use one of the following methods to track events: include RedisTracking skip_before_action :authenticate_user!, only: :show - track_redis_hll_event :index, :show, name: 'g_compliance_example_feature_visitors' + track_redis_hll_event :index, :show, name: 'users_visiting_projects' def index render html: 'index' @@ -581,7 +697,7 @@ Use one of the following methods to track events: user: current_user, subject: user_group ).execute - increment_unique_values('i_list_repositories', current_user.id) + increment_unique_values('users_listing_repositories', current_user.id) present paginate(repositories), with: Entities::ContainerRegistry::Repository, tags: params[:tags], tags_count: params[:tags_count] end @@ -655,15 +771,15 @@ Use one of the following methods to track events: Trigger events in rails console by using `track_event` method ```ruby - Gitlab::UsageDataCounters::HLLRedisCounter.track_event('g_compliance_audit_events', values: 1) - Gitlab::UsageDataCounters::HLLRedisCounter.track_event('g_compliance_audit_events', values: [2, 3]) + Gitlab::UsageDataCounters::HLLRedisCounter.track_event('users_viewing_compliance_audit_events', values: 1) + Gitlab::UsageDataCounters::HLLRedisCounter.track_event('users_viewing_compliance_audit_events', values: [2, 3]) ``` Next, get the unique events for the current week. ```ruby # Get unique events for metric for current_week - Gitlab::UsageDataCounters::HLLRedisCounter.unique_events(event_names: 'g_compliance_audit_events', + Gitlab::UsageDataCounters::HLLRedisCounter.unique_events(event_names: 'users_viewing_compliance_audit_events', start_date: Date.current.beginning_of_week, end_date: Date.current.next_week) ``` @@ -681,7 +797,7 @@ We have the following recommendations for [Adding new events](#adding-new-events ##### Enable/Disable Redis HLL tracking -Events are tracked behind [feature flags](../feature_flags/index.md) due to concerns for Redis performance and scalability. +Events are tracked behind optional [feature flags](../feature_flags/index.md) due to concerns for Redis performance and scalability. For a full list of events and corresponding feature flags see, [known_events](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/) files. @@ -693,6 +809,13 @@ To enable or disable tracking for specific event in <https://gitlab.com> or <htt /chatops run feature set <feature_name> false ``` +We can also disable tracking completely by using the global flag: + +```shell +/chatops run feature set redis_hll_tracking true +/chatops run feature set redis_hll_tracking false +``` + ##### Known events are added automatically in usage data payload All events added in [`known_events/common.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/common.yml) are automatically added to usage data generation under the `redis_hll_counters` key. This column is stored in [version-app as a JSON](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/db/schema.rb#L209). @@ -711,29 +834,24 @@ Example of `redis_hll_counters` data: ```ruby {:redis_hll_counters=> {"compliance"=> - {"g_compliance_dashboard_weekly"=>0, - "g_compliance_dashboard_monthly"=>0, - "g_compliance_audit_events_weekly"=>0, - "g_compliance_audit_events_monthly"=>0, + {"users_viewing_compliance_dashboard_weekly"=>0, + "users_viewing_compliance_dashboard_monthly"=>0, + "users_viewing_compliance_audit_events_weekly"=>0, + "users_viewing_audit_events_monthly"=>0, "compliance_total_unique_counts_weekly"=>0, "compliance_total_unique_counts_monthly"=>0}, - "analytics"=> - {"g_analytics_contribution_weekly"=>0, - "g_analytics_contribution_monthly"=>0, - "g_analytics_insights_weekly"=>0, - "g_analytics_insights_monthly"=>0, + "analytics"=> + {"users_viewing_analytics_group_devops_adoption_weekly"=>0, + "users_viewing_analytics_group_devops_adoption_monthly"=>0, "analytics_total_unique_counts_weekly"=>0, "analytics_total_unique_counts_monthly"=>0}, "ide_edit"=> - {"g_edit_by_web_ide_weekly"=>0, - "g_edit_by_web_ide_monthly"=>0, - "g_edit_by_sfe_weekly"=>0, - "g_edit_by_sfe_monthly"=>0, + {"users_editing_by_web_ide_weekly"=>0, + "users_editing_by_web_ide_monthly"=>0, + "users_editing_by_sfe_weekly"=>0, + "users_editing_by_sfe_monthly"=>0, "ide_edit_total_unique_counts_weekly"=>0, - "ide_edit_total_unique_counts_monthly"=>0}, - "search"=> - {"i_search_total_weekly"=>0, "i_search_total_monthly"=>0, "i_search_advanced_weekly"=>0, "i_search_advanced_monthly"=>0, "i_search_paid_weekly"=>0, "i_search_paid_monthly"=>0, "search_total_unique_counts_weekly"=>0, "search_total_unique_counts_monthly"=>0}, - "source_code"=>{"wiki_action_weekly"=>0, "wiki_action_monthly"=>0} + "ide_edit_total_unique_counts_monthly"=>0} } ``` @@ -747,10 +865,10 @@ redis_usage_data { ::Gitlab::UsageCounters::PodLogs.usage_totals[:total] } # Define events in common.yml https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/common.yml # Tracking events -Gitlab::UsageDataCounters::HLLRedisCounter.track_event('expand_vulnerabilities', values: visitor_id) +Gitlab::UsageDataCounters::HLLRedisCounter.track_event('users_expanding_vulnerabilities', values: visitor_id) # Get unique events for metric -redis_usage_data { Gitlab::UsageDataCounters::HLLRedisCounter.unique_events(event_names: 'expand_vulnerabilities', start_date: 28.days.ago, end_date: Date.current) } +redis_usage_data { Gitlab::UsageDataCounters::HLLRedisCounter.unique_events(event_names: 'users_expanding_vulnerabilities', start_date: 28.days.ago, end_date: Date.current) } ``` ### Alternative Counters @@ -824,7 +942,6 @@ We return fallback values in these cases: Add the metric in one of the top level keys -- `license`: for license related metrics. - `settings`: for settings related metrics. - `counts_weekly`: for counters that have data for the most recent 7 days. - `counts_monthly`: for counters that have data for the most recent 28 days. @@ -907,15 +1024,21 @@ On GitLab.com, we have DangerBot setup to monitor Product Intelligence related f ### 10. Verify your metric -On GitLab.com, the Product Intelligence team regularly monitors Usage Ping. They may alert you that your metrics need further optimization to run quicker and with greater success. You may also use the [Usage Ping QA dashboard](https://app.periscopedata.com/app/gitlab/632033/Usage-Ping-QA) to check how well your metric performs. The dashboard allows filtering by GitLab version, by "Self-managed" & "SaaS" and shows you how many failures have occurred for each metric. Whenever you notice a high failure rate, you may re-optimize your metric. +On GitLab.com, the Product Intelligence team regularly [monitors Usage Ping](https://gitlab.com/groups/gitlab-org/-/epics/6000). +They may alert you that your metrics need further optimization to run quicker and with greater success. + +The Usage Ping JSON payload for GitLab.com is shared in the +[#g_product_intelligence](https://gitlab.slack.com/archives/CL3A7GFPF) Slack channel every week. + +You may also use the [Usage Ping QA dashboard](https://app.periscopedata.com/app/gitlab/632033/Usage-Ping-QA) to check how well your metric performs. The dashboard allows filtering by GitLab version, by "Self-managed" & "SaaS" and shows you how many failures have occurred for each metric. Whenever you notice a high failure rate, you may re-optimize your metric. ### Usage Ping local setup To set up Usage Ping locally, you must: -1. [Set up local repositories]#(set-up-local-repositories) -1. [Test local setup](#test-local-setup) -1. (Optional) [Test Prometheus-based usage ping](#test-prometheus-based-usage-ping) +1. [Set up local repositories](#set-up-local-repositories). +1. [Test local setup](#test-local-setup). +1. (Optional) [Test Prometheus-based usage ping](#test-prometheus-based-usage-ping). #### Set up local repositories @@ -981,7 +1104,7 @@ build in a [downstream pipeline of the `omnibus-gitlab-mirror` project](https:// This is the less recommended approach, because it comes with a number of difficulties when emulating a real GitLab deployment. The [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit) is not set up to run a Prometheus server or `node_exporter` alongside other GitLab components. If you would -like to do so, [Monitoring the GDK with Prometheus](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/prometheus/index.md#monitoring-the-gdk-with-prometheus) is a good start. +like to do so, [Monitoring the GDK with Prometheus](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/prometheus/index.md#monitoring-the-gdk-with-prometheus) is a good start. The [GCK](https://gitlab.com/gitlab-org/gitlab-compose-kit) has limited support for testing Prometheus based Usage Ping. By default, it already comes with a fully configured Prometheus service that is set up to scrape a number of components, @@ -1030,9 +1153,9 @@ Example aggregated metric entries: - name: example_metrics_union operator: OR events: - - 'i_search_total' - - 'i_search_advanced' - - 'i_search_paid' + - 'users_expanding_secure_security_report' + - 'users_expanding_testing_code_quality_report' + - 'users_expanding_testing_accessibility_report' source: redis time_frame: - 7d diff --git a/doc/development/usage_ping/metrics_dictionary.md b/doc/development/usage_ping/metrics_dictionary.md index b55d4714580..40beee3c408 100644 --- a/doc/development/usage_ping/metrics_dictionary.md +++ b/doc/development/usage_ping/metrics_dictionary.md @@ -36,12 +36,14 @@ Each metric is defined in a separate YAML file consisting of a number of fields: | `value_type` | yes | `string`; one of [`string`, `number`, `boolean`, `object`](https://json-schema.org/understanding-json-schema/reference/type.html). | | `status` | yes | `string`; [status](#metric-statuses) of the metric, may be set to `data_available`, `implemented`, `not_used`, `deprecated`, `removed`. | | `time_frame` | yes | `string`; may be set to a value like `7d`, `28d`, `all`, `none`. | -| `data_source` | yes | `string`; may be set to a value like `database`, `redis`, `redis_hll`, `prometheus`, `ruby`. | +| `data_source` | yes | `string`; may be set to a value like `database`, `redis`, `redis_hll`, `prometheus`, `system`. | +| `instrumentation_class` | no | `string`; [the class that implements the metric](metrics_instrumentation.md). | | `distribution` | yes | `array`; may be set to one of `ce, ee` or `ee`. The [distribution](https://about.gitlab.com/handbook/marketing/strategic-marketing/tiers/#definitions) where the tracked feature is available. | | `tier` | yes | `array`; may be set to one of `free, premium, ultimate`, `premium, ultimate` or `ultimate`. The [tier]( https://about.gitlab.com/handbook/marketing/strategic-marketing/tiers/) where the tracked feature is available. | | `milestone` | no | The milestone when the metric is introduced. | | `milestone_removed` | no | The milestone when the metric is removed. | | `introduced_by_url` | no | The URL to the Merge Request that introduced the metric. | +| `extra` | no | `object`: extra information needed to calculate the metric value. | | `skip_validation` | no | This should **not** be set. [Used for imported metrics until we review, update and make them valid](https://gitlab.com/groups/gitlab-org/-/epics/5425). | ### Metric statuses @@ -119,10 +121,10 @@ only the single prompt to be replaced by the person working with metrics YAML. `{subject}_{verb}{ing|ed}_{object}`, such as `user_creating_epics`, `users_triggering_security_scans`, or `merge_requests_viewed_in_single_file_mode` -#### Metric with `data_source: prometheus` or `ruby` +#### Metric with `data_source: prometheus` or `system` -For metrics instrumented with Prometheus or Ruby, the suggested name includes only -the single prompt by person working with metrics YAML. +For metrics instrumented with Prometheus or coming from the operating system, +the suggested name includes only the single prompt by person working with metrics YAML. - **Prompt**: `<please fill metric name>` - **Final metric name**: Due to the variety of cases that can apply to this kind of metric, @@ -194,3 +196,11 @@ bundle exec rails generate gitlab:usage_metric_definition:redis_hll issues i_clo create config/metrics/counts_7d/i_closed_weekly.yml create config/metrics/counts_28d/i_closed_monthly.yml ``` + +To create a metric definition used in EE, add the `--ee` flag. + +```shell +bundle exec rails generate gitlab:usage_metric_definition:redis_hll issues users_closing_issues --ee +create config/metrics/counts_7d/i_closed_weekly.yml +create config/metrics/counts_28d/i_closed_monthly.yml +``` diff --git a/doc/development/usage_ping/metrics_instrumentation.md b/doc/development/usage_ping/metrics_instrumentation.md new file mode 100644 index 00000000000..2cb24fab6cc --- /dev/null +++ b/doc/development/usage_ping/metrics_instrumentation.md @@ -0,0 +1,90 @@ +--- +stage: Growth +group: Product Intelligence +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Metrics instrumentation guide + +This guide describes how to develop Usage Ping metrics using metrics instrumentation. + +## Nomenclature + +- **Instrumentation class**: + - Inherits one of the metric classes: `DatabaseMetric`, `RedisHLLMetric` or `GenericMetric`. + - Implements the logic that calculates the value for a Usage Ping metric. + +- **Metric definition** + The Usage Data metric YAML definition. + +- **Hardening**: + Hardening a method is the process that ensures the method fails safe, returning a fallback value like -1. + +## How it works + +A metric definition has the [`instrumentation_class`](metrics_dictionary.md) field, which can be set to a class. + +The defined instrumentation class should have one of the existing metric classes: `DatabaseMetric`, `RedisHLLMetric`, or `GenericMetric`. + +Using the instrumentation classes ensures that metrics can fail safe individually, without breaking the entire + process of Usage Ping generation. + +We have built a domain-specific language (DSL) to define the metrics instrumentation. + +## Database metrics + +[Example of a merge request that adds a database metric](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60022). + +```ruby +module Gitlab + module Usage + module Metrics + module Instrumentations + class CountBoardsMetric < DatabaseMetric + operation :count + + relation { Board } + end + end + end + end +end +``` + +## Redis HyperLogLog metrics + +[Example of a merge request that adds a `RedisHLL` metric](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60089/diffs). + +```ruby +module Gitlab + module Usage + module Metrics + module Instrumentations + class CountUsersUsingApproveQuickActionMetric < RedisHLLMetric + event_names :i_quickactions_approve + end + end + end + end +end +``` + +## Generic metrics + +[Example of a merge request that adds a generic metric](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60256). + +```ruby +module Gitlab + module Usage + module Metrics + module Instrumentations + class UuidMetric < GenericMetric + value do + Gitlab::CurrentSettings.uuid + end + end + end + end + end +end +``` diff --git a/doc/development/usage_ping/product_intelligence_review.md b/doc/development/usage_ping/product_intelligence_review.md index 3a8f9143b70..0e86a116bca 100644 --- a/doc/development/usage_ping/product_intelligence_review.md +++ b/doc/development/usage_ping/product_intelligence_review.md @@ -48,7 +48,7 @@ Product Intelligence files. [Metrics Dictionary](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/usage_ping/dictionary.md) if it is needed. - Add a changelog [according to guidelines](../changelog.md). -##### When adding or modifiying Snowplow events +##### When adding or modifying Snowplow events - For frontend events, when relevant, add a screenshot of the event in the [testing tool](../snowplow/index.md#developing-and-testing-snowplow) used. @@ -81,7 +81,7 @@ Any of the Product Intelligence engineers can be assigned for the Product Intell - Check if a [feature flag is needed](index.md#recommendations). - For tracking with Snowplow: - Check that the [event taxonomy](../snowplow/index.md#structured-event-taxonomy) is correct. - - Check the [usage recomendations](../snowplow/index.md#usage-recommendations). + - Check the [usage recommendations](../snowplow/index.md#usage-recommendations). - Metrics YAML definitions: - Check the metric `description`. - Check the metrics `key_path`. diff --git a/doc/downgrade_ee_to_ce/index.md b/doc/downgrade_ee_to_ce/index.md index ab95c5f3b09..15e0c43a6bb 100644 --- a/doc/downgrade_ee_to_ce/index.md +++ b/doc/downgrade_ee_to_ce/index.md @@ -31,7 +31,7 @@ Completed 500 Internal Server Error in 497ms (ActiveRecord: 32.2ms) ActionView::Template::Error (The single-table inheritance mechanism failed to locate the subclass: 'GithubService'. This error is raised because the column 'type' is reserved for storing the class in case of inheritance. Please rename this -column if you didn't intend it to be used for storing the inheritance class or overwrite Service.inheritance_column to +column if you didn't intend it to be used for storing the inheritance class or overwrite Integration.inheritance_column to use another column for that information.) ``` @@ -42,13 +42,13 @@ to avoid getting this error, you need to remove all instances of the **Omnibus Installation** ```shell -sudo gitlab-rails runner "Service.where(type: ['GithubService']).delete_all" +sudo gitlab-rails runner "Integration.where(type: ['GithubService']).delete_all" ``` **Source Installation** ```shell -bundle exec rails runner "Service.where(type: ['GithubService']).delete_all" production +bundle exec rails runner "Integration.where(type: ['GithubService']).delete_all" production ``` NOTE: diff --git a/doc/install/aws/index.md b/doc/install/aws/index.md index 7fde3915bf5..9444c16f7ad 100644 --- a/doc/install/aws/index.md +++ b/doc/install/aws/index.md @@ -838,3 +838,9 @@ You may have to set a password on the `root` user to prevent automatic redirects ### "The change you requested was rejected (422)" If you see this page when trying to set a password via the web interface, make sure `external_url` in `gitlab.rb` matches the domain you are making a request from, and run `sudo gitlab-ctl reconfigure` after making any changes to it. + +### Some job logs are not uploaded to object storage + +When the GitLab deployment is scaled up to more than one node, some job logs may not be uploaded to [object storage](../../administration/object_storage.md) properly. [Incremental logging is required](../../administration/object_storage.md#incremental-logging-is-required-for-ci-to-use-object-storage) for CI to use object storage. + +Enable [incremental logging](../../administration/job_logs.md#enable-or-disable-incremental-logging) if it has not already been enabled. diff --git a/doc/install/azure/index.md b/doc/install/azure/index.md index 8fb400c796e..2fca70fd07a 100644 --- a/doc/install/azure/index.md +++ b/doc/install/azure/index.md @@ -31,20 +31,20 @@ Because GitLab is already installed in a pre-configured image, all you have to d create a new VM: 1. [Visit the GitLab offering in the marketplace](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/gitlabinc1586447921813.gitlabee?tab=Overview) -1. Select **Get it now** and you will be presented with the **Create this app in Azure** window. +1. Select **Get it now** and the **Create this app in Azure** window opens. Select **Continue**. 1. Select one of the following options from the Azure portal: - Select **Create** to create a VM from scratch. - Select **Start with a pre-set configuration** to get started with some pre-configured options. You can modify these configurations at any time. -For the sake of this guide, we'll create the VM from scratch, so +For the sake of this guide, let's create the VM from scratch, so select **Create**. NOTE: -Be aware that while your VM is active (known as "allocated"), it incurs -compute charges for which you'll be billed. Even if you're using the -free trial credits, you'll want to know +Be aware that Azure incurs compute charges whenever your VM is +active (known as "allocated"), even if you're using free trial +credits. [how to properly shutdown an Azure VM to save money](https://build5nines.com/properly-shutdown-azure-vm-to-save-money/). See the [Azure pricing calculator](https://azure.microsoft.com/en-us/pricing/calculator/) to learn how much resources can cost. @@ -68,7 +68,7 @@ The first items you need to configure are the basic settings of the underlying v is covered by the `D4s_v3` size, select that option. 1. Set the authentication type to **SSH public key**. 1. Enter a user name or leave the one that is automatically created. This is - the user you'll use to connect to the VM through SSH. By default, the user + the user Azure uses to connect to the VM through SSH. By default, the user has root access. 1. Determine if you want to provide your own SSH key or let Azure create one for you. Read the [SSH documentation](../../ssh/README.md) to learn more about how to set up SSH @@ -103,7 +103,7 @@ The GitLab image in the marketplace has the following ports open by default: | 22 | Enable our VM to respond to SSH connection requests, allowing public access (with authentication) to remote terminal sessions. | If you want to change the ports or add any rules, you can do it -after the VM is created by going to the Networking settings in the left sidebar, +after the VM is created by selecting Networking settings in the left sidebar, while in the VM dashboard. ### Configure the Management tab @@ -126,13 +126,13 @@ resources. You don't need to change the default settings. The final tab presents you with all of your selected options, where you can review and modify your choices from the -previous steps. Azure will run validation tests in the background, +previous steps. Azure runs validation tests in the background, and if you provided all of the required settings, you can create the VM. After you select **Create**, if you had opted for Azure to create an SSH key pair -for you, you'll be asked to download the private SSH key. Download the key, as you'll -need it to SSH into the VM. +for you, a prompt appears to download the private SSH key. Download the key, as it's +needed to SSH into the VM. After you download the key, the deployment begins. @@ -153,11 +153,11 @@ to assign a descriptive DNS name to the VM: 1. From the VM dashboard, select **Configure** under **DNS name**. 1. Enter a descriptive DNS name for your instance in the **DNS name label** field, - for example `gitlab-prod`. This will make the VM accessible at + for example `gitlab-prod`. This makes the VM accessible at `gitlab-prod.eastus.cloudapp.azure.com`. 1. Select **Save** for the changes to take effect. -Eventually, you'll want to use your own domain name. To do this, you need to add a DNS `A` record +Eventually, most users want to use their own domain name. For you to do this, you need to add a DNS `A` record with your domain registrar that points to the public IP address of your Azure VM. You can use [Azure's DNS](https://docs.microsoft.com/en-us/azure/dns/dns-delegate-domain-azure-dns) or some [other registrar](https://docs.gitlab.com/omnibus/settings/dns.html). @@ -165,15 +165,15 @@ or some [other registrar](https://docs.gitlab.com/omnibus/settings/dns.html). ### Change the GitLab external URL GitLab uses `external_url` in its configuration file to set up the domain name. -If you don't set this up, when you visit the Azure friendly name, you'll -instead be redirected to the public IP. +If you don't set this up, when you visit the Azure friendly name, the browser will +redirect you to the public IP. To set up the GitLab external URL: 1. Connect to GitLab through SSH by going to **Settings > Connect** from the VM dashboard, and follow the instructions. Remember to sign in with the username and SSH key you specified when you [created the VM](#configure-the-basics-tab). - The Azure VM domain name will be the one you + The Azure VM domain name is the one you [set up previously](#set-up-a-domain-name). If you didn't set up a domain name for your VM, you can use the IP address in its place. @@ -189,10 +189,10 @@ To set up the GitLab external URL: 1. Open `/etc/gitlab/gitlab.rb` with your editor. 1. Find `external_url` and replace it with your own domain name. For the sake - of this example, we'll use the friendly domain name that Azure set up. - If you use `https` in the URL, Let's Encrypt will be - [automatically enabled](https://docs.gitlab.com/omnibus/settings/ssl.html#lets-encrypt-integration), - and you'll have HTTPS by default: + of this example, use the default domain name Azure sets up. + Using `https` in the URL + [automatically enables](https://docs.gitlab.com/omnibus/settings/ssl.html#lets-encrypt-integration), + Let's Encrypt, and sets HTTPS by default: ```ruby external_url 'https://gitlab-prod.eastus.cloudapp.azure.com' @@ -221,7 +221,7 @@ You can now visit GitLab with your browser at the new external URL. Use the domain name you set up earlier to visit your new GitLab instance in your browser. In this example, it's `https://gitlab-prod.eastus.cloudapp.azure.com`. -The first thing you'll see is the sign-in page. GitLab creates an admin user by default. +The first thing that appears is the sign-in page. GitLab creates an admin user by default. The credentials are: - Username: `root` @@ -239,7 +239,7 @@ in this section whenever you need to update GitLab. ### Check the current version To determine the version of GitLab you're currently running, -go to the **{admin}** **Admin Area**, and you will find the version +go to the **{admin}** **Admin Area**, and find the version under the **Components** table. If there's a newer available version of GitLab that contains one or more @@ -259,7 +259,7 @@ To update GitLab to the latest version: ``` This command updates GitLab and its associated components to the latest versions, - and can take time to complete. You'll see various update tasks being + and can take time to complete. During this time, the terminal shows various update tasks being completed in your terminal. NOTE: @@ -267,8 +267,8 @@ To update GitLab to the latest version: `E: The repository 'https://packages.gitlab.com/gitlab/gitlab-ee/debian buster InRelease' is not signed.`, see the [troubleshooting section](#update-the-gpg-key-for-the-gitlab-repositories). -1. After the update process is complete, you'll see a message like the - following: +1. After the update process is complete, a message like the + following appears: ```plaintext Upgrade complete! If your GitLab server is misbehaving try running @@ -300,7 +300,7 @@ GPG key. The pre-configured GitLab image in Azure (provided by Bitnami) uses a GPG key [deprecated in April 2020](https://about.gitlab.com/blog/2020/03/30/gpg-key-for-gitlab-package-repositories-metadata-changing/). -If you try to update the repositories, you'll get the following error: +If you try to update the repositories, the system returns the following error: <!-- vale gitlab.ReferenceLinks = NO --> diff --git a/doc/install/google_cloud_platform/index.md b/doc/install/google_cloud_platform/index.md index 766788da061..1b232c361ee 100644 --- a/doc/install/google_cloud_platform/index.md +++ b/doc/install/google_cloud_platform/index.md @@ -44,17 +44,17 @@ To deploy GitLab on GCP you first need to create a virtual machine: 1. To select the size, type, and desired [operating system](../requirements.md#supported-linux-distributions), click **Change** under `Boot disk`. Click **Select** when finished. -1. As a last step allow HTTP and HTTPS traffic, then click **Create**. The process will finish in a few seconds. +1. As a last step allow HTTP and HTTPS traffic, then click **Create**. The process finishes in a few seconds. ## Installing GitLab -After a few seconds, the instance will be created and available to log in. The next step is to install GitLab onto the instance. +After a few seconds, the instance is created and available to log in. The next step is to install GitLab onto the instance.  -1. Make a note of the IP address of the instance, as you will need that in a later step. +1. Make a note of the IP address of the instance, as you will need that in a later step. <!-- using future tense is okay here --> 1. Click on the SSH button to connect to the instance. -1. A new window will appear, with you logged into the instance. +1. A new window appears, with you logged into the instance.  @@ -72,8 +72,8 @@ the first time. ### Assigning a static IP By default, Google assigns an ephemeral IP to your instance. It is strongly -recommended to assign a static IP if you are going to use GitLab in production -and use a domain name as we'll see below. +recommended to assign a static IP if you are using GitLab in production +and use a domain name as shown below. Read Google's documentation on how to [promote an ephemeral IP address](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address#promote_ephemeral_ip). @@ -84,7 +84,7 @@ set up DNS to point to the static IP you configured in the previous step, here's how you configure GitLab to be aware of the change: 1. SSH into the VM. You can easily use the **SSH** button in the Google console - and a new window will pop up. + and a new window pops up.  @@ -104,7 +104,7 @@ here's how you configure GitLab to be aware of the change: external_url 'http://gitlab.example.com' ``` - We will set up HTTPS in the next step, no need to do this now. + We will set up HTTPS in the next step, no need to do this now. <!-- using future tense is okay here --> 1. Reconfigure GitLab for the changes to take effect: @@ -121,8 +121,7 @@ certificate. Follow the steps in the [Omnibus documentation](https://docs.gitlab ### Configuring the email SMTP settings -You need to configure the email SMTP settings correctly otherwise GitLab will -not be able to send notification emails, like comments, and password changes. +You need to configure the email SMTP settings correctly otherwise GitLab cannot send notification emails, like comments, and password changes. Check the [Omnibus documentation](https://docs.gitlab.com/omnibus/settings/smtp.html#smtp-settings) how to do so. ## Further reading @@ -131,7 +130,7 @@ GitLab can be configured to authenticate with other OAuth providers, LDAP, SAML, Kerberos, etc. Here are some documents you might be interested in reading: - [Omnibus GitLab documentation](https://docs.gitlab.com/omnibus/) -- [Integration documentation](../../integration/README.md) +- [Integration documentation](../../integration/index.md) - [GitLab Pages configuration](../../administration/pages/index.md) - [GitLab Container Registry configuration](../../administration/packages/container_registry.md) diff --git a/doc/install/index.md b/doc/install/index.md index 1e6f0bb95c2..8e34ac24b71 100644 --- a/doc/install/index.md +++ b/doc/install/index.md @@ -48,35 +48,5 @@ methods, the majority which use the Linux packages: ## Next steps -Here are a few resources you might want to check out after completing the -installation: - -- [Upload a license](../user/admin_area/license.md) or [start a free trial](https://about.gitlab.com/free-trial/): - Activate all GitLab Enterprise Edition functionality with a license. -- [Set up runners](https://docs.gitlab.com/runner/): Set up one or more GitLab - Runners, the agents that are responsible for all of the GitLab CI/CD features. -- [GitLab Pages](../administration/pages/index.md): Configure GitLab Pages to - allow hosting of static sites. -- [GitLab Registry](../administration/packages/container_registry.md): With the - GitLab Container Registry, every project can have its own space to store Docker - images. -- [Secure GitLab](../security/README.md#securing-your-gitlab-installation): - Recommended practices to secure your GitLab instance. -- [SMTP](https://docs.gitlab.com/omnibus/settings/smtp.html): Configure SMTP - for proper email notifications support. -- [LDAP](../administration/auth/ldap/index.md): Configure LDAP to be used as - an authentication mechanism for GitLab. -- [Back up and restore GitLab](../raketasks/backup_restore.md): Learn the different - ways you can back up or restore GitLab. -- [Upgrade GitLab](../update/index.md): Every 22nd of the month, a new feature-rich GitLab version - is released. Learn how to upgrade to it, or to an interim release that contains a security fix. -- [Scaling GitLab](../administration/reference_architectures/index.md): - GitLab supports several different types of clustering. -- [Advanced Search](../integration/elasticsearch.md): Leverage Elasticsearch for - faster, more advanced code search across your entire GitLab instance. -- [Geo replication](../administration/geo/index.md): - Geo is the solution for widely distributed development teams. -- [Release and maintenance policy](../policy/maintenance.md): Learn about GitLab - policies governing version naming, as well as release pace for major, minor, patch, - and security releases. -- [Pricing](https://about.gitlab.com/pricing/): Pricing for the different tiers. +After you complete the steps for installing GitLab, you can +[configure your instance](next_steps.md). diff --git a/doc/install/installation.md b/doc/install/installation.md index eb8c3784cfa..3af3d2bfe7a 100644 --- a/doc/install/installation.md +++ b/doc/install/installation.md @@ -112,9 +112,6 @@ sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdb libcurl4-openssl-dev libicu-dev logrotate rsync python-docutils pkg-config cmake runit-systemd ``` -Ubuntu 14.04 (Trusty Tahr) doesn't have the `libre2-dev` package available, but -you can [install re2 manually](https://github.com/google/re2/wiki/Install). - If you want to use Kerberos for user authentication, install `libkrb5-dev` (if you don't know what Kerberos is, you can assume you don't need it): @@ -221,12 +218,6 @@ below to use a system Ruby. Linux distributions generally have older versions of Ruby available, so these instructions are designed to install Ruby from the official source code. -Remove the old Ruby 1.8 if present: - -```shell -sudo apt-get remove ruby1.8 -``` - Download Ruby and compile it: ```shell @@ -242,7 +233,7 @@ sudo make install ## 3. Go -In GitLab 8.0 and later, GitLab has several daemons written in Go. To install +GitLab has several daemons written in Go. To install GitLab we need a Go compiler. The instructions below assume you use 64-bit Linux. You can find downloads for other platforms at the [Go download page](https://golang.org/dl). @@ -251,21 +242,21 @@ page](https://golang.org/dl). # Remove former Go installation folder sudo rm -rf /usr/local/go -curl --remote-name --progress-bar "https://dl.google.com/go/go1.13.5.linux-amd64.tar.gz" -echo '512103d7ad296467814a6e3f635631bd35574cab3369a97a323c9a585ccaa569 go1.13.5.linux-amd64.tar.gz' | shasum -a256 -c - && \ - sudo tar -C /usr/local -xzf go1.13.5.linux-amd64.tar.gz +curl --remote-name --progress-bar "https://dl.google.com/go/go1.15.12.linux-amd64.tar.gz" +echo 'bbdb935699e0b24d90e2451346da76121b2412d30930eabcd80907c230d098b7 go1.15.12.linux-amd64.tar.gz' | shasum -a256 -c - && \ + sudo tar -C /usr/local -xzf go1.15.12.linux-amd64.tar.gz sudo ln -sf /usr/local/go/bin/{go,godoc,gofmt} /usr/local/bin/ -rm go1.13.5.linux-amd64.tar.gz +rm go1.15.12.linux-amd64.tar.gz ``` ## 4. Node -In GitLab 8.17 and later, GitLab requires the use of Node to compile JavaScript +GitLab requires the use of Node to compile JavaScript assets, and Yarn to manage JavaScript dependencies. The current minimum requirements for these are: -- `node` >= v10.14.2. (We recommend node 14.x as it is faster) -- `yarn` >= v1.10.0. +- `node` >= v12.22.1. (We recommend node 14.x as it is faster) +- `yarn` = v1.22.x (Yarn 2 is not supported yet) In many distributions, the versions provided by the official package repositories are out of date, so @@ -276,10 +267,7 @@ we need to install through the following commands: curl --location "https://deb.nodesource.com/setup_14.x" | sudo bash - sudo apt-get install -y nodejs -curl --silent --show-error "https://dl.yarnpkg.com/debian/pubkey.gpg" | sudo apt-key add - -echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list -sudo apt-get update -sudo apt-get install yarn +npm install --global yarn ``` Visit the official websites for [node](https://nodejs.org/en/download/package-manager/) and [yarn](https://classic.yarnpkg.com/en/docs/install/) if you have any trouble with these steps. @@ -831,6 +819,8 @@ to use. Read all about the needed configuration at the If you want to use HTTPS, replace the `gitlab` NGINX configuration with `gitlab-ssl`. See [Using HTTPS](#using-https) for HTTPS configuration details. +For the NGINX to be able to read the GitLab-Workhorse socket, you need to make sure, that the `www-data` user can read the socket, which will be owned by the GitLab user. This is most easily achieved, if it is world-readable, for example that it has permissions `0755`, which is the default. `www-data` also needs to be able to list the parent directories. + ### Test Configuration Validate your `gitlab` or `gitlab-ssl` NGINX configuration file with the following command: diff --git a/doc/install/next_steps.md b/doc/install/next_steps.md new file mode 100644 index 00000000000..3e73da123fb --- /dev/null +++ b/doc/install/next_steps.md @@ -0,0 +1,63 @@ +--- +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Steps after installing GitLab + +Here are a few resources you might want to check out after completing the +installation. + +## License + +- [Upload a license](../user/admin_area/license.md) or [start a free trial](https://about.gitlab.com/free-trial/): + Activate all GitLab Enterprise Edition functionality with a license. +- [Pricing](https://about.gitlab.com/pricing/): Pricing for the different tiers. + +## Security + +- [Secure GitLab](../security/README.md#securing-your-gitlab-installation): + Recommended practices to secure your GitLab instance. + +## Authentication + +- [LDAP](../administration/auth/ldap/index.md): Configure LDAP to be used as + an authentication mechanism for GitLab. + +## Email and notifications + +- [SMTP](https://docs.gitlab.com/omnibus/settings/smtp.html): Configure SMTP + for proper email notifications support. + +## Backup and upgrade + +- [Back up and restore GitLab](../raketasks/backup_restore.md): Learn the different + ways you can back up or restore GitLab. +- [Upgrade GitLab](../update/index.md): Every 22nd of the month, a new feature-rich GitLab version + is released. Learn how to upgrade to it, or to an interim release that contains a security fix. +- [Release and maintenance policy](../policy/maintenance.md): Learn about GitLab + policies governing version naming, as well as release pace for major, minor, patch, + and security releases. + +## CI/CD + +- [Set up runners](https://docs.gitlab.com/runner/): Set up one or more GitLab + Runners, the agents that are responsible for all of the GitLab CI/CD features. +- [GitLab Pages](../administration/pages/index.md): Configure GitLab Pages to + allow hosting of static sites. +- [GitLab Registry](../administration/packages/container_registry.md): With the + GitLab Container Registry, every project can have its own space to store Docker + images. + +## Scaling and replication + +- [Scaling GitLab](../administration/reference_architectures/index.md): + GitLab supports several different types of clustering. +- [Geo replication](../administration/geo/index.md): + Geo is the solution for widely distributed development teams. + +## Search + +- [Advanced Search](../integration/elasticsearch.md): Leverage Elasticsearch for + faster, more advanced code search across your entire GitLab instance. diff --git a/doc/install/openshift_and_gitlab/index.md b/doc/install/openshift_and_gitlab/index.md index 3dbcbcfc90c..31c3ca60b84 100644 --- a/doc/install/openshift_and_gitlab/index.md +++ b/doc/install/openshift_and_gitlab/index.md @@ -21,7 +21,7 @@ you can host your own PaaS for free and almost with no hassle. In this tutorial, we will see how to deploy GitLab in OpenShift using the GitLab official Docker image while getting familiar with the web interface and CLI -tools that will help us achieve our goal. +tools that help us achieve our goal. For a video demonstration on installing GitLab on OpenShift, check the article [In 13 minutes from Kubernetes to a complete application development tool](https://about.gitlab.com/blog/2016/11/14/idea-to-production/). @@ -32,7 +32,7 @@ This information is no longer up to date, as the current versions have changed and products have been renamed. OpenShift 3 is not yet deployed on RedHat's offered [Online platform](https://www.openshift.com/), -so in order to test it, we will use an [all-in-one VirtualBox image](https://www.okd.io/minishift/) that is +so in order to test it, we use an [all-in-one VirtualBox image](https://www.okd.io/minishift/) that is offered by the OpenShift developers and managed by Vagrant. If you haven't done already, go ahead and install the following components as they are essential to test OpenShift easily: @@ -65,7 +65,7 @@ the tools needed pre-installed, including Docker, Kubernetes, and OpenShift. ### Test OpenShift using Vagrant As of this writing, the all-in-one VM is at version 1.3, and that's -what we will use in this tutorial. +what we use in this tutorial. In short: @@ -75,7 +75,7 @@ In short: vagrant init openshift/origin-all-in-one ``` -1. This will generate a Vagrantfile based on the all-in-one VM image +1. This generates a Vagrantfile based on the all-in-one VM image 1. In the same directory where you generated the Vagrantfile enter: @@ -83,7 +83,7 @@ In short: vagrant up ``` -This will download the VirtualBox image and fire up the VM with some preconfigured +This downloads the VirtualBox image and fire up the VM with some preconfigured values as you can see in the Vagrantfile. As you may have noticed, you need plenty of RAM (5GB in our example), so make sure you have enough. @@ -91,7 +91,7 @@ Now that OpenShift is set up, let's see how the web console looks like. ### Explore the OpenShift web console -Once Vagrant finishes its thing with the VM, you will be presented with a +Once Vagrant finishes its thing with the VM, you are presented with a message which has some important information. One of them is the IP address of the deployed OpenShift platform and in particular `https://10.2.2.2:8443/console/`. Open this link with your browser and accept the self-signed certificate in @@ -109,7 +109,7 @@ respective pods are there to explore.  -We are not going to explore the whole interface, but if you want to learn about +We are not exploring the whole interface, but if you want to learn about the key concepts of OpenShift, read the [core concepts reference](https://docs.okd.io/3.11/architecture/core_concepts/index.html) in the official documentation. @@ -193,7 +193,7 @@ The connection to the server 10.2.2.2:8443 was refused - did you specify the rig In that case, the OpenShift service might not be running, so in order to fix it: -1. SSH into the VM by going to the directory where the Vagrantfile is and then +1. SSH into the VM by selecting the directory where the Vagrantfile is and then run: ```shell @@ -201,7 +201,7 @@ In that case, the OpenShift service might not be running, so in order to fix it: ``` 1. Run `systemctl` and verify by the output that the `openshift` service is not - running (it will be in red color). If that's the case start the service with: + running (it is in red color). If that's the case start the service with: ```shell sudo systemctl start openshift @@ -221,7 +221,7 @@ Now that you got a taste of what OpenShift looks like, let's deploy GitLab! ### Create a new project -First, we will create a new project to host our application. You can do this +First, create a new project to host our application. You can do this either by running the CLI client: ```shell diff --git a/doc/install/requirements.md b/doc/install/requirements.md index 70e95e284a3..926af1795b9 100644 --- a/doc/install/requirements.md +++ b/doc/install/requirements.md @@ -113,7 +113,7 @@ If you want to be flexible about growing your hard drive space in the future con Apart from a local hard drive you can also mount a volume that supports the network file system (NFS) protocol. This volume might be located on a file server, a network attached storage (NAS) device, a storage area network (SAN) or on an Amazon Web Services (AWS) Elastic Block Store (EBS) volume. -If you have enough RAM and a recent CPU the speed of GitLab is mainly limited by hard drive seek times. Having a fast drive (7200 RPM and up) or a solid state drive (SSD) will improve the responsiveness of GitLab. +If you have enough RAM and a recent CPU the speed of GitLab is mainly limited by hard drive seek times. Having a fast drive (7200 RPM and up) or a solid state drive (SSD) improves the responsiveness of GitLab. NOTE: Since file system performance may affect the overall performance of GitLab, @@ -141,7 +141,7 @@ The following is the recommended minimum Memory hardware guidance for a handful - More users? Consult the [reference architectures page](../administration/reference_architectures/index.md) In addition to the above, we generally recommend having at least 2GB of swap on your server, -even if you currently have enough available RAM. Having swap will help reduce the chance of errors occurring +even if you currently have enough available RAM. Having swap helps to reduce the chance of errors occurring if your available memory changes. We also recommend configuring the kernel's swappiness setting to a low value like `10` to make the most of your RAM while still having the swap available when needed. @@ -204,7 +204,7 @@ The recommended number of workers is calculated as the highest of the following: For example a node with 4 cores should be configured with 3 Puma workers. You can increase the number of Puma workers, providing enough CPU and memory capacity is available. -A higher number of Puma workers will usually help to reduce the response time of the application +A higher number of Puma workers usually helps to reduce the response time of the application and increase the ability to handle parallel requests. You must perform testing to verify the optimal settings for your infrastructure. @@ -214,7 +214,7 @@ The recommended number of threads is dependent on several factors, including tot of [legacy Rugged code](../administration/gitaly/index.md#direct-access-to-git-in-gitlab). - If the operating system has a maximum 2 GB of memory, the recommended number of threads is `1`. - A higher value will result in excess swapping, and decrease performance. + A higher value results in excess swapping, and decrease performance. - If legacy Rugged code is in use, the recommended number of threads is `1`. - In all other cases, the recommended number of threads is `4`. We don't recommend setting this higher, due to how [Ruby MRI multi-threading](https://en.wikipedia.org/wiki/Global_interpreter_lock) @@ -230,7 +230,7 @@ If you have a 1GB machine we recommend to configure only two Unicorn workers to swapping. As long as you have enough available CPU and memory capacity, it's okay to increase the number of -Unicorn workers and this will usually help to reduce the response time of the applications and +Unicorn workers and this usually helps to reduce the response time of the applications and increase the ability to handle parallel requests. To change the Unicorn workers when you have the Omnibus package (which defaults to the @@ -248,8 +248,7 @@ On a very active server (10,000 billable users) the Sidekiq process can use 1GB+ As of Omnibus GitLab 9.0, [Prometheus](https://prometheus.io) and its related exporters are enabled by default, to enable easy and in depth monitoring of -GitLab. Approximately 200MB of memory will be consumed by these processes, with -default settings. +GitLab. With default settings, these processes consume approximately 200MB of memory. If you would like to disable Prometheus and it's exporters or read more information about it, check the [Prometheus documentation](../administration/monitoring/prometheus/index.md). @@ -277,9 +276,9 @@ The GitLab Runner server requirements depend on: - Resources required to run build jobs. - Job concurrency settings. -Since the nature of the jobs varies for each use case, you will need to experiment by adjusting the job concurrency to get the optimum setting. +Since the nature of the jobs varies for each use case, you need to experiment by adjusting the job concurrency to get the optimum setting. -For reference, GitLab.com's [auto-scaling shared runner](../user/gitlab_com/index.md#shared-runners) is configured so that a **single job** will run in a **single instance** with: +For reference, GitLab.com's [auto-scaling shared runner](../user/gitlab_com/index.md#shared-runners) is configured so that a **single job** runs in a **single instance** with: - 1vCPU. - 3.75GB of RAM. diff --git a/doc/integration/README.md b/doc/integration/README.md index c725cc08556..c5274535d98 100644 --- a/doc/integration/README.md +++ b/doc/integration/README.md @@ -1,105 +1,8 @@ --- -stage: Create -group: Ecosystem -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: 'index.md' --- -# GitLab integrations **(FREE)** +This document was moved to [another location](index.md). -GitLab can be integrated with external services for enhanced functionality. - -## Issue trackers - -You can use an [external issue tracker](external-issue-tracker.md) at the same time as the GitLab -issue tracker, or use only the external issue tracker. - -## Authentication sources - -GitLab can be configured to authenticate access requests with the following authentication sources: - -- Enable the [Auth0 OmniAuth](auth0.md) provider. -- Enable sign in with [Bitbucket](bitbucket.md) accounts. -- Configure GitLab to sign in using [CAS](cas.md). -- Integrate with [Kerberos](kerberos.md). -- Enable sign in via [LDAP](../administration/auth/ldap/index.md). -- Enable [OAuth2 provider](oauth_provider.md) application creation. -- Use [OmniAuth](omniauth.md) to enable sign in via Twitter, GitHub, GitLab.com, Google, - Bitbucket, Facebook, Shibboleth, SAML, Crowd, Azure, or Authentiq ID. -- Use GitLab as an [OpenID Connect](openid_connect_provider.md) identity provider. -- Authenticate to [Vault](vault.md) through GitLab OpenID Connect. -- Configure GitLab as a [SAML](saml.md) 2.0 Service Provider. - -## Security enhancements - -GitLab can be integrated with the following external services to enhance security: - -- [Akismet](akismet.md) helps reduce spam. -- Google [reCAPTCHA](recaptcha.md) helps verify new users. - -GitLab also provides features to improve the security of your own application. For more details see [GitLab Secure](../user/application_security/index.md). - -## Security partners - -GitLab has integrated with several security partners. For more information, see -[Security partners integration](security_partners/index.md). - -## Continuous integration - -GitLab can be integrated with the following external service for continuous integration: - -- [Jenkins](jenkins.md) CI. - -## Feature enhancements - -GitLab can be integrated with the following enhancements: - -- Add GitLab actions to [Gmail actions buttons](gmail_action_buttons_for_gitlab.md). -- Configure [PlantUML](../administration/integration/plantuml.md) -or [Kroki](../administration/integration/kroki.md) to use diagrams in AsciiDoc and Markdown documents. -- Attach merge requests to [Trello](trello_power_up.md) cards. -- Enable integrated code intelligence powered by [Sourcegraph](sourcegraph.md). -- Add [Elasticsearch](elasticsearch.md) for [Advanced Search](../user/search/advanced_search.md). - -## Integrations - -Integration with services such as Campfire, Flowdock, Jira, Pivotal Tracker, and Slack are available as [Integrations](../user/project/integrations/overview.md). - -## Troubleshooting - -### SSL certificate errors - -When trying to integrate GitLab with services using self-signed certificates, -SSL certificate errors can occur in different parts of the application. Sidekiq -is a common culprit. - -There are two approaches you can take to solve this: - -1. Add the root certificate to the trusted chain of the OS. -1. If using Omnibus, you can add the certificate to the GitLab trusted certificates. - -**OS main trusted chain** - -This [resource](https://manuals.gfi.com/en/kerio/connect/content/server-configuration/ssl-certificates/adding-trusted-root-certificates-to-the-server-1605.html) -has all the information you need to add a certificate to the main trusted chain. - -This [answer](https://superuser.com/questions/437330/how-do-you-add-a-certificate-authority-ca-to-ubuntu) -at Super User also has relevant information. - -**Omnibus Trusted Chain** - -[Install the self signed certificate or custom certificate authorities](https://docs.gitlab.com/omnibus/common_installation_problems/README.html#using-self-signed-certificate-or-custom-certificate-authorities) -in to Omnibus GitLab. - -It is enough to concatenate the certificate to the main trusted certificate -however it may be overwritten during upgrades: - -```shell -cat jira.pem >> /opt/gitlab/embedded/ssl/certs/cacert.pem -``` - -After that restart GitLab with: - -```shell -sudo gitlab-ctl restart -``` +<!-- This redirect file can be deleted after <2021-07-30>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/integration/elasticsearch.md b/doc/integration/elasticsearch.md index a6c3afceeea..68e3f6c76c3 100644 --- a/doc/integration/elasticsearch.md +++ b/doc/integration/elasticsearch.md @@ -31,7 +31,7 @@ and the advantage of the [special searches](../user/search/advanced_search.md). Elasticsearch requires additional resources in excess of those documented in the [GitLab system requirements](../install/requirements.md). -The amount of resources (memory, CPU, storage) will vary greatly, based on the +The amount of resources (memory, CPU, storage) varies greatly, based on the amount of data being indexed into the Elasticsearch cluster. According to [Elasticsearch official guidelines](https://www.elastic.co/guide/en/elasticsearch/guide/current/hardware.html#_memory), each node should have: @@ -44,8 +44,8 @@ A few notes on CPU and storage: - CPU requirements for Elasticsearch tend to be minimal. There are specific scenarios where this isn't true, but GitLab.com isn't using Elasticsearch in - an exceptionally CPU-heavy way. More cores will be more performant than faster - CPUs. Extra concurrency from multiple cores will far outweigh a slightly + an exceptionally CPU-heavy way. More cores are more performant than faster + CPUs. Extra concurrency from multiple cores far outweighs a slightly faster clock speed in Elasticsearch. - Storage requirements for Elasticsearch are important, especially for @@ -60,7 +60,7 @@ A few notes on CPU and storage: for the calculation. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/221177) in GitLab 13.10. Keep in mind, these are **minimum requirements** for Elasticsearch. -Heavily-used Elasticsearch clusters will likely require considerably more +Heavily-used Elasticsearch clusters likely require considerably more resources. ## Installing Elasticsearch @@ -77,26 +77,26 @@ service. Running Elasticsearch on the same server as GitLab is not recommended and can cause a degradation in GitLab instance performance. **For a single node Elasticsearch cluster the functional cluster health status -will be yellow** (will never be green) because the primary shard is allocated but +is yellow** (will never be green) because the primary shard is allocated but replicas can not be as there is no other node to which Elasticsearch can assign a replica. After the data is added to the database or repository and [Elasticsearch is -enabled in the Admin Area](#enabling-advanced-search) the search index will be +enabled in the Admin Area](#enabling-advanced-search) the search index is updated automatically. ## Upgrading to a new Elasticsearch major version Since Elasticsearch can read and use indices created in the previous major version, you don't need to change anything in the GitLab configuration when upgrading Elasticsearch. -The only thing worth noting is that if you have created your current index before GitLab 13.0, you might want to reindex from scratch (which will implicitly create an alias) in order to use some features, for example [Zero downtime reindexing](#zero-downtime-reindexing). Once you do that, you'll be able to perform zero-downtime reindexing and will benefit from any future features that make use of the alias. +The only thing worth noting is that if you have created your current index before GitLab 13.0, you might want to reindex from scratch (which implicitly creates an alias) in order to use some features, for example [Zero downtime reindexing](#zero-downtime-reindexing). Once you do that, you are able to perform zero-downtime reindexing and will benefit from any future features that make use of the alias. If you are unsure when your current index was created, you can check whether it was created after GitLab 13.0 by using the [Elasticsearch cat aliases API](https://www.elastic.co/guide/en/elasticsearch/reference/7.11/cat-alias.html). If the list of aliases returned contains an entry for `gitlab-production` that points to an index named `gitlab-production-<numerical timestamp>`, your index was created after GitLab 13.0. -If the `gitlab-production` alias is missing, you'll need to reindex from scratch to use +If the `gitlab-production` alias is missing, you need to reindex from scratch to use features such as Zero-downtime reindexing. ## Elasticsearch repository indexer @@ -108,6 +108,7 @@ The way you install the Go indexer depends on your version of GitLab: - For Omnibus GitLab 11.8 or greater, see [Omnibus GitLab](#omnibus-gitlab). - For installations from source or older versions of Omnibus GitLab, [install the indexer from source](#from-source). +- If you are using GitLab Development Kit, see [GDK Elasticsearch how-to](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/elasticsearch.md) ### Omnibus GitLab @@ -116,7 +117,7 @@ The former Ruby-based indexer was removed in [GitLab 12.3](https://gitlab.com/gi ### From source -First, we need to install some dependencies, then we'll build and install +First, we need to install some dependencies, then we build and install the indexer itself. This project relies on [ICU](http://site.icu-project.org/) for text encoding, @@ -229,7 +230,9 @@ The following Elasticsearch settings are available: | `Elasticsearch indexing` | Enables or disables Elasticsearch indexing and creates an empty index if one does not already exist. You may want to enable indexing but disable search in order to give the index time to be fully completed, for example. Also, keep in mind that this option doesn't have any impact on existing data, this only enables/disables the background indexer which tracks data changes and ensures new data is indexed. | | `Pause Elasticsearch indexing` | Enables or disables temporary indexing pause. This is useful for cluster migration/reindexing. All changes are still tracked, but they are not committed to the Elasticsearch index until resumed. | | `Search with Elasticsearch enabled` | Enables or disables using Elasticsearch in search. | -| `URL` | The URL to use for connecting to Elasticsearch. Use a comma-separated list to support clustering (e.g., `http://host1, https://host2:9200`). If your Elasticsearch instance is password protected, pass the `username:password` in the URL (e.g., `http://<username>:<password>@<elastic_host>:9200/`). Special characters in the username or password should use [percentage encoding](https://en.wikipedia.org/wiki/Percent-encoding). | +| `URL` | The URL of your Elasticsearch instance. Use a comma-separated list to support clustering (for example, `http://host1, https://host2:9200`). If your Elasticsearch instance is password-protected, use the `Username` and `Password` fields described below. Alternatively, use inline credentials such as `http://<username>:<password>@<elastic_host>:9200/`. | +| `Username` | The `username` of your Elasticsearch instance. | +| `Password` | The password of your Elasticsearch instance. | | `Number of Elasticsearch shards` | Elasticsearch indexes are split into multiple shards for performance reasons. In general, you should use at least 5 shards, and indexes with tens of millions of documents need to have more shards ([see below](#guidance-on-choosing-optimal-cluster-configuration)). Changes to this value do not take effect until the index is recreated. You can read more about tradeoffs in the [Elasticsearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/scalability.html). | | `Number of Elasticsearch replicas` | Each Elasticsearch shard can have a number of replicas. These are a complete copy of the shard, and can provide increased query performance or resilience against hardware failure. Increasing this value will greatly increase total disk space required by the index. | | `Limit namespaces and projects that can be indexed` | Enabling this will allow you to select namespaces and projects to index. All other namespaces and projects will use database search instead. Please note that if you enable this option but do not select any namespaces or projects, none will be indexed. [Read more below](#limiting-namespaces-and-projects). @@ -326,16 +329,57 @@ index alias to it which becomes the new `primary` index. At the end, we resume t > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/34069) in GitLab 13.2. > - A scheduled index deletion and the ability to cancel it was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/38914) in GitLab 13.3. +> - Support for retries during reindexing was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55681) in GitLab 13.12. -Under **Admin Area > Settings > Advanced Search > Elasticsearch zero-downtime reindexing**, click on **Trigger cluster reindexing**. +To trigger the reindexing process: + +1. Sign in to your GitLab instance as an administrator. +1. Go to **Admin Area > Settings > Advanced Search > Elasticsearch zero-downtime reindexing**. +1. Select **Trigger cluster reindexing**. Reindexing can be a lengthy process depending on the size of your Elasticsearch cluster. -WARNING: -After the reindexing is completed, the original index will be scheduled to be deleted after 14 days. You can cancel this action by pressing the cancel button. +After this process is completed, the original index is scheduled to be deleted after +14 days. You can cancel this action by pressing the **Cancel** button on the same +page you triggered the reindexing process. While the reindexing is running, you will be able to follow its progress under that same section. +#### Elasticsearch zero-downtime reindexing + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55681) in GitLab 13.12. + +The following reindex settings are available in **Admin Area > Settings > Advanced Search > Elasticsearch zero-downtime reindexing**: + +- [Slice multiplier](#slice-multiplier) +- [Maximum running slices](#maximum-running-slices) + +##### Slice multiplier + +The slice multiplier calculates the [number of slices during reindexing](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html#docs-reindex-slice). + +GitLab uses [manual slicing](https://www.elastic.co/guide/en/elasticsearch/reference/current/docs-reindex.html#docs-reindex-manual-slice) +to control the reindex efficiently and safely, which enables users to retry only +failed slices. + +The multiplier defaults to `2` and applies to the number of shards per index. +For example, if this value is `2` and your index has 20 shards, then the +reindex task is split into 40 slices. + +##### Maximum running slices + +The maximum running slices parameter defaults to `60` and corresponds to the +maximum number of slices allowed to run concurrently during Elasticsearch +reindexing. + +Setting this value too high can have adverse performance impacts as your cluster +may become heavily saturated with searches and writes. Setting this value too +low may lead the reindexing process to take a very long time to complete. + +The best value for this will depend on your cluster size, whether you're willing +to accept some degraded search performance during reindexing, and how important +it is for the reindex to finish quickly and resume indexing. + ### Mark the most recent reindex job as failed and resume the indexing Sometimes, you might want to abandon the unfinished reindex job and resume the indexing. You can achieve this via the following steps: @@ -950,3 +994,18 @@ Advanced Search will store all the projects in the same Elasticsearch indexes, however searches will only surface results that can be viewed by the user. Advanced Search will honor all permission checks in the application by filtering out projects that a user does not have access to at search time. + +### Access requirements for the self-managed AWS Elasticsearch Service + +To use the self-managed AWS Elasticsearch Service with GitLab, configure your instance's domain access policies +to contain the actions below. +See [Identity and Access Management in Amazon Elasticsearch Service](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html) for details. + +```plaintext +es:ESHttpDelete +es:ESHttpGet +es:ESHttpHead +es:ESHttpPost +es:ESHttpPut +es:ESHttpPatch +``` diff --git a/doc/integration/external-issue-tracker.md b/doc/integration/external-issue-tracker.md index 4e00057c4b7..e82c21947e2 100644 --- a/doc/integration/external-issue-tracker.md +++ b/doc/integration/external-issue-tracker.md @@ -31,7 +31,7 @@ Visit the links below for details: - [Bugzilla](../user/project/integrations/bugzilla.md) - [Custom Issue Tracker](../user/project/integrations/custom_issue_tracker.md) - [Engineering Workflow Management](../user/project/integrations/ewm.md) -- [Jira](../user/project/integrations/jira.md) +- [Jira](../integration/jira/index.md) - [Redmine](../user/project/integrations/redmine.md) - [YouTrack](../user/project/integrations/youtrack.md) diff --git a/doc/integration/index.md b/doc/integration/index.md new file mode 100644 index 00000000000..c725cc08556 --- /dev/null +++ b/doc/integration/index.md @@ -0,0 +1,105 @@ +--- +stage: Create +group: Ecosystem +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# GitLab integrations **(FREE)** + +GitLab can be integrated with external services for enhanced functionality. + +## Issue trackers + +You can use an [external issue tracker](external-issue-tracker.md) at the same time as the GitLab +issue tracker, or use only the external issue tracker. + +## Authentication sources + +GitLab can be configured to authenticate access requests with the following authentication sources: + +- Enable the [Auth0 OmniAuth](auth0.md) provider. +- Enable sign in with [Bitbucket](bitbucket.md) accounts. +- Configure GitLab to sign in using [CAS](cas.md). +- Integrate with [Kerberos](kerberos.md). +- Enable sign in via [LDAP](../administration/auth/ldap/index.md). +- Enable [OAuth2 provider](oauth_provider.md) application creation. +- Use [OmniAuth](omniauth.md) to enable sign in via Twitter, GitHub, GitLab.com, Google, + Bitbucket, Facebook, Shibboleth, SAML, Crowd, Azure, or Authentiq ID. +- Use GitLab as an [OpenID Connect](openid_connect_provider.md) identity provider. +- Authenticate to [Vault](vault.md) through GitLab OpenID Connect. +- Configure GitLab as a [SAML](saml.md) 2.0 Service Provider. + +## Security enhancements + +GitLab can be integrated with the following external services to enhance security: + +- [Akismet](akismet.md) helps reduce spam. +- Google [reCAPTCHA](recaptcha.md) helps verify new users. + +GitLab also provides features to improve the security of your own application. For more details see [GitLab Secure](../user/application_security/index.md). + +## Security partners + +GitLab has integrated with several security partners. For more information, see +[Security partners integration](security_partners/index.md). + +## Continuous integration + +GitLab can be integrated with the following external service for continuous integration: + +- [Jenkins](jenkins.md) CI. + +## Feature enhancements + +GitLab can be integrated with the following enhancements: + +- Add GitLab actions to [Gmail actions buttons](gmail_action_buttons_for_gitlab.md). +- Configure [PlantUML](../administration/integration/plantuml.md) +or [Kroki](../administration/integration/kroki.md) to use diagrams in AsciiDoc and Markdown documents. +- Attach merge requests to [Trello](trello_power_up.md) cards. +- Enable integrated code intelligence powered by [Sourcegraph](sourcegraph.md). +- Add [Elasticsearch](elasticsearch.md) for [Advanced Search](../user/search/advanced_search.md). + +## Integrations + +Integration with services such as Campfire, Flowdock, Jira, Pivotal Tracker, and Slack are available as [Integrations](../user/project/integrations/overview.md). + +## Troubleshooting + +### SSL certificate errors + +When trying to integrate GitLab with services using self-signed certificates, +SSL certificate errors can occur in different parts of the application. Sidekiq +is a common culprit. + +There are two approaches you can take to solve this: + +1. Add the root certificate to the trusted chain of the OS. +1. If using Omnibus, you can add the certificate to the GitLab trusted certificates. + +**OS main trusted chain** + +This [resource](https://manuals.gfi.com/en/kerio/connect/content/server-configuration/ssl-certificates/adding-trusted-root-certificates-to-the-server-1605.html) +has all the information you need to add a certificate to the main trusted chain. + +This [answer](https://superuser.com/questions/437330/how-do-you-add-a-certificate-authority-ca-to-ubuntu) +at Super User also has relevant information. + +**Omnibus Trusted Chain** + +[Install the self signed certificate or custom certificate authorities](https://docs.gitlab.com/omnibus/common_installation_problems/README.html#using-self-signed-certificate-or-custom-certificate-authorities) +in to Omnibus GitLab. + +It is enough to concatenate the certificate to the main trusted certificate +however it may be overwritten during upgrades: + +```shell +cat jira.pem >> /opt/gitlab/embedded/ssl/certs/cacert.pem +``` + +After that restart GitLab with: + +```shell +sudo gitlab-ctl restart +``` diff --git a/doc/integration/jira/connect-app.md b/doc/integration/jira/connect-app.md index b096d5bff61..a080d513afa 100644 --- a/doc/integration/jira/connect-app.md +++ b/doc/integration/jira/connect-app.md @@ -4,12 +4,12 @@ group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# GitLab for Jira app **(FREE SAAS)** +# GitLab.com for Jira Cloud app **(FREE SAAS)** You can integrate GitLab.com and Jira Cloud using the -[GitLab for Jira](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud) -app in the Atlassian Marketplace. The user configuring GitLab for Jira must have -[Maintainer](../../user/permissions.md) permissions in the GitLab namespace. +[GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud) +app in the Atlassian Marketplace. The user configuring GitLab.com for Jira Cloud must have +[Maintainer](../../user/permissions.md) permissions in the GitLab.com namespace. This integration method supports [smart commits](dvcs.md#smart-commits). @@ -18,30 +18,30 @@ synchronized in real-time. The DVCS connector updates data only once per hour. If you are not using both of these environments, use the [Jira DVCS Connector](dvcs.md) method. <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For a walkthrough of the integration with GitLab for Jira, watch -[Configure GitLab Jira Integration using Marketplace App](https://youtu.be/SwR-g1s1zTo) on YouTube. +For a walkthrough of the integration with GitLab.com for Jira Cloud, watch +[Configure GitLab.com Jira Could Integration using Marketplace App](https://youtu.be/SwR-g1s1zTo) on YouTube. 1. Go to **Jira Settings > Apps > Find new apps**, then search for GitLab. -1. Click **GitLab for Jira**, then click **Get it now**, or go to the +1. Click **GitLab.com for Jira Cloud**, then click **Get it now**, or go to the [App in the marketplace directly](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud). -  +  1. After installing, click **Get started** to go to the configurations page. This page is always available under **Jira Settings > Apps > Manage apps**. -  +  1. If not already signed in to GitLab.com, you must sign in as a user with [Maintainer](../../user/permissions.md) permissions to add namespaces. -  +  1. Select **Add namespace** to open the list of available namespaces. 1. Identify the namespace you want to link, and select **Link**. -  +  NOTE: -The GitLab user only needs access when adding a new namespace. For syncing with +The GitLab.com user only needs access when adding a new namespace. For syncing with Jira, we do not depend on the user's token. After a namespace is added: @@ -52,10 +52,10 @@ After a namespace is added: Support for syncing past branch and commit data [is planned](https://gitlab.com/gitlab-org/gitlab/-/issues/263240). -## Install the GitLab Jira Cloud application for self-managed instances **(FREE SELF)** +## Install the GitLab.com for Jira Cloud application for self-managed instances **(FREE SELF)** If your GitLab instance is self-managed, you must follow some -extra steps to install the GitLab Jira Cloud application. +extra steps to install the GitLab.com for Jira Cloud application. Each Jira Cloud application must be installed from a single location. Jira fetches a [manifest file](https://developer.atlassian.com/cloud/jira/platform/connect-app-descriptor/) @@ -91,7 +91,7 @@ from outside the Marketplace, which allows you to install the application: 1. Disable [development mode](https://developer.atlassian.com/cloud/jira/platform/getting-started-with-connect/#step-2--enable-development-mode) on your Jira instance. -The **GitLab for Jira** app now displays under **Manage apps**. You can also +The **GitLab.com for Jira Cloud** app now displays under **Manage apps**. You can also click **Get started** to open the configuration page rendered from your GitLab instance. NOTE: @@ -121,9 +121,9 @@ for details. NOTE: DVCS means distributed version control system. -## Troubleshooting GitLab for Jira +## Troubleshooting GitLab.com for Jira Cloud -The GitLab for Jira App uses an iframe to add namespaces on the settings page. Some browsers block cross-site cookies. This can lead to a message saying that the user needs to log in on GitLab.com even though the user is already logged in. +The GitLab.com for Jira Cloud app uses an iframe to add namespaces on the settings page. Some browsers block cross-site cookies. This can lead to a message saying that the user needs to log in on GitLab.com even though the user is already logged in. > "You need to sign in or sign up before continuing." diff --git a/doc/integration/jira/development_panel.md b/doc/integration/jira/development_panel.md index 1617e950104..3aba2e3b3a0 100644 --- a/doc/integration/jira/development_panel.md +++ b/doc/integration/jira/development_panel.md @@ -8,55 +8,75 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/233149) to GitLab Free in 13.4. -The Jira Development panel integration allows you to reference Jira issues in GitLab, displaying -activity in the [Development panel](https://support.atlassian.com/jira-software-cloud/docs/view-development-information-for-an-issue/) -in the issue. +With the Jira Development panel integration, you can reference Jira issues in GitLab. +When configured, activity (such as pipeline, deployment, and feature flags) displays in the Jira issue's +[Development panel](https://support.atlassian.com/jira-software-cloud/docs/view-development-information-for-an-issue/). +From the Development panel, you can open a detailed view and +[take various actions](#use-the-integration), including creating a new merge request from a branch: -It complements the [GitLab Jira integration](../../user/project/integrations/jira.md). You may choose -to configure both integrations to take advantage of both sets of features. See a -[feature comparison](index.md#direct-feature-comparison). + -## Features +The information displayed in the Jira Development panel depends on where you mention the Jira issue ID: | Your mention of Jira issue ID in GitLab context | Automated effect in Jira issue | |---------------------------------------------------|--------------------------------------------------------------------------------------------------------| | In a merge request | Link to the MR is displayed in Development panel. | | In a branch name | Link to the branch is displayed in Development panel. | | In a commit message | Link to the commit is displayed in Development panel. | -| In a commit message with Jira Smart Commit format | Displays your custom comment or logged time spent and/or performs specified issue transition on merge. | - -With this integration, you can access related GitLab merge requests, branches, and commits directly from a Jira issue, reflecting your work in GitLab. From the Development panel, you can open a detailed view and take actions including creating a new merge request from a branch. For more information, see [Usage](#usage). +| In a commit message with Jira [Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html) | Displays your custom comment or logged time spent and/or performs specified issue transition on merge. | This integration connects all GitLab projects to projects in the Jira instance in either: -- A top-level group. A top-level GitLab group is one that does not have any parent group itself. All - the projects of that top-level group, as well as projects of the top-level group's subgroups nesting - down, are connected. -- A personal namespace, which then connects the projects in that personal namespace to Jira. +- A top-level GitLab group: Connects the projects in a group with no parent group, + including the projects in its subgroups. +- A personal namespace: Connects the projects in that personal namespace to Jira. + +This differs from the [Jira integration](index.md), +where the mapping is between one GitLab project and the entire Jira instance. +You can install both integrations to take advantage of both sets of features. +A [feature comparison](index.md#direct-feature-comparison) is available. + +## Use the integration + +After the integration is [set up on GitLab and Jira](#configure-the-integration), you can: -This differs from the [Jira integration](../../user/project/integrations/jira.md), where the mapping is between one GitLab project and the entire Jira instance. +- Refer to any Jira issue by its ID (in uppercase) in GitLab branch names, + commit messages, and merge request titles. +- See the linked branches, commits, and merge requests in Jira issues: -Additional features provided by the Jira Development Panel integration include: +Merge requests are called "pull requests" in Jira issues. + +Select the links to see your GitLab repository data. + + + + -- In a Jira issue, display relevant GitLab information in the [development panel](https://support.atlassian.com/jira-software-cloud/docs/view-development-information-for-an-issue/), including related branches, commits, and merge requests. -- Use Jira [Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html) in GitLab to add Jira comments, log time spent on the issue, or apply any issue transition. -- Showing pipeline, deployment, and feature flags in Jira issues. +### Use Jira Smart Commits -## Configuration +With Jira [Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html), +you can use GitLab to add Jira comments, log time spent on the issue, or apply any issue transition. + +For more information about using Jira Smart Commits to track time against an issue, specify +an issue transition, or add a custom comment, read the Atlassian page +[Using Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html). + +## Configure the integration <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For an overview of how to configure Jira Development panel integration, see [Agile Management - GitLab Jira Development panel integration](https://www.youtube.com/watch?v=VjVTOmMl85M&feature=youtu.be). +For an overview of how to configure Jira Development panel integration, see +[Agile Management - GitLab Jira Development panel integration](https://www.youtube.com/watch?v=VjVTOmMl85M). -We recommend that a GitLab group maintainer or group owner, or instance administrator (in the case of -self-managed GitLab) set up the integration to simplify administration. +To simplify administration, we recommend that a GitLab group maintainer or group owner +(or instance administrator in the case of self-managed GitLab) set up the integration. -| If you use Jira on: | GitLab.com customers need: | GitLab self-managed customers need: | -|-|-|-| -| [Atlassian cloud](https://www.atlassian.com/cloud) | The [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview) application installed from the [Atlassian Marketplace](https://marketplace.atlassian.com). This offers real-time sync between GitLab and Jira. | The [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview), using a workaround process. See the documentation for [installing the GitLab Jira Cloud application for self-managed instances](connect-app.md#install-the-gitlab-jira-cloud-application-for-self-managed-instances) for more information. | +| Jira usage | GitLab.com customers need | GitLab self-managed customers need | +|------------|---------------------------|------------------------------------| +| [Atlassian cloud](https://www.atlassian.com/cloud) | The [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview) application installed from the [Atlassian Marketplace](https://marketplace.atlassian.com). This offers real-time sync between GitLab and Jira. | The [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview), using a workaround process. See the documentation for [installing the GitLab Jira Cloud application for self-managed instances](connect-app.md#install-the-gitlabcom-for-jira-cloud-application-for-self-managed-instances) for more information. | | Your own server | The Jira DVCS (distributed version control system) connector. This syncs data hourly. | The [Jira DVCS Connector](dvcs.md). | -Each GitLab project can be configured to connect to an entire Jira instance. That means one GitLab -project can interact with _all_ Jira projects in that instance, once configured. For: +Each GitLab project can be configured to connect to an entire Jira instance. That means after +configuration, one GitLab project can interact with all Jira projects in that instance. For: - The [view Jira issues](issues.md#view-jira-issues) feature, you must associate a GitLab project with a specific Jira project. @@ -68,88 +88,67 @@ documentation for [central administration of project integrations](../../user/ad To enable the Jira service in GitLab, you must: -1. Configure the project in Jira. -1. Enter the correct values in GitLab. +1. [Configure the project in Jira](dvcs.md#configure-jira-for-dvcs). + The supported Jira versions are `v6.x`, `v7.x`, and `v8.x`. +1. [Enter the correct values in GitLab](#configure-gitlab). ### Configure GitLab -> **Notes:** -> -> - The supported Jira versions are `v6.x`, `v7.x`, and `v8.x`. -> - In order to support Oracle's Access Manager, GitLab sends additional cookies -> to enable Basic Auth. The cookie being added to each request is `OBBasicAuth` with -> a value of `fromDialog`. - -To enable the Jira integration in a project: - -1. Go to the project's [Integrations page](../../user/project/integrations/overview.md#accessing-integrations) and select the - **Jira** service. +To enable the integration in your GitLab project, after you +[configure your Jira project](dvcs.md#configure-jira-for-dvcs): +1. Ensure your GitLab installation does not use a relative URL, as described in + [Limitations](#limitations). +1. Go to your project and select [**Settings > Integrations**](../../user/project/integrations/overview.md#accessing-integrations). +1. Select **Jira**. 1. Select **Enable integration**. - -1. Select **Trigger** actions. - This determines whether a mention of a Jira issue in GitLab commits, merge requests, or both, - should link the Jira issue back to that source commit/MR and transition the Jira issue, if - indicated. - -1. To include a comment on the Jira issue when the above reference is made in GitLab, select +1. Select **Trigger** actions. Your choice determines whether a mention of Jira issue + (in a GitLab commit, merge request, or both) creates a cross-link in Jira back to GitLab. +1. To comment in the Jira issue when a **Trigger** action is made in GitLab, select **Enable comments**. - -1. To transition Jira issues when a [closing reference](../../user/project/issues/managing_issues.md#closing-issues-automatically) is made in GitLab, - select **Enable Jira transitions**. - -1. Enter the further details on the page as described in the following table. - - | Field | Description | - | ----- | ----------- | - | `Web URL` | The base URL to the Jira instance web interface which is being linked to this GitLab project. For example, `https://jira.example.com`. | - | `Jira API URL` | The base URL to the Jira instance API. Web URL value is used if not set. For example, `https://jira-api.example.com`. Leave this field blank (or use the same value of `Web URL`) if using **Jira on Atlassian cloud**. | - | `Username or Email` | Created in [configure Jira](dvcs.md#configure-jira-for-dvcs) step. Use `username` for **Jira Server** or `email` for **Jira on Atlassian cloud**. | - | `Password/API token` | Created in [configure Jira](dvcs.md#configure-jira-for-dvcs) step. Use `password` for **Jira Server** or `API token` for **Jira on Atlassian cloud**. | - +1. To transition Jira issues when a + [closing reference](../../user/project/issues/managing_issues.md#closing-issues-automatically) + is made in GitLab, select **Enable Jira transitions**. +1. Provide Jira configuration information: + - **Web URL**: The base URL to the Jira instance web interface you're linking to + this GitLab project, such as `https://jira.example.com`. + - **Jira API URL**: The base URL to the Jira instance API, such as `https://jira-api.example.com`. + Defaults to the **Web URL** value if not set. Leave blank if using **Jira on Atlassian cloud**. + - **Username or Email**: Created when you [configured Jira](dvcs.md#configure-jira-for-dvcs). + For **Jira Server**, use `username`. For **Jira on Atlassian cloud**, use `email`. + - **Password/API token**: Created when you [configured Jira](dvcs.md#configure-jira-for-dvcs). + Use `password` for **Jira Server** or `API token` for **Jira on Atlassian cloud**. 1. To enable users to view Jira issues inside the GitLab project, select **Enable Jira issues** and enter a Jira project key. **(PREMIUM)** - You can only display issues from a single Jira project within a given GitLab project. + You can display issues only from a single Jira project in a given GitLab project. WARNING: - If you enable Jira issues with the setting above, all users that have access to this GitLab project - are able to view all issues from the specified Jira project. - -1. To enable creation of issues for vulnerabilities, select **Enable Jira issues creation from vulnerabilities**. - - 1. Select the **Jira issue type**. If the dropdown is empty, select refresh (**{retry}**) and try again. + If you enable Jira issues with this setting, all users with access to this GitLab project + can view all issues from the specified Jira project. +1. To enable issue creation for vulnerabilities, select **Enable Jira issues creation from vulnerabilities**. +1. Select the **Jira issue type**. If the dropdown is empty, select refresh (**{retry}**) and try again. 1. To verify the Jira connection is working, select **Test settings**. - 1. Select **Save changes**. Your GitLab project can now interact with all Jira projects in your instance and the project now displays a Jira link that opens the Jira project. -## Usage - -After the integration is set up on GitLab and Jira, you can: - -- Refer to any Jira issue by its ID in GitLab branch names, commit messages, and merge request - titles. -- See the linked branches, commits, and merge requests in Jira issues (merge requests are - called "pull requests" in Jira issues). - -Jira issue IDs must be formatted in uppercase for the integration to work. - - +## Limitations -Click the links to see your GitLab repository data. +This integration is not supported on GitLab instances under a +[relative URL](https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-a-relative-url-for-gitlab). +For example, `http://example.com/gitlab`. - +## Related topics - +- [Using Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html) in Jira -For more information on using Jira Smart Commits to track time against an issue, specify an issue transition, or add a custom comment, see the Atlassian page [Using Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html). +## Troubleshooting -## Limitations +### Cookies for Oracle's Access Manager -This integration is not supported on GitLab instances under a -[relative URL](https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-a-relative-url-for-gitlab). -For example, `http://example.com/gitlab`. +To support Oracle's Access Manager, GitLab sends additional cookies +to enable Basic Auth. The cookie being added to each request is `OBBasicAuth` with +a value of `fromDialog`. diff --git a/doc/integration/jira/dvcs.md b/doc/integration/jira/dvcs.md index 5d315ebd802..89d1d70d6aa 100644 --- a/doc/integration/jira/dvcs.md +++ b/doc/integration/jira/dvcs.md @@ -4,7 +4,7 @@ group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Jira DVCS connector +# Jira DVCS connector **(FREE)** Use the Jira DVCS (distributed version control system) connector if you self-host either your Jira instance or your GitLab instance, and you want to sync information @@ -18,7 +18,7 @@ are accessible. - **Jira Cloud**: Your instance must be accessible through the internet. - **Jira Server**: Your network must allow access to your instance. -## Smart commits +## Smart Commits When connecting GitLab with Jira with DVCS, you can process your Jira issues using special commands, called @@ -31,12 +31,34 @@ in your commit messages. With Smart Commits, you can: Commands must be in the first line of the commit message. The [Jira Software documentation](https://support.atlassian.com/jira-software-cloud/docs/process-issues-with-smart-commits/) -contains more information about how smart commits work, and what commands are available +contains more information about how Smart Commits work, and what commands are available for your use. -For smart commits to work, the committing user on GitLab must have a corresponding +For Smart Commits to work, the committing user on GitLab must have a corresponding user on Jira with the same email address or username. +### Smart Commit syntax + +Smart Commits should follow the pattern of: + +```plaintext +<ISSUE_KEY> <ignored text> #<command> <optional command parameters> +``` + +Some examples: + +- Adding a comment to a Jira issue: `KEY-123 fixes a bug #comment Bug is fixed.` +- Recording time tracking: `KEY-123 #time 2w 4d 10h 52m Tracking work time.` +- Closing an issue: `KEY-123 #close Closing issue` + +A Smart Commit message must not span more than one line (no carriage returns) but +you can still perform multiple actions in a single commit: + +- Time tracking, commenting, and transitioning to **Closed**: + `KEY-123 #time 2d 5h #comment Task completed ahead of schedule #close`. +- Commenting, transitioning to **In-progress**, and time tracking: + `KEY-123 #comment started working on the issue #in-progress #time 12d 5h`. + ## Configure a GitLab application for DVCS We recommend you create and use a `jira` user in GitLab, and use the account only @@ -72,7 +94,7 @@ for the groups you specify, into Jira. This import takes a few minutes and, afte it completes, refreshes every 60 minutes: 1. Ensure you have completed the [GitLab configuration](#configure-a-gitlab-application-for-dvcs). -1. Go to your DVCS account: +1. Go to your DVCS accounts: - *For Jira Server,* go to **Settings (gear) > Applications > DVCS accounts**. - *For Jira Cloud,* go to **Settings (gear) > Products > DVCS accounts**. 1. To create a new integration, select the appropriate value for **Host**: @@ -94,12 +116,15 @@ it completes, refreshes every 60 minutes: 1. For **Client ID**, use the **Application ID** value from the previous section. 1. For **Client Secret**, use the **Secret** value from the previous section. 1. Ensure that the rest of the checkboxes are checked. -1. Select **Add** to complete and create the integration. +1. Select **Add** and then **Continue** to create the DVCS account. +1. Jira redirects to GitLab where you have to confirm the authorization, + and then GitLab redirects back to Jira where you should see the synced + projects show up inside the new account. To connect additional GitLab projects from other GitLab top-level groups, or personal namespaces, repeat the previous steps with additional Jira DVCS accounts. -After you configure the integration, read more about [how to test and use it](development_panel.md#usage). +After you configure the integration, read more about [how to test and use it](development_panel.md). ## Refresh data imported to Jira @@ -135,7 +160,7 @@ Problems with SSL and TLS can cause this error message: Error obtaining access token. Cannot access https://gitlab.example.com from Jira. ``` -- The [GitLab Jira integration](../../user/project/integrations/jira.md) requires +- The [GitLab Jira integration](index.md) requires GitLab to connect to Jira. Any TLS issues that arise from a private certificate authority or self-signed certificate are resolved [on the GitLab server](https://docs.gitlab.com/omnibus/settings/ssl.html#other-certificate-authorities), @@ -198,9 +223,8 @@ encounter these issues: To resolve this issue: -- If you're using GitLab Free or GitLab Starter, be sure you're using - GitLab 13.4 or later. -- *If you're using GitLab versions 11.10-12.7,* upgrade to GitLab 12.8.10 or later +- If you're using GitLab Free, be sure you're using GitLab 13.4 or later. +- If you're using GitLab versions 11.10-12.7, upgrade to GitLab 12.8.10 or later to resolve [an identified issue](https://gitlab.com/gitlab-org/gitlab/-/issues/37012). [Contact GitLab Support](https://about.gitlab.com/support/) if none of these reasons apply. diff --git a/doc/integration/jira/img/jira_dev_panel_jira_setup_5.png b/doc/integration/jira/img/jira_dev_panel_jira_setup_5.png Binary files differindex 73dc867d301..b143fc24355 100644 --- a/doc/integration/jira/img/jira_dev_panel_jira_setup_5.png +++ b/doc/integration/jira/img/jira_dev_panel_jira_setup_5.png diff --git a/doc/integration/jira/img/jira_merge_request_close.png b/doc/integration/jira/img/jira_merge_request_close.png Binary files differdeleted file mode 100644 index 9a176daf5f4..00000000000 --- a/doc/integration/jira/img/jira_merge_request_close.png +++ /dev/null diff --git a/doc/integration/jira/index.md b/doc/integration/jira/index.md index 221e50e5d66..2646a6c5e2e 100644 --- a/doc/integration/jira/index.md +++ b/doc/integration/jira/index.md @@ -62,6 +62,13 @@ The process for configuring Jira depends on whether you host Jira on your own se Atlassian cloud, an email and API token are required. For more information, read [set up a user in Jira on Atlassian cloud](jira_cloud_configuration.md). +## Privacy considerations + +If you integrate a private GitLab project with Jira using the [**Per-project Jira integration**](#per-project-jira-integration), +actions in GitLab issues and merge requests linked to a Jira issue leak information +about the private project to non-administrator Jira users. If your installation uses Jira Cloud, +you can use the [GitLab for Jira app](connect-app.md) to avoid this risk. + ## Troubleshooting If these features do not work as expected, it is likely due to a problem with the way the integration settings were configured. diff --git a/doc/integration/jira/issues.md b/doc/integration/jira/issues.md index d2cab59742b..91311f85310 100644 --- a/doc/integration/jira/issues.md +++ b/doc/integration/jira/issues.md @@ -6,168 +6,200 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Jira integration issue management **(FREE)** -By now you should have [configured Jira](development_panel.md#configuration) and enabled the -[Jira service in GitLab](development_panel.md#configure-gitlab). If everything is set up correctly -you should be able to reference and close Jira issues by just mentioning their -ID in GitLab commits and merge requests. +Integrating issue management with Jira requires you to [configure Jira](development_panel.md#configure-the-integration) +and [enable the Jira service](development_panel.md#configure-gitlab) in GitLab. +After you configure and enable the integration, you can reference and close Jira +issues by mentioning the Jira ID in GitLab commits and merge requests. -Jira issue IDs must be formatted in uppercase for the integration to work. +The Jira integration requires to you format any Jira issue IDs in uppercase. ## Reference Jira issues -When GitLab project has Jira issue tracker configured and enabled, mentioning -Jira issues in GitLab automatically adds a comment in Jira issue with the -link back to GitLab. This means that in comments in merge requests and commits -referencing an issue, `PROJECT-7` for example, adds a comment in Jira issue in the -format: +With this integration, you can cross-reference Jira issues while you work in +GitLab issues and merge requests. Mention a Jira issue in a GitLab issue, +merge request, or comment, and GitLab adds a formatted comment to the Jira issue. +The comment links back to your work in GitLab. -```plaintext -USER mentioned this issue in RESOURCE_NAME of [PROJECT_NAME|LINK_TO_COMMENT]: -ENTITY_TITLE +For example, this commit references the Jira issue `GIT-1`: + +```shell +git commit -m "GIT-1 this is a test commit" ``` -- `USER` A user that mentioned the issue. This is the link to the user profile in GitLab. -- `LINK_TO_THE_COMMENT` Link to the origin of mention with a name of the entity where Jira issue was mentioned. -- `RESOURCE_NAME` Kind of resource which referenced the issue. Can be a commit or merge request. -- `PROJECT_NAME` GitLab project name. -- `ENTITY_TITLE` Merge request title or commit message first line. +GitLab adds a reference to the **Issue Links** section of Jira issue `GIT-1`: - + -For example, the following commit references the Jira issue with `PROJECT-1` as its ID: +GitLab also adds a comment to the issue, and uses this format: -```shell -git commit -m "PROJECT-1 Fix spelling and grammar" +```plaintext +USER mentioned this issue in RESOURCE_NAME of [PROJECT_NAME|COMMENTLINK]: +ENTITY_TITLE ``` -## Close Jira issues +- `USER`: The name of the user who mentioned the issue, linked to their GitLab user profile. +- `COMMENTLINK`: A link to where the Jira issue was mentioned. +- `RESOURCE_NAME`: The type of resource, such as a commit or merge request, which referenced the issue. +- `PROJECT_NAME`: The GitLab project name. +- `ENTITY_TITLE`: The title of the merge request, or the first line of the commit. -Jira issues can be closed directly from GitLab by using trigger words in -commits and merge requests. When a commit which contains the trigger word -followed by the Jira issue ID in the commit message is pushed, GitLab -adds a comment in the mentioned Jira issue and immediately closes it (provided -the transition ID was set up correctly). +You can [disable comments](#disable-comments-on-jira-issues) on issues. -There are currently three trigger words, and you can use either one to achieve -the same goal: +### Require associated Jira issue for merge requests to be merged -- `Resolves PROJECT-1` -- `Closes PROJECT-1` -- `Fixes PROJECT-1` +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/280766) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.12 behind a feature flag, disabled by default. +> - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. +> - Disabled on GitLab.com. +> - Not recommended for production use. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-the-ability-to-require-an-associated-jira-issue-on-merge-requests). **(ULTIMATE SELF)** -where `PROJECT-1` is the ID of the Jira issue. +This in-development feature might not be available for your use. There can be +[risks when enabling features still in development](../../user/application_security/index.md#security-approvals-in-merge-requests). +Refer to this feature's version history for more details. -Note the following: +You can prevent merge requests from being merged if they do not refer to a Jira issue. +To enforce this: -- Only commits and merges into the project's default branch (usually `master`) - close an issue in Jira. You can change your project's default branch under - [project settings](img/jira_project_settings.png). -- The Jira issue is not transitioned if it has a resolution. +1. Navigate to your project's **Settings > General** page. +1. Expand the **Merge requests** section. +1. Under **Merge checks**, select the **Require an associated issue from Jira** check box. +1. Select **Save** for the changes to take effect. -Let's consider the following example: +After you enable this feature, a merge request that doesn't reference an associated +Jira issue can't be merged. The merge request displays the message +**To merge, a Jira issue key must be mentioned in the title or description.** -1. For the project named `PROJECT` in Jira, we implemented a new feature - and created a merge request in GitLab. -1. This feature was requested in Jira issue `PROJECT-7` and the merge request - in GitLab contains the improvement -1. In the merge request description we use the issue closing trigger - `Closes PROJECT-7`. -1. Once the merge request is merged, the Jira issue is automatically closed - with a comment and an associated link to the commit that resolved the issue. +## Close Jira issues in GitLab -In the following screenshot you can see what the link references to the Jira -issue look like. +If you have configured GitLab transition IDs, you can close a Jira issue directly +from GitLab. Use a trigger word followed by a Jira issue ID in a commit or merge request. +When you push a commit containing a trigger word and Jira issue ID, GitLab: - +1. Comments in the mentioned Jira issue. +1. Closes the Jira issue. If the Jira issue has a resolution, it isn't transitioned. -Once this merge request is merged, the Jira issue is automatically closed -with a link to the commit that resolved the issue. +For example, use any of these trigger words to close the Jira issue `PROJECT-1`: - +- `Resolves PROJECT-1` +- `Closes PROJECT-1` +- `Fixes PROJECT-1` -## View Jira issues **(PREMIUM)** +The commit or merge request must target your project's [default branch](../../user/project/repository/branches/default.md). +You can change your project's default branch under [project settings](img/jira_project_settings.png). -> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3622) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.2. +### Use case for closing issues -You can browse, search, and view issues from a selected Jira project directly in GitLab, -if your GitLab administrator [has configured it](development_panel.md#configure-gitlab): +Consider this example: -1. In the left navigation bar, go to **Jira > Issues list**. -1. The issue list sorts by **Created date** by default, with the newest issues listed at the top: +1. A user creates Jira issue `PROJECT-7` to request a new feature. +1. You create a merge request in GitLab to build the requested feature. +1. In the merge request, you add the issue closing trigger `Closes PROJECT-7`. +1. When the merge request is merged: + - GitLab closes the Jira issue for you: +  + - GitLab adds a formatted comment to Jira, linking back to the commit that + resolved the issue. You can [disable comments](#disable-comments-on-jira-issues). -  +## View Jira issues **(PREMIUM)** -1. To display the most recently updated issues first, click **Last updated**. -1. In GitLab versions 13.10 and later, you can view [individual Jira issues](#view-a-jira-issue). +> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3622) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.2. -Issues are grouped into tabs based on their [Jira status](https://confluence.atlassian.com/adminjiraserver070/defining-status-field-values-749382903.html): +You can browse, search, and view issues from a selected Jira project directly in GitLab, +if your GitLab administrator [has configured it](development_panel.md#configure-gitlab). -- The **Open** tab displays all issues with a Jira status in any category other than Done. -- The **Closed** tab displays all issues with a Jira status categorized as Done. -- The **All** tab displays all issues of any status. +To do this, in GitLab, go to your project and select **Jira > Issues list**. The issue list +sorts by **Created date** by default, with the newest issues listed at the top: -## View a Jira issue + -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299832) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.10 behind a feature flag, disabled by default. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/299832) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.11. +- To display the most recently updated issues first, select **Last updated**. +- You can [search and filter](#search-and-filter-the-issues-list) the issues list. +- In GitLab [versions 13.10 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/299832), + you can select an issue from the list to view it in GitLab: +  -When viewing the [Jira issues list](#view-jira-issues), select an issue from the -list to open it in GitLab: +Issues are grouped into tabs based on their +[Jira status](https://confluence.atlassian.com/adminjiraserver070/defining-status-field-values-749382903.html): - +- **Open** tab: All issues with a Jira status in any category other than Done. +- **Closed** tab: All issues with a Jira status categorized as Done. +- **All** tab: All issues of any status. ## Search and filter the issues list To refine the list of issues, use the search bar to search for any text -contained in an issue summary (title) or description. - -You can also filter by labels, status, reporter, and assignee using URL parameters. -Enhancements to be able to use these through the user interface are [planned](https://gitlab.com/groups/gitlab-org/-/epics/3622). +contained in an issue summary (title) or description. Use any combination +of these filters: - To filter issues by `labels`, specify one or more labels as part of the `labels[]` -parameter in the URL. When using multiple labels, only issues that contain all specified -labels are listed. `/-/integrations/jira/issues?labels[]=backend&labels[]=feature&labels[]=QA` - -- To filter issues by `status`, specify the `status` parameter in the URL. -`/-/integrations/jira/issues?status=In Progress` - + parameter in the URL. When using multiple labels, only issues that contain all specified + labels are listed: `/-/integrations/jira/issues?labels[]=backend&labels[]=feature&labels[]=QA` +- To filter issues by `status`, specify the `status` parameter in the URL: + `/-/integrations/jira/issues?status=In Progress` - To filter issues by `reporter`, specify a reporter's Jira display name for the -`author_username` parameter in the URL. `/-/integrations/jira/issues?author_username=John Smith` - + `author_username` parameter in the URL: `/-/integrations/jira/issues?author_username=John Smith` - To filter issues by `assignee`, specify their Jira display name for the -`assignee_username` parameter in the URL. `/-/integrations/jira/issues?assignee_username=John Smith` + `assignee_username` parameter in the URL: `/-/integrations/jira/issues?assignee_username=John Smith` + +Enhancements to use these filters through the user interface +[are planned](https://gitlab.com/groups/gitlab-org/-/epics/3622). ## Automatic issue transitions > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/...) in GitLab 13.10. -In this mode the referenced Jira issue is transitioned to the next available status with a category of "Done". +When you configure automatic issue transitions, you can transition a referenced +Jira issue to the next available status with a category of **Done**. To configure +this setting: -See the [Configure GitLab](development_panel.md#configure-gitlab) section, check the **Enable Jira transitions** setting and select the **Move to Done** option. +1. Refer to the [Configure GitLab](development_panel.md#configure-gitlab) instructions. +1. Select the **Enable Jira transitions** check box. +1. Select the **Move to Done** option. ## Custom issue transitions -For advanced workflows you can specify custom Jira transition IDs. +For advanced workflows, you can specify custom Jira transition IDs: -See the [Configure GitLab](development_panel.md#configure-gitlab) section, check the **Enable Jira transitions** setting, select the **Custom transitions** option, and enter your transition IDs in the text field. +1. Use the method based on your Jira subscription status: + - *(For users of Jira Cloud)* Obtain your transition IDs by editing a workflow + in the **Text** view. The transition IDs display in the **Transitions** column. + - *(For users of Jira Server)* Obtain your transition IDs in one of these ways: + - By using the API, with a request like `https://yourcompany.atlassian.net/rest/api/2/issue/ISSUE-123/transitions`, + using an issue that is in the appropriate "open" state. + - By mousing over the link for the transition you want and looking for the + **action** parameter in the URL. + The transition ID may vary between workflows (for example, a bug instead of a + story), even if the status you're changing to is the same. +1. Refer to the [Configure GitLab](development_panel.md#configure-gitlab) instructions. +1. Select the **Enable Jira transitions** setting. +1. Select the **Custom transitions** option. +1. Enter your transition IDs in the text field. If you insert multiple transition IDs + (separated by `,` or `;`), the issue is moved to each state, one after another, in the + order you specify. If a transition fails, the sequence is aborted. -If you insert multiple transition IDs separated by `,` or `;`, the issue is moved to each state, one after another, using the given order. If a transition fails the sequence is aborted. +## Disable comments on Jira issues -To see the transition IDs on Jira Cloud, edit a workflow in the **Text** view. -The transition IDs display in the **Transitions** column. +GitLab can cross-link source commits or merge requests with Jira issues without +adding a comment to the Jira issue: -On Jira Server you can get the transition IDs in either of the following ways: +1. Refer to the [Configure GitLab](development_panel.md#configure-gitlab) instructions. +1. Clear the **Enable comments** check box. -1. By using the API, with a request like `https://yourcompany.atlassian.net/rest/api/2/issue/ISSUE-123/transitions` - using an issue that is in the appropriate "open" state -1. By mousing over the link for the transition you want and looking for the - "action" parameter in the URL +## Enable or disable the ability to require an associated Jira issue on merge requests -Note that the transition ID may vary between workflows (for example, bug vs. story), -even if the status you are changing to is the same. +The ability to require an associated Jira issue on merge requests is under development +and not ready for production use. It is deployed behind a feature flag that is +**disabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) can enable it. -## Disabling comments on Jira issues +To enable it: -You can continue to have GitLab cross-link a source commit/MR with a Jira issue while disabling the comment added to the issue. +```ruby +Feature.enable(:jira_issue_association_on_merge_request) +``` + +To disable it: -See the [Configure GitLab](development_panel.md#configure-gitlab) section and uncheck the **Enable comments** setting. +```ruby +Feature.disable(:jira_issue_association_on_merge_request) +``` diff --git a/doc/integration/jira/jira_cloud_configuration.md b/doc/integration/jira/jira_cloud_configuration.md index fd58b3f33f7..7b3f2bcb249 100644 --- a/doc/integration/jira/jira_cloud_configuration.md +++ b/doc/integration/jira/jira_cloud_configuration.md @@ -6,7 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Create an API token in Jira on Atlassian cloud **(FREE)** -You need an API token to [integrate with Jira](../../user/project/integrations/jira.md) +You need an API token to [integrate with Jira](index.md) on Atlassian cloud. To create the API token: 1. Sign in to [`id.atlassian.com`](https://id.atlassian.com/manage-profile/security/api-tokens) diff --git a/doc/integration/jira/jira_server_configuration.md b/doc/integration/jira/jira_server_configuration.md index 3573a1f8b1e..21348416b73 100644 --- a/doc/integration/jira/jira_server_configuration.md +++ b/doc/integration/jira/jira_server_configuration.md @@ -6,7 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Jira Server credentials **(FREE)** -To [integrate Jira with GitLab](../../user/project/integrations/jira.md), you must +To [integrate Jira with GitLab](index.md), you must create a Jira user account for your Jira projects to access projects in GitLab. This Jira user account must have write access to your Jira projects. To create the credentials, you must: diff --git a/doc/integration/kerberos.md b/doc/integration/kerberos.md index 5be076464d8..1984d275794 100644 --- a/doc/integration/kerberos.md +++ b/doc/integration/kerberos.md @@ -87,7 +87,7 @@ For source installations, make sure the `kerberos` gem group 1. [Reconfigure GitLab](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. -GitLab will now offer the `negotiate` authentication method for signing in and +GitLab now offers the `negotiate` authentication method for signing in and HTTP Git access, enabling Git clients that support this authentication protocol to authenticate with Kerberos tokens. @@ -159,7 +159,7 @@ knowledge can be a security risk. ## Link Kerberos and LDAP accounts together If your users sign in with Kerberos, but you also have [LDAP integration](../administration/auth/ldap/index.md) -enabled, your users will be linked to their LDAP accounts on their first sign-in. +enabled, your users are linked to their LDAP accounts on their first sign-in. For this to work, some prerequisites must be met: The Kerberos username must match the LDAP user's UID. You can choose which LDAP @@ -170,7 +170,7 @@ The Kerberos realm must match the domain part of the LDAP user's Distinguished Name. For instance, if the Kerberos realm is `AD.EXAMPLE.COM`, then the LDAP user's Distinguished Name should end in `dc=ad,dc=example,dc=com`. -Taken together, these rules mean that linking will only work if your users' +Taken together, these rules mean that linking only works if your users' Kerberos usernames are of the form `foo@AD.EXAMPLE.COM` and their LDAP Distinguished Names look like `sAMAccountName=foo,dc=ad,dc=example,dc=com`. @@ -180,7 +180,7 @@ LDAP Distinguished Names look like `sAMAccountName=foo,dc=ad,dc=example,dc=com`. You can configure custom allowed realms when the user's Kerberos realm doesn't match the domain from the user's LDAP DN. The configuration value must specify -all domains that users may be expected to have. Any other domains will be +all domains that users may be expected to have. Any other domains are ignored and an LDAP identity won't be linked. **For Omnibus installations** @@ -236,8 +236,8 @@ authentication fails. For GitLab users to be able to use either `basic` or `negotiate` authentication with older Git versions, it is possible to offer Kerberos ticket-based -authentication on a different port (e.g. 8443) while the standard port will -keep offering only `basic` authentication. +authentication on a different port (e.g. 8443) while the standard port offers +only `basic` authentication. **For source installations with HTTPS** @@ -280,14 +280,14 @@ keep offering only `basic` authentication. 1. [Reconfigure GitLab](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. -After this change, all Git remote URLs will have to be updated to +After this change, Git remote URLs have to be updated to `https://gitlab.example.com:8443/mygroup/myproject.git` in order to use Kerberos ticket-based authentication. ## Upgrading from password-based to ticket-based Kerberos sign-ins Prior to GitLab 8.10 Enterprise Edition, users had to submit their -Kerberos username and password to GitLab when signing in. We will +Kerberos username and password to GitLab when signing in. We plan to remove support for password-based Kerberos sign-ins in a future release, so we recommend that you upgrade to ticket-based sign-ins. @@ -343,14 +343,14 @@ to a larger value in [the NGINX configuration](http://nginx.org/en/docs/http/ngx With Kerberos SPNEGO authentication, the browser is expected to send a list of mechanisms it supports to GitLab. If it doesn't support any of the mechanisms -GitLab supports, authentication will fail with a message like this in the log: +GitLab supports, authentication fails with a message like this in the log: ```plaintext OmniauthKerberosSpnegoController: failed to process Negotiate/Kerberos authentication: gss_accept_sec_context did not return GSS_S_COMPLETE: An unsupported mechanism was requested Unknown error ``` This is usually seen when the browser is unable to contact the Kerberos server -directly. It will fall back to an unsupported mechanism known as +directly. It falls back to an unsupported mechanism known as [`IAKERB`](https://k5wiki.kerberos.org/wiki/Projects/IAKERB), which tries to use the GitLab server as an intermediary to the Kerberos server. @@ -359,10 +359,10 @@ client machine and the Kerberos server - this is a prerequisite! Traffic may be blocked by a firewall, or the DNS records may be incorrect. Another failure mode occurs when the forward and reverse DNS records for the -GitLab server do not match. Often, Windows clients will work in this case, while -Linux clients will fail. They use reverse DNS while detecting the Kerberos -realm. If they get the wrong realm, then ordinary Kerberos mechanisms will fail, -so the client will fall back to attempting to negotiate `IAKERB`, leading to the +GitLab server do not match. Often, Windows clients work in this case while +Linux clients fail. They use reverse DNS while detecting the Kerberos +realm. If they get the wrong realm then ordinary Kerberos mechanisms fail, +so the client falls back to attempting to negotiate `IAKERB`, leading to the above error message. To fix this, ensure that the forward and reverse DNS for your GitLab server diff --git a/doc/integration/saml.md b/doc/integration/saml.md index 842eb71f7f4..da1278b9edd 100644 --- a/doc/integration/saml.md +++ b/doc/integration/saml.md @@ -1,8 +1,8 @@ --- -type: reference stage: Manage group: Access info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference --- # SAML OmniAuth Provider **(FREE SELF)** @@ -86,7 +86,7 @@ in your SAML IdP: ``` 1. Ensure that the SAML [`NameID`](../user/group/saml_sso/index.md#nameid) and email address are fixed for each user, -as described in the section on [Security](#security). Otherwise, your users will be able to sign in as other authorized users. +as described in the section on [Security](#security). Otherwise, your users are able to sign in as other authorized users. 1. Add the provider configuration: @@ -137,7 +137,7 @@ as described in the section on [Security](#security). Otherwise, your users will for more details on these options. See the [notes on configuring your identity provider](#notes-on-configuring-your-identity-provider) for more information. -1. Change the value of `issuer` to a unique name, which will identify the application +1. Change the value of `issuer` to a unique name, which identifies the application to the IdP. 1. For the changes to take effect, you must [reconfigure](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab if you installed via Omnibus or [restart GitLab](../administration/restart_gitlab.md#installations-from-source) if you installed from source. @@ -158,7 +158,7 @@ See [the assertions list](#assertions) for other available claims. On the sign in page there should now be a SAML button below the regular sign in form. Click the icon to begin the authentication process. If everything goes well the user -will be returned to GitLab and will be signed in. +is returned to GitLab and signed in. ### Notes on configuring your identity provider @@ -250,7 +250,7 @@ Your IdP passes Group Information to the SP (GitLab) in the SAML Response. You n - Which group membership is requisite to sign in via the `required_groups` setting When `required_groups` is not set or it is empty, anyone with proper authentication -will be able to use the service. +is able to use the service. Example: @@ -424,8 +424,8 @@ omniauth: auto_sign_in_with_provider: saml ``` -Keep in mind that every sign in attempt will be redirected to the SAML server; -you won't be able to sign in using local credentials. Ensure at least one of the +Keep in mind that every sign in attempt redirects to the SAML server; +you cannot sign in using local credentials. Ensure at least one of the SAML users has admin permissions. You may also bypass the auto sign-in feature by browsing to @@ -442,7 +442,7 @@ in the OmniAuth [`info` hash](https://github.com/omniauth/omniauth/wiki/Auth-Has For example, if your SAMLResponse contains an Attribute called `EmailAddress`, specify `{ email: ['EmailAddress'] }` to map the Attribute to the -corresponding key in the `info` hash. URI-named Attributes are also supported, e.g. +corresponding key in the `info` hash. URI-named Attributes are also supported, for example, `{ email: ['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'] }`. This setting allows you tell GitLab where to look for certain attributes required @@ -463,7 +463,7 @@ args: { #### Setting a username -By default, the email in the SAML response will be used to automatically generate the user's GitLab username. If you'd like to set another attribute as the username, assign it to the `nickname` OmniAuth `info` hash attribute. For example, if you wanted to set the `username` attribute in your SAML Response to the username in GitLab, use the following setting: +By default, the email in the SAML response is used to automatically generate the user's GitLab username. If you'd like to set another attribute as the username, assign it to the `nickname` OmniAuth `info` hash attribute. For example, if you wanted to set the `username` attribute in your SAML Response to the username in GitLab, use the following setting: ```yaml args: { @@ -587,7 +587,7 @@ args: { } ``` -Your Identity Provider will encrypt the assertion with the public certificate of GitLab. GitLab will decrypt the EncryptedAssertion with its private key. +Your Identity Provider encrypts the assertion with the public certificate of GitLab. GitLab decrypts the EncryptedAssertion with its private key. NOTE: This integration uses the `certificate` and `private_key` settings for both assertion encryption and request signing. @@ -629,7 +629,7 @@ args: { } ``` -GitLab will sign the request with the provided private key. GitLab will include the configured public x500 certificate in the metadata for your Identity Provider to validate the signature of the received request with. For more information on this option, see the [Ruby SAML gem documentation](https://github.com/onelogin/ruby-saml/tree/v1.7.0). The Ruby SAML gem is used by the [OmniAuth SAML gem](https://github.com/omniauth/omniauth-saml) to implement the client side of the SAML authentication. +GitLab signs the request with the provided private key. GitLab includes the configured public x500 certificate in the metadata for your Identity Provider to validate the signature of the received request with. For more information on this option, see the [Ruby SAML gem documentation](https://github.com/onelogin/ruby-saml/tree/v1.7.0). The Ruby SAML gem is used by the [OmniAuth SAML gem](https://github.com/omniauth/omniauth-saml) to implement the client side of the SAML authentication. ## Security @@ -652,7 +652,7 @@ For information on the GitLab.com implementation, please see the [SAML SSO for G Group SAML SSO helps if you need to allow access via multiple SAML identity providers, but as a multi-tenant solution is less suited to cases where you administer your own GitLab instance. -To proceed with configuring Group SAML SSO instead, you'll need to enable the `group_saml` OmniAuth provider. This can be done from: +To proceed with configuring Group SAML SSO instead, enable the `group_saml` OmniAuth provider. This can be done from: - `gitlab.rb` for [Omnibus GitLab installations](#omnibus-installations). - `gitlab/config/gitlab.yml` for [source installations](#source-installations). @@ -715,17 +715,17 @@ The following guidance is based on this Okta article, on adding a [SAML Applicat 1. When the app screen comes up you see another button to **Create an App** and choose SAML 2.0 on the next screen. 1. Optionally, you can add a logo - (you can choose it from <https://about.gitlab.com/press/>). You'll have to + (you can choose it from <https://about.gitlab.com/press/>). You must crop and resize it. -1. Next, you'll need the to fill in the SAML general configuration with +1. Next, fill in the SAML general configuration with the assertion consumer service URL as "Single sign-on URL" and the issuer as "Audience URI" along with the [NameID](../user/group/saml_sso/index.md#nameid) and [assertions](#assertions). 1. The last part of the configuration is the feedback section where you can just say you're a customer and creating an app for internal use. -1. When you have your app you'll have a few tabs on the top of the app's +1. When you have your app you can see a few tabs on the top of the app's profile. Click on the SAML 2.0 configuration instructions button. 1. On the screen that comes up take note of the - **Identity Provider Single Sign-On URL** which you'll use for the + **Identity Provider Single Sign-On URL** which you can use for the `idp_sso_target_url` on your GitLab configuration file. 1. **Before you leave Okta, make sure you add your user and groups if any.** @@ -734,14 +734,14 @@ The following guidance is based on this Okta article, on adding a [SAML Applicat The following guidance is based on this Google Workspace article, on how to [Set up your own custom SAML application](https://support.google.com/a/answer/6087519?hl=en): Make sure you have access to a Google Workspace [Super Admin](https://support.google.com/a/answer/2405986#super_admin) account. - Follow the instructions in the linked Google Workspace article, where you'll need the following information: + Use the information below and follow the instructions in the linked Google Workspace article. | | Typical value | Description | |------------------|--------------------------------------------------|----------------------------------------------------------| | Name of SAML App | GitLab | Other names OK. | | ACS URL | `https://<GITLAB_DOMAIN>/users/auth/saml/callback` | ACS is short for Assertion Consumer Service. | | GITLAB_DOMAIN | `gitlab.example.com` | Set to the domain of your GitLab instance. | -| Entity ID | `https://gitlab.example.com` | A value unique to your SAML app, you'll set it to the `issuer` in your GitLab configuration. | +| Entity ID | `https://gitlab.example.com` | A value unique to your SAML app, set it to the `issuer` in your GitLab configuration. | | Name ID format | EMAIL | Required value. Also known as `name_identifier_format` | | Name ID | Primary email address | Make sure someone receives content sent to that address | | First name | `first_name` | Required value to communicate with GitLab. | @@ -806,7 +806,7 @@ section for further troubleshooting steps. ### Redirect back to the login screen with no evident error If after signing in into your SAML server you are redirected back to the sign in page and -no error is displayed, check your `production.log` file. It will most likely contain the +no error is displayed, check your `production.log` file. It most likely contains the message `Can't verify CSRF token authenticity`. This means that there is an error during the SAML request, but in GitLab 11.7 and earlier this error never reaches GitLab due to the CSRF check. @@ -814,7 +814,7 @@ the CSRF check. To bypass this you can add `skip_before_action :verify_authenticity_token` to the `omniauth_callbacks_controller.rb` file immediately after the `class` line and comment out the `protect_from_forgery` line using a `#`. Restart Unicorn for this -change to take effect. This will allow the error to hit GitLab, where it can then +change to take effect. This allows the error to hit GitLab, where it can then be seen in the usual logs, or as a flash message on the login screen. That file is located in `/opt/gitlab/embedded/service/gitlab-rails/app/controllers` @@ -838,11 +838,11 @@ audiences of the IdP server. The IdP server needs to pass certain information in order for GitLab to either create an account, or match the login information to an existing account. `email` is the minimum amount of information that needs to be passed. If the IdP server -is not providing this information, all SAML requests will fail. +is not providing this information, all SAML requests fail. Make sure this information is provided. -Another issue that can result in this error is when the correct information is being sent by the IdP, but the attributes don't match the names in the OmniAuth `info` hash. In this case, you'll need to set `attribute_statements` in the SAML configuration to [map the attribute names in your SAML Response to the corresponding OmniAuth `info` hash names](#attribute_statements). +Another issue that can result in this error is when the correct information is being sent by the IdP, but the attributes don't match the names in the OmniAuth `info` hash. In this case, you need to set `attribute_statements` in the SAML configuration to [map the attribute names in your SAML Response to the corresponding OmniAuth `info` hash names](#attribute_statements). ### Key validation error, Digest mismatch or Fingerprint mismatch @@ -859,8 +859,8 @@ For this you need take the following into account: the request to contain one. In this case the fingerprint or fingerprint validators are optional -Make sure that one of the above described scenarios is valid, or the requests will -fail with one of the mentioned errors. +If none of the above described scenarios is valid, the request +fails with one of the mentioned errors. ### User is blocked when signing in through SAML diff --git a/doc/operations/error_tracking.md b/doc/operations/error_tracking.md index 18e5eaeef43..78aa664b339 100644 --- a/doc/operations/error_tracking.md +++ b/doc/operations/error_tracking.md @@ -65,9 +65,8 @@ By default, a **Create issue** button is displayed:  -If you create a GitLab issue from the error, the **Create issue** button changes to a **View issue** button and a link to the GitLab issue displays within the error detail section: - - +If you create a GitLab issue from the error, the **Create issue** button changes to a **View issue** +button and a link to the GitLab issue displays within the error detail section. ## Taking Action on errors diff --git a/doc/operations/img/error_details_v12_7.png b/doc/operations/img/error_details_v12_7.png Binary files differindex 1c7ace35e2a..05070ce06b9 100644 --- a/doc/operations/img/error_details_v12_7.png +++ b/doc/operations/img/error_details_v12_7.png diff --git a/doc/operations/img/error_details_with_issue_v12_8.png b/doc/operations/img/error_details_with_issue_v12_8.png Binary files differdeleted file mode 100644 index 0536861b070..00000000000 --- a/doc/operations/img/error_details_with_issue_v12_8.png +++ /dev/null diff --git a/doc/operations/img/error_tracking_list_v12_6.png b/doc/operations/img/error_tracking_list_v12_6.png Binary files differindex b99c83c14d3..af57691b14a 100644 --- a/doc/operations/img/error_tracking_list_v12_6.png +++ b/doc/operations/img/error_tracking_list_v12_6.png diff --git a/doc/operations/incident_management/alert_notifications.md b/doc/operations/incident_management/alert_notifications.md deleted file mode 100644 index 4f46c2bec71..00000000000 --- a/doc/operations/incident_management/alert_notifications.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: 'paging.md' ---- - -This document was moved to [another location](paging.md). - -<!-- This redirect file can be deleted after 2021-04-21 --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/operations/incident_management/alerts.md b/doc/operations/incident_management/alerts.md index 276009ac200..c49684954d9 100644 --- a/doc/operations/incident_management/alerts.md +++ b/doc/operations/incident_management/alerts.md @@ -33,9 +33,10 @@ The alert list displays the following information: - **Event count**: The number of times that an alert has fired. - **Issue**: A link to the incident issue that has been created for the alert. - **Status**: The current status of the alert: - - **Triggered**: No one has begun investigation. + - **Triggered**: Investigation has not started. - **Acknowledged**: Someone is actively investigating the problem. - **Resolved**: No further work is required. + - **Ignored**: No action will be taken on the alert. NOTE: Check out a live example available from the @@ -167,22 +168,19 @@ difficult to track who is investigating and working on it. Assigning alerts ease To assign an alert: -1. To display the list of current alerts, navigate to **Operations > Alerts**: - -  +1. To display the list of current alerts, navigate to **Operations > Alerts**. -1. Select your desired alert to display its **Alert Details View**: +1. Select your desired alert to display its details.  1. If the right sidebar is not expanded, select **{angle-double-right}** **Expand sidebar** to expand it. + 1. In the right sidebar, locate the **Assignee**, and then select **Edit**. From the dropdown menu, select each user you want to assign to the alert. GitLab creates a [to-do item](../../user/todos.md) for each user. -  - After completing their portion of investigating or fixing the alert, users can unassign themselves from the alert. To remove an assignee, select **Edit** next to the **Assignee** dropdown menu and deselect the user from the list of assignees, or select **Unassigned**. @@ -203,8 +201,6 @@ add a to-do item: Select the **To-Do List** **{todo-done}** in the navigation bar to view your current to-do list. - - ## Link runbooks to alerts > Runbook URLs [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39315) in GitLab 13.3. diff --git a/doc/operations/incident_management/img/alert_detail_added_todo_v13_1.png b/doc/operations/incident_management/img/alert_detail_added_todo_v13_1.png Binary files differdeleted file mode 100644 index ae874706895..00000000000 --- a/doc/operations/incident_management/img/alert_detail_added_todo_v13_1.png +++ /dev/null diff --git a/doc/operations/incident_management/img/alert_details_assignees_v13_1.png b/doc/operations/incident_management/img/alert_details_assignees_v13_1.png Binary files differindex dab4eac384a..29cdba2c9ab 100644 --- a/doc/operations/incident_management/img/alert_details_assignees_v13_1.png +++ b/doc/operations/incident_management/img/alert_details_assignees_v13_1.png diff --git a/doc/operations/incident_management/img/alert_list_assignees_v13_1.png b/doc/operations/incident_management/img/alert_list_assignees_v13_1.png Binary files differdeleted file mode 100644 index db1e0d8dcb7..00000000000 --- a/doc/operations/incident_management/img/alert_list_assignees_v13_1.png +++ /dev/null diff --git a/doc/operations/incident_management/img/alert_todo_assignees_v13_1.png b/doc/operations/incident_management/img/alert_todo_assignees_v13_1.png Binary files differdeleted file mode 100644 index 637f8be5d25..00000000000 --- a/doc/operations/incident_management/img/alert_todo_assignees_v13_1.png +++ /dev/null diff --git a/doc/operations/incident_management/incidents.md b/doc/operations/incident_management/incidents.md index 078a1a0be08..d09dbd2cb04 100644 --- a/doc/operations/incident_management/incidents.md +++ b/doc/operations/incident_management/incidents.md @@ -267,3 +267,19 @@ any other Markdown text field in GitLab by You can embed both [GitLab-hosted metrics](../metrics/embed.md) and [Grafana metrics](../metrics/embed_grafana.md) in incidents and issue templates. + +### Automatically close incidents via recovery alerts + +> - [Introduced for Prometheus Integrations](https://gitlab.com/gitlab-org/gitlab/-/issues/13401) in GitLab 12.5. +> - [Introduced for HTTP Integrations](https://gitlab.com/gitlab-org/gitlab/-/issues/13402) in GitLab 13.4. + +With Maintainer or higher [permissions](../../user/permissions.md), you can enable + GitLab to close an incident automatically when a **Recovery Alert** is received: + +1. Navigate to **Settings > Operations > Incidents** and expand **Incidents**. +1. Check the **Automatically close associated Incident** checkbox. +1. Click **Save changes**. + +When GitLab receives a **Recovery Alert**, it closes the associated incident. +This action is recorded as a system message on the incident indicating that it +was closed automatically by the GitLab Alert bot. diff --git a/doc/operations/incident_management/integrations.md b/doc/operations/incident_management/integrations.md index c675d995444..07ffb92a000 100644 --- a/doc/operations/incident_management/integrations.md +++ b/doc/operations/incident_management/integrations.md @@ -97,17 +97,17 @@ to configure alerts for this integration. ## Customize the alert payload outside of GitLab -For all integration types, you can customize the payload by sending the following +For HTTP Endpoints without [custom mappings](#map-fields-in-custom-alerts), you can customize the payload by sending the following parameters. All fields are optional. If the incoming alert does not contain a value for the `Title` field, a default value of `New: Alert` will be applied. | Property | Type | Description | | ------------------------- | --------------- | ----------- | -| `title` | String | The title of the incident. | +| `title` | String | The title of the alert.| | `description` | String | A high-level summary of the problem. | -| `start_time` | DateTime | The time of the incident. If none is provided, a timestamp of the issue is used. | -| `end_time` | DateTime | For existing alerts only. When provided, the alert is resolved and the associated incident is closed. | +| `start_time` | DateTime | The time of the alert. If none is provided, a current time is used. | +| `end_time` | DateTime | The resolution time of the alert. If provided, the alert is resolved. | | `service` | String | The affected service. | -| `monitoring_tool` | String | The name of the associated monitoring tool. | +| `monitoring_tool` | String | The name of the associated monitoring tool. | | `hosts` | String or Array | One or more hosts, as to where this incident occurred. | | `severity` | String | The severity of the alert. Case-insensitive. Can be one of: `critical`, `high`, `medium`, `low`, `info`, `unknown`. Defaults to `critical` if missing or value is not in this list. | | `fingerprint` | String or Array | The unique identifier of the alert. This can be used to group occurrences of the same alert. | @@ -168,7 +168,7 @@ alert to confirm your integration works properly. 1. Sign in as a user with Developer or greater [permissions](../../user/permissions.md). 1. Navigate to **Settings > Operations** in your project. 1. Click **Alert integrations** to expand the section. -1. Click the **{settings}** settings icon on the right side of the integration in [the list](#integrations-list). +1. Click the **{settings}** settings icon on the right side of the integration in [the list](#integrations-list). 1. Select the **Send test alert** tab to open it. 1. Enter a test payload in the payload field (valid JSON is required). 1. Click **Send**. @@ -189,6 +189,17 @@ If the existing alert is already `resolved`, GitLab creates a new alert instead.  +## Recovery alerts + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13402) in GitLab 13.4. + +The alert in GitLab will be automatically resolved when an HTTP Endpoint +receives a payload with the end time of the alert set. For HTTP Endpoints +without [custom mappings](#map-fields-in-custom-alerts), the expected +field is `end_time`. With custom mappings, you can select the expected field. + +You can also configure the associated [incident to be closed automatically](../incident_management/incidents.md#automatically-close-incidents-via-recovery-alerts) when the alert resolves. + ## Link to your Opsgenie Alerts > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3066) in GitLab Premium 13.2. diff --git a/doc/operations/incident_management/oncall_schedules.md b/doc/operations/incident_management/oncall_schedules.md index 87745639c69..695b42f7d1a 100644 --- a/doc/operations/incident_management/oncall_schedules.md +++ b/doc/operations/incident_management/oncall_schedules.md @@ -107,3 +107,10 @@ Hover over any rotation shift participants in the schedule to view their individ When an alert is created in a project, GitLab sends an email to the on-call responder(s) in the on-call schedule for that project. If there is no schedule or no one on-call in that schedule at the time the alert is triggered, no email is sent. + +## Removal or deletion of on-call user + +If an on-call user is removed from the project or group, or their account is deleted, the +confirmation modal displays the list of that user's on-call schedules. If the user's removal or +deletion is confirmed, GitLab recalculates the on-call rotation and sends an email to the project +owners and the rotation's participants. diff --git a/doc/operations/metrics/alerts.md b/doc/operations/metrics/alerts.md index 7763224d21e..09cfea06198 100644 --- a/doc/operations/metrics/alerts.md +++ b/doc/operations/metrics/alerts.md @@ -49,6 +49,10 @@ as soon as the alert fires:  +## Prometheus cluster integrations + +Alerts are not currently supported for [Prometheus cluster integrations](../../user/clusters/integrations.md). + ## External Prometheus instances > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9258) in GitLab Ultimate 11.8. @@ -92,7 +96,6 @@ Prometheus server to use the ## Trigger actions from alerts **(ULTIMATE)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/4925) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.11. -> - [From GitLab Ultimate 12.5](https://gitlab.com/gitlab-org/gitlab/-/issues/13401), when GitLab receives a recovery alert, it automatically closes the associated issue. Alerts can be used to trigger actions, like opening an issue automatically (disabled by default since `13.1`). To configure the actions: @@ -123,10 +126,6 @@ values extracted from the [`alerts` field in webhook payload](https://prometheus - **Low**: `low`, `s4`, `p4`, `warn`, `warning` - **Info**: `info`, `s5`, `p5`, `debug`, `information`, `notice` -When GitLab receives a **Recovery Alert**, it closes the associated issue. -This action is recorded as a system message on the issue indicating that it -was closed automatically by the GitLab Alert bot. - To further customize the issue, you can add labels, mentions, or any other supported [quick action](../../user/project/quick_actions.md) in the selected issue template, which applies to all incidents. To limit quick actions or other information to @@ -139,3 +138,12 @@ does not yet exist, it is also created automatically. If the metric exceeds the threshold of the alert for over 5 minutes, GitLab sends an email to all [Maintainers and Owners](../../user/permissions.md#project-members-permissions) of the project. + +### Recovery alerts + +> - [From GitLab Ultimate 12.5](https://gitlab.com/gitlab-org/gitlab/-/issues/13401), when GitLab receives a recovery alert, it automatically closes the associated issue. + +The alert in GitLab will be automatically resolved when Prometheus +sends a payload with the field `status` set to `resolved`. + +You can also configure the associated [incident to be closed automatically](../incident_management/incidents.md#automatically-close-incidents-via-recovery-alerts) when the alert resolves. diff --git a/doc/operations/metrics/dashboards/img/metrics_dashboard_template_selection_v13_3.png b/doc/operations/metrics/dashboards/img/metrics_dashboard_template_selection_v13_3.png Binary files differindex bd8401a1747..cad075ca421 100644 --- a/doc/operations/metrics/dashboards/img/metrics_dashboard_template_selection_v13_3.png +++ b/doc/operations/metrics/dashboards/img/metrics_dashboard_template_selection_v13_3.png diff --git a/doc/policy/maintenance.md b/doc/policy/maintenance.md index 95bc176e70a..217618c1771 100644 --- a/doc/policy/maintenance.md +++ b/doc/policy/maintenance.md @@ -103,12 +103,12 @@ have to adhere to various internal requirements (for example, org. compliance, v 1. Requirements consisting of extensive testing for not only stable GitLab release, but every patch version. In cases where a strategic user has a requirement to test a feature before it is -officially released, we can offer to create a Release Candidate (RC) version that will -include the specific feature. This should be needed only in extreme cases and can be requested for +officially released, we can offer to create a Release Candidate (RC) version that +includes the specific feature. This should be needed only in extreme cases and can be requested for consideration by raising an issue in the [release/tasks](https://gitlab.com/gitlab-org/release/tasks/-/issues/new?issuable_template=Backporting-request) issue tracker. -It is important to note that the Release Candidate will also contain other features and changes as +It is important to note that the Release Candidate contains other features and changes as it is not possible to easily isolate a specific feature (similar reasons as noted above). The -Release Candidate will be no different than any code that is deployed to GitLab.com or is publicly +Release Candidate is no different than any code that is deployed to GitLab.com or is publicly accessible. ### Backporting to older releases diff --git a/doc/push_rules/push_rules.md b/doc/push_rules/push_rules.md index 2117a961957..db190797d0a 100644 --- a/doc/push_rules/push_rules.md +++ b/doc/push_rules/push_rules.md @@ -59,6 +59,13 @@ If you have other target branches, include them in your regex. (See [Enabling pu The default branch also defaults to being a [protected branch](../user/project/protected_branches.md), which already limits users from pushing directly. +Some example regular expressions you can use in push rules: + +- `^JIRA-` Branches must start with `JIRA-`. +- `-JIRA$` Branches must end with `-JIRA`. +- `^[a-z0-9\\-]{4,15}$` Branches must be between `4` and `15` characters long, + accepting only lowercase letters, numbers and dashes. + #### Default restricted branch names > Introduced in GitLab 12.10. diff --git a/doc/raketasks/backup_restore.md b/doc/raketasks/backup_restore.md index e182ecc48bc..74e254d864e 100644 --- a/doc/raketasks/backup_restore.md +++ b/doc/raketasks/backup_restore.md @@ -339,7 +339,8 @@ sudo -u git -H GITLAB_ASSUME_YES=1 bundle exec rake gitlab:backup:restore RAILS_ > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37158) in GitLab 13.3. -Repositories can be backed up concurrently to help fully use CPU time. The +When using [multiple repository storages](../administration/repository_storage_paths.md), +repositories can be backed up concurrently to help fully use CPU time. The following variables are available to modify the default behavior of the Rake task: @@ -349,7 +350,7 @@ task: back up at the same time on each storage. This allows the repository backups to be spread across storages. Defaults to `1`. -For example, for Omnibus GitLab installations: +For example, for Omnibus GitLab installations with 4 repository storages: ```shell sudo gitlab-backup create GITLAB_BACKUP_MAX_CONCURRENCY=4 GITLAB_BACKUP_MAX_STORAGE_CONCURRENCY=1 diff --git a/doc/raketasks/index.md b/doc/raketasks/index.md index 7efe3115a83..799e6126a82 100644 --- a/doc/raketasks/index.md +++ b/doc/raketasks/index.md @@ -41,7 +41,8 @@ The following Rake tasks are available for use with GitLab: | [Praefect Rake tasks](../administration/raketasks/praefect.md) | [Praefect](../administration/gitaly/praefect.md)-related tasks. | | [Project import/export](../administration/raketasks/project_import_export.md) | Prepare for [project exports and imports](../user/project/settings/import_export.md). | | [Sample Prometheus data](generate_sample_prometheus_data.md) | Generate sample Prometheus data. | -| [SPDX license list import](spdx.md) | Import a local copy of the [SPDX license list](https://spdx.org/licenses/) for matching [License Compliance policies](../user/compliance/license_compliance/index.md). | | +| [Sidekiq job migration](sidekiq_job_migration.md) | Migrate Sidekiq jobs scheduled for future dates to a new queue. | +| [SPDX license list import](spdx.md) | Import a local copy of the [SPDX license list](https://spdx.org/licenses/) for matching [License Compliance policies](../user/compliance/license_compliance/index.md). | | [Repository storage](../administration/raketasks/storage.md) | List and migrate existing projects and attachments from legacy storage to hashed storage. | | [Uploads migrate](../administration/raketasks/uploads/migrate.md) | Migrate uploads between local storage and object storage. | | [Uploads sanitize](../administration/raketasks/uploads/sanitize.md) | Remove EXIF data from images uploaded to earlier versions of GitLab. | diff --git a/doc/raketasks/sidekiq_job_migration.md b/doc/raketasks/sidekiq_job_migration.md new file mode 100644 index 00000000000..313c9c7220b --- /dev/null +++ b/doc/raketasks/sidekiq_job_migration.md @@ -0,0 +1,40 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Sidekiq job migration **(FREE SELF)** + +WARNING: +This operation should be very uncommon. We do not recommend it for the vast majority of GitLab instances. + +Sidekiq routing rules allow administrators to re-route certain background jobs from their regular queue to an alternative queue. By default, GitLab uses one queue per background job type. GitLab has over 400 background job types, and so correspondingly it has over 400 queues. + +Most administrators will not need to change this setting. In some cases with particularly large background job processing workloads, Redis performance may suffer due to the number of queues that GitLab listens to. + +If the Sidekiq routing rules are changed, administrators need to take care with the migration to avoid losing jobs entirely. The basic migration steps are: + +1. Listen to both the old and new queues. +1. Update the routing rules. +1. Wait until there are no publishers dispatching jobs to the old queues. +1. Run the [Rake tasks for future jobs](#future-jobs). +1. Wait for the old queues to be empty. +1. Stop listening to the old queues. + +## Future jobs + +Step 4 involves rewriting some Sidekiq job data for jobs that are already stored in Redis, but due to run in future. There are two sets of jobs to run in future: scheduled jobs and jobs to be retried. We provide a separate Rake task to migrate each set: + +- `gitlab:sidekiq:migrate_jobs:retry` for jobs to be retried. +- `gitlab:sidekiq:migrate_jobs:scheduled` for scheduled jobs. + +Most of the time, running both at the same time is the correct choice. There are two separate tasks to allow for more fine-grained control where needed. To run both at once: + +```shell +# omnibus-gitlab +sudo gitlab-rake gitlab:sidekiq:migrate_jobs:retry gitlab:sidekiq:migrate_jobs:schedule + +# source installations +bundle exec rake gitlab:sidekiq:migrate_jobs:retry gitlab:sidekiq:migrate_jobs:schedule RAILS_ENV=production +``` diff --git a/doc/security/rate_limits.md b/doc/security/rate_limits.md index 1609607ea5c..157600c15fb 100644 --- a/doc/security/rate_limits.md +++ b/doc/security/rate_limits.md @@ -33,6 +33,7 @@ These are rate limits you can set in the Admin Area of your instance: - [Protected paths](../user/admin_area/settings/protected_paths.md) - [Raw endpoints rate limits](../user/admin_area/settings/rate_limits_on_raw_endpoints.md) - [User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md) +- [Package registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) ## Non-configurable limits diff --git a/doc/security/reset_user_password.md b/doc/security/reset_user_password.md index 5f46ebcec31..344cfcae46a 100644 --- a/doc/security/reset_user_password.md +++ b/doc/security/reset_user_password.md @@ -20,8 +20,8 @@ which can be invoked by the following command: sudo gitlab-rake "gitlab:password:reset" ``` -You will be asked for username, password, and password confirmation. Upon giving -proper values for them, the password of the specified user will be updated. +GitLab asks for a username, a password, and a password confirmation. Upon giving +proper values for them, the password of the specified user is updated. The Rake task also takes the username as an argument, as shown in the example below: @@ -91,7 +91,7 @@ Try fixing this on the rails console. For example, if your new `root` password i 1. [Start a Rails console](../administration/operations/rails_console.md). -1. Find the user and skip reconfirmation. Any of the methods to find the user, above, will work: +1. Find the user and skip reconfirmation, using any of the methods above: ```ruby user = User.find(1) @@ -110,7 +110,7 @@ password. If the username was changed to something else and has been forgotten, one possible way is to reset the password using Rails console with user ID `1` (in -almost all the cases, the first user will be the default admin account). +almost all the cases, the first user is the default admin account). <!-- ## Troubleshooting diff --git a/doc/security/ssh_keys_restrictions.md b/doc/security/ssh_keys_restrictions.md index 102ba1fc370..0875ce82e61 100644 --- a/doc/security/ssh_keys_restrictions.md +++ b/doc/security/ssh_keys_restrictions.md @@ -25,13 +25,13 @@ In **Admin Area > Settings** (`/admin/application_settings/general`), expand the  -If a restriction is imposed on any key type, users will be unable to upload new SSH keys that don't meet the requirement. Any existing keys that don't meet it will be disabled but not removed and users will be unable to pull or push code using them. +If a restriction is imposed on any key type, users cannot upload new SSH keys that don't meet the requirement. Any existing keys that don't meet it are disabled but not removed and users cannot to pull or push code using them. -An icon will be visible to the user of a restricted key in the SSH keys section of their profile: +An icon is visible to the user of a restricted key in the SSH keys section of their profile:  -Hovering over this icon will tell you why the key is restricted. +Hovering over this icon tells you why the key is restricted. <!-- ## Troubleshooting diff --git a/doc/security/token_overview.md b/doc/security/token_overview.md index 0ca1e07bf54..f9655210329 100644 --- a/doc/security/token_overview.md +++ b/doc/security/token_overview.md @@ -106,3 +106,15 @@ This table shows available scopes per token. Scopes can be limited further on to 1. Limited to the one project. 1. Runner registration and authentication token don't provide direct access to repositories, but can be used to register and authenticate a new runner that may execute jobs which do have access to the repository 1. Limited to certain [endpoints](../api/README.md#gitlab-cicd-job-token). + +## Security considerations + +Access tokens should be treated like passwords and kept secure. + +Adding them to URLs is a security risk. This is especially true when cloning or adding a remote, as Git then writes the URL to its `.git/config` file in plain text. URLs are also generally logged by proxies and application servers, which makes those credentials visible to system administrators. + +Instead, API calls can be passed an access token using headers, like [the `Private-Token` header](../api/README.md#personalproject-access-tokens). + +Tokens can also be stored using a [Git credential storage](https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage). + +When creating a scoped token, consider using the most limited scope possible to reduce the impact of accidentally leaking the token. diff --git a/doc/security/two_factor_authentication.md b/doc/security/two_factor_authentication.md index 1abd4502eb5..f2728f95b96 100644 --- a/doc/security/two_factor_authentication.md +++ b/doc/security/two_factor_authentication.md @@ -23,8 +23,8 @@ want to enforce everyone to set up 2FA, you can choose from two different ways: - Enforce on next login. - Suggest on next login, but allow a grace period before enforcing. -After the configured grace period has elapsed, users will be able to sign in but -won't be able to leave the 2FA configuration area at `/profile/two_factor_auth`. +After the configured grace period has elapsed, users can sign in but +cannot leave the 2FA configuration area at `/profile/two_factor_auth`. To enable 2FA for all users: @@ -37,6 +37,8 @@ change the grace period to `0`. ## Enforcing 2FA for all users in a group +> [Introduced in](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/24965) GitLab 12.0, 2FA settings for a group are also applied to subgroups. + If you want to enforce 2FA only for certain groups, you can: 1. Enable it in the group's **Settings > General** page. Navigate to @@ -47,8 +49,6 @@ If you want to enforce 2FA only for certain groups, you can: To change this setting, you need to be administrator or owner of the group. -> [From](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/24965) GitLab 12.0, 2FA settings for a group are also applied to subgroups. - If you want to enforce 2FA only for certain groups, you can enable it in the group settings and specify a grace period as above. To change this setting you need to be administrator or owner of the group. @@ -66,21 +66,21 @@ The following are important notes about 2FA: - If you add additional members to a project within a group or subgroup that has 2FA enabled, 2FA is **not** required for those individually added members. - If there are multiple 2FA requirements (for example, group + all users, or multiple - groups) the shortest grace period will be used. + groups) the shortest grace period is used. - It is possible to disallow subgroups from setting up their own 2FA requirements. - Navigate to the top-level group's **Settings > General > Permissions, LFS, 2FA > Two-factor authentication** and uncheck the **Allow subgroups to set up their own two-factor authentication rule** field. This action will cause all subgroups with 2FA requirements to stop requiring that from their members. + Navigate to the top-level group's **Settings > General > Permissions, LFS, 2FA > Two-factor authentication** and uncheck the **Allow subgroups to set up their own two-factor authentication rule** field. This action causes all subgroups with 2FA requirements to stop requiring that from their members. ## Disabling 2FA for everyone WARNING: Disabling 2FA for everyone does not disable the [enforce 2FA for all users](#enforcing-2fa-for-all-users) or [enforce 2FA for all users in a group](#enforcing-2fa-for-all-users-in-a-group) -settings. In addition to the steps in this section, you will need to disable any enforced 2FA +settings. In addition to the steps in this section, you must disable any enforced 2FA settings so users aren't asked to set up 2FA again, the next time the user signs in to GitLab. Disabling 2FA for everyone does not disable the [enforce 2FA for all users](#enforcing-2fa-for-all-users) or [enforce 2FA for all users in a group](#enforcing-2fa-for-all-users-in-a-group) settings if they have been configured. In addition to the steps in this section, -you will need to disable any enforced 2FA settings so users aren't asked to setup +you must disable any enforced 2FA settings so users aren't asked to setup 2FA again when the next login to GitLab. There may be some special situations where you want to disable 2FA for everyone @@ -95,7 +95,7 @@ sudo -u git -H bundle exec rake gitlab:two_factor:disable_for_all_users RAILS_EN ``` WARNING: -This is a permanent and irreversible action. Users will have to +This is a permanent and irreversible action. Users have to reactivate 2FA from scratch if they want to use it again. <!-- ## Troubleshooting diff --git a/doc/ssh/README.md b/doc/ssh/README.md index 87213f72534..358323e4ef5 100644 --- a/doc/ssh/README.md +++ b/doc/ssh/README.md @@ -23,9 +23,6 @@ To use SSH to communicate with GitLab, you need: To view the version of SSH installed on your system, run `ssh -V`. -GitLab does [not support installation on Microsoft Windows](../install/requirements.md#microsoft-windows), -but you can set up SSH keys on the Windows [client](#use-ssh-on-microsoft-windows). - ## Supported SSH key types To communicate with GitLab, you can use the following SSH key types: @@ -58,8 +55,10 @@ Review the `man` page for your installed `ssh-keygen` command for details. Before you create a key pair, see if a key pair already exists. -1. On Linux or macOS, go to your home directory. -1. Go to the `.ssh/` subdirectory. +1. On Windows, Linux, or macOS, go to your home directory. +1. Go to the `.ssh/` subdirectory. If the `.ssh/` subdirectory doesn't exist, + you are either not in the home directory, or you haven't used `ssh` before. + In the latter case, you need to [generate an SSH key pair](#generate-an-ssh-key-pair). 1. See if a file with one of the following formats exists: | Algorithm | Public key | Private key | @@ -207,7 +206,7 @@ To use SSH with GitLab, copy your public key to your GitLab account. 1. Sign in to GitLab. 1. In the top right corner, select your avatar. -1. Select **Settings**. +1. Select **Preferences**. 1. From the left sidebar, select **SSH Keys**. 1. In the **Key** box, paste the contents of your public key. If you manually copied the key, make sure you copy the entire key, @@ -324,12 +323,18 @@ If you are using [EGit](https://www.eclipse.org/egit/), you can [add your SSH ke ## Use SSH on Microsoft Windows -If you're running Windows 10, you can use the [Windows Subsystem for Linux (WSL)](https://docs.microsoft.com/en-us/windows/wsl/install-win10) -with [WSL 2](https://docs.microsoft.com/en-us/windows/wsl/install-win10#update-to-wsl-2). -You can use WSL to install Linux distributions, which include the Git and SSH clients. +If you're running Windows 10, you can either use the [Windows Subsystem for Linux (WSL)](https://docs.microsoft.com/en-us/windows/wsl/install-win10) +with [WSL 2](https://docs.microsoft.com/en-us/windows/wsl/install-win10#update-to-wsl-2) which +has both `git` and `ssh` preinstalled, or install [Git for Windows](https://gitforwindows.org) to +use SSH through Powershell. + +The SSH key generated in WSL is not directly available for Git for Windows, and vice versa, +as both have a different home directory: + +- WSL: `/home/<user>` +- Git for Windows: `C:\Users\<user>` -For other versions of Windows, you can install the Git and SSH clients by using -[Git for Windows](https://gitforwindows.org). +You can either copy over the `.ssh/` directory to use the same key, or generate a key in each environment. Alternative tools include: diff --git a/doc/subscriptions/bronze_starter.md b/doc/subscriptions/bronze_starter.md index 303f734bc24..a2cca23e5f1 100644 --- a/doc/subscriptions/bronze_starter.md +++ b/doc/subscriptions/bronze_starter.md @@ -64,12 +64,12 @@ the tiers are no longer mentioned in GitLab documentation: - [`elasticsearch.log`](../administration/logs.md#elasticsearchlog) - Merge requests: - [Full code quality reports in the code quality tab](../user/project/merge_requests/code_quality.md#code-quality-reports) - - [Merge request approvals](../user/project/merge_requests/merge_request_approvals.md) + - [Merge request approvals](../user/project/merge_requests/approvals/index.md) - [Multiple assignees](../user/project/merge_requests/getting_started.md#multiple-assignees) - [Approval Rule information for Reviewers](../user/project/merge_requests/getting_started.md#approval-rule-information-for-reviewers) **(PREMIUM)** - - [Required Approvals](../user/project/merge_requests/merge_request_approvals.md#required-approvals) - - [Code Owners as eligible approvers](../user/project/merge_requests/merge_request_approvals.md#code-owners-as-eligible-approvers) - - All [Approval rules](../user/project/merge_requests/merge_request_approvals.md#approval-rules) features + - [Required Approvals](../user/project/merge_requests/approvals/index.md#required-approvals) + - [Code Owners as eligible approvers](../user/project/merge_requests/approvals/rules.md#code-owners-as-eligible-approvers) + - [Approval rules](../user/project/merge_requests/approvals/rules.md) features - [Restricting push and merge access to certain users](../user/project/protected_branches.md#restricting-push-and-merge-access-to-certain-users) - [Visual Reviews](../ci/review_apps/index.md#visual-reviews) - Metrics and analytics: @@ -130,7 +130,7 @@ Bronze-level subscribers: - Project milestones API: [Get all burndown chart events for a single milestone](../api/milestones.md#get-all-burndown-chart-events-for-a-single-milestone) - [Project iterations API](../api/iterations.md) - Fields in the [Search API](../api/search.md) available only to [Advanced Search (Elasticsearch)](../integration/elasticsearch.md) users - - Fields in the [Merge requests API](../api/merge_requests.md) for [merge request approvals](../user/project/merge_requests/merge_request_approvals.md) + - Fields in the [Merge requests API](../api/merge_requests.md) for [merge request approvals](../user/project/merge_requests/approvals/index.md) - Fields in the [Protected branches API](../api/protected_branches.md) that specify users or groups allowed to merge - [Merge request approvals API](../api/merge_request_approvals.md) - [Visual review discussions API](../api/visual_review_discussions.md) diff --git a/doc/subscriptions/gitlab_com/index.md b/doc/subscriptions/gitlab_com/index.md index f2a33e821b8..f35f146f8b9 100644 --- a/doc/subscriptions/gitlab_com/index.md +++ b/doc/subscriptions/gitlab_com/index.md @@ -265,6 +265,11 @@ To remove a billable user: 1. In the row for the user you want to remove, on the right side, select the ellipsis and **Remove user**. 1. Re-type the username and select **Remove user**. +If you add a member to a group by using the [share a group with another group](../../user/group/index.md#share-a-group-with-another-group) feature, you can't remove the member by using this method. Instead, you can either: + +- Remove the member from the shared group. You must be a group owner to do this. +- From the group's membership page, remove access from the entire shared group. + ## CI pipeline minutes CI pipeline minutes are the execution time for your diff --git a/doc/subscriptions/self_managed/index.md b/doc/subscriptions/self_managed/index.md index db0d54ff14c..648ad0c70a5 100644 --- a/doc/subscriptions/self_managed/index.md +++ b/doc/subscriptions/self_managed/index.md @@ -48,8 +48,8 @@ using [Seat Link](#seat-link). A _billable user_ counts against the number of subscription seats. Every user is considered a billable user, with the following exceptions: -- [Deactivated users](../../user/admin_area/activating_deactivating_users.md#deactivating-a-user) and - [blocked users](../../user/admin_area/blocking_unblocking_users.md) don't count as billable users in the current subscription. When they are either deactivated or blocked they release a _billable user_ seat. However, they may +- [Deactivated users](../../user/admin_area/moderate_users.md#deactivating-a-user) and + [blocked users](../../user/admin_area/moderate_users.md#blocking-a-user) don't count as billable users in the current subscription. When they are either deactivated or blocked they release a _billable user_ seat. However, they may count toward overages in the subscribed seat count. - Users who are [pending approval](../../user/admin_area/approving_users.md). - Members with Guest permissions on an Ultimate subscription. @@ -183,7 +183,7 @@ Starting 30 days before a subscription expires, GitLab notifies administrators o We recommend following these steps during renewal: -1. Prune any inactive or unwanted users by [blocking them](../../user/admin_area/blocking_unblocking_users.md#blocking-a-user). +1. Prune any inactive or unwanted users by [blocking them](../../user/admin_area/moderate_users.md#blocking-a-user). 1. Determine if you have a need for user growth in the upcoming subscription. 1. Log in to the [Customers Portal](https://customers.gitlab.com/customers/sign_in) and select the **Renew** button beneath your existing subscription. diff --git a/doc/topics/autodevops/customize.md b/doc/topics/autodevops/customize.md index ae6e57cd38e..a1a12ccd451 100644 --- a/doc/topics/autodevops/customize.md +++ b/doc/topics/autodevops/customize.md @@ -244,8 +244,8 @@ include: See the [Auto DevOps template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml) for information on available jobs. WARNING: -Auto DevOps templates using the [`only`](../../ci/yaml/README.md#onlyexcept-basic) or -[`except`](../../ci/yaml/README.md#onlyexcept-basic) syntax have switched +Auto DevOps templates using the [`only`](../../ci/yaml/README.md#only--except) or +[`except`](../../ci/yaml/README.md#only--except) syntax have switched to the [`rules`](../../ci/yaml/README.md#rules) syntax, starting in [GitLab 13.0](https://gitlab.com/gitlab-org/gitlab/-/issues/213336). If your `.gitlab-ci.yml` extends these Auto DevOps templates and override the `only` or @@ -387,6 +387,8 @@ The following table lists variables used to disable jobs. |----------------------------------------|---------------------------------|-----------------------|-----------------| | `.fuzz_base` | `COVFUZZ_DISABLED` | [From GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/34984) | [Read more](../../user/application_security/coverage_fuzzing/) about how `.fuzz_base` provide capability for your own jobs. If the variable is present, your jobs aren't created. | | `apifuzzer_fuzz` | `API_FUZZING_DISABLED` | [From GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39135) | If the variable is present, the job isn't created. | +| `build` | `BUILD_DISABLED` | | If the variable is present, the job isn't created. | +| `build_artifact` | `BUILD_DISABLED` | | If the variable is present, the job isn't created. | | `bandit-sast` | `SAST_DISABLED` | | If the variable is present, the job isn't created. | | `brakeman-sast` | `SAST_DISABLED` | | If the variable is present, the job isn't created. | | `bundler-audit-dependency_scanning` | `DEPENDENCY_SCANNING_DISABLED` | | If the variable is present, the job isn't created. | diff --git a/doc/topics/autodevops/stages.md b/doc/topics/autodevops/stages.md index 97edc9adc06..66b37f30bbc 100644 --- a/doc/topics/autodevops/stages.md +++ b/doc/topics/autodevops/stages.md @@ -208,9 +208,9 @@ documentation. ## Auto Container Scanning **(ULTIMATE)** -Vulnerability Static Analysis for containers uses [Clair](https://github.com/quay/clair) -to check for potential security issues on Docker images. The Auto Container Scanning -stage is skipped on licenses other than [Ultimate](https://about.gitlab.com/pricing/). +Vulnerability Static Analysis for containers uses either [Clair](https://github.com/quay/clair) +or [Trivy](https://aquasecurity.github.io/trivy/latest/) to check for potential security issues in +Docker images. The Auto Container Scanning stage is skipped on licenses other than [Ultimate](https://about.gitlab.com/pricing/). After creating the report, it's uploaded as an artifact which you can later download and check out. The merge request displays any detected security issues. diff --git a/doc/topics/git/bisect.md b/doc/topics/git/bisect.md new file mode 100644 index 00000000000..8af77031c93 --- /dev/null +++ b/doc/topics/git/bisect.md @@ -0,0 +1,76 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# Bisect + +- Find a commit that introduced a bug +- Works through a process of elimination +- Specify a known good and bad revision to begin + +## Bisect sample workflow + +1. Start the bisect process +1. Enter the bad revision (usually latest commit) +1. Enter a known good revision (commit/branch) +1. Run code to see if bug still exists +1. Tell bisect the result +1. Repeat the previous 2 items until you find the offending commit + +## Setup + +```shell + mkdir bisect-ex + cd bisect-ex + touch index.html + git add -A + git commit -m "starting out" + vi index.html + # Add all good + git add -A + git commit -m "second commit" + vi index.html + # Add all good 2 + git add -A + git commit -m "third commit" + vi index.html +``` + +```shell + # Add all good 3 + git add -A + git commit -m "fourth commit" + vi index.html + # This looks bad + git add -A + git commit -m "fifth commit" + vi index.html + # Really bad + git add -A + git commit -m "sixth commit" + vi index.html + # again just bad + git add -A + git commit -m "seventh commit" +``` + +## Commands + +```shell + git bisect start + # Test your code + git bisect bad + git bisect next + # Say yes to the warning + # Test + git bisect good + # Test + git bisect bad + # Test + git bisect good + # done + git bisect reset +``` diff --git a/doc/topics/git/feature_branching.md b/doc/topics/git/feature_branching.md new file mode 100644 index 00000000000..f6233bddb18 --- /dev/null +++ b/doc/topics/git/feature_branching.md @@ -0,0 +1,31 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# Feature branching + +- Efficient parallel workflow for teams +- Develop each feature in a branch +- Keeps changes isolated +- Consider a 1-to-1 link to issues +- Push branches to the server frequently + - Hint: This is a cheap backup for your work-in-progress code + +## Feature branching sample workflow + +1. Create a new feature branch called 'squash_some_bugs' +1. Edit '`bugs.rb`' and remove all the bugs. +1. Commit +1. Push + +```shell +git checkout -b squash_some_bugs +# Edit `bugs.rb` +git status +git add bugs.rb +git commit -m 'Fix some buggy code' +git push origin squash_some_bugs +``` diff --git a/doc/topics/git/getting_started.md b/doc/topics/git/getting_started.md new file mode 100644 index 00000000000..2c3d5fe15de --- /dev/null +++ b/doc/topics/git/getting_started.md @@ -0,0 +1,86 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# Getting Started + +## Instantiating Repositories + +- Create a new repository by instantiating it through: + + ```shell + git init + ``` + +- Copy an existing project by cloning the repository through: + + ```shell + git clone <url> + ``` + +## Central Repositories + +- To instantiate a central repository a `--bare` flag is required. +- Bare repositories don't allow file editing or committing changes. +- Create a bare repository with: + + ```shell + git init --bare project-name.git + ``` + +## Instantiate workflow with clone + +1. Create a project in your user namespace. + - Choose to import from **Any Repository by URL** and use <https://gitlab.com/gitlab-org/training-examples.git>. +1. Create a '`Workspace`' directory in your home directory. +1. Clone the '`training-examples`' project. + +```shell +mkdir ~/workspace +cd ~/workspace + +git clone git@gitlab.example.com:<username>/training-examples.git +cd training-examples +``` + +## Git concepts + +**Untracked files** + +New files that Git has not been told to track previously. + +**Working area** + +Files that have been modified but are not committed. + +**Staging area** + +Modified files that have been marked to go in the next commit. + +## Committing Workflow + +1. Edit '`edit_this_file.rb`' in '`training-examples`' +1. See it listed as a changed file (working area) +1. View the differences +1. Stage the file +1. Commit +1. Push the commit to the remote +1. View the Git log + +```shell +# Edit `edit_this_file.rb` +git status +git diff +git add <file> +git commit -m 'My change' +git push origin master +git log +``` + +## Note + +- `git fetch` vs `git pull` +- Pull is `git fetch` + `git merge` diff --git a/doc/topics/git/git_add.md b/doc/topics/git/git_add.md new file mode 100644 index 00000000000..d136b9151bc --- /dev/null +++ b/doc/topics/git/git_add.md @@ -0,0 +1,40 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# Git Add + +Adds content to the index or staging area. + +- Adds a list of file: + + ```shell + git add <files> + ``` + +- Adds all files including deleted ones: + + ```shell + git add -A + ``` + +- Add all text files in current dir: + + ```shell + git add *.txt + ``` + +- Add all text file in the project: + + ```shell + git add "*.txt*" + ``` + +- Adds all files in directory: + + ```shell + git add views/layouts/ + ``` diff --git a/doc/topics/git/git_log.md b/doc/topics/git/git_log.md new file mode 100644 index 00000000000..ae4ae69ce76 --- /dev/null +++ b/doc/topics/git/git_log.md @@ -0,0 +1,60 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# Git Log + +Git log lists commit history. It allows searching and filtering. + +- Initiate log: + + ```shell + git log + ``` + +- Retrieve set number of records: + + ```shell + git log -n 2 + ``` + +- Search commits by author. Allows user name or a regular expression. + + ```shell + git log --author="user_name" + ``` + +- Search by comment message: + + ```shell + git log --grep="<pattern>" + ``` + +- Search by date: + + ```shell + git log --since=1.month.ago --until=3.weeks.ago + ``` + +## Git Log Workflow + +1. Change to workspace directory +1. Clone the multi runner projects +1. Change to project dir +1. Search by author +1. Search by date +1. Combine + +## Commands + +```shell +cd ~/workspace +git clone git@gitlab.com:gitlab-org/gitlab-runner.git +cd gitlab-runner +git log --author="Travis" +git log --since=1.month.ago --until=3.weeks.ago +git log --since=1.month.ago --until=1.day.ago --author="Travis" +``` diff --git a/doc/topics/git/git_rebase.md b/doc/topics/git/git_rebase.md index bf77ba3272c..78303d24a20 100644 --- a/doc/topics/git/git_rebase.md +++ b/doc/topics/git/git_rebase.md @@ -175,7 +175,7 @@ a macOS's `ZSH` shell, and you want to **squash** all the three commits Note that the steps for editing through the command line can be slightly different depending on your operating system and the shell you're using. -See [Numerous undo possibilities in Git](numerous_undo_possibilities_in_git/index.md#with-history-modification) +See [Numerous undo possibilities in Git](numerous_undo_possibilities_in_git/index.md#undo-staged-local-changes-without-modifying-history) for a deeper look into interactive rebase. ## Force-push diff --git a/doc/topics/git/index.md b/doc/topics/git/index.md index 2c28bdcb0ed..21775044301 100644 --- a/doc/topics/git/index.md +++ b/doc/topics/git/index.md @@ -39,7 +39,7 @@ The following resources can help you get started with Git: - [Squashing commits](../gitlab_flow.md#squashing-commits-with-rebase) - [Squash-and-merge](../../user/project/merge_requests/squash_and_merge.md) - [Signing commits](../../user/project/repository/gpg_signed_commits/index.md) -- [Git stash](../../university/training/topics/stash.md) +- [Git stash](stash.md) - [Git file blame](../../user/project/repository/git_blame.md) - [Git file history](../../user/project/repository/git_history.md) - [Git tags](tags.md) @@ -48,12 +48,27 @@ The following resources can help you get started with Git: The following are resources on version control concepts: -- [Git concepts](../../university/training/user_training.md#git-concepts) - [Why Git is Worth the Learning Curve](https://about.gitlab.com/blog/2017/05/17/learning-curve-is-the-biggest-challenge-developers-face-with-git/) - [The future of SaaS hosted Git repository pricing](https://about.gitlab.com/blog/2016/05/11/git-repository-pricing/) - [Git website on version control](https://git-scm.com/book/en/v2/Getting-Started-About-Version-Control) - [GitLab University presentation about Version Control](https://docs.google.com/presentation/d/16sX7hUrCZyOFbpvnrAFrg6tVO5_yT98IgdAqOmXwBho/edit?usp=sharing) +### Work with Git on the command line + +You can do many Git tasks from the command line: + +- [Bisect](bisect.md). +- [Cherry pick](cherry_picking.md). +- [Feature branching](feature_branching.md). +- [Getting started with Git](getting_started.md). +- [Git add](git_add.md). +- [Git log](git_log.md). +- [Git stash](stash.md). +- [Merge conflicts](merge_conflicts.md). +- [Rollback commits](rollback_commits.md). +- [Subtree](subtree.md). +- [Unstage](unstage.md). + ## Git tips The following resources may help you become more efficient at using Git: @@ -100,6 +115,5 @@ The following relate to Git Large File Storage: - [Migrate an existing Git repository with Git LFS](lfs/migrate_to_git_lfs.md) - [Removing objects from LFS](lfs/index.md#removing-objects-from-lfs) - [GitLab Git LFS user documentation](lfs/index.md) -- [GitLab Git LFS admin documentation](../../administration/lfs/index.md) -- [Git Annex to Git LFS migration guide](lfs/migrate_from_git_annex_to_git_lfs.md) +- [GitLab Git LFS administrator documentation](../../administration/lfs/index.md) - [Towards a production quality open source Git LFS server](https://about.gitlab.com/blog/2015/08/13/towards-a-production-quality-open-source-git-lfs-server/) diff --git a/doc/topics/git/lfs/img/git-annex-branches.png b/doc/topics/git/lfs/img/git-annex-branches.png Binary files differdeleted file mode 100644 index 3d614f68177..00000000000 --- a/doc/topics/git/lfs/img/git-annex-branches.png +++ /dev/null diff --git a/doc/topics/git/lfs/migrate_from_git_annex_to_git_lfs.md b/doc/topics/git/lfs/migrate_from_git_annex_to_git_lfs.md index 3b3f1c0b46f..741b2a78b85 100644 --- a/doc/topics/git/lfs/migrate_from_git_annex_to_git_lfs.md +++ b/doc/topics/git/lfs/migrate_from_git_annex_to_git_lfs.md @@ -1,248 +1,8 @@ --- -stage: Create -group: Source Code -info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" -type: reference, howto +redirect_to: 'index.md' --- -# Migration guide from Git Annex to Git LFS **(FREE)** +This document was moved to [another location](index.md). -WARNING: -Git Annex support [has been removed](https://gitlab.com/gitlab-org/gitlab/-/issues/1648) in GitLab Enterprise -Edition 9.0 (2017/03/22). - -Both [Git Annex](http://git-annex.branchable.com/) and [Git LFS](https://git-lfs.github.com/) are tools to manage large files in Git. - -## History - -Git Annex [was introduced in GitLab Enterprise Edition 7.8](https://about.gitlab.com/blog/2015/02/17/gitlab-annex-solves-the-problem-of-versioning-large-binaries-with-git/), at a time -where Git LFS didn't yet exist. A few months later, GitLab brought support for -Git LFS in [GitLab 8.2](https://about.gitlab.com/blog/2015/11/23/announcing-git-lfs-support-in-gitlab/) and is available for both Community and -Enterprise editions. - -## Differences between Git Annex and Git LFS - -Some items below are general differences between the two protocols and some are -ones that GitLab developed. - -- Git Annex works only through SSH, whereas Git LFS works both with SSH and HTTPS - (SSH support was added in GitLab 8.12). -- Annex files are stored in a sub-directory of the normal repositories, whereas - LFS files are stored outside of the repositories in a place you can define. -- Git Annex requires a more complex setup, but has much more options than Git - LFS. You can compare the commands each one offers by running `man git-annex` - and `man git-lfs`. -- Annex files cannot be browsed directly in the GitLab interface, whereas LFS - files can. - -## Migration steps - -Git Annex files are stored in a sub-directory of the normal repositories -(`.git/annex/objects`) and LFS files are stored outside of the repositories. -The two aren't compatible as they are using a different scheme. Therefore, the -migration has to be done manually per repository. - -There are basically two steps you need to take in order to migrate from Git -Annex to Git LFS. - -### TL; DR - -If you know what you are doing and want to skip the reading, this is what you -need to do (we assume you have [git-annex enabled](../../../administration/git_annex.md#using-gitlab-git-annex) in your -repository and that you have made backups in case something goes wrong). -Fire up a terminal, navigate to your Git repository and: - -1. Disable `git-annex`: - - ```shell - git annex sync --content - git annex direct - git annex uninit - git annex indirect - ``` - -1. Enable `git-lfs`: - - ```shell - git lfs install - git lfs track <files> - git add . - git commit -m "commit message" - git push - ``` - -### Disabling Git Annex in your repository - -Before changing anything, make sure you have a backup of your repository first. -There are a couple of ways to do that, but you can clone it to another -local path and maybe push it to GitLab if you want a remote backup as well. -A guide on -[how to back up a **git-annex** repository to an external hard drive](https://www.thomas-krenn.com/en/wiki/Git-annex_Repository_on_an_External_Hard_Drive) is also available. - -Because Annex files are stored as objects with symlinks and cannot be directly -modified, we need to first remove those symlinks. - -NOTE: -Make sure the you read about the [`direct` mode](https://git-annex.branchable.com/direct_mode/) as it contains -information that may fit in your use case. The `annex direct` command is -deprecated in Git Annex version 6, so you may need to upgrade your repository -if the server also has Git Annex 6 installed. Read more in the -[Git Annex troubleshooting tips](../../../administration/git_annex.md#troubleshooting-tips) section. - -1. Backup your repository - - ```shell - cd repository - git annex sync --content - cd .. - git clone repository repository-backup - cd repository-backup - git annex get - cd .. - ``` - -1. Use `annex direct`: - - ```shell - cd repository - git annex direct - ``` - - The output should be similar to this: - - ```shell - commit - On branch master - Your branch is up-to-date with 'origin/master'. - nothing to commit, working tree clean - ok - direct debian.iso ok - direct ok - ``` - -1. Disable Git Annex with [`annex uninit`](https://git-annex.branchable.com/git-annex-uninit/): - - ```shell - git annex uninit - ``` - - The output should be similar to this: - - ```shell - unannex debian.iso ok - Deleted branch git-annex (was 2534d2c). - ``` - - This command runs `unannex` on every file in the repository, leaving the original files. - -1. Switch back to `indirect` mode: - - ```shell - git annex indirect - ``` - - The output should be similar to this: - - ```shell - (merging origin/git-annex into git-annex...) - (recording state in git...) - commit (recording state in git...) - - ok - (recording state in git...) - [master fac3194] commit before switching to indirect mode - 1 file changed, 1 deletion(-) - delete mode 120000 alpine-virt-3.4.4-x86_64.iso - ok - indirect ok - ok - ``` - ---- - -At this point, you have two options. Either add, commit and push the files -directly back to GitLab or switch to Git LFS. The LFS switch is described in -the next section. - -### Enabling Git LFS in your repository - -Git LFS is enabled by default on all GitLab products (GitLab CE, GitLab EE, -GitLab.com), therefore, you don't need to do anything server-side. - -1. First, make sure you have `git-lfs` installed locally: - - ```shell - git lfs help - ``` - - If the terminal doesn't prompt you with a full response on `git-lfs` commands, - [install the Git LFS client](https://git-lfs.github.com/) first. - -1. Inside the repository, run the following command to initiate LFS: - - ```shell - git lfs install - ``` - -1. Enable `git-lfs` for the group of files you want to track. You - can track specific files, all files containing the same extension, or an - entire directory: - - ```shell - git lfs track images/01.png # per file - git lfs track **/*.png # per extension - git lfs track images/ # per directory - ``` - - After this, run `git status` to see the `.gitattributes` added - to your repository. It collects all file patterns that you chose to track via - `git-lfs`. - -1. Add the files, commit and push them to GitLab: - - ```shell - git add . - git commit -m "commit message" - git push - ``` - - If your remote is set up with HTTP, you are asked to enter your login - credentials. If you have [2FA enabled](../../../user/profile/account/two_factor_authentication.md), make sure to use a - [personal access token](../../../user/profile/account/two_factor_authentication.md#personal-access-tokens) - instead of your password. - -## Removing the Git Annex branches - -After the migration finishes successfully, you can remove all `git-annex` -related branches from your repository. - -On GitLab, navigate to your project's **Repository > Branches** and delete all -branches created by Git Annex: `git-annex`, and all under `synced/`. - - - -You can also do this on the command line with: - -```shell -git branch -d synced/master -git branch -d synced/git-annex -git push origin :synced/master -git push origin :synced/git-annex -git push origin :git-annex -git remote prune origin -``` - -If there are still some Annex objects inside your repository (`.git/annex/`) -or references inside `.git/config`, run `annex uninit` again: - -```shell -git annex uninit -``` - -## Further Reading - -- (Blog Post) [Getting Started with Git FLS](https://about.gitlab.com/blog/2017/01/30/getting-started-with-git-lfs-tutorial/) -- (Blog Post) [Announcing LFS Support in GitLab](https://about.gitlab.com/blog/2015/11/23/announcing-git-lfs-support-in-gitlab/) -- (Blog Post) [GitLab Annex Solves the Problem of Versioning Large Binaries with Git](https://about.gitlab.com/blog/2015/02/17/gitlab-annex-solves-the-problem-of-versioning-large-binaries-with-git/) -- [Git Annex](../../../administration/git_annex.md) -- [Git LFS](index.md) +<!-- This redirect file can be deleted after <2021-07-22>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/topics/git/lfs/migrate_to_git_lfs.md b/doc/topics/git/lfs/migrate_to_git_lfs.md index 98c7e59154e..3f8e0575add 100644 --- a/doc/topics/git/lfs/migrate_to_git_lfs.md +++ b/doc/topics/git/lfs/migrate_to_git_lfs.md @@ -174,7 +174,6 @@ but commented out to help encourage others to add to it in the future. --> ## References - [Getting Started with Git LFS](https://about.gitlab.com/blog/2017/01/30/getting-started-with-git-lfs-tutorial/) -- [Migrate from Git Annex to Git LFS](migrate_from_git_annex_to_git_lfs.md) - [GitLab Git LFS user documentation](index.md) - [GitLab Git LFS administrator documentation](../../../administration/lfs/index.md) - Alternative method to [migrate an existing repository to Git LFS](https://github.com/git-lfs/git-lfs/wiki/Tutorial#migrating-existing-repository-data-to-lfs) diff --git a/doc/topics/git/merge_conflicts.md b/doc/topics/git/merge_conflicts.md new file mode 100644 index 00000000000..66771559298 --- /dev/null +++ b/doc/topics/git/merge_conflicts.md @@ -0,0 +1,69 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# Merge conflicts + +- Happen often +- Learning to fix conflicts is hard +- Practice makes perfect +- Force push after fixing conflicts. Be careful! + +## Merge conflicts sample workflow + +1. Checkout a new branch and edit `conflicts.rb`. Add 'Line4' and 'Line5'. +1. Commit and push. +1. Checkout master and edit `conflicts.rb`. Add 'Line6' and 'Line7' below 'Line3'. +1. Commit and push to master. +1. Create a merge request and watch it fail. +1. Rebase our new branch with master. +1. Fix conflicts on the `conflicts.rb` file. +1. Stage the file and continue rebasing. +1. Force push the changes. +1. Finally continue with the Merge Request. + +```shell +git checkout -b conflicts_branch + +# vi conflicts.rb +# Add 'Line4' and 'Line5' + +git commit -am "add line4 and line5" +git push origin conflicts_branch + +git checkout master + +# vi conflicts.rb +# Add 'Line6' and 'Line7' +git commit -am "add line6 and line7" +git push origin master +``` + +Create a merge request on the GitLab web UI, and a conflict warning displays. + +```shell +git checkout conflicts_branch +git fetch +git rebase master + +# Fix conflicts by editing the files. + +git add conflicts.rb +# No need to commit this file + +git rebase --continue + +# Remember that we have rewritten our commit history so we +# need to force push so that our remote branch is restructured +git push origin conflicts_branch -f +``` + +## Note + +- When to use `git merge` and when to use `git rebase` +- Rebase when updating your branch with master +- Merge when bringing changes from feature to master +- Reference: <https://www.atlassian.com/git/tutorials/merging-vs-rebasing> diff --git a/doc/topics/git/merge_requests.md b/doc/topics/git/merge_requests.md new file mode 100644 index 00000000000..751bf8195d0 --- /dev/null +++ b/doc/topics/git/merge_requests.md @@ -0,0 +1,8 @@ +--- +redirect_to: '../../user/project/merge_requests/index.md' +--- + +This document was moved to [another location](../../user/project/merge_requests/index.md). + +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/topics/git/numerous_undo_possibilities_in_git/img/branching.png b/doc/topics/git/numerous_undo_possibilities_in_git/img/branching.png Binary files differdeleted file mode 100644 index d8dc9fc8097..00000000000 --- a/doc/topics/git/numerous_undo_possibilities_in_git/img/branching.png +++ /dev/null diff --git a/doc/topics/git/numerous_undo_possibilities_in_git/index.md b/doc/topics/git/numerous_undo_possibilities_in_git/index.md index eba471882f1..b151ddfff71 100644 --- a/doc/topics/git/numerous_undo_possibilities_in_git/index.md +++ b/doc/topics/git/numerous_undo_possibilities_in_git/index.md @@ -5,289 +5,215 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: howto --- -# Numerous undo possibilities in Git **(FREE)** +# Undo possibilities in Git **(FREE)** -This tutorial shows you different ways of undoing your work in Git. -We assume you have a basic working knowledge of Git. Check the GitLab -[Git documentation](../index.md) for reference. +[Nothing in Git is deleted](https://git-scm.com/book/en/v2/Git-Internals-Maintenance-and-Data-Recovery), +so when you work in Git, you can undo your work. -We only provide some general information about the commands to get you started. -For more advanced examples, refer to the [Git book](https://git-scm.com/book/en/v2). +All version control systems have options for undoing work. However, +because of the de-centralized nature of Git, these options are multiplied. +The actions you take are based on the +[stage of development](https://git-scm.com/book/en/v2/Git-Basics-Recording-Changes-to-the-Repository) +you are in. -A few different techniques exist to undo your changes, based on the stage -of the change in your current development. Remember that -[nothing in Git is really deleted](https://git-scm.com/book/en/v2/Git-Internals-Maintenance-and-Data-Recovery). -Until Git cleans detached commits - commits that cannot be accessed by branch or tag - -you can view them with `git reflog` command, and access them with direct commit ID. -Read more about [redoing the undo](#redoing-the-undo) in the section below. +For more information about working with Git and GitLab: -> For more information about working with Git and GitLab: -> -> - <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Learn why [North Western Mutual chose GitLab](https://youtu.be/kPNMyxKRRoM) for their Enterprise source code management. -> - Learn how to [get started with Git](https://about.gitlab.com/resources/whitepaper-moving-to-git/). +- <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Learn why [North Western Mutual chose GitLab](https://youtu.be/kPNMyxKRRoM) for their enterprise source code management. +- Learn how to [get started with Git](https://about.gitlab.com/resources/whitepaper-moving-to-git/). +- For more advanced examples, refer to the [Git book](https://git-scm.com/book/en/v2). -## Introduction +## When you can undo changes -This guide is organized depending on the [stage of development](https://git-scm.com/book/en/v2/Git-Basics-Recording-Changes-to-the-Repository): +In the standard Git workflow: -- Where do you want to undo your changes from? -- Were they shared with other developers? +1. You create or edit a file. It starts in the unstaged state. If it's new, it is not yet tracked by Git. +1. You add the file to your local repository (`git add`), which puts the file into the staged state. +1. You commit the file to your local repository (`git commit`). +1. You can then share the file with other developers, by committing to a remote repository (`git push`). -Because Git tracks changes, a created or edited file is in the unstaged state -(if created it is untracked by Git). After you add it to a repository (`git add`) you put -a file into the **staged** state, which is then committed (`git commit`) to your -local repository. After that, file can be shared with other developers (`git push`). -This tutorial covers: +You can undo changes at any point in this workflow: -- [Undo local changes](#undo-local-changes) which were not pushed to a remote repository: - - - Before you commit, in both unstaged and staged state. - - After you committed. - -- Undo changes after they are pushed to a remote repository: - - - [Without history modification](#undo-remote-changes-without-changing-history) (preferred way). - - [With history modification](#undo-remote-changes-with-modifying-history) (requires +- [When you're working locally](#undo-local-changes) and haven't yet pushed to a remote repository. +- When you have already pushed to a remote repository and you want to: + - [Keep the history intact](#undo-remote-changes-without-changing-history) (preferred). + - [Change the history](#undo-remote-changes-with-modifying-history) (requires coordination with team and force pushes). - - [Use cases when modifying history is generally acceptable](#where-modifying-history-is-generally-acceptable). - - [How to modify history](#how-modifying-history-is-done). - - [How to remove sensitive information from repository](#deleting-sensitive-information-from-commits). -### Branching strategy +## Undo local changes -[Git](https://git-scm.com/) is a de-centralized version control system. Beside regular -versioning of the whole repository, it has possibilities to exchange changes -with other repositories. +Until you push your changes to a remote repository, changes +you make in Git are only in your local development environment. -To avoid chaos with -[multiple sources of truth](https://git-scm.com/about/distributed), various -development workflows have to be followed. It depends on your internal -workflow how certain changes or commits can be undone or changed. +### Undo unstaged local changes -[GitLab Flow](https://about.gitlab.com/topics/version-control/what-is-gitlab-flow/) provides a good -balance between developers clashing with each other while -developing the same feature and cooperating seamlessly. However, it does not enable -joined development of the same feature by multiple developers by default. +When you make a change, but have not yet staged it, you can undo your work. -When multiple developers develop the same feature on the same branch, clashing -with every synchronization is unavoidable. However, a proper or chosen Git Workflow -prevents lost or out-of-sync data when the feature is complete. +1. Confirm that the file is unstaged (that you did not use `git add <file>`) by running `git status`: -You can also -read through this blog post on [Git Tips & Tricks](https://about.gitlab.com/blog/2016/12/08/git-tips-and-tricks/) -to learn how to do things in Git. + ```shell + $ git status + On branch main + Your branch is up-to-date with 'origin/main'. + Changes not staged for commit: + (use "git add <file>..." to update what will be committed) + (use "git checkout -- <file>..." to discard changes in working directory) -## Undo local changes + modified: <file> + no changes added to commit (use "git add" and/or "git commit -a") + ``` -Until you push your changes to any remote repository, they only affect you. -That broadens your options on how to handle undoing them. Still, local changes -can be on various stages and each stage has a different approach on how to tackle them. +1. Choose an option and undo your changes: -### Unstaged local changes (before you commit) + - To overwrite local changes: -When a change is made, but not added to the staged tree, Git -proposes a solution to discard changes to the file. + ```shell + git checkout -- <file> + ``` -Suppose you edited a file to change the content using your favorite editor: + - To save local changes so you can [re-use them later](#quickly-save-local-changes): -```shell -vim <file> -``` + ```shell + git stash + ``` -Because you did not `git add <file>` to staging, it should be under unstaged files (or -untracked if file was created). You can confirm that with: + - To discard local changes to all files, permanently: -```shell -$ git status -On branch master -Your branch is up-to-date with 'origin/master'. -Changes not staged for commit: - (use "git add <file>..." to update what will be committed) - (use "git checkout -- <file>..." to discard changes in working directory) - - modified: <file> -no changes added to commit (use "git add" and/or "git commit -a") -``` + ```shell + git reset --hard + ``` -At this point there are 3 options to undo the local changes you have: +### Undo staged local changes -- Discard all local changes, but save them for possible re-use [later](#quickly-save-local-changes): +If you added a file to staging, you can undo it. - ```shell - git stash - ``` +1. Confirm that the file is staged (that you used `git add <file>`) by running `git status`: -- Discarding local changes (permanently) to a file: + ```shell + $ git status + On branch main + Your branch is up-to-date with 'origin/main'. + Changes to be committed: + (use "git restore --staged <file>..." to unstage) - ```shell - git checkout -- <file> - ``` + new file: <file> + ``` -- Discard all local changes to all files permanently: +1. Choose an option and undo your changes: - ```shell - git reset --hard - ``` + - To unstage the file but keep your changes: -Before executing `git reset --hard`, keep in mind that there is also a way to -just temporary store the changes without committing them using `git stash`. -This command resets the changes to all files, but it also saves them in case -you would like to apply them at some later time. You can read more about it in -[section below](#quickly-save-local-changes). + ```shell + git restore --staged <file> + ``` -### Quickly save local changes + - To unstage everything but keep your changes: -You are working on a feature when a boss drops by with an urgent task. Because your -feature is not complete, but you need to swap to another branch, you can use -`git stash` to: + ```shell + git reset + ``` -- Save what you have done. -- Swap to another branch. -- Commit, push, and test. -- Return to the feature branch. -- Run `git stash pop`. -- Resume your work. + - To unstage the file to current commit (HEAD): -The example above shows that discarding all changes is not always a preferred option. -However, Git provides a way to save them for later, while resetting the repository to state without -them. This is achieved by Git stashing command `git stash`, which in fact saves your -current work and runs `git reset --hard`, but it also has various -additional options like: + ```shell + git reset HEAD <file> + ``` -- `git stash save`, which enables including temporary commit message, which helps you identify changes, among with other options -- `git stash list`, which lists all previously stashed commits (yes, there can be more) that were not `pop`ed -- `git stash pop`, which redoes previously stashed changes and removes them from stashed list -- `git stash apply`, which redoes previously stashed changes, but keeps them on stashed list + - To discard all local changes, but save them for [later](#quickly-save-local-changes): -### Staged local changes (before you commit) + ```shell + git stash + ``` -If you add some files to staging, but you want to remove them from the -current commit while retaining those changes, move them outside -of the staging tree. You can also discard all changes with -`git reset --hard` or think about `git stash` [as described earlier.](#quickly-save-local-changes) + - To discard everything permanently: -Lets start the example by editing a file with your favorite editor to change the -content and add it to staging: + ```shell + git reset --hard + ``` -```shell -vim <file> -git add <file> -``` - -The file is now added to staging as confirmed by `git status` command: - -```shell -$ git status -On branch master -Your branch is up-to-date with 'origin/master'. -Changes to be committed: - (use "git reset HEAD <file>..." to unstage) - - new file: <file> -``` +### Quickly save local changes -Now you have 4 options to undo your changes: +If you want to change to another branch, you can use [`git stash`](https://www.git-scm.com/docs/git-stash). -- Unstage the file to current commit (HEAD): +1. From the branch where you want to save your work, type `git stash`. +1. Swap to another branch (`git checkout <branchname>`). +1. Commit, push, and test. +1. Return to the branch where you want to resume your changes. +1. Use `git stash list` to list all previously stashed commits. +1. Run a version of `git stash`: - ```shell - git reset HEAD <file> - ``` + - Use `git stash pop` to redo previously stashed changes and remove them from stashed list. + - Use `git stash apply` to redo previously stashed changes, but keep them on stashed list. -- Unstage everything - retain changes: +## Undo committed local changes - ```shell - git reset - ``` +When you commit to your local repository (`git commit`), the version control system records +your changes. Because you did not push to a remote repository yet, your changes are +not public (or shared with other developers). At this point, you can undo your changes. -- Discard all local changes, but save them for [later](#quickly-save-local-changes): +### Undo staged local changes without modifying history - ```shell - git stash - ``` +You can revert a commit while retaining the commit history. -- Discard everything permanently: +This example uses five commits `A`,`B`,`C`,`D`,`E`, which were committed in order: `A-B-C-D-E`. +The commit you want to undo is `B`. - ```shell - git reset --hard - ``` +1. Find the commit SHA of the commit you want to revert to. To look + through a log of commits, type `git log`. +1. Choose an option and undo your changes: -## Committed local changes + - To swap additions and deletions changes introduced by commit `B`: -After you commit, your changes are recorded by the version control system. -Because you haven't pushed to your remote repository yet, your changes are -still not public (or shared with other developers). At this point, undoing -things is a lot easier, we have quite some workaround options. After you push -your code, you have fewer options to troubleshoot your work. + ```shell + git revert <commit-B-SHA> + ``` -### Without modifying history + - To undo changes on a single file or directory from commit `B`, but retain them in the staged state: -Through the development process some of the previously committed changes do not -fit anymore in the end solution, or are source of the bugs. After you find the -commit which triggered bug, or identify a faulty commit, you can -revert it with `git revert commit-id`. + ```shell + git checkout <commit-B-SHA> <file> + ``` -This command inverts (swaps) the additions and -deletions in that commit, so that it does not modify history. Retaining history -can be helpful in future to notice that some changes have been tried -unsuccessfully in the past. + - To undo changes on a single file or directory from commit `B`, but retain them in the unstaged state: -In our example we assume there are commits `A`,`B`,`C`,`D`,`E` committed in this order: `A-B-C-D-E`, -and `B` is the commit you want to undo. There are many different ways to identify commit -`B` as bad. One of them is to pass a range to `git bisect` command. The provided range includes -last known good commit (we assume `A`) and first known bad commit where the bug was detected (we assume `E`). + ```shell + git reset <commit-B-SHA> <file> + ``` -```shell -git bisect A..E -``` +#### Undo multiple committed changes -Bisect provides us with commit ID of the middle commit to test, and then guide us -through the bisection process. You can read more about it [in official Git Tools](https://git-scm.com/book/en/v2/Git-Tools-Debugging-with-Git) -Our example results in commit `B`, which introduced the bug/error. We have -these options to remove all or part of it from our repository: +You can recover from multiple commits. For example, if you have done commits `A-B-C-D` +on your feature branch and then realize that `C` and `D` are wrong. -- Undo (swap additions and deletions) changes introduced by commit `B`: +To recover from multiple incorrect commits: - ```shell - git revert commit-B-id - ``` +1. Check out the last correct commit. In this example, `B`. -- Undo changes on a single file or directory from commit `B`, but retain them in the staged state: + ```shell + git checkout <commit-B-SHA> + ``` - ```shell - git checkout commit-B-id <file> - ``` +1. Create a new branch. -- Undo changes on a single file or directory from commit `B`, but retain them in the unstaged state: + ```shell + git checkout -b new-path-of-feature + ``` - ```shell - git reset commit-B-id <file> - ``` +1. Add, push, and commit your changes. -- There is one command we also must not forget: **creating a new branch** - from the point where changes are not applicable or where the development has hit a - dead end. For example you have done commits `A-B-C-D` on your feature branch - and then you figure `C` and `D` are wrong. +The commits are now `A-B-C-D-E`. - At this point you either reset to `B` - and do commit `F` (which causes problems with pushing and if forced pushed also with other developers) - because the branch now looks `A-B-F`, which clashes with what other developers have locally (you will - [change history](#with-history-modification)), or you checkout commit `B` create - a new branch and do commit `F`. In the last case, everyone else can still do their work while you - have your new way to get it right and merge it back in later. Alternatively, with GitLab, - you can [cherry-pick](../../../user/project/merge_requests/cherry_pick_changes.md#cherry-picking-a-commit) - that commit into a new merge request. +Alternatively, with GitLab, +you can [cherry-pick](../../../user/project/merge_requests/cherry_pick_changes.md#cherry-picking-a-commit) +that commit into a new merge request. -  +NOTE: +Another solution is to reset to `B` and commit `E`. However, this solution results in `A-B-E`, +which clashes with what other developers have locally. - ```shell - git checkout commit-B-id - git checkout -b new-path-of-feature - # Create <commit F> - git commit -a - ``` +### Undo staged local changes with history modification -### With history modification +You can rewrite history in Git, but you should avoid it, because it can cause problems +when multiple developers are contributing to the same codebase. There is one command for history modification and that is `git rebase`. Command provides interactive mode (`-i` flag) which enables you to: @@ -335,7 +261,7 @@ In case you want to modify something introduced in commit `B`. You can find some more examples in the section explaining [how to modify history](#how-modifying-history-is-done). -### Redoing the Undo +### Redoing the undo Sometimes you realize that the changes you undid were useful and you want them back. Well because of first paragraph you are in luck. Command `git reflog` @@ -379,7 +305,7 @@ it also provides a clear timeline and development structure.  -If you want to revert changes introduced in certain `commit-id`, you can +If you want to revert changes introduced in certain `commit-id`, you can revert that `commit-id` (swap additions and deletions) in newly created commit: You can do this with @@ -501,14 +427,6 @@ feature set as `git filter-branch` does, but focus on specific use cases. Refer [Reduce repository size](../../../user/project/repository/reducing_the_repo_size_using_git.md) page to know more about purging files from repository history & GitLab storage. -## Conclusion - -Various options exist for undoing your work with any version control system, but -because of the de-centralized nature of Git, these options are multiplied (or limited) -depending on the stage of your process. Git also enables rewriting history, but that -should be avoided as it might cause problems when multiple developers are -contributing to the same codebase. - <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/topics/git/rollback_commits.md b/doc/topics/git/rollback_commits.md new file mode 100644 index 00000000000..34c2d9687bb --- /dev/null +++ b/doc/topics/git/rollback_commits.md @@ -0,0 +1,81 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# Rollback Commits + +## Undo Commits + +- Undo last commit putting everything back into the staging area: + + ```shell + git reset --soft HEAD^ + ``` + +- Add files and change message with: + + ```shell + git commit --amend -m "New Message" + ``` + +- Undo last and remove changes: + + ```shell + git reset --hard HEAD^ + ``` + +- Same as last one but for two commits back: + + ```shell + git reset --hard HEAD^^ + ``` + +**Don't reset after pushing** + +## Reset Workflow + +1. Edit file again 'edit_this_file.rb' +1. Check status +1. Add and commit with wrong message +1. Check log +1. Amend commit +1. Check log +1. Soft reset +1. Check log +1. Pull for updates +1. Push changes + +## Commands + +```shell +# Change file edit_this_file.rb +git status +git commit -am "kjkfjkg" +git log +git commit --amend -m "New comment added" +git log +git reset --soft HEAD^ +git log +git pull origin master +git push origin master +``` + +## Note + +- `git revert` vs `git reset` +- Reset removes the commit while revert removes the changes but leaves the commit +- Revert is safer considering we can revert a revert + +```shell +# Changed file +git commit -am "bug introduced" +git revert HEAD +# New commit created reverting changes +# Now we want to re apply the reverted commit +git log # take hash from the revert commit +git revert <rev commit hash> +# reverted commit is back (new commit created again) +``` diff --git a/doc/topics/git/stash.md b/doc/topics/git/stash.md new file mode 100644 index 00000000000..051103e5f4b --- /dev/null +++ b/doc/topics/git/stash.md @@ -0,0 +1,82 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# Git Stash + +We use `git stash` to store our changes when they are not ready to be committed +and we need to change to a different branch. + +- Stash: + + ```shell + git stash save + # or + git stash + # or with a message + git stash save "this is a message to display on the list" + ``` + +- Apply stash to keep working on it: + + ```shell + git stash apply + # or apply a specific one from out stack + git stash apply stash@{3} + ``` + +- Every time we save a stash it gets stacked so by using `list` we can see all our + stashes. + + ```shell + git stash list + # or for more information (log methods) + git stash list --stat + ``` + +- To clean our stack we need to manually remove them: + + ```shell + # drop top stash + git stash drop + # or + git stash drop <name> + # to clear all history we can use + git stash clear + ``` + +- Apply and drop on one command: + + ```shell + git stash pop + ``` + +- If we meet conflicts we need to either reset or commit our changes. +- Conflicts through `pop` doesn't drop a stash afterwards. + +## Git Stash sample workflow + +1. Modify a file +1. Stage file +1. Stash it +1. View our stash list +1. Confirm no pending changes through status +1. Apply with pop +1. View list to confirm changes + +```shell +# Modify edit_this_file.rb file +git add . + +git stash save "Saving changes from edit this file" + +git stash list +git status + +git stash pop +git stash list +git status +``` diff --git a/doc/topics/git/subtree.md b/doc/topics/git/subtree.md new file mode 100644 index 00000000000..54461915a05 --- /dev/null +++ b/doc/topics/git/subtree.md @@ -0,0 +1,52 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# Subtree + +- Used when there are nested repositories. +- Not recommended when the amount of dependencies is too large. +- For these cases we need a dependency control system. +- Command are painfully long so aliases are necessary. + +## Subtree Aliases + +- Add: `git subtree add --prefix <target-folder> <url> <branch> --squash` +- Pull: `git subtree pull --prefix <target-folder> <url> <branch> --squash` +- Push: `git subtree add --prefix <target-folder> <url> <branch>` +- Ex: `git config alias.sbp 'subtree pull --prefix st / + git@gitlab.com:balameb/subtree-nested-example.git master --squash'` + +```shell + # Add an alias + # Add + git config alias.sba 'subtree add --prefix st / + git@gitlab.com:balameb/subtree-nested-example.git master --squash' + # Pull + git config alias.sbpl 'subtree pull --prefix st / + git@gitlab.com:balameb/subtree-nested-example.git master --squash' + # Push + git config alias.sbph 'subtree push --prefix st / + git@gitlab.com:balameb/subtree-nested-example.git master' + + # Adding this subtree adds a st dir with a readme + git sba + vi st/README.md + # Edit file + git status shows differences + +``` + +```shell + # Adding, or committing won't change the sub repo at remote + # even if we push + git add -A + git commit -m "Adding to subtree readme" + + # Push to subtree repo + git sbph + # now we can check our remote sub repo +``` diff --git a/doc/topics/git/unstage.md b/doc/topics/git/unstage.md new file mode 100644 index 00000000000..30d26854135 --- /dev/null +++ b/doc/topics/git/unstage.md @@ -0,0 +1,33 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +--- + +# Unstage + +- To remove files from stage use reset HEAD where HEAD is the last commit of the current branch. This unstages the file but maintain the modifications. + + ```shell + git reset HEAD <file> + ``` + +- To revert the file back to the state it was in before the changes we can use: + + ```shell + git checkout -- <file> + ``` + +- To remove a file from disk and repository, use `git rm`. To remove a directory, use the `-r` flag: + + ```shell + git rm '*.txt' + git rm -r <dirname> + ``` + +- If we want to remove a file from the repository but keep it on disk, say we forgot to add it to our `.gitignore` file then use `--cache`: + + ```shell + git rm <filename> --cache + ``` diff --git a/doc/topics/web_application_firewall/index.md b/doc/topics/web_application_firewall/index.md deleted file mode 100644 index 297b2f7eaaa..00000000000 --- a/doc/topics/web_application_firewall/index.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: '../../user/project/clusters/protect/web_application_firewall/index.md' ---- - -This document was moved to [another location](../../user/project/clusters/protect/web_application_firewall/index.md). - -<!-- This redirect file can be deleted after <2021-04-01>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/topics/web_application_firewall/quick_start_guide.md b/doc/topics/web_application_firewall/quick_start_guide.md deleted file mode 100644 index 4d7244f88fa..00000000000 --- a/doc/topics/web_application_firewall/quick_start_guide.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: '../../user/project/clusters/protect/web_application_firewall/quick_start_guide.md' ---- - -This document was moved to [another location](../../user/project/clusters/protect/web_application_firewall/quick_start_guide.md). - -<!-- This redirect file can be deleted after <2021-04-01>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/README.md b/doc/university/README.md index c815842480c..bf2e7c91918 100644 --- a/doc/university/README.md +++ b/doc/university/README.md @@ -1,8 +1,8 @@ --- -redirect_to: 'index.md' +redirect_to: '../topics/index.md' --- -This document was moved to [another location](index.md). +This document was moved to [another location](../topics/index.md). <!-- This redirect file can be deleted after 2021-05-11. --> <!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/index.md b/doc/university/index.md index 0d194c7708d..60d012485de 100644 --- a/doc/university/index.md +++ b/doc/university/index.md @@ -1,223 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false -type: index +redirect_to: '../topics/index.md' --- -# GitLab University +This document was removed. See our [topics](../topics/index.md) for similar content. -GitLab University is a great place to start when learning about version control with Git and GitLab, as well as other GitLab features. - -If you're looking for a GitLab subscription for _your university_, see our [GitLab for Education](https://about.gitlab.com/solutions/education/) page. - -WARNING: -Some of the content in GitLab University may be out of date and we plan to -[evaluate](https://gitlab.com/gitlab-org/gitlab/-/issues/20403) it. - -The GitLab University curriculum is composed of GitLab videos, screencasts, presentations, projects and external GitLab content hosted on other services and has been organized into the following sections: - -1. [GitLab Beginner](#1-gitlab-beginner). -1. [GitLab Intermediate](#2-gitlab-intermediate). -1. [GitLab Advanced](#3-gitlab-advanced). -1. [External Articles](#4-external-articles). -1. [Resources for GitLab Team Members](#5-resources-for-gitlab-team-members). - -## 1. GitLab Beginner - -### 1.1. Version Control and Git - -<!-- vale gitlab.Spelling = NO --> - -1. [Version Control Systems](https://docs.google.com/presentation/d/16sX7hUrCZyOFbpvnrAFrg6tVO5_yT98IgdAqOmXwBho/edit#slide=id.g72f2e4906_2_29) -1. [Katacoda: Learn Git Version Control using Interactive Browser-Based Scenarios](https://www.katacoda.com/courses/git) - -<!-- vale gitlab.Spelling = YES --> - -### 1.2. GitLab Basics - -1. [An Overview of GitLab.com - Video](https://www.youtube.com/watch?v=WaiL5DGEMR4) -1. [Why Use Git and GitLab - Slides](https://docs.google.com/a/gitlab.com/presentation/d/1RcZhFmn5VPvoFu6UMxhMOy7lAsToeBZRjLRn0LIdaNc/edit?usp=drive_web) -1. [GitLab Basics - Article](../gitlab-basics/index.md) -1. [Git and GitLab Basics - Video](https://www.youtube.com/watch?v=03wb9FvO4Ak&index=5&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e) -1. [Git and GitLab Basics - Online Course](https://courses.platzi.com/classes/57-git-gitlab/2475-part-233-2/) -1. [Comparison of GitLab Versions](https://about.gitlab.com/features/#compare) - -### 1.3. Your GitLab Account - -1. [Create a GitLab Account - Online Course](https://courses.platzi.com/classes/57-git-gitlab/2434-create-an-account-on-gitlab/) -1. [Create and Add your SSH key to GitLab - Video](https://www.youtube.com/watch?v=54mxyLo3Mqk) - -### 1.4. GitLab Projects - -1. [Repositories, Projects and Groups - Video](https://www.youtube.com/watch?v=4TWfh1aKHHw&index=1&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e) -1. [Creating a Project in GitLab - Video](https://www.youtube.com/watch?v=7p0hrpNaJ14) -1. [How to Create Files and Directories](https://about.gitlab.com/blog/2016/02/10/feature-highlight-create-files-and-directories-from-files-page/) -1. [GitLab To-Do List](https://about.gitlab.com/blog/2016/03/02/gitlab-todos-feature-highlight/) -1. [GitLab Draft Flag](https://about.gitlab.com/blog/2016/01/08/feature-highlight-wip/) - -### 1.5. Migrating from other Source Control - -<!-- vale gitlab.Spelling = NO --> - -1. [Migrating from Bitbucket/Stash](../user/project/import/bitbucket.md) -1. [Migrating from GitHub](../user/project/import/github.md) -1. [Migrating from SVN](../user/project/import/svn.md) -1. [Migrating from Fogbugz](../user/project/import/fogbugz.md) - -<!-- vale gitlab.Spelling = YES --> -### 1.6. The GitLab team - -1. [About GitLab](https://about.gitlab.com/company/) -1. [GitLab Direction](https://about.gitlab.com/direction/) -1. [GitLab Master Plan](https://about.gitlab.com/blog/2016/09/13/gitlab-master-plan/) -1. [Making GitLab Great for Everyone - Video](https://www.youtube.com/watch?v=GGC40y4vMx0) - Response to "Dear GitHub" letter -1. [Using Innersourcing to Improve Collaboration](https://about.gitlab.com/blog/2014/09/05/innersourcing-using-the-open-source-workflow-to-improve-collaboration-within-an-organization/) -1. [The Software Development Market and GitLab - Video](https://www.youtube.com/watch?v=sXlhgPK1NTY&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e&index=6) - [Slides](https://docs.google.com/presentation/d/1vCU-NbZWz8NTNK8Vu3y4zGMAHb5DpC8PE5mHtw1PWfI/edit) -1. [GitLab Resources](https://about.gitlab.com/resources/) - -### 1.7 Community and Support - -1. [Getting Help](https://about.gitlab.com/get-help/) - - Proposing Features and Reporting and Tracking bugs for GitLab - - The GitLab IRC channel, Gitter Chat Room, Community Forum, and Mailing List - - Getting Technical Support - - Being part of our Great Community and Contributing to GitLab -1. [Getting Started with the GitLab Development Kit (GDK)](https://about.gitlab.com/blog/2016/06/08/getting-started-with-gitlab-development-kit/) -1. [GitLab Professional Services](https://about.gitlab.com/services/) - -### 1.8 GitLab Training Material - -1. [Git and GitLab Workshop - Slides](https://docs.google.com/presentation/d/1JzTYD8ij9slejV2-TO-NzjCvlvj6mVn9BORePXNJoMI/edit?usp=drive_web) - -## 2. GitLab Intermediate - -### 2.1 GitLab Pages - -1. [Using any Static Site Generator with GitLab Pages](https://about.gitlab.com/blog/2016/06/17/ssg-overview-gitlab-pages-part-3-examples-ci/) -1. [Securing GitLab Pages with SSL](https://about.gitlab.com/blog/2016/06/24/secure-gitlab-pages-with-startssl/) -1. [GitLab Pages Documentation](../user/project/pages/index.md) - -### 2.2. GitLab Issues - -1. [Markdown in GitLab](../user/markdown.md) -1. [Issues and Merge Requests - Video](https://www.youtube.com/watch?v=raXvuwet78M) -1. [Due Dates and Milestones for GitLab Issues](https://about.gitlab.com/blog/2016/08/05/feature-highlight-set-dates-for-issues/) -1. [How to Use GitLab Labels](https://about.gitlab.com/blog/2016/08/17/using-gitlab-labels/) -1. [Applying GitLab Labels Automatically](https://about.gitlab.com/blog/2016/08/19/applying-gitlab-labels-automatically/) -1. [GitLab Issue Board - Product Page](https://about.gitlab.com/stages-devops-lifecycle/issueboard/) -1. [An Overview of GitLab Issue Board](https://about.gitlab.com/blog/2016/08/22/announcing-the-gitlab-issue-board/) -1. [Designing GitLab Issue Board](https://about.gitlab.com/blog/2016/08/31/designing-issue-boards/) -1. [From Idea to Production with GitLab - Video](https://www.youtube.com/watch?v=25pHyknRgEo&index=14&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e) - -### 2.3. Continuous Integration - -1. [Operating Systems, Servers, VMs, Containers and Unix - Video](https://www.youtube.com/watch?v=V61kL6IC-zY&index=8&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e) -1. [GitLab CI/CD - Product Page](https://about.gitlab.com/stages-devops-lifecycle/continuous-integration/) -1. [Getting started with GitLab and GitLab CI](https://about.gitlab.com/blog/2015/12/14/getting-started-with-gitlab-and-gitlab-ci/) -1. [GitLab Container Registry](https://about.gitlab.com/blog/2016/05/23/gitlab-container-registry/) -1. [GitLab and Docker - Video](https://www.youtube.com/watch?v=ugOrCcbdHko&index=12&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e) -1. [How we scale GitLab with built in Docker](https://about.gitlab.com/blog/2016/06/21/how-we-scale-gitlab-by-having-docker-built-in/) -1. [Continuous Integration, Delivery, and Deployment with GitLab](https://about.gitlab.com/blog/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/) -1. [Deployments and Environments](https://about.gitlab.com/blog/2021/02/05/ci-deployment-and-environments/) -1. [Sequential, Parallel or Custom Pipelines](https://about.gitlab.com/blog/2016/07/29/the-basics-of-gitlab-ci/) -1. [Setting up GitLab Runner For Continuous Integration](https://about.gitlab.com/blog/2016/03/01/gitlab-runner-with-docker/) -1. [Setting up GitLab Runner on DigitalOcean](https://about.gitlab.com/blog/2016/04/19/how-to-set-up-gitlab-runner-on-digitalocean/) -1. [Setting up GitLab CI for iOS projects](https://about.gitlab.com/blog/2016/03/10/setting-up-gitlab-ci-for-ios-projects/) -1. [IBM: Continuous Delivery vs Continuous Deployment - Video](https://www.youtube.com/watch?v=igwFj8PPSnw) -1. [Amazon: Transition to Continuous Delivery - Video](https://www.youtube.com/watch?v=esEFaY0FDKc) -1. [TechBeacon: Doing continuous delivery? Focus first on reducing release cycle times](https://techbeacon.com/devops/doing-continuous-delivery-focus-first-reducing-release-cycle-times) -1. See **[Integrations](#39-integrations)** for integrations with other CI services. - -### 2.4. Workflow - -1. [GitLab Flow - Video](https://youtu.be/enMumwvLAug?list=PLFGfElNsQthZnwMUFi6rqkyUZkI00OxIV) -1. [GitLab Flow vs Forking in GitLab - Video](https://www.youtube.com/watch?v=UGotqAUACZA) -1. [GitLab Flow Overview](https://about.gitlab.com/topics/version-control/what-is-gitlab-flow/) -1. [Always Start with an Issue](https://about.gitlab.com/blog/2016/03/03/start-with-an-issue/) -1. [GitLab Flow Documentation](../topics/gitlab_flow.md) - -### 2.5. GitLab Comparisons - -1. [GitLab Compared to Other Tools](https://about.gitlab.com/devops-tools/) -1. [Comparing GitLab Terminology](https://about.gitlab.com/blog/2016/01/27/comparing-terms-gitlab-github-bitbucket/) -1. [GitLab Compared to Atlassian (Recording 2016-03-03)](https://youtu.be/Nbzp1t45ERo) -1. [GitLab Position FAQ](https://about.gitlab.com/handbook/positioning-faq/) -1. [Customer review of GitLab with points on why they prefer GitLab](https://www.enovate.co.uk/blog/2015/11/25/gitlab-review) - -## 3. GitLab Advanced - -### 3.1. DevOps - -1. [XebiaLabs: DevOps Terminology](https://digital.ai/glossary) -1. [XebiaLabs: Periodic Table of DevOps Tools](https://digital.ai/periodic-table-of-devops-tools) -1. [Puppet Labs: State of DevOps 2016 - Book](https://puppet.com/resources/report/2016-state-devops-report/) - -### 3.2. Installing GitLab with Omnibus - -1. [What is Omnibus - Video](https://www.youtube.com/watch?v=XTmpKudd-Oo) -1. [How to Install GitLab with Omnibus - Video](https://www.youtube.com/watch?v=Q69YaOjqNhg) -1. [Installing GitLab - Online Course](https://courses.platzi.com/classes/57-git-gitlab/2476-part-0/) -1. [Using a Non-Packaged PostgreSQL Database](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md#using-a-non-packaged-postgresql-database-management-server) -1. [Installing GitLab on Microsoft Azure](https://about.gitlab.com/blog/2016/07/13/how-to-setup-a-gitlab-instance-on-microsoft-azure/) -1. [Installing GitLab on Digital Ocean](https://about.gitlab.com/blog/2016/04/27/getting-started-with-gitlab-and-digitalocean/) - -### 3.3. Permissions - -1. [How to Manage Permissions in GitLab EE - Video](https://www.youtube.com/watch?v=DjUoIrkiNuM) - -### 3.4. Large Files - -1. [Big files in Git (Git LFS) - Video](https://www.youtube.com/watch?v=DawznUxYDe4) - -### 3.5. LDAP and Active Directory - -1. [How to Manage LDAP, Active Directory in GitLab - Video](https://www.youtube.com/watch?v=HPMjM-14qa8) - -### 3.6 Custom Languages - -1. [How to add Syntax Highlighting Support for Custom Languages to GitLab - Video](https://youtu.be/6WxTMqatrrA) - -### 3.7. Scalability and High Availability - -1. [Scalability and High Availability - Video](https://www.youtube.com/watch?v=cXRMJJb6sp4&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e&index=2) -1. [High Availability - Video](https://www.youtube.com/watch?v=36KS808u6bE&index=15&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e) -1. [High Availability Documentation](https://about.gitlab.com/solutions/reference-architectures/) - -### 3.8 Value Stream Analytics - -1. [GitLab Value Stream Analytics Overview (as of 2016)](https://about.gitlab.com/blog/2016/09/21/cycle-analytics-feature-highlight/) -1. [GitLab Value Stream Analytics - Product Page](https://about.gitlab.com/stages-devops-lifecycle/value-stream-analytics/) - -### 3.9. Integrations - -<!-- vale gitlab.Spelling = NO --> - -1. [How to Integrate Jira and Jenkins with GitLab - Video](https://gitlabmeetings.webex.com/gitlabmeetings/ldr.php?RCID=44b548147a67ab4d8a62274047146415) -1. [How to Integrate Jira with GitLab](../user/project/integrations/jira.md) -1. [How to Integrate Jenkins with GitLab](../integration/jenkins.md) -1. [How to Integrate Bamboo with GitLab](../user/project/integrations/bamboo.md) -1. [How to Integrate Slack with GitLab](../user/project/integrations/slack.md) -1. [How to Integrate Convox with GitLab](https://about.gitlab.com/blog/2016/06/09/continuous-delivery-with-gitlab-and-convox/) -1. [Getting Started with GitLab and Shippable CI](https://about.gitlab.com/blog/2016/05/05/getting-started-gitlab-and-shippable/) - -<!-- vale gitlab.Spelling = YES --> - -## 4. External Articles - -1. [2011 Wall Street Journal article - Software is Eating the World](https://www.wsj.com/articles/SB10001424053111903480904576512250915629460) -1. [2014 Blog post by Chris Dixon - Software eats software development](https://cdixon.org/2014/04/13/software-eats-software-development/) -1. [2015 Venture Beat article - Actually, Open Source is Eating the World](https://venturebeat.com/2015/12/06/its-actually-open-source-software-thats-eating-the-world/) - -## 5. Resources for GitLab Team Members - -NOTE: -Some content can only be accessed by GitLab team members. - -1. [Sales Path](https://about.gitlab.com/handbook/sales/onboarding/) -1. [User Training](training/user_training.md) -1. [GitLab Flow Training](training/gitlab_flow.md) -1. [Training Topics](training/index.md) -1. [GitLab architecture](../development/architecture.md) -1. [Client Assessment of GitLab versus GitHub](https://docs.google.com/a/gitlab.com/spreadsheets/d/18cRF9Y5I6I7Z_ab6qhBEW55YpEMyU4PitZYjomVHM-M/edit?usp=sharing) +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/gitlab_flow/production_branch.png b/doc/university/training/gitlab_flow/production_branch.png Binary files differdeleted file mode 100644 index 956761d7eb8..00000000000 --- a/doc/university/training/gitlab_flow/production_branch.png +++ /dev/null diff --git a/doc/university/training/gitlab_flow/release_branches.png b/doc/university/training/gitlab_flow/release_branches.png Binary files differdeleted file mode 100644 index dcb5f97dff0..00000000000 --- a/doc/university/training/gitlab_flow/release_branches.png +++ /dev/null diff --git a/doc/university/training/index.md b/doc/university/training/index.md index f69bd51b341..02709314708 100644 --- a/doc/university/training/index.md +++ b/doc/university/training/index.md @@ -1,46 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false -type: index +redirect_to: '../../topics/index.md' --- -# GitLab Training Material +This document was moved to [another location](../../topics/index.md). -<!-- vale gitlab.Spelling = NO --> -All GitLab training material is stored in Markdown format. Slides are -generated using [Deckset](https://www.deckset.com/). -<!-- vale gitlab.Spelling = YES --> - -All training material is open to public contribution. - -This section contains the following topics: - -- [Agile and Git](topics/agile_git.md). -- [Bisect](topics/bisect.md). -- [Cherry pick](topics/cherry_picking.md). -- [Code review and collaboration with Merge Requests](topics/merge_requests.md). -- [Configure your environment](topics/env_setup.md). -- [Explore GitLab](../../gitlab-basics/index.md). -- [Feature branching](topics/feature_branching.md). -- [Getting started](topics/getting_started.md). -- [GitLab flow](gitlab_flow.md). -- [GitLab Git workshop](user_training.md). -- [Git add](topics/git_add.md). -- [Git introduction](topics/git_intro.md). -- [Git log](topics/git_log.md). -- [Git stash](topics/stash.md). -- [Merge conflicts](topics/merge_conflicts.md). -- [Rollback commits](topics/rollback_commits.md). -- [Subtree](topics/subtree.md). -- [Unstage](topics/unstage.md). - -## Additional Resources - -1. [GitLab Documentation](https://docs.gitlab.com) -1. [GUI Clients](https://git-scm.com/downloads/guis) -1. [Pro Git book](https://git-scm.com/book/en/v2) -1. <!-- vale gitlab.Spelling = NO --> [Platzi Course](https://courses.platzi.com/courses/git-gitlab/) <!-- vale gitlab.Spelling = NO --> -1. [Code School tutorial](http://try.github.io/) -1. Contact us at `subscribers@gitlab.com` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/logo.png b/doc/university/training/logo.png Binary files differdeleted file mode 100644 index c80f65c053e..00000000000 --- a/doc/university/training/logo.png +++ /dev/null diff --git a/doc/university/training/topics/agile_git.md b/doc/university/training/topics/agile_git.md index cb82d3cec64..f912f92fad2 100644 --- a/doc/university/training/topics/agile_git.md +++ b/doc/university/training/topics/agile_git.md @@ -1,33 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../user/project/issue_board.md' --- -# Agile and Git +Information about using Agile concepts in GitLab can be found in [another location](../../../user/project/issue_board.md). -## Agile - -Lean software development methods focused on collaboration and interaction -with fast and smaller deployment cycles. - -## Where Git comes in - -Git is an excellent tool for an Agile team considering that it allows -decentralized and simultaneous development. - -### Branching And Workflows - -Branching in an Agile environment usually happens around user stories with one -or more developers working on it. - -If more than one developer then another branch for each developer is also used -with their initials, and US ID. - -After its tested merge into master and remove the branch. - -## What about GitLab - -Tools like GitLab enhance collaboration by adding dialog around code mainly -through issues and merge requests. +<!-- This redirect file can be deleted after <2021-07-23>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/bisect.md b/doc/university/training/topics/bisect.md index 8af77031c93..9c06f0b407d 100644 --- a/doc/university/training/topics/bisect.md +++ b/doc/university/training/topics/bisect.md @@ -1,76 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/git/bisect.md' --- -# Bisect +This document was moved to [another location](../../../topics/git/bisect.md). -- Find a commit that introduced a bug -- Works through a process of elimination -- Specify a known good and bad revision to begin - -## Bisect sample workflow - -1. Start the bisect process -1. Enter the bad revision (usually latest commit) -1. Enter a known good revision (commit/branch) -1. Run code to see if bug still exists -1. Tell bisect the result -1. Repeat the previous 2 items until you find the offending commit - -## Setup - -```shell - mkdir bisect-ex - cd bisect-ex - touch index.html - git add -A - git commit -m "starting out" - vi index.html - # Add all good - git add -A - git commit -m "second commit" - vi index.html - # Add all good 2 - git add -A - git commit -m "third commit" - vi index.html -``` - -```shell - # Add all good 3 - git add -A - git commit -m "fourth commit" - vi index.html - # This looks bad - git add -A - git commit -m "fifth commit" - vi index.html - # Really bad - git add -A - git commit -m "sixth commit" - vi index.html - # again just bad - git add -A - git commit -m "seventh commit" -``` - -## Commands - -```shell - git bisect start - # Test your code - git bisect bad - git bisect next - # Say yes to the warning - # Test - git bisect good - # Test - git bisect bad - # Test - git bisect good - # done - git bisect reset -``` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/env_setup.md b/doc/university/training/topics/env_setup.md index bd487731783..2fd0a6762e2 100644 --- a/doc/university/training/topics/env_setup.md +++ b/doc/university/training/topics/env_setup.md @@ -1,73 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/index.md' --- -# Configure your environment +This document was removed. See our [topics](../../../topics/index.md) for similar content. -## Install - -- **Windows** - Install 'Git for Windows' from [Git for Windows](https://gitforwindows.org). -- **Mac** - - Type '`git`' in the Terminal application. - - If it's not installed, it prompts you to install it. - -- **GNU/Linux** - Enter `which git` in the Terminal application and press <kbd>Enter</kbd> to - determine if Git is installed on your system. - - - If the output of that command gives you the path to the Git executable, similar to - `/usr/bin/git`, then Git is already installed on your system. - - If the output of the command displays "command not found" error, Git isn't installed on your system. - - GitLab recommends installing Git with the default package manager of your distribution. - The following commands install Git on various GNU/Linux distributions using their - default package managers. After you run the command corresponding to your distribution - and complete the installation process, Git should be available on your system: - - - **Arch Linux and its derivatives** - `sudo pacman -S git` - - **Fedora, RHEL, and CentOS** - For the `yum` package manager run `sudo yum install git-all`, - and for the `dnf` package manager run `sudo dnf install git`. - - **Debian/Ubuntu and their derivatives** - `sudo apt-get install git` - - **Gentoo** - `sudo emerge --ask --verbose dev-vcs/git` - - **openSUSE** - `sudo zypper install git` -- **FreeBSD** - `sudo pkg install git` -- **OpenBSD** - `doas pkg_add git` - -## Configure Git - -One-time configuration of the Git client - -```shell -git config --global user.name "Your Name" -git config --global user.email you@example.com -``` - -## Configure SSH Key - -```shell -ssh-keygen -t rsa -b 4096 -C "you@computer-name" -``` - -```shell -# You will be prompted for the following information. Press enter to accept the defaults. Defaults appear in parentheses. -Generating public/private rsa key pair. -Enter file in which to save the key (/Users/you/.ssh/id_rsa): -Enter passphrase (empty for no passphrase): -Enter same passphrase again: -Your identification has been saved in /Users/you/.ssh/id_rsa. -Your public key has been saved in /Users/you/.ssh/id_rsa.pub. -The key fingerprint is: -39:fc:ce:94:f4:09:13:95:64:9a:65:c1:de:05:4d:01 you@computer-name -``` - -Copy your public key and add it to your GitLab profile - -```shell -cat ~/.ssh/id_rsa.pub -``` - -```shell -ssh-rsa AAAAB3NzaC1yc2EAAAADAQEL17Ufacg8cDhlQMS5NhV8z3GHZdhCrZbl4gz you@example.com -``` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/feature_branching.md b/doc/university/training/topics/feature_branching.md index f6233bddb18..495462cdd00 100644 --- a/doc/university/training/topics/feature_branching.md +++ b/doc/university/training/topics/feature_branching.md @@ -1,31 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/git/feature_branching.md' --- -# Feature branching +This document was moved to [another location](../../../topics/git/feature_branching.md). -- Efficient parallel workflow for teams -- Develop each feature in a branch -- Keeps changes isolated -- Consider a 1-to-1 link to issues -- Push branches to the server frequently - - Hint: This is a cheap backup for your work-in-progress code - -## Feature branching sample workflow - -1. Create a new feature branch called 'squash_some_bugs' -1. Edit '`bugs.rb`' and remove all the bugs. -1. Commit -1. Push - -```shell -git checkout -b squash_some_bugs -# Edit `bugs.rb` -git status -git add bugs.rb -git commit -m 'Fix some buggy code' -git push origin squash_some_bugs -``` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/getting_started.md b/doc/university/training/topics/getting_started.md index 2c3d5fe15de..3dc3902c2e3 100644 --- a/doc/university/training/topics/getting_started.md +++ b/doc/university/training/topics/getting_started.md @@ -1,86 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/git/getting_started.md' --- -# Getting Started +This document was moved to [another location](../../../topics/git/getting_started.md). -## Instantiating Repositories - -- Create a new repository by instantiating it through: - - ```shell - git init - ``` - -- Copy an existing project by cloning the repository through: - - ```shell - git clone <url> - ``` - -## Central Repositories - -- To instantiate a central repository a `--bare` flag is required. -- Bare repositories don't allow file editing or committing changes. -- Create a bare repository with: - - ```shell - git init --bare project-name.git - ``` - -## Instantiate workflow with clone - -1. Create a project in your user namespace. - - Choose to import from **Any Repository by URL** and use <https://gitlab.com/gitlab-org/training-examples.git>. -1. Create a '`Workspace`' directory in your home directory. -1. Clone the '`training-examples`' project. - -```shell -mkdir ~/workspace -cd ~/workspace - -git clone git@gitlab.example.com:<username>/training-examples.git -cd training-examples -``` - -## Git concepts - -**Untracked files** - -New files that Git has not been told to track previously. - -**Working area** - -Files that have been modified but are not committed. - -**Staging area** - -Modified files that have been marked to go in the next commit. - -## Committing Workflow - -1. Edit '`edit_this_file.rb`' in '`training-examples`' -1. See it listed as a changed file (working area) -1. View the differences -1. Stage the file -1. Commit -1. Push the commit to the remote -1. View the Git log - -```shell -# Edit `edit_this_file.rb` -git status -git diff -git add <file> -git commit -m 'My change' -git push origin master -git log -``` - -## Note - -- `git fetch` vs `git pull` -- Pull is `git fetch` + `git merge` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/git_add.md b/doc/university/training/topics/git_add.md index d136b9151bc..aa5e756995f 100644 --- a/doc/university/training/topics/git_add.md +++ b/doc/university/training/topics/git_add.md @@ -1,40 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/git/git_add.md' --- -# Git Add +This document was moved to [another location](../../../topics/git/git_add.md). -Adds content to the index or staging area. - -- Adds a list of file: - - ```shell - git add <files> - ``` - -- Adds all files including deleted ones: - - ```shell - git add -A - ``` - -- Add all text files in current dir: - - ```shell - git add *.txt - ``` - -- Add all text file in the project: - - ```shell - git add "*.txt*" - ``` - -- Adds all files in directory: - - ```shell - git add views/layouts/ - ``` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/git_intro.md b/doc/university/training/topics/git_intro.md index 416d421956c..2fd0a6762e2 100644 --- a/doc/university/training/topics/git_intro.md +++ b/doc/university/training/topics/git_intro.md @@ -1,27 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/index.md' --- -# Git introduction +This document was removed. See our [topics](../../../topics/index.md) for similar content. -## Intro - -<https://git-scm.com/about> - -- Distributed version control - - Does not rely on connection to a central server - - Many copies of the complete history -- Powerful branching and merging -- Adapts to nearly any workflow -- Fast, reliable and stable file format - -## Help - -Use the tools at your disposal when you get stuck. - -- Use '`git help <command>`' command -- Use Google -- Read documentation at <https://git-scm.com> +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/git_log.md b/doc/university/training/topics/git_log.md index ae4ae69ce76..1af8abb0782 100644 --- a/doc/university/training/topics/git_log.md +++ b/doc/university/training/topics/git_log.md @@ -1,60 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/git/git_log.md' --- -# Git Log +This document was moved to [another location](../../../topics/git/git_log.md). -Git log lists commit history. It allows searching and filtering. - -- Initiate log: - - ```shell - git log - ``` - -- Retrieve set number of records: - - ```shell - git log -n 2 - ``` - -- Search commits by author. Allows user name or a regular expression. - - ```shell - git log --author="user_name" - ``` - -- Search by comment message: - - ```shell - git log --grep="<pattern>" - ``` - -- Search by date: - - ```shell - git log --since=1.month.ago --until=3.weeks.ago - ``` - -## Git Log Workflow - -1. Change to workspace directory -1. Clone the multi runner projects -1. Change to project dir -1. Search by author -1. Search by date -1. Combine - -## Commands - -```shell -cd ~/workspace -git clone git@gitlab.com:gitlab-org/gitlab-runner.git -cd gitlab-runner -git log --author="Travis" -git log --since=1.month.ago --until=3.weeks.ago -git log --since=1.month.ago --until=1.day.ago --author="Travis" -``` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/merge_conflicts.md b/doc/university/training/topics/merge_conflicts.md index 66771559298..d76d297803f 100644 --- a/doc/university/training/topics/merge_conflicts.md +++ b/doc/university/training/topics/merge_conflicts.md @@ -1,69 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/git/merge_conflicts.md' --- -# Merge conflicts +This document was moved to [another location](../../../topics/git/merge_conflicts.md). -- Happen often -- Learning to fix conflicts is hard -- Practice makes perfect -- Force push after fixing conflicts. Be careful! - -## Merge conflicts sample workflow - -1. Checkout a new branch and edit `conflicts.rb`. Add 'Line4' and 'Line5'. -1. Commit and push. -1. Checkout master and edit `conflicts.rb`. Add 'Line6' and 'Line7' below 'Line3'. -1. Commit and push to master. -1. Create a merge request and watch it fail. -1. Rebase our new branch with master. -1. Fix conflicts on the `conflicts.rb` file. -1. Stage the file and continue rebasing. -1. Force push the changes. -1. Finally continue with the Merge Request. - -```shell -git checkout -b conflicts_branch - -# vi conflicts.rb -# Add 'Line4' and 'Line5' - -git commit -am "add line4 and line5" -git push origin conflicts_branch - -git checkout master - -# vi conflicts.rb -# Add 'Line6' and 'Line7' -git commit -am "add line6 and line7" -git push origin master -``` - -Create a merge request on the GitLab web UI, and a conflict warning displays. - -```shell -git checkout conflicts_branch -git fetch -git rebase master - -# Fix conflicts by editing the files. - -git add conflicts.rb -# No need to commit this file - -git rebase --continue - -# Remember that we have rewritten our commit history so we -# need to force push so that our remote branch is restructured -git push origin conflicts_branch -f -``` - -## Note - -- When to use `git merge` and when to use `git rebase` -- Rebase when updating your branch with master -- Merge when bringing changes from feature to master -- Reference: <https://www.atlassian.com/git/tutorials/merging-vs-rebasing> +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/merge_requests.md b/doc/university/training/topics/merge_requests.md index a4a3108ebd1..80ead103fdd 100644 --- a/doc/university/training/topics/merge_requests.md +++ b/doc/university/training/topics/merge_requests.md @@ -1,40 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../user/project/merge_requests/index.md' --- -# Code review and collaboration with Merge Requests +This document was moved to [another location](../../../user/project/merge_requests/index.md). -- When you want feedback create a merge request -- Target is the default branch (usually master) -- Assign or mention the person you would like to review -- Add `[Draft]` to the title if it's a work in progress -- When accepting, always delete the branch -- Anyone can comment, not just the assignee -- Push corrections to the same branch - -## Merge requests - -**Create your first merge request** - -1. Use the blue button in the activity feed -1. View the diff (changes) and leave a comment -1. Push a new commit to the same branch -1. Review the changes again and notice the update - -## Feedback and Collaboration - -- Merge requests are a time for feedback and collaboration -- Giving feedback is hard -- Be as kind as possible -- Receiving feedback is hard -- Be as receptive as possible -- Feedback is about the best code, not the person. You are not your code - -Review the Thoughtbot code-review guide for suggestions to follow when reviewing merge requests: -[https://github.com/thoughtbot/guides/tree/master/code-review](https://github.com/thoughtbot/guides/tree/master/code-review) - -See GitLab merge requests for examples: -[https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests) +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/rollback_commits.md b/doc/university/training/topics/rollback_commits.md index 34c2d9687bb..b87aa12b834 100644 --- a/doc/university/training/topics/rollback_commits.md +++ b/doc/university/training/topics/rollback_commits.md @@ -1,81 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/git/rollback_commits.md' --- -# Rollback Commits +This document was moved to [another location](../../../topics/git/rollback_commits.md). -## Undo Commits - -- Undo last commit putting everything back into the staging area: - - ```shell - git reset --soft HEAD^ - ``` - -- Add files and change message with: - - ```shell - git commit --amend -m "New Message" - ``` - -- Undo last and remove changes: - - ```shell - git reset --hard HEAD^ - ``` - -- Same as last one but for two commits back: - - ```shell - git reset --hard HEAD^^ - ``` - -**Don't reset after pushing** - -## Reset Workflow - -1. Edit file again 'edit_this_file.rb' -1. Check status -1. Add and commit with wrong message -1. Check log -1. Amend commit -1. Check log -1. Soft reset -1. Check log -1. Pull for updates -1. Push changes - -## Commands - -```shell -# Change file edit_this_file.rb -git status -git commit -am "kjkfjkg" -git log -git commit --amend -m "New comment added" -git log -git reset --soft HEAD^ -git log -git pull origin master -git push origin master -``` - -## Note - -- `git revert` vs `git reset` -- Reset removes the commit while revert removes the changes but leaves the commit -- Revert is safer considering we can revert a revert - -```shell -# Changed file -git commit -am "bug introduced" -git revert HEAD -# New commit created reverting changes -# Now we want to re apply the reverted commit -git log # take hash from the revert commit -git revert <rev commit hash> -# reverted commit is back (new commit created again) -``` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/stash.md b/doc/university/training/topics/stash.md index 051103e5f4b..ea9ba6a7bcc 100644 --- a/doc/university/training/topics/stash.md +++ b/doc/university/training/topics/stash.md @@ -1,82 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/git/stash.md' --- -# Git Stash +This document was moved to [another location](../../../topics/git/stash.md). -We use `git stash` to store our changes when they are not ready to be committed -and we need to change to a different branch. - -- Stash: - - ```shell - git stash save - # or - git stash - # or with a message - git stash save "this is a message to display on the list" - ``` - -- Apply stash to keep working on it: - - ```shell - git stash apply - # or apply a specific one from out stack - git stash apply stash@{3} - ``` - -- Every time we save a stash it gets stacked so by using `list` we can see all our - stashes. - - ```shell - git stash list - # or for more information (log methods) - git stash list --stat - ``` - -- To clean our stack we need to manually remove them: - - ```shell - # drop top stash - git stash drop - # or - git stash drop <name> - # to clear all history we can use - git stash clear - ``` - -- Apply and drop on one command: - - ```shell - git stash pop - ``` - -- If we meet conflicts we need to either reset or commit our changes. -- Conflicts through `pop` doesn't drop a stash afterwards. - -## Git Stash sample workflow - -1. Modify a file -1. Stage file -1. Stash it -1. View our stash list -1. Confirm no pending changes through status -1. Apply with pop -1. View list to confirm changes - -```shell -# Modify edit_this_file.rb file -git add . - -git stash save "Saving changes from edit this file" - -git stash list -git status - -git stash pop -git stash list -git status -``` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/subtree.md b/doc/university/training/topics/subtree.md index 54461915a05..5090ff8ca36 100644 --- a/doc/university/training/topics/subtree.md +++ b/doc/university/training/topics/subtree.md @@ -1,52 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/git/subtree.md' --- -# Subtree +This document was moved to [another location](../../../topics/git/subtree.md). -- Used when there are nested repositories. -- Not recommended when the amount of dependencies is too large. -- For these cases we need a dependency control system. -- Command are painfully long so aliases are necessary. - -## Subtree Aliases - -- Add: `git subtree add --prefix <target-folder> <url> <branch> --squash` -- Pull: `git subtree pull --prefix <target-folder> <url> <branch> --squash` -- Push: `git subtree add --prefix <target-folder> <url> <branch>` -- Ex: `git config alias.sbp 'subtree pull --prefix st / - git@gitlab.com:balameb/subtree-nested-example.git master --squash'` - -```shell - # Add an alias - # Add - git config alias.sba 'subtree add --prefix st / - git@gitlab.com:balameb/subtree-nested-example.git master --squash' - # Pull - git config alias.sbpl 'subtree pull --prefix st / - git@gitlab.com:balameb/subtree-nested-example.git master --squash' - # Push - git config alias.sbph 'subtree push --prefix st / - git@gitlab.com:balameb/subtree-nested-example.git master' - - # Adding this subtree adds a st dir with a readme - git sba - vi st/README.md - # Edit file - git status shows differences - -``` - -```shell - # Adding, or committing won't change the sub repo at remote - # even if we push - git add -A - git commit -m "Adding to subtree readme" - - # Push to subtree repo - git sbph - # now we can check our remote sub repo -``` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/unstage.md b/doc/university/training/topics/unstage.md index 30d26854135..13c21f5cbb2 100644 --- a/doc/university/training/topics/unstage.md +++ b/doc/university/training/topics/unstage.md @@ -1,33 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false +redirect_to: '../../../topics/git/unstage.md' --- -# Unstage +This document was moved to [another location](../../../topics/git/unstage.md). -- To remove files from stage use reset HEAD where HEAD is the last commit of the current branch. This unstages the file but maintain the modifications. - - ```shell - git reset HEAD <file> - ``` - -- To revert the file back to the state it was in before the changes we can use: - - ```shell - git checkout -- <file> - ``` - -- To remove a file from disk and repository, use `git rm`. To remove a directory, use the `-r` flag: - - ```shell - git rm '*.txt' - git rm -r <dirname> - ``` - -- If we want to remove a file from the repository but keep it on disk, say we forgot to add it to our `.gitignore` file then use `--cache`: - - ```shell - git rm <filename> --cache - ``` +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/user_training.md b/doc/university/training/user_training.md index e9cca233d6f..fa870b151b2 100644 --- a/doc/university/training/user_training.md +++ b/doc/university/training/user_training.md @@ -1,346 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false -type: reference +redirect_to: '../../topics/index.md' --- -# GitLab Git Workshop +This document was removed. See our [topics](../../topics/index.md) for similar content. -## Agenda - -1. Brief history of Git. -1. GitLab walkthrough. -1. Configure your environment. -1. Workshop. - -## Git introduction - -<https://git-scm.com/about> - -- Distributed version control. - - Does not rely on connection to a central server. - - Many copies of the complete history. -- Powerful branching and merging. -- Adapts to nearly any workflow. -- Fast, reliable and stable file format. - -## Help - -Use the tools at your disposal when you get stuck. - -- Use '`git help <command>`' command. -- Use Google. -- Read documentation at <https://git-scm.com>. - -## GitLab Walkthrough - - - -## Configure your environment - -- Windows: Install 'Git for Windows' - -> <https://gitforwindows.org> - -- Mac: Type '`git`' in the Terminal application. - -> If it's not installed, it prompts you to install it. - -- Debian: '`sudo apt-get install git-all`' or Red Hat '`sudo yum install git-all`' - -## Git Workshop - -### Overview - -1. Configure Git. -1. Configure SSH Key. -1. Create a project. -1. Committing. -1. Feature branching. -1. Merge requests. -1. Feedback and Collaboration. - -## Configure Git - -One-time configuration of the Git client: - -```shell -git config --global user.name "Your Name" -git config --global user.email you@example.com -``` - -## Configure SSH Key - -```shell -ssh-keygen -t rsa -b 4096 -C "you@computer-name" -``` - -```shell -# You will be prompted for the following information. Press enter to accept the defaults. Defaults appear in parentheses. -Generating public/private rsa key pair. -Enter file in which to save the key (/Users/you/.ssh/id_rsa): -Enter passphrase (empty for no passphrase): -Enter same passphrase again: -Your identification has been saved in /Users/you/.ssh/id_rsa. -Your public key has been saved in /Users/you/.ssh/id_rsa.pub. -The key fingerprint is: -39:fc:ce:94:f4:09:13:95:64:9a:65:c1:de:05:4d:01 you@computer-name -``` - -Copy your public key and add it to your GitLab profile: - -```shell -cat ~/.ssh/id_rsa.pub -``` - -```shell -ssh-rsa AAAAB3NzaC1yc2EAAAADAQEL17Ufacg8cDhlQMS5NhV8z3GHZdhCrZbl4gz you@example.com -``` - -## Create a project - -- Create a project in your user namespace. - - Choose to import from **Any Repository by URL** and use <https://gitlab.com/gitlab-org/training-examples.git>. -- Create a '`development`' or '`workspace`' directory in your home directory. -- Clone the '`training-examples`' project. - -## Commands (project) - -```shell -mkdir ~/development -cd ~/development - --or- - -mkdir ~/workspace -cd ~/workspace - -git clone git@gitlab.example.com:<username>/training-examples.git -cd training-examples -``` - -## Git concepts - -### Untracked files - -New files that Git has not been told to track previously. - -### Working area - -Files that have been modified but are not committed. - -### Staging area - -Modified files that have been marked to go in the next commit. - -## Committing - -1. Edit '`edit_this_file.rb`' in '`training-examples`'. -1. See it listed as a changed file (working area). -1. View the differences. -1. Stage the file. -1. Commit. -1. Push the commit to the remote. -1. View the Git log. - -## Commands (committing) - -```shell -# Edit `edit_this_file.rb` -git status -git diff -git add <file> -git commit -m 'My change' -git push origin master -git log -``` - -## Feature branching - -- Efficient parallel workflow for teams. -- Develop each feature in a branch. -- Keeps changes isolated. -- Consider a 1-to-1 link to issues. -- Push branches to the server frequently. - - Hint: This is a cheap backup for your work-in-progress code. - -## Feature branching steps - -1. Create a new feature branch called 'squash_some_bugs'. -1. Edit '`bugs.rb`' and remove all the bugs. -1. Commit. -1. Push. - -## Commands (feature branching) - -```shell -git checkout -b squash_some_bugs -# Edit `bugs.rb` -git status -git add bugs.rb -git commit -m 'Fix some buggy code' -git push origin squash_some_bugs -``` - -## Merge requests - -- When you want feedback create a merge request. -- Target is the 'default' branch (usually master). -- Assign or mention the person you would like to review. -- Add `[Draft]` to the title if it's a work in progress. -- When accepting, always delete the branch. -- Anyone can comment, not just the assignee. -- Push corrections to the same branch. - -## Merge requests steps - -Create your first merge request: - -1. Use the blue button in the activity feed. -1. View the diff (changes) and leave a comment. -1. Push a new commit to the same branch. -1. Review the changes again and notice the update. - -## Feedback and Collaboration - -- Merge requests are a time for feedback and collaboration. -- Giving feedback is hard. -- Be as kind as possible. -- Receiving feedback is hard. -- Be as receptive as possible. -- Feedback is about the best code, not the person. You are not your code. - -## Feedback and Collaboration resources - -<!-- vale gitlab.Spelling = NO --> - -Review the Thoughtbot code-review guide for suggestions to follow when reviewing merge requests: -<https://github.com/thoughtbot/guides/tree/master/code-review>. - -<!-- vale gitlab.Spelling = YES --> - -See GitLab merge requests for examples: <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests>. - -## Explore GitLab projects - - - -- Dashboard -- User Preferences -- README, Changelog, License shortcuts -- Issues -- Milestones and Labels -- Manage project members -- Project settings - -## Tags - -- Useful for marking deployments and releases. -- Annotated tags are an unchangeable part of Git history. -- Soft/lightweight tags can be set and removed at any time. -- Many projects combine an annotated release tag with a stable branch. -- Consider setting deployment/release tags automatically. - -## Tags steps - -1. Create a lightweight tag. -1. Create an annotated tag. -1. Push the tags to the remote repository. - -Additional resources: <https://git-scm.com/book/en/v2/Git-Basics-Tagging>. - -## Commands (tags) - -```shell -git checkout master - -# Lightweight tag -git tag my_lightweight_tag - -# Annotated tag -git tag -a v1.0 -m 'Version 1.0' -git tag - -git push origin --tags -``` - -## Merge conflicts - -- Happen often. -- Learning to fix conflicts is hard. -- Practice makes perfect. -- Force push after fixing conflicts. Be careful! - -## Merge conflicts steps - -1. Checkout a new branch and edit `conflicts.rb`. Add 'Line4' and 'Line5'. -1. Commit and push. -1. Checkout master and edit `conflicts.rb`. Add 'Line6' and 'Line7' below 'Line3'. -1. Commit and push to master. -1. Create a merge request. - -## Merge conflicts commands - -After creating a merge request you should notice that conflicts exist. Resolve -the conflicts locally by rebasing. - -```shell -git rebase master - -# Fix conflicts by editing the files. - -git add conflicts.rb -git commit -m 'Fix conflicts' -git rebase --continue -git push origin <branch> -f -``` - -## Rebase with squash - -You may end up with a commit log that looks like this: - -```plaintext -Fix issue #13 -Test -Fix -Fix again -Test -Test again -Does this work? -``` - -Squash these in to meaningful commits using an interactive rebase. - -## Rebase with squash commands - -Squash the commits on the same branch we used for the merge conflicts step. - -```shell -git rebase -i master -``` - -In the editor, leave the first commit as `pick` and set others to `fixup`. - -## Questions? - - - -Thank you for your hard work! - -## Additional Resources - -See [additional resources](index.md#additional-resources). - -<!-- ## Troubleshooting - -Include any troubleshooting steps that you can foresee. If you know beforehand what issues -one might have when setting this up, or when something is changed, or on upgrading, it's -important to describe those, too. Think of things that may go wrong and include them here. -This is important to minimize requests for support, and to avoid doc comments with -questions that you know someone might ask. - -Each scenario can be a third-level heading, e.g. `### Getting error message X`. -If you have none to add when creating a doc, leave this section in place -but commented out to help encourage others to add to it in the future. --> +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/update/index.md b/doc/update/index.md index 71d1bd06ff0..4c4dfe79d03 100644 --- a/doc/update/index.md +++ b/doc/update/index.md @@ -107,6 +107,10 @@ Sidekiq::Queue.new("background_migration").size Sidekiq::ScheduledSet.new.select { |r| r.klass == 'BackgroundMigrationWorker' }.size ``` +### Batched background migrations + +See the documentation on [batched background migrations](../user/admin_area/monitoring/background_migrations.md). + ### What do I do if my background migrations are stuck? WARNING: @@ -138,6 +142,19 @@ pending_job_classes = scheduled_queue.select { |job| job["class"] == "Background pending_job_classes.each { |job_class| Gitlab::BackgroundMigration.steal(job_class) } ``` +## Dealing with running CI/CD pipelines and jobs + +If you upgrade your GitLab instance while the GitLab Runner is processing jobs, the trace updates will fail. Once GitLab is back online, then the trace updates should self-heal. However, depending on the error, the GitLab Runner will either retry or eventually terminate job handling. + +As for the artifacts, the GitLab Runner will attempt to upload them three times, after which the job will eventually fail. + +To address the above two scenario's, it is advised to do the following prior to upgrading: + +1. Plan your maintenance. +1. Pause your runners. +1. Wait until all jobs are finished. +1. Upgrade GitLab. + ## Checking for pending Advanced Search migrations This section is only applicable if you have enabled the [Elasticsearch @@ -185,7 +202,7 @@ upgrade paths. | Target version | Your version | Supported upgrade path | Note | | --------------------- | ------------ | ------------------------ | ---- | | `13.5.4` | `12.9.2` | `12.9.2` -> `12.10.14` -> `13.0.14` -> `13.1.11` -> `13.5.4` | Three intermediate versions are required: the final `12.10` release, plus `13.0` and `13.1`. | -| `13.2.10` | `11.5.0` | `11.5.0` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.10.14` -> `13.0.14` -> `13.2.10` | Five intermediate versions are required: the final `11.11`, `12.0`, `12.1` and `12.10` releases, plus `13.0`. | +| `13.2.10` | `11.5.0` | `11.5.0` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.10.14` -> `13.0.14` -> `13.1.11` -> `13.2.10` | Six intermediate versions are required: the final `11.11`, `12.0`, `12.1`, `12.10`, `13.0` releases, plus `13.1`. | | `12.10.14` | `11.3.4` | `11.3.4` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.10.14` | Three intermediate versions are required: the final `11.11` and `12.0` releases, plus `12.1` | | `12.9.5` | `10.4.5` | `10.4.5` -> `10.8.7` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.9.5` | Four intermediate versions are required: `10.8`, `11.11`, `12.0` and `12.1`, then `12.9.5` | | `12.2.5` | `9.2.6` | `9.2.6` -> `9.5.10` -> `10.8.7` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.2.5` | Five intermediate versions are required: `9.5`, `10.8`, `11.11`, `12.0`, `12.1`, then `12.2`. | @@ -198,7 +215,7 @@ Backward-incompatible changes and migrations are reserved for major versions. We cannot guarantee that upgrading between major versions will be seamless. It is suggested to upgrade to the latest available *minor* version within your major version before proceeding to the next major version. -Doing this will address any backward-incompatible changes or deprecations +Doing this addresses any backward-incompatible changes or deprecations to help ensure a successful upgrade to the next major release. Identify a [supported upgrade path](#upgrade-paths). @@ -212,7 +229,7 @@ before upgrading to a new major version. To see the current size of the `backgro [Check for background migrations before upgrading](#checking-for-background-migrations-before-upgrading). If you have enabled the [Elasticsearch -integration](../integration/elasticsearch.md), then you will also need to ensure +integration](../integration/elasticsearch.md), then ensure all Advanced Search migrations are completed in the last minor version within your current version. Be sure to [check for pending Advanced Search migrations](#checking-for-pending-advanced-search-migrations) before proceeding @@ -250,8 +267,8 @@ migrations are performed in the background by Sidekiq and are often used for migrating data. Background migrations are only added in the monthly releases. Certain major/minor releases may require a set of background migrations to be -finished. To guarantee this such a release will process any remaining jobs -before continuing the upgrading procedure. While this won't require downtime +finished. To guarantee this, such a release processes any remaining jobs +before continuing the upgrading procedure. While this doesn't require downtime (if the above conditions are met) we recommend users to keep at least 1 week between upgrading major/minor releases, allowing the background migrations to finish. The time necessary to complete these migrations can be reduced by @@ -259,7 +276,7 @@ increasing the number of Sidekiq workers that can process jobs in the `background_migration` queue. To see the size of this queue, [Check for background migrations before upgrading](#checking-for-background-migrations-before-upgrading). -As a rule of thumb, any database smaller than 10 GB won't take too much time to +As a rule of thumb, any database smaller than 10 GB doesn't take too much time to upgrade; perhaps an hour at most per minor release. Larger databases however may require more time, but this is highly dependent on the size of the database and the migrations that are being performed. @@ -277,17 +294,17 @@ _have_ to first upgrade to a 9.5.Z release. **Example 2:** You are running a large GitLab installation using version 9.4.2, which is the latest patch release of 9.4. GitLab 9.5 includes some background -migrations, and 10.0 will require these to be completed (processing any +migrations, and 10.0 requires these to be completed (processing any remaining jobs for you). Skipping 9.5 is not possible without downtime, and due to the background migrations would require potentially hours of downtime depending on how long it takes for the background migrations to complete. To -work around this you will have to upgrade to 9.5.Z first, then wait at least a +work around this you have to upgrade to 9.5.Z first, then wait at least a week before upgrading to 10.0. **Example 3:** You use MySQL as the database for GitLab. Any upgrade to a new -major/minor release will require downtime. If a release includes any background +major/minor release requires downtime. If a release includes any background migrations this could potentially lead to hours of downtime, depending on the -size of your database. To work around this you will have to use PostgreSQL and +size of your database. To work around this you must use PostgreSQL and meet the other online upgrade requirements mentioned above. ### Steps @@ -334,7 +351,7 @@ At the end of those release posts, there are three sections to look for: - Removals - Important notes on upgrading -These will include: +These include: - Steps you need to perform as part of an upgrade. For example [8.12](https://about.gitlab.com/releases/2016/09/22/gitlab-8-12-released/#upgrade-barometer) @@ -357,9 +374,39 @@ and [Helm Chart deployments](https://docs.gitlab.com/charts/). They come with ap Git 2.31.x and later is required. We recommend you use the [Git version provided by Gitaly](../install/installation.md#git). +### 13.9.0 + +We've detected an issue [with a column rename](https://gitlab.com/gitlab-org/gitlab/-/issues/324160) +that may prevent upgrades to GitLab 13.9.0, 13.9.1, 13.9.2 and 13.9.3. +We are working on a patch, but until a fixed version is released, you can manually complete +the zero-downtime upgrade: + +1. Before running the final `sudo gitlab-rake db:migrate` command on the deploy node, + execute the following queries using the PostgreSQL console (or `sudo gitlab-psql`) + to drop the problematic triggers: + + ```sql + drop trigger trigger_e40a6f1858e6 on application_settings; + drop trigger trigger_0d588df444c8 on application_settings; + drop trigger trigger_1572cbc9a15f on application_settings; + drop trigger trigger_22a39c5c25f3 on application_settings; + ``` + +1. Run the final migrations: + + ```shell + sudo gitlab-rake db:migrate + ``` + +If you have already run the final `sudo gitlab-rake db:migrate` command on the deploy node and have +encountered the [column rename issue](https://gitlab.com/gitlab-org/gitlab/-/issues/324160), you can still +follow the previous steps to complete the update. + +More details are available [in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/324160). + ### 13.6.0 -Ruby 2.7.2 is required. GitLab will not start with Ruby 2.6.6 or older versions. +Ruby 2.7.2 is required. GitLab does not start with Ruby 2.6.6 or older versions. The required Git version is Git v2.29 or higher. @@ -374,7 +421,7 @@ v2.24 remains the same. ### 13.2.0 -GitLab installations that have multiple web nodes will need to be +GitLab installations that have multiple web nodes must be [upgraded to 13.1](#1310) before upgrading to 13.2 (and later) due to a breaking change in Rails that can result in authorization issues. @@ -396,14 +443,14 @@ In 13.1.0, you must upgrade to either: - At least Git v2.24 (previously, the minimum required version was Git v2.22). - The recommended Git v2.26. -Failure to do so will result in internal errors in the Gitaly service in some RPCs due +Failure to do so results in internal errors in the Gitaly service in some RPCs due to the use of the new `--end-of-options` Git flag. Additionally, in GitLab 13.1.0, the version of [Rails was upgraded from 6.0.3 to 6.0.3.1](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/33454). The Rails upgrade included a change to CSRF token generation which is not backwards-compatible - GitLab servers with the new Rails version -will generate CSRF tokens that are not recognizable by GitLab servers +generate CSRF tokens that are not recognizable by GitLab servers with the older Rails version - which could cause non-GET requests to fail for [multi-node GitLab installations](https://docs.gitlab.com/omnibus/update/#multi-node--ha-deployment). diff --git a/doc/update/mysql_to_postgresql.md b/doc/update/mysql_to_postgresql.md index 9a367d218f0..cbe2381e8db 100644 --- a/doc/update/mysql_to_postgresql.md +++ b/doc/update/mysql_to_postgresql.md @@ -4,7 +4,7 @@ group: Database info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Migrating from MySQL to PostgreSQL +# Migrating from MySQL to PostgreSQL **(FREE SELF)** This guide documents how to take a working GitLab instance that uses MySQL and migrate it to a PostgreSQL database. diff --git a/doc/update/restore_after_failure.md b/doc/update/restore_after_failure.md index 0847fc82f19..e9c2c69ecb9 100644 --- a/doc/update/restore_after_failure.md +++ b/doc/update/restore_after_failure.md @@ -12,7 +12,7 @@ However, it's important to know how to recover when problems do arise. ## Roll back to an earlier version and restore a backup In some cases after a failed upgrade, the fastest solution is to roll back to -the previous version you were using. We recommend this path because the failed +the previous version you were using. We recommend this path because the failed upgrade will likely have made database changes that can not be readily reverted. First, roll back the code or package. For source installations this involves diff --git a/doc/update/upgrading_from_source.md b/doc/update/upgrading_from_source.md index 33ae9befd16..93d2c2cb288 100644 --- a/doc/update/upgrading_from_source.md +++ b/doc/update/upgrading_from_source.md @@ -90,10 +90,9 @@ dependencies. In Debian or Ubuntu: ```shell -curl --silent --show-error "https://dl.yarnpkg.com/debian/pubkey.gpg" | sudo apt-key add - -echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list -sudo apt-get update -sudo apt-get install yarn +sudo apt-get remove yarn + +npm install --global yarn ``` More information can be found on the [Yarn website](https://classic.yarnpkg.com/en/docs/install). diff --git a/doc/update/upgrading_postgresql_using_slony.md b/doc/update/upgrading_postgresql_using_slony.md index c9f8f83749c..2cddaa5da8b 100644 --- a/doc/update/upgrading_postgresql_using_slony.md +++ b/doc/update/upgrading_postgresql_using_slony.md @@ -4,7 +4,7 @@ group: Database info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Upgrading PostgreSQL Using Slony +# Upgrading PostgreSQL Using Slony **(FREE SELF)** This guide describes the steps one can take to upgrade their PostgreSQL database to the latest version without the need for hours of downtime. This guide assumes diff --git a/doc/user/abuse_reports.md b/doc/user/abuse_reports.md index e2f2038f240..66b7c3c6ac7 100644 --- a/doc/user/abuse_reports.md +++ b/doc/user/abuse_reports.md @@ -1,68 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: 'report_abuse.md' --- -# Abuse reports **(FREE)** +This file was moved to [another location](report_abuse.md). -You can report abuse from other GitLab users to GitLab administrators. - -A GitLab administrator [can then choose](admin_area/abuse_reports.md) to: - -- Remove the user, which deletes them from the instance. -- Block the user, which denies them access to the instance. -- Or remove the report, which retains the user's access to the instance. - -You can report a user through their: - -- [Profile](#reporting-abuse-through-a-users-profile) -- [Comments](#reporting-abuse-through-a-users-comment) -- [Issues and Merge requests](#reporting-abuse-through-a-users-issue-or-merge-request) - -## Reporting abuse through a user's profile - -To report abuse from a user's profile page: - -1. Click on the exclamation point report abuse button at the top right of the - user's profile. -1. Complete an abuse report. -1. Click the **Send report** button. - -## Reporting abuse through a user's comment - -To report abuse from a user's comment: - -1. Click on the vertical ellipsis (⋮) more actions button to open the dropdown. -1. Select **Report as abuse**. -1. Complete an abuse report. -1. Click the **Send report** button. - -NOTE: -A URL to the reported user's comment is pre-filled in the abuse report's -**Message** field. - -## Reporting abuse through a user's issue or merge request - -The **Report abuse** button is displayed at the top right of the issue or merge request: - -- When **Report abuse** is selected from the menu that appears when the - **Close issue** or **Close merge request** button is clicked, for users that - have permission to close the issue or merge request. -- When viewing the issue or merge request, for users that don't have permission - to close the issue or merge request. - -With the **Report abuse** button displayed, to submit an abuse report: - -1. Click the **Report abuse** button. -1. Submit an abuse report. -1. Click the **Send report** button. - -NOTE: -A URL to the reported user's issue or merge request is pre-filled -in the abuse report's **Message** field. - -## Managing abuse reports - -Admins are able to view and resolve abuse reports. -For more information, see [abuse reports administration documentation](admin_area/abuse_reports.md). +<!-- This redirect file can be deleted after <2021-07-21>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/admin_area/abuse_reports.md b/doc/user/admin_area/abuse_reports.md index 85ad0667322..5424d4d2cb4 100644 --- a/doc/user/admin_area/abuse_reports.md +++ b/doc/user/admin_area/abuse_reports.md @@ -1,90 +1,8 @@ --- -stage: Manage -group: Access -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: reference, howto +redirect_to: 'review_abuse_reports.md' --- -# Abuse reports **(FREE SELF)** +This file was moved to [another location](review_abuse_reports.md). -View and resolve abuse reports from GitLab users. - -GitLab administrators can view and [resolve](#resolving-abuse-reports) abuse -reports in the Admin Area. - -## Receiving notifications of abuse reports - -To receive notifications of new abuse reports by e-mail, follow these steps: - -1. Select **Admin Area > Settings > Reporting**. -1. Expand the **Abuse reports** section. -1. Provide an email address. - -The notification email address can also be set and retrieved -[using the API](../../api/settings.md#list-of-settings-that-can-be-accessed-via-api-calls). - -## Reporting abuse - -To find out more about reporting abuse, see [abuse reports user -documentation](../abuse_reports.md). - -## Resolving abuse reports - -To access abuse reports, go to **Admin Area > Abuse Reports**. - -There are 3 ways to resolve an abuse report, with a button for each method: - -- Remove user & report. This: - - [Deletes the reported user](../profile/account/delete_account.md) from the - instance. - - Removes the abuse report from the list. -- [Block user](#blocking-users). -- Remove report. This: - - Removes the abuse report from the list. - - Removes access restrictions for the reported user. - -The following is an example of the **Abuse Reports** page: - - - -### Blocking users - -A blocked user cannot log in or access any repositories, but all of their data -remains. - -Blocking a user: - -- Leaves them in the abuse report list. -- Changes the **Block user** button to a disabled **Already blocked** button. - -The user is notified with the following message: - -```plaintext -Your account has been blocked. If you believe this is in error, contact a staff member. -``` - -After blocking, you can still either: - -- Remove the user and report if necessary. -- Remove the report. - -The following is an example of a blocked user listed on the **Abuse Reports** -page: - - - -NOTE: -Users can be [blocked](../../api/users.md#block-user) and -[unblocked](../../api/users.md#unblock-user) using the GitLab API. - -<!-- ## Troubleshooting - -Include any troubleshooting steps that you can foresee. If you know beforehand what issues -one might have when setting this up, or when something is changed, or on upgrading, it's -important to describe those, too. Think of things that may go wrong and include them here. -This is important to minimize requests for support, and to avoid doc comments with -questions that you know someone might ask. - -Each scenario can be a third-level heading, e.g. `### Getting error message X`. -If you have none to add when creating a doc, leave this section in place -but commented out to help encourage others to add to it in the future. --> +<!-- This redirect file can be deleted after <2021-07-21>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/admin_area/activating_deactivating_users.md b/doc/user/admin_area/activating_deactivating_users.md index 144ee2dbf98..cafc7caf981 100644 --- a/doc/user/admin_area/activating_deactivating_users.md +++ b/doc/user/admin_area/activating_deactivating_users.md @@ -1,69 +1,8 @@ --- -stage: Manage -group: Access -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: howto +redirect_to: 'moderate_users.md' --- -# Activating and deactivating users +This document was moved to [another location](moderate_users.md). -GitLab administrators can deactivate and activate users. - -## Deactivating a user - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22257) in GitLab 12.4. - -In order to temporarily prevent access by a GitLab user that has no recent activity, administrators -can choose to deactivate the user. - -Deactivating a user is functionally identical to [blocking a user](blocking_unblocking_users.md), -with the following differences: - -- It does not prohibit the user from logging back in via the UI. -- Once a deactivated user logs back into the GitLab UI, their account is set to active. - -A deactivated user: - -- Cannot access Git repositories or the API. -- Will not receive any notifications from GitLab. -- Will not be able to use [slash commands](../../integration/slash_commands.md). - -Personal projects, and group and user history of the deactivated user will be left intact. - -A user can be deactivated from the Admin Area. To do this: - -1. Navigate to **Admin Area > Overview > Users**. -1. Select a user. -1. Under the **Account** tab, click **Deactivate user**. - -Please note that for the deactivation option to be visible to an admin, the user: - -- Must be currently active. -- Must not have signed in, or have any activity, in the last 90 days. - -Users can also be deactivated using the [GitLab API](../../api/users.md#deactivate-user). - -NOTE: -A deactivated user does not consume a [seat](../../subscriptions/self_managed/index.md#billable-users). - -## Activating a user - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22257) in GitLab 12.4. - -A deactivated user can be activated from the Admin Area. - -To do this: - -1. Navigate to **Admin Area > Overview > Users**. -1. Click on the **Deactivated** tab. -1. Select a user. -1. Under the **Account** tab, click **Activate user**. - -Users can also be activated using the [GitLab API](../../api/users.md#activate-user). - -NOTE: -Activating a user changes the user's state to active and consumes a -[seat](../../subscriptions/self_managed/index.md#billable-users). - -NOTE: -A deactivated user can also activate their account themselves by logging back in via the UI. +<!-- This redirect file can be deleted after <2021-08-12>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/admin_area/analytics/dev_ops_report.md b/doc/user/admin_area/analytics/dev_ops_report.md index a8f6e8ec8fa..b13faf2bb3e 100644 --- a/doc/user/admin_area/analytics/dev_ops_report.md +++ b/doc/user/admin_area/analytics/dev_ops_report.md @@ -27,8 +27,6 @@ of top-performing instances based on [usage ping data](../settings/usage_statist collected. Your score is compared to the lead score of each feature and then expressed as a percentage at the bottom of said feature. Your overall **DevOps Score** is an average of your feature scores. You can use this score to compare your DevOps status to other organizations. - - The page also provides helpful links to articles and GitLab docs, to help you improve your scores. @@ -58,8 +56,6 @@ DevOps Adoption allows you to: - Identify specific groups that are lagging in their adoption of GitLab so you can help them along in their DevOps journey. - Find the groups that have adopted certain features and can provide guidance to other groups on how to use those features. - - ### Disable or enable DevOps Adoption DevOps Adoption is deployed behind a feature flag that is **disabled by default**. diff --git a/doc/user/admin_area/analytics/img/dev_ops_adoption_v13_9.png b/doc/user/admin_area/analytics/img/dev_ops_adoption_v13_9.png Binary files differdeleted file mode 100644 index a295179dda3..00000000000 --- a/doc/user/admin_area/analytics/img/dev_ops_adoption_v13_9.png +++ /dev/null diff --git a/doc/user/admin_area/analytics/img/dev_ops_report_v13_4.png b/doc/user/admin_area/analytics/img/dev_ops_report_v13_4.png Binary files differdeleted file mode 100644 index d47d86cd514..00000000000 --- a/doc/user/admin_area/analytics/img/dev_ops_report_v13_4.png +++ /dev/null diff --git a/doc/user/admin_area/analytics/img/instance_activity_pipelines_chart_v13_6.png b/doc/user/admin_area/analytics/img/instance_activity_pipelines_chart_v13_6.png Binary files differdeleted file mode 100644 index da9e4c64e12..00000000000 --- a/doc/user/admin_area/analytics/img/instance_activity_pipelines_chart_v13_6.png +++ /dev/null diff --git a/doc/user/admin_area/analytics/img/instance_activity_pipelines_chart_v13_6_a.png b/doc/user/admin_area/analytics/img/instance_activity_pipelines_chart_v13_6_a.png Binary files differnew file mode 100644 index 00000000000..210c5c2609a --- /dev/null +++ b/doc/user/admin_area/analytics/img/instance_activity_pipelines_chart_v13_6_a.png diff --git a/doc/user/admin_area/analytics/usage_trends.md b/doc/user/admin_area/analytics/usage_trends.md index 38cd2dee4e9..7fb23f702a4 100644 --- a/doc/user/admin_area/analytics/usage_trends.md +++ b/doc/user/admin_area/analytics/usage_trends.md @@ -39,4 +39,4 @@ in the categories shown in [Total counts](#total-counts). These charts help you visualize how rapidly these records are being created on your instance. - + diff --git a/doc/user/admin_area/appearance.md b/doc/user/admin_area/appearance.md index e2e96f980f5..0d72f09dfd9 100644 --- a/doc/user/admin_area/appearance.md +++ b/doc/user/admin_area/appearance.md @@ -16,9 +16,7 @@ section. By default, the navigation bar has the GitLab logo, but this can be customized with any image desired. It is optimized for images 28px high (any width), but any image can be -used (less than 1MB) and it is automatically resized. - - +used (less than 1 MB) and it is automatically resized. After you select and upload an image, click **Update appearance settings** at the bottom of the page to activate it in the GitLab instance. @@ -34,8 +32,6 @@ By default, the favicon (used by the browser as the tab icon, as well as the CI uses the GitLab logo, but this can be customized with any icon desired. It must be a 32x32 `.png` or `.ico` image. - - After you select and upload an icon, click **Update appearance settings** at the bottom of the page to activate it in the GitLab instance. @@ -52,8 +48,6 @@ Limited [Markdown](../markdown.md) is supported, such as bold, italics, and link example. Other Markdown features, including lists, images, and quotes are not supported as the header and footer messages can only be a single line. - - If desired, you can select **Enable header and footer in emails** to have the text of the header and footer added to all emails sent by the GitLab instance. @@ -63,16 +57,12 @@ to activate it in the GitLab instance. ## Sign in / Sign up pages You can replace the default message on the sign in / sign up page with your own message -and logo. You can make full use of [Markdown](../markdown.md) in the description: - - +and logo. You can make full use of [Markdown](../markdown.md) in the description. The optimal size for the logo is 640x360px, but any image can be used (below 1MB) and it is resized automatically. The logo image appears between the title and the description, on the left of the sign-up page. - - After you add a message, click **Update appearance settings** at the bottom of the page to activate it in the GitLab instance. You can also click on the **Sign-in page** button, to review the saved appearance settings: @@ -85,8 +75,6 @@ You can add also add a [customized help message](settings/help_page.md) below th You can add a new project guidelines message to the **New project page** within GitLab. You can make full use of [Markdown](../markdown.md) in the description: - - The message is displayed below the **New Project** message, on the left side of the **New project page**. @@ -94,8 +82,6 @@ After you add a message, click **Update appearance settings** at the bottom of t to activate it in the GitLab instance. You can also click on the **New project page** button, which brings you to the new project page so you can review the change. - - ## Libravatar [Libravatar](https://www.libravatar.org) is supported by GitLab for avatar images, but you must diff --git a/doc/user/admin_area/approving_users.md b/doc/user/admin_area/approving_users.md index 9141d7f488d..2b3b90cb1a4 100644 --- a/doc/user/admin_area/approving_users.md +++ b/doc/user/admin_area/approving_users.md @@ -21,7 +21,7 @@ When a user registers for an account while this setting is enabled: A user pending approval: -- Is functionally identical to a [blocked](blocking_unblocking_users.md) user. +- Is functionally identical to a [blocked](moderate_users.md#blocking-a-user) user. - Cannot sign in. - Cannot access Git repositories or the GitLab API. - Does not receive any notifications from GitLab. diff --git a/doc/user/admin_area/blocking_unblocking_users.md b/doc/user/admin_area/blocking_unblocking_users.md index 1dba9e5adda..cafc7caf981 100644 --- a/doc/user/admin_area/blocking_unblocking_users.md +++ b/doc/user/admin_area/blocking_unblocking_users.md @@ -1,51 +1,8 @@ --- -stage: Manage -group: Access -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: howto +redirect_to: 'moderate_users.md' --- -# Blocking and unblocking users +This document was moved to [another location](moderate_users.md). -GitLab administrators block and unblock users. - -## Blocking a user - -In order to completely prevent access of a user to the GitLab instance, administrators can choose to -block the user. - -Users can be blocked [via an abuse report](abuse_reports.md#blocking-users), -or directly from the Admin Area. To do this: - -1. Navigate to **Admin Area > Overview > Users**. -1. Select a user. -1. Under the **Account** tab, click **Block user**. - -A blocked user: - -- Cannot log in. -- Cannot access Git repositories or the API. -- Does not receive any notifications from GitLab. -- Cannot use [slash commands](../../integration/slash_commands.md). - -Personal projects, and group and user history of the blocked user are left intact. - -Users can also be blocked using the [GitLab API](../../api/users.md#block-user). - -NOTE: -A blocked user does not consume a [seat](../../subscriptions/self_managed/index.md#billable-users). - -## Unblocking a user - -A blocked user can be unblocked from the Admin Area. To do this: - -1. Navigate to **Admin Area > Overview > Users**. -1. Click on the **Blocked** tab. -1. Select a user. -1. Under the **Account** tab, click **Unblock user**. - -Users can also be unblocked using the [GitLab API](../../api/users.md#unblock-user). - -NOTE: -Unblocking a user changes the user's state to active and consumes a -[seat](../../subscriptions/self_managed/index.md#billable-users). +<!-- This redirect file can be deleted after <2021-08-12>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/admin_area/broadcast_messages.md b/doc/user/admin_area/broadcast_messages.md index 6f6aed68620..67a89f896ff 100644 --- a/doc/user/admin_area/broadcast_messages.md +++ b/doc/user/admin_area/broadcast_messages.md @@ -1,6 +1,6 @@ --- -stage: none -group: unassigned +stage: Growth +group: Activation info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference, howto --- @@ -66,11 +66,16 @@ To add a broadcast message: 1. Navigate to the **Admin Area > Messages** page. 1. Add the text for the message to the **Message** field. Markdown and emoji are supported. 1. Select one of the suggested background colors, or add the hex code of a different color. The default color is orange. -1. If required, add a **Target Path** to only show the broadcast message on URLs matching that path. You can use the wildcard character `*` to match multiple URLs, for example `/users/*/issues`. +1. If required, add a **Target Path** to only show the broadcast message on URLs matching that path. You can use the wildcard character `*` to match multiple URLs, for example `mygroup/myproject*`. 1. Select a date for the message to start and end. 1. Click the **Add broadcast message** button. NOTE: +When scoping messages, you can't use preceding or trailing slashes. For example, +instead of `/mygroup/myproject/`, you must use `mygroup/myproject`. A fix is +[planned for GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59482). + +NOTE: The **Background color** field expects the value to be a hexadecimal code because the form uses the [color_field](https://api.rubyonrails.org/v6.0.3.4/classes/ActionView/Helpers/FormHelper.html#method-i-color_field) helper method, which generates the proper HTML to render. diff --git a/doc/user/admin_area/credentials_inventory.md b/doc/user/admin_area/credentials_inventory.md index 0ae6e41264c..c47dc7d70f5 100644 --- a/doc/user/admin_area/credentials_inventory.md +++ b/doc/user/admin_area/credentials_inventory.md @@ -33,7 +33,7 @@ The following is an example of the Credentials inventory page: If you see a **Revoke** button, you can revoke that user's PAT. Whether you see a **Revoke** button depends on the token state, and if an expiration date has been set. For more information, see the following table: -| Token state | [Token expiration enforced?](settings/account_and_limit_settings.md#optional-non-enforcement-of-personal-access-token-expiration) | Show Revoke button? | Comments | +| Token state | [Token expiration enforced?](settings/account_and_limit_settings.md#do-not-enforce-personal-access-token-expiration) | Show Revoke button? | Comments | |-------------|------------------------|--------------------|----------------------------------------------------------------------------| | Active | Yes | Yes | Allows administrators to revoke the PAT, such as for a compromised account | | Active | No | Yes | Allows administrators to revoke the PAT, such as for a compromised account | @@ -56,14 +56,7 @@ The instance then notifies the user. ## Review existing GPG keys > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/282429) in GitLab 13.10. -> - [Deployed behind a feature flag](../feature_flags.md), disabled by default. -> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/292961) in GitLab 13.11. -> - Enabled on GitLab.com. -> - Recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-the-gpg-keys-view). - -WARNING: -This feature might not be available to you. Check the **version history** note above for details. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/292961) in GitLab 13.12. You can view all existing GPG in your GitLab instance by navigating to the credentials inventory GPG Keys tab, as well as the following properties: @@ -73,22 +66,3 @@ credentials inventory GPG Keys tab, as well as the following properties: - Whether the GPG key is [verified or unverified](../project/repository/gpg_signed_commits/index.md)  - -### Enable or disable the GPG keys view - -Enabling or disabling the GPG keys view is under development but ready for production use. -It is deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) -can opt to disable it. - -To enable it: - -```ruby -Feature.enable(:credential_inventory_gpg_keys) -``` - -To disable it: - -```ruby -Feature.disable(:credential_inventory_gpg_keys) -``` diff --git a/doc/user/admin_area/diff_limits.md b/doc/user/admin_area/diff_limits.md index 83b1869c7f2..32756ab4780 100644 --- a/doc/user/admin_area/diff_limits.md +++ b/doc/user/admin_area/diff_limits.md @@ -9,7 +9,7 @@ type: reference You can set a maximum size for display of diff files (patches). -For details about diff files, [View changes between files](../project/merge_requests/reviewing_and_managing_merge_requests.md#view-changes-between-file-versions). +For details about diff files, [view changes between files](../project/merge_requests/changes.md). ## Maximum diff patch size @@ -23,10 +23,10 @@ This affects merge requests and branch comparison views. To set the maximum diff patch size: -1. Go to **Admin Area > Settings > General**. +1. Go to the Admin Area (**{admin}**) and select **Settings > General**. 1. Expand **Diff limits**. 1. Enter a value for **Maximum diff patch size**, measured in bytes. -1. Click on **Save changes**. +1. Select **Save changes**. WARNING: This setting is experimental. An increased maximum increases resource diff --git a/doc/user/admin_area/img/abuse_reports_page_v13_11.png b/doc/user/admin_area/img/abuse_reports_page_v13_11.png Binary files differindex bcb2aec9e64..ef57f45ab77 100644 --- a/doc/user/admin_area/img/abuse_reports_page_v13_11.png +++ b/doc/user/admin_area/img/abuse_reports_page_v13_11.png diff --git a/doc/user/admin_area/img/appearance_favicon_v12_3.png b/doc/user/admin_area/img/appearance_favicon_v12_3.png Binary files differdeleted file mode 100644 index 0bab0638265..00000000000 --- a/doc/user/admin_area/img/appearance_favicon_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/img/appearance_header_footer_v12_3.png b/doc/user/admin_area/img/appearance_header_footer_v12_3.png Binary files differdeleted file mode 100644 index da68ddcf166..00000000000 --- a/doc/user/admin_area/img/appearance_header_footer_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/img/appearance_header_logo_v12_3.png b/doc/user/admin_area/img/appearance_header_logo_v12_3.png Binary files differdeleted file mode 100644 index 414301b8efa..00000000000 --- a/doc/user/admin_area/img/appearance_header_logo_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/img/appearance_new_project_preview_v12_3.png b/doc/user/admin_area/img/appearance_new_project_preview_v12_3.png Binary files differdeleted file mode 100644 index 92593399843..00000000000 --- a/doc/user/admin_area/img/appearance_new_project_preview_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/img/appearance_new_project_v12_3.png b/doc/user/admin_area/img/appearance_new_project_v12_3.png Binary files differdeleted file mode 100644 index 120a191de27..00000000000 --- a/doc/user/admin_area/img/appearance_new_project_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/img/appearance_sign_in_preview_v12_3.png b/doc/user/admin_area/img/appearance_sign_in_preview_v12_3.png Binary files differdeleted file mode 100644 index d05bda71545..00000000000 --- a/doc/user/admin_area/img/appearance_sign_in_preview_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/img/appearance_sign_in_v12_3.png b/doc/user/admin_area/img/appearance_sign_in_v12_3.png Binary files differdeleted file mode 100644 index 0caa29aae2c..00000000000 --- a/doc/user/admin_area/img/appearance_sign_in_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/img/cohorts_v13_9.png b/doc/user/admin_area/img/cohorts_v13_9.png Binary files differdeleted file mode 100644 index 6a616b201c9..00000000000 --- a/doc/user/admin_area/img/cohorts_v13_9.png +++ /dev/null diff --git a/doc/user/admin_area/img/cohorts_v13_9_a.png b/doc/user/admin_area/img/cohorts_v13_9_a.png Binary files differnew file mode 100644 index 00000000000..a891b5b12c2 --- /dev/null +++ b/doc/user/admin_area/img/cohorts_v13_9_a.png diff --git a/doc/user/admin_area/img/license_upload_v13_12.png b/doc/user/admin_area/img/license_upload_v13_12.png Binary files differnew file mode 100644 index 00000000000..81dc162c1f0 --- /dev/null +++ b/doc/user/admin_area/img/license_upload_v13_12.png diff --git a/doc/user/admin_area/img/license_upload_v13_8.png b/doc/user/admin_area/img/license_upload_v13_8.png Binary files differdeleted file mode 100644 index c15bc2bfa02..00000000000 --- a/doc/user/admin_area/img/license_upload_v13_8.png +++ /dev/null diff --git a/doc/user/admin_area/index.md b/doc/user/admin_area/index.md index 08fcd4674dc..5d1fde1c767 100644 --- a/doc/user/admin_area/index.md +++ b/doc/user/admin_area/index.md @@ -28,7 +28,7 @@ The Admin Area is made up of the following sections: | **{messages}** Messages | Send and manage [broadcast messages](broadcast_messages.md) for your users. | | **{hook}** System Hooks | Configure [system hooks](../../system_hooks/system_hooks.md) for many events. | | **{applications}** Applications | Create system [OAuth applications](../../integration/oauth_provider.md) for integrations with other services. | -| **{slight-frown}** Abuse Reports | Manage [abuse reports](abuse_reports.md) submitted by your users. | +| **{slight-frown}** Abuse Reports | Manage [abuse reports](review_abuse_reports.md) submitted by your users. | | **{license}** License | Upload, display, and remove [licenses](license.md). | | **{cloud-gear}** Kubernetes | Create and manage instance-level [Kubernetes clusters](../instance/clusters/index.md). | | **{push-rules}** Push rules | Configure pre-defined Git [push rules](../../push_rules/push_rules.md) for projects. Also, configure [merge requests approvers rules](merge_requests_approvals.md). | @@ -117,8 +117,8 @@ To list users matching a specific criteria, click on one of the following tabs o - **2FA Enabled** - **2FA Disabled** - **External** -- **[Blocked](blocking_unblocking_users.md)** -- **[Deactivated](activating_deactivating_users.md)** +- **[Blocked](moderate_users.md#blocking-a-user)** +- **[Deactivated](moderate_users.md#deactivating-a-user)** - **Without projects** For each user, the following are listed: @@ -126,6 +126,7 @@ For each user, the following are listed: 1. Username 1. Email address 1. Project membership count +1. Group membership count ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276215) in GitLab 13.12) 1. Date of account creation 1. Date of last activity diff --git a/doc/user/admin_area/license.md b/doc/user/admin_area/license.md index 85ff5f8e7b1..73472fcf67a 100644 --- a/doc/user/admin_area/license.md +++ b/doc/user/admin_area/license.md @@ -38,24 +38,24 @@ to **Admin Area > License**. Otherwise, you can: -1. Navigate manually to the **Admin Area** by clicking the wrench (**{admin}**) icon in the menu bar. +1. Navigate manually to the **Admin Area** by selecting the wrench (**{admin}**) icon in the top menu. -1. Navigate to the **License** tab, and click **Upload New License**. +1. Navigate to the **License** tab, and select **Upload New License**. - *If you've received a `.gitlab-license` file:* 1. Download the license file to your local machine. 1. Select **Upload `.gitlab-license` file**. - 1. Select **Choose File** and select the license file. + 1. Select **Choose file** and select the license file. In this example the license file is named `GitLab.gitlab-license`. - 1. Check the **Subscription Agreement** checkbox. + 1. Select the **Terms of Service** checkbox. 1. Select **Upload License**. -  +  - *If you've received your license as plain text:* 1. Select **Enter license key**. 1. Copy the license and paste it into the **License key** field. - 1. Check the **Subscription Agreement** checkbox. + 1. Select the **Terms of Service** checkbox. 1. Select **Upload License**. ## Add your license at install time diff --git a/doc/user/admin_area/merge_requests_approvals.md b/doc/user/admin_area/merge_requests_approvals.md index e8c435a2b5e..fadccadaf2c 100644 --- a/doc/user/admin_area/merge_requests_approvals.md +++ b/doc/user/admin_area/merge_requests_approvals.md @@ -32,4 +32,4 @@ any commits to the source branch. - **Prevent users from modifying merge request approvers list**. Prevents users from modifying the approvers list in project settings or in individual merge requests. -Also read the [project level merge request approval rules](../project/merge_requests/merge_request_approvals.md), which are affected by instance level rules. +Also read the [project level merge request approval rules](../project/merge_requests/approvals/index.md), which are affected by instance level rules. diff --git a/doc/user/admin_area/moderate_users.md b/doc/user/admin_area/moderate_users.md new file mode 100644 index 00000000000..c04003dd75f --- /dev/null +++ b/doc/user/admin_area/moderate_users.md @@ -0,0 +1,157 @@ +--- +stage: Manage +group: Access +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: howto +--- + +# Moderate users + +GitLab administrators can moderate user access by blocking, banning, or deactivating users. + +## Blocking and unblocking users + +GitLab administrators can block and unblock users. + +### Blocking a user + +In order to completely prevent access of a user to the GitLab instance, +administrators can choose to block the user. + +Users can be blocked [via an abuse report](review_abuse_reports.md#blocking-users), +or directly from the Admin Area. To do this: + +1. Navigate to **Admin Area > Overview > Users**. +1. Select a user. +1. Under the **Account** tab, click **Block user**. + +A blocked user: + +- Cannot log in. +- Cannot access Git repositories or the API. +- Does not receive any notifications from GitLab. +- Cannot use [slash commands](../../integration/slash_commands.md). + +Personal projects, and group and user history of the blocked user are left intact. + +Users can also be blocked using the [GitLab API](../../api/users.md#block-user). + +NOTE: +A blocked user does not consume a [seat](../../subscriptions/self_managed/index.md#billable-users). + +### Unblocking a user + +A blocked user can be unblocked from the Admin Area. To do this: + +1. Navigate to **Admin Area > Overview > Users**. +1. Click on the **Blocked** tab. +1. Select a user. +1. Under the **Account** tab, click **Unblock user**. + +Users can also be unblocked using the [GitLab API](../../api/users.md#unblock-user). + +NOTE: +Unblocking a user changes the user's state to active and consumes a +[seat](../../subscriptions/self_managed/index.md#billable-users). + +## Activating and deactivating users + +GitLab administrators can deactivate and activate users. + +### Deactivating a user + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22257) in GitLab 12.4. + +In order to temporarily prevent access by a GitLab user that has no recent activity, +administrators can choose to deactivate the user. + +Deactivating a user is functionally identical to [blocking a user](#blocking-and-unblocking-users), +with the following differences: + +- It does not prohibit the user from logging back in via the UI. +- Once a deactivated user logs back into the GitLab UI, their account is set to active. + +A deactivated user: + +- Cannot access Git repositories or the API. +- Will not receive any notifications from GitLab. +- Will not be able to use [slash commands](../../integration/slash_commands.md). + +Personal projects, and group and user history of the deactivated user are left intact. + +A user can be deactivated from the Admin Area. To do this: + +1. Navigate to **Admin Area > Overview > Users**. +1. Select a user. +1. Under the **Account** tab, click **Deactivate user**. + +Please note that for the deactivation option to be visible to an admin, the user: + +- Must be currently active. +- Must not have signed in, or have any activity, in the last 90 days. + +Users can also be deactivated using the [GitLab API](../../api/users.md#deactivate-user). + +NOTE: +A deactivated user does not consume a [seat](../../subscriptions/self_managed/index.md#billable-users). + +### Activating a user + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22257) in GitLab 12.4. + +A deactivated user can be activated from the Admin Area. + +To do this: + +1. Navigate to **Admin Area > Overview > Users**. +1. Click on the **Deactivated** tab. +1. Select a user. +1. Under the **Account** tab, click **Activate user**. + +Users can also be activated using the [GitLab API](../../api/users.md#activate-user). + +NOTE: +Activating a user changes the user's state to active and consumes a +[seat](../../subscriptions/self_managed/index.md#billable-users). + +NOTE: +A deactivated user can also activate their account themselves by logging back in via the UI. + +## Ban and unban users + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327353) in GitLab 13.12. + +GitLab administrators can ban users. + +NOTE: +This feature is behind a feature flag that is disabled by default. GitLab administrators +with access to the GitLab Rails console can [enable](../../administration/feature_flags.md) +this feature for your GitLab instance. + +### Ban a user + +To completely block a user, administrators can choose to ban the user. + +Users can be banned using the Admin Area. To do this: + +1. Navigate to **Admin Area > Overview > Users**. +1. Select a user. +1. Under the **Account** tab, click **Ban user**. + +NOTE: +This feature is a work in progress. Currently, banning a user +only blocks them and does not hide their comments or issues. +This functionality will be implemented in follow up issues. + +### Unban a user + +A banned user can be unbanned using the Admin Area. To do this: + +1. Navigate to **Admin Area > Overview > Users**. +1. Click on the **Banned** tab. +1. Select a user. +1. Under the **Account** tab, click **Unban user**. + +NOTE: +Unbanning a user changes the user's state to active and consumes a +[seat](../../subscriptions/self_managed/index.md#billable-users). diff --git a/doc/user/admin_area/monitoring/background_migrations.md b/doc/user/admin_area/monitoring/background_migrations.md new file mode 100644 index 00000000000..50593959710 --- /dev/null +++ b/doc/user/admin_area/monitoring/background_migrations.md @@ -0,0 +1,81 @@ +--- +stage: Enablement +group: Database +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Batched Background Migrations **(FREE SELF)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/51332) in GitLab 13.11. +> - [Deployed behind a feature flag](../../../user/feature_flags.md), disabled by default. +> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/329511) in GitLab 13.12. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-batched-background-migrations). **(FREE SELF)** + +There can be [risks when disabling released features](../../../user/feature_flags.md#risks-when-disabling-released-features). +Refer to this feature's version history for more details. + +To update database tables in batches, GitLab can use batched background migrations. These migrations +are created by GitLab developers and run automatically on upgrade. However, such migrations are +limited in scope to help with migrating some `integer` database columns to `bigint`. This is needed to +prevent integer overflow for some tables. + +All migrations must be finished before upgrading GitLab. To check the status of the existing +migrations, execute this command: + +```ruby +Gitlab::Database::BackgroundMigration::BatchedMigration.pluck(:id, :table_name, :status) +``` + +## Enable or disable Batched Background Migrations **(FREE SELF)** + +Batched Background Migrations is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to disable it. + +To enable it: + +```ruby +Feature.enable(:execute_batched_migrations_on_schedule) +``` + +To disable it: + +```ruby +Feature.disable(:execute_batched_migrations_on_schedule) +``` + +## Automatic batch size optimization **(FREE SELF)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60133) in GitLab 13.12. +> - [Deployed behind a feature flag](../../../user/feature_flags.md), disabled by default. +> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/329511) in GitLab 13.12. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-automatic-batch-size-optimization). **(FREE SELF)** + +There can be [risks when disabling released features](../../../user/feature_flags.md#risks-when-disabling-released-features). +Refer to this feature's version history for more details. + +To maximize throughput of batched background migrations (in terms of the number of tuples updated per time unit), batch sizes are automatically adjusted based on how long the previous batches took to complete. + +## Enable or disable automatic batch size optimization **(FREE SELF)** + +Automatic batch size optimization for Batched Background Migrations is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to disable it. + +To enable it: + +```ruby +Feature.enable(:optimize_batched_migrations) +``` + +To disable it: + +```ruby +Feature.disable(:optimize_batched_migrations) +``` diff --git a/doc/user/admin_area/review_abuse_reports.md b/doc/user/admin_area/review_abuse_reports.md new file mode 100644 index 00000000000..12a3111c6f3 --- /dev/null +++ b/doc/user/admin_area/review_abuse_reports.md @@ -0,0 +1,90 @@ +--- +stage: Manage +group: Access +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference, howto +--- + +# Review abuse reports **(FREE SELF)** + +View and resolve abuse reports from GitLab users. + +GitLab administrators can view and [resolve](#resolving-abuse-reports) abuse +reports in the Admin Area. + +## Receiving notifications of abuse reports + +To receive notifications of new abuse reports by e-mail, follow these steps: + +1. Select **Admin Area > Settings > Reporting**. +1. Expand the **Abuse reports** section. +1. Provide an email address. + +The notification email address can also be set and retrieved +[using the API](../../api/settings.md#list-of-settings-that-can-be-accessed-via-api-calls). + +## Reporting abuse + +To find out more about reporting abuse, see [abuse reports user +documentation](../report_abuse.md). + +## Resolving abuse reports + +To access abuse reports, go to **Admin Area > Abuse Reports**. + +There are 3 ways to resolve an abuse report, with a button for each method: + +- Remove user & report. This: + - [Deletes the reported user](../profile/account/delete_account.md) from the + instance. + - Removes the abuse report from the list. +- [Block user](#blocking-users). +- Remove report. This: + - Removes the abuse report from the list. + - Removes access restrictions for the reported user. + +The following is an example of the **Abuse Reports** page: + + + +### Blocking users + +A blocked user cannot log in or access any repositories, but all of their data +remains. + +Blocking a user: + +- Leaves them in the abuse report list. +- Changes the **Block user** button to a disabled **Already blocked** button. + +The user is notified with the following message: + +```plaintext +Your account has been blocked. If you believe this is in error, contact a staff member. +``` + +After blocking, you can still either: + +- Remove the user and report if necessary. +- Remove the report. + +The following is an example of a blocked user listed on the **Abuse Reports** +page: + + + +NOTE: +Users can be [blocked](../../api/users.md#block-user) and +[unblocked](../../api/users.md#unblock-user) using the GitLab API. + +<!-- ## Troubleshooting + +Include any troubleshooting steps that you can foresee. If you know beforehand what issues +one might have when setting this up, or when something is changed, or on upgrading, it's +important to describe those, too. Think of things that may go wrong and include them here. +This is important to minimize requests for support, and to avoid doc comments with +questions that you know someone might ask. + +Each scenario can be a third-level heading, e.g. `### Getting error message X`. +If you have none to add when creating a doc, leave this section in place +but commented out to help encourage others to add to it in the future. --> diff --git a/doc/user/admin_area/settings/account_and_limit_settings.md b/doc/user/admin_area/settings/account_and_limit_settings.md index 0f391118215..8bc5a035e2a 100644 --- a/doc/user/admin_area/settings/account_and_limit_settings.md +++ b/doc/user/admin_area/settings/account_and_limit_settings.md @@ -50,7 +50,7 @@ You can set a global prefix for all generated Personal Access Tokens. A prefix can help you identify PATs visually, as well as with automation tools. -### Setting a prefix +### Set a prefix Only a GitLab administrator can set the prefix, which is a global setting applied to any PAT generated in the system by any user: @@ -148,7 +148,7 @@ To set a limit on how long these sessions are valid: 1. Fill in the **Session duration for Git operations when 2FA is enabled (minutes)** field. 1. Click **Save changes**. -## Limiting lifetime of personal access tokens **(ULTIMATE SELF)** +## Limit the lifetime of personal access tokens **(ULTIMATE SELF)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) in GitLab Ultimate 12.6. @@ -160,7 +160,7 @@ Personal access tokens are the only tokens needed for programmatic access to Git However, organizations with security requirements may want to enforce more protection by requiring the regular rotation of these tokens. -### Setting a lifetime +### Set a lifetime Only a GitLab administrator can set a lifetime. Leaving it empty means there are no restrictions. @@ -180,12 +180,16 @@ Once a lifetime for personal access tokens is set, GitLab: allowed lifetime. Three hours is given to allow administrators to change the allowed lifetime, or remove it, before revocation takes place. -## Optional enforcement of SSH key expiration **(ULTIMATE SELF)** +## Enforce SSH key expiration **(ULTIMATE SELF)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250480) in GitLab 13.9. By default, expired SSH keys **can still be used**. -You can prevent the use of expired SSH keys with the following steps: + +WARNING: +Allowing use of expired SSH keys by default is deprecated and scheduled to change in GitLab 14.0. + +To prevent the use of expired SSH keys: 1. Navigate to **Admin Area > Settings > General**. 1. Expand the **Account and limit** section. @@ -195,7 +199,7 @@ Enforcing SSH key expiration immediately disables all expired SSH keys. For more information, see the following issue on [SSH key expiration](https://gitlab.com/gitlab-org/gitlab/-/issues/320970). -## Optional non-enforcement of Personal Access Token expiration **(ULTIMATE SELF)** +## Do not enforce Personal Access Token expiration **(ULTIMATE SELF)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214723) in GitLab Ultimate 13.1. > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/296881) in GitLab 13.9. @@ -209,7 +213,7 @@ To do this: 1. Expand the **Account and limit** section. 1. Uncheck the **Enforce personal access token expiration** checkbox. -## Disabling user profile name changes **(PREMIUM SELF)** +## Disable user profile name changes **(PREMIUM SELF)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/24605) in GitLab 12.7. diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md index 29b5bdd5e05..decd204dbe5 100644 --- a/doc/user/admin_area/settings/continuous_integration.md +++ b/doc/user/admin_area/settings/continuous_integration.md @@ -19,11 +19,11 @@ for all projects: 1. Go to **Admin Area > Settings > CI/CD**. 1. Check (or uncheck to disable) the box that says **Default to Auto DevOps pipeline for all projects**. 1. Optionally, set up the [Auto DevOps base domain](../../../topics/autodevops/index.md#auto-devops-base-domain) - which is going to be used for Auto Deploy and Auto Review Apps. + which is used for Auto Deploy and Auto Review Apps. 1. Hit **Save changes** for the changes to take effect. From now on, every existing project and newly created ones that don't have a -`.gitlab-ci.yml`, will use the Auto DevOps pipelines. +`.gitlab-ci.yml`, uses the Auto DevOps pipelines. If you want to disable it for a specific project, you can do so in [its settings](../../../topics/autodevops/index.md#enable-or-disable-auto-devops). @@ -49,13 +49,13 @@ To change it at the: 1. Change the value of maximum artifacts size (in MB). 1. Click **Save changes** for the changes to take effect. -- Group level (this will override the instance setting): +- Group level (this overrides the instance setting): 1. Go to the group's **Settings > CI/CD > General Pipelines**. 1. Change the value of **maximum artifacts size (in MB)**. 1. Click **Save changes** for the changes to take effect. -- Project level (this will override the instance and group settings): +- Project level (this overrides the instance and group settings): 1. Go to the project's **Settings > CI/CD > General Pipelines**. 1. Change the value of **maximum artifacts size (in MB)**. @@ -80,7 +80,7 @@ This setting is set per job and can be overridden in To disable the expiration, set it to `0`. The default unit is in seconds. NOTE: -Any changes to this setting will apply to new artifacts only. The expiration time will not +Any changes to this setting applies to new artifacts only. The expiration time is not be updated for artifacts created before this setting was changed. The administrator may need to manually search for and expire previously-created artifacts, as described in the [troubleshooting documentation](../../../administration/troubleshooting/gitlab_rails_cheat_sheet.md#remove-artifacts-more-than-a-week-old). @@ -117,7 +117,7 @@ All application settings have a [customizable cache expiry interval](../../../ad If you have enabled shared runners for your GitLab instance, you can limit their usage by setting a maximum number of pipeline minutes that a group can use on -shared runners per month. Setting this to `0` (default value) will grant +shared runners per month. Setting this to `0` (default value) grants unlimited pipeline minutes. While build limits are stored as minutes, the counting is done in seconds. Usage resets on the first day of each month. On GitLab.com, the quota is calculated based on your @@ -157,18 +157,18 @@ Archiving jobs is useful for reducing the CI/CD footprint on the system by removing some of the capabilities of the jobs (metadata needed to run the job), but persisting the traces and artifacts for auditing purposes. -To set the duration for which the jobs will be considered as old and expired: +To set the duration for which the jobs are considered as old and expired: 1. Go to **Admin Area > Settings > CI/CD**. 1. Expand the **Continuous Integration and Deployment** section. 1. Set the value of **Archive jobs**. 1. Hit **Save changes** for the changes to take effect. -Once that time passes, the jobs will be archived and no longer able to be +Once that time passes, the jobs are archived and no longer able to be retried. Make it empty to never expire jobs. It has to be no less than 1 day, for example: <code>15 days</code>, <code>1 month</code>, <code>2 years</code>. -As of June 22, 2020 the [value is set](../../gitlab_com/index.md#gitlab-cicd) to 3 months on GitLab.com. Jobs created before that date will be archived after September 22, 2020. +As of June 22, 2020 the [value is set](../../gitlab_com/index.md#gitlab-cicd) to 3 months on GitLab.com. Jobs created before that date were archived after September 22, 2020. ## Default CI configuration path diff --git a/doc/user/admin_area/settings/help_page.md b/doc/user/admin_area/settings/help_page.md index 1ac54bdc037..5739c3e4f10 100644 --- a/doc/user/admin_area/settings/help_page.md +++ b/doc/user/admin_area/settings/help_page.md @@ -18,13 +18,8 @@ You can add a help message, which is shown on the GitLab `/help` page (e.g., 1. Navigate to **Admin Area > Settings > Preferences**, then expand **Help page**. 1. Under **Help page text**, fill in the information you wish to display on `/help`. - -  - 1. Save your changes. You can now see the message on `/help`. - - ## Adding a help message to the login page **(STARTER)** You can add a help message, which is shown on the GitLab login page in a new section diff --git a/doc/user/admin_area/settings/img/help_page_help_page_text_ex_v12_3.png b/doc/user/admin_area/settings/img/help_page_help_page_text_ex_v12_3.png Binary files differdeleted file mode 100644 index 421fa2977f9..00000000000 --- a/doc/user/admin_area/settings/img/help_page_help_page_text_ex_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/settings/img/help_page_help_page_text_v12_3.png b/doc/user/admin_area/settings/img/help_page_help_page_text_v12_3.png Binary files differdeleted file mode 100644 index 13c17fb118a..00000000000 --- a/doc/user/admin_area/settings/img/help_page_help_page_text_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/settings/index.md b/doc/user/admin_area/settings/index.md index 60081f2e0bd..a1f4c6a06e2 100644 --- a/doc/user/admin_area/settings/index.md +++ b/doc/user/admin_area/settings/index.md @@ -72,7 +72,7 @@ Access the default page for admin area settings by navigating to **Admin Area > | Option | Description | | ------ | ----------- | | [Spam and Anti-bot Protection](../../../integration/recaptcha.md) | Enable reCAPTCHA or Akismet and set IP limits. For reCAPTCHA, we currently only support [v2](https://developers.google.com/recaptcha/docs/versions). | -| [Abuse reports](../abuse_reports.md) | Set notification email for abuse reports. | +| [Abuse reports](../review_abuse_reports.md) | Set notification email for abuse reports. | ## Metrics and profiling @@ -91,6 +91,7 @@ Access the default page for admin area settings by navigating to **Admin Area > | ------ | ----------- | | Performance optimization | [Write to "authorized_keys" file](../../../administration/operations/fast_ssh_key_lookup.md#setting-up-fast-lookup-via-gitlab-shell) and [Push event activities limit and bulk push events](push_event_activities_limit.md). Various settings that affect GitLab performance. | | [User and IP rate limits](user_and_ip_rate_limits.md) | Configure limits for web and API requests. | +| [Package Registry Rate Limits](package_registry_rate_limits.md) | Configure specific limits for Packages API requests that supersede the user and IP rate limits. | | [Outbound requests](../../../security/webhooks.md) | Allow requests to the local network from hooks and services. | | [Protected Paths](protected_paths.md) | Configure paths to be protected by Rack Attack. | | [Incident Management](../../../operations/incident_management/index.md) Limits | Configure limits on the number of inbound alerts able to be sent to a project. | @@ -107,6 +108,7 @@ Access the default page for admin area settings by navigating to **Admin Area > | Option | Description | | ------ | ----------- | | [Email](email.md) | Various email settings. | +| [What's new](../../../administration/whats-new.md) | Configure What's new drawer and content. | | [Help page](help_page.md) | Help page text and support page URL. | | [Pages](../../../administration/pages/index.md#custom-domain-verification) | Size and domain settings for static websites | | [Real-time features](../../../administration/polling.md) | Change this value to influence how frequently the GitLab UI polls for updates. | diff --git a/doc/user/admin_area/settings/package_registry_rate_limits.md b/doc/user/admin_area/settings/package_registry_rate_limits.md new file mode 100644 index 00000000000..578b7cd1236 --- /dev/null +++ b/doc/user/admin_area/settings/package_registry_rate_limits.md @@ -0,0 +1,33 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +--- + +# Package Registry Rate Limits **(FREE SELF)** + +Rate limiting is a common technique used to improve the security and durability of a web +application. For more details, see [Rate limits](../../../security/rate_limits.md). General user and +IP rate limits can be enforced in **Admin Area > Settings > Network > User and IP rate limits**. +For more details, see [User and IP rate limits](user_and_ip_rate_limits.md). + +With the [GitLab Package Registry](../../packages/package_registry/index.md), +you can use GitLab as a private or public registry for a variety of common package managers. You can +publish and share packages, which others can consume as a dependency in downstream projects through +the [Packages API](../../../api/packages.md). + +When downloading such dependencies in downstream projects, many requests are made through the +Packages API. You may therefore reach enforced user and IP rate limits. To address this issue, you +can define specific rate limits for the Packages API in +**Admin Area > Settings > Network > Package Registry Rate Limits**: + +- Unauthenticated Packages API requests +- Authenticated Packages API requests + +These limits are disabled by default. When enabled, they supersede the general user and IP rate +limits for requests to the Packages API. You can therefore keep the general user and IP rate limits, +and increase (if necessary) the rate limits for the Packages API. + +Besides this precedence, there are no differences in functionality compared to the general user and +IP rate limits. For more details, see [User and IP rate limits](user_and_ip_rate_limits.md). diff --git a/doc/user/admin_area/settings/sign_in_restrictions.md b/doc/user/admin_area/settings/sign_in_restrictions.md index 7b2928a3873..647f9332119 100644 --- a/doc/user/admin_area/settings/sign_in_restrictions.md +++ b/doc/user/admin_area/settings/sign_in_restrictions.md @@ -20,14 +20,12 @@ To access sign-in restriction settings: You can restrict the password authentication for web interface and Git over HTTP(S): -- **Web interface**: When this feature is disabled, an [external authentication provider](../../../administration/auth/README.md) must be used. +- **Web interface**: When this feature is disabled, the **Standard** sign-in tab is removed and an [external authentication provider](../../../administration/auth/README.md) must be used. - **Git over HTTP(S)**: When this feature is disabled, a [Personal Access Token](../../profile/personal_access_tokens.md) must be used to authenticate. ## Admin Mode > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2158) in GitLab 13.10. -> - It's [deployed behind the feature flag](../../../user/feature_flags.md) `:user_mode_in_session`, disabled by default. -> - To use it in GitLab self-managed instances, ask a GitLab administrator to enable it. When this feature is enabled, instance administrators are limited as regular users. During that period, they do not have access to all projects, groups, or the **Admin Area** menu. @@ -81,25 +79,6 @@ If necessary, you can disable **Admin Mode** as an administrator by using one of ::Gitlab::CurrentSettings.update_attributes!(admin_mode: false) ``` -## Enable or disable Admin Mode - -Admin Mode is under development and not ready for production use. It is -deployed behind a feature flag that is **disabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) -can enable it. - -To enable it: - -```ruby -Feature.enable(:user_mode_in_session) -``` - -To disable it: - -```ruby -Feature.disable(:user_mode_in_session) -``` - ## Two-factor authentication When this feature is enabled, all users must use the [two-factor authentication](../../profile/account/two_factor_authentication.md). diff --git a/doc/user/admin_area/settings/user_and_ip_rate_limits.md b/doc/user/admin_area/settings/user_and_ip_rate_limits.md index ba4ef890caa..9e64dd59a74 100644 --- a/doc/user/admin_area/settings/user_and_ip_rate_limits.md +++ b/doc/user/admin_area/settings/user_and_ip_rate_limits.md @@ -133,6 +133,8 @@ The possible names are: - `throttle_unauthenticated_protected_paths` - `throttle_authenticated_protected_paths_api` - `throttle_authenticated_protected_paths_web` +- `throttle_unauthenticated_packages_api` +- `throttle_authenticated_packages_api` For example, to try out throttles for all authenticated requests to non-protected paths can be done by setting diff --git a/doc/user/admin_area/user_cohorts.md b/doc/user/admin_area/user_cohorts.md index f3c913b409a..b01a299178d 100644 --- a/doc/user/admin_area/user_cohorts.md +++ b/doc/user/admin_area/user_cohorts.md @@ -6,8 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Cohorts **(FREE)** -As a benefit of having the [usage ping active](settings/usage_statistics.md), -you can analyze your users' GitLab activities over time. +You can analyze your users' GitLab activities over time. To see user cohorts, go to **Admin Area > Overview > Users**. @@ -16,7 +15,7 @@ To see user cohorts, go to **Admin Area > Overview > Users**. How do you interpret the user cohorts table? Let's review an example with the following user cohorts: - + For the cohort of March 2020, three users were added to this server and have been active since this month. One month later (April 2020), two users are still diff --git a/doc/user/analytics/ci_cd_analytics.md b/doc/user/analytics/ci_cd_analytics.md index 397f311adae..284e87e9b35 100644 --- a/doc/user/analytics/ci_cd_analytics.md +++ b/doc/user/analytics/ci_cd_analytics.md @@ -50,9 +50,9 @@ The following table shows the supported metrics, at which level they are support | Metric | Level | API version | Chart (UI) version | Comments | | --------------- | ----------- | --------------- | ---------- | ------- | -| `deployment_frequency` | Project-level | [13.7+](../../api/dora/metrics.md) | [13.8+](#deployment-frequency-charts) | The [old API endopint](../../api/dora4_project_analytics.md) was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/323713) in 13.10. | +| `deployment_frequency` | Project-level | [13.7+](../../api/dora/metrics.md) | [13.8+](#deployment-frequency-charts) | The [old API endpoint](../../api/dora4_project_analytics.md) was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/323713) in 13.10. | | `deployment_frequency` | Group-level | [13.10+](../../api/dora/metrics.md) | To be supported | | -| `lead_time_for_changes` | Project-level | [13.10+](../../api/dora/metrics.md) | To be supported | Unit in seconds. Aggregation method is median. | +| `lead_time_for_changes` | Project-level | [13.10+](../../api/dora/metrics.md) | [13.11+](#lead-time-charts) | Unit in seconds. Aggregation method is median. | | `lead_time_for_changes` | Group-level | [13.10+](../../api/dora/metrics.md) | To be supported | Unit in seconds. Aggregation method is median. | | `change_failure_rate` | Project/Group-level | To be supported | To be supported | | | `time_to_restore_service` | Project/Group-level | To be supported | To be supported | | @@ -61,11 +61,14 @@ The following table shows the supported metrics, at which level they are support > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/275991) in GitLab 13.8. -The **Analytics > CI/CD Analytics** page shows information about the deployment frequency to the -`production` environment. The environment **must** be named `production` for its deployment -information to appear on the graphs. +The **Analytics > CI/CD Analytics** page shows information about the deployment +frequency to the `production` environment. The environment must be part of the +[production deployment tier](../../ci/environments/index.md#deployment-tier-of-environments) +for its deployment information to appear on the graphs. - + + +These charts are available for both groups and projects. ### Lead time charts **(ULTIMATE)** @@ -81,3 +84,5 @@ processes. For time periods in which no merge requests were deployed, the charts render a red, dashed line. + +These charts are only available for projects. diff --git a/doc/user/analytics/img/code_review_analytics_v13_11.png b/doc/user/analytics/img/code_review_analytics_v13_11.png Binary files differindex e337afa3ace..b559b934a89 100644 --- a/doc/user/analytics/img/code_review_analytics_v13_11.png +++ b/doc/user/analytics/img/code_review_analytics_v13_11.png diff --git a/doc/user/analytics/img/deployment_frequency_chart_v13_8.png b/doc/user/analytics/img/deployment_frequency_chart_v13_8.png Binary files differdeleted file mode 100644 index 40dd2fa0321..00000000000 --- a/doc/user/analytics/img/deployment_frequency_chart_v13_8.png +++ /dev/null diff --git a/doc/user/analytics/img/deployment_frequency_charts_v13_12.png b/doc/user/analytics/img/deployment_frequency_charts_v13_12.png Binary files differnew file mode 100644 index 00000000000..2242363d25e --- /dev/null +++ b/doc/user/analytics/img/deployment_frequency_charts_v13_12.png diff --git a/doc/user/analytics/img/issues_created_per_month_v13_11.png b/doc/user/analytics/img/issues_created_per_month_v13_11.png Binary files differindex 01ebde5a54d..da3340bfdc2 100644 --- a/doc/user/analytics/img/issues_created_per_month_v13_11.png +++ b/doc/user/analytics/img/issues_created_per_month_v13_11.png diff --git a/doc/user/analytics/img/pipelines_duration_chart.png b/doc/user/analytics/img/pipelines_duration_chart.png Binary files differindex 12ec262dadb..17ab7173557 100644 --- a/doc/user/analytics/img/pipelines_duration_chart.png +++ b/doc/user/analytics/img/pipelines_duration_chart.png diff --git a/doc/user/analytics/index.md b/doc/user/analytics/index.md index 6e3c9cf7a5f..d50a183aa54 100644 --- a/doc/user/analytics/index.md +++ b/doc/user/analytics/index.md @@ -4,29 +4,65 @@ group: Optimize info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Analytics +# Analytics **(FREE)** ## Definitions When we describe GitLab analytics, we use the following terms: -- Cycle time: The duration of your value stream, from start to finish. Often displayed in combination with "lead time." GitLab measures cycle time from issue creation to issue close. GitLab displays cycle time in [Value Stream Analytics](value_stream_analytics.md). -- DORA (DevOps Research and Assessment) ["Four Keys"](https://cloud.google.com/blog/products/devops-sre/using-the-four-keys-to-measure-your-devops-performance): - - Speed - - Deployment Frequency: How often an organization successfully releases to production. - - Lead Time for Changes: The time it takes for a commit to get into production. This differs from ordinary "lead time" as it "focuses on measuring only the time to deliver a feature once it has been developed", -as described in ([Measuring DevOps Performance](https://devops.com/measuring-devops-performance/)). - - Stability - - Change Failure Rate: The percentage of deployments causing a failure in production. - - Time to Restore Service: How long it takes an organization to recover from a failure in production. -- MTTC (Mean Time to Change): The average duration between idea and delivery. GitLab measures MTTC from issue creation to the issue's latest related merge request's deployment to production. -- MTTD (Mean Time to Detect): The average duration that a bug goes undetected in production. GitLab measures MTTD from deployment of bug to issue creation. -- MTTM (Mean Time To Merge): The average lifespan of a merge request. GitLab measures MTTM from merge request creation to merge request merge (and closed/un-merged merge requests are excluded). For more information, see [Merge Request Analytics](merge_request_analytics.md). -- MTTR (Mean Time to Recover/Repair/Resolution/Resolve/Restore): The average duration that a bug is not fixed in production. GitLab measures MTTR from deployment of bug to deployment of fix. -- Lead time: The duration of the work itself. Often displayed in combination with "cycle time." GitLab measures from issue first merge request creation to issue close. Note: Work started before the creation of the first merge request. We plan to start measuring from "issue first commit" as a better proxy, although still imperfect. GitLab displays lead time in [Value Stream Analytics](value_stream_analytics.md). -- Throughput: The number of issues closed or merge requests merged (not closed) in some period of time. Often measured per sprint. GitLab displays merge request throughput in [Merge Request Analytics](merge_request_analytics.md). -- Value Stream: The entire work process that is followed to deliver value to customers. For example, the [DevOps lifecycle](https://about.gitlab.com/stages-devops-lifecycle/) is a value stream that starts with "plan" and ends with "monitor". GitLab helps you track your value stream using [Value Stream Analytics](value_stream_analytics.md). -- Velocity: The total issue burden completed in some period of time. The burden is usually measured in points or weight, often per sprint. For example, your velocity may be "30 points per sprint". GitLab measures velocity as the total points/weight of issues closed in a given period of time. +- **Cycle time:** The duration of only the execution work alone. Often displayed in combination with "lead time," which is longer. GitLab measures cycle time from issue first merge request creation to issue close. This approach underestimates lead time because merge request creation is always later than commit time. GitLab displays cycle time in [group-level Value Stream Analytics](../group/value_stream_analytics/index.md). +- **Deploys:** The total number of successful deployments to production in the given time frame (across all applicable projects). GitLab displays deploys in [group-level Value Stream Analytics](../group/value_stream_analytics/index.md). +- **DORA (DevOps Research and Assessment)** ["Four Keys"](https://cloud.google.com/blog/products/devops-sre/using-the-four-keys-to-measure-your-devops-performance): + - **Speed/Velocity** + + - **Deployment frequency:** The average number of successful deployments to production per period. + This effectively measures how often you are delivering value to end users. A higher deployment + frequency means you are able to get feedback and iterate more quickly in delivering + improvements and features faster. GitLab measures this as the number of deployments to a + [production environment](../../ci/environments/index.md#deployment-tier-of-environments) in + the given time period. + GitLab displays deployment frequency in [group-level Value Stream Analytics](../group/value_stream_analytics/index.md). + - **Lead Time for Changes:** The time it takes for a commit to get into production. (1) GitLab + measures this as the median duration between merge request merge and deployment to a + [production environment](../../ci/environments/index.md#deployment-tier-of-environments) for + all MRs deployed in the given time period. This measure under-estimates lead time because + merge time is always later than commit time. The + [standard definition](https://github.com/GoogleCloudPlatform/fourkeys/blob/main/METRICS.md#lead-time-for-changes) uses median commit time. We plan to start + [measuring from "issue first commit"](https://gitlab.com/gitlab-org/gitlab/-/issues/328459) + as a better proxy, although still imperfect. + + - **Stability** + - **Change Failure Rate:** The percentage of deployments causing a failure in production. + GitLab measures this as the number of [incidents](../../operations/incident_management/incidents.md) + divided by the number of deployments to a + [production environment](../../ci/environments/index.md#deployment-tier-of-environments) in + the given time period. This assumes: + + - All incidents are related to a production environment. + - Incidents and deployments have a strictly one-to-one relationship (meaning any incident is + related to only one production deployment, and any production deployment is related to no + more than one incident). + + - **Time to Restore Service:** How long it takes an organization to recover from a failure in + production. GitLab measures this as the average time required to close the + [incidents](../../operations/incident_management/incidents.md) in the given time period. + This assumes: + + - All incidents are related to a [production environment](../../ci/environments/index.md#deployment-tier-of-environments). + - Incidents and deployments have a strictly one-to-one relationship (meaning any incident is related to only one production deployment, and any production deployment is related to no more than one incident). + +- **Lead time:** The duration of your value stream, from start to finish. Different from [Lead time for changes](#lead-time-for-changes). Often displayed in combination with "cycle time," which is shorter. GitLab measures lead time from issue creation to issue close. GitLab displays lead time in [group-level Value Stream Analytics](../group/value_stream_analytics/index.md). +- **MTTC (Mean Time to Change):** The average duration between idea and delivery. GitLab measures MTTC from issue creation to the issue's latest related merge request's deployment to production. +- **MTTD (Mean Time to Detect):** The average duration that a bug goes undetected in production. GitLab measures MTTD from deployment of bug to issue creation. +- **MTTM (Mean Time To Merge):** The average lifespan of a merge request. GitLab measures MTTM from merge request creation to merge request merge (and closed/un-merged merge requests are excluded). For more information, see [Merge Request Analytics](merge_request_analytics.md). +- **MTTR (Mean Time to Recover/Repair/Resolution/Resolve/Restore):** The average duration that a bug is not fixed in production. GitLab measures MTTR from deployment of bug to deployment of fix. +- **Throughput:** The number of issues closed or merge requests merged (not closed) in some period of time. Often measured per sprint. GitLab displays merge request throughput in [Merge Request Analytics](merge_request_analytics.md). +- **Value Stream:** The entire work process that is followed to deliver value to customers. For example, the [DevOps lifecycle](https://about.gitlab.com/stages-devops-lifecycle/) is a value stream that starts with "plan" and ends with "monitor". GitLab helps you track your value stream using [Value Stream Analytics](value_stream_analytics.md). +- **Velocity:** The total issue burden completed in some period of time. The burden is usually measured in points or weight, often per sprint. For example, your velocity may be "30 points per sprint". GitLab measures velocity as the total points/weight of issues closed in a given period of time. + +### Lead time for changes + +"Lead Time for Changes" differs from ordinary "Lead Time" because it "focuses on measuring only the time to deliver a feature once it has been developed", as described in ([Measuring DevOps Performance](https://devops.com/measuring-devops-performance/)). ## Instance-level analytics @@ -38,38 +74,38 @@ in one place. [Learn more about instance-level analytics](../admin_area/analytics/index.md). -## Group-level analytics +## Group-level analytics **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/195979) in GitLab 12.8. -> - Moved to [GitLab Premium](https://about.gitlab.com/pricing/) due to Starter/Bronze being [discontinued](https://about.gitlab.com/blog/2021/01/26/new-gitlab-product-subscription-model/) in 13.9. +> - Moved to GitLab Premium in 13.9. The following analytics features are available at the group level: -- [Contribution](../group/contribution_analytics/index.md). **(PREMIUM)** -- [DevOps Adoption](../group/devops_adoption/index.md). **(ULTIMATE)** -- [Insights](../group/insights/index.md). **(ULTIMATE)** -- [Issue](../group/issues_analytics/index.md). **(PREMIUM)** -- [Productivity](productivity_analytics.md). **(PREMIUM)** -- [Repositories](../group/repositories_analytics/index.md). **(PREMIUM)** -- [Value Stream](../group/value_stream_analytics/index.md). **(PREMIUM)** -- [Application Security](../application_security/security_dashboard/#group-security-dashboard). **(ULTIMATE)** +- [Application Security](../application_security/security_dashboard/#group-security-dashboard) +- [Contribution](../group/contribution_analytics/index.md) +- [DevOps Adoption](../group/devops_adoption/index.md) +- [Insights](../group/insights/index.md) +- [Issue](../group/issues_analytics/index.md) +- [Productivity](productivity_analytics.md) +- [Repositories](../group/repositories_analytics/index.md) +- [Value Stream](../group/value_stream_analytics/index.md) ## Project-level analytics The following analytics features are available at the project level: -- [CI/CD](ci_cd_analytics.md). **(FREE)** -- [Code Review](code_review_analytics.md). **(PREMIUM)** -- [Insights](../project/insights/index.md). **(ULTIMATE)** -- [Issue](../group/issues_analytics/index.md). **(PREMIUM)** +- [Application Security](../application_security/security_dashboard/#project-security-dashboard) +- [CI/CD](ci_cd_analytics.md) +- [Code Review](code_review_analytics.md) +- [Insights](../project/insights/index.md) +- [Issue](../group/issues_analytics/index.md) - [Merge Request](merge_request_analytics.md), enabled with the `project_merge_request_analytics` - [feature flag](../../development/feature_flags/index.md#enabling-a-feature-flag-locally-in-development). **(PREMIUM)** -- [Repository](repository_analytics.md). **(FREE)** -- [Value Stream](value_stream_analytics.md). **(FREE)** -- [Application Security](../application_security/security_dashboard/#project-security-dashboard). **(ULTIMATE)** + [feature flag](../../development/feature_flags/index.md#enabling-a-feature-flag-locally-in-development) +- [Repository](repository_analytics.md) +- [Value Stream](value_stream_analytics.md) -## User-configurable analytics +## User-configurable analytics **(ULTIMATE)** The following analytics features are available for users to create personalized views: -- [Application Security](../application_security/security_dashboard/#security-center). **(ULTIMATE)** +- [Application Security](../application_security/security_dashboard/#security-center) diff --git a/doc/user/analytics/merge_request_analytics.md b/doc/user/analytics/merge_request_analytics.md index 909eb7e585f..321e2f0fc24 100644 --- a/doc/user/analytics/merge_request_analytics.md +++ b/doc/user/analytics/merge_request_analytics.md @@ -7,8 +7,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Merge Request Analytics **(PREMIUM)** -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/229045) in [GitLab Starter](https://about.gitlab.com/pricing/) 13.3. -> - Moved to [GitLab Premium](https://about.gitlab.com/pricing/) due to Starter/Bronze being [discontinued](https://about.gitlab.com/blog/2021/01/26/new-gitlab-product-subscription-model/) in 13.9. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/229045) in GitLab 13.3. +> - Moved to GitLab Premium in 13.9. Merge Request Analytics helps you understand the efficiency of your code review process, and the productivity of your team. @@ -56,7 +56,7 @@ The throughput chart shows the number of merge requests merged per month. ### Throughput table -[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/232651) in GitLab 13.3. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/232651) in GitLab 13.3. The Throughput table displays the most recent merge requests merged in the date range. The table displays up to 20 merge requests at a time. If there are more than 20 merge requests, diff --git a/doc/user/analytics/repository_analytics.md b/doc/user/analytics/repository_analytics.md index f77070ea943..9016bf6393f 100644 --- a/doc/user/analytics/repository_analytics.md +++ b/doc/user/analytics/repository_analytics.md @@ -25,6 +25,7 @@ You can find Repository Analytics in the project's sidebar. To access the page, NOTE: Without a Git commit in the default branch, the menu item won't be visible. +Commits in a project's [wiki](../project/wiki/index.md#track-wiki-events) are not included in the analysis. ### Charts diff --git a/doc/user/application_security/api_fuzzing/create_har_files.md b/doc/user/application_security/api_fuzzing/create_har_files.md new file mode 100644 index 00000000000..220d00adc7b --- /dev/null +++ b/doc/user/application_security/api_fuzzing/create_har_files.md @@ -0,0 +1,234 @@ +--- +stage: Secure +group: Fuzz Testing +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +type: howto +--- + +# HTTP Archive format + +HTTP Archive (HAR) format files are an industry standard for exchanging information about HTTP +requests and HTTP responses. A HAR file's content is JSON formatted, containing browser interactions +with a web site. The file extension `.har` is commonly used. + +The HAR files can be used to perform [web API Fuzz Testing](index.md#http-archive-har) as part of +your [GitLab CI/CD](../../../ci/README.md) pipelines. + +WARNING: +**DANGER** A HAR file stores information exchanged between web client and web server. It could also +store sensitive information such as authentication tokens, API keys, and session cookies. We +recommend that you review the HAR file contents before adding them to a repository. + +## HAR file creation + +You can create HAR files manually or by using a specialized tool for recording web sessions. We +recommend using a specialized tool. However, it is important to make sure files created by these +tools do not expose sensitive information, and can be safely used. + +The following tools can be used generate a HAR file based on your network activity. They +automatically record your network activity and generate the HAR file: + +1. [GitLab HAR Recorder](#gitlab-har-recorder). +1. [Insomnia API Client](#insomnia-api-client). +1. [Fiddler debugging proxy](#fiddler-debugging-proxy). +1. [Safari web browser](#safari-web-browser). +1. [Chrome web browser](#chrome-web-browser). +1. [Firefox web browser](#firefox-web-browser). + +WARNING: +**DANGER** HAR files may contain sensitive information such as authentication tokens, API keys, and +session cookies. We recommend that you review the HAR file contents before adding them to a +repository. + +### GitLab HAR Recorder + +[GitLab HAR Recorder](https://gitlab.com/gitlab-org/security-products/har-recorder) is a command +line tool for recording HTTP messages and saving them to HTTP Archive (HAR) files. For more details +about the GitLab HAR Recorder, see the [homepage](https://gitlab.com/gitlab-org/security-products/har-recorder). + +#### Install GitLab HAR Recorder + +Prerequisites: + +- Install Python 3.6 or greater. +- For Microsoft Windows, you must also install `Microsoft Visual C++ 14.0`. It's included with + *Build Tools for Visual Studio* from [Visual Studio Downloads page](https://visualstudio.microsoft.com/downloads/). +- Install HAR Recorder. + +Install GitLab HAR Recorder: + + ```shell + pip install gitlab-har-recorder --extra-index-url https://gitlab.com/api/v4/projects/22441624/packages/pypi/simple + ``` + +#### Create a HAR file with GitLab HAR Recorder + +1. Start recorder with the proxy port and HAR filename. +1. Complete the browser actions, using the proxy. + 1. Make sure proxy is used! +1. Stop the recorder. + +To verify the HAR contains all requests, use the [HAR Viewer (online)](http://www.softwareishard.com/har/viewer/). +[Google Admin Toolbox HAR Analyzer](https://toolbox.googleapps.com/apps/har_analyzer/) + +### Insomnia API Client + +[Insomnia API Client](https://insomnia.rest/) is an API design tool that among many uses, helps +you to design, describe, and test your API. You can also use it to generate HAR files that can be +used in [Web API Fuzz Testing](index.md#http-archive-har). + +#### Create a HAR file with the Insomnia API Client + +1. Define or import your API. + - Postman v2. + - Curl. + - OpenAPI v2, v3. +1. Verify each API call works. + - If you imported an OpenAPI specification, go through and add working data. +1. Select **API > Import/Export**. +1. Select **Export Data > Current Workspace**. +1. Select requests to include in the HAR file. +1. Select **Export**. +1. In the **Select Export Type** dropdown select **HAR -- HTTP Archive Format**. +1. Select **Done**. +1. Enter a location and filename for the HAR file. + +### Fiddler debugging proxy + +[Fiddler](https://www.telerik.com/fiddler) is a web debugger tool. It captures HTTP and HTTP(S) +network traffic and allows you to examine each request. It also lets you export the requests and +responses in HAR format. + +#### Create a HAR file with Fiddler + +1. Go to the [Fiddler home page](https://www.telerik.com/fiddler) and sign in. If you don't already +have an account, first create an account. +1. Browse pages that call an API. Fiddler automatically captures the requests. +1. Select one or more requests, then from the context menu, select **Export > Selected Sessions**. +1. In the **Choose Format** dropdown select **HTTPArchive v1.2**. +1. Enter a filename and select **Save**. + +Fiddler shows a popup message confirming the export has succeeded. + +### Safari web browser + +[Safari](https://www.apple.com/safari/) is a web browser maintained by Apple. As web development +evolves, browsers support new capabilities. With Safari you can explore network traffic and +export it as a HAR file. + +#### Create a HAR file with Safari + +Prerequisites: + +- Enable the `Develop` menu item. + 1. Open Safari's preferences. Press <kbd>Command</kbd>+<kbd>,</kbd> or from the menu, select + **Safari > Preferences...**. + 1. Select **Advanced** tab, then select `Show Develop menu item in menu bar`. + 1. Close the **Preferences** window. + +1. Open the **Web Inspector**. Press <kbd>Option</kbd>+<kbd>Command</kbd>+<kbd>i</kbd>, or from the + menu, select **Develop > Show Web Inspector**. +1. Select the **Network** tab, and select **Preserve Log**. +1. Browse pages that call the API. +1. Open the **Web Inspector** and select the **Network** tab +1. Right-click on the request to export and select **Export HAR**. +1. Enter a filename and select **Save**. + +### Chrome web browser + +[Chrome](https://www.google.com/chrome/) is a web browser maintained by Google. As web development +evolves, browsers support new capabilities. With Chrome you can explore network traffic and +export it as a HAR file. + +#### Create a HAR file with Chrome + +1. From the Chrome context menu, select **Inspect**. +1. Select the **Network** tab. +1. Select **Preserve log**. +1. Browse pages that call the API. +1. Select one or more requests. +1. Right click and select **Save all as HAR with content**. +1. Enter a filename and select **Save**. +1. To append additional requests, select and save them to the same file. + +### Firefox Web Browser + +[Firefox](https://www.mozilla.org/en-US/firefox/new/) is a web browser maintained by Mozilla. As web +development evolves, browsers support new capabilities. With Firefox you can explore network traffic +and export it as a HAR file. + +#### Create a HAR file with Firefox + +1. From the Firefox context menu, select **Inspect**. +1. Select the **Network** tab. +1. Browse pages that call the API. +1. Check the **Network** tab and confirm requests are being recorded. If there is a message + `Perform a request or Reload the page to see detailed information about network activity`, + select **Reload** to start recording requests. +1. Select one or more requests. +1. Right click and select **Save All As HAR**. +1. Enter a filename and select **Save**. +1. To append additional requests, select and save them to the same file. + +## HAR verification + +Before using HAR files it's important to make sure they don't expose any sensitive information. + +For each HAR file you should: + +- View the HAR file's content +- Review the HAR file for sensitive information +- Edit or remove sensitive information + +### View HAR file contents + +We recommend viewing a HAR file's content in a tool that can present its content in a structured +way. Several HAR file viewers are available online. If you would prefer not to upload the HAR file, +you can use a tool installed on your computer. HAR files used JSON format, so can also be viewed in +a text editor. + +Tools recommended for viewing HAR files include: + +- [HAR Viewer](http://www.softwareishard.com/har/viewer/) - (online) +- [Google Admin Toolbox HAR Analyzer](https://toolbox.googleapps.com/apps/har_analyzer/) - (online) +- [Fiddler](https://www.telerik.com/fiddler) - local +- [Insomnia API Client](https://insomnia.rest/) - local + +## Review HAR file content + +Review the HAR file for any of the following: + +- Information that could help to grant access to your application, for example: authentication + tokens, authentication tokens, cookies, API keys. +- [Personally Identifiable Information (PII)](https://en.wikipedia.org/wiki/Personal_data). + +We strongly recommended that you [edit or remove it](#edit-or-remove-sensitive-information) any +sensitive information. + +Use the following as a checklist to start with. Note that it's not an exhaustive list. + +- Look for secrets. For example: if your application requires authentication, check common locations + or authentication information: + - Authentication related headers. For example: cookies, authorization. These headers could contain + valid information. + - A request related to authentication. The body of these requests might contain information such + as user credentials or tokens. + - Session tokens. Session tokens could grant access to your application. The location of these + token could vary. They could be in headers, query parameters or body. +- Look for Personally Identifiable Information + - For example, if your application retrieves a list of users and their personal data: phones, + names, emails. + - Authentication information might also contain personal information. + +## Edit or remove sensitive information + +Edit or remove sensitive information found during the [HAR file content review](#review-har-file-content). +HAR files are JSON files and can be edited in any text editor. + +After editing the HAR file, open it in a HAR file viewer to verify its formatting and structure are +intact. + +The following example demonstrates use of [Visual Studio Code](https://code.visualstudio.com/) text +editor to edit an Authorization token found in a header. + + diff --git a/doc/user/application_security/api_fuzzing/img/vscode_har_edit_auth_header.png b/doc/user/application_security/api_fuzzing/img/vscode_har_edit_auth_header.png Binary files differnew file mode 100644 index 00000000000..a6bc45e67d3 --- /dev/null +++ b/doc/user/application_security/api_fuzzing/img/vscode_har_edit_auth_header.png diff --git a/doc/user/application_security/api_fuzzing/index.md b/doc/user/application_security/api_fuzzing/index.md index dfb7e12a8be..8511c919c14 100644 --- a/doc/user/application_security/api_fuzzing/index.md +++ b/doc/user/application_security/api_fuzzing/index.md @@ -7,17 +7,51 @@ type: reference, howto # Web API Fuzz Testing **(ULTIMATE)** -You can add web API fuzzing to your [GitLab CI/CD](../../../ci/README.md) -pipelines. This helps you discover bugs and potential security issues that other QA processes may -miss. API fuzzing performs fuzz testing of API operation parameters. Fuzz testing sets operation +Web API fuzzing performs fuzz testing of API operation parameters. Fuzz testing sets operation parameters to unexpected values in an effort to cause unexpected behavior and errors in the API -backend. +backend. This helps you discover bugs and potential security issues that other QA processes may +miss. We recommend that you use fuzz testing in addition to [GitLab Secure](../index.md)'s other security scanners and your own test processes. If you're using [GitLab CI/CD](../../../ci/README.md), you can run fuzz tests as part your CI/CD workflow. -## Requirements +## When Web API fuzzing runs + +Web API fuzzing runs in the `fuzz` stage of the CI/CD pipeline. To ensure API fuzzing scans the +latest code, your CI/CD pipeline should deploy changes to a test environment in one of the stages +preceding the `fuzz` stage. + +Note the following changes have been made to the API fuzzing template: + +- In GitLab 14.0 and later, you must define a `fuzz` stage in your `.gitlab-ci.yml` file. +- In GitLab 13.12 and earlier, the API fuzzing template defines `build`, `test`, `deploy`, and + `fuzz` stages. The `fuzz` stage runs last by default. The predefined stages were deprecated, and removed from the `API-Fuzzing.latest.gitlab-ci.yml` template. They will be removed in a future GitLab + version. + +If your pipeline is configured to deploy to the same web server on each run, running a +pipeline while another is still running could cause a race condition in which one pipeline +overwrites the code from another. The API to scan should be excluded from changes for the duration +of a fuzzing scan. The only changes to the API should be from the fuzzing scanner. Any changes made +to the API (for example, by users, scheduled tasks, database changes, code changes, other pipelines, +or other scanners) during a scan could cause inaccurate results. + +You can run a Web API fuzzing scan using the following methods: + +- [OpenAPI Specification](#openapi-specification) - version 2.0 or 3.0 +- [HTTP Archive](#http-archive-har) (HAR) +- [Postman Collection](#postman-collection) - version 2.0 or 2.1 + +Example projects using these methods are available: + +- [Example OpenAPI v2 Specification project](https://gitlab.com/gitlab-org/security-products/demos/api-fuzzing-example/-/tree/openapi) +- [Example HTTP Archive (HAR) project](https://gitlab.com/gitlab-org/security-products/demos/api-fuzzing-example/-/tree/har) +- [Example Postman Collection project](https://gitlab.com/gitlab-org/security-products/demos/api-fuzzing/postman-api-fuzzing-example) +- [Example GraphQL project](https://gitlab.com/gitlab-org/security-products/demos/api-fuzzing/graphql-api-fuzzing-example) + +## Enable Web API fuzzing + +Requirements: - One of the following web API types: - REST API @@ -29,49 +63,26 @@ you can run fuzz tests as part your CI/CD workflow. - HTTP Archive (HAR) of API requests to test - Postman Collection v2.0 or v2.1 -## When fuzzing scans run - -When using the `API-Fuzzing.gitlab-ci.yml` template, the `fuzz` job runs last, as shown here. To -ensure API fuzzing scans the latest code, your CI pipeline should deploy changes to a test -environment in one of the jobs preceding the `fuzz` job: - -```yaml -stages: - - build - - test - - deploy - - fuzz -``` - -Note that if your pipeline is configured to deploy to the same web server on each run, running a -pipeline while another is still running could cause a race condition in which one pipeline -overwrites the code from another. The API to scan should be excluded from changes for the duration -of a fuzzing scan. The only changes to the API should be from the fuzzing scanner. Be aware that -any changes made to the API (for example, by users, scheduled tasks, database changes, code -changes, other pipelines, or other scanners) during a scan could cause inaccurate results. - -## Configuration + WARNING: + **NEVER** run fuzz testing against a production server. Not only can it perform *any* function that + the API can, it may also trigger bugs in the API. This includes actions like modifying and deleting + data. Only run fuzzing against a test server. -There are three ways to perform scans. See the configuration section for the one you wish to use: +To enable Web API fuzzing: -- [OpenAPI v2 or v3 specification](#openapi-specification) -- [HTTP Archive (HAR)](#http-archive-har) -- [Postman Collection v2.0 or v2.1](#postman-collection) +- Include the API fuzzing template in your `.gitlab-ci.yml` file. +- From GitLab 13.10 and later, use the Web API fuzzing configuration form. -Examples of both configurations can be found here: +- For manual configuration instructions, see the respective section, depending on the API type: + - [OpenAPI Specification](#openapi-specification) + - [HTTP Archive (HAR)](#http-archive-har) + - [Postman Collection](#postman-collection) +- Otherwise, see [Web API fuzzing configuration form](#web-api-fuzzing-configuration-form). -- [Example OpenAPI v2 specification project](https://gitlab.com/gitlab-org/security-products/demos/api-fuzzing-example/-/tree/openapi) -- [Example HTTP Archive (HAR) project](https://gitlab.com/gitlab-org/security-products/demos/api-fuzzing-example/-/tree/har) -- [Example Postman Collection project](https://gitlab.com/gitlab-org/security-products/demos/api-fuzzing/postman-api-fuzzing-example) -- [Example GraphQL project](https://gitlab.com/gitlab-org/security-products/demos/api-fuzzing/graphql-api-fuzzing-example) - -WARNING: -GitLab 14.0 will require that you place API fuzzing configuration files (for example, -`gitlab-api-fuzzing-config.yml`) in your repository's `.gitlab` directory instead of your -repository's root. You can continue using your existing configuration files as they are, but -starting in GitLab 14.0, GitLab will not check your repository's root for configuration files. +In GitLab 14.0 and later, API fuzzing configuration files must be in your repository's +`.gitlab` directory instead of your repository's root. -### Configuration form +### Web API fuzzing configuration form > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299234) in GitLab 13.10. @@ -82,6 +93,8 @@ The API fuzzing configuration form helps you create or modify your project's API configuration. The form lets you choose values for the most common API fuzzing options and builds a YAML snippet that you can paste in your GitLab CI/CD configuration. +#### Configure Web API fuzzing with the configuration form + To generate an API Fuzzing configuration snippet: 1. From your project's home page, go to **Security & Compliance > Configuration** in the left @@ -89,25 +102,23 @@ To generate an API Fuzzing configuration snippet: 1. Select **Configure** in the **API Fuzzing** row. 1. Complete the form as needed. Read below for more information on available configuration options. 1. Select **Generate code snippet**. - -A modal opens with the YAML snippet corresponding to the options you've selected in the form. - - - -Select **Copy code and open `.gitlab-ci.yml` file** to copy the snippet to your clipboard and be redirected -to your project's `.gitlab-ci.yml` file where you can paste the YAML configuration. - -Select **Copy code only** to copy the snippet to your clipboard and close the modal. + A modal opens with the YAML snippet corresponding to the options you've selected in the form. +1. Choose one of the following actions: + 1. Select **Copy code and open `.gitlab-ci.yml` file** to copy the snippet to your clipboard and + be redirected to your project's `.gitlab-ci.yml` file where you can paste the YAML + configuration. + 1. Select **Copy code only** to copy the snippet to your clipboard and close the modal. ### OpenAPI Specification -> Support for OpenAPI Specification v3 was +> Support for OpenAPI Specification using YAML format was +> [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/330583) in GitLab 14.0. +> Support for OpenAPI Specification v3.0 was > [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/228652) in GitLab 13.9. -The [OpenAPI Specification](https://www.openapis.org/) (formerly the Swagger Specification) is an -API description format for REST APIs. This section shows you how to configure API fuzzing by using -an OpenAPI specification to provide information about the target API to test. OpenAPI specifications -are provided as a file system resource or URL. +The [OpenAPI Specification](https://www.openapis.org/) (formerly the Swagger Specification) is an API description format for REST APIs. +This section shows you how to configure API fuzzing using an OpenAPI Specification to provide information about the target API to test. +OpenAPI Specifications are provided as a file system resource or URL. Both JSON and YAML OpenAPI formats are supported. API fuzzing uses an OpenAPI document to generate the request body. When a request body is required, the body generation is limited to these body types: @@ -116,59 +127,42 @@ the body generation is limited to these body types: - `multipart/form-data` - `application/json` -Follow these steps to configure API fuzzing in GitLab with an OpenAPI specification: +#### Configure Web API fuzzing with an OpenAPI Specification -1. To use API fuzzing, you must [include](../../../ci/yaml/README.md#includetemplate) - the [`API-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml) - that's provided as part of your GitLab installation. To do so, add the following to your - `.gitlab-ci.yml` file: - - ```yaml - include: - - template: API-Fuzzing.gitlab-ci.yml - ``` +To configure API fuzzing in GitLab with an OpenAPI Specification: -1. Add the configuration file [`gitlab-api-fuzzing-config.yml`](https://gitlab.com/gitlab-org/security-products/analyzers/api-fuzzing/-/blob/master/gitlab-api-fuzzing-config.yml) to your repository's root as `.gitlab-api-fuzzing.yml`. +1. Add the `fuzz` stage to your `.gitlab-ci.yml` file. -1. The [configuration file](#configuration-files) has several testing profiles defined with varying - amounts of fuzzing. We recommend that you start with the `Quick-10` profile. Testing with this - profile completes quickly, allowing for easier configuration validation. +1. [Include](../../../ci/yaml/README.md#includetemplate) + the [`API-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml) + in your `.gitlab-ci.yml` file. - Provide the profile by adding the `FUZZAPI_PROFILE` CI/CD variable to your `.gitlab-ci.yml` file, - substituting `Quick-10` for the profile you choose: +1. Provide the profile by adding the `FUZZAPI_PROFILE` CI/CD variable to your `.gitlab-ci.yml` file. + The profile specifies how many tests are run. Substitute `Quick-10` for the profile you choose. For more details, see [API fuzzing profiles](#api-fuzzing-profiles). ```yaml - include: - - template: API-Fuzzing.gitlab-ci.yml - variables: FUZZAPI_PROFILE: Quick-10 ``` -1. Provide the location of the OpenAPI specification. You can provide the specification as a file - or URL. Specify the location by adding the `FUZZAPI_OPENAPI` variable: +1. Provide the location of the OpenAPI Specification. You can provide the specification as a file + or URL. Specify the location by adding the `FUZZAPI_OPENAPI` variable. - ```yaml - include: - - template: API-Fuzzing.gitlab-ci.yml - - variables: - FUZZAPI_PROFILE: Quick-10 - FUZZAPI_OPENAPI: test-api-specification.json - ``` - -1. The target API instance's base URL is also required. Provide it by using the `FUZZAPI_TARGET_URL` - variable or an `environment_url.txt` file. +1. Provide the target API instance's base URL. Use either the `FUZZAPI_TARGET_URL` variable or an + `environment_url.txt` file. Adding the URL in an `environment_url.txt` file at your project's root is great for testing in - dynamic environments. To run API fuzzing against an app dynamically created during a GitLab CI/CD - pipeline, have the app persist its domain in an `environment_url.txt` file. API fuzzing - automatically parses that file to find its scan target. You can see an - [example of this in our Auto DevOps CI YAML](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml). + dynamic environments. To run API fuzzing against an application dynamically created during a + GitLab CI/CD pipeline, have the application persist its URL in an `environment_url.txt` file. + API fuzzing automatically parses that file to find its scan target. You can see an + example of this in the [Auto DevOps CI YAML](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml). - Here's an example of using `FUZZAPI_TARGET_URL`: +Example `.gitlab-ci.yml` file using an OpenAPI Specification: ```yaml + stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -184,10 +178,7 @@ This is a minimal configuration for API Fuzzing. From here you can: - [Add authentication](#authentication). - Learn how to [handle false positives](#handling-false-positives). -WARNING: -**NEVER** run fuzz testing against a production server. Not only can it perform *any* function that -the API can, it may also trigger bugs in the API. This includes actions like modifying and deleting -data. Only run fuzzing against a test server. +For details of API fuzzing configuration options, see [Available CI/CD variables](#available-cicd-variables). ### HTTP Archive (HAR) @@ -196,59 +187,33 @@ is an archive file format for logging HTTP transactions. When used with the GitL must contain records of calling the web API to test. The API fuzzer extracts all the requests and uses them to perform testing. -You can use various tools to generate HAR files: - -- [Fiddler](https://www.telerik.com/fiddler): Web debugging proxy -- [Insomnia Core](https://insomnia.rest/): API client -- [Chrome](https://www.google.com/chrome/): Browser -- [Firefox](https://www.mozilla.org/en-US/firefox/): Browser -- [GitLab HAR Recorder](https://gitlab.com/gitlab-org/security-products/har-recorder): Command line +For more details, including how to create a HAR file, see [HTTP Archive format](create_har_files.md). WARNING: HAR files may contain sensitive information such as authentication tokens, API keys, and session cookies. We recommend that you review the HAR file contents before adding them to a repository. -Follow these steps to configure API fuzzing to use a HAR file that provides information about the -target API to test: +#### Configure Web API fuzzing with a HAR file -1. To use API fuzzing, you must [include](../../../ci/yaml/README.md#includetemplate) - the [`API-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml) - that's provided as part of your GitLab installation. To do so, add the following to your - `.gitlab-ci.yml` file: +To configure API fuzzing to use a HAR file: - ```yaml - include: - - template: API-Fuzzing.gitlab-ci.yml - ``` +1. Add the `fuzz` stage to your `.gitlab-ci.yml` file. -1. Add the configuration file [`gitlab-api-fuzzing-config.yml`](https://gitlab.com/gitlab-org/security-products/analyzers/api-fuzzing/-/blob/master/gitlab-api-fuzzing-config.yml) to your repository's root as `.gitlab-api-fuzzing.yml`. - -1. The [configuration file](#configuration-files) has several testing profiles defined with varying - amounts of fuzzing. We recommend that you start with the `Quick-10` profile. Testing with this - profile completes quickly, allowing for easier configuration validation. +1. [Include](../../../ci/yaml/README.md#includetemplate) + the [`API-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml) + in your `.gitlab-ci.yml` file. - Provide the profile by adding the `FUZZAPI_PROFILE` CI/CD variable to your `.gitlab-ci.yml` file, - substituting `Quick-10` for the profile you choose: +1. Provide the profile by adding the `FUZZAPI_PROFILE` CI/CD variable to your `.gitlab-ci.yml` file. + The profile specifies how many tests are run. Substitute `Quick-10` for the profile you choose. For more details, see [API fuzzing profiles](#api-fuzzing-profiles). ```yaml - include: - - template: API-Fuzzing.gitlab-ci.yml - variables: FUZZAPI_PROFILE: Quick-10 ``` 1. Provide the location of the HAR specification. You can provide the specification as a file - or URL. [URL support was introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/285020) in GitLab 13.10 and later. Specify the location by adding the `FUZZAPI_HAR` variable: - - ```yaml - include: - - template: API-Fuzzing.gitlab-ci.yml - - variables: - FUZZAPI_PROFILE: Quick-10 - FUZZAPI_HAR: test-api-recording.har - ``` + or URL. [URL support was introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/285020) + in GitLab 13.10 and later. Specify the location by adding the `FUZZAPI_HAR` variable. 1. The target API instance's base URL is also required. Provide it by using the `FUZZAPI_TARGET_URL` variable or an `environment_url.txt` file. @@ -259,9 +224,12 @@ target API to test: automatically parses that file to find its scan target. You can see an [example of this in our Auto DevOps CI YAML](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml). - Here's an example of using `FUZZAPI_TARGET_URL`: +Example `.gitlab-ci.yml` file using a HAR file: ```yaml + stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -271,16 +239,13 @@ target API to test: FUZZAPI_TARGET_URL: http://test-deployment/ ``` -This is a minimal configuration for API Fuzzing. From here you can: +This is a minimal configuration for API fuzzing. From here you can: - [Run your first scan](#running-your-first-scan). - [Add authentication](#authentication). - Learn how to [handle false positives](#handling-false-positives). -WARNING: -**NEVER** run fuzz testing against a production server. Not only can it perform *any* function that -the API can, it may also trigger bugs in the API. This includes actions like modifying and deleting -data. Only run fuzzing against a test server. +For details of API fuzzing configuration options, see [Available CI/CD variables](#available-cicd-variables). ### Postman Collection @@ -299,51 +264,31 @@ Postman Collection files may contain sensitive information such as authenticatio and session cookies. We recommend that you review the Postman Collection file contents before adding them to a repository. -Follow these steps to configure API fuzzing to use a Postman Collection file that provides -information about the target API to test: +#### Configure Web API fuzzing with a Postman Collection file -1. To use API fuzzing, you must [include](../../../ci/yaml/README.md#includetemplate) - the [`API-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml) - that's provided as part of your GitLab installation. To do so, add the following to your - `.gitlab-ci.yml` file: +To configure API fuzzing to use a Postman Collection file: - ```yaml - include: - - template: API-Fuzzing.gitlab-ci.yml - ``` +1. Add the `fuzz` stage to your `.gitlab-ci.yml` file. -1. Add the configuration file [`gitlab-api-fuzzing-config.yml`](https://gitlab.com/gitlab-org/security-products/analyzers/api-fuzzing/-/blob/master/gitlab-api-fuzzing-config.yml) - to your repository's root as `.gitlab-api-fuzzing.yml`. - -1. The [configuration file](#configuration-files) has several testing profiles defined with varying - amounts of fuzzing. We recommend that you start with the `Quick-10` profile. Testing with this - profile completes quickly, allowing for easier configuration validation. +1. [Include](../../../ci/yaml/README.md#includetemplate) + the [`API-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml) + in your `.gitlab-ci.yml` file. - Provide the profile by adding the `FUZZAPI_PROFILE` CI/CD variable to your `.gitlab-ci.yml` file, - substituting `Quick-10` for the profile you choose: +1. Provide the profile by adding the `FUZZAPI_PROFILE` CI/CD variable to your `.gitlab-ci.yml` file. + The profile specifies how many tests are run. Substitute `Quick-10` for the profile you choose. For more details, see [API fuzzing profiles](#api-fuzzing-profiles). ```yaml - include: - - template: API-Fuzzing.gitlab-ci.yml - variables: FUZZAPI_PROFILE: Quick-10 ``` -1. Provide the location of the Postman Collection specification. You can provide the specification as a file - or URL. [URL support was introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/285020) in GitLab 13.10 and later. Specify the location by adding the `FUZZAPI_POSTMAN_COLLECTION` variable: - - ```yaml - include: - - template: API-Fuzzing.gitlab-ci.yml - - variables: - FUZZAPI_PROFILE: Quick-10 - FUZZAPI_POSTMAN_COLLECTION: postman-collection_serviceA.json - ``` +1. Provide the location of the Postman Collection specification. You can provide the specification + as a file or URL. [URL support was introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/285020) + in GitLab 13.10 and later. Specify the location by adding the `FUZZAPI_POSTMAN_COLLECTION` + variable. -1. The target API instance's base URL is also required. Provide it by using the `FUZZAPI_TARGET_URL` - variable or an `environment_url.txt` file. +1. Provide the target API instance's base URL. Use either the `FUZZAPI_TARGET_URL` variable or an + `environment_url.txt` file. Adding the URL in an `environment_url.txt` file at your project's root is great for testing in dynamic environments. To run API fuzzing against an app dynamically created during a GitLab CI/CD @@ -351,9 +296,12 @@ information about the target API to test: automatically parses that file to find its scan target. You can see an [example of this in our Auto DevOps CI YAML](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml). - Here's an example of using `FUZZAPI_TARGET_URL`: +Example `.gitlab-ci.yml` file using a Postman Collection file: ```yaml + stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -369,15 +317,13 @@ This is a minimal configuration for API Fuzzing. From here you can: - [Add authentication](#authentication). - Learn how to [handle false positives](#handling-false-positives). -WARNING: -**NEVER** run fuzz testing against a production server. Not only can it perform *any* function that -the API can, it may also trigger bugs in the API. This includes actions like modifying and deleting -data. Only run fuzzing against a test server. +For details of API fuzzing configuration options, see [Available CI/CD variables](#available-cicd-variables). #### Postman variables Postman allows the developer to define placeholders that can be used in different parts of the -requests. These placeholders are called variables, as explained in [Using variables](https://learning.postman.com/docs/sending-requests/variables/). +requests. These placeholders are called variables, as explained in the Postman documentation, +[Using variables](https://learning.postman.com/docs/sending-requests/variables/). You can use variables to store and reuse values in your requests and scripts. For example, you can edit the collection to add variables to the document: @@ -398,7 +344,7 @@ Postman file. For example, Postman does not export environment-scoped variables file. By default, the API fuzzer uses the Postman file to resolve Postman variable values. If a JSON file -is set in a GitLab CI environment variable `FUZZAPI_POSTMAN_COLLECTION_VARIABLES`, then the JSON +is set in a GitLab CI/CD variable `FUZZAPI_POSTMAN_COLLECTION_VARIABLES`, then the JSON file takes precedence to get Postman variable values. Although Postman can export environment variables into a JSON file, the format is not compatible @@ -407,6 +353,9 @@ with the JSON expected by `FUZZAPI_POSTMAN_COLLECTION_VARIABLES`. Here is an example of using `FUZZAPI_POSTMAN_COLLECTION_VARIABLES`: ```yaml +stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -428,6 +377,13 @@ values. For example: } ``` +## API fuzzing configuration + +The API fuzzing behavior can be changed through CI/CD variables. + +From GitLab 13.12 and later, the default API fuzzing configuration file is `.gitlab/gitlab-api-fuzzing-config.yml`. In GitLab 14.0 and later, API fuzzing configuration files must be in your repository's +`.gitlab` directory instead of your repository's root. + ### Authentication Authentication is handled by providing the authentication token as a header or cookie. You can @@ -449,6 +405,9 @@ GitLab projects page at **Settings > CI/CD**, in the **Variables** section. Use as the value for `FUZZAPI_HTTP_PASSWORD`: ```yaml +stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -487,6 +446,9 @@ Follow these steps to provide the bearer token with `FUZZAPI_OVERRIDES_ENV`: 1. In your `.gitlab-ci.yml` file, set `FUZZAPI_OVERRIDES_ENV` to the variable you just created: ```yaml + stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -522,6 +484,9 @@ This file can be generated by a prior stage and provided to API fuzzing through Set `FUZZAPI_OVERRIDES_FILE` in your `.gitlab-ci.yml` file: ```yaml +stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -561,6 +526,9 @@ You must provide three CI/CD variables, each set for correct operation: For example: ```yaml +stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -576,16 +544,15 @@ variables: To validate that authentication is working, run an API fuzzing test and review the fuzzing logs and the test API's application logs. -### Configuration files +### API fuzzing profiles -To get you started quickly, GitLab provides the configuration file +GitLab provides the configuration file [`gitlab-api-fuzzing-config.yml`](https://gitlab.com/gitlab-org/security-products/analyzers/api-fuzzing/-/blob/master/gitlab-api-fuzzing-config.yml). -This file has several testing profiles that perform various numbers of tests. The run time of each -profile increases as the test numbers go up. To use a configuration file, add it to your -repository's root as `.gitlab-api-fuzzing.yml`. +It contains several testing profiles that perform a specific numbers of tests. The runtime of each +profile increases as the number of tests increases. -| Profile | Fuzz Tests (per parameter) | -|:---------|:-----------| +| Profile | Fuzz Tests (per parameter) | +|:----------|:---------------------------| | Quick-10 | 10 | | Medium-20 | 20 | | Medium-50 | 50 | @@ -593,35 +560,23 @@ repository's root as `.gitlab-api-fuzzing.yml`. ### Available CI/CD variables -| CI/CD variable | Description | -|------------------------------------------------------|--------------------| -| `FUZZAPI_VERSION` | Specify API Fuzzing container version. Defaults to `latest`. | -| `FUZZAPI_TARGET_URL` | Base URL of API testing target. | -|[`FUZZAPI_CONFIG`](#configuration-files) | API Fuzzing configuration file. Defaults to `.gitlab-apifuzzer.yml`. | -|[`FUZZAPI_PROFILE`](#configuration-files) | Configuration profile to use during testing. Defaults to `Quick`. | -| `FUZZAPI_REPORT` | Scan report filename. Defaults to `gl-api_fuzzing-report.xml`. | -|[`FUZZAPI_OPENAPI`](#openapi-specification) | OpenAPI specification file or URL. | -|[`FUZZAPI_HAR`](#http-archive-har) | HTTP Archive (HAR) file. | -|[`FUZZAPI_POSTMAN_COLLECTION`](#postman-collection) | Postman Collection file. | -|[`FUZZAPI_POSTMAN_COLLECTION_VARIABLES`](#postman-variables) | Path to a JSON file to extract postman variable values. | -|[`FUZZAPI_OVERRIDES_FILE`](#overrides) | Path to a JSON file containing overrides. | -|[`FUZZAPI_OVERRIDES_ENV`](#overrides) | JSON string containing headers to override. | -|[`FUZZAPI_OVERRIDES_CMD`](#overrides) | Overrides command. | -|[`FUZZAPI_OVERRIDES_INTERVAL`](#overrides) | How often to run overrides command in seconds. Defaults to `0` (once). | -|[`FUZZAPI_HTTP_USERNAME`](#http-basic-authentication) | Username for HTTP authentication. | -|[`FUZZAPI_HTTP_PASSWORD`](#http-basic-authentication) | Password for HTTP authentication. | - -<!--|[`FUZZAPI_D_TARGET_IMAGE`](#target-container) |API target docker image | -|[`FUZZAPI_D_TARGET_ENV`](#target-container) |Docker environment options | -|[`FUZZAPI_D_TARGET_VOLUME`](#target-container) | Docker volume options | -|[`FUZZAPI_D_TARGET_PORTS`](#target-container) |Docker port options | -| `FUZZAPI_D_WORKER_IMAGE` |Custom worker docker image | -| `FUZZAPI_D_WORKER_ENV` |Custom worker docker environment options | -| `FUZZAPI_D_WORKER_VOLUME` |Custom worker docker volume options | -| `FUZZAPI_D_WORKER_PORTS` |Custom worker docker port options | -| `FUZZAPI_D_NETWORK` |Name of docker network, defaults to "testing-net"| -| `FUZZAPI_D_PRE_SCRIPT` |Pre script runs after docker login and docker network create, but before starting the scanning image container.| -| `FUZZAPI_D_POST_SCRIPT` |Post script runs after scanning image container is started. This is the place to start your target(s) and kick off scanning when using an advanced configuration.| --> +| CI/CD variable | Description | +|-------------------------------------------------------------|-------------| +| `SECURE_ANALYZERS_PREFIX` | Specify the Docker registry base address from which to download the analyzer. | +| `FUZZAPI_VERSION` | Specify API Fuzzing container version. Defaults to `latest`. | +| `FUZZAPI_TARGET_URL` | Base URL of API testing target. | +| `FUZZAPI_CONFIG` | [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/276395) in GitLab 13.12, replaced with default `.gitlab/gitlab-api-fuzzing-config.yml`. API Fuzzing configuration file. | +|[`FUZZAPI_PROFILE`](#api-fuzzing-profiles) | Configuration profile to use during testing. Defaults to `Quick-10`. | +|[`FUZZAPI_OPENAPI`](#openapi-specification) | OpenAPI Specification file or URL. | +|[`FUZZAPI_HAR`](#http-archive-har) | HTTP Archive (HAR) file. | +|[`FUZZAPI_POSTMAN_COLLECTION`](#postman-collection) | Postman Collection file. | +|[`FUZZAPI_POSTMAN_COLLECTION_VARIABLES`](#postman-variables) | Path to a JSON file to extract Postman variable values. | +|[`FUZZAPI_OVERRIDES_FILE`](#overrides) | Path to a JSON file containing overrides. | +|[`FUZZAPI_OVERRIDES_ENV`](#overrides) | JSON string containing headers to override. | +|[`FUZZAPI_OVERRIDES_CMD`](#overrides) | Overrides command. | +|[`FUZZAPI_OVERRIDES_INTERVAL`](#overrides) | How often to run overrides command in seconds. Defaults to `0` (once). | +|[`FUZZAPI_HTTP_USERNAME`](#http-basic-authentication) | Username for HTTP authentication. | +|[`FUZZAPI_HTTP_PASSWORD`](#http-basic-authentication) | Password for HTTP authentication. | ### Overrides @@ -788,6 +743,9 @@ To provide the overrides JSON as a file, the `FUZZAPI_OVERRIDES_FILE` CI/CD vari Here's an example `.gitlab-ci.yml`: ```yaml +stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -806,6 +764,9 @@ This allows you to place the JSON as variables that can be masked and protected. In this example `.gitlab-ci.yml`, the `FUZZAPI_OVERRIDES_ENV` variable is set directly to the JSON: ```yaml +stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -820,6 +781,9 @@ In this example `.gitlab-ci.yml`, the `SECRET_OVERRIDES` variable provides the J [group or instance level CI/CD variable defined in the UI](../../../ci/variables/README.md#instance-cicd-variables): ```yaml +stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -845,6 +809,9 @@ You must provide three CI/CD variables, each set for correct operation: - `FUZZAPI_OVERRIDES_INTERVAL`: Interval in seconds to run command. ```yaml +stages: + - fuzz + include: - template: API-Fuzzing.gitlab-ci.yml @@ -1009,7 +976,7 @@ pipelines. For more information, see the [Security Dashboard documentation](../s Fuzzing faults show up as vulnerabilities with a severity of Unknown. Once a fault is found, you can interact with it. Read more on how to -[address the vulnerabilities](../index.md#addressing-vulnerabilities). +[address the vulnerabilities](../vulnerabilities/index.md). ## Handling False Positives @@ -1026,7 +993,7 @@ False positives can be handled in two ways: ### Turn off a Check Checks perform testing of a specific type and can be turned on and off for specific configuration -profiles. The provided [configuration files](#configuration-files) define several profiles that you +profiles. The default configuration file defines several profiles that you can use. The profile definition in the configuration file lists all the checks that are active during a scan. To turn off a specific check, remove it from the profile definition in the configuration file. The profiles are defined in the `Profiles` section of the configuration file. @@ -1143,13 +1110,19 @@ Profiles: UnicodeFuzzing: true ``` +## Running API fuzzing in an offline environment + +For self-managed GitLab instances in an environment with limited, restricted, or intermittent access +to external resources through the internet, some adjustments are required for the Web API Fuzz testing job to +successfully run. For more information, see [Offline environments](../offline_deployments/index.md). + ## Troubleshooting ### Error, the OpenAPI document is not valid. Errors were found during validation of the document using the published OpenAPI schema -At the start of an API Fuzzing job the OpenAPI specification is validated against the [published schema](https://github.com/OAI/OpenAPI-Specification/tree/master/schemas). This error is shown when the provided OpenAPI specification has validation errors. Errors can be introduced when creating an OpenAPI specification manually, and also when the schema is generated. +At the start of an API Fuzzing job the OpenAPI Specification is validated against the [published schema](https://github.com/OAI/OpenAPI-Specification/tree/master/schemas). This error is shown when the provided OpenAPI Specification has validation errors. Errors can be introduced when creating an OpenAPI Specification manually, and also when the schema is generated. -For OpenAPI specifications that are generated automatically validation errors are often the result of missing code annotations. +For OpenAPI Specifications that are generated automatically validation errors are often the result of missing code annotations. **Error message** @@ -1157,9 +1130,9 @@ For OpenAPI specifications that are generated automatically validation errors ar - `OpenAPI 2.0 schema validation error ...` - `OpenAPI 3.0.x schema validation error ...` -**Solution** +**Solution** -**For generated OpenAPI specifications** +**For generated OpenAPI Specifications** 1. Identify the validation errors. 1. Use the [Swagger Editor](https://editor.swagger.io/) to identify validation problems in your specification. The visual nature of the Swagger Editor makes it easier to understand what needs to change. @@ -1170,7 +1143,7 @@ For OpenAPI specifications that are generated automatically validation errors ar **For manually created OpenAPI Specifications** 1. Identify the validation errors. - 1. The simplest solution is to use a visual tool to edit and validate the OpenAPI document. For example the [Swagger Editor](https://editor.swagger.io/) will point out schema errors and possible solutions. + 1. The simplest solution is to use a visual tool to edit and validate the OpenAPI document. For example the [Swagger Editor](https://editor.swagger.io/) highlights schema errors and possible solutions. 1. Alternatively, you can check the log output and look for schema validation warnings. They are prefixed with messages such as `OpenAPI 2.0 schema validation error` or `OpenAPI 3.0.x schema validation error`. Each failed validation provides extra information about `location` and `description`. Correct each of the validation failures and then resubmit the OpenAPI doc. Note that JSON Schema validation message might not be easy to understand. This is why we recommend the use of editors to validate document. 1. Once the validation issues are resolved, re-run your pipeline. @@ -1183,11 +1156,61 @@ The API Fuzzing engine outputs an error message when it cannot establish a conne - In [GitLab 13.11 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/323939), `Failed to start scanner session (version header not found).` - In GitLab 13.10 and earlier, `API Security version header not found. Are you sure that you are connecting to the API Security server?`. -**Solution** +**Solution** - Remove the `FUZZAPI_API` variable from the `.gitlab-ci.yml` file. The value will be inherited from the API Fuzzing CI/CD template. We recommend this method instead of manually setting a value. - If removing the variable is not possible, check to see if this value has changed in the latest version of the [API Fuzzing CI/CD template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml). If so, update the value in the `.gitlab-ci.yml` file. +### Application cannot determine the base URL for the target API + +The API Fuzzing analyzer outputs an error message when it cannot determine the target API after inspecting the OpenAPI document. This error message is shown when the target API has not been set in the `.gitlab-ci.yml`file, it is not available in the `environment_url.txt` file, and it could not be computed using the OpenAPI document. + +There is an order of precedence in which the API Fuzzing analyzer tries to get the target API when checking the different sources. First, it will try to use the `FUZZAPI_TARGET_URL`. If the environment variable has not been set, then the API Fuzzing analyzer will attempt to use the `environment_url.txt` file. If there is no file `environment_url.txt`, the API Fuzzing analyzer will then use the OpenAPI document contents and the URL provided in `FUZZAPI_OPENAPI` (if a URL is provided) to try to compute the target API. + +The best-suited solution will depend on whether or not your target API changes for each deployment. In static environments, the target API is the same for each deployment, in this case please refer to the [static environment solution](#static-environment-solution). If the target API changes for each deployment a [dynamic environment solution](#dynamic-environment-solutions) should be applied. + +#### Static environment solution + +This solution is for pipelines in which the target API URL doesn't change (is static). + +**Add environmental variable** + +For environments where the target API remains the same, we recommend you specify the target URL by using the `FUZZAPI_TARGET_URL` environment variable. In your `.gitlab-ci.yml` file, add a variable `FUZZAPI_TARGET_URL`. The variable must be set to the base URL of API testing target. For example: + +```yaml +include: + - template: API-Fuzzing.gitlab-ci.yml + + variables: + FUZZAPI_TARGET_URL: http://test-deployment/ + FUZZAPI_OPENAPI: test-api-specification.json +``` + +#### Dynamic environment solutions + +In a dynamic environment your target API changes for each different deployment. In this case, there is more than one possible solution, we recommend to use the `environment_url.txt` file when dealing with dynamic environments. + +**Use environment_url.txt** + +To support dynamic environments in which the target API URL changes during each pipeline, API Fuzzing supports the use of an `environment_url.txt` file that contains the URL to use. This file is not checked into the repository, instead it's created during the pipeline by the job that deploys the test target and collected as an artifact that can be used by later jobs in the pipeline. The job that creates the `environment_url.txt` file must run before the API Fuzzing job. + +1. Modify the test target deployment job adding the base URL in an `environment_url.txt` file at the root of your project. +1. Modify the test target deployment job collecting the `environment_url.txt` as an artifact. + +Example: + +```yaml +deploy-test-target: + script: + # Perform deployment steps + # Create environment_url.txt (example) + - echo http://${CI_PROJECT_ID}-${CI_ENVIRONMENT_SLUG}.example.org > environment_url.txt + + artifacts: + paths: + - environment_url.txt +``` + <!-- ### Target Container diff --git a/doc/user/application_security/configuration/index.md b/doc/user/application_security/configuration/index.md index 4d5e3529762..8c34303ca00 100644 --- a/doc/user/application_security/configuration/index.md +++ b/doc/user/application_security/configuration/index.md @@ -10,7 +10,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6. **(ULTIMATE)** > - SAST configuration was [enabled](https://gitlab.com/groups/gitlab-org/-/epics/3659) in 13.3 and [improved](https://gitlab.com/gitlab-org/gitlab/-/issues/232862) in 13.4. **(ULTIMATE)** > - DAST Profiles feature was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40474) in 13.4. **(ULTIMATE)** -> - A simplified version was made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/294076) in GitLab 13.9. +> - A simplified version was made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/294076) in GitLab 13.10. WARNING: This feature might not be available to you. Check the **version history** note above for details. @@ -49,3 +49,6 @@ You can configure the following security controls: - Click either **Enable** or **Configure** to use SAST for the current project. For more details, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui). - DAST Profiles - Click **Manage** to manage the available DAST profiles used for on-demand scans. For more details, see [DAST on-demand scans](../dast/index.md#on-demand-scans). +- Secret Detection + - Select **Configure via Merge Request** to create a merge request with the changes required to + enable Secret Detection. For more details, see [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request). diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md index fcf5c81db74..5ab56634d29 100644 --- a/doc/user/application_security/container_scanning/index.md +++ b/doc/user/application_security/container_scanning/index.md @@ -11,22 +11,23 @@ info: To determine the technical writer assigned to the Stage/Group associated w WARNING: GitLab 14.0 will replace its container scanning engine with Trivy. Currently, GitLab uses the open -source Clair engine for container scanning. GitLab 13.9 deprecates Clair. This is not a hard -breaking change, as customers who wish to continue to use Clair can do so by setting the -`CS_MAJOR_VERSION` CI/CD variable to version 3 (or earlier) in their `gitlab-ci.yaml` file. Since Clair is -deprecated, however, note that GitLab will no longer update or maintain that scanning engine -beginning in the 14.0 release. We advise customers to use the new default of Trivy beginning in -GitLab 14.0 for regular updates and the latest features. +source Clair engine for container scanning. GitLab 13.9 deprecates Clair. Until GitLab 14.0, this is +not a hard breaking change. Beginning in GitLab 14.0, GitLab will no longer update or maintain +Clair. To ensure that you get regular updates and the latest features, you must use the Trivy +container scanning engine beginning in GitLab 14.0. See the following sections for instructions on +moving from Clair to Trivy. Your application's Docker image may itself be based on Docker images that contain known vulnerabilities. By including an extra job in your pipeline that scans for those vulnerabilities and displays them in a merge request, you can use GitLab to audit your Docker-based apps. -By default, container scanning in GitLab is based on [Clair](https://github.com/quay/clair) and -[Klar](https://github.com/optiopay/klar), which are open-source tools for vulnerability static analysis in -containers. The GitLab [Klar analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/klar/) -scans the containers and serves as a wrapper for Clair. -To integrate security scanners other than Clair and Klar into GitLab, see +GitLab provides integration with two different open-source tools for vulnerability static analysis +in containers: + +- [Clair](https://github.com/quay/claircore) +- [Trivy](https://github.com/aquasecurity/trivy) + +To integrate GitLab with security scanners other than those listed here, see [Security scanner integration](../../../development/integrations/secure.md). You can enable container scanning by doing one of the following: @@ -52,7 +53,13 @@ To enable container scanning in your pipeline, you need the following: or [`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html) executor. - Docker `18.09.03` or higher installed on the same computer as the runner. If you're using the shared runners on GitLab.com, then this is already the case. -- An image matching [Clair's list of supported distributions](https://quay.github.io/claircore/). +- An image matching the following supported distributions (depending on the analyzer being used): + + | Scanning Engine | Supported distributions | + | --- | --- | + | [Clair](https://github.com/quay/claircore) | [Supported operating systems and languages](https://quay.github.io/claircore/) | + | [Trivy](https://github.com/aquasecurity/trivy) | Supported [operating systems](https://aquasecurity.github.io/trivy/latest/vuln-detection/os/) and [languages](https://aquasecurity.github.io/trivy/latest/vuln-detection/library/) | + - [Build and push](../../packages/container_registry/index.md#build-and-push-by-using-gitlab-cicd) your Docker image to your project's container registry. The name of the Docker image should use the following [predefined CI/CD variables](../../../ci/variables/predefined_variables.md): @@ -86,7 +93,19 @@ How you enable container scanning depends on your GitLab version: that comes with your GitLab installation. - GitLab versions earlier than 11.9: Copy and use the job from the [`Container-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml). -- GitLab 13.6 [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/263482) better support for [FIPS](https://csrc.nist.gov/publications/detail/fips/140/2/final) by upgrading the `CS_MAJOR_VERSION` from `2` to `3`. +- GitLab 13.6 [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/263482) better support for + [FIPS](https://csrc.nist.gov/publications/detail/fips/140/2/final) by upgrading the + `CS_MAJOR_VERSION` from `2` to `3`. Version `3` of the `container_scanning` Docker image uses + [`centos:centos8`](https://hub.docker.com/_/centos) + as the new base. It also removes the use of the [start.sh](https://gitlab.com/gitlab-org/security-products/analyzers/klar/-/merge_requests/77) + script and instead executes the analyzer by default. Any customizations made to the + `container_scanning` job's [`before_script`](../../../ci/yaml/README.md#before_script) + and [`after_script`](../../../ci/yaml/README.md#after_script) + blocks may not work with the new version. To roll back to the previous [`alpine:3.11.3`](https://hub.docker.com/_/alpine)-based + Docker image, you can specify the major version through the [`CS_MAJOR_VERSION`](#available-variables) + variable. +- GitLab 13.9 [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322656) integration with + [Trivy](https://github.com/aquasecurity/trivy) by upgrading `CS_MAJOR_VERSION` from `3` to `4`. To include the `Container-Scanning.gitlab-ci.yml` template (GitLab 11.9 and later), add the following to your `.gitlab-ci.yml` file: @@ -138,31 +157,34 @@ include: ### Customizing the container scanning settings There may be cases where you want to customize how GitLab scans your containers. For example, you -may want to enable more verbose output from Clair or Klar, access a Docker registry that requires +may want to enable more verbose output, access a Docker registry that requires authentication, and more. To change such settings, use the [`variables`](../../../ci/yaml/README.md#variables) parameter in your `.gitlab-ci.yml` to set [CI/CD variables](#available-variables). The variables you set in your `.gitlab-ci.yml` overwrite those in `Container-Scanning.gitlab-ci.yml`. This example [includes](../../../ci/yaml/README.md#include) the container scanning template and -enables verbose output from Clair by setting the `CLAIR_OUTPUT` variable to `High`: +enables verbose output for both analyzers: + +Clair: ```yaml include: - template: Container-Scanning.gitlab-ci.yml variables: - CLAIR_OUTPUT: High + CLAIR_TRACE: true ``` -Version `3` of the `container_scanning` Docker image uses [`centos:centos8`](https://hub.docker.com/_/centos) -as the new base. It also removes the use of the [start.sh](https://gitlab.com/gitlab-org/security-products/analyzers/klar/-/merge_requests/77) -script and instead executes the analyzer by default. Any customizations made to the -`container_scanning` job's [`before_script`](../../../ci/yaml/README.md#before_script) -and [`after_script`](../../../ci/yaml/README.md#after_script) -blocks may not work with the new version. To roll back to the previous [`alpine:3.11.3`](https://hub.docker.com/_/alpine)-based -Docker image, you can specify the major version through the [`CS_MAJOR_VERSION`](#available-variables) -variable. +Trivy: + +```yaml +include: + - template: Container-Scanning.gitlab-ci.yml + +variables: + TRIVY_DEBUG: true +``` This example [includes](../../../ci/yaml/README.md#include) the container scanning template and enables version `2` of the analyzer: @@ -181,57 +203,109 @@ variables: #### Available variables -You can [configure](#customizing-the-container-scanning-settings) container -scanning by using the following CI/CD variables: - -| CI/CD Variable | Default | Description | -| ------------------------------ | ------------- | ----------- | -| `ADDITIONAL_CA_CERT_BUNDLE` | `""` | Bundle of CA certs that you want to trust. See [Using a custom SSL CA certificate authority](#using-a-custom-ssl-ca-certificate-authority) for more details. | -| `CLAIR_DB_CONNECTION_STRING` | `postgresql://postgres:password@clair-vulnerabilities-db:5432/postgres?sslmode=disable&statement_timeout=60000` | This variable represents the [connection string](https://www.postgresql.org/docs/9.3/libpq-connect.html#AEN39692) to the [PostgreSQL server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db) database and **shouldn't be changed** unless you're running the image locally as described in the [Running the standalone container scanning tool](#running-the-standalone-container-scanning-tool) section. The host value for the connection string must match the [alias](https://gitlab.com/gitlab-org/gitlab/-/blob/898c5da43504eba87b749625da50098d345b60d6/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml#L23) value of the `Container-Scanning.gitlab-ci.yml` template file, which defaults to `clair-vulnerabilities-db`. | -| `CLAIR_DB_IMAGE` | `arminc/clair-db:latest` | The Docker image name and tag for the [PostgreSQL server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes, or to refer to a locally hosted vulnerabilities database for an on-premise offline installation. | -| `CLAIR_DB_IMAGE_TAG` | `latest` | (**DEPRECATED - use `CLAIR_DB_IMAGE` instead**) The Docker image tag for the [PostgreSQL server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes. | -| `CLAIR_OUTPUT` | `Unknown` | Severity level threshold. Vulnerabilities with severity level higher than or equal to this threshold are outputted. Supported levels are `Unknown`, `Negligible`, `Low`, `Medium`, `High`, `Critical` and `Defcon1`. | -| `CLAIR_TRACE` | `"false"` | Set to true to enable more verbose output from the Clair server process. | -| `CLAIR_VULNERABILITIES_DB_URL` | `clair-vulnerabilities-db` | (**DEPRECATED - use `CLAIR_DB_CONNECTION_STRING` instead**) This variable is explicitly set in the [services section](https://gitlab.com/gitlab-org/gitlab/-/blob/898c5da43504eba87b749625da50098d345b60d6/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml#L23) of the `Container-Scanning.gitlab-ci.yml` file and defaults to `clair-vulnerabilities-db`. This value represents the address that the [PostgreSQL server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db) is running on and **shouldn't be changed** unless you're running the image locally as described in the [Running the standalone container scanning tool](#running-the-standalone-container-scanning-tool) section. | -| `CI_APPLICATION_REPOSITORY` | `$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG` | Docker repository URL for the image to be scanned. | -| `CI_APPLICATION_TAG` | `$CI_COMMIT_SHA` | Docker repository tag for the image to be scanned. | -| `CS_MAJOR_VERSION` | `3` | The major version of the Docker image tag. | -| `DOCKER_IMAGE` | `$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG` | The Docker image to be scanned. If set, this variable overrides the `$CI_APPLICATION_REPOSITORY` and `$CI_APPLICATION_TAG` variables. | -| `DOCKER_INSECURE` | `"false"` | Allow [Klar](https://github.com/optiopay/klar) to access secure Docker registries using HTTPS with bad (or self-signed) SSL certificates. | -| `DOCKER_PASSWORD` | `$CI_REGISTRY_PASSWORD` | Password for accessing a Docker registry requiring authentication. | -| `DOCKER_USER` | `$CI_REGISTRY_USER` | Username for accessing a Docker registry requiring authentication. | -| `DOCKERFILE_PATH` | `Dockerfile` | The path to the `Dockerfile` to be used for generating remediations. By default, the scanner looks for a file named `Dockerfile` in the root directory of the project, so this variable should only be configured if your `Dockerfile` is in a non-standard location, such as a subdirectory. See [Solutions for vulnerabilities](#solutions-for-vulnerabilities-auto-remediation) for more details. | -| `KLAR_TRACE` | `"false"` | Set to true to enable more verbose output from Klar. | -| `REGISTRY_INSECURE` | `"false"` | Allow [Klar](https://github.com/optiopay/klar) to access insecure registries (HTTP only). Should only be set to `true` when testing the image locally. | -| `SECURE_ANALYZERS_PREFIX` | `"registry.gitlab.com/gitlab-org/security-products/analyzers"` | Set the Docker registry base address from which to download the analyzer. | -| `SECURE_LOG_LEVEL` | `info` | Set the minimum logging level. Messages of this logging level or higher are output. From highest to lowest severity, the logging levels are: `fatal`, `error`, `warn`, `info`, `debug`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10880) in GitLab 13.1. | +You can [configure](#customizing-the-container-scanning-settings) both analyzers by using the following CI/CD variables: + +| CI/CD Variable | Default | Description | Supported by| +| ------------------------------ | ------------- | ----------- | ------------ | +| `ADDITIONAL_CA_CERT_BUNDLE` | `""` | Bundle of CA certs that you want to trust. See [Using a custom SSL CA certificate authority](#using-a-custom-ssl-ca-certificate-authority) for more details. | Both | +| `CLAIR_DB_CONNECTION_STRING` | `postgresql://postgres:password@clair-vulnerabilities-db:5432/postgres?sslmode=disable&statement_timeout=60000` | This variable represents the [connection string](https://www.postgresql.org/docs/9.3/libpq-connect.html#AEN39692) to the [PostgreSQL server hosting the vulnerability definitions](https://hub.docker.com/r/arminc/clair-db) database. **Do not change this** unless you're running the image locally as described in [Running the standalone container scanning tool](#running-the-standalone-container-scanning-tool). The host value for the connection string must match the [alias](https://gitlab.com/gitlab-org/gitlab/-/blob/898c5da43504eba87b749625da50098d345b60d6/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml#L23) value of the `Container-Scanning.gitlab-ci.yml` template file, which defaults to `clair-vulnerabilities-db`. | Clair | +| `CLAIR_DB_IMAGE` | `arminc/clair-db:latest` | The Docker image name and tag for the [PostgreSQL server hosting the vulnerability definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version (for example, to provide a consistent set of vulnerabilities for integration testing purposes, or to refer to a locally hosted vulnerability database for an on-premise offline installation). | Clair | +| `CLAIR_DB_IMAGE_TAG` | `latest` | (**DEPRECATED - use `CLAIR_DB_IMAGE` instead**) The Docker image tag for the [PostgreSQL server hosting the vulnerability definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version (for example, to provide a consistent set of vulnerabilities for integration testing purposes). | Clair | +| `CLAIR_OUTPUT` | `Unknown` | Severity level threshold. Vulnerabilities with severity level higher than or equal to this threshold are output. Supported levels are `Unknown`, `Negligible`, `Low`, `Medium`, `High`, `Critical`, and `Defcon1`. | Clair | +| `CLAIR_TRACE` | `"false"` | Set to true to enable more verbose output from the Clair server process. | Clair | +| `CLAIR_VULNERABILITIES_DB_URL` | `clair-vulnerabilities-db` | (**DEPRECATED - use `CLAIR_DB_CONNECTION_STRING` instead**) This variable is explicitly set in the [services section](https://gitlab.com/gitlab-org/gitlab/-/blob/898c5da43504eba87b749625da50098d345b60d6/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml#L23) of the `Container-Scanning.gitlab-ci.yml` file and defaults to `clair-vulnerabilities-db`. This value represents the address that the [PostgreSQL server hosting the vulnerability definitions](https://hub.docker.com/r/arminc/clair-db) is running on. **Do not change this** unless you're running the image locally as described in [Running the standalone container scanning tool](#running-the-standalone-container-scanning-tool). | Clair | +| `CI_APPLICATION_REPOSITORY` | `$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG` | Docker repository URL for the image to be scanned. | Both | +| `CI_APPLICATION_TAG` | `$CI_COMMIT_SHA` | Docker repository tag for the image to be scanned. | Both | +| `CS_ANALYZER_IMAGE` | `$SECURE_ANALYZERS_PREFIX/$CS_PROJECT:$CS_MAJOR_VERSION` | Docker image of the analyzer. | Both | +| `CS_MAJOR_VERSION` | `3` | The major version of the Docker image tag. | Both | +| `CS_PROJECT` | Depends on `$CS_MAJOR_VERSION`. `klar` if `$CS_MAJOR_VERSION` is set to `1`, `2` or `3`, and `container-scanning` otherwise. | Analyzer project to be used. | Both | +| `DOCKER_IMAGE` | `$CI_APPLICATION_REPOSITORY:$CI_APPLICATION_TAG` | The Docker image to be scanned. If set, this variable overrides the `$CI_APPLICATION_REPOSITORY` and `$CI_APPLICATION_TAG` variables. | Both | +| `DOCKER_INSECURE` | `"false"` | Allow [Klar](https://github.com/optiopay/klar) to access secure Docker registries using HTTPS with bad (or self-signed) SSL certificates. | Clair | +| `DOCKER_PASSWORD` | `$CI_REGISTRY_PASSWORD` | Password for accessing a Docker registry requiring authentication. | Clair | +| `DOCKER_USER` | `$CI_REGISTRY_USER` | Username for accessing a Docker registry requiring authentication. | Clair | +| `DOCKERFILE_PATH` | `Dockerfile` | The path to the `Dockerfile` to use for generating remediations. By default, the scanner looks for a file named `Dockerfile` in the root directory of the project. You should configure this variable only if your `Dockerfile` is in a non-standard location, such as a subdirectory. See [Solutions for vulnerabilities](#solutions-for-vulnerabilities-auto-remediation) for more details. | Both | +| `KLAR_TRACE` | `"false"` | Set to true to enable more verbose output from Klar. | Clair | +| `REGISTRY_INSECURE` | `"false"` | Allow [Klar](https://github.com/optiopay/klar) to access insecure registries (HTTP only). Should only be set to `true` when testing the image locally. | Clair | +| `SECURE_ANALYZERS_PREFIX` | `"registry.gitlab.com/gitlab-org/security-products/analyzers"` | Set the Docker registry base address from which to download the analyzer. | Both | +| `SECURE_LOG_LEVEL` | `info` | Set the minimum logging level. Messages of this logging level or higher are output. From highest to lowest severity, the logging levels are: `fatal`, `error`, `warn`, `info`, `debug`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10880) in GitLab 13.1. | Both | +| `TRIVY_DEBUG` | `"false"` | Set to true to enable more verbose output from the Trivy process. | Trivy | ### Overriding the container scanning template If you want to override the job definition (for example, to change properties like `variables`), you -must declare a `container_scanning` job after the template inclusion, and then -specify any additional keys. For example: +must declare and override a job after the template inclusion, and then +specify any additional keys. + +This example sets `GIT_STRATEGY` to `fetch` to be considered by both Clair and Trivy: ```yaml include: - template: Container-Scanning.gitlab-ci.yml -container_scanning: +.cs_common: variables: GIT_STRATEGY: fetch ``` +This example sets `KLAR_TRACE` to `true`, which is specific to Clair: + +```yaml +include: + - template: Container-Scanning.gitlab-ci.yml + +container_scanning: + variables: + CLAIR_TRACE: true +``` + +This example sets `TRIVY_DEBUG` to `true`, which is specific to Trivy: + +```yaml +include: + - template: Container-Scanning.gitlab-ci.yml + +container_scanning_new: + variables: + TRIVY_DEBUG: true +``` + WARNING: -GitLab 13.0 and later doesn't support [`only` and `except`](../../../ci/yaml/README.md#onlyexcept-basic). +GitLab 13.0 and later doesn't support [`only` and `except`](../../../ci/yaml/README.md#only--except). When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. +### Migrating from Clair to Trivy + +If you are currently using Clair and want to migrate to Trivy before GitLab 14.0, you can do so by +taking the following steps: + +1. Take the following actions in your CI file: + + - Set the variable `CS_MAJOR_VERSION` to `4`. The job scope is global variables, or under `.cs_common`. + - Remove the variable `CS_PROJECT` from your CI file. The job scope is `container_scanning_new`. + Setting this variable to `container-scanning` under the correct scope has the same effect as + removing it from your CI file. + - Remove the `CS_ANALYZER_IMAGE` variable from your CI file. The job scope is `.cs_common`. Note + that instead of overriding this variable, you can use `CS_MAJOR_VERSION`. + +1. Remove any variables that are only applicable to Clair. For a complete list of these variables, + see the [available variables](#available-variables). +1. Make any [necessary customizations](#customizing-the-container-scanning-settings) to the + `Trivy` scanner. We strongly recommended that you minimize customizations, as they + might require changes in future GitLab major releases. + +**Troubleshooting** + +Prior to the GitLab 14.0 release, any variable defined under the scope `container_scanning` is not +considered for the Trivy scanner. Verify that all variables for Trivy are +either defined as a global variable, or under `.cs_common` and `container_scanning_new`. + ### Using a custom SSL CA certificate authority You can use the `ADDITIONAL_CA_CERT_BUNDLE` CI/CD variable to configure a custom SSL CA certificate authority, which is used to verify the peer when fetching Docker images from a registry which uses HTTPS. The `ADDITIONAL_CA_CERT_BUNDLE` value should contain the [text representation of the X.509 PEM public-key certificate](https://tools.ietf.org/html/rfc7468#section-5.1). For example, to configure this value in the `.gitlab-ci.yml` file, use the following: ```yaml -container_scanning: +.cs_common: variables: ADDITIONAL_CA_CERT_BUNDLE: | -----BEGIN CERTIFICATE----- @@ -250,7 +324,7 @@ To allowlist specific vulnerabilities, follow these steps: 1. Set `GIT_STRATEGY: fetch` in your `.gitlab-ci.yml` file by following the instructions in [overriding the container scanning template](#overriding-the-container-scanning-template). 1. Define the allowlisted vulnerabilities in a YAML file named `vulnerability-allowlist.yml`. This must use - the format described in [vulnerability-allowlist.yml data format](#vulnerability-allowlistyml-data-format). + the format described in [`vulnerability-allowlist.yml` data format](#vulnerability-allowlistyml-data-format). 1. Add the `vulnerability-allowlist.yml` file to the root folder of your project's Git repository. #### vulnerability-allowlist.yml data format @@ -291,9 +365,9 @@ This example excludes from `gl-container-scanning-report.json`: You can specify container image in multiple ways: - - as image name only (ie. `centos`). - - as full image name with registry hostname (ie. `your.private.registry:5000/centos`). - - as full image name with registry hostname and sha256 label (ie. `registry.gitlab.com/gitlab-org/security-products/dast/webgoat-8.0@sha256`). + - as image name only (such as `centos`). + - as full image name with registry hostname (such as `your.private.registry:5000/centos`). + - as full image name with registry hostname and sha256 label (such as `registry.gitlab.com/gitlab-org/security-products/dast/webgoat-8.0@sha256`). NOTE: The string after CVE ID (`cups` and `libxml2` in the previous example) is an optional comment format. It has **no impact** on the handling of vulnerabilities. You can include comments to describe the vulnerability. @@ -341,7 +415,13 @@ successfully run. For more information, see [Offline environments](../offline_de To use container scanning in an offline environment, you need: - GitLab Runner with the [`docker` or `kubernetes` executor](#requirements). -- To configure a local Docker container registry with copies of the container scanning [analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/klar) images, found in the [container scanning container registry](https://gitlab.com/gitlab-org/security-products/analyzers/klar/container_registry). +- To configure a local Docker container registry with copies of the container scanning images. You + can find these images in their respective registries: + +| GitLab Analyzer | Container Registry | +| --- | --- | +| [Klar](https://gitlab.com/gitlab-org/security-products/analyzers/klar/) (used to run Clair) | [Klar container registry](https://gitlab.com/gitlab-org/security-products/analyzers/klar/container_registry) | +| [Container-Scanning](https://gitlab.com/gitlab-org/security-products/analyzers/container-scanning) (used to run Trivy) | [Container-Scanning container registry](https://gitlab.com/gitlab-org/security-products/analyzers/container-scanning/container_registry/1741162) | Note that GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy), meaning the runner tries to pull Docker images from the GitLab container registry even if a local @@ -354,25 +434,34 @@ enables the use of updated scanners in your CI/CD pipelines. Support for custom certificate authorities was introduced in the following versions: -| Analyzer | Version | +| Scanner | Version | | -------- | ------- | -| `klar` | [v2.3.0](https://gitlab.com/gitlab-org/security-products/analyzers/klar/-/releases/v2.3.0) | +| `Clair` | [v2.3.0](https://gitlab.com/gitlab-org/security-products/analyzers/klar/-/releases/v2.3.0) | +| `Trivy` | [4.0.0](https://gitlab.com/gitlab-org/security-products/analyzers/container-scanning/-/releases/4.0.0) | #### Make GitLab container scanning analyzer images available inside your Docker registry For container scanning, import the following default images from `registry.gitlab.com` into your [local Docker container registry](../../packages/container_registry/index.md): +Clair: + ```plaintext registry.gitlab.com/gitlab-org/security-products/analyzers/klar https://hub.docker.com/r/arminc/clair-db ``` +Trivy: + +```plaintext +registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning +``` + The process for importing Docker images into a local offline Docker registry depends on **your network security policy**. Please consult your IT staff to find an accepted and approved -process by which you can import or temporarily access external resources. Note that these scanners -are [updated periodically](../index.md#maintenance-and-update-of-the-vulnerabilities-database) -with new definitions, so consider if you are able to make periodic updates yourself. +process by which you can import or temporarily access external resources. These scanners +are [periodically updated](../vulnerabilities/index.md#vulnerability-scanner-maintenance), +and you may be able to make occasional updates on your own. For more information, see [the specific steps on how to update an image with a pipeline](#automating-container-scanning-vulnerability-database-updates-with-a-pipeline). @@ -384,49 +473,72 @@ For details on saving and transporting Docker images as a file, see Docker's doc 1. [Override the container scanning template](#overriding-the-container-scanning-template) in your `.gitlab-ci.yml` file to refer to the Docker images hosted on your local Docker container registry: + Clair: + ```yaml include: - template: Container-Scanning.gitlab-ci.yml - container_scanning: + .cs_common: image: $CI_REGISTRY/namespace/gitlab-klar-analyzer variables: CLAIR_DB_IMAGE: $CI_REGISTRY/namespace/clair-vulnerabilities-db ``` + Trivy: + + ```yaml + include: + - template: Container-Scanning.gitlab-ci.yml + + .cs_common: + image: $CI_REGISTRY/namespace/gitlab-container-scanning + ``` + 1. If your local Docker container registry is running securely over `HTTPS`, but you're using a self-signed certificate, then you must set `DOCKER_INSECURE: "true"` in the above - `container_scanning` section of your `.gitlab-ci.yml`. + `container_scanning` section of your `.gitlab-ci.yml`. This only applies to Clair. #### Automating container scanning vulnerability database updates with a pipeline -It can be worthwhile to set up a [scheduled pipeline](../../../ci/pipelines/schedules.md) to -build a new version of the vulnerabilities database on a preset schedule. Automating -this with a pipeline means you do not have to do it manually each time. You can use the following -`.gitlab-yml.ci` as a template: +We recommend that you set up a [scheduled pipeline](../../../ci/pipelines/schedules.md) +to fetch the latest vulnerabilities database on a preset schedule. Because the Clair scanner is +deprecated, the latest vulnerabilities are currently only available for the Trivy scanner. +Automating this with a pipeline means you do not have to do it manually each time. You can use the +following `.gitlab-yml.ci` example as a template. ```yaml -image: docker:stable +variables: + # If using Clair, uncomment the following 2 lines and comment the Trivy lines below + # SOURCE_IMAGE: arminc/clair-db:latest + # TARGET_IMAGE: $CI_REGISTRY/$CI_PROJECT_PATH/clair-vulnerabilities-db -stages: - - build + # If using Trivy, uncomment the following 3 lines and comment the Clair lines above + CS_MAJOR_VERSION: 4 # ensure that this value matches the one you use in your scanning jobs + SOURCE_IMAGE: registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning:$CS_MAJOR_VERSION + TARGET_IMAGE: $CI_REGISTRY/$CI_PROJECT_PATH/gitlab-container-scanning -build_latest_vulnerabilities: - stage: build +image: docker:stable + +update-vulnerabilities-db: services: - - docker:19.03.12-dind + - docker:19-dind script: - - docker pull arminc/clair-db:latest - - docker tag arminc/clair-db:latest $CI_REGISTRY/namespace/clair-vulnerabilities-db - - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY - - docker push $CI_REGISTRY/namespace/clair-vulnerabilities-db + - docker pull $SOURCE_IMAGE + - docker tag $SOURCE_IMAGE $TARGET_IMAGE + - echo "$CI_REGISTRY_PASSWORD" | docker login $CI_REGISTRY --username $CI_REGISTRY_USER --password-stdin + - docker push $TARGET_IMAGE ``` -The above template works for a GitLab Docker registry running on a local installation, however, if you're using a non-GitLab Docker registry, you need to change the `$CI_REGISTRY` value and the `docker login` credentials to match the details of your local registry. +The above template works for a GitLab Docker registry running on a local installation. However, if +you're using a non-GitLab Docker registry, you must change the `$CI_REGISTRY` value and the +`docker login` credentials to match your local registry's details. ## Running the standalone container scanning tool -It's possible to run the [GitLab container scanning tool](https://gitlab.com/gitlab-org/security-products/analyzers/klar) +### Clair + +It's possible to run [Klar](https://gitlab.com/gitlab-org/security-products/analyzers/klar) against a Docker container without needing to run it within the context of a CI job. To scan an image directly, follow these steps: @@ -458,6 +570,30 @@ image directly, follow these steps: The results are stored in `gl-container-scanning-report.json`. +### Trivy + +It's possible to run the [GitLab container scanning tool](https://gitlab.com/gitlab-org/security-products/analyzers/container-scanning) +against a Docker container without needing to run it within the context of a CI job. To scan an +image directly, follow these steps: + +1. Run [Docker Desktop](https://www.docker.com/products/docker-desktop) + or [Docker Machine](https://github.com/docker/machine). + +1. Run the analyzer's Docker image, passing the image and tag you want to analyze in the + `CI_APPLICATION_REPOSITORY` and `CI_APPLICATION_TAG` variables: + + ```shell + docker run \ + --interactive --rm \ + --volume "$PWD":/tmp/app \ + -e CI_PROJECT_DIR=/tmp/app \ + -e CI_APPLICATION_REPOSITORY=registry.gitlab.com/gitlab-org/security-products/dast/webgoat-8.0@sha256 \ + -e CI_APPLICATION_TAG=bc09fe2e0721dfaeee79364115aeedf2174cce0947b9ae5fe7c33312ee019a4e \ + registry.gitlab.com/gitlab-org/security-products/analyzers/container-scanning + ``` + +The results are stored in `gl-container-scanning-report.json`. + ## Reports JSON format The container scanning tool emits a JSON report file. For more information, see the @@ -467,19 +603,19 @@ Here's an example container scanning report: ```json-doc { - "version": "2.3", + "version": "3.0.0", "vulnerabilities": [ { - "id": "ac0997ad-1006-4c81-81fb-ee2bbe6e78e3", + "id": "df52bc8ce9a2ae56bbcb0c4ecda62123fbd6f69b", "category": "container_scanning", - "message": "CVE-2019-3462 in apt", + "message": "CVE-2019-3462 in apt-1.4.8", "description": "Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.", "severity": "High", "confidence": "Unknown", "solution": "Upgrade apt from 1.4.8 to 1.4.9", "scanner": { - "id": "klar", - "name": "klar" + "id": "trivy", + "name": "trivy" }, "location": { "dependency": { @@ -488,7 +624,7 @@ Here's an example container scanning report: }, "version": "1.4.8" }, - "operating_system": "debian:9", + "operating_system": "debian:9.4", "image": "registry.gitlab.com/gitlab-org/security-products/dast/webgoat-8.0@sha256:bc09fe2e0721dfaeee79364115aeedf2174cce0947b9ae5fe7c33312ee019a4e" }, "identifiers": [ @@ -496,27 +632,62 @@ Here's an example container scanning report: "type": "cve", "name": "CVE-2019-3462", "value": "CVE-2019-3462", - "url": "https://security-tracker.debian.org/tracker/CVE-2019-3462" + "url": "http://www.securityfocus.com/bid/106690" } ], "links": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2019-3462" + "url": "http://www.securityfocus.com/bid/106690" + }, + { + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3462" + }, + { + "url": "https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00013.html" + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00014.html" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20190125-0002/" + }, + { + "url": "https://usn.ubuntu.com/3863-1/" + }, + { + "url": "https://usn.ubuntu.com/3863-2/" + }, + { + "url": "https://usn.ubuntu.com/usn/usn-3863-1" + }, + { + "url": "https://usn.ubuntu.com/usn/usn-3863-2" + }, + { + "url": "https://www.debian.org/security/2019/dsa-4371" } ] } ], - "remediations": [ - { - "fixes": [ - { - "id": "c0997ad-1006-4c81-81fb-ee2bbe6e78e3" - } - ], - "summary": "Upgrade apt from 1.4.8 to 1.4.9", - "diff": "YXB0LWdldCB1cGRhdGUgJiYgYXB0LWdldCB1cGdyYWRlIC15IGFwdA==" - } - ] + "remediations": [] + "scan": { + "scanner": { + "id": "trivy", + "name": "Trivy", + "url": "https://github.com/aquasecurity/trivy/", + "vendor": { + "name": "GitLab" + }, + "version": "0.16.0" + }, + "type": "container_scanning", + "start_time": "2021-04-14T19:45:58", + "end_time": "2021-04-14T19:46:18", + "status": "success" + } } ``` @@ -527,12 +698,12 @@ the security vulnerabilities in your groups, projects and pipelines. ## Vulnerabilities database update -For more information about the vulnerabilities database update, check the -[maintenance table](../index.md#maintenance-and-update-of-the-vulnerabilities-database). +If you're using Klar and want more information about the vulnerabilities database update, see the +[maintenance table](../vulnerabilities/index.md#vulnerability-scanner-maintenance). ## Interacting with the vulnerabilities -After a vulnerability is found, you can [address it](../index.md#addressing-vulnerabilities). +After a vulnerability is found, you can [address it](../vulnerabilities/index.md). ## Solutions for vulnerabilities (auto-remediation) @@ -546,7 +717,7 @@ file, it's necessary to set [`GIT_STRATEGY: fetch`](../../../ci/runners/README.m your `.gitlab-ci.yml` file by following the instructions described in this document's [overriding the container scanning template](#overriding-the-container-scanning-template) section. -Read more about the [solutions for vulnerabilities](../index.md#apply-an-automatic-remediation-for-a-vulnerability). +Read more about the [solutions for vulnerabilities](../vulnerabilities/index.md#remediate-a-vulnerability-automatically). ## Troubleshooting diff --git a/doc/user/application_security/coverage_fuzzing/index.md b/doc/user/application_security/coverage_fuzzing/index.md index e9097836d83..8b0a84eae4b 100644 --- a/doc/user/application_security/coverage_fuzzing/index.md +++ b/doc/user/application_security/coverage_fuzzing/index.md @@ -237,7 +237,7 @@ The `covfuzz-ci.yml` is the same as that in the [original synchronous example](h ## Interacting with the vulnerabilities -After a vulnerability is found, you can [address it](../index.md#addressing-vulnerabilities). +After a vulnerability is found, you can [address it](../vulnerabilities/index.md). The merge request widget lists the vulnerability and contains a button for downloading the fuzzing artifacts. By clicking one of the detected vulnerabilities, you can see its details. diff --git a/doc/user/application_security/dast/browser_based.md b/doc/user/application_security/dast/browser_based.md new file mode 100644 index 00000000000..b8c3529225c --- /dev/null +++ b/doc/user/application_security/dast/browser_based.md @@ -0,0 +1,148 @@ +--- +stage: Secure +group: Dynamic Analysis +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference, howto +--- + +# DAST browser-based crawler **(ULTIMATE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/323423) in GitLab 13.12. + +WARNING: +This product is an early access and is considered a [beta](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta) feature. + +GitLab DAST's new browser-based crawler is a crawl engine built by GitLab to test Single Page Applications (SPAs) and traditional web applications. +Due to the reliance of modern web applications on JavaScript, handling SPAs or applications that are dependent on JavaScript is paramount to ensuring proper coverage of an application for Dynamic Application Security Testing (DAST). + +The browser-based crawler works by loading the target application into a specially-instrumented Chromium browser. A snapshot of the page is taken prior to a search to find any actions that a user might perform, +such as clicking on a link or filling in a form. For each action found, the crawler will execute it, take a new snapshot and determine what in the page changed from the previous snapshot. +Crawling continues by taking more snapshots and finding subsequent actions. + +The benefit of crawling by following user actions in a browser is that the crawler can interact with the target application much like a real user would, identifying complex flows that traditional web crawlers don’t understand. This results in better coverage of the website. + +Scanning a web application with both the browser-based crawler and GitLab DAST should provide greater coverage, compared with only GitLab DAST. The new crawler does not support API scanning or the DAST AJAX crawler. + +## Enable browser-based crawler + +The browser-based crawler is an extension to the GitLab DAST product. DAST should be included in the CI/CD configuration and the browser-based crawler enabled using CI/CD variables: + +1. Install the DAST [prerequisites](index.md#prerequisite). +1. Include the [DAST CI template](index.md#include-the-dast-template). +1. Set the target website using the `DAST_WEBSITE` CI/CD variable. +1. Set the CI/CD variable `DAST_BROWSER_SCAN` to `true`. + +An example configuration might look like the following: + +```yaml +include: + - template: DAST.gitlab-ci.yml + +variables: + DAST_WEBSITE: "https://example.com" + DAST_BROWSER_SCAN: "true" +``` + +### Available variables + +The browser-based crawler can be configured using CI/CD variables. + +| CI/CD variable | Type | Example | Description | +|--------------------------------------| ----------------| --------------------------------- | ------------| +| `DAST_WEBSITE` | URL | `http://www.site.com` | The URL of the website to scan. | +| `DAST_BROWSER_SCAN` | boolean | `true` | Configures DAST to use the browser-based crawler engine. | +| `DAST_BROWSER_ALLOWED_HOSTS` | List of strings | `site.com,another.com` | Hostnames included in this variable are considered in scope when crawled. By default the `DAST_WEBSITE` hostname is included in the allowed hosts list. | +| `DAST_BROWSER_EXCLUDED_HOSTS` | List of strings | `site.com,another.com` | Hostnames included in this variable are considered excluded and connections are forcibly dropped. | +| `DAST_BROWSER_IGNORED_HOSTS` | List of strings | `site.com,another.com` | Hostnames included in this variable are accessed but not reported against. | +| `DAST_BROWSER_MAX_ACTIONS` | number | `10000` | The maximum number of actions that the crawler performs. For example, clicking a link, or filling a form. | +| `DAST_BROWSER_MAX_DEPTH` | number | `10` | The maximum number of chained actions that the crawler takes. For example, `Click -> Form Fill -> Click` is a depth of three. | +| `DAST_BROWSER_NUMBER_OF_BROWSERS` | number | `3` | The maximum number of concurrent browser instances to use. For shared runners on GitLab.com we recommended a maximum of three. Private runners with more resources may benefit from a higher number, but will likely produce little benefit after five to seven instances. | +| `DAST_BROWSER_COOKIES` | dictionary | `abtesting_group:3,region:locked` | A cookie name and value to be added to every request. | +| `DAST_BROWSER_LOG` | List of strings | `brows:debug,auth:debug` | A list of modules and their intended log level. | +| `DAST_AUTH_URL` | string | `https://example.com/sign-in` | The URL of page that hosts the sign-in form. | +| `DAST_USERNAME` | string | `user123` | The username to enter into the username field on the sign-in HTML form. | +| `DAST_PASSWORD` | string | `p@55w0rd` | The password to enter into the password field on the sign-in HTML form. | +| `DAST_USERNAME_FIELD` | selector | `id:user` | A selector describing the username field on the sign-in HTML form. | +| `DAST_PASSWORD_FIELD` | selector | `css:.password-field` | A selector describing the password field on the sign-in HTML form. | +| `DAST_SUBMIT_FIELD` | selector | `xpath://input[@value='Login']` | A selector describing the element that when clicked submits the login form or the password form of a multi-page login process. | +| `DAST_FIRST_SUBMIT_FIELD` | selector | `.submit` | A selector describing the element that when clicked submits the username form of a multi-page login process. | + +The [DAST variables](index.md#available-variables) `SECURE_ANALYZERS_PREFIX`, `DAST_FULL_SCAN_ENABLED`, `DAST_AUTO_UPDATE_ADDONS`, `DAST_EXCLUDE_RULES`, `DAST_REQUEST_HEADERS`, `DAST_HTML_REPORT`, `DAST_MARKDOWN_REPORT`, `DAST_XML_REPORT`, +`DAST_INCLUDE_ALPHA_VULNERABILITIES`, `DAST_PATHS_FILE`, `DAST_PATHS`, `DAST_ZAP_CLI_OPTIONS`, and `DAST_ZAP_LOG_CONFIGURATION` are also compatible with browser-based crawler scans. + +#### Selectors + +Selectors are used by CI/CD variables to specify the location of an element displayed on a page in a browser. +Selectors have the format `type`:`search string`. The crawler will search for the selector using the search string based on the type. + +| Selector type | Example | Description | +| ------------- | ------------------------------ | ----------- | +| `css` | `css:.password-field` | Searches for a HTML element having the supplied CSS selector. Selectors should be as specific as possible for performance reasons. | +| `id` | `id:element` | Searches for an HTML element with the provided element ID. | +| `name` | `name:element` | Searches for an HTML element with the provided element name. | +| `xpath` | `xpath://*[@id="my-button"]/a` | Searches for a HTML element with the provided XPath. Note that XPath searches are expected to be less performant than other searches. | +| None provided | `a.click-me` | Defaults to searching using a CSS selector. | + +## Vulnerability detection + +While the browser-based crawler crawls modern web applications efficiently, vulnerability detection is still managed by the standard DAST/Zed Attack Proxy (ZAP) solution. + +The crawler runs the target website in a browser with DAST/ZAP configured as the proxy server. This ensures that all requests and responses made by the browser are passively scanned by DAST/ZAP. +When running a full scan, active vulnerability checks executed by DAST/ZAP do not use a browser. This difference in how vulnerabilities are checked can cause issues that require certain features of the target website to be disabled to ensure the scan works as intended. + +For example, for a target website that contains forms with Anti-CSRF tokens, a passive scan will scan as intended because the browser displays pages/forms as if a user is viewing the page. +However, active vulnerability checks run in a full scan will not be able to submit forms containing Anti-CSRF tokens. In such cases we recommend you disable Anti-CSRF tokens when running a full scan. + +## Managing scan time + +It is expected that running the browser-based crawler will result in better coverage for many web applications, when compared to the normal GitLab DAST solution. +This can come at a cost of increased scan time. + +You can manage the trade-off between coverage and scan time with the following measures: + +- Limit the number of actions executed by the browser with the [variable](#available-variables) `DAST_BROWSER_MAX_ACTIONS`. The default is `10,000`. +- Limit the page depth that the browser-based crawler will check coverage on with the [variable](#available-variables) `DAST_BROWSER_MAX_DEPTH`. The crawler uses a breadth-first search strategy, so pages with smaller depth are crawled first. The default is `10`. +- Vertically scaling the runner and using a higher number of browsers with [variable](#available-variables) `DAST_BROWSER_NUMBER_OF_BROWSERS`. The default is `3`. + +## Debugging scans using logging + +Logging can be used to help you troubleshoot a scan. + +The CI/CD variable `DAST_BROWSER_LOG` configures the logging level for particular modules of the crawler. Each module represents a component of the browser-based crawler and is separated so that debug logs can be configured just for the area of the crawler that requires further inspection. For more details, see [Crawler modules](#crawler-modules). + +For example, the following job definition enables the browsing module and the authentication module to be logged in debug-mode: + +```yaml +include: + - template: DAST.gitlab-ci.yml + +variables: + DAST_WEBSITE: "https://my.site.com" + DAST_BROWSER_SCAN: "true" + DAST_BROWSER_LOG: "brows:debug,auth:debug" +``` + +### Log message format + +Log messages have the format `[time] [log level] [log module] [message] [additional properties]`. For example, the following log entry has level `INFO`, is part of the `CRAWL` log module, and has the message `Crawled path`. + +```txt +2021-04-21T00:34:04.000 INF CRAWL Crawled path nav_id=0cc7fd path="LoadURL [https://my.site.com:8090]" +``` + +### Crawler modules + +The modules that can be configured for logging are as follows: + +| Log module | Component overview | +| ---------- | ----------- | +| `AUTH` | Used for creating an authenticated scan. | +| `BROWS` | Used for querying the state/page of the browser. | +| `BPOOL` | The set of browsers that are leased out for crawling. | +| `CRAWL` | Used for the core crawler algorithm. | +| `DATAB` | Used for persisting data to the internal database. | +| `LEASE` | Used to create browsers to add them to the browser pool. | +| `MAIN` | Used for the flow of the main event loop of the crawler. | +| `NAVDB` | Used for persistence mechanisms to store navigation entries. | +| `REPT` | Used for generating reports. | +| `STAT` | Used for general statistics while running the scan. | diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index 65ddece1bde..1093e7cfabd 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -144,6 +144,14 @@ image. Using the `DAST_VERSION` variable, you can choose how DAST updates: Find the latest DAST versions on the [Releases](https://gitlab.com/gitlab-org/security-products/dast/-/releases) page. +#### Crawling web applications dependent on JavaScript + +GitLab has released a new browser-based crawler, an add-on to DAST that uses a browser to crawl web applications for content. This crawler replaces the standard DAST Spider and Ajax Crawler. + +The browser-based crawler crawls websites by browsing web pages as a user would. This approach works well with web applications that make heavy use of JavaScript, such as Single Page Applications. + +For more details, including setup instructions, see [DAST browser-based crawler](browser_based.md). + ## Deployment options Depending on the complexity of the target application, there are a few options as to how to deploy and configure @@ -452,11 +460,14 @@ configured to act as a remote proxy and add the `Gitlab-DAST-Permission` header. ### API scan -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10928) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.10. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10928) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.10. +> - A new DAST API scanning engine was introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.10. Using an API specification as a scan's target is a useful way to seed URLs for scanning an API. Vulnerability rules in an API scan are different than those in a normal website scan. +A new DAST API scanning engine is available in GitLab 13.12 and later. For more details, see [DAST API scanning engine](../dast_api). The new scanning engine supports REST, SOAP, GraphQL, and generic APIs using forms, XML, and JSON. Testing can be performed using OpenAPI, Postman Collections, and HTTP Archive (HAR) documents. + #### Specification format API scans support OpenAPI V2 and OpenAPI V3 specifications. You can define these specifications using `JSON` or `YAML`. @@ -471,7 +482,7 @@ include: - template: DAST.gitlab-ci.yml variables: - DAST_API_SPECIFICATION: http://my.api/api-specification.yml + DAST_API_OPENAPI: http://my.api/api-specification.yml ``` #### Import API specification from a file @@ -486,7 +497,7 @@ dast: - cp api-specification.yml /zap/wrk/api-specification.yml variables: GIT_STRATEGY: fetch - DAST_API_SPECIFICATION: api-specification.yml + DAST_API_OPENAPI: api-specification.yml ``` #### Full API scan @@ -522,7 +533,7 @@ include: - template: DAST.gitlab-ci.yml variables: - DAST_API_SPECIFICATION: http://api-test.host.com/api-specification.yml + DAST_API_OPENAPI: http://api-test.host.com/api-specification.yml DAST_API_HOST_OVERRIDE: api-test.host.com ``` @@ -537,7 +548,7 @@ include: - template: DAST.gitlab-ci.yml variables: - DAST_API_SPECIFICATION: http://api-test.api.com/api-specification.yml + DAST_API_OPENAPI: http://api-test.api.com/api-specification.yml DAST_REQUEST_HEADERS: "Authorization: Bearer my.token" ``` @@ -610,10 +621,42 @@ When using `DAST_PATHS` and `DAST_PATHS_FILE`, note the following: To perform a [full scan](#full-scan) on the listed paths, use the `DAST_FULL_SCAN_ENABLED` CI/CD variable. +### View details of a vulnerability detected by DAST + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/36332) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.1. + +Vulnerabilities detected by DAST occur in the live web application. Addressing these types of +vulnerabilities requires specific information. DAST provides the information required to +investigate and rectify the underlying cause. + +To view details of vulnerabilities detected by DAST: + +1. To see all vulnerabilities detected, either: + - Go to your project and select **Security & Compliance**. + - Go to the merge request and select the **Security** tab. + +1. Select a vulnerability's description. The following details are provided: + + | Field | Description | + |:-----------------|:------------------------------------------------------------------ | + | Description | Description of the vulnerability. | + | Project | Namespace and project in which the vulnerability was detected. | + | Method | HTTP method used to detect the vulnerability. | + | URL | URL at which the vulnerability was detected. | + | Request Headers | Headers of the request. | + | Response Status | Response status received from the application. | + | Response Headers | Headers of the response received from the application. | + | Evidence | Evidence of the data found that verified the vulnerability. Often a snippet of the request or response, this can be used to help verify that the finding is a vulnerability. | + | Identifiers | Identifiers of the vulnerability. | + | Severity | Severity of the vulnerability. | + | Scanner Type | Type of vulnerability report. | + | Links | Links to further details of the detected vulnerability. | + | Solution | Details of a recommended solution to the vulnerability (optional). | + ### Customizing the DAST settings WARNING: -Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#onlyexcept-basic) +Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#only--except) is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. The DAST settings can be changed through CI/CD variables by using the @@ -641,8 +684,9 @@ DAST can be [configured](#customizing-the-dast-settings) using CI/CD variables. | CI/CD variable | Type | Description | |------------------------------| --------|-------------| | `SECURE_ANALYZERS_PREFIX` | URL | Set the Docker registry base address from which to download the analyzer. | -| `DAST_WEBSITE` | URL | The URL of the website to scan. `DAST_API_SPECIFICATION` must be specified if this is omitted. | -| `DAST_API_SPECIFICATION` | URL or string | The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. | +| `DAST_WEBSITE` | URL | The URL of the website to scan. `DAST_API_OPENAPI` must be specified if this is omitted. | +| `DAST_API_OPENAPI` | URL or string | The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. | +| `DAST_API_SPECIFICATION` | URL or string | [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/290241) in GitLab 13.12 and replaced by `DAST_API_OPENAPI`. To be removed in GitLab 15.0. The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. | | `DAST_SPIDER_START_AT_HOST` | boolean | Set to `false` to prevent DAST from resetting the target to its host before scanning. When `true`, non-host targets `http://test.site/some_path` is reset to `http://test.site` before scan. Default: `true`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/258805) in GitLab 13.6. | | `DAST_AUTH_URL` | URL | The URL of the page containing the sign-in HTML form on the target website. `DAST_USERNAME` and `DAST_PASSWORD` are submitted with the login form to create an authenticated scan. Not supported for API scans. | | `DAST_AUTH_VERIFICATION_URL` | URL | A URL only accessible to logged in users that DAST can use to confirm successful authentication. If provided, DAST will exit if it cannot access the URL. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207335) in GitLab 13.8. @@ -658,6 +702,7 @@ DAST can be [configured](#customizing-the-dast-settings) using CI/CD variables. | `DAST_AUTO_UPDATE_ADDONS` | boolean | ZAP add-ons are pinned to specific versions in the DAST Docker image. Set to `true` to download the latest versions when the scan starts. Default: `false` | | `DAST_API_HOST_OVERRIDE` | string | Used to override domains defined in API specification files. Only supported when importing the API specification from a URL. Example: `example.com:8080` | | `DAST_EXCLUDE_RULES` | string | Set to a comma-separated list of Vulnerability Rule IDs to exclude them from running during the scan. Rule IDs are numbers and can be found from the DAST log or on the [ZAP project](https://github.com/zaproxy/zaproxy/blob/develop/docs/scanners.md). For example, `HTTP Parameter Override` has a rule ID of `10026`. **Note:** In earlier versions of GitLab the excluded rules were executed but alerts they generated were suppressed. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118641) in GitLab 12.10. | +| `DAST_ONLY_INCLUDE_RULES` | string | Set to a comma-separated list of Vulnerability Rule IDs to configure the scan to run only them. Rule IDs are numbers and can be found from the DAST log or on the [ZAP project](https://github.com/zaproxy/zaproxy/blob/develop/docs/scanners.md). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250651) in GitLab 13.12. | | `DAST_REQUEST_HEADERS` | string | Set to a comma-separated list of request header names and values. Headers are added to every request made by DAST. For example, `Cache-control: no-cache,User-Agent: DAST/1.0` | | `DAST_DEBUG` | boolean | Enable debug message output. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | | `DAST_SPIDER_MINS` | number | The maximum duration of the spider scan in minutes. Set to `0` for unlimited. Default: One minute, or unlimited when the scan is a full scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | @@ -794,9 +839,9 @@ For DAST, import the following default DAST analyzer image from `registry.gitlab The process for importing Docker images into a local offline Docker registry depends on **your network security policy**. Please consult your IT staff to find an accepted and approved -process by which external resources can be imported or temporarily accessed. Note -that these scanners are [updated periodically](../index.md#maintenance-and-update-of-the-vulnerabilities-database) -with new definitions, so consider if you're able to make periodic updates yourself. +process by which external resources can be imported or temporarily accessed. +These scanners are [periodically updated](../vulnerabilities/index.md#vulnerability-scanner-maintenance) +with new definitions, and you may be able to make occasional updates on your own. For details on saving and transporting Docker images as a file, see Docker's documentation on [`docker save`](https://docs.docker.com/engine/reference/commandline/save/), @@ -944,15 +989,18 @@ required for an on-demand DAST scan. A site profile contains the following: - **Profile name**: A name you assign to the site to be scanned. +- **Site type**: The type of target to be scanned, either website or API scan. - **Target URL**: The URL that DAST runs against. - **Excluded URLs**: A comma-separated list of URLs to exclude from the scan. - **Request headers**: A comma-separated list of HTTP request headers, including names and values. These headers are added to every request made by DAST. - **Authentication**: - - **Authenticated URL**: The URL of the page containing the sign-in HTML form on the target website. The username and password are submitted with the login form to create an authenticated scan. + - **Authenticated URL**: The URL of the page containing the sign-in HTML form on the target website. The username and password are submitted with the login form to create an authenticated scan. - **Username**: The username used to authenticate to the website. - **Password**: The password used to authenticate to the website. - - **Username form field**: The name of username field at the sign-in HTML form. - - **Password form field**: The name of password field at the sign-in HTML form. + - **Username form field**: The name of username field at the sign-in HTML form. + - **Password form field**: The name of password field at the sign-in HTML form. + +When an API site type is selected, a [host override](#host-override) is used to ensure the API being scanned is on the same host as the target. This is done to reduce the risk of running an active scan against the wrong API. #### Site profile validation diff --git a/doc/user/application_security/dast_api/img/dast_api_postman_collection_edit_variable.png b/doc/user/application_security/dast_api/img/dast_api_postman_collection_edit_variable.png Binary files differnew file mode 100644 index 00000000000..3a2799ecdc1 --- /dev/null +++ b/doc/user/application_security/dast_api/img/dast_api_postman_collection_edit_variable.png diff --git a/doc/user/application_security/dast_api/img/dast_api_postman_environment_edit_variable.png b/doc/user/application_security/dast_api/img/dast_api_postman_environment_edit_variable.png Binary files differnew file mode 100644 index 00000000000..656ba7652cd --- /dev/null +++ b/doc/user/application_security/dast_api/img/dast_api_postman_environment_edit_variable.png diff --git a/doc/user/application_security/dast_api/img/dast_api_postman_request_edit.png b/doc/user/application_security/dast_api/img/dast_api_postman_request_edit.png Binary files differnew file mode 100644 index 00000000000..3750af8f455 --- /dev/null +++ b/doc/user/application_security/dast_api/img/dast_api_postman_request_edit.png diff --git a/doc/user/application_security/dast_api/index.md b/doc/user/application_security/dast_api/index.md new file mode 100644 index 00000000000..5e47f545ef9 --- /dev/null +++ b/doc/user/application_security/dast_api/index.md @@ -0,0 +1,1140 @@ +--- +stage: Secure +group: Dynamic Analysis +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference, howto +--- + +# DAST API **(ULTIMATE)** + +You can add dynamic application security testing of web APIs to your [GitLab CI/CD](../../../ci/README.md) pipelines. +This helps you discover bugs and potential security issues that other QA processes may miss. + +We recommend that you use DAST API testing in addition to [GitLab Secure](../index.md)'s +other security scanners and your own test processes. If you're using [GitLab CI/CD](../../../ci/README.md), +you can run DAST API tests as part your CI/CD workflow. + +## Requirements + +- One of the following web API types: + - REST API + - SOAP + - GraphQL + - Form bodies, JSON, or XML +- One of the following assets to provide APIs to test: + - OpenAPI v2 or v3 API definition + - Postman Collection v2.0 or v2.1 + - HTTP Archive (HAR) of API requests to test + +## When DAST API scans run + +When using the `DAST-API.gitlab-ci.yml` template, the defined jobs use the `dast` stage by default. To enable your `.gitlab-ci.yml` file must include the `dast` stage in your `stages` definition. To ensure DAST API scans the latest code, your CI pipeline should deploy changes to a test environment in a stage before the `dast` stage: + +```yaml +stages: + - build + - test + - deploy + - dast +``` + +Note that if your pipeline is configured to deploy to the same web server on each run, running a +pipeline while another is still running could cause a race condition in which one pipeline +overwrites the code from another. The API to scan should be excluded from changes for the duration +of a DAST API scan. The only changes to the API should be from the DAST API scanner. Be aware that +any changes made to the API (for example, by users, scheduled tasks, database changes, code +changes, other pipelines, or other scanners) during a scan could cause inaccurate results. + +## Enable DAST API scanning + +There are three ways to perform scans. See the configuration section for the one you wish to use: + +- [OpenAPI v2 or v3 specification](#openapi-specification) +- [HTTP Archive (HAR)](#http-archive-har) +- [Postman Collection v2.0 or v2.1](#postman-collection) + +Examples of various configurations can be found here: + +- [Example OpenAPI v2 specification project](https://gitlab.com/gitlab-org/security-products/demos/api-dast/openapi-example) +- [Example HTTP Archive (HAR) project](https://gitlab.com/gitlab-org/security-products/demos/api-dast/har-example) +- [Example Postman Collection project](https://gitlab.com/gitlab-org/security-products/demos/api-dast/postman-example) +- [Example GraphQL project](https://gitlab.com/gitlab-org/security-products/demos/api-dast/graphql-example) + +WARNING: +GitLab 14.0 will require that you place DAST API configuration files (for example, +`gitlab-dast-api-config.yml`) in your repository's `.gitlab` directory instead of your +repository's root. You can continue using your existing configuration files as they are, but +starting in GitLab 14.0, GitLab will not check your repository's root for configuration files. + +### OpenAPI Specification + +> Support for OpenAPI Specification using YAML format was +> [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/330583) in GitLab 14.0. + +The [OpenAPI Specification](https://www.openapis.org/) (formerly the Swagger Specification) is an API description format for REST APIs. +This section shows you how to configure API fuzzing using an OpenAPI Specification to provide information about the target API to test. +OpenAPI Specifications are provided as a file system resource or URL. Both JSON and YAML OpenAPI formats are supported. + +DAST API uses an OpenAPI document to generate the request body. When a request body is required, +the body generation is limited to these body types: + +- `application/x-www-form-urlencoded` +- `multipart/form-data` +- `application/json` + +Follow these steps to configure DAST API in GitLab with an OpenAPI specification: + +1. To use DAST API, you must [include](../../../ci/yaml/README.md#includetemplate) + the [`DAST-API.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/DAST-API.gitlab-ci.yml) + that's provided as part of your GitLab installation. Add the following to your + `.gitlab-ci.yml` file: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + ``` + +1. The [configuration file](#configuration-files) has several testing profiles defined with different checks enabled. We recommend that you start with the `Quick` profile. + Testing with this profile completes faster, allowing for easier configuration validation. + + Provide the profile by adding the `DAST_API_PROFILE` CI/CD variable to your `.gitlab-ci.yml` file, + substituting `Quick` for the profile you choose: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_PROFILE: Quick + ``` + +1. Provide the location of the OpenAPI specification. You can provide the specification as a file + or URL. Specify the location by adding the `DAST_API_OPENAPI` variable: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_PROFILE: Quick + DAST_API_OPENAPI: test-api-specification.json + ``` + +1. The target API instance's base URL is also required. Provide it by using the `DAST_API_TARGET_URL` + variable or an `environment_url.txt` file. + + Adding the URL in an `environment_url.txt` file at your project's root is great for testing in + dynamic environments. To run DAST API against an app dynamically created during a GitLab CI/CD + pipeline, have the app persist its URL in an `environment_url.txt` file. DAST API + automatically parses that file to find its scan target. You can see an + [example of this in our Auto DevOps CI YAML](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml). + + Here's an example of using `DAST_API_TARGET_URL`: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_PROFILE: Quick + DAST_API_OPENAPI: test-api-specification.json + DAST_API_TARGET_URL: http://test-deployment/ + ``` + +This is a minimal configuration for DAST API. From here you can: + +- [Run your first scan](#running-your-first-scan). +- [Add authentication](#authentication). +- Learn how to [handle false positives](#handling-false-positives). + +WARNING: +**NEVER** run DAST API testing against a production server. Not only can it perform *any* function that the API can, it may also trigger bugs in the API. This includes actions like modifying and deleting data. Only run DAST API scanning against a test server. + +### HTTP Archive (HAR) + +The [HTTP Archive format (HAR)](http://www.softwareishard.com/blog/har-12-spec/) +is an archive file format for logging HTTP transactions. When used with the GitLab DAST API scanner, HAR must contain records of calling the web API to test. The DAST API scanner extracts all the requests and +uses them to perform testing. + +You can use various tools to generate HAR files: + +- [Insomnia Core](https://insomnia.rest/): API client +- [Chrome](https://www.google.com/chrome/): Browser +- [Firefox](https://www.mozilla.org/en-US/firefox/): Browser +- [Fiddler](https://www.telerik.com/fiddler): Web debugging proxy +- [GitLab HAR Recorder](https://gitlab.com/gitlab-org/security-products/har-recorder): Command line + +WARNING: +HAR files may contain sensitive information such as authentication tokens, API keys, and session +cookies. We recommend that you review the HAR file contents before adding them to a repository. + +Follow these steps to configure DAST API to use a HAR file that provides information about the +target API to test: + +1. To use DAST API, you must [include](../../../ci/yaml/README.md#includetemplate) + the [`DAST-API.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/DAST-API.gitlab-ci.yml) + that's provided as part of your GitLab installation. To do so, add the following to your + `.gitlab-ci.yml` file: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + ``` + +1. The [configuration file](#configuration-files) has several testing profiles defined with different checks enabled. We recommend that you start with the `Quick` profile. + Testing with this profile completes faster, allowing for easier configuration validation. + + Provide the profile by adding the `DAST_API_PROFILE` CI/CD variable to your `.gitlab-ci.yml` file, + substituting `Quick` for the profile you choose: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_PROFILE: Quick + ``` + +1. Provide the location of the HAR specification. You can provide the specification as a file + or URL. [URL support was introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/285020) in GitLab 13.10 and later. Specify the location by adding the `DAST_API_HAR` variable: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_PROFILE: Quick + DAST_API_HAR: test-api-recording.har + ``` + +1. The target API instance's base URL is also required. Provide it by using the `DAST_API_TARGET_URL` + variable or an `environment_url.txt` file. + + Adding the URL in an `environment_url.txt` file at your project's root is great for testing in + dynamic environments. To run DAST API against an app dynamically created during a GitLab CI/CD + pipeline, have the app persist its URL in an `environment_url.txt` file. DAST API + automatically parses that file to find its scan target. You can see an + [example of this in our Auto DevOps CI YAML](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml). + + Here's an example of using `DAST_API_TARGET_URL`: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_PROFILE: Quick + DAST_API_HAR: test-api-recording.har + DAST_API_TARGET_URL: http://test-deployment/ + ``` + +This is a minimal configuration for DAST API. From here you can: + +- [Run your first scan](#running-your-first-scan). +- [Add authentication](#authentication). +- Learn how to [handle false positives](#handling-false-positives). + +WARNING: +**NEVER** run DAST API testing against a production server. Not only can it perform *any* function that +the API can, it may also trigger bugs in the API. This includes actions like modifying and deleting +data. Only run DAST API against a test server. + +### Postman Collection + +The [Postman API Client](https://www.postman.com/product/api-client/) is a popular tool that +developers and testers use to call various types of APIs. The API definitions +[can be exported as a Postman Collection file](https://learning.postman.com/docs/getting-started/importing-and-exporting-data/#exporting-postman-data) +for use with DAST API. When exporting, make sure to select a supported version of Postman +Collection: v2.0 or v2.1. + +When used with the GitLab DAST API scanner, Postman Collections must contain definitions of the web API to +test with valid data. The DAST API scanner extracts all the API definitions and uses them to perform +testing. + +WARNING: +Postman Collection files may contain sensitive information such as authentication tokens, API keys, +and session cookies. We recommend that you review the Postman Collection file contents before adding +them to a repository. + +Follow these steps to configure DAST API to use a Postman Collection file that provides +information about the target API to test: + +1. To use DAST API, you must [include](../../../ci/yaml/README.md#includetemplate) + the [`DAST-API.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/DAST-API.gitlab-ci.yml) + that's provided as part of your GitLab installation. To do so, add the following to your + `.gitlab-ci.yml` file: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + ``` + +1. The [configuration file](#configuration-files) has several testing profiles defined with different checks enabled. We recommend that you start with the `Quick` profile. + Testing with this profile completes faster, allowing for easier configuration validation. + + Provide the profile by adding the `DAST_API_PROFILE` CI/CD variable to your `.gitlab-ci.yml` file, + substituting `Quick` for the profile you choose: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_PROFILE: Quick + ``` + +1. Provide the location of the Postman Collection specification. You can provide the specification as a file or URL. Specify the location by adding the `DAST_API_POSTMAN_COLLECTION` variable: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_PROFILE: Quick + DAST_API_POSTMAN_COLLECTION: postman-collection_serviceA.json + ``` + +1. The target API instance's base URL is also required. Provide it by using the `DAST_API_TARGET_URL` + variable or an `environment_url.txt` file. + + Adding the URL in an `environment_url.txt` file at your project's root is great for testing in + dynamic environments. To run DAST API against an app dynamically created during a GitLab CI/CD + pipeline, have the app persist its URL in an `environment_url.txt` file. DAST API + automatically parses that file to find its scan target. You can see an + [example of this in our Auto DevOps CI YAML](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml). + + Here's an example of using `DAST_API_TARGET_URL`: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_PROFILE: Quick + DAST_API_POSTMAN_COLLECTION: postman-collection_serviceA.json + DAST_API_TARGET_URL: http://test-deployment/ + ``` + +This is a minimal configuration for DAST API. From here you can: + +- [Run your first scan](#running-your-first-scan). +- [Add authentication](#authentication). +- Learn how to [handle false positives](#handling-false-positives). + +WARNING: +**NEVER** run DAST API testing against a production server. Not only can it perform *any* function that +the API can, it may also trigger bugs in the API. This includes actions like modifying and deleting +data. Only run DAST API against a test server. + +#### Postman variables + +Postman allows the developer to define placeholders that can be used in different parts of the +requests. These placeholders are called variables, as explained in [Using variables](https://learning.postman.com/docs/sending-requests/variables/). +You can use variables to store and reuse values in your requests and scripts. For example, you can +edit the collection to add variables to the document: + + + +You can then use the variables in sections such as URL, headers, and others: + + + +Variables can be defined at different [scopes](https://learning.postman.com/docs/sending-requests/variables/#variable-scopes) +(for example, Global, Collection, Environment, Local, and Data). In this example, they're defined at +the Environment scope: + + + +When you export a Postman collection, only Postman collection variables are exported into the +Postman file. For example, Postman does not export environment-scoped variables into the Postman +file. + +By default, the DAST API scanner uses the Postman file to resolve Postman variable values. If a JSON file +is set in a GitLab CI environment variable `DAST_API_POSTMAN_COLLECTION_VARIABLES`, then the JSON +file takes precedence to get Postman variable values. + +Although Postman can export environment variables into a JSON file, the format is not compatible +with the JSON expected by `DAST_API_POSTMAN_COLLECTION_VARIABLES`. + +Here is an example of using `DAST_API_POSTMAN_COLLECTION_VARIABLES`: + +```yaml +stages: + - dast + +include: + - template: DAST-API.gitlab-ci.yml + +variables: + DAST_API_PROFILE: Quick + DAST_API_POSTMAN_COLLECTION: postman-collection_serviceA.json + DAST_API_POSTMAN_COLLECTION_VARIABLES: variable-collection-dictionary.json + DAST_API_TARGET_URL: http://test-deployment/ +``` + +The file `variable-collection-dictionary.json` is a JSON document. This JSON is an object with +key-value pairs for properties. The keys are the variables' names, and the values are the variables' +values. For example: + + ```json + { + "base_url": "http://127.0.0.1/", + "token": "Token 84816165151" + } + ``` + +### Authentication + +Authentication is handled by providing the authentication token as a header or cookie. You can +provide a script that performs an authentication flow or calculates the token. + +#### HTTP Basic Authentication + +[HTTP basic authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) +is an authentication method built in to the HTTP protocol and used in conjunction with +[transport layer security (TLS)](https://en.wikipedia.org/wiki/Transport_Layer_Security). +To use HTTP basic authentication, two CI/CD variables are added to your `.gitlab-ci.yml` file: + +- `DAST_API_HTTP_USERNAME`: The username for authentication. +- `DAST_API_HTTP_PASSWORD`: The password for authentication. + +For the password, we recommended that you [create a CI/CD variable](../../../ci/variables/README.md#custom-cicd-variables) +(for example, `TEST_API_PASSWORD`) set to the password. You can create CI/CD variables from the +GitLab projects page at **Settings > CI/CD**, in the **Variables** section. Use that variable +as the value for `DAST_API_HTTP_PASSWORD`: + +```yaml +stages: + - dast + +include: + - template: DAST-API.gitlab-ci.yml + +variables: + DAST_API_PROFILE: Quick + DAST_API_HAR: test-api-recording.har + DAST_API_TARGET_URL: http://test-deployment/ + DAST_API_HTTP_USERNAME: testuser + DAST_API_HTTP_PASSWORD: $TEST_API_PASSWORD +``` + +#### Bearer Tokens + +Bearer tokens are used by several different authentication mechanisms, including OAuth2 and JSON Web +Tokens (JWT). Bearer tokens are transmitted using the `Authorization` HTTP header. To use bearer +tokens with DAST API, you need one of the following: + +- A token that doesn't expire +- A way to generate a token that lasts the length of testing +- A Python script that DAST API can call to generate the token + +##### Token doesn't expire + +If the bearer token doesn't expire, use the `DAST_API_OVERRIDES_ENV` variable to provide it. This +variable's content is a JSON snippet that provides headers and cookies to add to DAST API's +outgoing HTTP requests. + +Follow these steps to provide the bearer token with `DAST_API_OVERRIDES_ENV`: + +1. [Create a CI/CD variable](../../../ci/variables/README.md#custom-cicd-variables), + for example `TEST_API_BEARERAUTH`, with the value + `{"headers":{"Authorization":"Bearer dXNlcm5hbWU6cGFzc3dvcmQ="}}` (substitute your token). You + can create CI/CD variables from the GitLab projects page at **Settings > CI/CD**, in the + **Variables** section. + +1. In your `.gitlab-ci.yml` file, set `DAST_API_OVERRIDES_ENV` to the variable you just created: + + ```yaml + stages: + - dast + + include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_PROFILE: Quick + DAST_API_OPENAPI: test-api-specification.json + DAST_API_TARGET_URL: http://test-deployment/ + DAST_API_OVERRIDES_ENV: $TEST_API_BEARERAUTH + ``` + +1. To validate that authentication is working, run an DAST API test and review the job logs + and the test API's application logs. + +##### Token generated at test runtime + +If the bearer token must be generated and doesn't expire during testing, you can provide to DAST API a file containing the token. A prior stage and job, or part of the DAST API job, can +generate this file. + +DAST API expects to receive a JSON file with the following structure: + +```json +{ + "headers" : { + "Authorization" : "Bearer dXNlcm5hbWU6cGFzc3dvcmQ=" + } +} +``` + +This file can be generated by a prior stage and provided to DAST API through the +`DAST_API_OVERRIDES_FILE` CI/CD variable. + +Set `DAST_API_OVERRIDES_FILE` in your `.gitlab-ci.yml` file: + +```yaml +stages: + - dast + +include: + - template: DAST-API.gitlab-ci.yml + +variables: + DAST_API_PROFILE: Quick + DAST_API_OPENAPI: test-api-specification.json + DAST_API_TARGET_URL: http://test-deployment/ + DAST_API_OVERRIDES_FILE: output/dast-api-overrides.json +``` + +To validate that authentication is working, run an DAST API test and review the job logs and +the test API's application logs. + +##### Token has short expiration + +If the bearer token must be generated and expires prior to the scan's completion, you can provide a +program or script for the DAST API scanner to execute on a provided interval. The provided script runs in +an Alpine Linux container that has Python 3 and Bash installed. If the Python script requires +additional packages, it must detect this and install the packages at runtime. + +The script must create a JSON file containing the bearer token in a specific format: + +```json +{ + "headers" : { + "Authorization" : "Bearer dXNlcm5hbWU6cGFzc3dvcmQ=" + } +} +``` + +You must provide three CI/CD variables, each set for correct operation: + +- `DAST_API_OVERRIDES_FILE`: JSON file the provided command generates. +- `DAST_API_OVERRIDES_CMD`: Command that generates the JSON file. +- `DAST_API_OVERRIDES_INTERVAL`: Interval (in seconds) to run command. + +For example: + +```yaml +stages: + - dast + +include: + - template: DAST-API.gitlab-ci.yml + +variables: + DAST_API_PROFILE: Quick + DAST_API_OPENAPI: test-api-specification.json + DAST_API_TARGET_URL: http://test-deployment/ + DAST_API_OVERRIDES_FILE: output/dast-api-overrides.json + DAST_API_OVERRIDES_CMD: renew_token.py + DAST_API_OVERRIDES_INTERVAL: 300 +``` + +To validate that authentication is working, run an DAST API test and review the job logs and +the test API's application logs. + +### Configuration files + +To get you started quickly, GitLab provides the configuration file +[`gitlab-dast-api-config.yml`](https://gitlab.com/gitlab-org/security-products/analyzers/dast/-/blob/master/config/gitlab-dast-api-config.yml). +This file has several testing profiles that perform various numbers of tests. The run time of each +profile increases as the test numbers go up. To use a configuration file, add it to your +repository's root as `.gitlab/gitlab-dast-api-config.yml`. + +#### Profiles + +The following profiles are pre-defined in the default configuration file. Profiles +can be added, removed, and modified by creating a custom configuration. + +##### Quick + +- Application Information Check +- Cleartext Authentication Check +- FrameworkDebugModeCheck +- HTML Injection Check +- Insecure Http Methods Check +- JSON Hijacking Check +- JSON Injection Check +- Sensitive Information Check +- Session Cookie Check +- SQL Injection Check +- Token Check +- XML Injection Check + +##### Full + +- Application Information Check +- Cleartext AuthenticationCheck +- CORS Check +- DNS Rebinding Check +- Framework Debug Mode Check +- HTML Injection Check +- Insecure Http Methods Check +- JSON Hijacking Check +- JSON Injection Check +- Open Redirect Check +- Sensitive File Check +- Sensitive Information Check +- Session Cookie Check +- SQL Injection Check +- TLS Configuration Check +- Token Check +- XML Injection Check + +### Available CI/CD variables + +| CI/CD variable | Description | +|------------------------------------------------------|--------------------| +| `DAST_API_VERSION` | Specify DAST API container version. Defaults to `latest`. | +| `DAST_API_TARGET_URL` | Base URL of API testing target. | +|[`DAST_API_CONFIG`](#configuration-files) | DAST API configuration file. Defaults to `.gitlab-dast-api.yml`. | +|[`DAST_API_PROFILE`](#configuration-files) | Configuration profile to use during testing. Defaults to `Quick`. | +|[`DAST_API_OPENAPI`](#openapi-specification) | OpenAPI specification file or URL. | +|[`DAST_API_HAR`](#http-archive-har) | HTTP Archive (HAR) file. | +|[`DAST_API_POSTMAN_COLLECTION`](#postman-collection) | Postman Collection file. | +|[`DAST_API_POSTMAN_COLLECTION_VARIABLES`](#postman-variables) | Path to a JSON file to extract postman variable values. | +|[`DAST_API_OVERRIDES_FILE`](#overrides) | Path to a JSON file containing overrides. | +|[`DAST_API_OVERRIDES_ENV`](#overrides) | JSON string containing headers to override. | +|[`DAST_API_OVERRIDES_CMD`](#overrides) | Overrides command. | +|[`DAST_API_OVERRIDES_INTERVAL`](#overrides) | How often to run overrides command in seconds. Defaults to `0` (once). | +|[`DAST_API_HTTP_USERNAME`](#http-basic-authentication) | Username for HTTP authentication. | +|[`DAST_API_HTTP_PASSWORD`](#http-basic-authentication) | Password for HTTP authentication. | +|`DAST_API_SERVICE_START_TIMEOUT` | How long to wait for target API to become available in seconds. Default is 300 seconds. | +|`DAST_API_TIMEOUT` | How long to wait for API responses in seconds. Default is 30 seconds. | + +### Overrides + +DAST API provides a method to add or override specific items in your request, for example: + +- Headers +- Cookies +- Query string +- Form data +- JSON nodes +- XML nodes + +You can use this to inject semantic version headers, authentication, and so on. The +[authentication section](#authentication) includes examples of using overrides for that purpose. + +Overrides use a JSON document, where each type of override is represented by a JSON object: + +```json +{ + "headers": { + "header1": "value", + "header2": "value" + }, + "cookies": { + "cookie1": "value", + "cookie2": "value" + }, + "query": { + "query-string1": "value", + "query-string2": "value" + }, + "body-form": { + "form-param1": "value", + "form-param1": "value", + }, + "body-json": { + "json-path1": "value", + "json-path2": "value", + }, + "body-xml" : { + "xpath1": "value", + "xpath2": "value", + } +} +``` + +Example of setting a single header: + +```json +{ + "headers": { + "Authorization": "Bearer dXNlcm5hbWU6cGFzc3dvcmQ=" + } +} +``` + +Example of setting both a header and cookie: + +```json +{ + "headers": { + "Authorization": "Bearer dXNlcm5hbWU6cGFzc3dvcmQ=" + }, + "cookies": { + "flags": "677" + } +} +``` + +Example usage for setting a `body-form` override: + +```json +{ + "body-form": { + "username": "john.doe" + } +} +``` + +The override engine uses `body-form` when the request body has only form-data content. + +Example usage for setting a `body-json` override: + +```json +{ + "body-json": { + "$.credentials.access-token": "iddqd!42.$" + } +} +``` + +Note that each JSON property name in the object `body-json` is set to a [JSON Path](https://goessner.net/articles/JsonPath/) +expression. The JSON Path expression `$.credentials.access-token` identifies the node to be +overridden with the value `iddqd!42.$`. The override engine uses `body-json` when the request body +has only [JSON](https://www.json.org/json-en.html) content. + +For example, if the body is set to the following JSON: + +```json +{ + "credentials" : { + "username" :"john.doe", + "access-token" : "non-valid-password" + } +} +``` + +It is changed to: + +```json +{ + "credentials" : { + "username" :"john.doe", + "access-token" : "iddqd!42.$" + } +} +``` + +Here's an example for setting a `body-xml` override. The first entry overrides an XML attribute and +the second entry overrides an XML element: + +```json +{ + "body-xml" : { + "/credentials/@isEnabled": "true", + "/credentials/access-token/text()" : "iddqd!42.$" + } +} +``` + +Note that each JSON property name in the object `body-xml` is set to an +[XPath v2](https://www.w3.org/TR/xpath20/) +expression. The XPath expression `/credentials/@isEnabled` identifies the attribute node to override +with the value `true`. The XPath expression `/credentials/access-token/text()` identifies the +element node to override with the value `iddqd!42.$`. The override engine uses `body-xml` when the +request body has only [XML](https://www.w3.org/XML/) +content. + +For example, if the body is set to the following XML: + +```xml +<credentials isEnabled="false"> + <username>john.doe</username> + <access-token>non-valid-password</access-token> +</credentials> +``` + +It is changed to: + +```xml +<credentials isEnabled="true"> + <username>john.doe</username> + <access-token>iddqd!42.$</access-token> +</credentials> +``` + +You can provide this JSON document as a file or environment variable. You may also provide a command +to generate the JSON document. The command can run at intervals to support values that expire. + +#### Using a file + +To provide the overrides JSON as a file, the `DAST_API_OVERRIDES_FILE` CI/CD variable is set. The path is relative to the job current working directory. + +Here's an example `.gitlab-ci.yml`: + +```yaml +stages: + - dast + +include: + - template: DAST-API.gitlab-ci.yml + +variables: + DAST_API_PROFILE: Quick + DAST_API_OPENAPI: test-api-specification.json + DAST_API_TARGET_URL: http://test-deployment/ + DAST_API_OVERRIDES_FILE: output/dast-api-overrides.json +``` + +#### Using a CI/CD variable + +To provide the overrides JSON as a CI/CD variable, use the `DAST_API_OVERRIDES_ENV` variable. +This allows you to place the JSON as variables that can be masked and protected. + +In this example `.gitlab-ci.yml`, the `DAST_API_OVERRIDES_ENV` variable is set directly to the JSON: + +```yaml +stages: + - dast + +include: + - template: DAST-API.gitlab-ci.yml + +variables: + DAST_API_PROFILE: Quick + DAST_API_OPENAPI: test-api-specification.json + DAST_API_TARGET_URL: http://test-deployment/ + DAST_API_OVERRIDES_ENV: '{"headers":{"X-API-Version":"2"}}' +``` + +In this example `.gitlab-ci.yml`, the `SECRET_OVERRIDES` variable provides the JSON. This is a +[group or instance level CI/CD variable defined in the UI](../../../ci/variables/README.md#instance-cicd-variables): + +```yaml +stages: + - dast + +include: + - template: DAST-API.gitlab-ci.yml + +variables: + DAST_API_PROFILE: Quick + DAST_API_OPENAPI: test-api-specification.json + DAST_API_TARGET_URL: http://test-deployment/ + DAST_API_OVERRIDES_ENV: $SECRET_OVERRIDES +``` + +#### Using a command + +If the value must be generated or regenerated on expiration, you can provide a program or script for +the DAST API scanner to execute on a specified interval. The provided script runs in an Alpine Linux +container that has Python 3 and Bash installed. If the Python script requires additional packages, +it must detect this and install the packages at runtime. The script creates the overrides JSON file +as defined above. + +You must provide three CI/CD variables, each set for correct operation: + +- `DAST_API_OVERRIDES_FILE`: File generated by the provided command. +- `DAST_API_OVERRIDES_CMD`: Command to generate JSON file. +- `DAST_API_OVERRIDES_INTERVAL`: Interval in seconds to run command. + +```yaml +stages: + - dast + +include: + - template: DAST-API.gitlab-ci.yml + +variables: + DAST_API_PROFILE: Quick + DAST_API_OPENAPI: test-api-specification.json + DAST_API_TARGET_URL: http://test-deployment/ + DAST_API_OVERRIDES_FILE: output/dast-api-overrides.json + DAST_API_OVERRIDES_CMD: renew_token.py + DAST_API_OVERRIDES_INTERVAL: 300 +``` + +## Running your first scan + +When configured correctly, a CI/CD pipeline contains a `dast` stage and an `dast_api` job. The job only fails when an invalid configuration is provided. During normal operation, the job always succeeds even if vulnerabilities are identified during testing. + +Vulnerabilities are displayed on the **Security** pipeline tab with the suite name. When testing against the repositories default branch, the DAST API vulnerabilities are also shown on the Security & Compliance's Vulnerability Report page. + +To prevent an excessive number of reported vulnerabilities, the DAST API scanner limits the number of vulnerabilities it reports per operation. + +## Viewing DAST API vulnerabilities + +The DAST API analyzer produces a JSON report that is collected and used +[to populate the vulnerabilities into GitLab vulnerability screens](#view-details-of-a-dast-api-vulnerability). + +See [handling false positives](#handling-false-positives) for information about configuration changes you can make to limit the number of false positives reported. + +### View details of a DAST API vulnerability + +Follow these steps to view details of a vulnerability: + +1. You can view vulnerabilities in a project, or a merge request: + + - In a project, go to the project's **{shield}** **Security & Compliance > Vulnerability Report** + page. This page shows all vulnerabilities from the default branch only. + - In a merge request, go the merge request's **Security** section and click the **Expand** + button. DAST API vulnerabilities are available in a section labeled + **DAST detected N potential vulnerabilities**. Click the title to display the vulnerability + details. + +1. Click the vulnerabilities title to display the details. The table below describes these details. + + | Field | Description | + |:--------------------|:----------------------------------------------------------------------------------------| + | Description | Description of the vulnerability including what was modified. | + | Project | Namespace and project in which the vulnerability was detected. | + | Method | HTTP method used to detect the vulnerability. | + | URL | URL at which the vulnerability was detected. | + | Request | The HTTP request that caused the vulnerability. | + | Unmodified Response | Response from an unmodified request. This is what a normal working response looks like. | + | Actual Response | Response received from test request. | + | Evidence | How we determined a vulnerability occurred. | + | Identifiers | The DAST API check used to find this vulnerability. | + | Severity | Severity of the vulnerability. | + | Scanner Type | Scanner used to perform testing. | + +### Security Dashboard + +The Security Dashboard is a good place to get an overview of all the security vulnerabilities in your groups, projects and +pipelines. For more information, see the [Security Dashboard documentation](../security_dashboard/index.md). + +### Interacting with the vulnerabilities + +Once a vulnerability is found, you can interact with it. Read more on how to +[address the vulnerabilities](../vulnerabilities/index.md). + +## Handling False Positives + +False positives can be handled in several ways: + +- Dismiss the vulnerability. +- Some checks have several methods of detecting when a vulnerability is identified, called _Assertions_. + Assertions can also be turned off and configured. For example, the DAST API scanner by default uses HTTP + status codes to help identify when something is a real issue. If an API returns a 500 error during + testing, this creates a vulnerability. This isn't always desired, as some frameworks return 500 errors often. +- Turn off the Check producing the false positive. This prevents the check from generating any + vulnerabilities. Example checks are the SQL Injection Check, and JSON Hijacking Check. + +### Turn off a Check + +Checks perform testing of a specific type and can be turned on and off for specific configuration +profiles. The provided [configuration files](#configuration-files) define several profiles that you +can use. The profile definition in the configuration file lists all the checks that are active +during a scan. To turn off a specific check, remove it from the profile definition in the +configuration file. The profiles are defined in the `Profiles` section of the configuration file. + +Example profile definition: + +```yaml +Profiles: + - Name: Quick + DefaultProfile: Empty + Routes: + - Route: *Route0 + Checks: + - Name: ApplicationInformationCheck + - Name: CleartextAuthenticationCheck + - Name: FrameworkDebugModeCheck + - Name: HtmlInjectionCheck + - Name: InsecureHttpMethodsCheck + - Name: JsonHijackingCheck + - Name: JsonInjectionCheck + - Name: SensitiveInformationCheck + - Name: SessionCookieCheck + - Name: SqlInjectionCheck + - Name: TokenCheck + - Name: XmlInjectionCheck +``` + +To turn off the JSON Hijacking Check you can remove these lines: + +```yaml + - Name: JsonHijackingCheck +``` + +This results in the following YAML: + +```yaml +- Name: Quick + DefaultProfile: Empty + Routes: + - Route: *Route0 + Checks: + - Name: ApplicationInformationCheck + - Name: CleartextAuthenticationCheck + - Name: FrameworkDebugModeCheck + - Name: HtmlInjectionCheck + - Name: InsecureHttpMethodsCheck + - Name: JsonInjectionCheck + - Name: SensitiveInformationCheck + - Name: SessionCookieCheck + - Name: SqlInjectionCheck + - Name: TokenCheck + - Name: XmlInjectionCheck +``` + +### Turn off an Assertion for a Check + +Assertions detect vulnerabilities in tests produced by checks. Many checks support multiple Assertions such as Log Analysis, Response Analysis, and Status Code. When a vulnerability is found, the Assertion used is provided. To identify which Assertions are on by default, see the Checks default configuration in the configuration file. The section is called `Checks`. + +This example shows the SQL Injection Check: + +```yaml +- Name: SqlInjectionCheck + Configuration: + UserInjections: [] + Assertions: + - Name: LogAnalysisAssertion + - Name: ResponseAnalysisAssertion + - Name: StatusCodeAssertion +``` + +Here you can see three Assertions are on by default. A common source of false positives is +`StatusCodeAssertion`. To turn it off, modify its configuration in the `Profiles` section. This +example provides only the other two Assertions (`LogAnalysisAssertion`, +`ResponseAnalysisAssertion`). This prevents `SqlInjectionCheck` from using `StatusCodeAssertion`: + +```yaml +Profiles: + - Name: Quick + DefaultProfile: Empty + Routes: + - Route: *Route0 + Checks: + - Name: ApplicationInformationCheck + - Name: CleartextAuthenticationCheck + - Name: FrameworkDebugModeCheck + - Name: HtmlInjectionCheck + - Name: InsecureHttpMethodsCheck + - Name: JsonHijackingCheck + - Name: JsonInjectionCheck + - Name: SensitiveInformationCheck + - Name: SessionCookieCheck + - Name: SqlInjectionCheck + Assertions: + - Name: LogAnalysisAssertion + - Name: ResponseAnalysisAssertion + - Name: TokenCheck + - Name: XmlInjectionCheck +``` + +## Troubleshooting + +### Failed to start scanner session (version header not found) + +The DAST API engine outputs an error message when it cannot establish a connection with the scanner application component. The error message is shown in the job output window of the `dast_api` job. A common cause of this issue is changing the `DAST_API_API` variable from its default. + +**Error message** + +- In [GitLab 13.11 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/323939), `Failed to start scanner session (version header not found).` +- In GitLab 13.10 and earlier, `API Security version header not found. Are you sure that you are connecting to the API Security server?`. + +**Solution** + +- Remove the `DAST_API_API` variable from the `.gitlab-ci.yml` file. The value will be inherited from the DAST API CI/CD template. We recommend this method instead of manually setting a value. +- If removing the variable is not possible, check to see if this value has changed in the latest version of the [DAST API CI/CD template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/DAST-API.gitlab-ci.yml). If so, update the value in the `.gitlab-ci.yml` file. + +### Application cannot determine the base URL for the target API + +The DAST API engine outputs an error message when it cannot determine the target API after inspecting the OpenAPI document. This error message is shown when the target API has not been set in the `.gitlab-ci.yml` file, it is not available in the `environment_url.txt` file, and it could not be computed using the OpenAPI document. + +There is a order of precedence in which the DAST API engine tries to get the target API when checking the different sources. First, it will try to use the `DAST_API_TARGET_URL`. If the environment variable has not been set, then the DAST API engine will attempt to use the `environment_url.txt` file. If there is no file `environment_url.txt`, then the DAST API engine will use the OpenAPI document contents and the URL provided in `DAST_API_OPENAPI` (if a URL is provided) to try to compute the target API. + +The best-suited solution will depend on whether or not your target API changes for each deployment. In static environments, the target API is the same for each deployment, in this case please refer to the [static environment solution](#static-environment-solution). If the target API changes for each deployment a [dynamic environment solution](#dynamic-environment-solutions) should be applied. + +#### Static environment solution + +This solution is for pipelines in which the target API URL doesn't change (is static). + +**Add environmental variable** + +For environments where the target API remains the same, we recommend you specify the target URL by using the `DAST_API_TARGET_URL` environment variable. In your `.gitlab-ci.yml`, add a variable `DAST_API_TARGET_URL`. The variable must be set to the base URL of API testing target. For example: + +```yaml +include: + - template: DAST-API.gitlab-ci.yml + + variables: + DAST_API_TARGET_URL: http://test-deployment/ + DAST_API_OPENAPI: test-api-specification.json +``` + +#### Dynamic environment solutions + +In a dynamic environment your target API changes for each different deployment. In this case, there is more than one possible solution, we recommend you use the `environment_url.txt` file when dealing with dynamic environments. + +**Use environment_url.txt** + +To support dynamic environments in which the target API URL changes during each pipeline, DAST API engine supports the use of an `environment_url.txt` file that contains the URL to use. This file is not checked into the repository, instead it's created during the pipeline by the job that deploys the test target and collected as an artifact that can be used by later jobs in the pipeline. The job that creates the `environment_url.txt` file must run before the DAST API engine job. + +1. Modify the test target deployment job adding the base URL in an `environment_url.txt` file at the root of your project. +1. Modify the test target deployment job collecting the `environment_url.txt` as an artifact. + +Example: + +```yaml +deploy-test-target: + script: + # Perform deployment steps + # Create environment_url.txt (example) + - echo http://${CI_PROJECT_ID}-${CI_ENVIRONMENT_SLUG}.example.org > environment_url.txt + + artifacts: + paths: + - environment_url.txt +``` + +## Glossary + +- Assert: Assertions are detection modules used by checks to trigger a vulnerability. Many assertions have + configurations. A check can use multiple Assertions. For example, Log Analysis, Response Analysis, + and Status Code are common Assertions used together by checks. Checks with multiple Assertions + allow them to be turned on and off. +- Check: Performs a specific type of test, or performed a check for a type of vulnerability. For + example, the SQL Injection Check performs DAST testing for SQL Injection vulnerabilities. The DAST API scanner is comprised of several checks. Checks can be turned on and off in a profile. +- Profile: A configuration file has one or more testing profiles, or sub-configurations. You may + have a profile for feature branches and another with extra testing for a main branch. diff --git a/doc/user/application_security/dependency_list/index.md b/doc/user/application_security/dependency_list/index.md index 25b7615a8ae..fcefba943ad 100644 --- a/doc/user/application_security/dependency_list/index.md +++ b/doc/user/application_security/dependency_list/index.md @@ -10,10 +10,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10075) in GitLab Ultimate 12.0. Use the dependency list to review your project's dependencies and key -details about those dependencies, including their known vulnerabilities. To see the dependency list, -in your project, go to **Security & Compliance > Dependency List**. +details about those dependencies, including their known vulnerabilities. It is a collection of dependencies in your project, including existing and new findings. To see the dependency list, go to your project and select **Security & Compliance > Dependency List**. This information is sometimes referred to as a Software Bill of Materials or SBoM / BOM. +The dependency list only shows the results of the last successful pipeline to run on the default branch. This is why we recommend not changing the default behavior of allowing the secure jobs to fail. + ## Prerequisites To view your project's dependencies, ensure you meet the following requirements: diff --git a/doc/user/application_security/dependency_scanning/analyzers.md b/doc/user/application_security/dependency_scanning/analyzers.md index 53d91bfcd78..0faa33e0123 100644 --- a/doc/user/application_security/dependency_scanning/analyzers.md +++ b/doc/user/application_security/dependency_scanning/analyzers.md @@ -56,10 +56,10 @@ variables: This configuration requires that your custom registry provides images for all the official analyzers. -### Selecting specific analyzers +### Disable specific analyzers -You can select the official analyzers you want to run. Here's how to enable -`bundler-audit` and `gemnasium` while disabling all the other default ones. +You can select the official analyzers you don't want to run. Here's how to disable +`bundler-audit` and `gemnasium` analyzers. In `.gitlab-ci.yml` define: ```yaml @@ -67,26 +67,23 @@ include: template: Dependency-Scanning.gitlab-ci.yml variables: - DS_DEFAULT_ANALYZERS: "bundler-audit,gemnasium" + DS_EXCLUDED_ANALYZERS: "bundler-audit, gemnasium" ``` -`bundler-audit` runs first. When merging the reports, Dependency Scanning -removes the duplicates and keeps the `bundler-audit` entries. - ### Disabling default analyzers -Setting `DS_DEFAULT_ANALYZERS` to an empty string disables all the official -default analyzers. In `.gitlab-ci.yml` define: +Setting `DS_EXCLUDED_ANALYZERS` to a list of the official analyzers disables them. +In `.gitlab-ci.yml` define: ```yaml include: template: Dependency-Scanning.gitlab-ci.yml variables: - DS_DEFAULT_ANALYZERS: "" + DS_EXCLUDED_ANALYZERS: "gemnasium, gemansium-maven, gemnasium-python, bundler-audit, retire.js" ``` -That's needed when one totally relies on [custom analyzers](#custom-analyzers). +This is used when one totally relies on [custom analyzers](#custom-analyzers). ## Custom analyzers diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index 53387acefef..8e23db89dfd 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -77,6 +77,7 @@ The following languages and dependency managers are supported: 1. Support for [sbt](https://www.scala-sbt.org/) 1.3 and above was added in GitLab 13.9. Plans are underway for supporting the following languages, dependency managers, and dependency files. For details, see the issue link for each. +For workarounds, see the [Troubleshooting section](#troubleshooting) | Package Managers | Languages | Supported files | Scan tools | Issue | | ------------------- | --------- | --------------- | ---------- | ----- | @@ -129,7 +130,7 @@ configuration, the last mention of the variable takes precedence. ### Overriding dependency scanning jobs WARNING: -Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#onlyexcept-basic) +Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#only--except) is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. To override a job definition (for example, to change properties like `variables` or `dependencies`), @@ -168,7 +169,8 @@ The following variables allow configuration of global dependency scanning settin | CI/CD variables | Description | | ----------------------------|------------ | | `ADDITIONAL_CA_CERT_BUNDLE` | Bundle of CA certs to trust. The bundle of certificates provided here is also used by other tools during the scanning process, such as `git`, `yarn`, or `npm`. See [Using a custom SSL CA certificate authority](#using-a-custom-ssl-ca-certificate-authority) for more details. | -| `DS_DEFAULT_ANALYZERS` | Override the names of the official default images. Read more about [customizing analyzers](analyzers.md). | +| `DS_EXCLUDED_ANALYZERS` | Specify the analyzers (by name) to exclude from Dependency Scanning. For more information, see [Dependency Scanning Analyzers](analyzers.md). | +| `DS_DEFAULT_ANALYZERS` | ([**DEPRECATED - use `DS_EXCLUDED_ANALYZERS` instead**](https://gitlab.com/gitlab-org/gitlab/-/issues/287691)) Override the names of the official default images. For more information, see [Dependency Scanning Analyzers](analyzers.md). | | `DS_EXCLUDED_PATHS` | Exclude vulnerabilities from output based on the paths. A comma-separated list of patterns. Patterns can be globs, or file or folder paths (for example, `doc,spec`). Parent directories also match patterns. Default: `"spec, test, tests, tmp"`. | | `SECURE_ANALYZERS_PREFIX` | Override the name of the Docker registry providing the official default images (proxy). Read more about [customizing analyzers](analyzers.md). | | `SECURE_LOG_LEVEL` | Set the minimum logging level. Messages of this logging level or higher are output. From highest to lowest severity, the logging levels are: `fatal`, `error`, `warn`, `info`, `debug`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10880) in GitLab 13.1. Default: `info`. | @@ -227,13 +229,13 @@ Read more on [how to use private Maven repositories](../index.md#using-private-m ## Interacting with the vulnerabilities Once a vulnerability is found, you can interact with it. Read more on how to -[address the vulnerabilities](../index.md#addressing-vulnerabilities). +[address the vulnerabilities](../vulnerabilities/index.md). ## Solutions for vulnerabilities (auto-remediation) Some vulnerabilities can be fixed by applying the solution that GitLab automatically generates. Read more about the -[solutions for vulnerabilities](../index.md#apply-an-automatic-remediation-for-a-vulnerability). +[solutions for vulnerabilities](../vulnerabilities/index.md#remediate-a-vulnerability-automatically). ## Security Dashboard @@ -243,8 +245,8 @@ vulnerabilities in your groups, projects and pipelines. Read more about the ## Vulnerabilities database update -For more information about the vulnerabilities database update, check the -[maintenance table](../index.md#maintenance-and-update-of-the-vulnerabilities-database). +For more information about the vulnerabilities database update, see the +[maintenance table](../vulnerabilities/index.md#vulnerability-scanner-maintenance). ## Dependency List @@ -420,8 +422,8 @@ registry.gitlab.com/gitlab-org/security-products/analyzers/bundler-audit:2 The process for importing Docker images into a local offline Docker registry depends on **your network security policy**. Please consult your IT staff to find an accepted and approved process by which external resources can be imported or temporarily accessed. -Note that these scanners are [updated periodically](../index.md#maintenance-and-update-of-the-vulnerabilities-database) -with new definitions, so consider if you can make periodic updates yourself. +These scanners are [periodically updated](../vulnerabilities/index.md#vulnerability-scanner-maintenance) +with new definitions, and you may be able to make occasional updates on your own. For details on saving and transporting Docker images as a file, see Docker's documentation on [`docker save`](https://docs.docker.com/engine/reference/commandline/save/), [`docker load`](https://docs.docker.com/engine/reference/commandline/load/), @@ -508,7 +510,7 @@ ensure that it can reach your private repository. Here is an example configurati ## Hosting a copy of the gemnasium_db advisory database -The [gemnasium_db](https://gitlab.com/gitlab-org/security-products/gemnasium-db) Git repository is +The [`gemnasium_db`](https://gitlab.com/gitlab-org/security-products/gemnasium-db) Git repository is used by `gemnasium`, `gemnasium-maven`, and `gemnasium-python` as the source of vulnerability data. This repository updates at scan time to fetch the latest advisories. However, due to a restricted networking environment, running this update is sometimes not possible. In this case, a user can do @@ -563,11 +565,58 @@ such references: ERROR: Could not find dependencies: <dependency-name>. You may need to run npm install ``` -As a workaround, remove the [`retire.js`](analyzers.md#selecting-specific-analyzers) analyzer from -[DS_DEFAULT_ANALYZERS](#configuring-dependency-scanning). +As a workaround, add the [`retire.js`](analyzers.md) analyzer to +[`DS_EXCLUDED_ANALYZERS`](#configuring-dependency-scanning). ## Troubleshooting +### Working around missing support for certain languages or package managers + +As noted in the ["Supported languages" section](#supported-languages-and-package-managers) +some dependency definition files are not yet supported. +However, Dependency Scanning can be achieved if +the language, a package manager, or a third-party tool +can convert the definition file +into a supported format. + +Generally, the approach is the following: + +1. Define a dedicated converter job in your `.gitlab-ci.yml` file. + Use a suitable Docker image, script, or both to facilitate the conversion. +1. Let that job upload the converted, supported file as an artifact. +1. Add [`dependencies: [<your-converter-job>]`](../../../ci/yaml/README.md#dependencies) + to your `dependency_scanning` job to make use of the converted definitions files. + +For example, the currently unsupported `poetry.lock` file can be +[converted](https://python-poetry.org/docs/cli/#export) +to the supported `requirements.txt` as follows. + +```yaml +include: + - template: Dependency-Scanning.gitlab-ci.yml + +stages: + - .pre + - test + +variables: + PIP_REQUIREMENTS_FILE: "requirements-converted.txt" + +convert-poetry: + stage: .pre + image: python:3-slim + script: + - pip install poetry # Or via another method: https://python-poetry.org/docs/#installation + - poetry export --output "$PIP_REQUIREMENTS_FILE" + artifacts: + paths: + - "$PIP_REQUIREMENTS_FILE" + +dependency_scanning: + stage: test + dependencies: ["convert-poetry"] +``` + ### `Error response from daemon: error processing tar file: docker-tar: relocation error` This error occurs when the Docker version that runs the dependency scanning job is `19.03.0`. diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md index 1ba2161362c..82a018c0ae9 100644 --- a/doc/user/application_security/index.md +++ b/doc/user/application_security/index.md @@ -7,9 +7,16 @@ type: reference, howto # Application security **(ULTIMATE)** -GitLab can check your application for security vulnerabilities that may lead to unauthorized access, -data leaks, denial of services, and more. GitLab reports vulnerabilities in the merge request so you -can fix them before you merge. +GitLab can check your application for security vulnerabilities including: + +- Unauthorized access. +- Data leaks. +- Denial of service attacks. + +Statistics and details on vulnerabilities are included in the merge request. Providing +actionable information _before_ changes are merged enables you to be proactive. + +GitLab also provides high-level statistics of vulnerabilities across projects and groups: - The [Security Dashboard](security_dashboard/index.md) provides a high-level view of vulnerabilities detected in your projects, pipeline, and groups. @@ -18,50 +25,7 @@ can fix them before you merge. you can immediately begin risk analysis and remediation. <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For an overview of GitLab application security, see -[Security Deep Dive](https://www.youtube.com/watch?v=k4vEJnGYy84). - -## Quick start - -Get started quickly with Dependency Scanning, License Scanning, Static Application Security -Testing (SAST), and Secret Detection by adding the following to your [`.gitlab-ci.yml`](../../ci/yaml/README.md): - -```yaml -include: - - template: Security/Dependency-Scanning.gitlab-ci.yml - - template: Security/License-Scanning.gitlab-ci.yml - - template: Security/SAST.gitlab-ci.yml - - template: Security/Secret-Detection.gitlab-ci.yml -``` - -To add Dynamic Application Security Testing (DAST) scanning, add the following to your -`.gitlab-ci.yml` and replace `https://staging.example.com` with a staging server's web address: - -```yaml -include: - - template: Security/DAST.gitlab-ci.yml - -variables: - DAST_WEBSITE: https://staging.example.com -``` - -To ensure the DAST scanner runs *after* deploying the application to the staging server, review the [DAST full documentation](dast/index.md). - -To add Container Scanning, follow the steps listed in the [Container Scanning documentation](container_scanning/index.md#requirements). - -To further configure any of the other scanners, refer to each scanner's documentation. - -### SAST configuration - -You can set up and configure Static Application Security Testing -(SAST) for your project, without opening a text editor. For more details, -see [configure SAST in the UI](sast/index.md#configure-sast-in-the-ui). - -### Override the default registry base address - -By default, GitLab security scanners use `registry.gitlab.com/gitlab-org/security-products/analyzers` as the -base address for Docker images. You can override this globally by setting the CI/CD variable -`SECURE_ANALYZERS_PREFIX` to another location. Note that this affects all scanners at once. +For an overview of GitLab application security, see [Shifting Security Left](https://www.youtube.com/watch?v=XnYstHObqlA&t). ## Security scanning tools @@ -73,29 +37,17 @@ GitLab uses the following tools to scan and report known vulnerabilities found i | [Dependency List](dependency_list/index.md) **(ULTIMATE)** | View your project's dependencies and their known vulnerabilities. | | [Dependency Scanning](dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. | | [Dynamic Application Security Testing (DAST)](dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. | +| [DAST API](dast_api/index.md) **(ULTIMATE)** | Analyze running web APIs for known vulnerabilities. | | [API fuzzing](api_fuzzing/index.md) **(ULTIMATE)** | Find unknown bugs and vulnerabilities in web APIs with fuzzing. | | [Secret Detection](secret_detection/index.md) | Analyze Git history for leaked secrets. | | [Security Dashboard](security_dashboard/index.md) **(ULTIMATE)** | View vulnerabilities in all your projects and groups. | | [Static Application Security Testing (SAST)](sast/index.md) | Analyze source code for known vulnerabilities. | | [Coverage fuzzing](coverage_fuzzing/index.md) **(ULTIMATE)** | Find unknown bugs and vulnerabilities with coverage-guided fuzzing. | -### Use security scanning tools with Pipelines for Merge Requests - -The security scanning tools can all be added to pipelines with [templates](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates/Security). -See each tool for details on how to use include each template in your CI/CD configuration. - -By default, the application security jobs are configured to run for branch pipelines only. -To use them with [pipelines for merge requests](../../ci/merge_request_pipelines/index.md), -you may need to override the default `rules:` configuration to add: - -```yaml -rules: - - if: $CI_PIPELINE_SOURCE == "merge_request_event" -``` +## Security scanning with Auto DevOps -## Security Scanning with Auto DevOps - -When [Auto DevOps](../../topics/autodevops/) is enabled, all GitLab Security scanning tools are configured using default settings. +To enable all GitLab Security scanning tools, with default settings, enable +[Auto DevOps](../../topics/autodevops/): - [Auto SAST](../../topics/autodevops/stages.md#auto-sast) - [Auto Secret Detection](../../topics/autodevops/stages.md#auto-secret-detection) @@ -106,170 +58,125 @@ When [Auto DevOps](../../topics/autodevops/) is enabled, all GitLab Security sca While you cannot directly customize Auto DevOps, you can [include the Auto DevOps template in your project's `.gitlab-ci.yml` file](../../topics/autodevops/customize.md#customizing-gitlab-ciyml). -## Maintenance and update of the vulnerabilities database - -The scanning tools and vulnerabilities database are updated regularly. +## Security scanning without Auto DevOps -| Secure scanning tool | Vulnerabilities database updates | -|:-------------------------------------------------------------|-------------------------------------------| -| [Container Scanning](container_scanning/index.md) | Uses `clair`. The latest `clair-db` version is used for each job by running the [`latest` Docker image tag](https://gitlab.com/gitlab-org/gitlab/blob/438a0a56dc0882f22bdd82e700554525f552d91b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml#L37). The `clair-db` database [is updated daily according to the author](https://github.com/arminc/clair-local-scan#clair-server-or-local). | -| [Dependency Scanning](dependency_scanning/index.md) | Relies on `bundler-audit` (for Ruby gems), `retire.js` (for npm packages), and `gemnasium` (the GitLab tool for all libraries). Both `bundler-audit` and `retire.js` fetch their vulnerabilities data from GitHub repositories, so vulnerabilities added to `ruby-advisory-db` and `retire.js` are immediately available. The tools themselves are updated once per month if there's a new version. The [Gemnasium DB](https://gitlab.com/gitlab-org/security-products/gemnasium-db) is updated at least once a week. See our [current measurement of time from CVE being issued to our product being updated](https://about.gitlab.com/handbook/engineering/development/performance-indicators/#cve-issue-to-update). | -| [Dynamic Application Security Testing (DAST)](dast/index.md) | The scanning engine is updated on a periodic basis. See the [version of the underlying tool `zaproxy`](https://gitlab.com/gitlab-org/security-products/dast/blob/master/Dockerfile#L1). The scanning rules are downloaded at scan runtime. | -| [Static Application Security Testing (SAST)](sast/index.md) | Relies exclusively on [the tools GitLab wraps](sast/index.md#supported-languages-and-frameworks). The underlying analyzers are updated at least once per month if a relevant update is available. The vulnerabilities database is updated by the upstream tools. | +To enable all GitLab security scanning tools, with the option of customizing settings, add the +GitLab CI/CD templates to your `.gitlab-ci.yml` file. -Currently, you do not have to update GitLab to benefit from the latest vulnerabilities definitions. -The security tools are released as Docker images. The vendored job definitions that enable them use -major release tags according to [Semantic Versioning](https://semver.org/). Each new release of the -tools overrides these tags. -The Docker images are updated to match the previous GitLab releases, so users automatically get the -latest versions of the scanning tools without having to do anything. There are some known issues -with this approach, however, and there is a -[plan to resolve them](https://gitlab.com/gitlab-org/gitlab/-/issues/9725). - -## View security scan information in merge requests **(FREE)** +To enable Static Application Security Testing, Dependency Scanning, License Scanning, and Secret +Detection, add: -> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4393) in GitLab Free 13.5. -> - Made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/273205) in 13.6. -> - Report download dropdown [added](https://gitlab.com/gitlab-org/gitlab/-/issues/273418) in 13.7. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/249550) in GitLab 13.9. - -Merge requests which have run security scans let you know that the generated -reports are available to download. To download a report, click on the -**Download results** dropdown, and select the desired report. - - - -## View details of a DAST vulnerability - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/36332) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.1. +```yaml +include: + - template: Security/Dependency-Scanning.gitlab-ci.yml + - template: Security/License-Scanning.gitlab-ci.yml + - template: Security/SAST.gitlab-ci.yml + - template: Security/Secret-Detection.gitlab-ci.yml +``` -Vulnerabilities detected by DAST occur in the live web application. Rectification of these types of -vulnerabilities requires specific information. DAST provides the information required to -investigate and rectify the underlying cause. +To enable Dynamic Application Security Testing (DAST) scanning, add the following to your +`.gitlab-ci.yml`. Replace `https://staging.example.com` with a staging server's web address: -To view details of DAST vulnerabilities: +```yaml +include: + - template: Security/DAST.gitlab-ci.yml -1. To see all vulnerabilities detected: - - In a project, go to the project's **{shield}** **Security & Compliance** page. - - Only in a merge request, go the merge request's **Security** tab. +variables: + DAST_WEBSITE: https://staging.example.com +``` -1. Select the vulnerability's description. The following details are provided: +For more details about each of the security scanning tools, see their respective +[documentation sections](#security-scanning-tools). -| Field | Description | -|:-----------------|:------------------------------------------------------------------ | -| Description | Description of the vulnerability. | -| Project | Namespace and project in which the vulnerability was detected. | -| Method | HTTP method used to detect the vulnerability. | -| URL | URL at which the vulnerability was detected. | -| Request Headers | Headers of the request. | -| Response Status | Response status received from the application. | -| Response Headers | Headers of the response received from the application. | -| Evidence | Evidence of the data found that verified the vulnerability. Often a snippet of the request or response, this can be used to help verify that the finding is a vulnerability. | -| Identifiers | Identifiers of the vulnerability. | -| Severity | Severity of the vulnerability. | -| Scanner Type | Type of vulnerability report. | -| Links | Links to further details of the detected vulnerability. | -| Solution | Details of a recommended solution to the vulnerability (optional). | +### Override the default registry base address -### Hide sensitive information in headers +By default, GitLab security scanners use `registry.gitlab.com/gitlab-org/security-products/analyzers` as the +base address for Docker images. You can override this globally by setting the CI/CD variable +`SECURE_ANALYZERS_PREFIX` to another location. Note that this affects all scanners at once. -HTTP request and response headers may contain sensitive information, including cookies and -authorization credentials. By default, content of specific headers are masked in DAST vulnerability -reports. You can specify the list of all headers to be masked. For details, see -[Hide sensitive information](dast/index.md#hide-sensitive-information). +### Use security scanning tools with Pipelines for Merge Requests -## Addressing vulnerabilities +By default, the application security jobs are configured to run for branch pipelines only. +To use them with [pipelines for merge requests](../../ci/merge_request_pipelines/index.md), +you may need to override the default `rules:` configuration to add: -> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 10.8. +```yaml +rules: + - if: $CI_PIPELINE_SOURCE == "merge_request_event" +``` -For each security vulnerability in a merge request or [Vulnerability Report](vulnerability_report/index.md), -you can: +## Default behavior of GitLab security scanning tools -- [Dismiss the vulnerability](#dismiss-a-vulnerability). -- Create a [confidential](../project/issues/confidential_issues.md) - [issue](vulnerabilities/index.md#create-a-gitlab-issue-for-a-vulnerability). -- Apply an [automatically remediation](#apply-an-automatic-remediation-for-a-vulnerability). +### Secure jobs in your pipeline -### Dismiss a vulnerability +If you add the security scanning jobs as described in [Security scanning with Auto DevOps](#security-scanning-with-auto-devops) or [Security scanning without Auto DevOps](#security-scanning-without-auto-devops) to your `.gitlab-ci.yml` each added [security scanning tool](#security-scanning-tools) behave as described below. -> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0, a dismissal reason. +For each compatible analyzer, a job is created in the `test`, `dast` or `fuzz` stage of your pipeline and runs on the next new branch pipeline. Features such as the [Security Dashboard](security_dashboard/index.md), [Vulnerability Report](vulnerability_report/index.md), and [Dependency List](dependency_list/index.md) that rely on this scan data only show results from pipelines on the default branch. Please note that one tool may use many analyzers. -You can dismiss a vulnerability for the entire project. +Our language and package manager specific jobs attempt to assess which analyzer(s) they should run for your project so that you can do less configuration. -1. Select the vulnerability in the Security Dashboard. -1. In the top-right, from the **Status** selector menu, select **Dismissed**. -1. Optional. Add a reason for the dismissal and select **Save comment**. +If you want to override this to increase the pipeline speed you may choose which analyzers to exclude if you know they are not applicable (languages or package managers not contained in your project) by following variable customization directions for that specific tool. -To undo this action, select a different status from the same menu. +### Secure job status -#### Dismiss multiple vulnerabilities +Jobs pass if they are able to complete a scan. A _pass_ result does NOT indicate if they did, or did not, identify findings. The only exception is coverage fuzzing, which fails if it identifies findings. -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35816) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.9. +Jobs fail if they are unable to complete a scan. You can view the pipeline logs for more information. -You can dismiss multiple vulnerabilities at once. +All jobs are permitted to fail by default. This means that if they fail it do not fail the pipeline. -1. In the list of vulnerabilities, select the checkbox for each vulnerability you want to dismiss. - To select all, select the checkbox in the table header. -1. Above the table, select a dismissal reason. -1. Select **Dismiss Selected**. +If you want to prevent vulnerabilities from being merged, you should do this by adding [Security Approvals in Merge Requests](#security-approvals-in-merge-requests) which prevents unknown, high or critical findings from being merged without an approval from a specific group of people that you choose. -### Create an issue for a vulnerability +We do not recommend changing the job [`allow_failure` setting](../../ci/yaml/README.md#allow_failure) as that fails the entire pipeline. -You can create a GitLab or Jira issue for a vulnerability. For details, see [Vulnerability Pages](vulnerabilities/index.md). +### JSON Artifact -#### Link to an existing issue +The artifact generated by the secure analyzer contains all findings it discovers on the target branch, regardless of whether they were previously found, dismissed, or completely new (it puts in everything that it finds). -If you already have an open issue, you can link to it from the vulnerability. +## View security scan information in merge requests **(FREE)** -- The vulnerability page shows related issues, but the issue page doesn't show the vulnerability it's related to. -- An issue can only be related to one vulnerability at a time. -- Issues can be linked across groups and projects. +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4393) in GitLab Free 13.5. +> - Made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/273205) in 13.6. +> - Report download dropdown [added](https://gitlab.com/gitlab-org/gitlab/-/issues/273418) in 13.7. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/249550) in GitLab 13.9. -To link to an existing issue: +### All tiers -1. Open the vulnerability. -1. [Add a linked issue](../project/issues/related_issues.md). +Merge requests which have run security scans let you know that the generated +reports are available to download. To download a report, click on the +**Download results** dropdown, and select the desired report. -### Apply an automatic remediation for a vulnerability + -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5656) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.7. +### Ultimate -Some vulnerabilities can be fixed by applying the solution that GitLab automatically generates. -The following scanners are supported: +A merge request contains a security widget which displays a summary of the NEW results. New results are determined by comparing the current findings against existing findings in the target (default) branch (if there are prior findings). -- [Dependency Scanning](dependency_scanning/index.md). - Automatic Patch creation is only available for Node.js projects managed with - `yarn`. -- [Container Scanning](container_scanning/index.md). +We recommended you run a scan of the `default` branch before enabling feature branch scans for your developers. Otherwise, there is no base for comparison and all feature branches display the full scan results in the merge request security widget. -#### Manually apply the suggested patch +The merge request security widget displays only a subset of the vulnerabilities in the generated JSON artifact because it contains both NEW and EXISTING findings. -To manually apply the patch that GitLab generated for a vulnerability: +From the merge request security widget, select **Expand** to unfold the widget, displaying any new and no longer detected (removed) findings by scan type. Select **View Full Report** to go directly to the **Security** tab in the latest branch pipeline. -1. Select the **Resolve with merge request** dropdown, then select **Download patch to resolve**: +## View security scan information in the pipeline Security tab -  +A pipeline's security tab lists all findings in the current branch. It includes new findings introduced by this branch and existing vulnerabilities that were already present when the branch was created. These results likely do not match the findings displayed in the Merge Request security widget as those do not include the existing vulnerabilities (with the exception of showing any existing vulnerabilities that are no longer detected in the feature branch). -1. Ensure your local project has the same commit checked out that was used to generate the patch. -1. Run `git apply remediation.patch`. -1. Verify and commit the changes to your branch. +For more details, see [security tab](security_dashboard/index.md#pipeline-security). -#### Create a merge request with the suggested patch +## View security scan information in the Security Dashboard -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9224) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.9. +The Security Dashboard show vulnerabilities present in a project's default branch. Data is updated every 24 hours. Vulnerability count updates resulting from any feature branches introducing new vulnerabilities that are merged to default are included after the daily data refresh. -In some cases, you can create a merge request that automatically remediates the -vulnerability. Any vulnerability that has a -[solution](#apply-an-automatic-remediation-for-a-vulnerability) can have a merge -request created to automatically solve the issue. +For more details, see [Security Dashboard](security_dashboard/index.md). -If this action is available: +## View security scan information in the Vulnerability Report -1. Select the **Resolve with merge request** dropdown, then select **Resolve with merge request**. +The vulnerability report shows the results of the last completed pipeline on the default branch. It is updated on every pipeline completion. All detected vulnerabilities are shown as well as any previous ones that are no longer detected in the latest scan. Vulnerabilities that are no longer detected may have been remediated or otherwise removed and can be marked as `Resolved` after proper verification. Vulnerabilities that are no longer detected are denoted with an icon for filtering and review. -  +By default, the vulnerability report does not show vulnerabilities of `dismissed` or `resolved` status so you can focus on open vulnerabilities. You can change the Status filter to see these. -A merge request is created. It that applies the solution to the source branch. +[Read more about the Vulnerability report](vulnerability_report/index.md). ## Security approvals in merge requests @@ -297,7 +204,7 @@ rating. ### Enabling Security Approvals within a project -To enable the `Vulnerability-Check` or `License-Check` Security Approvals, a [project approval rule](../project/merge_requests/merge_request_approvals.md#adding--editing-a-default-approval-rule) +To enable the `Vulnerability-Check` or `License-Check` Security Approvals, a [project approval rule](../project/merge_requests/approvals/rules.md#add-an-approval-rule) must be created. A [security scanner job](#security-scanning-tools) must be enabled for `Vulnerability-Check`, and a [license scanning](../compliance/license_compliance/index.md#configuration) job must be enabled for `License-Check`. When the proper jobs aren't configured, the following @@ -412,6 +319,70 @@ You can do it quickly by following the hyperlink given to run a new pipeline.  +## DAST On-Demand Scans + +If you don’t want scans running in your normal DevOps process you can use on-demand scans instead. For more details, see [on-demand scans](dast/index.md#on-demand-scans). This feature is only available for DAST. If you run an on-demand scan against the default branch, it is reported as a "successful pipeline" and these results are included in the security dashboard and vulnerability report. + +## Security report validation + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321918) in GitLab 13.11. + +As of GitLab 13.11, we've introduced the **optional** validation of the security report artifacts based on the +[report schemas](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/tree/master/dist). +If you enable validation, GitLab validates the report artifacts before ingesting the vulnerabilities. +This prevents ingesting broken vulnerability data into the database. + +### Enable security report validation + +To enable report artifacts validation, set the `VALIDATE_SCHEMA` environment variable to `"true"` for the jobs in the `.gitlab-ci.yml` file. + +For example, the configuration below enables validation for only the `sast` job: + + ```yaml + include: + - template: Security/Dependency-Scanning.gitlab-ci.yml + - template: Security/License-Scanning.gitlab-ci.yml + - template: Security/SAST.gitlab-ci.yml + - template: Security/Secret-Detection.gitlab-ci.yml + + stages: + - security-scan + + dependency_scanning: + stage: security-scan + + license_scanning: + stage: security-scan + + sast: + stage: security-scan + variables: + VALIDATE_SCHEMA: "true" + + .secret-analyzer: + stage: security-scan + ``` + +## Interacting with findings and vulnerabilities + +There are a variety of locations and ways to interact with the results of the security scanning tools: + +- [Scan information in merge requests](#view-security-scan-information-in-merge-requests) +- [Project Security Dashboard](security_dashboard/#project-security-dashboard) +- [Security pipeline tab](security_dashboard/#pipeline-security) +- [Group Security Dashboard](security_dashboard/#group-security-dashboard) +- [Security Center](security_dashboard/#security-center) +- [Vulnerability Report](vulnerability_report/index.md) +- [Vulnerability Pages](vulnerabilities/index.md) +- [Dependency List](dependency_list/index.md) + +For more details about which findings or vulnerabilities you can view in each of those locations, select the respective link. Each page details the ways in which you can interact with the findings and vulnerabilities. As an example, in most cases findings start out as _detected_ status. You have the option to: + +- Change the status. +- Create an issue. +- Link it to an existing issue. +- In some cases, [apply an automatic remediation for a vulnerability](vulnerabilities/index.md#remediate-a-vulnerability-automatically). + ## Troubleshooting ### Getting error message `sast job: stage parameter should be [some stage name here]` @@ -480,7 +451,7 @@ Found errors in your .gitlab-ci.yml: ``` This error appears when the included job's `rules` configuration has been [overridden](sast/index.md#overriding-sast-jobs) -with [the deprecated `only` or `except` syntax.](../../ci/yaml/README.md#onlyexcept-basic) +with [the deprecated `only` or `except` syntax.](../../ci/yaml/README.md#only--except) To fix this issue, you must either: - [Transition your `only/except` syntax to `rules`](#transitioning-your-onlyexcept-syntax-to-rules). @@ -491,7 +462,7 @@ To fix this issue, you must either: #### Transitioning your `only/except` syntax to `rules` When overriding the template to control job execution, previous instances of -[`only` or `except`](../../ci/yaml/README.md#onlyexcept-basic) are no longer compatible +[`only` or `except`](../../ci/yaml/README.md#only--except) are no longer compatible and must be transitioned to [the `rules` syntax](../../ci/yaml/README.md#rules). If your override is aimed at limiting jobs to only run on `master`, the previous syntax diff --git a/doc/user/application_security/offline_deployments/index.md b/doc/user/application_security/offline_deployments/index.md index 7c013a2a9de..c9c65e94b32 100644 --- a/doc/user/application_security/offline_deployments/index.md +++ b/doc/user/application_security/offline_deployments/index.md @@ -59,14 +59,14 @@ mirroring the packages inside your own offline network. ### Interacting with the vulnerabilities Once a vulnerability is found, you can interact with it. Read more on how to -[address the vulnerabilities](../index.md#addressing-vulnerabilities). +[address the vulnerabilities](../vulnerabilities/index.md). Please note that in some cases the reported vulnerabilities provide metadata that can contain external links exposed in the UI. These links might not be accessible within an offline environment. ### Automatic remediation for vulnerabilities -The [automatic remediation for vulnerabilities](../index.md#apply-an-automatic-remediation-for-a-vulnerability) feature is available for offline Dependency Scanning and Container Scanning, but may not work +The [automatic remediation for vulnerabilities](../vulnerabilities/index.md#remediate-a-vulnerability-automatically) feature is available for offline Dependency Scanning and Container Scanning, but may not work depending on your instance's configuration. We can only suggest solutions, which are generally more current versions that have been patched, when we are able to access up-to-date registry services hosting the latest versions of that dependency or image. diff --git a/doc/user/application_security/policies/index.md b/doc/user/application_security/policies/index.md index 208fbdfa5f3..92f0d6924b3 100644 --- a/doc/user/application_security/policies/index.md +++ b/doc/user/application_security/policies/index.md @@ -66,7 +66,8 @@ scan_execution_policy: enabled: true rules: - type: pipeline - branch: master + branches: + - master actions: - scan: dast scanner_profile: Scanner Profile A @@ -76,7 +77,8 @@ scan_execution_policy: enabled: true rules: - type: pipeline - branch: main + branches: + - main actions: - scan: dast scanner_profile: Scanner Profile C @@ -108,7 +110,17 @@ This rule enforces the defined actions whenever the pipeline runs for a selected | Field | Type | Possible values | Description | |-------|------|-----------------|-------------| | `type` | `string` | `pipeline` | The rule's type. | -| `branch` | `string` | `*` or the branch's name | The branch the given policy applies to (supports wildcard). | +| `branches` | `array` of `string` | `*` or the branch's name | The branch the given policy applies to (supports wildcard). | + +### `schedule` rule type + +This rule enforces the defined actions and schedules a scan on the provided date/time. + +| Field | Type | Possible values | Description | +|------------|------|-----------------|-------------| +| `type` | `string` | `schedule` | The rule's type. | +| `branches` | `array` of `string` | `*` or the branch's name | The branch the given policy applies to (supports wildcard). | +| `cadence` | `string` | CRON expression (for example, `0 0 * * *`) | A whitespace-separated string containing five fields that represents the scheduled time. | ### `scan` action type @@ -129,6 +141,9 @@ Note the following: - Once you associate the site profile and scanner profile by name in the policy, it is not possible to modify or delete them. If you want to modify them, you must first disable the policy by setting the `active` flag to `false`. +- When configuring policies with a scheduled DAST scan, the author of the commit in the security + policy project's repository must have access to the scanner and site profiles. Otherwise, the scan + is not scheduled successfully. Here's an example: @@ -140,17 +155,20 @@ scan_execution_policy: enabled: true rules: - type: pipeline - branch: release/* + branches: + - release/* actions: - scan: dast scanner_profile: Scanner Profile A site_profile: Site Profile B -- name: Enforce DAST in every pipeline in main branch - description: This policy enforces pipeline configuration to have a job with DAST scan for main branch +- name: Enforce DAST scan every 10 minutes + description: This policy enforces a DAST scan to run every 10 minutes enabled: true rules: - - type: pipeline - branch: main + - type: schedule + branches: + - main + cadence: */10 * * * * actions: - scan: dast scanner_profile: Scanner Profile C @@ -160,11 +178,7 @@ scan_execution_policy: In this example, the DAST scan runs with the scanner profile `Scanner Profile A` and the site profile `Site Profile B` for every pipeline executed on branches that match the `release/*` wildcard (for example, branch name `release/v1.2.1`); and the DAST scan runs with -the scanner profile `Scanner Profile C` and the site profile `Site Profile D` for every pipeline executed on `main` branch. - -NOTE: -All scanner and site profiles must be configured and created for each project that is assigned to the selected Security Policy Project. -If they are not created, the job will fail with the error message. +the scanner profile `Scanner Profile C` and the site profile `Site Profile D` every 10 minutes. ## Security Policy project selection diff --git a/doc/user/application_security/sast/analyzers.md b/doc/user/application_security/sast/analyzers.md index c085dafac12..0e69f3b68eb 100644 --- a/doc/user/application_security/sast/analyzers.md +++ b/doc/user/application_security/sast/analyzers.md @@ -45,7 +45,7 @@ GitLab, but users can also integrate their own **custom images**. ## SAST analyzer features -For an analyzer to be considered Generally Available, it is expected to minimally +For an analyzer to be considered Generally Available, it is expected to minimally support the following features: - [Customizable configuration](index.md#available-variables) diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index cbd05f6267e..886726d5d67 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -134,16 +134,16 @@ All open source (OSS) analyzers have been moved to the GitLab Free tier as of Gi Different features are available in different [GitLab tiers](https://about.gitlab.com/pricing/), as shown in the following table: -| Capability | In Free | In Ultimate | -|:-------------------------------------------------------------------------------------------------------------|:--------------------|:-------------------| -| [Configure SAST Scanners](#configuration) | **{check-circle}** | **{check-circle}** | -| [Customize SAST Settings](#customizing-the-sast-settings) | **{check-circle}** | **{check-circle}** | -| View [JSON Report](#reports-json-format) | **{check-circle}** | **{check-circle}** | -| Presentation of JSON Report in Merge Request | **{dotted-circle}** | **{check-circle}** | -| [Address vulnerabilities](../../application_security/index.md#addressing-vulnerabilities) | **{dotted-circle}** | **{check-circle}** | -| [Access to Security Dashboard](../../application_security/security_dashboard/index.md) | **{dotted-circle}** | **{check-circle}** | -| [Configure SAST in the UI](#configure-sast-in-the-ui) | **{dotted-circle}** | **{check-circle}** | -| [Customize SAST Rulesets](#customize-rulesets) | **{dotted-circle}** | **{check-circle}** | +| Capability | In Free | In Ultimate | +|:---------------------------------------------------------------------------------------|:--------------------|:-------------------| +| [Configure SAST Scanners](#configuration) | **{check-circle}** | **{check-circle}** | +| [Customize SAST Settings](#customizing-the-sast-settings) | **{check-circle}** | **{check-circle}** | +| View [JSON Report](#reports-json-format) | **{check-circle}** | **{check-circle}** | +| Presentation of JSON Report in Merge Request | **{dotted-circle}** | **{check-circle}** | +| [Address vulnerabilities](../../application_security/vulnerabilities/index.md) | **{dotted-circle}** | **{check-circle}** | +| [Access to Security Dashboard](../../application_security/security_dashboard/index.md) | **{dotted-circle}** | **{check-circle}** | +| [Configure SAST in the UI](#configure-sast-in-the-ui) | **{dotted-circle}** | **{check-circle}** | +| [Customize SAST Rulesets](#customize-rulesets) | **{dotted-circle}** | **{check-circle}** | ## Contribute your scanner @@ -222,7 +222,7 @@ the pipeline configuration, the last mention of the variable takes precedence. ### Overriding SAST jobs WARNING: -Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#onlyexcept-basic) +Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#only--except) is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. To override a job definition, (for example, change properties like `variables` or `dependencies`), @@ -247,8 +247,8 @@ You can customize the default scanning rules provided by our SAST analyzers. Ruleset customization supports two capabilities: -1. Disabling predefined rules -1. Modifying the default behavior of a given analyzer +1. Disabling predefined rules (available for all analyzers). +1. Modifying the default behavior of a given analyzer (only available for `nodejs-scan` and `gosec`). These capabilities can be used simultaneously. @@ -464,7 +464,7 @@ Some analyzers make it possible to filter out vulnerabilities under a given thre | CI/CD variable | Default value | Description | |------------------------------|--------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `SAST_EXCLUDED_PATHS` | `spec, test, tests, tmp` | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs, or file or folder paths (for example, `doc,spec` ). Parent directories also match patterns. You might need to exclude temporary directories used by your build tool as these can generate false positives. | +| `SAST_EXCLUDED_PATHS` | `spec, test, tests, tmp` | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs, or file or folder paths (for example, `doc,spec`). Parent directories also match patterns. You might need to exclude temporary directories used by your build tool as these can generate false positives. To exclude paths, copy and paste the default excluded paths, then **add** your own paths to be excluded. If you don't specify the default excluded paths, you will override the defaults and _only_ paths you specify will be excluded from the SAST scans. | | `SEARCH_MAX_DEPTH` | 4 | SAST searches the repository to detect the programming languages used, and selects the matching analyzers. Set the value of `SEARCH_MAX_DEPTH` to specify how many directory levels the search phase should span. After the analyzers have been selected, the _entire_ repository is analyzed. | | `SAST_BANDIT_EXCLUDED_PATHS` | | Comma-separated list of paths to exclude from scan. Uses Python's [`fnmatch` syntax](https://docs.python.org/2/library/fnmatch.html); For example: `'*/tests/*, */venv/*'` | | `SAST_BRAKEMAN_LEVEL` | 1 | Ignore Brakeman vulnerabilities under given confidence level. Integer, 1=Low 3=High. | @@ -517,7 +517,6 @@ removed, or promoted to regular features at any time. Experimental features available are: - Enable scanning of iOS and Android apps using the [MobSF analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/mobsf/). -- Enable the [semgrep analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep/). #### Enable experimental features @@ -652,14 +651,15 @@ registry.gitlab.com/gitlab-org/security-products/analyzers/nodejs-scan:2 registry.gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit:2 registry.gitlab.com/gitlab-org/security-products/analyzers/pmd-apex:2 registry.gitlab.com/gitlab-org/security-products/analyzers/security-code-scan:2 +registry.gitlab.com/gitlab-org/security-products/analyzers/semgrep:2 registry.gitlab.com/gitlab-org/security-products/analyzers/sobelow:2 registry.gitlab.com/gitlab-org/security-products/analyzers/spotbugs:2 ``` The process for importing Docker images into a local offline Docker registry depends on **your network security policy**. Please consult your IT staff to find an accepted and approved -process by which external resources can be imported or temporarily accessed. Note that these scanners are [updated periodically](../index.md#maintenance-and-update-of-the-vulnerabilities-database) -with new definitions, so consider if you're able to make periodic updates yourself. +process by which external resources can be imported or temporarily accessed. These scanners are [periodically updated](../vulnerabilities/index.md#vulnerability-scanner-maintenance) +with new definitions, and you may be able to make occasional updates on your own. For details on saving and transporting Docker images as a file, see Docker's documentation on [`docker save`](https://docs.docker.com/engine/reference/commandline/save/), [`docker load`](https://docs.docker.com/engine/reference/commandline/load/), @@ -681,7 +681,7 @@ Support for custom certificate authorities was introduced in the following versi | `phpcs-security-audit` | [v2.8.2](https://gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit/-/releases/v2.8.2) | | `pmd-apex` | [v2.1.0](https://gitlab.com/gitlab-org/security-products/analyzers/pmd-apex/-/releases/v2.1.0) | | `security-code-scan` | [v2.7.3](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan/-/releases/v2.7.3) | -| `semgrep` | [v0.0.1](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan/-/releases/v0.0.1) | +| `semgrep` | [v0.0.1](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep/-/releases/v0.0.1) | | `sobelow` | [v2.2.0](https://gitlab.com/gitlab-org/security-products/analyzers/sobelow/-/releases/v2.2.0) | | `spotbugs` | [v2.7.1](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs/-/releases/v2.7.1) | @@ -710,7 +710,7 @@ documentation for instructions. ## Running SAST in SELinux -By default SAST analyzers are supported in GitLab instances hosted on SELinux. Adding a `before_script` in an [overriden SAST job](#overriding-sast-jobs) may not work as runners hosted on SELinux have restricted permissions. +By default SAST analyzers are supported in GitLab instances hosted on SELinux. Adding a `before_script` in an [overridden SAST job](#overriding-sast-jobs) may not work as runners hosted on SELinux have restricted permissions. ## Troubleshooting diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md index f137ec26114..02d117b1c0a 100644 --- a/doc/user/application_security/secret_detection/index.md +++ b/doc/user/application_security/secret_detection/index.md @@ -118,7 +118,7 @@ To enable Secret Detection for GitLab 13.1 and later, you must include the `Secret-Detection.gitlab-ci.yml` template that's provided as a part of your GitLab installation. For GitLab versions earlier than 11.9, you can copy and use the job as defined in that template. -Add the following to your `.gitlab-ci.yml` file: +Ensure your `.gitlab-ci.yml` file has a `stage` called `test`, and add the following to your `.gitlab-ci.yml` file: ```yaml include: @@ -133,6 +133,31 @@ The results are saved as a that you can later download and analyze. Due to implementation limitations, we always take the latest Secret Detection artifact available. +### Enable Secret Detection via an automatic merge request **(ULTIMATE SELF)** + +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4496) in GitLab 13.11. +> - [Deployed behind a feature flag](../../../user/feature_flags.md), enabled by default. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-configure-secret-detection-via-a-merge-request). **(ULTIMATE SELF)** + +WARNING: +This feature might not be available to you. Check the **version history** note above for details. + +There can be +[risks when disabling released features](../../../user/feature_flags.md#risks-when-disabling-released-features). +Refer to this feature's version history for more details. + +To enable Secret Detection in a project, you can create a merge request +from the Security Configuration page. + +1. In the project where you want to enable Secret Detection, go to + **Security & Compliance > Configuration**. +1. In the **Secret Detection** row, select **Configure via Merge Request**. + +This automatically creates a merge request with the changes necessary to enable Secret Detection +that you can review and merge to complete the configuration. + ### Customizing settings The Secret Detection scan settings can be changed through [CI/CD variables](#available-variables) @@ -144,7 +169,7 @@ declare a job with the same name as the SAST job to override. Place this new job inclusion and specify any additional keys under it. WARNING: -Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#onlyexcept-basic) +Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#only--except) is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. #### GIT_DEPTH @@ -316,8 +341,8 @@ registry.gitlab.com/gitlab-org/security-products/analyzers/secrets:3 The process for importing Docker images into a local offline Docker registry depends on **your network security policy**. Please consult your IT staff to find an accepted and approved -process by which external resources can be imported or temporarily accessed. Note that these scanners are [updated periodically](../index.md#maintenance-and-update-of-the-vulnerabilities-database) -with new definitions, so consider if you're able to make periodic updates yourself. +process by which external resources can be imported or temporarily accessed. These scanners are [periodically updated](../vulnerabilities/index.md#vulnerability-scanner-maintenance) +with new definitions, and you may be able to make occasional updates on your own. For details on saving and transporting Docker images as a file, see Docker's documentation on [`docker save`](https://docs.docker.com/engine/reference/commandline/save/), [`docker load`](https://docs.docker.com/engine/reference/commandline/load/), @@ -380,3 +405,22 @@ secret_detection: variables: GIT_DEPTH: 100 ``` + +### Enable or disable Configure Secret Detection via a Merge Request + +Configure Secret Detection via a Merge Request is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to disable it. + +To enable it: + +```ruby +Feature.enable(:sec_secret_detection_ui_enable) +``` + +To disable it: + +```ruby +Feature.disable(:sec_secret_detection_ui_enable) +``` diff --git a/doc/user/application_security/security_dashboard/img/pipeline_security_dashboard_v13_3.png b/doc/user/application_security/security_dashboard/img/pipeline_security_dashboard_v13_3.png Binary files differdeleted file mode 100644 index c89179e739d..00000000000 --- a/doc/user/application_security/security_dashboard/img/pipeline_security_dashboard_v13_3.png +++ /dev/null diff --git a/doc/user/application_security/security_dashboard/img/security_center_dashboard_link_v12_4.png b/doc/user/application_security/security_dashboard/img/security_center_dashboard_link_v12_4.png Binary files differdeleted file mode 100644 index e0e80810b08..00000000000 --- a/doc/user/application_security/security_dashboard/img/security_center_dashboard_link_v12_4.png +++ /dev/null diff --git a/doc/user/application_security/security_dashboard/img/security_center_settings_v13_4.png b/doc/user/application_security/security_dashboard/img/security_center_settings_v13_4.png Binary files differindex 4223494c294..74592e2cea5 100644 --- a/doc/user/application_security/security_dashboard/img/security_center_settings_v13_4.png +++ b/doc/user/application_security/security_dashboard/img/security_center_settings_v13_4.png diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md index 326c88f9eef..f0b3d895df5 100644 --- a/doc/user/application_security/security_dashboard/index.md +++ b/doc/user/application_security/security_dashboard/index.md @@ -73,18 +73,31 @@ CSV file containing details of the resources scanned. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/235558) in GitLab 13.6. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/285476) in GitLab 13.10, options to zoom in on a date range, and download the vulnerabilities chart. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/285477) in GitLab 13.11, date range slider to visualise data between given dates. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/285477) in GitLab 13.11, date range slider to visualize data between given dates. -At the project level, the Security Dashboard displays a chart with the number of vulnerabilities over time. -Access it by navigating to **Security & Compliance > Security Dashboard**. We display historical -data up to 365 days. The chart's data is updated daily. +A project's Security Dashboard displays a chart with the total number of vulnerabilities +over time. It updates daily with up to 365 days of historical data. By default, +it shows statistics for all vulnerability severities. + +To access the dashboard, from your project's home page go to **Security & Compliance > Security Dashboard**.  -Filter the historical data by clicking on the corresponding legend name. The image above, for example, shows -only the graph for vulnerabilities with **high** severity. +### Filter the vulnerabilities chart + +To filter the chart by vulnerability severity, select the corresponding legend name. + +In the previous example, the chart shows statistics only for vulnerabilities of medium or unknown severity. + +### Customize vulnerabilities chart display -To zoom in, select the left-most icon, then select the desired rangeby dragging across the chart. Select **Remove Selection** (**{redo}**) to reset to the original date range. +To customize the view of the vulnerability chart, you can select: + +- A specific time frame by using the time range handles (**{scroll-handle}**). +- A specific area of the chart by using the left-most icon (**{marquee-selection}**) then drag + across the chart. To reset to the original range, select **Remove Selection** (**{redo}**). + +### Download a copy of the vulnerabilities chart To download an SVG image of the chart, select **Save chart to an image** (**{download}**). @@ -137,10 +150,8 @@ the following:  -You can access the Security Center from the menu -bar at the top of the page. Under **More**, select **Security**. - - +To view the Security Center, from the navigation bar at the top of the page, select +**More > Security**. ### Adding projects to the Security Center @@ -198,4 +209,4 @@ Each scenario can be a third-level heading, e.g. `### Getting error message X`. If you have none to add when creating a doc, leave this section in place but commented out to help encourage others to add to it in the future. --> -Read more on how to [address the vulnerabilities](../index.md#addressing-vulnerabilities). +Read more on how to [address the vulnerabilities](../vulnerabilities/index.md). diff --git a/doc/user/application_security/terminology/index.md b/doc/user/application_security/terminology/index.md index e046b18b2a4..1316f1b9644 100644 --- a/doc/user/application_security/terminology/index.md +++ b/doc/user/application_security/terminology/index.md @@ -78,6 +78,8 @@ An asset that has the potential to be vulnerable, identified in a project by an include but are not restricted to source code, binary packages, containers, dependencies, networks, applications, and infrastructure. +Findings are all potential vulnerability items scanners identify in MRs/feature branches. Only after merging to default does a finding become a [vulnerability](#vulnerability). + ### Insignificant finding A legitimate finding that a particular customer doesn't care about. @@ -153,6 +155,8 @@ A flaw that has a negative impact on the security of its environment. Vulnerabil error or weakness, and don't describe where the error is located (see [finding](#finding)). Each vulnerability maps to a unique finding. +Vulnerabilities exist in the default branch. Findings (see [finding](#finding)) are all potential vulnerability items scanners identify in MRs/feature branches. Only after merging to default does a finding become a vulnerability. + ### Vulnerability finding When a [report finding](#report-finding) is stored to the database, it becomes a vulnerability diff --git a/doc/user/application_security/threat_monitoring/img/threat_monitoring_policy_alert_list_v13_11.png b/doc/user/application_security/threat_monitoring/img/threat_monitoring_policy_alert_list_v13_11.png Binary files differdeleted file mode 100644 index 05df41483c4..00000000000 --- a/doc/user/application_security/threat_monitoring/img/threat_monitoring_policy_alert_list_v13_11.png +++ /dev/null diff --git a/doc/user/application_security/threat_monitoring/img/threat_monitoring_policy_alert_list_v13_12.png b/doc/user/application_security/threat_monitoring/img/threat_monitoring_policy_alert_list_v13_12.png Binary files differnew file mode 100644 index 00000000000..1f02fd30f8e --- /dev/null +++ b/doc/user/application_security/threat_monitoring/img/threat_monitoring_policy_alert_list_v13_12.png diff --git a/doc/user/application_security/threat_monitoring/index.md b/doc/user/application_security/threat_monitoring/index.md index ced4669e241..825bc64d52b 100644 --- a/doc/user/application_security/threat_monitoring/index.md +++ b/doc/user/application_security/threat_monitoring/index.md @@ -209,19 +209,26 @@ Feature.disable(:threat_monitoring_alerts) > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3438) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.9. -The policy alert list displays your policy's alert activity. You can sort the list by the -**Date and time** column, and the **Status** column. Use the selector menu in the **Status** column -to set the status for each alert: +The policy alert list displays your policy's alert activity. You can sort the list by these columns: + +- Date and time +- Events +- Status + +You can filter the list with the **Policy Name** filter and the **Status** filter at the top. Use +the selector menu in the **Status** column to set the status for each alert: - Unreviewed - In review - Resolved - Dismissed -By default, the list doesn't display resolved or dismissed alerts. To show these alerts, clear the -checkbox **Hide dismissed alerts**. +By default, the list doesn't display resolved or dismissed alerts. + + - +Clicking an alert's row opens the alert drawer, which shows more information about the alert. A user +can also create an incident from the alert and update the alert status in the alert drawer. Clicking an alert's name takes the user to the [alert details page](../../../operations/incident_management/alerts.md#alert-details-page). diff --git a/doc/user/application_security/img/create_mr_from_vulnerability_v13_4.png b/doc/user/application_security/vulnerabilities/img/create_mr_from_vulnerability_v13_4.png Binary files differindex 55694fc7926..55694fc7926 100644 --- a/doc/user/application_security/img/create_mr_from_vulnerability_v13_4.png +++ b/doc/user/application_security/vulnerabilities/img/create_mr_from_vulnerability_v13_4.png diff --git a/doc/user/application_security/vulnerabilities/index.md b/doc/user/application_security/vulnerabilities/index.md index b98d28f8c9f..965b856504d 100644 --- a/doc/user/application_security/vulnerabilities/index.md +++ b/doc/user/application_security/vulnerabilities/index.md @@ -12,7 +12,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w Each security vulnerability in a project's [Vulnerability Report](../vulnerability_report/index.md) has an individual page which includes: - Details of the vulnerability. -- The status of the vulnerability within the project. +- The status of the vulnerability in the project. - Available actions for the vulnerability. - Any issues related to the vulnerability. @@ -21,8 +21,10 @@ On the vulnerability's page, you can: - [Change the vulnerability's status](#change-vulnerability-status). - [Create an issue](#create-an-issue-for-a-vulnerability). - [Link issues to the vulnerability](#link-gitlab-issues-to-the-vulnerability). -- [Automatically remediate the vulnerability](#automatically-remediate-the-vulnerability), if an +- [Remediate a vulnerability automatically](#remediate-a-vulnerability-automatically), if an automatic solution is available. +- [Remediate a vulnerability manually](#remediate-a-vulnerability-manually), if a solution is + available. ## Change vulnerability status @@ -60,7 +62,7 @@ To create a GitLab issue for a vulnerability: 1. In GitLab, go to the vulnerability's page. 1. Select **Create issue**. -An issue is created in the project, prepopulated with information from the vulnerability report. +An issue is created in the project, pre-populated with information from the vulnerability report. The issue is then opened so you can take further action. ### Create a Jira issue for a vulnerability @@ -120,7 +122,76 @@ that the resolution of one issue would resolve multiple vulnerabilities. Linked issues are shown in the Vulnerability Report and the vulnerability's page. -## Automatically remediate the vulnerability +## Link to an existing issue -You can fix some vulnerabilities by applying the solution that GitLab automatically -generates for you. [Read more about the automatic remediation for vulnerabilities feature](../index.md#apply-an-automatic-remediation-for-a-vulnerability). +If you already have an open issue, you can link to it from the vulnerability. + +- The vulnerability page shows related issues, but the issue page doesn't show the vulnerability it's related to. +- An issue can only be related to one vulnerability at a time. +- Issues can be linked across groups and projects. + +To link to an existing issue: + +1. Open the vulnerability. +1. [Add a linked issue](../../project/issues/related_issues.md). + +## Remediate a vulnerability automatically + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5656) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.7. + +Some vulnerabilities can be fixed by applying the solution that GitLab automatically generates. +The following scanners are supported: + +- [Dependency Scanning](../dependency_scanning/index.md). + Automatic Patch creation is only available for Node.js projects managed with + `yarn`. +- [Container Scanning](../container_scanning/index.md). + +### Remediate a vulnerability manually + +To manually apply the patch that GitLab generated for a vulnerability: + +1. Select the **Resolve with merge request** dropdown, then select **Download patch to resolve**: + +  + +1. Ensure your local project has the same commit checked out that was used to generate the patch. +1. Run `git apply remediation.patch`. +1. Verify and commit the changes to your branch. + +### Create a merge request with the suggested patch + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9224) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.9. + +In some cases, you can create a merge request that automatically remediates the +vulnerability. Any vulnerability that has a +[solution](#remediate-a-vulnerability-automatically) can have a merge +request created to automatically solve the issue. + +If this action is available: + +1. Select the **Resolve with merge request** dropdown, then select **Resolve with merge request**. + +  + +A merge request is created. It applies the solution to the source branch. + +## Vulnerability scanner maintenance + +The following vulnerability scanners and their databases are regularly updated: + +| Secure scanning tool | Vulnerabilities database updates | +|:----------------------------------------------------------------|----------------------------------| +| [Container Scanning](../container_scanning/index.md) | Uses either `trivy` or `clair`. For the `trivy` scanner, a job runs on a daily basis to build a new image with the latest vulnerability database updates from the [upstream `trivy-db`](https://github.com/aquasecurity/trivy-db). For the `clair` scanner, the latest `clair-db` version is used; `clair-db` database [is updated daily according to the author](https://github.com/arminc/clair-local-scan#clair-server-or-local). | +| [Dependency Scanning](../dependency_scanning/index.md) | Relies on `bundler-audit` (for Ruby gems), `retire.js` (for npm packages), and `gemnasium` (the GitLab tool for all libraries). Both `bundler-audit` and `retire.js` fetch their vulnerabilities data from GitHub repositories, so vulnerabilities added to `ruby-advisory-db` and `retire.js` are immediately available. The tools themselves are updated once per month if there's a new version. The [Gemnasium DB](https://gitlab.com/gitlab-org/security-products/gemnasium-db) is updated at least once a week. See our [current measurement of time from CVE being issued to our product being updated](https://about.gitlab.com/handbook/engineering/development/performance-indicators/#cve-issue-to-update). | +| [Dynamic Application Security Testing (DAST)](../dast/index.md) | The scanning engine is updated on a periodic basis. See the [version of the underlying tool `zaproxy`](https://gitlab.com/gitlab-org/security-products/dast/blob/master/Dockerfile#L1). The scanning rules are downloaded at scan runtime. | +| [Static Application Security Testing (SAST)](../sast/index.md) | Relies exclusively on [the tools GitLab wraps](../sast/index.md#supported-languages-and-frameworks). The underlying analyzers are updated at least once per month if a relevant update is available. The vulnerabilities database is updated by the upstream tools. | + +You do not have to update GitLab to benefit from the latest vulnerabilities definitions. +The security tools are released as Docker images. The vendored job definitions that enable them use +major release tags according to [semantic versioning](https://semver.org/). Each new release of the +tools overrides these tags. +The Docker images are updated to match the previous GitLab releases. Although +you automatically get the latest versions of the scanning tools, +there are some [known issues](https://gitlab.com/gitlab-org/gitlab/-/issues/9725) +with this approach. diff --git a/doc/user/application_security/vulnerabilities/severities.md b/doc/user/application_security/vulnerabilities/severities.md index 40b8f418737..75366a49a55 100644 --- a/doc/user/application_security/vulnerabilities/severities.md +++ b/doc/user/application_security/vulnerabilities/severities.md @@ -50,6 +50,7 @@ the following tables: | [`pmd-apex`](https://gitlab.com/gitlab-org/security-products/analyzers/pmd-apex) | **{check-circle}** Yes | Integer | `1`, `2`, `3`, `4`, `5` | | [`kubesec`](https://gitlab.com/gitlab-org/security-products/analyzers/kubesec) | **{check-circle}** Yes | String | `CriticalSeverity`, `InfoSeverity` | | [`secrets`](https://gitlab.com/gitlab-org/security-products/analyzers/secrets) | **{check-circle}** Yes | N/A | Hardcodes all severity levels to `Critical` | +| [`semgrep`](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep) | **{check-circle}** Yes | String | `error`, `warning`, `note`, `none` | ## Dependency Scanning @@ -61,9 +62,10 @@ the following tables: ## Container Scanning -| GitLab analyzer | Outputs severity levels? | Native severity level type | Native severity level example | +| GitLab scanner | Outputs severity levels? | Native severity level type | Native severity level example | |------------------------------------------------------------------------|--------------------------|----------------------------|--------------------------------------------------------------| -| [`klar`](https://gitlab.com/gitlab-org/security-products/analyzers/klar) | **{check-circle}** Yes | String | `Negligible`, `Low`, `Medium`, `High`, `Critical`, `Defcon1` | +| [`clair`](https://gitlab.com/gitlab-org/security-products/analyzers/klar) | **{check-circle}** Yes | String | `Negligible`, `Low`, `Medium`, `High`, `Critical`, `Defcon1` | +| [`trivy`](https://gitlab.com/gitlab-org/security-products/analyzers/container-scanning)| **{check-circle}** Yes | String | `Unknown`, `Low`, `Medium`, `High`, `Critical` | ## Fuzz Testing diff --git a/doc/user/application_security/vulnerability_report/index.md b/doc/user/application_security/vulnerability_report/index.md index 8f7740f9bfc..012992c8a72 100644 --- a/doc/user/application_security/vulnerability_report/index.md +++ b/doc/user/application_security/vulnerability_report/index.md @@ -162,3 +162,26 @@ computer. NOTE: It may take several minutes for the download to start if your project contains thousands of vulnerabilities. Don't close the page until the download finishes. + +## Dismiss a vulnerability + +> The option of adding a dismissal reason was introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0. + +You can dismiss a vulnerability for the entire project: + +1. Select the vulnerability in the Security Dashboard. +1. In the top-right, from the **Status** selector menu, select **Dismissed**. +1. Optional. Add a reason for the dismissal and select **Save comment**. + +To undo this action, select a different status from the same menu. + +### Dismiss multiple vulnerabilities + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35816) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.9. + +You can dismiss multiple vulnerabilities at once: + +1. In the list of vulnerabilities, select the checkbox for each vulnerability you want to dismiss. + To select all, select the checkbox in the table header. +1. Above the table, select a dismissal reason. +1. Select **Dismiss Selected**. diff --git a/doc/user/clusters/agent/index.md b/doc/user/clusters/agent/index.md index 31accfdd9e4..5e272f2a816 100644 --- a/doc/user/clusters/agent/index.md +++ b/doc/user/clusters/agent/index.md @@ -56,7 +56,7 @@ There are several components that work in concert for the Agent to accomplish Gi You can use the same GitLab project or separate projects for configuration and manifest files, as follows: - Single GitLab project (recommended): when you use a single repository to hold both the manifest and the configuration files, these projects can be either private or public, as you prefer. -- Two GitLab projects: when you opt to use two different GitLab projects, one for manifest files, and another for configuration files, the manifests project must be private, while the configuration project can be either private or public. Our backlog contains issues for adding support for +- Two GitLab projects: when you opt to use two different GitLab projects, one for manifest files, and another for configuration files, the manifests project must be public, while the configuration project can be either private or public. Our backlog contains issues for adding support for [private manifest repositories outside of the configuration project](https://gitlab.com/gitlab-org/gitlab/-/issues/220912) and [group level agents](https://gitlab.com/gitlab-org/gitlab/-/issues/283885) in the future. @@ -100,27 +100,39 @@ To use the KAS: ### Define a configuration repository -Next, you need a GitLab repository to contain your Agent configuration. The minimal -repository layout looks like this: +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/259669) in GitLab 13.7, the Agent manifest configuration can be added to multiple directories (or subdirectories) of its repository. + +To configure an Agent, you need: + +1. A GitLab repository to hold the configuration file. +1. Install the Agent in a cluster. + +After installed, when you update the configuration file, GitLab transmits the +information to the cluster automatically without downtime. + +In your repository, add the Agent configuration file under: ```plaintext .gitlab/agents/<agent-name>/config.yaml ``` -Your `config.yaml` file can specify multiple manifest projects in the -section `manifest_projects`: +Your `config.yaml` file specifies all configurations of the Agent, such as: + +- The manifest projects to synchronize. +- The address of the `hubble-relay` for the Network Security policy integrations. + +As an example, a minimal Agent configuration that sets up only the manifest +synchronizations is: ```yaml gitops: manifest_projects: - - id: "path-to/your-manifest-project-number1" - ... + - id: "path-to/your-manifest-project-1" + paths: + - glob: '/**/*.{yaml,yml,json}' ``` -GitLab [versions 13.7 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/259669) also -supports manifest projects containing -multiple directories (or subdirectories) of YAML files. For more information see our -documentation on the [Kubernetes Agent configuration repository](repository.md). +All the options for the [Kubernetes Agent configuration repository](repository.md) are documented separately. ### Create an Agent record in GitLab @@ -158,8 +170,8 @@ the Agent in subsequent steps. You can create an Agent record with GraphQL: } ``` - NOTE: - GraphQL only displays the token one time after creating it. +WARNING: +GraphQL only displays the token and ids **one time** after creating it. Make sure to write down the `secret`, `clusterAgentId`, and `clusterAgentTokenId`; you'll need them later. If you are new to using the GitLab GraphQL API, refer to the [Getting started with the GraphQL API page](../../../api/graphql/getting_started.md), @@ -202,7 +214,7 @@ docker run --pull=always --rm registry.gitlab.com/gitlab-org/cluster-integration For more advanced configurations, we recommend to use [the `kpt` based installation method](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/tree/master/build/deployment/gitlab-agent). -Otherwise, you can follow below for fully manual, detailed installation steps. +Otherwise, follow the manual installation steps described below. ##### Create the Kubernetes secret @@ -211,14 +223,14 @@ After generating the token, you must apply it to the Kubernetes cluster. To create your Secret, run: ```shell -kubectl create secret generic -n <YOUR_NAMESPACE> gitlab-agent-token --from-literal=token='YOUR_AGENT_TOKEN' +kubectl create secret generic -n gitlab-kubernetes-agent gitlab-kubernetes-agent-token --from-literal=token='YOUR_AGENT_TOKEN' ``` The following example file contains the Kubernetes resources required for the Agent to be installed. You can modify this example [`resources.yml` file](#example-resourcesyml-file) in the following ways: -- Replace `namespace: gitlab-agent` with `namespace: <YOUR-DESIRED-NAMESPACE>`. +- Replace `namespace: gitlab-kubernetes-agent` with `namespace: <YOUR-DESIRED-NAMESPACE>`. - You can configure `kas-address` (Kubernetes Agent Server) in several ways. The agent can use the WebSockets or gRPC protocols to connect to the Agent Server. Select the option appropriate for your cluster configuration and GitLab architecture: @@ -233,7 +245,7 @@ example [`resources.yml` file](#example-resourcesyml-file) in the following ways When using the Omnibus GitLab, specify the `ws` scheme (such as `ws://GitLab.host.tld:80/-/kubernetes-agent/`). - Specify the `grpc` scheme if both Agent and Server are installed in one cluster. In this case, you may specify `kas-address` value as - `grpc://gitlab-kas.<your-namespace>:5005`) to use gRPC directly, where `gitlab-kas` + `grpc://gitlab-kas.<your-namespace>:8150`) to use gRPC directly, where `gitlab-kas` is the name of the service created by `gitlab-kas` chart, and `your-namespace` is the namespace where the chart was installed. Encrypted gRPC is not supported yet. Follow the @@ -243,47 +255,53 @@ example [`resources.yml` file](#example-resourcesyml-file) in the following ways Check the [chart's KAS Ingress documentation](https://docs.gitlab.com/charts/charts/gitlab/kas/#ingress) to learn more about it. - In the near future, Omnibus GitLab intends to provision `gitlab-kas` under a sub-domain by default, instead of the `/-/kubernetes-agent/` path. Please follow [this issue](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5784) for details. -- If you defined your own secret name, replace `gitlab-agent-token` with your +- If you defined your own secret name, replace `gitlab-kubernetes-agent-token` with your secret name in the `secretName:` section. To apply this file, run the following command: ```shell -kubectl apply -n <YOUR-DESIRED-NAMESPACE> -f ./resources.yml +kubectl apply -n gitlab-kubernetes-agent -f ./resources.yml ``` To review your configuration, run the following command: ```shell -$ kubectl get pods -n <YOUR-DESIRED-NAMESPACE> +$ kubectl get pods -n gitlab-kubernetes-agent -NAMESPACE NAME READY STATUS RESTARTS AGE -gitlab-agent gitlab-agent-77689f7dcb-5skqk 1/1 Running 0 51s +NAMESPACE NAME READY STATUS RESTARTS AGE +gitlab-kubernetes-agent gitlab-kubernetes-agent-77689f7dcb-5skqk 1/1 Running 0 51s ``` ##### Example `resources.yml` file ```yaml +--- +apiVersion: v1 +kind: Namespace +metadata: + name: gitlab-kubernetes-agent +--- apiVersion: v1 kind: ServiceAccount metadata: - name: gitlab-agent + name: gitlab-kubernetes-agent --- apiVersion: apps/v1 kind: Deployment metadata: - name: gitlab-agent + name: gitlab-kubernetes-agent spec: replicas: 1 selector: matchLabels: - app: gitlab-agent + app: gitlab-kubernetes-agent template: metadata: labels: - app: gitlab-agent + app: gitlab-kubernetes-agent spec: - serviceAccountName: gitlab-agent + serviceAccountName: gitlab-kubernetes-agent containers: - name: agent # Make sure to specify a matching version for production @@ -291,15 +309,17 @@ spec: args: - --token-file=/config/token - --kas-address - - wss://kas.host.tld:443 # change this line for the one below if using Omnibus GitLab + - wss://kas.host.tld:443 # replace this line with the line below if using Omnibus GitLab or GitLab.com. # - wss://gitlab.host.tld:443/-/kubernetes-agent/ + # - wss://kas.gitlab.com # for GitLab.com users, use this KAS. + # - grpc://host.docker.internal:8150 # use this attribute when connecting from Docker. volumeMounts: - name: token-volume mountPath: /config volumes: - name: token-volume secret: - secretName: gitlab-agent-token + secretName: gitlab-kubernetes-agent-token strategy: type: RollingUpdate rollingUpdate: @@ -309,7 +329,7 @@ spec: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: gitlab-agent-write + name: gitlab-kubernetes-agent-write rules: - resources: - '*' @@ -324,20 +344,20 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: gitlab-agent-write-binding + name: gitlab-kubernetes-agent-write-binding roleRef: - name: gitlab-agent-write + name: gitlab-kubernetes-agent-write kind: ClusterRole apiGroup: rbac.authorization.k8s.io subjects: -- name: gitlab-agent +- name: gitlab-kubernetes-agent kind: ServiceAccount - namespace: gitlab-agent + namespace: gitlab-kubernetes-agent --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: gitlab-agent-read + name: gitlab-kubernetes-agent-read rules: - resources: - '*' @@ -351,15 +371,15 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: gitlab-agent-read-binding + name: gitlab-kubernetes-agent-read-binding roleRef: - name: gitlab-agent-read + name: gitlab-kubernetes-agent-read kind: ClusterRole apiGroup: rbac.authorization.k8s.io subjects: -- name: gitlab-agent +- name: gitlab-kubernetes-agent kind: ServiceAccount - namespace: gitlab-agent + namespace: gitlab-kubernetes-agent ``` ### Create manifest files @@ -388,7 +408,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment - namespace: gitlab-agent # Can be any namespace managed by you that the agent has access to. + namespace: gitlab-kubernetes-agent # Can be any namespace managed by you that the agent has access to. spec: selector: matchLabels: @@ -481,7 +501,7 @@ If you face any issues while using GitLab Kubernetes Agent, you can read the service logs with the following command ```shell -kubectl logs -f -l=app=gitlab-agent -n <YOUR-DESIRED-NAMESPACE> +kubectl logs -f -l=app=gitlab-kubernetes-agent -n gitlab-kubernetes-agent ``` GitLab administrators can additionally view the [Kubernetes Agent Server logs](../../../administration/clusters/kas.md#troubleshooting). @@ -520,7 +540,7 @@ It's not possible to set the `grpc` scheme due to the issue [It is not possible to configure KAS to work with `grpc` without directly editing GitLab KAS deployment](https://gitlab.com/gitlab-org/gitlab/-/issues/276888). To use `grpc` while the issue is in progress, directly edit the deployment with the `kubectl edit deployment gitlab-kas` command, and change `--listen-websocket=true` to `--listen-websocket=false`. After running that command, you should be able to use -`grpc://gitlab-kas.<YOUR-NAMESPACE>:5005`. +`grpc://gitlab-kas.<YOUR-NAMESPACE>:8150`. ### Agent logs - Decompressor is not installed for grpc-encoding @@ -542,25 +562,27 @@ is unknown to the agent. One approach to fixing it is to present the CA certific via a Kubernetes `configmap` and mount the file in the agent `/etc/ssl/certs` directory from where it will be picked up automatically. -For example, if your internal CA certifciate is `myCA.pem`: +For example, if your internal CA certificate is `myCA.pem`: ```plaintext -kubectl -n gitlab-agent create configmap ca-pemstore --from-file=myCA.pem +kubectl -n gitlab-kubernetes-agent create configmap ca-pemstore --from-file=myCA.pem ``` Then in `resources.yml`: ```yaml spec: - serviceAccountName: gitlab-agent + serviceAccountName: gitlab-kubernetes-agent containers: - name: agent image: "registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/agentk:<version>" args: - --token-file=/config/token - --kas-address - - wss://kas.host.tld:443 # change this line for the one below if using Omnibus GitLab + - wss://kas.host.tld:443 # replace this line with the line below if using Omnibus GitLab or GitLab.com. # - wss://gitlab.host.tld:443/-/kubernetes-agent/ + # - wss://kas.gitlab.com # for GitLab.com users, use this KAS. + # - grpc://host.docker.internal:8150 # use this attribute when connecting from Docker. volumeMounts: - name: token-volume mountPath: /config @@ -570,7 +592,7 @@ Then in `resources.yml`: volumes: - name: token-volume secret: - secretName: gitlab-agent-token + secretName: gitlab-kubernetes-agent-token - name: ca-pemstore-volume configMap: name: ca-pemstore @@ -590,8 +612,10 @@ Alternatively, you can mount the certificate file at a different location and in - --ca-cert-file=/tmp/myCA.pem - --token-file=/config/token - --kas-address - - wss://kas.host.tld:443 # change this line for the one below if using Omnibus GitLab + - wss://kas.host.tld:443 # replace this line with the line below if using Omnibus GitLab or GitLab.com. # - wss://gitlab.host.tld:443/-/kubernetes-agent/ + # - wss://kas.gitlab.com # for GitLab.com users, use this KAS. + # - grpc://host.docker.internal:8150 # use this attribute when connecting from Docker. volumeMounts: - name: token-volume mountPath: /config @@ -599,3 +623,34 @@ Alternatively, you can mount the certificate file at a different location and in mountPath: /tmp/myCA.pem subPath: myCA.pem ``` + +## Remove the GitLab Kubernetes Agent + +1. Remove an Agent record with GraphQL by deleting the `clusterAgent` and the `clusterAgentToken`. + + ```graphql + mutation deleteAgent { + clusterAgentDelete(input: { id: "<cluster-agent-id>" } ) { + errors + } + } + + mutation deleteToken { + clusterAgentTokenDelete(input: { id: "<cluster-agent-token-id>" }) { + errors + } + } + ``` + +1. Verify whether the removal occurred successfully. If the output in the Pod logs includes `unauthenticated`, it means that the agent was successfully removed: + + ```json + {"level":"warn","time":"2021-04-29T23:44:07.598Z","msg":"GetConfiguration.Recv failed","error":"rpc error: + code = Unauthenticated desc = unauthenticated"} + ``` + +1. Delete the GitLab Kubernetes Agent in your cluster: + + ```shell + kubectl delete -n gitlab-kubernetes-agent -f ./resources.yml + ``` diff --git a/doc/user/clusters/agent/repository.md b/doc/user/clusters/agent/repository.md index 9caa4a89daf..49e5e8c58df 100644 --- a/doc/user/clusters/agent/repository.md +++ b/doc/user/clusters/agent/repository.md @@ -94,3 +94,41 @@ gitops: # If 'paths' is not specified or is an empty list, the configuration below is used - glob: '/**/*.{yaml,yml,json}' ``` + +## Surface network security alerts from cluster to GitLab + +The GitLab Agent provides an [integration with Cilium](index.md#kubernetes-network-security-alerts). +To integrate, add a top-level `cilium` section to your `config.yml` file. Currently, the +only configuration option is the Hubble relay address: + +```yaml +cilium: + hubble_relay_address: "<hubble-relay-host>:<hubble-relay-port>" +``` + +If your Cilium integration was performed through GitLab Managed Apps, you can use `hubble-relay.gitlab-managed-apps.svc.cluster.local:80` as the address: + +```yaml +cilium: + hubble_relay_address: "hubble-relay.gitlab-managed-apps.svc.cluster.local:80" +``` + +## Debugging + +To debug the cluster-side component (`agentk`) of the GitLab Kubernetes Agent, set the log +level according to the available options: + +- `off` +- `warning` +- `error` +- `info` +- `debug` + +The log level defaults to `info`. You can change it by using a top-level `observability` +section in the configuration file, for example: + +```yaml +observability: + logging: + level: debug +``` diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md index b11ca7aac12..212823853e4 100644 --- a/doc/user/clusters/applications.md +++ b/doc/user/clusters/applications.md @@ -4,27 +4,41 @@ group: Configure info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# GitLab Managed Apps **(FREE)** +# GitLab Managed Apps (DEPRECATED) **(FREE)** -GitLab provides **GitLab Managed Apps** for various -applications which can be added directly to your configured cluster. These -applications are needed for [Review Apps](../../ci/review_apps/index.md) and -[deployments](../../ci/environments/index.md) when using [Auto DevOps](../../topics/autodevops/index.md). -You can install them after you [create a cluster](../project/clusters/add_remove_clusters.md). -GitLab provides GitLab Managed Apps [using CI/CD](#install-using-gitlab-cicd). -GitLab Managed Apps with [one-click installations](#install-with-one-click) -have been deprecated, and are scheduled for removal in GitLab 14.0. +**GitLab Managed Apps** was created to help you configure applications in your +cluster directly from GitLab. You could use this feature through two different +methods: "one-click install" and "CI/CD template". Both methods are **deprecated**: -## Install using GitLab CI/CD +- The **one-click install** method was deprecated in GitLab 13.9 and **will be + removed** in GitLab 14.0. +- The **CI/CD template method** was deprecated in GitLab 13.12 and is scheduled + to be removed in GitLab 15.0. -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20822) in GitLab 12.6. +Both methods were limiting as you couldn't fully customize your third-party apps installed +through GitLab Managed Apps. Therefore, we decided to deprecate this feature and provide +better [GitOps-driven alternatives](https://about.gitlab.com/direction/configure/kubernetes_management/#gitlab-managed-applications) to our users, such as [cluster integrations](integrations.md#cluster-integrations) and [cluster management project](management_project.md). + +Read the sections below according to the installation method you chose to +learn how to proceed to keep your apps up and running: + +- [One-click install method](#install-with-one-click-deprecated) +- [CI/CD template method](#install-using-gitlab-cicd-deprecated) + +## Install using GitLab CI/CD (DEPRECATED) + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20822) in GitLab 12.6. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. WARNING: -This is a _beta_ feature, and some applications might miss features to provide full integration with GitLab. +The GitLab Managed Apps CI/CD installation method was [deprecated in 13.12](https://gitlab.com/gitlab-org/gitlab/-/issues/327908). +Your applications continue to work. However, we no longer support and maintain the GitLab CI/CD template for +Managed Apps (`Managed-Cluster-Applications.gitlab-ci.yml`). +As a replacement, we are working on a [cluster management project template](https://gitlab.com/gitlab-org/gitlab/-/issues/327908), +still to be released. -This primary method for installing applications to clusters allows users to install GitLab-managed -applications using GitLab CI/CD. It also allows customization of the -install using Helm `values.yaml` files. +The CI/CD template was the primary method for installing applications to clusters via GitLab Managed Apps +and customize them through Helm. Supported applications: @@ -138,6 +152,8 @@ Note the following: ### Install Ingress using GitLab CI/CD +> [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. + To install Ingress, define the `.gitlab/managed-apps/config.yaml` file with: @@ -162,6 +178,8 @@ and ping at least 2 people from the ### Install cert-manager using GitLab CI/CD +> [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. + cert-manager is installed using GitLab CI/CD by defining configuration in `.gitlab/managed-apps/config.yaml`. @@ -206,6 +224,8 @@ least 2 people from the ### Install Sentry using GitLab CI/CD +> [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. + The Sentry Helm chart [recommends](https://github.com/helm/charts/blob/f6e5784f265dd459c5a77430185d0302ed372665/stable/sentry/values.yaml#L284-L285) at least 3 GB of available RAM for database migrations. @@ -275,6 +295,8 @@ least 2 people from the ### Install PostHog using GitLab CI/CD +> [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. + [PostHog](https://posthog.com) 🦔 is a developer-friendly, open-source product analytics platform. To install PostHog into the `gitlab-managed-apps` namespace of your cluster, @@ -325,7 +347,8 @@ If you run into issues, ### Install Prometheus using GitLab CI/CD -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25138) in GitLab 12.8. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25138) in GitLab 12.8. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. [Prometheus](https://prometheus.io/docs/introduction/overview/) is an open-source monitoring and alerting system for supervising your @@ -352,6 +375,8 @@ least 2 people from the [APM group](https://about.gitlab.com/handbook/product/ca ### Install GitLab Runner using GitLab CI/CD +> [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. + GitLab Runner is installed using GitLab CI/CD by defining configuration in `.gitlab/managed-apps/config.yaml`. @@ -390,7 +415,8 @@ least 2 people from the ### Install Cilium using GitLab CI/CD -> [Introduced](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/-/merge_requests/22) in GitLab 12.8. +> - [Introduced](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/-/merge_requests/22) in GitLab 12.8. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. [Cilium](https://cilium.io/) is a networking plugin for Kubernetes that you can use to implement support for [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) @@ -505,7 +531,8 @@ least 2 people from the ### Install Falco using GitLab CI/CD -> [Introduced](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/-/merge_requests/91) in GitLab 13.1. +> - [Introduced](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/-/merge_requests/91) in GitLab 13.1. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. GitLab Container Host Security Monitoring uses [Falco](https://falco.org/) as a runtime security tool that listens to the Linux kernel using eBPF. Falco parses system calls @@ -601,7 +628,8 @@ least 2 people from the ### Install Vault using GitLab CI/CD -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9982) in GitLab 12.9. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9982) in GitLab 12.9. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. [HashiCorp Vault](https://www.vaultproject.io/) is a secrets management solution which can be used to safely manage and store passwords, credentials, certificates, and more. A Vault @@ -703,7 +731,8 @@ least 2 people from the ### Install JupyterHub using GitLab CI/CD -> [Introduced](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/-/merge_requests/40) in GitLab 12.8. +> - [Introduced](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/-/merge_requests/40) in GitLab 12.8. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. JupyterHub is installed using GitLab CI/CD by defining configuration in `.gitlab/managed-apps/config.yaml` as follows: @@ -760,7 +789,8 @@ least 2 people from the ### Install Elastic Stack using GitLab CI/CD -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25138) in GitLab 12.8. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25138) in GitLab 12.8. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. Elastic Stack is installed using GitLab CI/CD by defining configuration in `.gitlab/managed-apps/config.yaml`. @@ -796,7 +826,8 @@ least 2 people from the [APM group](https://about.gitlab.com/handbook/product/ca ### Install Crossplane using GitLab CI/CD -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35675) in GitLab 12.9. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35675) in GitLab 12.9. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. Crossplane is installed using GitLab CI/CD by defining configuration in `.gitlab/managed-apps/config.yaml`. @@ -827,7 +858,8 @@ If you run into issues, ### Install Fluentd using GitLab CI/CD -> [Introduced](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/-/merge_requests/76) in GitLab 12.10. +> - [Introduced](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/-/merge_requests/76) in GitLab 12.10. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. To install Fluentd into the `gitlab-managed-apps` namespace of your cluster using GitLab CI/CD, define the following configuration in `.gitlab/managed-apps/config.yaml`: @@ -858,6 +890,8 @@ least 2 people from the ### Install Knative using GitLab CI/CD +> [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. + To install Knative, define the `.gitlab/managed-apps/config.yaml` file with: @@ -908,7 +942,8 @@ kubectl delete -f https://gitlab.com/gitlab-org/cluster-integration/cluster-appl ### Install AppArmor using GitLab CI/CD -> [Introduced](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/-/merge_requests/100) in GitLab 13.1. +> - [Introduced](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications/-/merge_requests/100) in GitLab 13.1. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 13.12. To install AppArmor into the `gitlab-managed-apps` namespace of your cluster using GitLab CI/CD, define the following configuration in `.gitlab/managed-apps/config.yaml`: @@ -998,13 +1033,13 @@ at least 2 people from the Logs produced by pods running **GitLab Managed Apps** can be browsed using [**Log Explorer**](../project/clusters/kubernetes_pod_logs.md). -## Install with one click +## Install with one click (DEPRECATED) WARNING: -The one-click installation method is deprecated and scheduled for removal in [GitLab 14.0](https://gitlab.com/groups/gitlab-org/-/epics/4280). -This removal does not affect installed applications to avoid breaking -changes. Following GitLab 14.0, users can take ownership of already installed applications -using our documentation. +The one-click installation method was deprecated in GitLab 13.9 and will be removed in [GitLab 14.0](https://gitlab.com/groups/gitlab-org/-/epics/4280). +The removal does not break nor uninstall any apps you have installed but removes the GitLab UI page +for installing and updating your GitLab Managed Apps. +Follow the process to [take ownership of your GitLab Managed Apps](#take-ownership-of-your-gitlab-managed-apps). Applications managed by GitLab are installed onto the `gitlab-managed-apps` namespace. This namespace: @@ -1668,3 +1703,88 @@ Spawn failed: Timeout This is due to DigitalOcean imposing a few limits with regards to creating additional block storage volumes. [Learn more about DigitalOcean Block Storage Volumes limits.](https://www.digitalocean.com/docs/volumes/#limits) + +## Take ownership of your GitLab Managed Apps + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327803) in GitLab 13.12. + +With the removal of the [One-click install method](#install-with-one-click-deprecated) in GitLab 14.0, +the **Applications** tab (under your project's **Operations > Kubernetes**) +will no longer be displayed: + + + +This tab was dedicated to installing and maintaining GitLab Managed Apps. +To continue managing your installed applications, one of the possible ways is to +install [Helm](https://helm.sh/) locally, as described below. + +### View installed applications + +To view the applications you have installed in your cluster through GitLab Managed Apps, +you need to verify the resources you have in the `gitlab-managed-apps` namespace. +On your computer, [configure `kubectl`](https://kubernetes.io/docs/reference/kubectl/overview/) +to connect to your cluster, open the terminal and run: + +```shell +kubectl get all -n gitlab-managed-apps +``` + +If there is no output or the namespace does not exist, you do not have any applications +installed through GitLab Managed Apps. If this is the case, you have nothing else to do. + +### Identify the Helm version + +Next, verify which Helm version GitLab used to install your applications. + +#### For apps installed with Helm v3 + +To list your apps installed with Helm v3, run: + +```shell +kubectl get secrets -n gitlab-managed-apps | grep 'helm.sh/release' +``` + +You can manage these applications with Helm v3 and you don't need any further steps. + +All applications not listed with the command above were installed with Helm v2. + +#### For apps installed with Helm v2 + +If you have apps installed with Helm v2, you can either: + +- A. Install Helm v3 and [upgrade your apps to Helm v3](https://helm.sh/docs/topics/v2_v3_migration/). +- B. Install Helm v2 and keep using this Helm version, which is not recommended as Helm v2 was deprecated in favor of +Helm v3. + +If you choose to keep using Helm v2 (B), follow the steps below to manage your apps: + +1. Install [Helm v2](https://v2.helm.sh/docs/install/) in your computer. +1. Start a local Tiller server: + + ```shell + export TILLER_NAMESPACE=gitlab-managed-apps + tiller -listen localhost:44134 + ``` + +1. In another tab, initialize your Helm client: + + ```shell + export HELM_HOST="localhost:44134" + helm init --client-only + ``` + +1. Now your environment is ready to manage your apps with Helm v2. For example, to list your releases: + + ```shell + helm ls + ``` + +### Cluster integrations + +Some applications were not only installed in your cluster by GitLab through Managed Apps but were also +directly integrated with GitLab so that you could benefit from seeing, controlling, or getting notified +about them through GitLab. +To keep them integrated, read the documentation for: + +- [Prometheus cluster integration](integrations.md#prometheus-cluster-integration) +- [Elastic Stack cluster integration](integrations.md#elastic-stack-cluster-integration) diff --git a/doc/user/clusters/img/applications_tab_v13_12.png b/doc/user/clusters/img/applications_tab_v13_12.png Binary files differnew file mode 100644 index 00000000000..c4f1a8862e8 --- /dev/null +++ b/doc/user/clusters/img/applications_tab_v13_12.png diff --git a/doc/user/clusters/integrations.md b/doc/user/clusters/integrations.md index 74c48d1a010..a8b181f8726 100644 --- a/doc/user/clusters/integrations.md +++ b/doc/user/clusters/integrations.md @@ -10,7 +10,9 @@ GitLab provides several ways to integrate applications to your Kubernetes cluster. To enable cluster integrations, first add a Kubernetes cluster to a GitLab -[project](../project/clusters/add_remove_clusters.md) or [group](../group/clusters/index.md#group-level-kubernetes-clusters). +[project](../project/clusters/add_remove_clusters.md) or +[group](../group/clusters/index.md#group-level-kubernetes-clusters) or +[instance](../instance/clusters/index.md). ## Prometheus cluster integration @@ -20,30 +22,33 @@ You can integrate your Kubernetes cluster with [Prometheus](https://prometheus.io/) for monitoring key metrics of your apps directly from the GitLab UI. -Once enabled, you will see metrics from services available in the +[Alerts](../../operations/metrics/alerts.md) can be configured the same way as +for [external Prometheus instances](../../operations/metrics/alerts.md#external-prometheus-instances). + +Once enabled, you can see metrics from services available in the [metrics library](../project/integrations/prometheus_library/index.md). -Prerequisites: +### Prometheus Prerequisites -To benefit from this integration, you must have Prometheus -installed in your cluster with the following requirements: +To use this integration: -1. Prometheus must be installed inside the `gitlab-managed-apps` namespace. +1. Prometheus must be installed in your cluster in the `gitlab-managed-apps` namespace. 1. The `Service` resource for Prometheus must be named `prometheus-prometheus-server`. -You can use the following commands to install Prometheus to meet the requirements for cluster integrations: +You can manage your Prometheus however you like, but as an example, you can set +it up using [Helm](https://helm.sh/) as follows: ```shell -# Create the require Kubernetes namespace +# Create the required Kubernetes namespace kubectl create ns gitlab-managed-apps # Download Helm chart values that is compatible with the requirements above. -# You should substitute the tag that corresponds to the GitLab version in the url +# You should substitute the tag that corresponds to the GitLab version in the URL # - https://gitlab.com/gitlab-org/gitlab/-/raw/<tag>/vendor/prometheus/values.yaml # wget https://gitlab.com/gitlab-org/gitlab/-/raw/v13.9.0-ee/vendor/prometheus/values.yaml -# Add the Prometheus community helm repo +# Add the Prometheus community Helm chart repository helm repo add prometheus-community https://prometheus-community.github.io/helm-charts # Install Prometheus @@ -62,6 +67,65 @@ To enable the Prometheus integration for your cluster: **Operations > Kubernetes**. - For a [group-level cluster](../group/clusters/index.md), navigate to your group's **Kubernetes** page. + - For an [instance-level cluster](../instance/clusters/index.md), navigate to your instance's + **Kubernetes** page. +1. Select the **Integrations** tab. +1. Check the **Enable Prometheus integration** checkbox. +1. Click **Save changes**. +1. Go to the **Health** tab to see your cluster's metrics. + +## Elastic Stack cluster integration + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61077) in GitLab 13.12. + +You can integrate your cluster with [Elastic +Stack](https://www.elastic.co/elastic-stack) to index and [query your pod +logs](../project/clusters/kubernetes_pod_logs.md). + +### Elastic Stack Prerequisites + +To use this integration: + +1. Elasticsearch 7.x or must be installed in your cluster in the + `gitlab-managed-apps` namespace. +1. The `Service` resource must be called `elastic-stack-elasticsearch-master` + and expose the Elasticsearch API on port `9200`. +1. The logs are expected to be [Filebeat container logs](https://www.elastic.co/guide/en/beats/filebeat/7.x/filebeat-input-container.html) + following the [7.x log structure](https://www.elastic.co/guide/en/beats/filebeat/7.x/exported-fields-log.html) + and include [Kubernetes metadata](https://www.elastic.co/guide/en/beats/filebeat/7.x/add-kubernetes-metadata.html). + +You can manage your Elastic Stack however you like, but as an example, you can +use [this Elastic Stack chart](https://gitlab.com/gitlab-org/charts/elastic-stack) to get up and +running: + +```shell +# Create the required Kubernetes namespace +kubectl create namespace gitlab-managed-apps + +# Download Helm chart values that is compatible with the requirements above. +# You should substitute the tag that corresponds to the GitLab version in the URL +# - https://gitlab.com/gitlab-org/gitlab/-/raw/<tag>/vendor/elastic_stack/values.yaml +# +wget https://gitlab.com/gitlab-org/gitlab/-/raw/v13.9.0-ee/vendor/elastic_stack/values.yaml + +# Add the GitLab Helm chart repository +helm repo add gitlab https://charts.gitlab.io + +# Install Elastic Stack +helm install prometheus gitlab/elastic-stack -n gitlab-managed-apps --values values.yaml +``` + +### Enable Elastic Stack integration for your cluster + +To enable the Elastic Stack integration for your cluster: + +1. Go to the cluster's page: + - For a [project-level cluster](../project/clusters/index.md), navigate to your project's + **Operations > Kubernetes**. + - For a [group-level cluster](../group/clusters/index.md), navigate to your group's + **Kubernetes** page. + - For an [instance-level cluster](../instance/clusters/index.md), navigate to your instance's + **Kubernetes** page. 1. Select the **Integrations** tab. 1. Check the **Enable Prometheus integration** checkbox. 1. Click **Save changes**. diff --git a/doc/user/clusters/management_project.md b/doc/user/clusters/management_project.md index da9bacc9788..e728577e194 100644 --- a/doc/user/clusters/management_project.md +++ b/doc/user/clusters/management_project.md @@ -20,7 +20,7 @@ privileges. This can be useful for: -- Creating pipelines to install cluster-wide applications into your cluster, see [Install using GitLab CI/CD (beta)](applications.md#install-using-gitlab-cicd) for details. +- Creating pipelines to install cluster-wide applications into your cluster, see [Install using GitLab CI/CD (beta)](applications.md#install-using-gitlab-cicd-deprecated) for details. - Any jobs that require `cluster-admin` privileges. ## Permissions diff --git a/doc/user/compliance/compliance_dashboard/img/compliance_dashboard_v13_11.png b/doc/user/compliance/compliance_dashboard/img/compliance_dashboard_v13_11.png Binary files differindex 95e176b71b8..73a5c92670a 100644 --- a/doc/user/compliance/compliance_dashboard/img/compliance_dashboard_v13_11.png +++ b/doc/user/compliance/compliance_dashboard/img/compliance_dashboard_v13_11.png diff --git a/doc/user/compliance/compliance_dashboard/index.md b/doc/user/compliance/compliance_dashboard/index.md index 8f620fe41bb..21af6387f9d 100644 --- a/doc/user/compliance/compliance_dashboard/index.md +++ b/doc/user/compliance/compliance_dashboard/index.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/36524) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.8. -The Compliance Dashboard gives you the ability to see a group's Merge Request activity +The Compliance Dashboard gives you the ability to see a group's merge request activity by providing a high-level view for all projects in the group. For example, code approved for merging into production. @@ -28,10 +28,10 @@ This feature is for people who care about the compliance status of projects with You can use the dashboard to: -- Get an overview of the latest Merge Request for each project. -- See if Merge Requests were approved and by whom. -- See Merge Request authors. -- See the latest [CI Pipeline](../../../ci/pipelines/index.md) result for each Merge Request. +- Get an overview of the latest merge request for each project. +- See if merge requests were approved and by whom. +- See merge request authors. +- See the latest [CI Pipeline](../../../ci/pipelines/index.md) result for each merge request. ## Permissions @@ -42,25 +42,25 @@ You can use the dashboard to: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217939) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.3. -We support a separation of duties policy between users who create and approve Merge Requests. +We support a separation of duties policy between users who create and approve merge requests. The approval status column can help you identify violations of this policy. Our criteria for the separation of duties is as follows: -- [A Merge Request author is **not** allowed to approve their Merge Request](../../project/merge_requests/merge_request_approvals.md#allowing-merge-request-authors-to-approve-their-own-merge-requests) -- [A Merge Request committer is **not** allowed to approve a Merge Request they have added commits to](../../project/merge_requests/merge_request_approvals.md#prevent-approval-of-merge-requests-by-their-committers) -- [The minimum number of approvals required to merge a Merge Request is **at least** two](../../project/merge_requests/merge_request_approvals.md#approval-rules) +- [A merge request author is **not** allowed to approve their merge request](../../project/merge_requests/approvals/settings.md#prevent-authors-from-approving-their-own-work) +- [A merge request committer is **not** allowed to approve a merge request they have added commits to](../../project/merge_requests/approvals/settings.md#prevent-committers-from-approving-their-own-work) +- [The minimum number of approvals required to merge a merge request is **at least** two](../../project/merge_requests/approvals/rules.md) -The "Approval status" column shows you, at a glance, whether a Merge Request is complying with the above. +The "Approval status" column shows you, at a glance, whether a merge request is complying with the above. This column has four states: | State | Description | |:------|:------------| -| Empty | The Merge Request approval status is unknown | -|  | The Merge Request **does not** comply with any of the above criteria | -|  | The Merge Request complies with **some** of the above criteria | -|  | The Merge Request complies with **all** of the above criteria | +| Empty | The merge request approval status is unknown | +|  | The merge request **does not** comply with any of the above criteria | +|  | The merge request complies with **some** of the above criteria | +|  | The merge request complies with **all** of the above criteria | -If you do not see the success icon in your Compliance dashboard; please review the above criteria for the Merge Requests +If you do not see the success icon in your Compliance dashboard; please review the above criteria for the merge requests project to make sure it complies with the separation of duties described above. ## Chain of Custody report **(ULTIMATE)** diff --git a/doc/user/compliance/index.md b/doc/user/compliance/index.md index d31f877c418..69deefd08a7 100644 --- a/doc/user/compliance/index.md +++ b/doc/user/compliance/index.md @@ -15,3 +15,7 @@ following compliance tools are available: - [License Compliance](license_compliance/index.md): Search your project's dependencies for their licenses. This lets you determine if the licenses of your project's dependencies are compatible with your project's license. +- [Compliance framework labels](../project/settings/index.md#compliance-frameworks): Label your projects that have unique compliance requirements. +- [Compliance pipelines](../project/settings/index.md#compliance-pipeline-configuration): Ensure that needed compliance jobs are always run for compliance-labeled projects. +- [Audit Events](../../administration/audit_events.md): Get visibility into individual actions that have taken place in your GitLab instance, group, or project. +- [Audit Reports](../../administration/audit_reports.md): Create and access reports based on the audit events that have occurred. Use pre-built GitLab reports or the API to build your own. diff --git a/doc/user/compliance/license_compliance/index.md b/doc/user/compliance/license_compliance/index.md index 823a0561beb..43dbafb8f6f 100644 --- a/doc/user/compliance/license_compliance/index.md +++ b/doc/user/compliance/license_compliance/index.md @@ -180,7 +180,7 @@ directory of your project. ### Overriding the template WARNING: -Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#onlyexcept-basic) +Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#only--except) is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. If you want to override the job definition (for example, change properties like @@ -636,7 +636,7 @@ registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:latest The process for importing Docker images into a local offline Docker registry depends on **your network security policy**. Please consult your IT staff to find an accepted and approved -process by which external resources can be imported or temporarily accessed. Note that these scanners are [updated periodically](../../application_security/index.md#maintenance-and-update-of-the-vulnerabilities-database) +process by which external resources can be imported or temporarily accessed. Note that these scanners are [updated periodically](../../application_security/vulnerabilities/index.md#vulnerability-scanner-maintenance) with new definitions, so consider if you are able to make periodic updates yourself. For details on saving and transporting Docker images as a file, see Docker's documentation on @@ -766,7 +766,7 @@ Defining a non-latest Python version in ASDF_PYTHON_VERSION [doesn't have it aut 1. Define the required version by setting the `ASDF_PYTHON_VERSION` CI/CD variable. 1. Pass a custom script to the `SETUP_CMD` CI/CD variable to install the required version and dependencies. -For example: +For example: ```yaml include: diff --git a/doc/user/discussions/img/mr_review_second_comment.png b/doc/user/discussions/img/mr_review_second_comment.png Binary files differdeleted file mode 100644 index f345c52e941..00000000000 --- a/doc/user/discussions/img/mr_review_second_comment.png +++ /dev/null diff --git a/doc/user/discussions/img/mr_review_second_comment_added.png b/doc/user/discussions/img/mr_review_second_comment_added.png Binary files differdeleted file mode 100644 index 61b45431c9e..00000000000 --- a/doc/user/discussions/img/mr_review_second_comment_added.png +++ /dev/null diff --git a/doc/user/discussions/img/review_comment_quickactions.png b/doc/user/discussions/img/review_comment_quickactions.png Binary files differdeleted file mode 100644 index 276def6381f..00000000000 --- a/doc/user/discussions/img/review_comment_quickactions.png +++ /dev/null diff --git a/doc/user/discussions/img/review_preview_v13_11.png b/doc/user/discussions/img/review_preview_v13_11.png Binary files differdeleted file mode 100644 index 79e33aa0991..00000000000 --- a/doc/user/discussions/img/review_preview_v13_11.png +++ /dev/null diff --git a/doc/user/discussions/index.md b/doc/user/discussions/index.md index aa49f9468be..50007545a65 100644 --- a/doc/user/discussions/index.md +++ b/doc/user/discussions/index.md @@ -91,7 +91,7 @@ current merge request. ### Marking a comment or thread as resolved -You can mark a thread as resolved by clicking the **Resolve thread** +You can mark a thread as resolved by selecting the **Resolve thread** button at the bottom of the thread.  @@ -102,8 +102,8 @@ Alternatively, you can mark each comment as resolved individually. ### Move all unresolved threads in a merge request to an issue -To continue all open threads from a merge request in a new issue, click the -**Resolve all threads in new issue** button. +To continue all open threads from a merge request in a new issue, select +**Resolve all threads in new issue**.  @@ -283,85 +283,6 @@ To create a confidential comment, select the **Make this comment confidential**  -## Merge request reviews - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/4213) in GitLab Premium 11.4. -> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/28154) to GitLab Free in 13.1. - -When looking at a merge request diff, you are able to start a review. -This allows you to create comments inside a merge request that are **only visible to you** until published, -in order to allow you to submit them all as a single action. - -### Starting a review - -To start a review, write a comment on a diff as normal under the **Changes** tab -in a merge request, and then select **Start a review**. - - - -After a review is started, any comments that are part of this review are marked `Pending`. -All comments that are part of a review show two buttons: - -- **Finish review**: Submits all comments that are part of the review, making them visible to other users. -- **Add comment now**: Submits the specific comment as a regular comment instead of as part of the review. - - - -You can use [quick actions](../project/quick_actions.md) inside review comments. The comment shows the actions to perform after publication. - - - -To add more comments to a review, start writing a comment as normal and click the **Add to review** button. - - - -This adds the comment to the review. - - - -### Resolving/Unresolving threads - -Review comments can also resolve/unresolve [resolvable threads](#resolvable-comments-and-threads). -When replying to a comment, a checkbox is displayed that you can click to resolve or unresolve -the thread after publication. - - - -If a particular pending comment resolves or unresolves the thread, this is shown on the pending -comment itself. - - - - - -### Adding a new comment - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/8225) in GitLab 13.10. - -If you have a review in progress, you will be presented with the option to **Add to review**: - - - -### Submitting a review - -If you have any comments that have not been submitted, a bar displays at the -bottom of the screen with two buttons: - -- **Pending comments**: Opens a list of comments ready to be submitted for review. -- **Submit review**: Publishes all comments. Any quick actions submitted are performed at this time. - -Alternatively, to finish the entire review from a pending comment: - -- Click the **Submit review** button on the comment. -- Use the `/submit_review` [quick action](../project/quick_actions.md) in the text of non-review comment. - - - -Submitting the review sends a single email to every notifiable user of the -merge request with all the comments associated to it. - -Replying to this email will, consequentially, create a new comment on the associated merge request. - ## Filtering notes > - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/26723) in GitLab 11.5. @@ -382,139 +303,6 @@ After you select one of the filters in a given issue or merge request, GitLab sa your preference, so that it persists when you visit the same page again from any device you're logged into. -## Suggest Changes - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/18008) in GitLab 11.6. -> - Custom commit messages for suggestions was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25381) in GitLab 13.9 behind a [feature flag](../feature_flags.md), disabled by default. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/297404) in GitLab 13.10. - -As a reviewer, you're able to suggest code changes with a -Markdown syntax in merge request diff threads. Then, the -merge request author (or other users with appropriate -[permission](../permissions.md)) is able to apply these -Suggestions with a click, which generates a commit in -the merge request authored by the user that applied them. - -1. Choose a line of code to be changed, add a new comment, then click - on the **Insert suggestion** icon in the toolbar: - -  - -1. In the comment, add your suggestion to the pre-populated code block: - -  - -1. Click either **Start a review** or **Add to review** to add your comment to a [review](#merge-request-reviews), or **Add comment now** to add the comment to the thread immediately. - - The Suggestion in the comment can be applied by the merge request author - directly from the merge request: - -  - -1. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25381) in GitLab 13.9, - you can opt to add a custom commit message to describe your change. If you don't - specify it, the default commit message is used. It is not supported for [batch suggestions](#batch-suggestions). - -  - -After the author applies a Suggestion, it is marked with the **Applied** label, -the thread is automatically resolved, and GitLab creates a new commit -and push the suggested change directly into the codebase in the merge request's -branch. [Developer permission](../permissions.md) is required to do so. - -### Multi-line Suggestions - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53310) in GitLab 11.10. - -Reviewers can also suggest changes to multiple lines with a single Suggestion -within merge request diff threads by adjusting the range offsets. The -offsets are relative to the position of the diff thread, and specify the -range to be replaced by the suggestion when it is applied. - - - -In the example above, the Suggestion covers three lines above and four lines -below the commented line. When applied, it would replace from 3 lines _above_ -to 4 lines _below_ the commented line, with the suggested change. - - - -NOTE: -Suggestions covering multiple lines are limited to 100 lines _above_ and 100 -lines _below_ the commented diff line, allowing up to 200 changed lines per -suggestion. - -### Code block nested in Suggestions - -If you need to make a suggestion that involves a -[fenced code block](../markdown.md#code-spans-and-blocks), wrap your suggestion in four backticks -instead of the usual three. - - - - - -### Configure the commit message for applied Suggestions - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13086) in GitLab 12.7. - -GitLab uses a default commit message -when applying Suggestions: `Apply %{suggestions_count} suggestion(s) to %{files_count} file(s)` - -For example, consider that a user applied 3 suggestions to 2 different files, the default commit message is: **Apply 3 suggestion(s) to 2 file(s)** - -These commit messages can be customized to follow any guidelines you might have. To do so, expand the **Merge requests** -tab within your project's **General** settings and change the -**Merge suggestions** text: - - - -You can also use following variables besides static text: - -| Variable | Description | Output example | -|------------------------|-------------|----------------| -| `%{branch_name}` | The name of the branch the Suggestion(s) was(were) applied to. | `my-feature-branch` | -| `%{files_count}` | The number of file(s) to which Suggestion(s) was(were) applied.| **2** | -| `%{file_paths}` | The path(s) of the file(s) Suggestion(s) was(were) applied to. Paths are separated by commas.| `docs/index.md, docs/about.md` | -| `%{project_path}` | The project path. | `my-group/my-project` | -| `%{project_name}` | The human-readable name of the project. | **My Project** | -| `%{suggestions_count}` | The number of Suggestions applied.| **3** | -| `%{username}` | The username of the user applying Suggestion(s). | `user_1` | -| `%{user_full_name}` | The full name of the user applying Suggestion(s). | **User 1** | - -For example, to customize the commit message to output -**Addresses user_1's review**, set the custom text to -`Addresses %{username}'s review`. - -NOTE: -Custom commit messages for each applied Suggestion is -introduced by [#25381](https://gitlab.com/gitlab-org/gitlab/-/issues/25381). - -### Batch Suggestions - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25486) in GitLab 13.1 as an [alpha feature](https://about.gitlab.com/handbook/product/gitlab-the-product/#alpha) behind a feature flag, disabled by default. -> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/227799) in GitLab 13.2. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/320755) in GitLab 13.11. - -You can apply multiple suggestions at once to reduce the number of commits added -to your branch to address your reviewers' requests. - -1. To start a batch of suggestions to apply with a single commit, click **Add suggestion to batch**: - -  - -1. Add as many additional suggestions to the batch as you wish: - -  - -1. To remove suggestions, click **Remove from batch**: - -  - -1. Having added all the suggestions to your liking, when ready, click **Apply suggestions**: - -  - ## Start a thread by replying to a standard comment > - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/30299) in GitLab 11.9 @@ -525,7 +313,7 @@ To reply to a standard (non-thread) comment, you can use the **Reply to comment* The **Reply to comment** button is only displayed if you have permissions to reply to an existing thread, or start a thread from a standard comment. -Clicking on the **Reply to comment** button brings the reply area into focus and you can type your reply. +Selecting the **Reply to comment** button brings the reply area into focus and you can type your reply.  @@ -542,9 +330,9 @@ not supported yet. You can assign an issue to a user who made a comment. -In the comment, click the **More Actions** menu and click **Assign to commenting user**. +In the comment, select the **More Actions** menu, and then select **Assign to commenting user**. - Click the button again to unassign the commenter. +Select the button again to unassign the commenter.  diff --git a/doc/user/feature_flags.md b/doc/user/feature_flags.md index 5be28de4101..e05fc582dc0 100644 --- a/doc/user/feature_flags.md +++ b/doc/user/feature_flags.md @@ -3,6 +3,7 @@ stage: none group: Development info: "See the Technical Writers assigned to Development Guidelines: https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments-to-development-guidelines" description: "Understand what 'GitLab features deployed behind flags' means." +layout: 'feature_flags' --- # GitLab functionality may be limited by feature flags diff --git a/doc/user/feature_highlight.md b/doc/user/feature_highlight.md index 8d452d2caf0..e5f0369a0f6 100644 --- a/doc/user/feature_highlight.md +++ b/doc/user/feature_highlight.md @@ -6,14 +6,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Feature highlight -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/16379) in GitLab 10.5 - Feature highlights are represented by a pulsing blue dot. Hovering over the dot -displays more information. -They are used to emphasize a certain feature and make something more visible to the user. - -You can dismiss any feature highlight permanently by clicking the "Got it" link -at the bottom of the modal window. There isn't a way to restore the feature highlight -after it has been dismissed. +displays more information. They're used to emphasize certain features and +highlight helpful information to the user. - +You can dismiss any feature highlight permanently by clicking the **Got it** link +at the bottom of the information window. You cannot restore a feature highlight +after you dismiss it. diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md index 6e38534b044..cdb4ca52c9c 100644 --- a/doc/user/gitlab_com/index.md +++ b/doc/user/gitlab_com/index.md @@ -98,11 +98,12 @@ Any settings or feature limits not listed here are using the defaults listed in | Artifacts maximum size (compressed) | 1G | 100M | | Artifacts [expiry time](../../ci/yaml/README.md#artifactsexpire_in) | From June 22, 2020, deleted after 30 days unless otherwise specified (artifacts created before that date have no expiry). | deleted after 30 days unless otherwise specified | | Scheduled Pipeline Cron | `*/5 * * * *` | `3-59/10 * * * *` | -| [Max jobs in active pipelines](../../administration/instance_limits.md#number-of-jobs-in-active-pipelines) | `500` for Free tier, unlimited otherwise | Unlimited +| [Max jobs in active pipelines](../../administration/instance_limits.md#number-of-jobs-in-active-pipelines) | `500` for Free tier, unlimited otherwise | Unlimited | | [Max CI/CD subscriptions to a project](../../administration/instance_limits.md#number-of-cicd-subscriptions-to-a-project) | `2` | Unlimited | | [Max pipeline schedules in projects](../../administration/instance_limits.md#number-of-pipeline-schedules) | `10` for Free tier, `50` for all paid tiers | Unlimited | | [Scheduled Job Archival](../../user/admin_area/settings/continuous_integration.md#archive-jobs) | 3 months | Never | | Max test cases per [unit test report](../../ci/unit_test_reports.md) | `500_000` | Unlimited | +| [Max registered runners](../../administration/instance_limits.md#number-of-registered-runners-per-scope) | `50` per-project and per-group for Free tier,<br/>`1_000` per-group for all paid tiers / `1_000` per-project for all paid tiers | `1_000` per-group / `1_000` per-project | ## Account and limit settings @@ -115,6 +116,7 @@ or over the repository size limit, you can [reduce your repository size with Git | ----------- | ----------- | ------------- | | [Repository size including LFS](../admin_area/settings/account_and_limit_settings.md#repository-size-limit) | 10 GB | Unlimited | | Maximum import size | 5 GB | Unlimited ([Modified](https://gitlab.com/gitlab-org/gitlab/-/issues/251106) from 50MB to unlimited in GitLab 13.8. | +| Maximum attachment size | 10 MB | 10 MB | NOTE: `git push` and GitLab project imports are limited to 5 GB per request through Cloudflare. Git LFS and imports other than a file upload are not affected by this limit. diff --git a/doc/user/group/bulk_editing/img/bulk-editing_v13_2.png b/doc/user/group/bulk_editing/img/bulk-editing_v13_2.png Binary files differdeleted file mode 100644 index 9f28fabdf0c..00000000000 --- a/doc/user/group/bulk_editing/img/bulk-editing_v13_2.png +++ /dev/null diff --git a/doc/user/group/bulk_editing/index.md b/doc/user/group/bulk_editing/index.md index aa356bee8e3..48644b7427d 100644 --- a/doc/user/group/bulk_editing/index.md +++ b/doc/user/group/bulk_editing/index.md @@ -1,79 +1,8 @@ --- -stage: Plan -group: Project Management -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: '../../../user/group/index.md' --- -# Bulk editing issues, epics, and merge requests at the group level **(PREMIUM)** +This document was moved to [another location](../../../user/group/index.md). -NOTE: -Bulk editing issues and merge requests is also available at the **project level**. -For more details, see [Bulk editing issues and merge requests at the project level](../../project/bulk_editing.md). - -If you want to update attributes across multiple issues, epics, or merge requests in a group, you -can do it by bulk editing them, that is, editing them together. - -Only the items visible on the current page are selected for bulk editing (up to 20). - - - -## Bulk edit issues at the group level - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7249) in GitLab 12.1. -> - Assigning epic ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210470) in GitLab 13.2. -> - Editing health status [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218395) in GitLab 13.2. -> - Editing iteration [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/196806) in GitLab 13.9. - -Users with permission level of [Reporter or higher](../../permissions.md) can manage issues. - -When bulk editing issues in a group, you can edit the following attributes: - -- [Epic](../epics/index.md) -- [Milestone](../../project/milestones/index.md) -- [Labels](../../project/labels.md) -- [Health status](../../project/issues/managing_issues.md#health-status) -- [Iteration](../iterations/index.md) - -To update multiple project issues at the same time: - -1. In a group, go to **{issues}** **Issues > List**. -1. Click **Edit issues**. A sidebar on the right-hand side of your screen appears with editable fields. -1. Select the checkboxes next to each issue you want to edit. -1. Select the appropriate fields and their values from the sidebar. -1. Click **Update all**. - -## Bulk edit epics - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7250) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2. - -Users with permission level of [Reporter or higher](../../permissions.md) can manage epics. - -When bulk editing epics in a group, you can edit their labels. - -To update multiple epics at the same time: - -1. In a group, go to **{epic}** **Epics > List**. -1. Click **Edit epics**. A sidebar on the right-hand side of your screen appears with editable fields. -1. Check the checkboxes next to each epic you want to edit. -1. Select the appropriate fields and their values from the sidebar. -1. Click **Update all**. - -## Bulk edit merge requests at the group level - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12719) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2. - -Users with permission level of [Developer or higher](../../permissions.md) can manage merge requests. - -When bulk editing merge requests in a group, you can edit the following attributes: - -- Milestone -- Labels - -To update multiple group merge requests at the same time: - -1. In a group, go to **{merge-request}** **Merge Requests**. -1. Click **Edit merge requests**. A sidebar on the right-hand side of your screen appears with - editable fields. -1. Select the checkboxes next to each merge request you want to edit. -1. Select the appropriate fields and their values from the sidebar. -1. Click **Update all**. +<!-- This redirect file can be deleted after <2021-08-13>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/group/contribution_analytics/index.md b/doc/user/group/contribution_analytics/index.md index 09e899a61ba..12d7eaf2f12 100644 --- a/doc/user/group/contribution_analytics/index.md +++ b/doc/user/group/contribution_analytics/index.md @@ -6,8 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w --- # Contribution Analytics **(PREMIUM)** -> - Introduced in [GitLab Starter](https://about.gitlab.com/pricing/) 8.3. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3090) for subgroups in GitLab 12.2. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3090) in GitLab 12.2 for subgroups. With Contribution Analytics you can get an overview of the following activity in your group: @@ -16,8 +15,7 @@ group: - Merge requests - Push events -To view the Contribution Analytics, go to your group's **Analytics > Contribution Analytics** -page. +To view the Contribution Analytics, go to your group and select **Analytics > Contribution**. ## Use cases diff --git a/doc/user/group/devops_adoption/index.md b/doc/user/group/devops_adoption/index.md index 920421ef9bb..5a23e1559bc 100644 --- a/doc/user/group/devops_adoption/index.md +++ b/doc/user/group/devops_adoption/index.md @@ -6,33 +6,36 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Group DevOps Adoption **(ULTIMATE)** -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321083) in GitLab 13.11. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321083) in GitLab 13.11 as a [Beta feature](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta). > - [Deployed behind a feature flag](../../../user/feature_flags.md), disabled by default. -> - Disabled on GitLab.com. -> - Not recommended for production use. -> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-group-devops-adoption). +> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/323159) in GitLab 13.12. +> - Enabled on GitLab.com. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-group-devops-adoption). **(ULTIMATE SELF)** -WARNING: -This feature might not be available to you. Check the **version history** note above for details. +This in-development feature might not be available for your use. There can be +[risks when enabling features still in development](../../feature_flags.md#risks-when-enabling-features-still-in-development). +Refer to this feature's version history for more details. -[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321083) in GitLab 13.11 as a [Beta feature](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta). +Prerequisites: -To access Group DevOps Adoption, navigate to your group sidebar and select **Analytics > DevOps Adoption** +- A minimum of [Reporter access](../../permissions.md) to the group. + +To access Group DevOps Adoption, go to your group and select **Analytics > DevOps Adoption**. Group DevOps Adoption shows you how individual groups and sub-groups within your organization use the following features: +- Approvals +- Deployments - Issues - Merge Requests -- Approvals -- Runners - Pipelines -- Deployments +- Runners - Scans When managing groups in the UI, you can manage your sub-groups with the **Add/Remove sub-groups** button, in the top right hand section of your Groups pages. -DevOps Adoption allows you to: +With DevOps Adoption you can: - Verify whether you are getting the return on investment that you expected from GitLab. - Identify specific sub-groups that are lagging in their adoption of GitLab so you can help them along in their DevOps journey. @@ -40,21 +43,79 @@ DevOps Adoption allows you to:  -## Enable or disable Group DevOps Adoption **(ULTIMATE)** +## Enable data processing + +Group DevOps Adoption relies on data that has been gathered by a weekly data processing task. +This task is disabled by default. + +To begin using Group DevOps Adoption, access the feature for the first time. GitLab automatically +enables the data processing for that group. The group data doesn't appear immediately, because +GitLab requires around a minute to process it. + +## What is displayed + +DevOps Adoption displays feature adoption data for the given group +and any added sub-groups for the current calendar month. +Each group appears as a separate row in the table. +For each row, a feature is considered "adopted" if it has been used in a project in the given group +during the time period (including projects in any sub-groups of the given group). + +You should expect adoption to be lower at the beginning of the month, +before you have had an opportunity to use all the features listed in the table. + +In the future [we plan to implement](https://gitlab.com/gitlab-org/gitlab/-/issues/329708) +a rolling 30-day perspective instead. + +## When is a feature considered adopted + +A feature is considered "adopted" if it has been used anywhere in the group in the specified time. +For example, if an issue was created in one project in a group, the group is considered to have +"adopted" issues in that time. + +## No penalties for common adoption patterns + +DevOps Adoption is designed not to penalize for any circumstances or practices that are common in DevOps. +Following this guideline, GitLab doesn't penalize for: + +1. Having dormant projects. It's common for groups to have a mix of active and dormant projects, + so we should not consider adoption to be low if there are relatively many dormant projects. + This means we should not measure adoption by how many projects in the group have used a feature, + only by whether a feature was used anywhere in the group. +1. GitLab adding new features over time. It's common for group feature usage to be consistent + over time, so we should not consider adoption to have decreased if GitLab adds features. + This means we should not measure adoption by percentages, only total counts. + +## Add a sub-group + +DevOps Adoption can also display data for sub-groups within the given group, +to show you differences in adoption across the group. +To add a sub-group to your Group DevOps Adoption report: + +1. Select **Add/remove sub-groups**. +1. Select the sub-group you want to add and select **Save changes**. + +The sub-group data might not appear immediately, because GitLab requires around a minute to collect +the data. + +Please note that the sub-group data might not appear immediately, +because GitLab requires a few moments to collect the data. +Generally the data will be visible in less than one minute. + +## Enable or disable Group DevOps Adoption **(ULTIMATE SELF)** Group DevOps Adoption is under development and not ready for production use. It is -deployed behind a feature flag that is **disabled by default**. +deployed behind a feature flag that is **enabled by default**. [GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) -can enable it. +can disable it. -To enable it: +To disable it: ```ruby -Feature.enable(:group_devops_adoption) +Feature.disable(:group_devops_adoption) ``` -To disable it: +To re-enable it: ```ruby -Feature.disable(:group_devops_adoption) +Feature.enable(:group_devops_adoption) ``` diff --git a/doc/user/group/epics/img/epic_board_v13_10.png b/doc/user/group/epics/img/epic_board_v13_10.png Binary files differindex 5a14d9288d3..85a131ea605 100644 --- a/doc/user/group/epics/img/epic_board_v13_10.png +++ b/doc/user/group/epics/img/epic_board_v13_10.png diff --git a/doc/user/group/epics/img/epic_view_roadmap_v12_9.png b/doc/user/group/epics/img/epic_view_roadmap_v12_9.png Binary files differindex 035adc5e7ac..e8224ced7e9 100644 --- a/doc/user/group/epics/img/epic_view_roadmap_v12_9.png +++ b/doc/user/group/epics/img/epic_view_roadmap_v12_9.png diff --git a/doc/user/group/epics/img/epic_view_v13.0.png b/doc/user/group/epics/img/epic_view_v13.0.png Binary files differdeleted file mode 100644 index b25a91d318a..00000000000 --- a/doc/user/group/epics/img/epic_view_v13.0.png +++ /dev/null diff --git a/doc/user/group/epics/img/new_epic_from_groups_v13.7.png b/doc/user/group/epics/img/new_epic_from_groups_v13.7.png Binary files differdeleted file mode 100644 index 3607d5c7a3f..00000000000 --- a/doc/user/group/epics/img/new_epic_from_groups_v13.7.png +++ /dev/null diff --git a/doc/user/group/epics/index.md b/doc/user/group/epics/index.md index 12377b3926d..0608ff38db1 100644 --- a/doc/user/group/epics/index.md +++ b/doc/user/group/epics/index.md @@ -8,57 +8,27 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Epics **(PREMIUM)** > - Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 10.2. -> - Single-level Epics [were moved](https://gitlab.com/gitlab-org/gitlab/-/issues/37081) to [GitLab Premium](https://about.gitlab.com/pricing/) in 12.8. +> - Single-level epics [were moved](https://gitlab.com/gitlab-org/gitlab/-/issues/37081) to [GitLab Premium](https://about.gitlab.com/pricing/) in 12.8. -Epics let you manage your portfolio of projects more efficiently by tracking groups of [issues](../../project/issues/index.md) -that share a theme across projects and milestones. +When [issues](../../project/issues/index.md) share a theme across projects and milestones, +you can manage them by using epics. -An epic's page contains the following tabs: +You can also create child epics, and assign start and end dates, +which creates a visual roadmap for you to view progress. -- **Issues**: issues added to this epic. -- **Epics and Issues**: epics and issues added to this epic. - Appears instead of the **Issues** tab if you have access to [multi-level epics](#multi-level-child-epics). - Child epics and their issues are shown in a tree view. +Use epics: - - To reveal the child epics and issues, select the chevron (**>**) next to a parent epic. - - To see a breakdown of open and closed items, hover over the total counts. - - The number provided here includes all epics associated with this project. The number includes - epics for which users may not yet have permission. - -- [**Roadmap**](#roadmap-in-epics): a roadmap view of child epics which have start and due dates. - Appears if you have access to [multi-level epics](#multi-level-child-epics). - - - -## Use cases - -- Suppose your team is working on a large feature that involves multiple discussions throughout different issues created in distinct projects within a [Group](../index.md). With Epics, you can track all the related activities that together contribute to that single feature. -- Track when the work for the group of issues is targeted to begin, and when it's targeted to end. -- Discuss and collaborate on feature ideas and scope at a high level. - -## Manage epics - -To learn what you can do with an epic, see [Manage epics](manage_epics.md). Possible actions include: - -- [Create an epic](manage_epics.md#create-an-epic) -- [Edit an epic](manage_epics.md#edit-an-epic) -- [Bulk-edit epics](../bulk_editing/index.md#bulk-edit-epics) -- [Delete an epic](manage_epics.md#delete-an-epic) -- [Close an epic](manage_epics.md#close-an-epic) -- [Reopen a closed epic](manage_epics.md#reopen-a-closed-epic) -- [Go to an epic from an issue](manage_epics.md#go-to-an-epic-from-an-issue) -- [Search for an epic from epics list page](manage_epics.md#search-for-an-epic-from-epics-list-page) -- [Make an epic confidential](manage_epics.md#make-an-epic-confidential) -- [Manage issues assigned to an epic](manage_epics.md#manage-issues-assigned-to-an-epic) -- [Manage multi-level child epics **(ULTIMATE)**](manage_epics.md#manage-multi-level-child-epics) +- When your team is working on a large feature that involves multiple discussions + in different issues in different projects in a [group](../index.md). +- To track when the work for the group of issues is targeted to begin and end. +- To discuss and collaborate on feature ideas and scope at a high level. ## Relationships between epics and issues The possible relationships between epics and issues are: - An epic is the parent of one or more issues. -- An epic is the parent of one or more child epics. For details see [Multi-level child epics](#multi-level-child-epics). **(ULTIMATE)** +- An epic is the parent of one or more child epics. For details see [Multi-level child epics](manage_epics.md#multi-level-child-epics). ```mermaid graph TD @@ -67,72 +37,13 @@ graph TD Child_epic --> Issue2 ``` -See [Manage issues assigned to an epic](manage_epics.md#manage-issues-assigned-to-an-epic) for steps -to: - -- Add an issue to an epic -- Reorder issues -- Move an issue between epics -- Promote an issue to an epic - -## Issue health status in Epic tree **(ULTIMATE)** - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/199184) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.10. -> - The health status of a closed issue [is hidden](https://gitlab.com/gitlab-org/gitlab/-/issues/220867) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.3 or later. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/213567) in GitLab 13.7. - -Report or respond to the health of issues and epics by setting a red, amber, or green [health status](../../project/issues/managing_issues.md#health-status), which then appears on your Epic tree. - -## Multi-level child epics **(ULTIMATE)** - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/8333) in GitLab Ultimate 11.7. - -Any epic that belongs to a group, or subgroup of the parent epic's group, is eligible to be added. -New child epics appear at the top of the list of epics in the **Epics and Issues** tab. - -When you add an epic that's already linked to a parent epic, the link to its current parent is removed. - -An epic can have multiple child epics up to the maximum depth of seven. - -See [Manage multi-level child epics](manage_epics.md#manage-multi-level-child-epics) for -steps to create, move, reorder, or delete child epics. - -## Start date and due date - -To set a **Start date** and **Due date** for an epic, select one of the following: - -- **Fixed**: enter a fixed value. -- **Inherited**: inherit a dynamic value from the epic's issues, child epics, and milestones. - -### Inherited - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7332) in GitLab 12.5 to replace **From milestones**. - -If you select **Inherited**: - -- For the **start date**: GitLab scans all child epics and issues assigned to the epic, - and sets the start date to match the earliest found start date or milestone. -- For the **due date**: GitLab sets the due date to match the latest due date or - milestone found among its child epics and issues. - -These are dynamic dates and recalculated if any of the following occur: - -- A child epic's dates change. -- Milestones are reassigned to an issue. -- A milestone's dates change. -- Issues are added to, or removed from, the epic. - -Because the epic's dates can inherit dates from its children, the start date and due date propagate from the bottom to the top. -If the start date of a child epic on the lowest level changes, that becomes the earliest possible start date for its parent epic. -The parent epic's start date then reflects this change and propagates upwards to the top epic. - ## Roadmap in epics **(ULTIMATE)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7327) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.10. -If your epic contains one or more [child epics](#multi-level-child-epics) which -have a [start or due date](#start-date-and-due-date), a -[roadmap](../roadmap/index.md) view of the child epics is listed under the parent epic. +If your epic contains one or more [child epics](manage_epics.md#multi-level-child-epics) that +have a start or due date, a visual +[roadmap](../roadmap/index.md) of the child epics is listed under the parent epic.  @@ -144,45 +55,19 @@ epic's issue list. If you have access to edit an epic and an issue added to that epic, you can add the issue to or remove it from the epic. -Note that for a given group, the visibility of all projects must be the same as +For a given group, the visibility of all projects must be the same as the group, or less restrictive. That means if you have access to a group's epic, then you already have access to its projects' issues. You can also consult the [group permissions table](../../permissions.md#group-members-permissions). -## Thread - -- Comments: collaborate on that epic by posting comments in its thread. - These text fields also fully support - [GitLab Flavored Markdown](../../markdown.md#gitlab-flavored-markdown). - -## Comment or start a thread - -Once you write your comment, you can either: - -- Click **Comment** to publish your comment. -- Click **Start thread** to start a thread within that epic's discussion. - -### Activity sort order - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214364) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.2. - -You can reverse the default order and interact with the activity feed sorted by most recent items -at the top. Your preference is saved via local storage and automatically applied to every issue -you view. - -To change the activity sort order, click the **Oldest first** dropdown menu and select either oldest -or newest items to be shown first. - - - -## Award emoji - -You can [award an emoji](../../award_emojis.md) to that epic or its comments. - -## Notifications +## Related topics -You can [turn on notifications](../../profile/notifications.md) to be alerted about epic events. +- [Manage epics](manage_epics.md) and multi-level child epics. +- [Turn on notifications](../../profile/notifications.md) for about epic events. +- [Award an emoji](../../award_emojis.md) to an epic or its comments. +- Collaborate on an epic by posting comments in a [thread](../../discussions/index.md). +- Use [health status](../../project/issues/managing_issues.md#health-status) to track your progress. <!-- ## Troubleshooting diff --git a/doc/user/group/epics/manage_epics.md b/doc/user/group/epics/manage_epics.md index 1999e5ba214..7bb021b4b1f 100644 --- a/doc/user/group/epics/manage_epics.md +++ b/doc/user/group/epics/manage_epics.md @@ -16,28 +16,46 @@ to them. > - The New Epic form [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211533) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.2. > - In [GitLab 13.7](https://gitlab.com/gitlab-org/gitlab/-/issues/229621) and later, the New Epic button on the Epics list opens the New Epic form. -> - In [GitLab 13.9](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45948) and later, you can create a new epic from an empty Roadmap. +> - In [GitLab 13.9](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45948) and later, you can create a new epic from an empty roadmap. To create an epic in the group you're in: 1. Get to the New Epic form: - - From the **Epics** list in your group, select **New epic**. + - Go to your group and from the left sidebar select **Epics**. Then select **New epic**. - From an epic in your group, select **New epic**. - From anywhere, in the top menu, select **New...** (**{plus-square}**) **> New epic**. - In an empty [roadmap](../roadmap/index.md), select **New epic**. -  +1. Enter a title. +1. Optional. Enter a description. +1. Optional. To make the epic confidential, select the [Confidentiality checkbox](#make-an-epic-confidential). +1. Optional. Choose labels. +1. Optional. Select a start and due date, or [inherit](#start-and-due-date-inheritance) them. +1. Select **Create epic**. -1. Fill in these fields: +The newly created epic opens. - - Title - - Description - - [Confidentiality checkbox](#make-an-epic-confidential) - - Labels - - Start date - - Due date +### Start and due date inheritance -1. Select **Create epic**. You are taken to view the newly created epic. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7332) in GitLab 12.5 to replace **From milestones**. + +If you select **Inherited**: + +- For the **start date**: GitLab scans all child epics and issues assigned to the epic, + and sets the start date to match the earliest found start date or milestone. +- For the **due date**: GitLab sets the due date to match the latest due date or + milestone found among its child epics and issues. + +These are dynamic dates and recalculated if any of the following occur: + +- A child epic's dates change. +- Milestones are reassigned to an issue. +- A milestone's dates change. +- Issues are added to, or removed from, the epic. + +Because the epic's dates can inherit dates from its children, the start date and due date propagate from the bottom to the top. +If the start date of a child epic on the lowest level changes, that becomes the earliest possible start date for its parent epic. +The parent epic's start date then reflects this change and propagates upwards to the top epic. ## Edit an epic @@ -55,15 +73,26 @@ To edit an epic's title or description: 1. Make your changes. 1. Select **Save changes**. -To edit an epics' start date, due date, or labels: +To edit an epic's start date, due date, or labels: 1. Select **Edit** next to each section in the epic sidebar. 1. Select the dates or labels for your epic. -## Bulk-edit epics +## Bulk edit epics + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7250) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2. -You can edit multiple epics at once. To learn how to do it, visit -[Bulk editing issues, epics, and merge requests at the group level](../bulk_editing/index.md#bulk-edit-epics). +Users with permission level of [Reporter or higher](../../permissions.md) can manage epics. + +When bulk editing epics in a group, you can edit their labels. + +To update multiple epics at the same time: + +1. In a group, go to **Epics > List**. +1. Click **Edit epics**. A sidebar on the right-hand side of your screen appears with editable fields. +1. Check the checkboxes next to each epic you want to edit. +1. Select the appropriate fields and their values from the sidebar. +1. Click **Update all**. ## Delete an epic @@ -140,6 +169,19 @@ The sort option and order is saved and used wherever you browse epics, including  +## Change activity sort order + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214364) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.2. + +You can reverse the default order and interact with the activity feed sorted by most recent items +at the top. Your preference is saved via local storage and automatically applied to every epic and issue +you view. + +To change the activity sort order, click the **Oldest first** dropdown menu and select either oldest +or newest items to be shown first. + + + ## Make an epic confidential > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213068) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.0 behind a feature flag, disabled by default. @@ -162,6 +204,13 @@ To make an epic confidential: This section collects instructions for all the things you can do with [issues](../../project/issues/index.md) in relation to epics. +### View count of issues in an epic + +On the **Epics and Issues** tab, under each epic name, hover over the total counts. + +The number indicates all epics associated with the project, including issues +you might not have permission to. + ### Add a new issue to an epic You can add an existing issue to an epic, or create a new issue that's @@ -275,7 +324,16 @@ For an introduction to epic templates, see [GitLab Epics and Epic Template Tip]( For more on epic templates, see [Epic Templates - Repeatable sets of issues](https://about.gitlab.com/handbook/marketing/strategic-marketing/getting-started/104/). -## Manage multi-level child epics **(ULTIMATE)** +## Multi-level child epics **(ULTIMATE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/8333) in GitLab Ultimate 11.7. + +You can add any epic that belongs to a group or subgroup of the parent epic's group. +New child epics appear at the top of the list of epics in the **Epics and Issues** tab. + +When you add an epic that's already linked to a parent epic, the link to its current parent is removed. + +Epics can contain multiple nested child epics, up to a total of seven levels deep. ### Add a child epic to an epic diff --git a/doc/user/group/import/index.md b/doc/user/group/import/index.md index e84e35607e3..14464ff1a5f 100644 --- a/doc/user/group/import/index.md +++ b/doc/user/group/import/index.md @@ -8,13 +8,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Import groups from another instance of GitLab **(FREE)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/249160) in GitLab 13.7. -> - It's [deployed behind a feature flag](../../feature_flags.md), disabled by default. -> - It's enabled on GitLab.com. - -## Overview +> - [Deployed behind a feature flag](../../feature_flags.md), disabled by default. +> - Enabled on GitLab.com. WARNING: -This feature is [under construction](https://gitlab.com/groups/gitlab-org/-/epics/2771) and currently migrates only some of the Group data. Please see below for the full list of what is included in the migration at this time. +This feature is [under construction](https://gitlab.com/groups/gitlab-org/-/epics/2771), and migrates only some of the group data. Refer to the following information for the list of what's included in the migration. Using GitLab Group Migration, you can migrate existing top-level groups from GitLab.com or a self-managed instance. Groups can be migrated to a target instance, as a top-level group, or as a subgroup of any existing top-level group. diff --git a/doc/user/group/index.md b/doc/user/group/index.md index d070277beed..7f2e502b94b 100644 --- a/doc/user/group/index.md +++ b/doc/user/group/index.md @@ -216,9 +216,8 @@ There are two different ways to add a new project to a group: ### Specify who can add projects to a group -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/2534) in [GitLab Premium](https://about.gitlab.com/pricing/) 10.5. -> - Brought to [GitLab Starter](https://about.gitlab.com/pricing/) in 10.7. -> - [Moved](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/25975) to [GitLab Free](https://about.gitlab.com/pricing/) in 11.10. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/2534) in GitLab Premium 10.5. +> - [Moved](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/25975) to GitLab Free in 11.10. By default, [Developers and Maintainers](../permissions.md#group-members-permissions) can create projects under a group. @@ -233,7 +232,7 @@ To change this setting globally, see [Default project creation protection](../ad ## Group activity analytics **(PREMIUM)** -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207164) in GitLab [Starter](https://about.gitlab.com/pricing/) 12.10 as +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207164) in GitLab 12.10 as a [beta feature](https://about.gitlab.com/handbook/product/#beta). For a group, you can view how many merge requests, issues, and members were created in the last 90 days. @@ -262,7 +261,7 @@ In GitLab 13.11, you can [replace this form with a modal window](#share-a-group- Similar to how you [share a project with a group](../project/members/share_project_with_groups.md), you can share a group with another group. Members get direct access -to the shared group. This is not valid for inherited members. +to the shared group. This includes members who inherited group membership from a parent group. To share a given group, for example, `Frontend` with another group, for example, `Engineering`: @@ -577,7 +576,8 @@ To disable group mentions: ## Enable delayed project removal **(PREMIUM)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/220382) in GitLab 13.2. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/220382) in GitLab 13.2. +> - [Inheritance and enforcement added](https://gitlab.com/gitlab-org/gitlab/-/issues/321724) in GitLab 13.11. By default, projects in a group are deleted immediately. Optionally, on [Premium](https://about.gitlab.com/pricing/) or higher tiers, @@ -591,10 +591,11 @@ To enable delayed deletion of projects: 1. Go to the group's **Settings > General** page. 1. Expand the **Permissions, LFS, 2FA** section. 1. Check **Enable delayed project removal**. +1. Optional. To prevent subgroups from changing this setting, select **Enforce for all subgroups**. 1. Select **Save changes**. NOTE: -The group setting for delayed deletion is not inherited by subgroups and has to be individually defined for each group. +In GitLab 13.11 and above the group setting for delayed project removal is inherited by subgroups. As discussed in [Cascading settings](../../development/cascading_settings.md) inheritance can be overridden, unless enforced by an ancestor. ## Prevent project forking outside group **(PREMIUM)** @@ -617,7 +618,7 @@ To enable prevent project forking: ## Group push rules **(PREMIUM)** -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/34370) in [GitLab Starter](https://about.gitlab.com/pricing/) 12.8. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/34370) in GitLab 12.8. > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/224129) in GitLab 13.4. Group push rules allow group maintainers to set @@ -643,9 +644,6 @@ The group's new subgroups have push rules set for them based on either: and issues) of group members. **(PREMIUM)** - [Issue analytics](issues_analytics/index.md): View a bar chart of your group's number of issues per month. **(PREMIUM)** - Use GitLab as a [dependency proxy](../packages/dependency_proxy/index.md) for upstream Docker images. -- [DORA4 Project Analytics API](../../api/dora4_group_analytics.md): View deployment frequency analytics. - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/291747) in GitLab Ultimate 13.9 as a - [Beta feature](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta). **(ULTIMATE SELF)** - [Epics](epics/index.md): Track groups of issues that share a theme. **(ULTIMATE)** - [Security Dashboard](../application_security/security_dashboard/index.md): View the vulnerabilities of all the projects in a group and its subgroups. **(ULTIMATE)** diff --git a/doc/user/group/insights/img/insights_example_stacked_bar_chart_v13_11.png b/doc/user/group/insights/img/insights_example_stacked_bar_chart_v13_11.png Binary files differindex 1ef49191a13..ff18a3e86a5 100644 --- a/doc/user/group/insights/img/insights_example_stacked_bar_chart_v13_11.png +++ b/doc/user/group/insights/img/insights_example_stacked_bar_chart_v13_11.png diff --git a/doc/user/group/issues_analytics/img/issues_created_per_month_v12_8.png b/doc/user/group/issues_analytics/img/issues_created_per_month_v12_8.png Binary files differdeleted file mode 100644 index fccfa949779..00000000000 --- a/doc/user/group/issues_analytics/img/issues_created_per_month_v12_8.png +++ /dev/null diff --git a/doc/user/group/issues_analytics/img/issues_created_per_month_v12_8_a.png b/doc/user/group/issues_analytics/img/issues_created_per_month_v12_8_a.png Binary files differnew file mode 100644 index 00000000000..5994cbfa401 --- /dev/null +++ b/doc/user/group/issues_analytics/img/issues_created_per_month_v12_8_a.png diff --git a/doc/user/group/issues_analytics/index.md b/doc/user/group/issues_analytics/index.md index 97f62becdb6..20b8e4b0583 100644 --- a/doc/user/group/issues_analytics/index.md +++ b/doc/user/group/issues_analytics/index.md @@ -31,7 +31,7 @@ You can change the total number of months displayed by setting a URL parameter. For example, `https://gitlab.com/groups/gitlab-org/-/issues_analytics?months_back=15` shows a total of 15 months for the chart in the GitLab.org group. - + ## Drill into the information diff --git a/doc/user/group/roadmap/img/roadmap_filters_v13_11.png b/doc/user/group/roadmap/img/roadmap_filters_v13_11.png Binary files differindex d2a76b4edce..e45c7b2b5dd 100644 --- a/doc/user/group/roadmap/img/roadmap_filters_v13_11.png +++ b/doc/user/group/roadmap/img/roadmap_filters_v13_11.png diff --git a/doc/user/group/roadmap/img/roadmap_view_v13_2.png b/doc/user/group/roadmap/img/roadmap_view_v13_2.png Binary files differindex b4f889afaa4..94cf2258569 100644 --- a/doc/user/group/roadmap/img/roadmap_view_v13_2.png +++ b/doc/user/group/roadmap/img/roadmap_view_v13_2.png diff --git a/doc/user/group/saml_sso/group_managed_accounts.md b/doc/user/group/saml_sso/group_managed_accounts.md index a9b1901bc8c..d62b569a795 100644 --- a/doc/user/group/saml_sso/group_managed_accounts.md +++ b/doc/user/group/saml_sso/group_managed_accounts.md @@ -104,9 +104,11 @@ This expiration date is not a requirement, and can be set to any arbitrary date. Since personal access tokens are the only token needed for programmatic access to GitLab, organizations with security requirements may want to enforce more protection to require regular rotation of these tokens. -### Setting a limit +### Set a limit -Only a GitLab administrator or an owner of a group-managed account can set a limit. When this field is left empty, the [instance-level restriction](../../admin_area/settings/account_and_limit_settings.md#limiting-lifetime-of-personal-access-tokens) on the lifetime of personal access tokens apply. +Only a GitLab administrator or an owner of a group-managed account can set a limit. When this field +is left empty, the [instance-level restriction](../../admin_area/settings/account_and_limit_settings.md#limit-the-lifetime-of-personal-access-tokens) +on the lifetime of personal access tokens apply. To set a limit on how long personal access tokens are valid for users in a group managed account: diff --git a/doc/user/group/saml_sso/img/group_saml_settings_v13_12.png b/doc/user/group/saml_sso/img/group_saml_settings_v13_12.png Binary files differnew file mode 100644 index 00000000000..2271f281655 --- /dev/null +++ b/doc/user/group/saml_sso/img/group_saml_settings_v13_12.png diff --git a/doc/user/group/saml_sso/img/group_saml_settings_v13_3.png b/doc/user/group/saml_sso/img/group_saml_settings_v13_3.png Binary files differdeleted file mode 100644 index f6450c7c1ba..00000000000 --- a/doc/user/group/saml_sso/img/group_saml_settings_v13_3.png +++ /dev/null diff --git a/doc/user/group/saml_sso/img/saml_group_links_nav_v13_6.png b/doc/user/group/saml_sso/img/saml_group_links_nav_v13_6.png Binary files differdeleted file mode 100644 index c1980b24a6d..00000000000 --- a/doc/user/group/saml_sso/img/saml_group_links_nav_v13_6.png +++ /dev/null diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md index f2f28046443..1864547c57f 100644 --- a/doc/user/group/saml_sso/index.md +++ b/doc/user/group/saml_sso/index.md @@ -66,6 +66,9 @@ the user details need to be passed to GitLab as SAML assertions. At a minimum, the user's email address *must* be specified as an assertion named `email` or `mail`. See [the assertions list](../../../integration/saml.md#assertions) for other available claims. +NOTE: +The `username` assertion is not supported for GitLab.com SaaS integrations. + ### Metadata configuration GitLab provides metadata XML that can be used to configure your identity provider. @@ -82,21 +85,21 @@ After you set up your identity provider to work with GitLab, you must configure 1. Find the SSO URL from your identity provider and enter it the **Identity provider single sign-on URL** field. 1. Find and enter the fingerprint for the SAML token signing certificate in the **Certificate** field. 1. Select the access level to be applied to newly added users in the **Default membership role** field. The default access level is 'Guest'. -1. Select the **Enable SAML authentication for this group** toggle switch. +1. Select the **Enable SAML authentication for this group** checkbox. 1. Select the **Save changes** button. - + NOTE: Please note that the certificate [fingerprint algorithm](../../../integration/saml.md#notes-on-configuring-your-identity-provider) must be in SHA1. When configuring the identity provider, use a secure signature algorithm. ### SSO enforcement -- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5291) in GitLab 11.8. -- [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/9255) in GitLab 11.11 with ongoing enforcement in the GitLab UI. -- [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/292811) in GitLab 13.8, with an updated timeout experience. -- [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/211962) in GitLab 13.8 with allowing group owners to not go through SSO. -- [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/9152) in GitLab 13.11 with enforcing open SSO session to use Git if this setting is switched on. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5291) in GitLab 11.8. +> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/9255) in GitLab 11.11 with ongoing enforcement in the GitLab UI. +> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/292811) in GitLab 13.8, with an updated timeout experience. +> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/211962) in GitLab 13.8 with allowing group owners to not go through SSO. +> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/9152) in GitLab 13.11 with enforcing open SSO session to use Git if this setting is switched on. With this option enabled, users (except owners) must go through your group's GitLab single sign-on URL if they wish to access group resources through the UI. Users can't be manually added as members. @@ -322,11 +325,9 @@ Ensure your SAML identity provider sends an attribute statement named `Groups` o ``` When SAML SSO is enabled for the top-level group, `Maintainer` and `Owner` level users -see a new menu item in group **Settings -> SAML Group Links**. Each group (parent or subgroup) can specify +see a new menu item in group **Settings > SAML Group Links**. Each group (parent or subgroup) can specify one or more group links to map a SAML identity provider group name to a GitLab access level. - - To link the SAML `Freelancers` group in the attribute statement example above: 1. Enter `Freelancers` in the `SAML Group Name` field. diff --git a/doc/user/group/saml_sso/scim_setup.md b/doc/user/group/saml_sso/scim_setup.md index 7bf54aea60e..65b3e2d095d 100644 --- a/doc/user/group/saml_sso/scim_setup.md +++ b/doc/user/group/saml_sso/scim_setup.md @@ -71,7 +71,7 @@ your SAML configuration differs from [the recommended SAML settings](index.md#az modify the corresponding `customappsso` settings accordingly. If a mapping is not listed in the table, use the Azure defaults. -| Azure Active Directory Attribute | customappsso Attribute | Matching precedence | +| Azure Active Directory Attribute | `customappsso` Attribute | Matching precedence | | -------------------------------- | ---------------------- | -------------------- | | `objectId` | `externalId` | 1 | | `userPrincipalName` | `emails[type eq "work"].value` | | @@ -129,11 +129,11 @@ configuration. Otherwise, the Okta SCIM app may not work properly. - For **API Token** enter the SCIM token obtained from the GitLab SCIM configuration page 1. Click 'Test API Credentials' to verify configuration. 1. Click **Save** to apply the settings. -1. After saving the API integration details, new settings tabs will appear on the left. Choose **To App**. +1. After saving the API integration details, new settings tabs appear on the left. Choose **To App**. 1. Click **Edit**. 1. Check the box to **Enable** for both **Create Users** and **Deactivate Users**. 1. Click **Save**. -1. Assign users in the **Assignments** tab. Assigned users will be created and +1. Assign users in the **Assignments** tab. Assigned users are created and managed in your GitLab group. #### Okta Known Issues @@ -212,7 +212,7 @@ Ensure that the user has been added to the SCIM app. If you receive "User is not linked to a SAML account", then most likely the user already exists in GitLab. Have the user follow the [User access and linking setup](#user-access-and-linking-setup) instructions. -The **Identity** (`extern_uid`) value stored by GitLab is updated by SCIM whenever `id` or `externalId` changes. Users won't be able to sign in unless the GitLab Identity (`extern_uid`) value matches the `NameId` sent by SAML. +The **Identity** (`extern_uid`) value stored by GitLab is updated by SCIM whenever `id` or `externalId` changes. Users cannot sign in unless the GitLab Identity (`extern_uid`) value matches the `NameId` sent by SAML. This value is also used by SCIM to match users on the `id`, and is updated by SCIM whenever the `id` or `externalId` values change. @@ -242,9 +242,9 @@ you can address the problem in the following ways: - You can have users unlink and relink themselves, based on the ["SAML authentication failed: User has already been taken"](index.md#message-saml-authentication-failed-user-has-already-been-taken) section. - You can unlink all users simultaneously, by removing all users from the SAML app while provisioning is turned on. - It may be possible to use the [SCIM API](../../../api/scim.md#update-a-single-scim-provisioned-user) to manually correct the `externalId` stored for users to match the SAML `NameId`. - To look up a user, you'll need to know the desired value that matches the `NameId` as well as the current `externalId`. + To look up a user, you need to know the desired value that matches the `NameId` as well as the current `externalId`. -It is important not to update these to incorrect values, since this will cause users to be unable to sign in. It is also important not to assign a value to the wrong user, as this would cause users to get signed into the wrong account. +It is important not to update these to incorrect values, since this causes users to be unable to sign in. It is also important not to assign a value to the wrong user, as this causes users to get signed into the wrong account. ### I need to change my SCIM app diff --git a/doc/user/group/settings/import_export.md b/doc/user/group/settings/import_export.md index bb7c1e26544..5d375e2abd9 100644 --- a/doc/user/group/settings/import_export.md +++ b/doc/user/group/settings/import_export.md @@ -29,7 +29,7 @@ To enable GitLab import/export: Note the following: -- Exports are stored in a temporary [shared directory](../../../development/shared_files.md) and are deleted every 24 hours by a specific worker. +- Exports are stored in a temporary directory and are deleted every 24 hours by a specific worker. - To preserve group-level relationships from imported projects, run the Group Import/Export first, to allow projects to be imported into the desired group structure. - Imported groups are given a `private` visibility level, unless imported into a parent group. @@ -71,7 +71,7 @@ For more details on the specific data persisted in a group export, see the  1. After the export is generated, you should receive an e-mail with a link to the [exported contents](#exported-contents) - in a compressed tar archive, with contents in JSON format. + in a compressed tar archive, with contents in NDJSON format. 1. Alternatively, you can come back to the project settings and download the file from there by clicking **Download export**, or generate a new file by clicking **Regenerate export**. @@ -109,6 +109,14 @@ on an existing group's page. ## Version history +### 14.0+ + +In GitLab 14.0, the JSON format is no longer supported for project and group exports. To allow for a +transitional period, you can still import any JSON exports. The new format for imports and exports +is NDJSON. + +### 13.0+ + GitLab can import bundles that were exported from a different GitLab deployment. This ability is limited to two previous GitLab [minor](../../../policy/maintenance.md#versioning) releases, which is similar to our process for [Security Releases](../../../policy/maintenance.md#security-releases). diff --git a/doc/user/group/value_stream_analytics/img/delete_value_stream_v13_12.png b/doc/user/group/value_stream_analytics/img/delete_value_stream_v13_12.png Binary files differnew file mode 100644 index 00000000000..c02f259ae8c --- /dev/null +++ b/doc/user/group/value_stream_analytics/img/delete_value_stream_v13_12.png diff --git a/doc/user/group/value_stream_analytics/img/delete_value_stream_v13_4.png b/doc/user/group/value_stream_analytics/img/delete_value_stream_v13_4.png Binary files differdeleted file mode 100644 index c97fcb76343..00000000000 --- a/doc/user/group/value_stream_analytics/img/delete_value_stream_v13_4.png +++ /dev/null diff --git a/doc/user/group/value_stream_analytics/img/extended_value_stream_form_v13_10.png b/doc/user/group/value_stream_analytics/img/extended_value_stream_form_v13_10.png Binary files differdeleted file mode 100644 index e2752ad1157..00000000000 --- a/doc/user/group/value_stream_analytics/img/extended_value_stream_form_v13_10.png +++ /dev/null diff --git a/doc/user/group/value_stream_analytics/img/label_based_stage_vsm_v12_9.png b/doc/user/group/value_stream_analytics/img/label_based_stage_vsm_v12_9.png Binary files differdeleted file mode 100644 index 84ce33aece5..00000000000 --- a/doc/user/group/value_stream_analytics/img/label_based_stage_vsm_v12_9.png +++ /dev/null diff --git a/doc/user/group/value_stream_analytics/img/new_value_stream_v13_12.png b/doc/user/group/value_stream_analytics/img/new_value_stream_v13_12.png Binary files differnew file mode 100644 index 00000000000..b2b6ce04a14 --- /dev/null +++ b/doc/user/group/value_stream_analytics/img/new_value_stream_v13_12.png diff --git a/doc/user/group/value_stream_analytics/img/new_value_stream_v13_3.png b/doc/user/group/value_stream_analytics/img/new_value_stream_v13_3.png Binary files differdeleted file mode 100644 index bc8502e85a6..00000000000 --- a/doc/user/group/value_stream_analytics/img/new_value_stream_v13_3.png +++ /dev/null diff --git a/doc/user/group/value_stream_analytics/img/new_vsm_stage_v12_9.png b/doc/user/group/value_stream_analytics/img/new_vsm_stage_v12_9.png Binary files differdeleted file mode 100644 index dbef25d33ed..00000000000 --- a/doc/user/group/value_stream_analytics/img/new_vsm_stage_v12_9.png +++ /dev/null diff --git a/doc/user/group/value_stream_analytics/img/vsa_filter_bar_v13_12.png b/doc/user/group/value_stream_analytics/img/vsa_filter_bar_v13_12.png Binary files differnew file mode 100644 index 00000000000..ee0d007a778 --- /dev/null +++ b/doc/user/group/value_stream_analytics/img/vsa_filter_bar_v13_12.png diff --git a/doc/user/group/value_stream_analytics/img/vsa_filter_bar_v13_3.png b/doc/user/group/value_stream_analytics/img/vsa_filter_bar_v13_3.png Binary files differdeleted file mode 100644 index 506765f63cb..00000000000 --- a/doc/user/group/value_stream_analytics/img/vsa_filter_bar_v13_3.png +++ /dev/null diff --git a/doc/user/group/value_stream_analytics/img/vsa_label_based_stage_v14_0.png b/doc/user/group/value_stream_analytics/img/vsa_label_based_stage_v14_0.png Binary files differnew file mode 100644 index 00000000000..1f47670462c --- /dev/null +++ b/doc/user/group/value_stream_analytics/img/vsa_label_based_stage_v14_0.png diff --git a/doc/user/group/value_stream_analytics/img/vsa_overview_stage_v13_11.png b/doc/user/group/value_stream_analytics/img/vsa_overview_stage_v13_11.png Binary files differnew file mode 100644 index 00000000000..7d47003972c --- /dev/null +++ b/doc/user/group/value_stream_analytics/img/vsa_overview_stage_v13_11.png diff --git a/doc/user/group/value_stream_analytics/img/vsa_stage_table_v13_12.png b/doc/user/group/value_stream_analytics/img/vsa_stage_table_v13_12.png Binary files differnew file mode 100644 index 00000000000..24d485306be --- /dev/null +++ b/doc/user/group/value_stream_analytics/img/vsa_stage_table_v13_12.png diff --git a/doc/user/group/value_stream_analytics/img/vsa_time_metrics_v13_0.png b/doc/user/group/value_stream_analytics/img/vsa_time_metrics_v13_0.png Binary files differdeleted file mode 100644 index 799a81584a0..00000000000 --- a/doc/user/group/value_stream_analytics/img/vsa_time_metrics_v13_0.png +++ /dev/null diff --git a/doc/user/group/value_stream_analytics/img/vsa_time_metrics_v13_12.png b/doc/user/group/value_stream_analytics/img/vsa_time_metrics_v13_12.png Binary files differnew file mode 100644 index 00000000000..63bae51afef --- /dev/null +++ b/doc/user/group/value_stream_analytics/img/vsa_time_metrics_v13_12.png diff --git a/doc/user/group/value_stream_analytics/img/vsm_stage_list_v12_9.png b/doc/user/group/value_stream_analytics/img/vsm_stage_list_v12_9.png Binary files differdeleted file mode 100644 index 3b50dd48543..00000000000 --- a/doc/user/group/value_stream_analytics/img/vsm_stage_list_v12_9.png +++ /dev/null diff --git a/doc/user/group/value_stream_analytics/index.md b/doc/user/group/value_stream_analytics/index.md index 6a512d78696..4b473c9217d 100644 --- a/doc/user/group/value_stream_analytics/index.md +++ b/doc/user/group/value_stream_analytics/index.md @@ -59,7 +59,7 @@ To filter results: 1. Select a parameter to filter by. 1. Select a value from the autocompleted results, or type to refine the results. - + ### Date ranges @@ -71,14 +71,28 @@ GitLab provides the ability to filter analytics based on a date range. To filter 1. Optionally select a project. 1. Select a date range using the available date pickers. -## How Time metrics are measured +## How metrics are measured The "Time" metrics near the top of the page are measured as follows: - **Lead time**: median time from issue created to issue closed. -- **Cycle time**: median time from first commit to issue closed. (You can associate a commit with an issue by [crosslinking in the commit message](../../project/issues/crosslinking_issues.md#from-commit-messages).) +- **Cycle time**: median time from first commit to issue closed. (You can associate a commit with an + issue by [crosslinking in the commit message](../../project/issues/crosslinking_issues.md#from-commit-messages).) - +The "Recent Activity" metrics near the top of the page are measured as follows: + +- **New Issues:** the number of issues created in the date range. +- **Deploys:** the number of deployments to production (1) in the date range. +- **Deployment Frequency:** the average number of deployments to production (1) per day in the date range. + +(1) To give a more accurate representation of deployments that actually completed successfully, +the calculation for these two metrics changed in GitLab 13.9 from using the time a deployment was +created to the time a deployment finished. If you were referencing this metric prior to 13.9, please +keep this slight change in mind. + +You can learn more about these metrics in our [analytics definitions](../../analytics/index.md). + + ## How the stages are measured @@ -109,8 +123,8 @@ How this works, behind the scenes: we need for the stages, like issue creation date, merge request merge time, etc. -To sum up, anything that doesn't follow [GitLab flow](../../../topics/gitlab_flow.md) will not be tracked and the -Value Stream Analytics dashboard will not present any data for: +To sum up, anything that doesn't follow [GitLab flow](../../../topics/gitlab_flow.md) is not tracked and the +Value Stream Analytics dashboard does not present any data for: - Merge requests that do not close an issue. - Issues not labeled with a label present in the Issue Board or for issues not assigned a milestone. @@ -118,7 +132,8 @@ Value Stream Analytics dashboard will not present any data for: ## How the production environment is identified -Value Stream Analytics identifies production environments by looking for project [environments](../../../ci/yaml/README.md#environment) with a name matching any of these patterns: +Value Stream Analytics identifies production environments by looking for project +[environments](../../../ci/yaml/README.md#environment) with a name matching any of these patterns: - `prod` or `prod/*` - `production` or `production/*` @@ -176,7 +191,7 @@ A few notes: cycles, calculate their median time and the result is what the dashboard of Value Stream Analytics is showing. -## Customizable Stages +## Custom value streams > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12196) in GitLab 12.9. @@ -184,14 +199,13 @@ The default stages are designed to work straight out of the box, but they might all teams. Different teams use different approaches to building software, so some teams might want to customize their Value Stream Analytics. -GitLab allows users to create multiple value streams, hide default stages and create custom stages that align better to their development workflow. +GitLab allows users to create multiple value streams, hide default stages and create custom stages +that align better to their development workflow. ### Stage path > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210315) in GitLab 13.0. -> - It's [deployed behind a feature flag](../../feature_flags.md), enabled by default. -> - It's enabled on GitLab.com. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](../../../administration/feature_flags.md). **(FREE SELF)** +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/323982) in GitLab 13.12.  @@ -212,98 +226,62 @@ Hovering over a stage item displays a popover with the following information: - Start event description for the given stage - End event description +- Median time items took to complete the stage +- Number of items that completed the stage -Horizontal path navigation is enabled by default. If you have a self-managed instance, an -administrator can [open a Rails console](../../../administration/troubleshooting/navigating_gitlab_via_rails_console.md) -and disable it with the following command: - -```ruby -Feature.disable(:value_stream_analytics_path_navigation) -``` - -### Adding a stage - -In the following example we're creating a new stage that measures and tracks issues from creation -time until they are closed. - -1. Navigate to your group's **Analytics > Value Stream**. -1. Click the **Add a stage** button. -1. Fill in the new stage form: - - Name: Issue start to finish. - - Start event: Issue created. - - End event: Issue closed. -1. Click the **Add stage** button. - - - -The new stage is persisted and it will always show up on the Value Stream Analytics page for your -group. - -If you want to alter or delete the stage, you can easily do that for customized stages by: - -1. Hovering over the stage. -1. Clicking the vertical ellipsis (**{ellipsis_v}**) button that appears. - - - -Creating a custom stage requires specifying two events: - -- A start. -- An end. - -Be careful to choose a start event that occurs *before* your end event. For example, consider a -stage that: +### Stream overview -- Started when an issue is added to a board. -- Ended when the issue is created. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321438) in GitLab 13.11. -This stage would not work because the end event has already happened when the start event occurs. -To prevent such invalid stages, the UI prohibits incompatible start and end events. After you select -the start event, the stop event dropdown will only list the compatible events. + -### Re-ordering stages +The stream overview provides access to key metrics and charts summarizing all the stages in the value stream +based on selected filters. -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/196698) in GitLab 12.10. +Shown metrics and charts includes: -Once a custom stage has been added, you can "drag and drop" stages to rearrange their order. These changes are automatically saved to the system. +- [Lead time](#how-metrics-are-measured) +- [Cycle time](#how-metrics-are-measured) +- [Days to completion chart](#days-to-completion-chart) +- [Tasks by type chart](#type-of-work---tasks-by-type-chart) -### Label based stages +### Stage table -The pre-defined start and end events can cover many use cases involving both issues and merge requests. - -For supporting more complex workflows, use stages based on group labels. These events are based on -labels being added or removed. In particular, [scoped labels](../../project/labels.md#scoped-labels) -are useful for complex workflows. +> Sorting the stage table [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/301082) in GitLab 13.12. -In this example, we'd like to measure more accurate code review times. The workflow is the following: + -- When the code review starts, the reviewer adds `workflow::code_review_start` label to the merge request. -- When the code review is finished, the reviewer adds `workflow::code_review_complete` label to the merge request. +The stage table shows a list of related workflow items for the selected stage. This can include: -Creating a new stage called "Code Review": +- CI/CD jobs +- Issues +- Merge requests +- Pipelines - +A little badge next to the workflow items table header shows the number of workflow items that +completed the selected stage. -### Hiding unused stages +The stage table also includes the **Time** column, which shows how long it takes each item to pass +through the selected value stream stage. -Sometimes certain default stages are not relevant to a team. In this case, you can easily hide stages -so they no longer appear in the list. To hide stages: +The stage table is not displayed on the stream [Overview](#stream-overview). +The workflow item column (first column) is ordered by end event. -1. Add a custom stage to activate customizability. -1. Hover over the default stage you want to hide. -1. Click the vertical ellipsis (**{ellipsis_v}**) button that appears and select **Hide stage**. +To sort the stage table by a table column, select the table header. +You can sort in ascending or descending order. To find items that spent the most time in a stage, +potentially causing bottlenecks in your value stream, sort the table by the **Time** column. +From there, select individual items to drill in and investigate how delays are happening. +To see which items the stage most recently, sort by the work item column on the left. -To recover a default stage that was previously hidden: - -1. Click **Add a stage** button. -1. In the top right corner open the **Recover hidden stage** dropdown. -1. Select a stage. +The table displays up to 20 items at a time. If there are more than 20 items, you can use the +**Prev** and **Next** buttons to navigate through the pages. ### Creating a value stream > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/221202) in GitLab 13.3 -A default value stream is readily available for each group. You can create additional value streams based on the different areas of work that you would like to measure. +A default value stream is readily available for each group. You can create additional value streams +based on the different areas of work that you would like to measure. Once created, a new value stream includes the [seven stages](#default-stages) that follow [GitLab workflow](../../../topics/gitlab_flow.md) @@ -317,7 +295,7 @@ To create a value stream: - You can [customize the stages](#creating-a-value-stream-with-stages) 1. Click the **Create Value Stream** button. - + #### Creating a value stream with stages @@ -333,17 +311,52 @@ add stages as desired. To create a value stream with stages: -1. Navigate to your group's **Analytics > Value Stream**. -1. Find and select the Value Stream dropdown. Select **Create new Value Stream**. +1. Go to your group and select **Analytics > Value Stream**. +1. Select the Value Stream dropdown and select **Create new Value Stream**. 1. Select either **Create from default template** or **Create from no template**. - - Default stages in the value stream can be hidden or re-ordered + - Default stages in the value stream can be hidden or re-ordered. +  - - New stages can be added by clicking the 'Add another stage' button + + - New stages can be added by clicking the 'Add another stage' button. - The name, start and end events for the stage can be selected +  1. Select the **Create Value Stream** button to save the value stream. - +#### Label-based stages + +The pre-defined start and end events can cover many use cases involving both issues and merge requests. + +In more complex workflows, use stages based on group labels. These events are based on +added or removed labels. In particular, [scoped labels](../../project/labels.md#scoped-labels) +are useful for complex workflows. + +In this example, we'd like to measure times for deployment from a staging environment to production. The workflow is the following: + +- When the code is deployed to staging, the `workflow::staging` label is added to the merge request. +- When the code is deployed to production, the `workflow::production` label is added to the merge request. + + + +### Editing a value stream + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267537) in GitLab 13.10. + +After you create a value stream, you can customize it to suit your purposes. To edit a value stream: + +1. Go to your group and select **Analytics > Value Stream**. +1. Find and select the relevant value stream from the value stream dropdown. +1. Next to the value stream dropdown, select **Edit**. + The edit form is populated with the value stream details. +1. Optional: + - Rename the value stream. + - Hide or re-order default stages. + - Remove existing custom stages. + - Add new stages by selecting the 'Add another stage' button + - Select the start and end events for the stage. +1. Optional. To undo any modifications, select **Restore value stream defaults**. +1. Select **Save Value Stream**. ### Deleting a value stream @@ -356,14 +369,15 @@ To delete a custom value stream: 1. Click the **Delete (name of value stream)**. 1. Click the **Delete** button to confirm. - + ## Days to completion chart > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21631) in GitLab 12.6. > - [Chart median line removed](https://gitlab.com/gitlab-org/gitlab/-/issues/235455) in GitLab 13.4. +> - [Totals replaced with averages](https://gitlab.com/gitlab-org/gitlab/-/issues/262070) in GitLab 13.12. -This chart visually depicts the total number of days it takes for cycles to be completed. (Totals are being replaced with averages in [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/262070).) +This chart visually depicts the average number of days it takes for cycles to be completed. This chart uses the global page filters for displaying data based on the selected group, projects, and time frame. In addition, specific stages can be selected diff --git a/doc/user/img/activity_followed_users_v13_9.png b/doc/user/img/activity_followed_users_v13_9.png Binary files differdeleted file mode 100644 index 3c0a9de74b4..00000000000 --- a/doc/user/img/activity_followed_users_v13_9.png +++ /dev/null diff --git a/doc/user/img/feature_highlight_example.png b/doc/user/img/feature_highlight_example.png Binary files differdeleted file mode 100644 index 32ca05a6087..00000000000 --- a/doc/user/img/feature_highlight_example.png +++ /dev/null diff --git a/doc/user/img/snippet_intro_v13_11.png b/doc/user/img/snippet_intro_v13_11.png Binary files differindex aa2ad5fd43a..4b6818341b7 100644 --- a/doc/user/img/snippet_intro_v13_11.png +++ b/doc/user/img/snippet_intro_v13_11.png diff --git a/doc/user/img/todos_icon.png b/doc/user/img/todos_icon.png Binary files differdeleted file mode 100644 index 9fee4337a75..00000000000 --- a/doc/user/img/todos_icon.png +++ /dev/null diff --git a/doc/user/img/todos_index.png b/doc/user/img/todos_index.png Binary files differdeleted file mode 100644 index 99c1575d157..00000000000 --- a/doc/user/img/todos_index.png +++ /dev/null diff --git a/doc/user/img/todos_index_v13_11.png b/doc/user/img/todos_index_v13_11.png Binary files differnew file mode 100644 index 00000000000..eedb3045d39 --- /dev/null +++ b/doc/user/img/todos_index_v13_11.png diff --git a/doc/user/index.md b/doc/user/index.md index 872dbd09c7d..ab159cecdef 100644 --- a/doc/user/index.md +++ b/doc/user/index.md @@ -56,7 +56,7 @@ GitLab is a Git-based platform that integrates a great number of essential tools With GitLab Enterprise Edition, you can also: - Improve collaboration with: - - [Merge Request Approvals](project/merge_requests/merge_request_approvals.md). + - [Merge Request Approvals](project/merge_requests/approvals/index.md). - [Multiple Assignees for Issues](project/issues/multiple_assignees_for_issues.md). - [Multiple Issue Boards](project/issue_board.md#multiple-issue-boards). - Create formal relationships between issues with [linked issues](project/issues/related_issues.md). @@ -86,10 +86,11 @@ There are several types of users in GitLab: ## User activity You can follow or unfollow other users from their [user profiles](profile/index.md#access-your-user-profile). -To see their activity in the top-level Activity view, select Follow or Unfollow, and select -the Followed Users tab: +To view a user's activity in a top-level Activity view: - +1. From a user's profile, select **Follow**. +1. In the GitLab menu, select **Activity**. +1. Select the **Followed users** tab. ## Projects @@ -119,7 +120,7 @@ to enjoy the best of GitLab. user type (guest, reporter, developer, maintainer, owner). - [Feature highlight](feature_highlight.md): Learn more about the little blue dots around the app that explain certain features. -- [Abuse reports](abuse_reports.md): Report abuse from users to GitLab administrators. +- [Abuse reports](report_abuse.md): Report abuse from users to GitLab administrators. ## Groups @@ -177,7 +178,7 @@ pages and accomplish tasks faster. ## Integrations -[Integrate GitLab](../integration/README.md) with your preferred tool, +[Integrate GitLab](../integration/index.md) with your preferred tool, such as Trello, Jira, etc. ## Webhooks diff --git a/doc/user/markdown.md b/doc/user/markdown.md index 0c257f2fb70..cbd5bf1553a 100644 --- a/doc/user/markdown.md +++ b/doc/user/markdown.md @@ -1092,7 +1092,7 @@ Markdown is fine in GitLab. </dd> </dl> -#### Details and summary +#### Collapsible section To see the second Markdown example rendered in HTML, [view it in GitLab](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/user/markdown.md#details-and-summary). diff --git a/doc/user/packages/conan_repository/index.md b/doc/user/packages/conan_repository/index.md index 9df4aeb404a..53d191cbcfe 100644 --- a/doc/user/packages/conan_repository/index.md +++ b/doc/user/packages/conan_repository/index.md @@ -186,6 +186,10 @@ To authenticate to the Package Registry, you need one of the following: scope set to `read_package_registry`, `write_package_registry`, or both. - A [CI job token](#publish-a-conan-package-by-using-cicd). +NOTE: +Packages from private and internal projects are hidden if you are not +authenticated. If you try to search or download a package from a private or internal project without authenticating, you will receive the error `unable to find the package in remote` in the Conan client. + ### Add your credentials to the GitLab remote Associate your token with the GitLab remote, so that you don't have to diff --git a/doc/user/packages/container_registry/index.md b/doc/user/packages/container_registry/index.md index bc96d3c937c..6d7b009bb09 100644 --- a/doc/user/packages/container_registry/index.md +++ b/doc/user/packages/container_registry/index.md @@ -698,6 +698,13 @@ You can, however, remove the Container Registry for a project: The **Packages & Registries > Container Registry** entry is removed from the project's sidebar. +## Manifest lists and garbage collection + +Manifest lists are commonly used for creating multi-architecture images. If you rely on manifest +lists, you should tag all the individual manifests referenced by a list in their respective +repositories, and not just the manifest list itself. This ensures that those manifests aren't +garbage collected, as long as they have at least one tag pointing to them. + ## Troubleshooting the GitLab Container Registry ### Docker connection error @@ -729,20 +736,78 @@ As a workaround, you should include the architecture in the tag name of individu ### The cleanup policy doesn't delete any tags -In GitLab 13.6 and earlier, when you run the cleanup policy, -you may expect it to delete tags and it does not. +There can be different reasons behind this: + +- In GitLab 13.6 and earlier, when you run the cleanup policy you may expect it to delete tags and + it does not. This occurs when the cleanup policy is saved without editing the value in the + **Remove tags matching** field. This field has a grayed out `.*` value as a placeholder. Unless + `.*` (or another regex pattern) is entered explicitly into the field, a `nil` value is submitted. + This value prevents the saved cleanup policy from matching any tags. As a workaround, edit the + cleanup policy. In the **Remove tags matching** field, enter `.*` and save. This value indicates + that all tags should be removed. + +- If you are on GitLab self-managed instances and you have 1000+ tags in a container repository, you + might run into a [Container Registry token expiration issue](https://gitlab.com/gitlab-org/gitlab/-/issues/288814), + with `error authorizing context: invalid token` in the logs. + + To fix this, there are two workarounds: + + - If you are on GitLab 13.9 or later, you can [set limits for the cleanup policy](#set-cleanup-limits-to-conserve-resources). + This limits the cleanup execution in time, and avoids the expired token error. + + - Extend the expiration delay of the Container Registry authentication tokens. This defaults to 5 + minutes. You can set a custom value by running + `ApplicationSetting.last.update(container_registry_token_expire_delay: <integer>)` in the Rails + console, where `<integer>` is the desired number of minutes. For reference, 15 minutes is the + value currently in use for GitLab.com. Be aware that by extending this value you increase the + time required to revoke permissions. -This issue occurs when the cleanup policy was saved without -editing the value in the **Remove tags matching** field. +If the previous fixes didn't work or you are on earlier versions of GitLab, you can generate a list +of the tags that you want to delete, and then use that list to delete the tags. To do this, follow +these steps: -This field had a grayed out `.*` value as a placeholder. -Unless `.*` (or other regex pattern) was entered explicitly into the -field, a `nil` value was submitted. This value prevents the -saved cleanup policy from matching any tags. +1. Run the following shell script. The command just before the `for` loop ensures that + `list_o_tags.out` is always reinitialized when starting the loop. After running this command, all + the tags' names will be in the `list_o_tags.out` file: + + ```shell + # Get a list of all tags in a certain container repository while considering [pagination](../../../api/README.md#pagination) + echo -n "" > list_o_tags.out; for i in {1..N}; do curl --header 'PRIVATE-TOKEN: <PAT>' "https://gitlab.example.com/api/v4/projects/<Project_id>/registry/repositories/<container_repo_id>/tags?per_page=100&page=${i}" | jq '.[].name' | sed 's:^.\(.*\).$:\1:' >> list_o_tags.out; done + ``` + +1. Remove from the `list_o_tags.out` file any tags that you want to keep. Here are some example + `sed` commands for this. Note that these commands are simply examples. You may change them to + best suit your needs: + + ```shell + # Remove the `latest` tag from the file + sed -i '/latest/d' list_o_tags.out -As a workaround, edit the cleanup policy. In the **Remove tags matching** -field, enter `.*` and save. This value indicates that all tags should -be removed. + # Remove the first N tags from the file + sed -i '1,Nd' list_o_tags.out + + # Remove the tags starting with `Av` from the file + sed -i '/^Av/d' list_o_tags.out + + # Remove the tags ending with `_v3` from the file + sed -i '/_v3$/d' list_o_tags.out + ``` + + If you are running macOS, you must add `.bak` to the commands. For example: + + ```shell + sed -i .bak '/latest/d' list_o_tags.out + ``` + +1. Double-check the `list_o_tags.out` file to make sure it contains only the tags that you want to + delete. + +1. Run this shell script to delete the tags in the `list_o_tags.out` file: + + ```shell + # loop over list_o_tags.out to delete a single tag at a time + while read -r LINE || [[ -n $LINE ]]; do echo ${LINE}; curl --request DELETE --header 'PRIVATE-TOKEN: <PAT>' "https://gitlab.example.com/api/v4/projects/<Project_id>/registry/repositories/<container_repo_id>/tags/${LINE}"; sleep 0.1; echo; done < list_o_tags.out > delete.logs + ``` ### Troubleshoot as a GitLab server admin diff --git a/doc/user/packages/generic_packages/index.md b/doc/user/packages/generic_packages/index.md index 57d6245dd96..e20ac57e64f 100644 --- a/doc/user/packages/generic_packages/index.md +++ b/doc/user/packages/generic_packages/index.md @@ -69,22 +69,6 @@ Example response: } ``` -Example request using a deploy token: - -```shell -curl --header "DEPLOY-TOKEN: <deploy_token>" \ - --upload-file path/to/file.txt \ - "https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt?status=hidden" -``` - -Example response: - -```json -{ - "message":"201 Created" -} -``` - ## Download package file Download a package file. diff --git a/doc/user/packages/index.md b/doc/user/packages/index.md index 74072aa95e1..b871a08c133 100644 --- a/doc/user/packages/index.md +++ b/doc/user/packages/index.md @@ -12,22 +12,17 @@ packages, which can be easily consumed as a dependency in downstream projects. The Package Registry supports the following formats: -<div class="row"> -<div class="col-md-9"> -<table align="left" style="width:50%"> -<tr style="background:#dfdfdf"><th>Package type</th><th>GitLab version</th></tr> -<tr><td><a href="https://docs.gitlab.com/ee/user/packages/composer_repository/index.html">Composer</a></td><td>13.2+</td></tr> -<tr><td><a href="https://docs.gitlab.com/ee/user/packages/conan_repository/index.html">Conan</a></td><td>12.6+</td></tr> -<tr><td><a href="https://docs.gitlab.com/ee/user/packages/go_proxy/index.html">Go</a></td><td>13.1+</td></tr> -<tr><td><a href="https://docs.gitlab.com/ee/user/packages/maven_repository/index.html">Maven</a></td><td>11.3+</td></tr> -<tr><td><a href="https://docs.gitlab.com/ee/user/packages/npm_registry/index.html">npm</a></td><td>11.7+</td></tr> -<tr><td><a href="https://docs.gitlab.com/ee/user/packages/nuget_repository/index.html">NuGet</a></td><td>12.8+</td></tr> -<tr><td><a href="https://docs.gitlab.com/ee/user/packages/pypi_repository/index.html">PyPI</a></td><td>12.10+</td></tr> -<tr><td><a href="https://docs.gitlab.com/ee/user/packages/generic_packages/index.html">Generic packages</a></td><td>13.5+</td></tr> -<tr><td><a href="https://docs.gitlab.com/ee/user/packages/rubygems_registry/index.html">RubyGems</a></td><td>13.10+</td></tr> -</table> -</div> -</div> +| Package type | GitLab version | +| ------------ | -------------- | +| [Composer](composer_repository/index.md) | 13.2+ | +| [Conan](conan_repository/index.md) | 12.6+ | +| [Go](go_proxy/index.md) | 13.1+ | +| [Maven](maven_repository/index.md) | 11.3+ | +| [npm](npm_registry/index.md) | 11.7+ | +| [NuGet](nuget_repository/index.md) | 12.8+ | +| [PyPI](pypi_repository/index.md) | 12.10+ | +| [Generic packages](generic_packages/index.md) | 13.5+ | +| [Ruby gems](rubygems_registry/index.md) | 13.10+ | You can also use the [API](../../api/packages.md) to administer the Package Registry. diff --git a/doc/user/packages/maven_repository/index.md b/doc/user/packages/maven_repository/index.md index d4dc9f0ae78..ba7b55dc47d 100644 --- a/doc/user/packages/maven_repository/index.md +++ b/doc/user/packages/maven_repository/index.md @@ -625,7 +625,7 @@ In the UI: 1. For your group, go to **Settings > Packages & Registries**. 1. Expand the **Package Registry** section. 1. Turn on the **Reject duplicates** toggle. -1. Optional. To allow some duplicate packages, in the **Exceptions** box, enter a regex pattern that matches the names of packages you want to allow. +1. Optional. To allow some duplicate packages, in the **Exceptions** box, enter a regex pattern that matches the names and/or versions of packages you want to allow. Your changes are automatically saved. diff --git a/doc/user/packages/npm_registry/index.md b/doc/user/packages/npm_registry/index.md index b6312002184..ace432b305f 100644 --- a/doc/user/packages/npm_registry/index.md +++ b/doc/user/packages/npm_registry/index.md @@ -14,6 +14,9 @@ packages whenever you need to use them as a dependency. Only [scoped](https://docs.npmjs.com/misc/scope/) packages are supported. +For documentation of the specific API endpoints that the npm package manager +client uses, see the [npm API documentation](../../../api/packages/npm.md). + ## Build an npm package This section covers how to install npm or Yarn and build a package for your @@ -43,7 +46,7 @@ The npm version is shown in the output: ### Install Yarn As an alternative to npm, you can install Yarn in your local environment by following the -instructions at [yarnpkg.com](https://classic.yarnpkg.com/en/docs/install). +instructions at [classic.yarnpkg.com](https://classic.yarnpkg.com/en/docs/install). When installation is complete, verify you can use Yarn in your terminal by running: @@ -305,6 +308,46 @@ See the [Publish npm packages to the GitLab Package Registry using semantic-release](../../../ci/examples/semantic-release.md) step-by-step guide and demo project for a complete example. +## Configure the GitLab npm registry with Yarn 2 + +You can get started with Yarn 2 by following the documentation at +[https://yarnpkg.com/getting-started/install](https://yarnpkg.com/getting-started/install). + +To publish and install with the project-level npm endpoint, set the following configuration in +`.yarnrc.yml`: + +```yaml +npmScopes: + foo: + npmRegistryServer: "https://gitlab.example.com/api/v4/projects/<your_project_id>/packages/npm/" + npmPublishRegistry: "https://gitlab.example.com/api/v4/projects/<your_project_id>/packages/npm/" + +npmRegistries: + //gitlab.example.com/api/v4/projects/<your_project_id>/packages/npm/: + npmAlwaysAuth: true + npmAuthToken: "<your_token>" +``` + +For the instance-level npm endpoint, use this Yarn 2 configuration in `.yarnrc.yml`: + +```yaml +npmScopes: + foo: + npmRegistryServer: "https://gitlab.example.com/api/v4/packages/npm/" + +npmRegistries: + //gitlab.example.com/api/v4/packages/npm/: + npmAlwaysAuth: true + npmAuthToken: "<your_token>" +``` + +In this configuration: + +- Replace `<your_token>` with your personal access token or deploy token. +- Replace `<your_project_id>` with your project's ID, which you can find on the project's home page. +- Replace `gitlab.example.com` with your domain name. +- Your scope is `foo`, without `@`. + ## Publishing packages with the same name or version You cannot publish a package if a package of the same name and version already exists. diff --git a/doc/user/packages/rubygems_registry/index.md b/doc/user/packages/rubygems_registry/index.md index aa50bc6c2bc..e4d297ac1d8 100644 --- a/doc/user/packages/rubygems_registry/index.md +++ b/doc/user/packages/rubygems_registry/index.md @@ -44,7 +44,7 @@ Feature.enable(:rubygem_packages, Project.find(1)) Feature.disable(:rubygem_packages, Project.find(2)) ``` -## Create a Ruby Gem +## Create a Ruby gem If you need help creating a Ruby gem, see the [RubyGems documentation](https://guides.rubygems.org/make-your-own-gem/). @@ -80,10 +80,19 @@ you can use `CI_JOB_TOKEN` instead of a personal access token or deploy token. For example: ```yaml -image: ruby:latest +# assuming a my_gem.gemspec file is present in the repository with the version currently set to 0.0.1 +image: ruby run: + before_script: + - mkdir ~/.gem + - echo "---" > ~/.gem/credentials + - | + echo "https://gitlab.example.com/api/v4/projects/${CI_PROJECT_ID}/packages/rubygems: '${CI_JOB_TOKEN}'" >> ~/.gem/credentials + - chmod 0600 ~/.gem/credentials # rubygems requires 0600 permissions on the credentials file script: + - gem build my_gem + - gem push my_gem-0.0.1.gem --host https://gitlab.example.com/api/v4/projects/${CI_PROJECT_ID}/packages/rubygems ``` You can also use `CI_JOB_TOKEN` in a `~/.gem/credentials` file that you check in to diff --git a/doc/user/permissions.md b/doc/user/permissions.md index 7405c3aade8..245efc0e908 100644 --- a/doc/user/permissions.md +++ b/doc/user/permissions.md @@ -202,7 +202,7 @@ The following table depicts the various user permission levels in a project. 1. Actions are limited only to records owned (referenced) by user. 1. When [Share Group Lock](group/index.md#prevent-a-project-from-being-shared-with-groups) is enabled the project can't be shared with other groups. It does not affect group with group sharing. 1. For information on eligible approvers for merge requests, see - [Eligible approvers](project/merge_requests/merge_request_approvals.md#eligible-approvers). + [Eligible approvers](project/merge_requests/approvals/rules.md#eligible-approvers). 1. Applies only to comments on [Design Management](project/issues/design_management.md) designs. 1. Users can only view events based on their individual actions. 1. Project access tokens are supported for self-managed instances on Free and above. They are also @@ -427,8 +427,8 @@ with the permissions described on the documentation on [auditor users permission >[Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40942) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.4. -Administrators can add members with a "minimal access" role to a parent group. Such users don't -automatically have access to projects and subgroups underneath. To support such access, administrators must explicitly add these "minimal access" users to the specific subgroups/projects. +Owners can add members with a "minimal access" role to a parent group. Such users don't +automatically have access to projects and subgroups underneath. To support such access, owners must explicitly add these "minimal access" users to the specific subgroups/projects. Users with minimal access can list the group in the UI and through the API. However, they cannot see details such as projects or subgroups. They do not have access to the group's page or list any of its subgroups or projects. diff --git a/doc/user/profile/account/delete_account.md b/doc/user/profile/account/delete_account.md index a33b6742d61..361353a0f8c 100644 --- a/doc/user/profile/account/delete_account.md +++ b/doc/user/profile/account/delete_account.md @@ -53,7 +53,7 @@ There are two options for deleting users: - **Delete user and contributions** When using the **Delete user** option, not all associated records are deleted with the user. -Here's a list of things that will **not** be deleted: +Here's a list of things that are **not** deleted: - Issues that the user created. - Merge requests that the user created. @@ -61,20 +61,20 @@ Here's a list of things that will **not** be deleted: - Abuse reports that the user reported. - Award emoji that the user created. -Instead of being deleted, these records will be moved to a system-wide +Instead of being deleted, these records are moved to a system-wide user with the username "Ghost User", whose sole purpose is to act as a container -for such records. Any commits made by a deleted user will still display the +for such records. Any commits made by a deleted user still display the username of the original user. When using the **Delete user and contributions** option, **all** associated records are removed. This includes all of the items mentioned above including issues, merge requests, notes/comments, and more. Consider -[blocking a user](../../admin_area/blocking_unblocking_users.md) +[blocking a user](../../admin_area/moderate_users.md#blocking-a-user) or using the **Delete user** option instead. -When a user is deleted from an [abuse report](../../admin_area/abuse_reports.md) +When a user is deleted from an [abuse report](../../admin_area/review_abuse_reports.md) or spam log, these associated -records are not ghosted and will be removed, along with any groups the user +records are not ghosted and are removed, along with any groups the user is a sole owner of. Administrators can also request this behavior when deleting users from the [API](../../../api/users.md#user-deletion) or the Admin Area. diff --git a/doc/user/profile/account/two_factor_authentication.md b/doc/user/profile/account/two_factor_authentication.md index 23e5bf2d143..c763226015e 100644 --- a/doc/user/profile/account/two_factor_authentication.md +++ b/doc/user/profile/account/two_factor_authentication.md @@ -51,10 +51,11 @@ To enable 2FA: 1. Install a compatible application, like: - [Authy](https://authy.com/) - [Duo Mobile](https://duo.com/product/multi-factor-authentication-mfa/duo-mobile-app) - - [LastPass](https://lastpass.com/auth/) + - [LastPass Authenticator](https://lastpass.com/auth/) - [Authenticator](https://mattrubin.me/authenticator/) - [andOTP](https://github.com/andOTP/andOTP) - [Google Authenticator](https://support.google.com/accounts/answer/1066447?hl=en) + - [Microsoft Authenticator](https://www.microsoft.com/en-us/account/authenticator) - [SailOTP](https://openrepos.net/content/seiichiro0185/sailotp) 1. In the application, add a new entry in one of two ways: - Scan the code presented in GitLab with your device's camera to add the diff --git a/doc/user/profile/index.md b/doc/user/profile/index.md index 4e4cdf5dc36..17c24a6b63f 100644 --- a/doc/user/profile/index.md +++ b/doc/user/profile/index.md @@ -135,9 +135,7 @@ If you select the **Busy** checkbox, remember to clear it when you become availa > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/259649) in GitLab 13.6. > - It was [deployed behind a feature flag](../feature_flags.md), disabled by default. > - [Became enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/281073) in GitLab 13.8. -> - It's enabled on GitLab.com. -> - It's not recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#disable-busy-status-feature). +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/329163) in GitLab 13.12. To indicate to others that you are busy, you can set an indicator. @@ -173,23 +171,6 @@ To set the busy status indicator, either: | --- | --- | |  |  | -### Disable busy status feature - -The busy status feature is deployed behind a feature flag and is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) can disable it for your instance from the [rails console](../../administration/feature_flags.md#start-the-gitlab-rails-console). - -To disable it: - -```ruby -Feature.disable(:set_user_availability_status) -``` - -To enable it: - -```ruby -Feature.enable(:set_user_availability_status) -``` - ## Change the email displayed on your commits > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/21598) in GitLab 11.4. diff --git a/doc/user/profile/personal_access_tokens.md b/doc/user/profile/personal_access_tokens.md index d32971a7618..7b63a5bfef9 100644 --- a/doc/user/profile/personal_access_tokens.md +++ b/doc/user/profile/personal_access_tokens.md @@ -8,112 +8,148 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Personal access tokens > - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/3749) in GitLab 8.8. -> - [Notifications about expiring tokens](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) added in GitLab 12.6. -> - [Notifications about expired tokens](https://gitlab.com/gitlab-org/gitlab/-/issues/214721) added in GitLab 13.3. +> - [Notifications for expiring tokens](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) added in GitLab 12.6. > - [Token lifetime limits](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) added in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6. +> - [Additional notifications for expiring tokens](https://gitlab.com/gitlab-org/gitlab/-/issues/214721) added in GitLab 13.3. -If you're unable to use [OAuth2](../../api/oauth2.md), you can use a personal access token to authenticate with the [GitLab API](../../api/README.md#personalproject-access-tokens). +If you're unable to use [OAuth2](../../api/oauth2.md), you can use a personal access token to authenticate with the [GitLab API](../../api/README.md#personalproject-access-tokens). You can also use a personal access token with Git to authenticate over HTTP. -You can also use personal access tokens with Git to authenticate over HTTP. Personal access tokens are required when [Two-Factor Authentication (2FA)](account/two_factor_authentication.md) is enabled. In both cases, you can authenticate with a token in place of your password. +In both cases, you authenticate with a personal access token in place of your password. -Personal access tokens expire on the date you define, at midnight UTC. - -- GitLab runs a check at 01:00 AM UTC every day to identify personal access tokens that expire in under seven days. The owners of these tokens are notified by email. -- GitLab runs a check at 02:00 AM UTC every day to identify personal access tokens that expired on the current date. The owners of these tokens are notified by email. -- In GitLab Ultimate, administrators may [limit the lifetime of personal access tokens](../admin_area/settings/account_and_limit_settings.md#limiting-lifetime-of-personal-access-tokens). -- In GitLab Ultimate, administrators may [toggle enforcement of personal access token expiration](../admin_area/settings/account_and_limit_settings.md#optional-non-enforcement-of-personal-access-token-expiration). +Personal access tokens are required when [Two-Factor Authentication (2FA)](account/two_factor_authentication.md) is enabled. -For examples of how you can use a personal access token to authenticate with the API, see the following section from our [API Docs](../../api/README.md#personalproject-access-tokens). +For examples of how you can use a personal access token to authenticate with the API, see the [API documentation](../../api/README.md#personalproject-access-tokens). -GitLab also offers [impersonation tokens](../../api/README.md#impersonation-tokens) which are created by administrators via the API. They're a great fit for automated authentication as a specific user. +Alternately, GitLab administrators can use the API to create [impersonation tokens](../../api/README.md#impersonation-tokens). +Use impersonation tokens to automate authentication as a specific user. -## Creating a personal access token +## Create a personal access token -You can create as many personal access tokens as you like from your GitLab -profile. +You can create as many personal access tokens as you like. -1. Sign in to GitLab. 1. In the top-right corner, select your avatar. 1. Select **Edit profile**. 1. In the left sidebar, select **Access Tokens**. -1. Choose a name and optional expiry date for the token. -1. Choose the [desired scopes](#limiting-scopes-of-a-personal-access-token). +1. Enter a name and optional expiry date for the token. +1. Select the [desired scopes](#personal-access-token-scopes). 1. Select **Create personal access token**. -1. Save the personal access token somewhere safe. If you navigate away or refresh - your page, and you did not save the token, you must create a new one. -### Revoking a personal access token +Save the personal access token somewhere safe. After you leave the page, +you no longer have access to the token. -At any time, you can revoke any personal access token by clicking the -respective **Revoke** button under the **Active Personal Access Token** area. +## Revoke a personal access token -### Token activity +At any time, you can revoke a personal access token. + +1. In the top-right corner, select your avatar. +1. Select **Edit profile**. +1. In the left sidebar, select **Access Tokens**. +1. In the **Active personal access tokens** area, next to the key, select **Revoke**. -You can see when a token was last used from the **Personal Access Tokens** page. Updates to the token usage is fixed at once per 24 hours. Requests to [API resources](../../api/api_resources.md) and the [GraphQL API](../../api/graphql/index.md) update a token's usage. +## View the last time a token was used -## Limiting scopes of a personal access token +Token usage is updated once every 24 hours. It is updated each time the token is used to request +[API resources](../../api/api_resources.md) and the [GraphQL API](../../api/graphql/index.md). -Personal access tokens can be created with one or more scopes that allow various -actions that a given token can perform. The available scopes are depicted in -the following table. +To view the last time a token was used: -| Scope | Introduced in | Description | +1. In the top-right corner, select your avatar. +1. Select **Edit profile**. +1. In the left sidebar, select **Access Tokens**. +1. In the **Active personal access tokens** area, next to the key, view the **Last Used** date. + +## Personal access token scopes + +A personal access token can perform actions based on the assigned scopes. + +| Scope | Introduced in | Access | | ------------------ | ------------- | ----------- | -| `read_user` | [GitLab 8.15](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5951) | Allows access to the read-only endpoints under `/users`. Essentially, any of the `GET` requests in the [Users API](../../api/users.md) are allowed. | -| `api` | [GitLab 8.15](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5951) | Grants complete read/write access to the API, including all groups and projects, the container registry, and the package registry. | -| `read_api` | [GitLab 12.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28944) | Grants read access to the API, including all groups and projects, the container registry, and the package registry. | -| `read_registry` | [GitLab 9.3](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/11845) | Allows to read (pull) [container registry](../packages/container_registry/index.md) images if a project is private and authorization is required. | -| `write_registry` | [GitLab 12.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28958) | Allows to write (push) [container registry](../packages/container_registry/index.md) images if a project is private and authorization is required. | -| `sudo` | [GitLab 10.2](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/14838) | Allows performing API actions as any user in the system (if the authenticated user is an administrator). | -| `read_repository` | [GitLab 10.7](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/17894) | Allows read-only access (pull) to the repository through `git clone`. | -| `write_repository` | [GitLab 11.11](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/26021) | Allows read-write access (pull, push) to the repository through `git clone`. Required for accessing Git repositories over HTTP when 2FA is enabled. | - -## Programmatically creating a personal access token - -You can programmatically create a predetermined personal access token for use in -automation or tests. You need sufficient access to run a -[Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session) -for your GitLab instance. - -To create a token belonging to a user with username `automation-bot`, run the -following in the Rails console (`sudo gitlab-rails console`): - -```ruby -user = User.find_by_username('automation-bot') -token = user.personal_access_tokens.create(scopes: [:read_user, :read_repository], name: 'Automation token') -token.set_token('token-string-here123') -token.save! -``` +| `api` | [8.15](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5951) | Read-write for the complete API, including all groups and projects, the Container Registry, and the Package Registry. | +| `read_user` | [8.15](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5951) | Read-only for endpoints under `/users`. Essentially, access to any of the `GET` requests in the [Users API](../../api/users.md). | +| `read_api` | [12.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28944) | Read-only for the complete API, including all groups and projects, the Container Registry, and the Package Registry. | +| `read_repository` | [10.7](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/17894) | Read-only (pull) for the repository through `git clone`. | +| `write_repository` | [11.11](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/26021) | Read-write (pull, push) for the repository through `git clone`. Required for accessing Git repositories over HTTP when 2FA is enabled. | +| `read_registry` | [9.3](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/11845) | Read-only (pull) for [Container Registry](../packages/container_registry/index.md) images if a project is private and authorization is required. | +| `write_registry` | [12.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28958) | Read-write (push) for [Container Registry](../packages/container_registry/index.md) images if a project is private and authorization is required. | +| `sudo` | [10.2](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/14838) | API actions as any user in the system (if the authenticated user is an administrator). | + +## When personal access tokens expire -This can be shortened into a single-line shell command using the +Personal access tokens expire on the date you define, at midnight UTC. + +- GitLab runs a check at 01:00 AM UTC every day to identify personal access tokens that expire in the next seven days. The owners of these tokens are notified by email. +- GitLab runs a check at 02:00 AM UTC every day to identify personal access tokens that expire on the current date. The owners of these tokens are notified by email. +- In GitLab Ultimate, administrators can + [limit the lifetime of personal access tokens](../admin_area/settings/account_and_limit_settings.md#limit-the-lifetime-of-personal-access-tokens). +- In GitLab Ultimate, administrators can choose whether or not to + [enforce personal access token expiration](../admin_area/settings/account_and_limit_settings.md#do-not-enforce-personal-access-token-expiration). + +## Create a personal access token programmatically **(FREE SELF)** + +You can create a predetermined personal access token +as part of your tests or automation. + +Prerequisite: + +- You need sufficient access to run a + [Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session) + for your GitLab instance. + +To create a personal access token programmatically: + +1. Open a Rails console: + + ```shell + sudo gitlab-rails console + ``` + +1. Run the following commands to reference the username, the token, and the scopes. + + The token must be 20 characters long. The scopes must be valid and are visible + [in the source code](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/auth.rb). + + For example, to create a token that belongs to a user with username `automation-bot`: + + ```ruby + user = User.find_by_username('automation-bot') + token = user.personal_access_tokens.create(scopes: [:read_user, :read_repository], name: 'Automation token') + token.set_token('token-string-here123') + token.save! + ``` + +This code can be shortened into a single-line shell command by using the [Rails runner](../../administration/troubleshooting/debug.md#using-the-rails-runner): ```shell sudo gitlab-rails runner "token = User.find_by_username('automation-bot').personal_access_tokens.create(scopes: [:read_user, :read_repository], name: 'Automation token'); token.set_token('token-string-here123'); token.save!" ``` -NOTE: -The token string must be 20 characters in length to be -recognized as a valid personal access token. +## Revoke a personal access token programmatically **(FREE SELF)** -The list of valid scopes and what they do can be found -[in the source code](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/auth.rb). +You can programmatically revoke a personal access token +as part of your tests or automation. -## Programmatically revoking a personal access token +Prerequisite: -You can programmatically revoke a personal access token. You need -sufficient access to run a [Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session) -for your GitLab instance. +- You need sufficient access to run a [Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session) + for your GitLab instance. -To revoke a known token `token-string-here123`, run the following in the Rails -console (`sudo gitlab-rails console`): +To revoke a token programmatically: -```ruby -token = PersonalAccessToken.find_by_token('token-string-here123') -token.revoke! -``` +1. Open a Rails console: + + ```shell + sudo gitlab-rails console + ``` + +1. To revoke a token of `token-string-here123`, run the following commands: + + ```ruby + token = PersonalAccessToken.find_by_token('token-string-here123') + token.revoke! + ``` -This can be shortened into a single-line shell command using the +This code can be shortened into a single-line shell command using the [Rails runner](../../administration/troubleshooting/debug.md#using-the-rails-runner): ```shell diff --git a/doc/user/project/bulk_editing.md b/doc/user/project/bulk_editing.md index 76ae4cf596b..d9e268251b7 100644 --- a/doc/user/project/bulk_editing.md +++ b/doc/user/project/bulk_editing.md @@ -1,67 +1,8 @@ --- -stage: Plan -group: Project Management -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: 'issues/managing_issues.md' --- -# Bulk editing issues and merge requests at the project level +This document was moved to [another location](issues/managing_issues.md). -NOTE: -Bulk editing issues, epics, and merge requests is also available at the **group level**. -For more details, see -[Bulk editing issues, epics, and merge requests at the group level](../group/bulk_editing/index.md). - -If you want to update attributes across multiple issues or merge requests, you can do it -by bulk editing them, that is, editing them together. - -Only the items visible on the current page are selected for bulk editing (up to 20). - - - -## Bulk edit issues at the project level - -> - Assigning epic ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210470) in GitLab 13.2. -> - Editing health status [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218395) in GitLab 13.2. -> - Editing iteration [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/196806) in GitLab 13.9. - -Users with permission level of [Reporter or higher](../permissions.md) can manage issues. - -When bulk editing issues in a project, you can edit the following attributes: - -- Status (open/closed) -- Assignee -- [Epic](../group/epics/index.md) -- [Milestone](milestones/index.md) -- [Labels](labels.md) -- [Health status](issues/managing_issues.md#health-status) -- Notification subscription -- [Iteration](../group/iterations/index.md) - -To update multiple project issues at the same time: - -1. In a project, go to **{issues}** **Issues > List**. -1. Click **Edit issues**. A sidebar on the right-hand side of your screen appears with editable fields. -1. Select the checkboxes next to each issue you want to edit. -1. Select the appropriate fields and their values from the sidebar. -1. Click **Update all**. - -## Bulk edit merge requests at the project level - -Users with permission level of [Developer or higher](../permissions.md) can manage merge requests. - -When bulk editing merge requests in a project, you can edit the following attributes: - -- Status (open/closed) -- Assignee -- Milestone -- Labels -- Subscriptions - -To update multiple project merge requests at the same time: - -1. In a project, go to **{merge-request}** **Merge Requests**. -1. Click **Edit merge requests**. A sidebar on the right-hand side of your screen appears with - editable fields. -1. Select the checkboxes next to each merge request you want to edit. -1. Select the appropriate fields and their values from the sidebar. -1. Click **Update all**. +<!-- This redirect file can be deleted after <2021-08-12>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/project/clusters/add_eks_clusters.md b/doc/user/project/clusters/add_eks_clusters.md index e329ec4f903..c0fb8f5848f 100644 --- a/doc/user/project/clusters/add_eks_clusters.md +++ b/doc/user/project/clusters/add_eks_clusters.md @@ -41,9 +41,9 @@ For example, the following policy document allows assuming a role whose name sta } ``` -### Administration settings +### Configure Amazon authentication -Generate an access key for the IAM user, and configure GitLab with the credentials: +To configure Amazon authentication in GitLab, generate an access key for the IAM user in the Amazon AWS console, and following the steps below. 1. Navigate to **Admin Area > Settings > General** and expand the **Amazon EKS** section. 1. Check **Enable Amazon EKS integration**. @@ -232,7 +232,7 @@ sequenceDiagram First, GitLab must obtain an initial set of credentials to communicate with the AWS API. These credentials can be retrieved in one of two ways: -- Statically through the [Administration settings](#administration-settings). +- Statically through the [Configure Amazon authentication](#configure-amazon-authentication). - Dynamically via an IAM instance profile ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/291015) in GitLab 13.7). After GitLab retrieves the AWS credentials, it makes an @@ -272,7 +272,7 @@ arn:aws:iam::123456789012:role/gitlab-eks-provision' #### Access denied: User `arn:aws:iam::x` is not authorized to perform: `sts:AssumeRole` on resource: `arn:aws:iam::y` This error occurs when the credentials defined in the -[Administration settings](#administration-settings) cannot assume the role defined by the +[Configure Amazon authentication](#configure-amazon-authentication) cannot assume the role defined by the Provision Role ARN. Check that: 1. The initial set of AWS credentials [has the AssumeRole policy](#additional-requirements-for-self-managed-instances). @@ -290,6 +290,10 @@ because GitLab has successfully assumed your provided role, but the role has insufficient permissions to retrieve the resources needed for the form. Make sure you've assigned the role the correct permissions. +### Key Pairs are not loaded + +GitLab loads the key pairs from the **Cluster Region** specified. Ensure that key pair exists in that region. + #### `ROLLBACK_FAILED` during cluster creation The creation process halted because GitLab encountered an error when creating diff --git a/doc/user/project/clusters/protect/container_host_security/quick_start_guide.md b/doc/user/project/clusters/protect/container_host_security/quick_start_guide.md index d64ebfd9385..fa4a5fb61d0 100644 --- a/doc/user/project/clusters/protect/container_host_security/quick_start_guide.md +++ b/doc/user/project/clusters/protect/container_host_security/quick_start_guide.md @@ -77,5 +77,5 @@ necessary components with GMAv2 and the cluster management project. **Related documentation links:** -- [GitLab Managed Apps v1 (GMAv1)](../../../../clusters/applications.md#install-with-one-click) +- [GitLab Managed Apps v1 (GMAv1)](../../../../clusters/applications.md#install-with-one-click-deprecated) - [GitLab Managed Apps v2 (GMAv2)](../../../../clusters/management_project.md) diff --git a/doc/user/project/clusters/protect/container_network_security/quick_start_guide.md b/doc/user/project/clusters/protect/container_network_security/quick_start_guide.md index 14db98c7ce7..bf419c69885 100644 --- a/doc/user/project/clusters/protect/container_network_security/quick_start_guide.md +++ b/doc/user/project/clusters/protect/container_network_security/quick_start_guide.md @@ -52,7 +52,7 @@ Each method has benefits and drawbacks: | | YAML method | UI method (Ultimate only) | |--|:------------|:-------------------------------| -| **Benefits** | A change control process is possible by requiring [MR Approvals](../../../merge_requests/merge_request_approvals.md). All changes are fully tracked and audited in the same way that Git tracks the history of any file in its repository. | The UI provides a simple rules editor for users who are less familiar with the YAML syntax of NetworkPolicies. This view is a live representation of the policies currently deployed in the Kubernetes cluster. The UI also allows for multiple network policies to be created per environment. | +| **Benefits** | A change control process is possible by requiring [MR Approvals](../../../merge_requests/approvals/index.md). All changes are fully tracked and audited in the same way that Git tracks the history of any file in its repository. | The UI provides a simple rules editor for users who are less familiar with the YAML syntax of NetworkPolicies. This view is a live representation of the policies currently deployed in the Kubernetes cluster. The UI also allows for multiple network policies to be created per environment. | | **Drawbacks** | Only one network policy can be deployed per environment (although that policy can be as detailed as needed). Also, if changes were made in Kubernetes directly rather than through the `auto-deploy-values.yaml` file, the YAML file's contents don't represent the actual state of policies deployed in Kubernetes. | Policy changes aren't audited and a change control process isn't available. | Users are encouraged to choose one of the two methods to manage their policies. If users attempt to @@ -149,5 +149,5 @@ necessary components with GMAv2 and the cluster management project. **Related documentation links:** -- [GitLab Managed Apps v1 (GMAv1)](../../../../clusters/applications.md#install-with-one-click) +- [GitLab Managed Apps v1 (GMAv1)](../../../../clusters/applications.md#install-with-one-click-deprecated) - [GitLab Managed Apps v2 (GMAv2)](../../../../clusters/management_project.md) diff --git a/doc/user/project/clusters/securing.md b/doc/user/project/clusters/securing.md deleted file mode 100644 index d734db6bac9..00000000000 --- a/doc/user/project/clusters/securing.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -redirect_to: 'protect/index.md' ---- - -This document was moved to [another location](protect/index.md). - -<!-- This redirect file can be deleted after <2021-04-01>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/project/clusters/serverless/aws.md b/doc/user/project/clusters/serverless/aws.md index f9423c0be2d..5d6fb8252bb 100644 --- a/doc/user/project/clusters/serverless/aws.md +++ b/doc/user/project/clusters/serverless/aws.md @@ -86,7 +86,7 @@ Put the following code in the file: service: gitlab-example provider: name: aws - runtime: nodejs10.x + runtime: nodejs14.x functions: hello: diff --git a/doc/user/project/code_owners.md b/doc/user/project/code_owners.md index 3135aa78719..ea7bcce99c1 100644 --- a/doc/user/project/code_owners.md +++ b/doc/user/project/code_owners.md @@ -22,19 +22,19 @@ The GitLab Code Owners feature defines who owns specific files or paths in a repository, allowing other users to understand who is responsible for each file or path. +As an alternative to using Code Owners for approvals, you can instead +[configure rules](merge_requests/approvals/rules.md). + ## Why is this useful? Code Owners allows for a version controlled, single source of truth file outlining the exact GitLab users or groups that -own certain files or paths in a repository. Code Owners can be -used in the merge request approval process which can streamline -the process of finding the right reviewers and approvers for a given -merge request. - -In larger organizations or popular open source projects, Code Owners -can help you understand who to contact if you have -a question that may not be related to code review or a merge request -approval. +own certain files or paths in a repository. In larger organizations +or popular open source projects, Code Owners can help you understand +who to contact if you have a question about a specific portion of +the codebase. Code Owners can also streamline the merge request approval +process, identifying the most relevant reviewers and approvers for a +given change. ## How to set up Code Owners @@ -76,7 +76,7 @@ The user that would show for `README.md` would be `@user2`. After you've added Code Owners to a project, you can configure it to be used for merge request approvals: -- As [merge request eligible approvers](merge_requests/merge_request_approvals.md#code-owners-as-eligible-approvers). +- As [merge request eligible approvers](merge_requests/approvals/rules.md#code-owners-as-eligible-approvers). - As required approvers for [protected branches](protected_branches.md#protected-branches-approval-by-code-owners). **(PREMIUM)** Developer or higher [permissions](../permissions.md) are required to @@ -87,9 +87,9 @@ After it's set, Code Owners are displayed in merge request widgets:  While you can use the `CODEOWNERS` file in addition to Merge Request -[Approval Rules](merge_requests/merge_request_approvals.md#approval-rules), +[Approval Rules](merge_requests/approvals/rules.md), you can also use it as the sole driver of merge request approvals -without using [Approval Rules](merge_requests/merge_request_approvals.md#approval-rules): +without using [Approval Rules](merge_requests/approvals/rules.md): 1. Create the file in one of the three locations specified above. 1. Set the code owners as required approvers for @@ -143,6 +143,10 @@ But you have the option to [invite](members/share_project_with_groups.md) the Subgroup Y to the Project A so that their members also become eligible Code Owners: +NOTE: +If you do not invite Subgroup Y to Project A, but make them Code Owners, their approval +of the merge request becomes optional. +  After being invited, any member (`@user`) of the group or subgroup can be set diff --git a/doc/user/project/deploy_boards.md b/doc/user/project/deploy_boards.md index 368417ac00b..804c013d317 100644 --- a/doc/user/project/deploy_boards.md +++ b/doc/user/project/deploy_boards.md @@ -8,7 +8,13 @@ type: howto, reference # Deploy Boards **(FREE)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1589) in [GitLab Premium](https://about.gitlab.com/pricing/) 9.0. -> - [Moved](<https://gitlab.com/gitlab-org/gitlab/-/issues/212320>) to GitLab Free in 13.8. +> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/212320) to GitLab Free in 13.8. +> - In GitLab 13.5 and earlier, apps that consist of multiple deployments are shown as +> duplicates on the deploy board. This is [fixed](https://gitlab.com/gitlab-org/gitlab/-/issues/8463) +> in GitLab 13.6. +> - In GitLab 13.11 and earlier, environments in folders do not show deploy boards. +> This is [fixed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60525) in +> GitLab 13.12. GitLab Deploy Boards offer a consolidated view of the current health and status of each CI [environment](../../ci/environments/index.md) running on [Kubernetes](https://kubernetes.io), displaying the status @@ -46,10 +52,6 @@ knowledge. In particular, you should be familiar with: - [Kubernetes namespaces](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) - [Kubernetes canary deployments](https://kubernetes.io/docs/concepts/cluster-administration/manage-deployment/#canary-deployments) -In GitLab 13.5 and earlier, apps that consist of multiple deployments are shown as -duplicates on the deploy board. This is [fixed](https://gitlab.com/gitlab-org/gitlab/-/issues/8463) -in GitLab 13.6. - ## Use cases Since the Deploy Board is a visual representation of the Kubernetes pods for a diff --git a/doc/user/project/deploy_keys/index.md b/doc/user/project/deploy_keys/index.md index a45c3d26f1a..a6b54474a9e 100644 --- a/doc/user/project/deploy_keys/index.md +++ b/doc/user/project/deploy_keys/index.md @@ -151,6 +151,24 @@ Adding a public deploy key does not immediately expose any repository to it. Pub deploy keys enable access from other systems, but access is not given to any project until a project maintainer chooses to make use of it. +## How to disable deploy keys + +[Project maintainers and owners](../../permissions.md#project-members-permissions) +can remove or disable a deploy key for a project repository: + +1. Navigate to the project's **Settings > Repository** page. +1. Expand the **Deploy keys** section. +1. Select the **{remove}** or **{cancel}** button. + +NOTE: +If anything relies on the removed deploy key, it will stop working once removed. + +If the key is **publicly accessible**, it will be removed from the project, but still available under **Publicly accessible deploy keys**. + +If the key is **privately accessible** and only in use by this project, it will deleted. + +If the key is **privately accessible** and in use by other projects, it will be removed from the project, but still available under **Privately accessible deploy keys**. + ## Troubleshooting ### Deploy key cannot push to a protected branch @@ -158,7 +176,7 @@ until a project maintainer chooses to make use of it. If the owner of this deploy key doesn't have access to a [protected branch](../protected_branches.md), then this deploy key doesn't have access to the branch either. In addition to this, choosing the **No one** value in -[the "Allowed to push" section](../protected_branches.md#configuring-protected-branches) +[the "Allowed to push" section](../protected_branches.md#configure-a-protected-branch) means that no users **and** no services using deploy keys can push to that selected branch. Refer to [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/30769) for more information. diff --git a/doc/user/project/deploy_tokens/index.md b/doc/user/project/deploy_tokens/index.md index 842f167f6ec..e2fa63ce519 100644 --- a/doc/user/project/deploy_tokens/index.md +++ b/doc/user/project/deploy_tokens/index.md @@ -130,20 +130,12 @@ To pull packages in the GitLab package registry, you must: 1. For the [package type of your choice](../../packages/index.md), follow the authentication instructions for deploy tokens. -Example request publishing a generic package using a deploy token: +Example request publishing a NuGet package using a deploy token: ```shell -curl --header "DEPLOY-TOKEN: <deploy_token>" \ - --upload-file path/to/file.txt \ - "https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt?status=hidden" -``` - -Example response: +nuget source Add -Name GitLab -Source "https://gitlab.example.com/api/v4/projects/10/packages/nuget/index.json" -UserName deploy-token-username -Password 12345678asdf -```json -{ - "message":"201 Created" -} +nuget push mypkg.nupkg -Source GitLab ``` ### Push or upload packages diff --git a/doc/user/project/file_lock.md b/doc/user/project/file_lock.md index b51a1b79a13..576de63d00d 100644 --- a/doc/user/project/file_lock.md +++ b/doc/user/project/file_lock.md @@ -15,7 +15,7 @@ Although branching strategies usually work well enough for source code and plain text because different versions can be merged together, they do not work for binary files. -When file locking is setup, lockable files are **read only** by default. +When file locking is setup, lockable files are **read-only** by default. When a file is locked, only the user who locked the file may modify it. This user is said to "hold the lock" or have "taken the lock", since only one user diff --git a/doc/user/project/highlighting.md b/doc/user/project/highlighting.md index c914c90c923..2e5713e10be 100644 --- a/doc/user/project/highlighting.md +++ b/doc/user/project/highlighting.md @@ -49,3 +49,21 @@ file is in your default branch (usually `master`). NOTE: The Web IDE does not support `.gitattribute` files, but it's [planned for a future release](https://gitlab.com/gitlab-org/gitlab/-/issues/22014). + +## Configure maximum file size for highlighting + +You can configure the maximum size of the file to be highlighted. + +The file size is measured in kilobytes, and is set to a default of `512 KB`. Any file _over_ the file size is rendered in plain text. + +1. Open the [`gitlab.yml`](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/config/gitlab.yml.example) configuration file. + +1. Add this section, replacing `maximum_text_highlight_size_kilobytes` with the value you want. + + ```yaml + gitlab: + extra: + ## Maximum file size for syntax highlighting + ## https://docs.gitlab.com/ee/user/project/highlighting.html + maximum_text_highlight_size_kilobytes: 512 + ``` diff --git a/doc/user/project/img/bulk-editing_v13_2.png b/doc/user/project/img/bulk-editing_v13_2.png Binary files differdeleted file mode 100644 index 871cb02c01f..00000000000 --- a/doc/user/project/img/bulk-editing_v13_2.png +++ /dev/null diff --git a/doc/user/project/img/protected_branches_list_v12_3.png b/doc/user/project/img/protected_branches_list_v12_3.png Binary files differdeleted file mode 100644 index 995a294b85c..00000000000 --- a/doc/user/project/img/protected_branches_list_v12_3.png +++ /dev/null diff --git a/doc/user/project/img/protected_branches_page_v12_3.png b/doc/user/project/img/protected_branches_page_v12_3.png Binary files differdeleted file mode 100644 index 60aa3c4d251..00000000000 --- a/doc/user/project/img/protected_branches_page_v12_3.png +++ /dev/null diff --git a/doc/user/project/img/time_tracking_report_v13_12.png b/doc/user/project/img/time_tracking_report_v13_12.png Binary files differnew file mode 100644 index 00000000000..2132ca01cf4 --- /dev/null +++ b/doc/user/project/img/time_tracking_report_v13_12.png diff --git a/doc/user/project/img/time_tracking_sidebar_v13_12.png b/doc/user/project/img/time_tracking_sidebar_v13_12.png Binary files differnew file mode 100644 index 00000000000..e25282bc551 --- /dev/null +++ b/doc/user/project/img/time_tracking_sidebar_v13_12.png diff --git a/doc/user/project/img/time_tracking_sidebar_v8_16.png b/doc/user/project/img/time_tracking_sidebar_v8_16.png Binary files differdeleted file mode 100644 index 22124afed6f..00000000000 --- a/doc/user/project/img/time_tracking_sidebar_v8_16.png +++ /dev/null diff --git a/doc/user/project/import/bitbucket.md b/doc/user/project/import/bitbucket.md index 6f274dd12a2..e77932c6427 100644 --- a/doc/user/project/import/bitbucket.md +++ b/doc/user/project/import/bitbucket.md @@ -14,26 +14,27 @@ Server (aka Stash). If you are trying to import projects from Bitbucket Server, Import your projects from Bitbucket Cloud to GitLab with minimal effort. -## Overview - -- At its current state, the Bitbucket importer can import: - - the repository description (GitLab 7.7+) - - the Git repository data (GitLab 7.7+) - - the issues (GitLab 7.7+) - - the issue comments (GitLab 8.15+) - - the pull requests (GitLab 8.4+) - - the pull request comments (GitLab 8.15+) - - the milestones (GitLab 8.15+) - - the wiki (GitLab 8.15+) -- References to pull requests and issues are preserved (GitLab 8.7+) -- Repository public access is retained. If a repository is private in Bitbucket - it will be created as private in GitLab as well. +The Bitbucket importer can import: + +- Repository description (GitLab 7.7+) +- Git repository data (GitLab 7.7+) +- Issues (GitLab 7.7+) +- Issue comments (GitLab 8.15+) +- Pull requests (GitLab 8.4+) +- Pull request comments (GitLab 8.15+) +- Milestones (GitLab 8.15+) +- Wiki (GitLab 8.15+) + +When importing: + +- References to pull requests and issues are preserved (GitLab 8.7+). +- Repository public access is retained. If a repository is private in Bitbucket, it's created as + private in GitLab as well. ## Requirements -The [Bitbucket Cloud integration](../../../integration/bitbucket.md) must be first enabled in order to be -able to import your projects from Bitbucket Cloud. Ask your GitLab administrator -to enable this if not already. +To import your projects from Bitbucket Cloud, the [Bitbucket Cloud integration](../../../integration/bitbucket.md) +must be enabled. Ask your GitLab administrator to enable this if it isn't already enabled. ## How it works diff --git a/doc/user/project/import/bitbucket_server.md b/doc/user/project/import/bitbucket_server.md index bb2256c9464..1e79107d76f 100644 --- a/doc/user/project/import/bitbucket_server.md +++ b/doc/user/project/import/bitbucket_server.md @@ -15,51 +15,49 @@ Use the [Bitbucket Cloud importer](bitbucket.md) for that. Import your projects from Bitbucket Server to GitLab with minimal effort. -## Overview +The Bitbucket importer can import: -- In its current state, the Bitbucket importer can import: - - the repository description (GitLab 11.2+) - - the Git repository data (GitLab 11.2+) - - the pull requests (GitLab 11.2+) - - the pull request comments (GitLab 11.2+) -- Repository public access is retained. If a repository is private in Bitbucket - it will be created as private in GitLab as well. +- Repository description (GitLab 11.2+) +- Git repository data (GitLab 11.2+) +- Pull requests (GitLab 11.2+) +- Pull request comments (GitLab 11.2+) + +When importing, repository public access is retained. If a repository is private in Bitbucket, it's +created as private in GitLab as well. ## Limitations -1. Currently GitLab doesn't allow comments on arbitrary lines of code, so any - Bitbucket comments out of bounds will be inserted as comments in the merge - request. -1. Bitbucket Server allows multiple levels of threading. GitLab import - will collapse this into one thread and quote part of the original comment. -1. Declined pull requests have unreachable commits, which prevents the GitLab - importer from generating a proper diff. These pull requests will show up as - empty changes. -1. Attachments in Markdown are currently not imported. -1. Task lists are not imported. -1. Emoji reactions are not imported -1. Project filtering does not support fuzzy search (only `starts with` or `full - match strings` are currently supported) +- GitLab doesn't allow comments on arbitrary lines of code, so any Bitbucket comments out of bounds + are inserted as comments in the merge request. +- Bitbucket Server allows multiple levels of threading. GitLab import collapses this into one thread + and quote part of the original comment. +- Declined pull requests have unreachable commits, which prevents the GitLab importer from + generating a proper diff. These pull requests show up as empty changes. +- Attachments in Markdown are not imported. +- Task lists are not imported. +- Emoji reactions are not imported. +- Project filtering does not support fuzzy search (only `starts with` or `full match strings` are + supported). ## How it works The Bitbucket Server importer works as follows: -1. The user will be prompted to enter the URL, username, and password (or personal access token) to log in to Bitbucket. +1. The user is prompted to enter the URL, username, and password (or personal access token) to log in to Bitbucket. These credentials are preserved only as long as the importer is running. -1. The importer will attempt to list all the current repositories on the Bitbucket Server. -1. Upon selection, the importer will clone the repository and import pull requests and comments. +1. The importer attempts to list all the current repositories on the Bitbucket Server. +1. Upon selection, the importer clones the repository and import pull requests and comments. ### User assignment When issues/pull requests are being imported, the Bitbucket importer tries to find the author's e-mail address with a confirmed e-mail address in the GitLab user database. If no such user is available, the project creator is set as -the author. The importer will append a note in the comment to mark the original +the author. The importer appends a note in the comment to mark the original creator. -The importer will create any new namespaces (groups) if they don't exist or in -the case the namespace is taken, the repository will be imported under the user's +The importer creates any new namespaces (groups) if they don't exist or in +the case the namespace is taken, the repository is imported under the user's namespace that started the import process. #### User assignment by username @@ -104,7 +102,7 @@ To disable it: Feature.disable(:bitbucket_server_user_mapping_by_username) ``` -## Importing your Bitbucket repositories +## Import your Bitbucket repositories 1. Sign in to GitLab and go to your dashboard. 1. Click on **New project**. @@ -118,7 +116,7 @@ Feature.disable(:bitbucket_server_user_mapping_by_username)  1. Click on the projects that you'd like to import or **Import all projects**. - You can also filter projects by name and select the namespace under which each project will be + You can also filter projects by name and select the namespace under which each project is imported.  diff --git a/doc/user/project/import/fogbugz.md b/doc/user/project/import/fogbugz.md index 1371ca57bc9..09505d94a8c 100644 --- a/doc/user/project/import/fogbugz.md +++ b/doc/user/project/import/fogbugz.md @@ -8,12 +8,14 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Import your project from FogBugz to GitLab It only takes a few simple steps to import your project from FogBugz. -The importer will import all of your cases and comments with original case -numbers and timestamps. You will also have the opportunity to map FogBugz -users to GitLab users. +The importer imports all your cases and comments with original case +numbers and timestamps. You can also map FogBugz users to GitLab users. -1. From your GitLab dashboard click 'New project' -1. Click on the 'FogBugz' button +Follow these steps to import your project from FogBugz: + +1. From your GitLab dashboard, select **New project**. + +1. Select the **FogBugz** button.  @@ -25,11 +27,11 @@ users to GitLab users.  -1. Select the projects you wish to import by clicking the Import buttons +1. Select the projects you wish to import by selecting the **Import** buttons.  -1. Once the import has finished click the link to take you to the project +1. Once the import finishes, click the link to go to the project dashboard. Follow the directions to push your existing repository.  diff --git a/doc/user/project/import/gemnasium.md b/doc/user/project/import/gemnasium.md index bac10cb0948..5a4b16d57f5 100644 --- a/doc/user/project/import/gemnasium.md +++ b/doc/user/project/import/gemnasium.md @@ -1,117 +1,8 @@ --- -type: reference, howto -stage: Manage -group: Import -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: 'index.md' --- -# Gemnasium **(ULTIMATE)** +This document was deleted. -This guide describes how to migrate from Gemnasium.com to your own GitLab -instance or GitLab.com. - -## Why is Gemnasium.com closed? - -Gemnasium was [acquired by GitLab](https://about.gitlab.com/press/releases/2018-01-30-gemnasium-acquisition.html) -in January 2018. Since May 15, 2018, the services provided by Gemnasium are no longer available. -The team behind Gemnasium has joined GitLab as the new Security Products team -and is working on a [wide range of tools](../../application_security/index.md), -including: - -- [Dependency Scanning](../../application_security/dependency_scanning/index.md) -- [SAST](../../application_security/sast/index.md) -- [DAST](../../application_security/dast/index.md) -- [Container Scanning](../../application_security/container_scanning/index.md) - -If you want to continue monitoring your dependencies, see the -[Migrating to GitLab](#migrating-to-gitlab) section below. - -## What happened to my account? - -Your account has been automatically closed on May 15th, 2018. If you had a paid -subscription at that time, your card will be refunded on a -<!-- vale gitlab.Spelling = NO --> pro rata temporis <!-- vale gitlab.Spelling = YES --> basis. -You may contact `gemnasium@gitlab.com` regarding your closed account. - -## Will my account/data be transferred to GitLab Inc.? - -All accounts and data have been deleted on May 15th, 2018. GitLab Inc. -doesn't know anything about your private data, nor your projects, and therefore -if they were vulnerable or not. GitLab Inc. takes personal information very seriously. - -## What happened to my badge? - -To avoid broken 404 images, all badges pointing to Gemnasium.com will be a -placeholder, inviting you to migrate to GitLab (and pointing to this page). - -## Migrating to GitLab - -Gemnasium has been ported and integrated directly into GitLab CI/CD. -You can still benefit from our dependency monitoring features, and it requires -some steps to migrate your projects. There is no automatic import since GitLab -doesn't know anything about any projects which existed on Gemnasium.com. -Security features are free for public (open-source) projects hosted on GitLab.com. - -### If your project is hosted on GitLab (`https://gitlab.com` / self-managed) - -You're almost set! If you're already using -[Auto DevOps](../../../topics/autodevops/), you are already covered. -Otherwise, you must configure your `.gitlab-ci.yml` according to the -[dependency scanning page](../../application_security/dependency_scanning/index.md). - -### If your project is hosted on GitHub (`https://github.com` / GitHub Enterprise) - -Since [GitLab 10.6 comes with GitHub integration](https://about.gitlab.com/solutions/github/), -GitLab users can now create a CI/CD project in GitLab connected to an external -GitHub.com or GitHub Enterprise repository. This will automatically prompt -GitLab CI/CD to run whenever code is pushed to GitHub and post CI/CD results -back to both GitLab and GitHub when completed. - -<!-- vale gitlab.Spelling = NO --> - -1. Create a new project, and select **CI/CD for external repo**: - -  - <!-- vale gitlab.Spelling = YES --> - -1. Use the **GitHub** button to connect your repositories. - -  - -1. Select the project(s) to be set up with GitLab CI/CD and choose **Connect**. - -  - - After the configuration is done, you may click on your new - project on GitLab. - -  - - Your project is now mirrored on GitLab, where the runners will be able to access - your source code and run your tests. - - Optional step: If you set this up on GitLab.com, make sure the project is - public (in the project settings) if your GitHub project is public, since - the security feature is available only for [GitLab Ultimate](https://about.gitlab.com/pricing/). - -1. To set up the dependency scanning job, corresponding to what Gemnasium was - doing, you must create a `.gitlab-ci.yml` file, or update it according to - the [dependency scanning docs](../../application_security/dependency_scanning/index.md). - The mirroring is pull-only by default, so you may create or update the file on - GitHub: - -  - -1. Once your file has been committed, a new pipeline will be automatically - triggered if your file is valid: - -  - -1. The result of the job will be visible directly from the pipeline view: - -  - -NOTE: -If you don't commit very often to your project, you may want to use -[scheduled pipelines](../../../ci/pipelines/schedules.md) to run the job on a regular -basis. +<!-- This redirect file can be deleted after <2021-08-15>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->
\ No newline at end of file diff --git a/doc/user/project/import/gitea.md b/doc/user/project/import/gitea.md index 26e5a86b808..41141902468 100644 --- a/doc/user/project/import/gitea.md +++ b/doc/user/project/import/gitea.md @@ -9,20 +9,20 @@ info: To determine the technical writer assigned to the Stage/Group associated w Import your projects from Gitea to GitLab with minimal effort. -## Overview - NOTE: This requires Gitea `v1.0.0` or newer. -- At its current state, Gitea importer can import: - - the repository description (GitLab 8.15+) - - the Git repository data (GitLab 8.15+) - - the issues (GitLab 8.15+) - - the pull requests (GitLab 8.15+) - - the milestones (GitLab 8.15+) - - the labels (GitLab 8.15+) -- Repository public access is retained. If a repository is private in Gitea - it will be created as private in GitLab as well. +The Gitea importer can import: + +- Repository description (GitLab 8.15+) +- Git repository data (GitLab 8.15+) +- Issues (GitLab 8.15+) +- Pull requests (GitLab 8.15+) +- Milestones (GitLab 8.15+) +- Labels (GitLab 8.15+) + +When importing, repository public access is retained. If a repository is private in Gitea, it's +created as private in GitLab as well. ## How it works @@ -31,23 +31,23 @@ to users in your GitLab instance. This means that the project creator (most of the times the current user that started the import process) is set as the author, but a reference on the issue about the original Gitea author is kept. -The importer will create any new namespaces (groups) if they don't exist or in -the case the namespace is taken, the repository will be imported under the user's +The importer creates any new namespaces (groups) if they don't exist or in +the case the namespace is taken, the repository is imported under the user's namespace that started the import process. -## Importing your Gitea repositories +## Import your Gitea repositories The importer page is visible when you create a new project.  -Click on the **Gitea** link and the import authorization process will start. +Click the **Gitea** link and the import authorization process starts.  ### Authorize access to your repositories using a personal access token -With this method, you will perform a one-off authorization with Gitea to grant +With this method, you perform a one-off authorization with Gitea to grant GitLab access your repositories: 1. Go to `https://your-gitea-instance/user/settings/applications` (replace @@ -58,27 +58,27 @@ GitLab access your repositories: 1. Copy the token hash. 1. Go back to GitLab and provide the token to the Gitea importer. 1. Hit the **List Your Gitea Repositories** button and wait while GitLab reads - your repositories' information. Once done, you'll be taken to the importer + your repositories' information. Once done, you are taken to the importer page to select the repositories to import. ### Select which repositories to import -After you've authorized access to your Gitea repositories, you will be +After you've authorized access to your Gitea repositories, you are redirected to the Gitea importer page. From there, you can see the import statuses of your Gitea repositories. -- Those that are being imported will show a _started_ status, -- those already successfully imported will be green with a _done_ status, -- whereas those that are not yet imported will have an **Import** button on the +- Those that are being imported show a _started_ status, +- those already successfully imported are green with a _done_ status, +- whereas those that are not yet imported have an **Import** button on the right side of the table. You also can: - Import all your Gitea projects in one go by hitting **Import all projects** in - the upper left corner + the upper left corner. - Filter projects by name. If filter is applied, hitting **Import all projects** - will only import matched projects + only imports matched projects.  diff --git a/doc/user/project/import/github.md b/doc/user/project/import/github.md index eb426a9f126..c8b973b673e 100644 --- a/doc/user/project/import/github.md +++ b/doc/user/project/import/github.md @@ -10,8 +10,6 @@ info: To determine the technical writer assigned to the Stage/Group associated w Using the importer, you can import your GitHub repositories to GitLab.com or to your self-managed GitLab instance. -## Overview - The following aspects of a project are imported: - Repository description (GitLab.com & 7.7+) @@ -37,12 +35,12 @@ The namespace is a user or group in GitLab, such as `gitlab.com/janedoe` or `git This process does not migrate or import any types of groups or organizations from GitHub to GitLab. -### Use cases +## Use cases The steps you take depend on whether you are importing from GitHub.com or GitHub Enterprise, as well as whether you are importing to GitLab.com or self-managed GitLab instance. - If you're importing to GitLab.com, you can alternatively import GitHub repositories - using a [personal access token](#using-a-github-token). We do not recommend + using a [personal access token](#use-a-github-token). We do not recommend this method, as it does not associate all user activity (such as issues and pull requests) with matching GitLab users. - If you're importing to a self-managed GitLab instance, you can alternatively use the @@ -62,9 +60,16 @@ For this association to succeed, each GitHub author and assignee in the reposito must meet one of the following conditions prior to the import: - Have previously logged in to a GitLab account using the GitHub icon. -- Have a GitHub account with a publicly visible - [primary email address](https://docs.github.com/en/rest/reference/users#get-a-user) - on their profile that matches their GitLab account's primary or secondary email address. +- Have a GitHub account with a [public-facing email address](https://docs.github.com/en/github/setting-up-and-managing-your-github-user-account/setting-your-commit-email-address) + that matches their GitLab account's email address. + + NOTE: + GitLab content imports that use GitHub accounts require that the GitHub public-facing + email address is populated so that all comments and contributions are properly mapped + to the same user in GitLab. GitHub Enterprise (on premise) does not require this field + to be populated to use the product, so you may need to add it on existing GitHub Enterprise + accounts for imported content to be properly mapped to the user in the new system. + Refer to GitHub documentation for instructions on how to add that address. If a user referenced in the project is not found in the GitLab database, the project creator (typically the user that initiated the import process) is set as the author/assignee, but a note on the issue mentioning the original @@ -86,7 +91,7 @@ For an overview of the import process, see the video [Migrating from GitHub to G ## Import your GitHub repository into GitLab -### Using the GitHub integration +### Use the GitHub integration Before you begin, ensure that any GitHub users who you want to map to GitLab users have either: @@ -105,9 +110,9 @@ If you are using a self-managed GitLab instance or if you are importing from Git 1. Select the **Import project** tab and then select **GitHub**. 1. Select the first button to **List your GitHub repositories**. You are redirected to a page on [GitHub](https://github.com) to authorize the GitLab application. 1. Click **Authorize GitlabHQ**. You are redirected back to the GitLab Import page and all of your GitHub repositories are listed. -1. Continue on to [selecting which repositories to import](#selecting-which-repositories-to-import). +1. Continue on to [selecting which repositories to import](#select-which-repositories-to-import). -### Using a GitHub token +### Use a GitHub token NOTE: Using a personal access token to import projects is not recommended. If you are a GitLab.com user, @@ -115,7 +120,7 @@ you can use a personal access token to import your project from GitHub, but this associate all user activity (such as issues and pull requests) with matching GitLab users. If you are an administrator of a self-managed GitLab instance or if you are importing from GitHub Enterprise, you cannot use a personal access token. -The [GitHub integration method (above)](#using-the-github-integration) is recommended for all users. +The [GitHub integration method (above)](#use-the-github-integration) is recommended for all users. Read more in the [How it works](#how-it-works) section. If you are not using the GitHub integration, you can still perform an authorization with GitHub to grant GitLab access your repositories: @@ -129,7 +134,7 @@ If you are not using the GitHub integration, you can still perform an authorizat 1. Hit the **List Your GitHub Repositories** button and wait while GitLab reads your repositories' information. Once done, you'll be taken to the importer page to select the repositories to import. -### Selecting which repositories to import +### Select which repositories to import After you have authorized access to your GitHub repositories, you are redirected to the GitHub importer page and your GitHub repositories are listed. @@ -155,7 +160,7 @@ Additionally, you can configure GitLab to send pipeline status updates back GitH If you import your project using [CI/CD for external repository](../../../ci/ci_cd_for_external_repos/index.md), then both of the above are automatically configured. **(PREMIUM)** -## Improving the speed of imports on self-managed instances +## Improve the speed of imports on self-managed instances NOTE: Administrator access to the GitLab server is required. diff --git a/doc/user/project/import/gitlab_com.md b/doc/user/project/import/gitlab_com.md index add457c217e..9e63b1cb617 100644 --- a/doc/user/project/import/gitlab_com.md +++ b/doc/user/project/import/gitlab_com.md @@ -19,10 +19,10 @@ you'll need to follow the instructions for [exporting a project](../settings/imp  -Go to the **Import Projects** tab, then click on **GitLab.com**, and you will be redirected to GitLab.com -for permission to access your projects. After accepting, you'll be automatically redirected to the importer. +Go to the **Import Projects** tab, then click on **GitLab.com**, and you are redirected to GitLab.com +for permission to access your projects. After accepting, you are automatically redirected to the importer.  -To import a project, click "Import". The importer will import your repository and issues. -Once the importer is done, a new GitLab project will be created with your imported data. +To import a project, click "Import". The importer imports your repository and issues. +Once the importer is done, a new GitLab project is created with your imported data. diff --git a/doc/user/project/import/img/gemnasium/connect_github_v13_5.png b/doc/user/project/import/img/gemnasium/connect_github_v13_5.png Binary files differdeleted file mode 100644 index 575d257a213..00000000000 --- a/doc/user/project/import/img/gemnasium/connect_github_v13_5.png +++ /dev/null diff --git a/doc/user/project/import/img/gemnasium/create_project_v13_5.png b/doc/user/project/import/img/gemnasium/create_project_v13_5.png Binary files differdeleted file mode 100644 index 37467bc3fed..00000000000 --- a/doc/user/project/import/img/gemnasium/create_project_v13_5.png +++ /dev/null diff --git a/doc/user/project/import/img/gemnasium/edit_gitlab-ci.png b/doc/user/project/import/img/gemnasium/edit_gitlab-ci.png Binary files differdeleted file mode 100644 index 8336c803b83..00000000000 --- a/doc/user/project/import/img/gemnasium/edit_gitlab-ci.png +++ /dev/null diff --git a/doc/user/project/import/img/gemnasium/pipeline.png b/doc/user/project/import/img/gemnasium/pipeline.png Binary files differdeleted file mode 100644 index ae4d5295ffa..00000000000 --- a/doc/user/project/import/img/gemnasium/pipeline.png +++ /dev/null diff --git a/doc/user/project/import/img/gemnasium/project_connected.png b/doc/user/project/import/img/gemnasium/project_connected.png Binary files differdeleted file mode 100644 index 332d2230ef8..00000000000 --- a/doc/user/project/import/img/gemnasium/project_connected.png +++ /dev/null diff --git a/doc/user/project/import/img/gemnasium/select_project_v13_5.png b/doc/user/project/import/img/gemnasium/select_project_v13_5.png Binary files differdeleted file mode 100644 index 30575954811..00000000000 --- a/doc/user/project/import/img/gemnasium/select_project_v13_5.png +++ /dev/null diff --git a/doc/user/project/import/img/jira/import_issues_from_jira_form_v13_2.png b/doc/user/project/import/img/jira/import_issues_from_jira_form_v13_2.png Binary files differindex 8a94d33d47b..dca60b2bc5c 100644 --- a/doc/user/project/import/img/jira/import_issues_from_jira_form_v13_2.png +++ b/doc/user/project/import/img/jira/import_issues_from_jira_form_v13_2.png diff --git a/doc/user/project/import/index.md b/doc/user/project/import/index.md index f6ed53763dd..3728a486070 100644 --- a/doc/user/project/import/index.md +++ b/doc/user/project/import/index.md @@ -5,50 +5,52 @@ group: Import info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Migrating projects to a GitLab instance - -1. [From Bitbucket Cloud](bitbucket.md) -1. [From Bitbucket Server (also known as Stash)](bitbucket_server.md) -1. [From ClearCase](clearcase.md) -1. [From CVS](cvs.md) -1. [From FogBugz](fogbugz.md) -1. [From GitHub.com or GitHub Enterprise](github.md) -1. [From GitLab.com](gitlab_com.md) -1. [From Gitea](gitea.md) -1. [From Perforce](perforce.md) -1. [From SVN](svn.md) -1. [From TFVC](tfvc.md) -1. [From repository by URL](repo_by_url.md) -1. [By uploading a manifest file (AOSP)](manifest.md) -1. [From Gemnasium](gemnasium.md) -1. [From Phabricator](phabricator.md) -1. [From Jira (issues only)](jira.md) - -In addition to the specific migration documentation above, you can import any -Git repository via HTTP from the New Project page. Be aware that if the -repository is too large the import can timeout. - -There is also the option of [connecting your external repository to get CI/CD benefits](../../../ci/ci_cd_for_external_repos/index.md). **(PREMIUM)** +# Migrate projects to a GitLab instance + +See these documents to migrate to GitLab: + +- [From Bitbucket Cloud](bitbucket.md) +- [From Bitbucket Server (also known as Stash)](bitbucket_server.md) +- [From ClearCase](clearcase.md) +- [From CVS](cvs.md) +- [From FogBugz](fogbugz.md) +- [From GitHub.com or GitHub Enterprise](github.md) +- [From GitLab.com](gitlab_com.md) +- [From Gitea](gitea.md) +- [From Perforce](perforce.md) +- [From SVN](svn.md) +- [From TFVC](tfvc.md) +- [From repository by URL](repo_by_url.md) +- [By uploading a manifest file (AOSP)](manifest.md) +- [From Phabricator](phabricator.md) +- [From Jira (issues only)](jira.md) + +You can also import any Git repository through HTTP from the **New Project** page. Note that if the +repository is too large, the import can timeout. + +You can also [connect your external repository to get CI/CD benefits](../../../ci/ci_cd_for_external_repos/index.md). **(PREMIUM)** ## LFS authentication When importing a project that contains LFS objects, if the project has an [`.lfsconfig`](https://github.com/git-lfs/git-lfs/blob/master/docs/man/git-lfs-config.5.ronn) file with a URL host (`lfs.url`) different from the repository URL host, LFS files are not downloaded. -## Migrating from self-managed GitLab to GitLab.com +## Migrate from self-managed GitLab to GitLab.com -If you only need to migrate Git repositories, you can [import each project by URL](repo_by_url.md). Issues and merge requests can't be imported. - -If you want to retain all metadata like issues and merge requests, you can use -the [import/export feature](../settings/import_export.md) to export projects from self-managed GitLab and import those projects into GitLab.com. - -All GitLab user associations (such as comment author) will be changed to the user importing the project. For more information, please see [the import notes](../settings/import_export.md#important-notes). - -If you need to migrate all data over, you can leverage our [API](../../../api/README.md) to migrate from self-managed to GitLab.com. -The order of assets to migrate from a self-managed instance to GitLab.com is the following: +If you only need to migrate Git repositories, you can [import each project by URL](repo_by_url.md). +However, you can't import issues and merge requests this way. To retain all metadata like issues and +merge requests, use the [import/export feature](../settings/import_export.md) +to export projects from self-managed GitLab and import those projects into GitLab.com. All GitLab +user associations (such as comment author) are changed to the user importing the project. For more +information, see [the import notes](../settings/import_export.md#important-notes). NOTE: -When migrating to GitLab.com, users would need to be manually created unless [SCIM](../../../user/group/saml_sso/scim_setup.md) is going to be used. Creating users with the API is limited to self-managed instances as it requires administrator access. +When migrating to GitLab.com, you must create users manually unless [SCIM](../../../user/group/saml_sso/scim_setup.md) +will be used. Creating users with the API is limited to self-managed instances as it requires +administrator access. + +To migrate all data from self-managed to GitLab.com, you can leverage the [API](../../../api/README.md). +Migrate the assets in this order: 1. [Groups](../../../api/groups.md) 1. [Projects](../../../api/projects.md) @@ -56,43 +58,43 @@ When migrating to GitLab.com, users would need to be manually created unless [SC Keep in mind the limitations of the [import/export feature](../settings/import_export.md#exported-contents). -You will still need to migrate your Container Registry over a series of -Docker pulls and pushes and re-run any CI pipelines to retrieve any build artifacts. +You must still migrate your [Container Registry](../../packages/container_registry/) +over a series of Docker pulls and pushes. Re-run any CI pipelines to retrieve any build artifacts. -## Migrating from GitLab.com to self-managed GitLab +## Migrate from GitLab.com to self-managed GitLab -The process is essentially the same as for [migrating from self-managed GitLab to GitLab.com](#migrating-from-self-managed-gitlab-to-gitlabcom). The main difference is that users can be created on the self-managed GitLab instance by an administrator through the UI or the [users API](../../../api/users.md#user-creation). +The process is essentially the same as [migrating from self-managed GitLab to GitLab.com](#migrate-from-self-managed-gitlab-to-gitlabcom). +The main difference is that an administrator can create users on the self-managed GitLab instance +through the UI or the [users API](../../../api/users.md#user-creation). -## Migrating between two self-managed GitLab instances +## Migrate between two self-managed GitLab instances -The best method for migrating from one GitLab instance to another, -perhaps from an old server to a new server for example, is to -[back up the instance](../../../raketasks/backup_restore.md), -then restore it on the new server. +To migrate from an existing self-managed GitLab instance to a new self-managed GitLab instance, it's +best to [back up](../../../raketasks/backup_restore.md) +the existing instance and restore it on the new instance. For example, this is useful when migrating +a self-managed instance from an old server to a new server. -In the event of merging two GitLab instances together (for example, both instances have existing data on them and one can't be wiped), -refer to the instructions in [Migrating from self-managed GitLab to GitLab.com](#migrating-from-self-managed-gitlab-to-gitlabcom). +To instead merge two self-managed GitLab instances together, use the instructions in +[Migrate from self-managed GitLab to GitLab.com](#migrate-from-self-managed-gitlab-to-gitlabcom). +This method is useful when both self-managed instances have existing data that must be preserved. -Additionally, you can migrate users using the [Users API](../../../api/users.md) with an administrator user. +Also note that administrators can use the [Users API](../../../api/users.md) +to migrate users. ## Project aliases **(PREMIUM SELF)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3264) in GitLab Premium 12.1. -When migrating repositories to GitLab and they are being accessed by other systems, -it's very useful to be able to access them using the same name especially when -they are a lot. It reduces the risk of changing significant number of Git URLs in -a large number of systems. - -GitLab provides a functionality to help with this. In GitLab, repositories are -usually accessed with a namespace and project name. It is also possible to access -them via a project alias. This feature is only available on Git over SSH. +GitLab repositories are usually accessed with a namespace and a project name. When migrating +frequently accessed repositories to GitLab, however, you can use project aliases to access those +repositories with the original name. Accessing repositories through a project alias reduces the risk +associated with migrating such repositories. -A project alias can be only created via API and only by GitLab administrators. -Follow the [Project Aliases API documentation](../../../api/project_aliases.md) for -more details. +This feature is only available on Git over SSH. Also, only GitLab administrators can create project +aliases, and they can only do so through the API. For more information, see the +[Project Aliases API documentation](../../../api/project_aliases.md). -After an alias has been created for a project (such as an alias `gitlab` for the -project `https://gitlab.com/gitlab-org/gitlab`), you can clone the repository -with the alias (e.g `git clone git@gitlab.com:gitlab.git` instead of -`git clone git@gitlab.com:gitlab-org/gitlab.git`). +After an administrator creates an alias for a project, you can use the alias to clone the +repository. For example, if an administrator creates the alias `gitlab` for the project +`https://gitlab.com/gitlab-org/gitlab`, you can clone the project with +`git clone git@gitlab.com:gitlab.git` instead of `git clone git@gitlab.com:gitlab-org/gitlab.git`. diff --git a/doc/user/project/import/jira.md b/doc/user/project/import/jira.md index 5fb737cf74a..4273f90c1e7 100644 --- a/doc/user/project/import/jira.md +++ b/doc/user/project/import/jira.md @@ -54,13 +54,13 @@ Make sure you have the integration set up before trying to import Jira issues. > New import form [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/216145) in GitLab 13.2. -To import Jira issues to a GitLab project, follow the steps below. - NOTE: Importing Jira issues is done as an asynchronous background job, which may result in delays based on import queues load, system load, or other factors. Importing large projects may take several minutes depending on the size of the import. +To import Jira issues to a GitLab project: + 1. On the **{issues}** **Issues** page, click **Import Issues** (**{import}**) **> Import from Jira**.  diff --git a/doc/user/project/import/manifest.md b/doc/user/project/import/manifest.md index 6ef91a54987..94eba319a17 100644 --- a/doc/user/project/import/manifest.md +++ b/doc/user/project/import/manifest.md @@ -29,7 +29,7 @@ A manifest must be an XML file. There must be one `remote` tag with a `review` attribute that contains a URL to a Git server, and each `project` tag must have a `name` and `path` attribute. GitLab will then build the URL to the repository by combining the URL from the `remote` tag with a project name. -A path attribute will be used to represent the project path in GitLab. +A path attribute is used to represent the project path in GitLab. Below is a valid example of a manifest file: @@ -42,23 +42,23 @@ Below is a valid example of a manifest file: </manifest> ``` -As a result, the following projects will be created: +As a result, the following projects are created: | GitLab | Import URL | |:------------------------------------------------|:------------------------------------------------------------| | `https://gitlab.com/YOUR_GROUP/build/make` | <https://android.googlesource.com/platform/build> | | `https://gitlab.com/YOUR_GROUP/build/blueprint` | <https://android.googlesource.com/platform/build/blueprint> | -## Importing the repositories +## Import the repositories -You can start the import with: +To start the import: -1. From your GitLab dashboard click **New project** -1. Switch to the **Import project** tab -1. Click on the **Manifest file** button -1. Provide GitLab with a manifest XML file -1. Select a group you want to import to (you need to create a group first if you don't have one) -1. Click **List available repositories**. At this point, you will be redirected +1. From your GitLab dashboard click **New project**. +1. Switch to the **Import project** tab. +1. Click on the **Manifest file** button. +1. Provide GitLab with a manifest XML file. +1. Select a group you want to import to (you need to create a group first if you don't have one). +1. Click **List available repositories**. At this point, you are redirected to the import status page with projects list based on the manifest file. 1. Check the list and click **Import all repositories** to start the import. diff --git a/doc/user/project/import/phabricator.md b/doc/user/project/import/phabricator.md index 91fd7b8928b..30a63a72cf9 100644 --- a/doc/user/project/import/phabricator.md +++ b/doc/user/project/import/phabricator.md @@ -20,7 +20,7 @@ GitLab allows you to import all tasks from a Phabricator instance into GitLab issues. The import creates a single project with the repository disabled. -Currently, only the following basic fields are imported: +Only the following basic fields are imported: - Title - Description @@ -34,6 +34,6 @@ The assignee and author of a user are deducted from a Task's owner and author: If a user with the same username has access to the namespace of the project being imported into, then the user will be linked. -## Enabling this feature +## Enable this feature Enable Phabricator as an [import source](../../admin_area/settings/visibility_and_access_controls.md#import-sources) in the Admin Area. diff --git a/doc/user/project/import/svn.md b/doc/user/project/import/svn.md index a816dca59bc..e39976e00f6 100644 --- a/doc/user/project/import/svn.md +++ b/doc/user/project/import/svn.md @@ -11,18 +11,16 @@ Subversion (SVN) is a central version control system (VCS) while Git is a distributed version control system. There are some major differences between the two, for more information consult your favorite search engine. -## Overview - There are two approaches to SVN to Git migration: -1. [Git/SVN Mirror](#smooth-migration-with-a-gitsvn-mirror-using-subgit) which: - - Makes the GitLab repository to mirror the SVN project. - - Git and SVN repositories are kept in sync; you can use either one. - - Smoothens the migration process and allows to manage migration risks. +- [Git/SVN Mirror](#smooth-migration-with-a-gitsvn-mirror-using-subgit) which: + - Makes the GitLab repository to mirror the SVN project. + - Git and SVN repositories are kept in sync; you can use either one. + - Smoothens the migration process and allows you to manage migration risks. -1. [Cut over migration](#cut-over-migration-with-svn2git) which: - - Translates and imports the existing data and history from SVN to Git. - - Is a fire and forget approach, good for smaller teams. +- [Cut over migration](#cut-over-migration-with-svn2git) which: + - Translates and imports the existing data and history from SVN to Git. + - Is a fire and forget approach, good for smaller teams. ## Smooth migration with a Git/SVN mirror using SubGit @@ -38,15 +36,15 @@ directly in a file system level. follow [this article](http://www.webupd8.org/2012/09/install-oracle-java-8-in-ubuntu-via-ppa.html). 1. Download SubGit from <https://subgit.com/download>. 1. Unpack the downloaded SubGit zip archive to the `/opt` directory. The `subgit` - command will be available at `/opt/subgit-VERSION/bin/subgit`. + command is available at `/opt/subgit-VERSION/bin/subgit`. ### SubGit configuration The first step to mirror you SVN repository in GitLab is to create a new empty -project which will be used as a mirror. For Omnibus installations the path to -the repository will be located at +project that is used as a mirror. For Omnibus installations the path to +the repository is `/var/opt/gitlab/git-data/repositories/USER/REPO.git` by default. For -installations from source, the default repository directory will be +installations from source, the default repository directory is `/home/git/repositories/USER/REPO.git`. For convenience, assign this path to a variable: @@ -54,7 +52,7 @@ variable: GIT_REPO_PATH=/var/opt/gitlab/git-data/repositories/USER/REPOS.git ``` -SubGit will keep this repository in sync with a remote SVN project. For +SubGit keeps this repository in sync with a remote SVN project. For convenience, assign your remote SVN project URL to a variable: ```shell @@ -89,9 +87,9 @@ initial translation of existing SVN revisions into the Git repository: subgit install $GIT_REPO_PATH ``` -After the initial translation is completed, the Git repository and the SVN -project will be kept in sync by `subgit` - new Git commits will be translated to -SVN revisions and new SVN revisions will be translated to Git commits. Mirror +After the initial translation is completed, `subgit` keeps the Git repository and the SVN +project sync - new Git commits are translated to +SVN revisions and new SVN revisions are translated to Git commits. Mirror works transparently and does not require any special commands. If you would prefer to perform one-time cut over migration with `subgit`, use @@ -134,12 +132,12 @@ sudo apt-get install git-core git-svn ruby ``` Optionally, prepare an authors file so `svn2git` can map SVN authors to Git authors. -If you choose not to create the authors file then commits will not be attributed +If you choose not to create the authors file then commits are not attributed to the correct GitLab user. Some users may not consider this a big issue while -others will want to ensure they complete this step. If you choose to map authors -you will be required to map every author that is present on changes in the SVN -repository. If you don't, the conversion will fail and you will have to update -the author file accordingly. The following command will search through the +others want to ensure they complete this step. If you choose to map authors, +you must map every author present on changes in the SVN +repository. If you don't, the conversion fails and you have to update +the author file accordingly. The following command searches through the repository and output a list of authors. ```shell @@ -159,7 +157,7 @@ not nested) the conversion is simple. For a non-standard repository see [svn2git documentation](https://github.com/nirvdrum/svn2git). The following command will checkout the repository and do the conversion in the current working directory. Be sure to create a new directory for each repository before -running the `svn2git` command. The conversion process will take some time. +running the `svn2git` command. The conversion process takes some time. ```shell svn2git https://svn.example.com/path/to/repo --authors /path/to/authors.txt @@ -167,13 +165,13 @@ svn2git https://svn.example.com/path/to/repo --authors /path/to/authors.txt If your SVN repository requires a username and password add the `--username <username>` and `--password <password>` flags to the above command. -`svn2git` also supports excluding certain file paths, branches, tags, etc. See +`svn2git` also supports excluding certain file paths, branches, tags, and so on. See [svn2git documentation](https://github.com/nirvdrum/svn2git) or run `svn2git --help` for full documentation on all of the available options. -Create a new GitLab project, where you will eventually push your converted code. +Create a new GitLab project, into which you push your converted code. Copy the SSH or HTTP(S) repository URL from the project page. Add the GitLab -repository as a Git remote and push all the changes. This will push all commits, +repository as a Git remote and push all the changes. This pushes all commits, branches and tags. ```shell diff --git a/doc/user/project/import/tfvc.md b/doc/user/project/import/tfvc.md index 0d347a16697..705df686fe0 100644 --- a/doc/user/project/import/tfvc.md +++ b/doc/user/project/import/tfvc.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: concepts --- -# Migrating from TFVC to Git +# Migrate from TFVC to Git Team Foundation Server (TFS), renamed [Azure DevOps Server](https://azure.microsoft.com/en-us/services/devops/server/) in 2019, is a set of tools developed by Microsoft which also includes @@ -46,12 +46,8 @@ Advantages of migrating to Git/GitLab: Migration options from TFVC to Git depend on your operating system. -- If you're migrating on Microsoft Windows: - - Use the [`git-tfs`](https://github.com/git-tfs/git-tfs) -tool. - Read the [Migrate TFS to Git](https://github.com/git-tfs/git-tfs/blob/master/doc/usecases/migrate_tfs_to_git.md) guide for details. - -- If you're on a Unix-based system: - - Follow the procedures described with this [TFVC to Git migration tool](https://github.com/turbo/gtfotfs). +- If you're migrating on Microsoft Windows, use the [`git-tfs`](https://github.com/git-tfs/git-tfs) + tool. See [Migrate TFS to Git](https://github.com/git-tfs/git-tfs/blob/master/doc/usecases/migrate_tfs_to_git.md) + for details. +- If you're on a Unix-based system, follow the procedures described with this + [TFVC to Git migration tool](https://github.com/turbo/gtfotfs). diff --git a/doc/user/project/index.md b/doc/user/project/index.md index 7e5801a2382..d9283f623d4 100644 --- a/doc/user/project/index.md +++ b/doc/user/project/index.md @@ -45,7 +45,7 @@ Projects include the following [features](https://about.gitlab.com/features/): - [Multiple Issue Boards](issue_board.md#multiple-issue-boards): Create team-specific workflows (Issue Boards) for a project. - [Merge Requests](merge_requests/index.md): Apply a branching strategy and get reviewed by your team. - - [Merge Request Approvals](merge_requests/merge_request_approvals.md): Ask for approval before + - [Merge Request Approvals](merge_requests/approvals/index.md): Ask for approval before implementing a change. - [Fix merge conflicts from the UI](merge_requests/resolve_conflicts.md): View Git diffs from the GitLab UI. - [Review Apps](../../ci/review_apps/index.md): By branch, preview the results diff --git a/doc/user/project/insights/img/insights_sidebar_link_v12_8.png b/doc/user/project/insights/img/insights_sidebar_link_v12_8.png Binary files differdeleted file mode 100644 index b07ecc5286a..00000000000 --- a/doc/user/project/insights/img/insights_sidebar_link_v12_8.png +++ /dev/null diff --git a/doc/user/project/insights/index.md b/doc/user/project/insights/index.md index 72897a1a26e..436df07d673 100644 --- a/doc/user/project/insights/index.md +++ b/doc/user/project/insights/index.md @@ -20,9 +20,7 @@ This feature is [also available at the group level](../../group/insights/index.m ## View your project's Insights You can access your project's Insights by clicking the **Analytics > Insights** -link in the left sidebar: - - +link in the left sidebar. ## Configure your Insights diff --git a/doc/user/project/integrations/bugzilla.md b/doc/user/project/integrations/bugzilla.md index 7e14515d98e..e8427e36015 100644 --- a/doc/user/project/integrations/bugzilla.md +++ b/doc/user/project/integrations/bugzilla.md @@ -4,33 +4,55 @@ group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Bugzilla Service **(FREE)** +# Bugzilla service **(FREE)** -Navigate to the [Integrations page](overview.md#accessing-integrations), -select the **Bugzilla** service and fill in the required details as described -in the table below. +[Bugzilla](https://www.bugzilla.org/) is a web-based general-purpose bug tracking system and testing +tool. -| Field | Description | -| ----- | ----------- | -| `project_url` | The URL to the project in Bugzilla which is being linked to this GitLab project. Note that the `project_url` requires PRODUCT_NAME to be updated with the product/project name in Bugzilla. | -| `issues_url` | The URL to the issue in Bugzilla project that is linked to this GitLab project. Note that the `issues_url` requires `:id` in the URL. This ID is used by GitLab as a placeholder to replace the issue number. | -| `new_issue_url` | This is the URL to create a new issue in Bugzilla for the project linked to this GitLab project. Note that the `new_issue_url` requires PRODUCT_NAME to be updated with the product/project name in Bugzilla. | +You can configure Bugzilla as an +[external issue tracker](../../../integration/external-issue-tracker.md) in GitLab. -Once you have configured and enabled Bugzilla, you see the Bugzilla link on the GitLab project pages that takes you to the appropriate Bugzilla project. +To enable the Bugzilla integration in a project: -## Referencing issues in Bugzilla +1. Go to the [Integrations page](overview.md#accessing-integrations). +1. Select **Bugzilla**. +1. Select the checkbox under **Enable integration**. +1. Fill in the required fields: -Issues in Bugzilla can be referenced in two alternative ways: + - **Project URL**: The URL to the project in Bugzilla. + For example, for a product named "Fire Tanuki": + `https://bugzilla.example.org/describecomponents.cgi?product=Fire+Tanuki`. + - **Issue URL**: The URL to view an issue in the Bugzilla project. + The URL must contain `:id`. GitLab replaces `:id` with the issue number (for example, + `https://bugzilla.example.org/show_bug.cgi?id=:id`, which becomes + `https://bugzilla.example.org/show_bug.cgi?id=123`). + - **New issue URL**: The URL to create a new issue in the linked Bugzilla project. + For example, for a project named "My Cool App": + `https://bugzilla.example.org/enter_bug.cgi#h=dupes%7CMy+Cool+App`. -- `#<ID>` where `<ID>` is a number (example `#143`). -- `<PROJECT>-<ID>` where `<PROJECT>` starts with a capital letter which is - then followed by capital letters, numbers or underscores, and `<ID>` is - a number (example `API_32-143`). +1. Select **Save changes** or optionally select **Test settings**. -We suggest using the longer format if you have both internal and external issue trackers enabled. If you use the shorter format and an issue with the same ID exists in the internal issue tracker, the internal issue is linked. +After you configure and enable Bugzilla, a link appears on the GitLab +project pages. This link takes you to the appropriate Bugzilla project. -Please note that `<PROJECT>` part is ignored and links always point to the -address specified in `issues_url`. +You can also disable [GitLab internal issue tracking](../issues/index.md) in this project. +Learn more about the steps and consequences of disabling GitLab issues in +[Sharing and permissions](../settings/index.md#sharing-and-permissions). + +## Reference Bugzilla issues in GitLab + +You can reference issues in Bugzilla using: + +- `#<ID>`, where `<ID>` is a number (for example, `#143`). +- `<PROJECT>-<ID>` (for example `API_32-143`) where: + - `<PROJECT>` starts with a capital letter, followed by capital letters, numbers, or underscores. + - `<ID>` is a number. + +The `<PROJECT>` part is ignored in links, which always point to the address specified in **Issue URL**. + +We suggest using the longer format (`<PROJECT>-<ID>`) if you have both internal and external issue +trackers enabled. If you use the shorter format, and an issue with the same ID exists in the +internal issue tracker, the internal issue is linked. ## Troubleshooting diff --git a/doc/user/project/integrations/custom_issue_tracker.md b/doc/user/project/integrations/custom_issue_tracker.md index 9cc4e980212..19beafd6663 100644 --- a/doc/user/project/integrations/custom_issue_tracker.md +++ b/doc/user/project/integrations/custom_issue_tracker.md @@ -4,35 +4,43 @@ group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Custom Issue Tracker service **(FREE)** +# Custom issue tracker service **(FREE)** -To enable the Custom Issue Tracker integration in a project: +Use a custom issue tracker that is not in the integration list. -1. Go to **Settings > Integrations**. -1. Click **Custom Issue Tracker** -1. Fill in the tracker's details, such as title, description, and URLs. - You can edit these fields later as well. +To enable a custom issue tracker in a project: - These are some of the required fields: +1. Go to the [Integrations page](overview.md#accessing-integrations). +1. Select **Custom issue tracker**. +1. Select the checkbox under **Enable integration**. +1. Fill in the required fields: - | Field | Description | - | --------------- | ----------- | - | **Project URL** | The URL to the project in the custom issue tracker. | - | **Issues URL** | The URL to the issue in the issue tracker project that is linked to this GitLab project. Note that the `issues_url` requires `:id` in the URL. This ID is used by GitLab as a placeholder to replace the issue number. For example, `https://customissuetracker.com/project-name/:id`. | - | **New issue URL** | Currently unused. Planned to be changed in a future release. | + - **Project URL**: The URL to view all the issues in the custom issue tracker. + - **Issue URL**: The URL to view an issue in the custom issue tracker. The URL must contain `:id`. + GitLab replaces `:id` with the issue number (for example, + `https://customissuetracker.com/project-name/:id`, which becomes `https://customissuetracker.com/project-name/123`). + - **New issue URL**: + <!-- The line below was originally added in January 2018: https://gitlab.com/gitlab-org/gitlab/-/commit/778b231f3a5dd42ebe195d4719a26bf675093350 --> + **This URL is not used and removal is planned in a future release.** + Enter any URL here. + For more information, see [issue 327503](https://gitlab.com/gitlab-org/gitlab/-/issues/327503). -1. Click **Test settings and save changes**. +1. Select **Save changes** or optionally select **Test settings**. -After you configure and enable the Custom Issue Tracker service, you see a link on the GitLab -project pages that takes you to that custom issue tracker. +After you configure and enable the custom issue tracker service, a link appears on the GitLab +project pages. This link takes you to the custom issue tracker. -## Referencing issues +## Reference issues in a custom issue tracker -Issues are referenced with `<ANYTHING>-<ID>` (for example, `PROJECT-143`), where `<ANYTHING>` can be any string in CAPS, and `<ID>` -is a number used in the target project of the custom integration. +You can reference issues in a custom issue tracker using: -`<ANYTHING>` is a placeholder to differentiate against GitLab issues, which are referenced with `#<ID>`. You can use a project name or project key to replace it for example. +- `#<ID>`, where `<ID>` is a number (for example, `#143`). +- `<PROJECT>-<ID>` (for example `API_32-143`) where: + - `<PROJECT>` starts with a capital letter, followed by capital letters, numbers, or underscores. + - `<ID>` is a number. -When building the hyperlink, the `<ANYTHING>` part is ignored, and links always point to the address -specified in `issues_url`, so in the example above, `PROJECT-143` would refer to -`https://customissuetracker.com/project-name/143`. +The `<PROJECT>` part is ignored in links, which always point to the address specified in **Issue URL**. + +We suggest using the longer format (`<PROJECT>-<ID>`) if you have both internal and external issue +trackers enabled. If you use the shorter format, and an issue with the same ID exists in the +internal issue tracker, the internal issue is linked. diff --git a/doc/user/project/integrations/ewm.md b/doc/user/project/integrations/ewm.md index d63599d02bc..5b0059673ad 100644 --- a/doc/user/project/integrations/ewm.md +++ b/doc/user/project/integrations/ewm.md @@ -6,31 +6,49 @@ info: To determine the technical writer assigned to the Stage/Group associated w # IBM Engineering Workflow Management (EWM) Integration **(FREE)** -This service allows you to navigate from GitLab to EWM work items mentioned in merge request descriptions and commit messages. Each work item reference is automatically converted to a link back to the work item. +This service allows you to go from GitLab to EWM work items mentioned in merge request +descriptions and commit messages. +Each work item reference is automatically converted to a link to the work item. -NOTE: -This IBM product was [formerly named Rational Team Concert](https://jazz.net/blog/index.php/2019/04/23/renaming-the-ibm-continuous-engineering-portfolio/)(RTC). This integration is also compatible with all versions of RTC and EWM. +This IBM product was [formerly named Rational Team Concert](https://jazz.net/blog/index.php/2019/04/23/renaming-the-ibm-continuous-engineering-portfolio/)(RTC). This integration is compatible with all versions of RTC and EWM. -1. From a GitLab project, navigate to **Settings > Integrations**, and then click **EWM**. -1. Enter the information listed below. +To enable the EWM integration, in a project: - | Field | Description | - | ----- | ----------- | - | `project_url` | URL of the EWM project area to link to the GitLab project. To obtain your project area URL, navigate to the path `/ccm/web/projects` and copy the listed project's URL. For example, `https://example.com/ccm/web/Example%20Project` | - | `issues_url` | URL to the work item editor in the EWM project area. The format is `<your-server-url>/resource/itemName/com.ibm.team.workitem.WorkItem/:id`. For example, `https://example.com/ccm/resource/itemName/com.ibm.team.workitem.WorkItem/:id` | - | `new_issue_url` | URL to create a new work item in the EWM project area. Append the following fragment to your project area URL: `#action=com.ibm.team.workitem.newWorkItem`. For example, `https://example.com/ccm/web/projects/JKE%20Banking#action=com.ibm.team.workitem.newWorkItem` | +1. Go to the [Integrations page](overview.md#accessing-integrations). +1. Select **EWM**. +1. Select the checkbox under **Enable integration**. +1. Fill in the required fields: + + - **Project URL**: The URL to the EWM project area. + + To obtain your project area URL, navigate to the + path `/ccm/web/projects` and copy the listed project's URL. For example, `https://example.com/ccm/web/Example%20Project`. + - **Issue URL**: The URL to the work item editor in the EWM project area. + + The format is `<your-server-url>/resource/itemName/com.ibm.team.workitem.WorkItem/:id`. + GitLab replaces `:id` with the issue number + (for example, `https://example.com/ccm/resource/itemName/com.ibm.team.workitem.WorkItem/:id`, + which becomes `https://example.com/ccm/resource/itemName/com.ibm.team.workitem.WorkItem/123`). + - **New issue URL**: URL to create a new work item in the EWM project area. + + Append the following fragment to your project area URL: `#action=com.ibm.team.workitem.newWorkItem`. + For example, `https://example.com/ccm/web/projects/JKE%20Banking#action=com.ibm.team.workitem.newWorkItem`. + +1. Select **Save changes** or optionally select **Test settings**. ## Reference EWM work items in commit messages -You can use any of the keywords supported by the EWM Git Integration Toolkit to refer to work items. Work items can be referenced using the format: `<keyword> <id>`. +To refer to work items, you can use any keywords supported by the EWM Git Integration Toolkit. +Use the format: `<keyword> <id>`. You can use the following keywords: - `bug` -- `task` - `defect` - `rtcwi` -- `workitem` +- `task` - `work item` +- `workitem` -For more details, see the EWM documentation page [Creating links from commit comments](https://www.ibm.com/support/knowledgecenter/SSYMRC_7.0.0/com.ibm.team.connector.cq.doc/topics/t_creating_links_through_comments.html), which recommends against using the additionally-supported keyword `#` because of incompatibility with GitLab. +Avoid using the keyword `#`. Learn more in the EWM documentation page +[Creating links from commit comments](https://www.ibm.com/docs/en/elm/7.0.0?topic=commits-creating-links-from-commit-comments). diff --git a/doc/user/project/integrations/hangouts_chat.md b/doc/user/project/integrations/hangouts_chat.md index d0efebd4da7..0668e5dd88f 100644 --- a/doc/user/project/integrations/hangouts_chat.md +++ b/doc/user/project/integrations/hangouts_chat.md @@ -4,32 +4,50 @@ group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Hangouts Chat service **(FREE)** +# Google Chat integration **(FREE)** > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/43756) in GitLab 11.2. -The Hangouts Chat service sends notifications from GitLab to the room for which the webhook was created. +Integrate your project to send notifications from GitLab to a +room of your choice in [Google Chat](https://chat.google.com/) (former Google +Hangouts). -## On Hangouts Chat +## How it works -1. Open the chat room in which you want to see the notifications. -1. From the chat room menu, select **Configure Webhooks**. -1. Click on **ADD WEBHOOK** and fill in the name of the bot to post the messages. Optionally define an avatar. -1. Click **SAVE** and copy the **Webhook URL** of your webhook. +To enable this integration, first you need to create a webhook for the room in +Google Chat where you want to receive the notifications from your project. -See also [the Hangouts Chat documentation for configuring incoming webhooks](https://developers.google.com/hangouts/chat/how-tos/webhooks) +After that, enable the integration in GitLab and choose the events you want to +be notified about in your Google Chat room. -## On GitLab +For every selected event in your project, GitLab acts like a bot sending +notifications to Google Chat: -When you have the **Webhook URL** for your Hangouts Chat room webhook, you can set up the GitLab service. + -1. Navigate to the [Integrations page](overview.md#accessing-integrations) in your project's settings, i.e. **Project > Settings > Integrations**. -1. Select the **Hangouts Chat** integration to configure it. -1. Ensure that the **Active** toggle is enabled. -1. Check the checkboxes corresponding to the GitLab events you want to receive. -1. Paste the **Webhook URL** that you copied from the Hangouts Chat configuration step. -1. Configure the remaining options and click `Save changes`. +## In Google Chat -Your Hangouts Chat room now starts receiving GitLab event notifications as configured. +Select a room and create a webhook: - +1. Enter the room where you want to receive notifications from GitLab. +1. Open the room dropdown menu on the top-left and select **Manage webhooks**. +1. Enter the name for your webhook, for example "GitLab integration". +1. (Optional) Add an avatar for your bot. +1. Select **Save**. +1. Copy the webhook URL. + +For further details, see [the Google Chat documentation for configuring webhooks](https://developers.google.com/hangouts/chat/how-tos/webhooks). + +## In GitLab + +Enable the Google Chat integration in GitLab: + +1. In your project, go to **Settings > Integrations** and select **Google Chat**. +1. Scroll down to the end of the page where you find a **Webhook** field. +1. Enter the webhook URL you copied from Google Chat. +1. Select the events you want to be notified about in your Google Chat room. +1. (Optional) Select **Test settings** to verify the connection. +1. Select **Save changes**. + +To test the integration, make a change based on the events you selected and +see the notification in your Google Chat room. diff --git a/doc/user/project/integrations/img/emails_on_push_service.png b/doc/user/project/integrations/img/emails_on_push_service.png Binary files differdeleted file mode 100644 index 43cef167369..00000000000 --- a/doc/user/project/integrations/img/emails_on_push_service.png +++ /dev/null diff --git a/doc/user/project/integrations/img/google_chat_integration_v13_11.png b/doc/user/project/integrations/img/google_chat_integration_v13_11.png Binary files differnew file mode 100644 index 00000000000..b2df55816d5 --- /dev/null +++ b/doc/user/project/integrations/img/google_chat_integration_v13_11.png diff --git a/doc/user/project/integrations/img/hangouts_chat_configuration.png b/doc/user/project/integrations/img/hangouts_chat_configuration.png Binary files differdeleted file mode 100644 index 1104f20ce2f..00000000000 --- a/doc/user/project/integrations/img/hangouts_chat_configuration.png +++ /dev/null diff --git a/doc/user/project/integrations/mattermost.md b/doc/user/project/integrations/mattermost.md index 0a32119d572..18ff6e324e3 100644 --- a/doc/user/project/integrations/mattermost.md +++ b/doc/user/project/integrations/mattermost.md @@ -48,10 +48,16 @@ notification. You do not need to add the hash sign (`#`). Then fill in the integration configuration: -| Field | Description | -| ----- | ----------- | -| **Webhook** | The incoming webhook URL on Mattermost, similar to: `http://mattermost.example/hooks/5xo…`. | -| **Username** | (Optional) The username to show on messages sent to Mattermost. Fill this in to change the username of the bot. | -| **Notify only broken pipelines** | If you enable the **Pipeline** event and you want to be notified about failed pipelines only. | -| **Branches to be notified** | Select which branches to send notifications for. | -| **Labels to be notified** | (Optional) Labels that the issue or merge request must have to trigger a notification. Leave blank to get notifications for all issues and merge requests. | +- **Webhook**: The incoming webhook URL on Mattermost, similar to + `http://mattermost.example/hooks/5xo…`. +- **Username**: (Optional) The username shown in messages sent to Mattermost. + To change the bot's username, provide a value. +- **Notify only broken pipelines**: If you enable the **Pipeline** event, and you want + notifications about failed pipelines only. +- **Branches to be notified**: The branches to send notifications for. +- **Labels to be notified**: (Optional) Labels required for the issue or merge request + to trigger a notification. Leave blank to notify for all issues and merge requests. +- **Labels to be notified behavior**: When you use the **Labels to be notified** filter, + messages are sent when an issue or merge request contains _any_ of the labels specified + in the filter. You can also choose to trigger messages only when the issue or merge request + contains _all_ the labels defined in the filter. diff --git a/doc/user/project/integrations/overview.md b/doc/user/project/integrations/overview.md index ef1f492bfbf..5bd4062b125 100644 --- a/doc/user/project/integrations/overview.md +++ b/doc/user/project/integrations/overview.md @@ -39,9 +39,9 @@ Click on the service links to see further configuration instructions and details | [Emails on push](emails_on_push.md) | Send commits and diff of each push by email. | **{dotted-circle}** No | | [EWM](ewm.md) | Use IBM Engineering Workflow Management as the issue tracker. | **{dotted-circle}** No | | [External wiki](../wiki/index.md#link-an-external-wiki) | Link an external wiki. | **{dotted-circle}** No | -| Flowdock | Use Flowdock with GitLab. | **{dotted-circle}** No | +| [Flowdock](../../../api/services.md#flowdock) | Send notifications from GitLab to Flowdock flows. | **{dotted-circle}** No | | [GitHub](github.md) | Obtain statuses for commits and pull requests. | **{dotted-circle}** No | -| [Hangouts Chat](hangouts_chat.md) | Receive events notifications. | **{dotted-circle}** No | +| [Google Chat](hangouts_chat.md) | Send notifications from your GitLab project to a room in Google Chat.| **{dotted-circle}** No | | [Irker (IRC gateway)](irker.md) | Send IRC messages. | **{dotted-circle}** No | | [Jenkins](../../../integration/jenkins.md) | Run CI/CD pipelines with Jenkins. | **{check-circle}** Yes | | JetBrains TeamCity CI | Run CI/CD pipelines with TeamCity. | **{check-circle}** Yes | diff --git a/doc/user/project/integrations/prometheus_library/cloudwatch.md b/doc/user/project/integrations/prometheus_library/cloudwatch.md index 0eaa9cae7c0..b35ebacbd31 100644 --- a/doc/user/project/integrations/prometheus_library/cloudwatch.md +++ b/doc/user/project/integrations/prometheus_library/cloudwatch.md @@ -31,7 +31,7 @@ Cloudwatch exporter retrieves and parses the specified Cloudwatch metrics, and translates them into a Prometheus monitoring endpoint. The only supported AWS resource is the Elastic Load Balancer, whose Cloudwatch -metrics are [documented here](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-cloudwatch-metrics.html). +metrics are listed in [this AWS documentation](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-cloudwatch-metrics.html). You can [download a sample Cloudwatch Exporter configuration file](../samples/cloudwatch.yml) that's configured for basic AWS ELB monitoring. diff --git a/doc/user/project/integrations/webex_teams.md b/doc/user/project/integrations/webex_teams.md index 6820412808f..b2bf8e5731a 100644 --- a/doc/user/project/integrations/webex_teams.md +++ b/doc/user/project/integrations/webex_teams.md @@ -6,25 +6,32 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Webex Teams service **(FREE)** -You can configure GitLab to send notifications to a Webex Teams space. +You can configure GitLab to send notifications to a Webex Teams space: + +1. Create a webhook for the space. +1. Add the webhook to GitLab. ## Create a webhook for the space 1. Go to the [Incoming Webhooks app page](https://apphub.webex.com/messaging/applications/incoming-webhooks-cisco-systems-38054). -1. Click **Connect** and log in to Webex Teams, if required. +1. Select **Connect** and log in to Webex Teams, if required. 1. Enter a name for the webhook and select the space to receive the notifications. -1. Click **ADD**. +1. Select **ADD**. 1. Copy the **Webhook URL**. ## Configure settings in GitLab -Once you have a webhook URL for your Webex Teams space, you can configure GitLab to send notifications. +Once you have a webhook URL for your Webex Teams space, you can configure GitLab to send +notifications: -1. Navigate to **Project > Settings > Integrations**. +1. Navigate to: + - **Settings > Integrations** in a project to enable the integration at the project level. + - **Settings > Integrations** in a group to enable the integration at the group level. + - **Settings > Integrations** in the Admin Area (**{admin}**) to enable an instance-level integration. 1. Select the **Webex Teams** integration. 1. Ensure that the **Active** toggle is enabled. 1. Select the checkboxes corresponding to the GitLab events you want to receive in Webex Teams. 1. Paste the **Webhook** URL for the Webex Teams space. 1. Configure the remaining options and then click **Test settings and save changes**. -The Webex Teams space now begins to receive all applicable GitLab events. +The Webex Teams space begins to receive all applicable GitLab events. diff --git a/doc/user/project/integrations/webhooks.md b/doc/user/project/integrations/webhooks.md index 56a339e02d2..d74a2bec1f6 100644 --- a/doc/user/project/integrations/webhooks.md +++ b/doc/user/project/integrations/webhooks.md @@ -1368,6 +1368,7 @@ X-Gitlab-Event: Deployment Hook { "object_kind": "deployment", "status": "success", + "status_changed_at":"2021-04-28 21:50:00 +0200", "deployable_id": 796, "deployable_url": "http://10.126.0.2:3000/root/test-deployment-webhooks/-/jobs/796", "environment": "staging", diff --git a/doc/user/project/integrations/youtrack.md b/doc/user/project/integrations/youtrack.md index f9f61de9d6b..f39c34ccc0a 100644 --- a/doc/user/project/integrations/youtrack.md +++ b/doc/user/project/integrations/youtrack.md @@ -4,40 +4,38 @@ group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# YouTrack Service **(FREE)** +# YouTrack service **(FREE)** -JetBrains [YouTrack](https://www.jetbrains.com/help/youtrack/standalone/YouTrack-Documentation.html) is a web-based issue tracking and project management platform. +JetBrains [YouTrack](https://www.jetbrains.com/youtrack/) is a web-based issue tracking and project +management platform. -You can configure YouTrack as an [External Issue Tracker](../../../integration/external-issue-tracker.md) in GitLab. +You can configure YouTrack as an +[external issue tracker](../../../integration/external-issue-tracker.md) in GitLab. -## Enable the YouTrack integration +To enable the YouTrack integration in a project: -To enable YouTrack integration in a project: +1. Go to the [Integrations page](overview.md#accessing-integrations). +1. Select **YouTrack**. +1. Select the checkbox under **Enable integration**. +1. Fill in the required fields: + - **Project URL**: The URL to the project in YouTrack. + - **Issue URL**: The URL to view an issue in the YouTrack project. + The URL must contain `:id`. GitLab replaces `:id` with the issue number. +1. Select **Save changes** or optionally select **Test settings**. -1. Navigate to the project's **Settings > [Integrations](overview.md#accessing-integrations)** page. -1. Click the **YouTrack** service, ensure it's active, and enter the required details on the page as described in the table below. +After you configure and enable YouTrack, a link appears on the GitLab +project pages. This link takes you to the appropriate YouTrack project. - | Field | Description | - |:----------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| - | **Project URL** | URL to the project in YouTrack which is being linked to this GitLab project. | - | **Issues URL** | URL to the issue in YouTrack project that is linked to this GitLab project. Note that the **Issues URL** requires `:id` in the URL. This ID is used by GitLab as a placeholder to replace the issue number. | +You can also disable [GitLab internal issue tracking](../issues/index.md) in this project. +Learn more about the steps and consequences of disabling GitLab issues in +[Sharing and permissions](../settings/index.md#sharing-and-permissions). -1. Click the **Save changes** button. +## Reference YouTrack issues in GitLab -Once you have configured and enabled YouTrack, you see the YouTrack link on the GitLab project pages that takes you to the appropriate YouTrack project. +You can reference issues in YouTrack using `<PROJECT>-<ID>` (for example `YT-101`, `Api_32-143` or `gl-030`) where: -## Disable the internal issue tracker +- `<PROJECT>` starts with a letter and is followed by letters, numbers, or underscores. +- `<ID>` is a number. -To disable the internal issue tracker in a project: - -1. Navigate to the project's **Settings > General** page. -1. Expand the [permissions section](../settings/index.md#sharing-and-permissions) and switch the **Issues** toggle to disabled. - -## Referencing YouTrack issues in GitLab - -Issues in YouTrack can be referenced as `<PROJECT>-<ID>`. `<PROJECT>` -must start with a letter and is followed by letters, numbers, or underscores. -`<ID>` is a number. An example reference is `YT-101`, `Api_32-143` or `gl-030`. - -References to `<PROJECT>-<ID>` in merge requests, commits, or comments are automatically linked to the YouTrack issue URL. -For more information, see the [External Issue Tracker](../../../integration/external-issue-tracker.md) documentation. +References to `<PROJECT>-<ID>` in merge requests, commits, or comments are automatically linked +to the YouTrack issue URL. diff --git a/doc/user/project/issue_board.md b/doc/user/project/issue_board.md index 5ddf98d4560..e1b6956f873 100644 --- a/doc/user/project/issue_board.md +++ b/doc/user/project/issue_board.md @@ -343,11 +343,10 @@ As in other list types, click the trash icon to remove a list. ### Iteration lists **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250479) in GitLab 13.11. -> - [Deployed behind the `board_new_lists` and `iteration_board_lists` feature flags](../feature_flags.md), disabled by default. -> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57439) in GitLab 13.11. +> - [Deployed behind the `board_new_list` and `iteration_board_lists` feature flags](../feature_flags.md), enabled by default. > - Enabled on GitLab.com. > - Recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to disable the feature flags: [`board_new_lists`](#enable-or-disable-new-add-list-form) and [`iteration_board_lists`](#enable-or-disable-iteration-lists-in-boards). **(PREMIUM SELF)** +> - For GitLab self-managed instances, GitLab administrators can opt to disable the feature flags: [`board_new_list`](#enable-or-disable-new-add-list-form) and [`iteration_board_lists`](#enable-or-disable-iteration-lists-in-boards). **(PREMIUM SELF)** There can be [risks when disabling released features](../feature_flags.md#risks-when-disabling-released-features). diff --git a/doc/user/project/issues/design_management.md b/doc/user/project/issues/design_management.md index f5eb8dd5a4d..2a003e68a73 100644 --- a/doc/user/project/issues/design_management.md +++ b/doc/user/project/issues/design_management.md @@ -31,7 +31,7 @@ to be enabled: - For self-managed instances, a GitLab administrator must have [enabled LFS globally](../../../administration/lfs/index.md). - For both GitLab.com and self-managed instances: LFS must be enabled for the project itself. - If enabled globally, LFS will be enabled by default to all projects. To enable LFS on the + If enabled globally, LFS is enabled by default to all projects. To enable LFS on the project level, navigate to your project's **Settings > General**, expand **Visibility, project features, permissions** and enable **Git Large File Storage**. @@ -56,7 +56,7 @@ Support for [PDF](https://gitlab.com/gitlab-org/gitlab/issues/32811) is planned - From GitLab 13.1, Design filenames are limited to 255 characters. - Design Management data [isn't deleted when a project is destroyed](https://gitlab.com/gitlab-org/gitlab/-/issues/13429) yet. -- Design Management data [won't be deleted](https://gitlab.com/gitlab-org/gitlab/-/issues/13427) +- Design Management data [isn't deleted](https://gitlab.com/gitlab-org/gitlab/-/issues/13427) when an issue is deleted. - From GitLab 12.7, Design Management data [can be replicated](../../../administration/geo/replication/datatypes.md#limitations-on-replicationverification) by Geo but [not verified](https://gitlab.com/gitlab-org/gitlab/-/issues/32467). @@ -102,19 +102,19 @@ the clipboard by simultaneously clicking <kbd>Control</kbd> + <kbd>Command</kbd> Copy-and-pasting has some limitations: -- You can paste only one image at a time. When copy/pasting multiple files, only the first one will be uploaded. -- All images will be converted to `png` format under the hood, so when you want to copy/paste `gif` file, it will result in broken animation. -- If you are pasting a screenshot from the clipboard, it will be renamed to `design_<timestamp>.png` +- You can paste only one image at a time. When copy/pasting multiple files, only the first one is uploaded. +- All images are converted to `png` format under the hood, so when you want to copy/paste `gif` file, it results in broken animation. +- If you are pasting a screenshot from the clipboard, it is renamed to `design_<timestamp>.png` - Copy/pasting designs is not supported on Internet Explorer. -Designs with the same filename as an existing uploaded design will create a new version -of the design, and will replace the previous version. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/34353) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.9, dropping a design on an existing uploaded design will also create a new version, +Designs with the same filename as an existing uploaded design create a new version +of the design, and replaces the previous version. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/34353) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.9, dropping a design on an existing uploaded design also creates a new version, provided the filenames are the same. ### Skipped designs -Designs with the same filename as an existing uploaded design _and_ whose content has not changed will be skipped. -This means that no new version of the design will be created. When designs are skipped, you will be made aware via a warning +Designs with the same filename as an existing uploaded design _and_ whose content has not changed are skipped. +This means that no new version of the design is created. When designs are skipped, you are made aware via a warning message on the Issue. ## Viewing designs @@ -198,7 +198,7 @@ Different discussions have different pin numbers:  -From GitLab 12.5 on, new discussions will be outputted to the issue activity, +From GitLab 12.5 on, new discussions are outputted to the issue activity, so that everyone involved can participate in the discussion. ## Resolve Design threads @@ -214,13 +214,13 @@ There are two ways to resolve/unresolve a Design thread:  1. Design threads can also be resolved or unresolved in their threads by using a checkbox. - When replying to a comment, you will see a checkbox that you can click in order to resolve or unresolve + When replying to a comment, there is a checkbox that you can click in order to resolve or unresolve the thread once published:  -Note that your resolved comment pins will disappear from the Design to free up space for new discussions. -However, if you need to revisit or find a resolved discussion, all of your resolved threads will be +Note that your resolved comment pins disappear from the Design to free up space for new discussions. +However, if you need to revisit or find a resolved discussion, all of your resolved threads are available in the **Resolved Comment** area at the bottom of the right sidebar. ## Add to dos for designs @@ -247,7 +247,7 @@ somewhere with: See https://gitlab.com/your-group/your-project/-/issues/123/designs/homescreen.png ``` -This will be rendered as: +This is rendered as: > See [#123[homescreen.png]](https://gitlab.com/your-group/your-project/-/issues/123/designs/homescreen.png) diff --git a/doc/user/project/issues/img/create_issue_from_group_level_issue_tracker.png b/doc/user/project/issues/img/create_issue_from_group_level_issue_tracker.png Binary files differdeleted file mode 100644 index 8996490ae63..00000000000 --- a/doc/user/project/issues/img/create_issue_from_group_level_issue_tracker.png +++ /dev/null diff --git a/doc/user/project/issues/img/delete_issue.png b/doc/user/project/issues/img/delete_issue.png Binary files differdeleted file mode 100644 index 87ea65956fc..00000000000 --- a/doc/user/project/issues/img/delete_issue.png +++ /dev/null diff --git a/doc/user/project/issues/img/delete_issue_v13_11.png b/doc/user/project/issues/img/delete_issue_v13_11.png Binary files differnew file mode 100644 index 00000000000..d9905012eab --- /dev/null +++ b/doc/user/project/issues/img/delete_issue_v13_11.png diff --git a/doc/user/project/issues/img/issue_weight.png b/doc/user/project/issues/img/issue_weight.png Binary files differdeleted file mode 100644 index 3800b5940b8..00000000000 --- a/doc/user/project/issues/img/issue_weight.png +++ /dev/null diff --git a/doc/user/project/issues/img/issue_weight_v13_11.png b/doc/user/project/issues/img/issue_weight_v13_11.png Binary files differnew file mode 100644 index 00000000000..842c154ea49 --- /dev/null +++ b/doc/user/project/issues/img/issue_weight_v13_11.png diff --git a/doc/user/project/issues/img/merge_request_closes_issue.png b/doc/user/project/issues/img/merge_request_closes_issue.png Binary files differdeleted file mode 100644 index 6fd27738843..00000000000 --- a/doc/user/project/issues/img/merge_request_closes_issue.png +++ /dev/null diff --git a/doc/user/project/issues/img/merge_request_closes_issue_v13_11.png b/doc/user/project/issues/img/merge_request_closes_issue_v13_11.png Binary files differnew file mode 100644 index 00000000000..26b42239c12 --- /dev/null +++ b/doc/user/project/issues/img/merge_request_closes_issue_v13_11.png diff --git a/doc/user/project/issues/img/select_project_from_group_level_issue_tracker.png b/doc/user/project/issues/img/select_project_from_group_level_issue_tracker.png Binary files differdeleted file mode 100644 index 97d93620b2a..00000000000 --- a/doc/user/project/issues/img/select_project_from_group_level_issue_tracker.png +++ /dev/null diff --git a/doc/user/project/issues/img/select_project_from_group_level_issue_tracker_v13_11.png b/doc/user/project/issues/img/select_project_from_group_level_issue_tracker_v13_11.png Binary files differnew file mode 100644 index 00000000000..4612ae254d4 --- /dev/null +++ b/doc/user/project/issues/img/select_project_from_group_level_issue_tracker_v13_11.png diff --git a/doc/user/project/issues/issue_data_and_actions.md b/doc/user/project/issues/issue_data_and_actions.md index 2963555869c..3af6c528db9 100644 --- a/doc/user/project/issues/issue_data_and_actions.md +++ b/doc/user/project/issues/issue_data_and_actions.md @@ -67,7 +67,7 @@ To access additional actions, select the vertical ellipsis - To create a new issue in the same project, select **New issue** in the dropdown menu. -- If you are not the issue author, you can [submit an abuse report](../../abuse_reports.md). +- If you are not the issue author, you can [submit an abuse report](../../report_abuse.md). Select **Report abuse** in the dropdown menu. ### To Do @@ -101,7 +101,7 @@ assigned to them if they created the issue themselves. Often, multiple people work on the same issue together. This can be difficult to track in large teams where there is shared ownership of an issue. -In [GitLab Starter](https://about.gitlab.com/pricing/), you can +To help with this, you can use GitLab to [assign multiple people](multiple_assignees_for_issues.md) to an issue. ### Epic **(PREMIUM)** diff --git a/doc/user/project/issues/issue_weight.md b/doc/user/project/issues/issue_weight.md index b10debf9888..8f17f399cb0 100644 --- a/doc/user/project/issues/issue_weight.md +++ b/doc/user/project/issues/issue_weight.md @@ -7,22 +7,22 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Issue weight **(PREMIUM)** -> - Moved to GitLab Premium in 13.9. +> Moved to GitLab Premium in 13.9. When you have a lot of issues, it can be hard to get an overview. -By adding a weight to each issue, you can get a better idea of how much time, -value or complexity a given issue has or costs. +With weighted issues, you can get a better idea of how much time, +value, or complexity a given issue has or costs. You can set the weight of an issue during its creation, by changing the value in the dropdown menu. You can set it to a non-negative integer value from 0, 1, 2, and so on. (The database stores a 4-byte value, so the -upper bound is essentially limitless). +upper bound is essentially limitless.) You can remove weight from an issue as well. This value appears on the right sidebar of an individual issue, as well as -in the issues page next to a distinctive balance scale icon. +in the issues page next to a weight icon (**{weight}**). As an added bonus, you can see the total sum of all issues on the milestone page. - + diff --git a/doc/user/project/issues/managing_issues.md b/doc/user/project/issues/managing_issues.md index dafc0e6ba02..9e8a75743a7 100644 --- a/doc/user/project/issues/managing_issues.md +++ b/doc/user/project/issues/managing_issues.md @@ -62,28 +62,31 @@ When you're creating a new issue, these are the fields you can fill in: - Checkbox to make the issue confidential - Assignee - Weight -- Epic **(PREMIUM)** +- [Epic](../../group/epics/index.md) - Due date - Milestone - Labels -### New issue from the group-level Issue Tracker +### New issue from the group-level issue tracker -Go to the Group dashboard and click **Issues** in the sidebar to visit the Issue Tracker -for all projects in your Group. Select the project you'd like to add an issue for -using the dropdown button at the top-right of the page. +To visit the issue tracker for all projects in your group: - +1. Go to the group dashboard. +1. In the left sidebar, select **Issues**. +1. In the top-right, select the **Select project to create issue** button. +1. Select the project you'd like to create an issue for. The button now reflects the selected + project. +1. Select the button to create an issue in the selected project. + + The project you selected most recently becomes the default for your next visit. This should save you a lot of time and clicks, if you mostly create issues for the same project. - - ### New issue via Service Desk Enable [Service Desk](../service_desk.md) for your project and offer email support. -By doing so, when your customer sends a new email, a new issue can be created in +Now, when your customer sends a new email, a new issue can be created in the appropriate project and followed up from there. ### New issue via email @@ -119,21 +122,16 @@ older format is still supported, allowing existing aliases or contacts to contin To link directly to the new issue page with prefilled fields, use query string parameters in a URL. You can embed a URL in an external -HTML page, or create issues with certain +HTML page to create issues with certain fields prefilled. -The title, description, description template, and confidential fields can be prefilled -using this method. You cannot pre-fill both the description and description template -fields in the same URL because a description template also populates the description -field. - | Field | URL Parameter Name | Notes | |----------------------|-----------------------|-------------------------------------------------------| | title | `issue[title]` | | -| description | `issue[description]` | | -| description template | `issuable_template` | | -| issue type | `issue[issue_type]` | Either `incident` or `issue` | -| confidential | `issue[confidential]` | Parameter value must be `true` to set to confidential | +| description | `issue[description]` | Cannot be used at the same time as `issuable_template`. | +| description template | `issuable_template` | Cannot be used at the same time as `issue[description]`. | +| issue type | `issue[issue_type]` | Either `incident` or `issue`. | +| confidential | `issue[confidential]` | Parameter value must be `true` to set to confidential. | Follow these examples to form your new issue URL with prefilled fields. @@ -144,6 +142,58 @@ Follow these examples to form your new issue URL with prefilled fields. - For a new issue in the GitLab Community Edition project with a pre-filled title, a pre-filled description, and the confidential flag set, the URL would be `https://gitlab.com/gitlab-org/gitlab-foss/-/issues/new?issue[title]=Validate%20new%20concept&issue[description]=Research%20idea&issue[confidential]=true` +## Bulk edit issues at the project level + +> - Assigning epic ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210470) in GitLab 13.2. +> - Editing health status [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218395) in GitLab 13.2. +> - Editing iteration [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/196806) in GitLab 13.9. + +Users with permission level of [Reporter or higher](../../permissions.md) can manage issues. + +When bulk editing issues in a project, you can edit the following attributes: + +- Status (open/closed) +- Assignee +- [Epic](../../group/epics/index.md) +- [Milestone](../milestones/index.md) +- [Labels](../labels.md) +- [Health status](#health-status) +- Notification subscription +- [Iteration](../../group/iterations/index.md) + +To update multiple project issues at the same time: + +1. In a project, go to **Issues > List**. +1. Click **Edit issues**. A sidebar on the right-hand side of your screen appears with editable fields. +1. Select the checkboxes next to each issue you want to edit. +1. Select the appropriate fields and their values from the sidebar. +1. Click **Update all**. + +## Bulk edit issues at the group level + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7249) in GitLab 12.1. +> - Assigning epic ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210470) in GitLab 13.2. +> - Editing health status [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218395) in GitLab 13.2. +> - Editing iteration [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/196806) in GitLab 13.9. + +Users with permission level of [Reporter or higher](../../permissions.md) can manage issues. + +When bulk editing issues in a group, you can edit the following attributes: + +- [Epic](../../group/epics/index.md) +- [Milestone](../milestones/index.md) +- [Labels](../labels.md) +- [Health status](#health-status) +- [Iteration](../../group/iterations/index.md) + +To update multiple project issues at the same time: + +1. In a group, go to **Issues > List**. +1. Click **Edit issues**. A sidebar on the right-hand side of your screen appears with editable fields. +1. Select the checkboxes next to each issue you want to edit. +1. Select the appropriate fields and their values from the sidebar. +1. Click **Update all**. + ## Moving issues Moving an issue copies it to the target project, and closes it in the originating project. @@ -207,7 +257,7 @@ description, issues `#4` and `#6` are closed automatically when the MR is merged Using `Related to` flags `#5` as a [related issue](related_issues.md), but is not closed automatically. - + If the issue is in a different repository than the MR, add the full URL for the issue(s): @@ -278,12 +328,10 @@ of your installation. ## Deleting issues -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/2982) in GitLab 8.6. - Users with [project owner permission](../../permissions.md) can delete an issue by -editing it and clicking on the delete button. +editing it and selecting **Delete issue**. - + ## Promote an issue to an epic **(PREMIUM)** @@ -321,7 +369,7 @@ in a comment or description field. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/17589) in GitLab 13.3. Assignees in the sidebar are updated in real time. This feature is **disabled by default**. -To enable it, you need to enable [ActionCable in-app mode](https://docs.gitlab.com/omnibus/settings/actioncable.html). +To enable it, you need to enable [Action Cable in-app mode](https://docs.gitlab.com/omnibus/settings/actioncable.html). ## Similar issues @@ -354,5 +402,4 @@ This marks issues as progressing as planned or needs attention to keep on schedu After an issue is closed, its health status can't be edited and the **Edit** button becomes disabled until the issue is reopened. -You can then see issue statuses in the issues list and the -[epic tree](../../group/epics/index.md#issue-health-status-in-epic-tree). +You can then see issue statuses in the issues list and the epic tree. diff --git a/doc/user/project/labels.md b/doc/user/project/labels.md index fd5045f2e93..0cb5b5d993e 100644 --- a/doc/user/project/labels.md +++ b/doc/user/project/labels.md @@ -4,7 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Labels +# Labels **(FREE)** As your count of issues, merge requests, and epics grows in GitLab, it's more and more challenging to keep track of those items. Especially as your organization grows from just a few people to diff --git a/doc/user/project/members/img/add_user_give_permissions_v13_8.png b/doc/user/project/members/img/add_user_give_permissions_v13_8.png Binary files differdeleted file mode 100644 index 1916d056a52..00000000000 --- a/doc/user/project/members/img/add_user_give_permissions_v13_8.png +++ /dev/null diff --git a/doc/user/project/members/img/add_user_import_members_from_another_project_v13_8.png b/doc/user/project/members/img/add_user_import_members_from_another_project_v13_8.png Binary files differdeleted file mode 100644 index a6dddec3fb7..00000000000 --- a/doc/user/project/members/img/add_user_import_members_from_another_project_v13_8.png +++ /dev/null diff --git a/doc/user/project/members/img/add_user_imported_members_v13_9.png b/doc/user/project/members/img/add_user_imported_members_v13_9.png Binary files differdeleted file mode 100644 index e40240df2b2..00000000000 --- a/doc/user/project/members/img/add_user_imported_members_v13_9.png +++ /dev/null diff --git a/doc/user/project/members/img/add_user_list_members_v13_9.png b/doc/user/project/members/img/add_user_list_members_v13_9.png Binary files differdeleted file mode 100644 index 7a07ea01d14..00000000000 --- a/doc/user/project/members/img/add_user_list_members_v13_9.png +++ /dev/null diff --git a/doc/user/project/members/img/add_user_search_people_v13_8.png b/doc/user/project/members/img/add_user_search_people_v13_8.png Binary files differdeleted file mode 100644 index e9aa58512ab..00000000000 --- a/doc/user/project/members/img/add_user_search_people_v13_8.png +++ /dev/null diff --git a/doc/user/project/members/img/other_group_sees_shared_project_v13_8.png b/doc/user/project/members/img/other_group_sees_shared_project_v13_8.png Binary files differdeleted file mode 100644 index aa2aaf071e1..00000000000 --- a/doc/user/project/members/img/other_group_sees_shared_project_v13_8.png +++ /dev/null diff --git a/doc/user/project/members/img/project_groups_tab_v13_9.png b/doc/user/project/members/img/project_groups_tab_v13_9.png Binary files differdeleted file mode 100644 index d1b6a640341..00000000000 --- a/doc/user/project/members/img/project_groups_tab_v13_9.png +++ /dev/null diff --git a/doc/user/project/members/img/share_project_with_groups_tab_v13_9.png b/doc/user/project/members/img/share_project_with_groups_tab_v13_9.png Binary files differdeleted file mode 100644 index 99be996c03e..00000000000 --- a/doc/user/project/members/img/share_project_with_groups_tab_v13_9.png +++ /dev/null diff --git a/doc/user/project/members/index.md b/doc/user/project/members/index.md index 2993849e0e6..7dc1a9c612f 100644 --- a/doc/user/project/members/index.md +++ b/doc/user/project/members/index.md @@ -6,19 +6,75 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Members of a project -You can manage the groups and users and their access levels in all of your -projects. You can also personalize the access level you give each user, -per-project. +Members are the users and groups who have access to your project. -You should have Maintainer or Owner [permissions](../../permissions.md) to add -or import a new user to your project. +Each member gets a role, which determines what they can do in the project. -To view, edit, add, and remove project's members, go to your -project's **Members**. +## Add users to a project + +Add users to a project so they become members and have permission +to perform actions. + +Prerequisite: + +- You must have maintainer or owner [permissions](../../permissions.md). + +To add a user to a project: + +1. Go to your project and select **Members**. +1. On the **Invite member** tab, under **GitLab member of Email address**, type the username or email address. +1. Select a [role](../../permissions.md). +1. Optional. Choose an expiration date. On that date, the user can no longer access the project. +1. Select **Invite**. + +If the user has a GitLab account, they are added to the members list. +If you used an email address, the user receives an email. + +## Add groups to a project + +When you assign a group to a project, each user in the group gets access to the project, +based on the role they're assigned in the group. However, the user's access is also +limited by the maximum role you choose when you invite the group. + +Prerequisite: + +- You must have maintainer or owner [permissions](../../permissions.md). + +To add groups to a project: + +1. Go to your project and select **Members**. +1. On the **Invite group** tab, under **Select a group to invite**, choose a group. +1. Select the highest max [role](../../permissions.md) for users in the group. +1. Optional. Choose an expiration date. On that date, the user can no longer access the project. +1. Select **Invite**. + +The members of the group are not displayed on the **Members** tab. +The **Members** tab shows: + +- Members who are directly assigned to the project. +- If the project was created in a group [namespace](../../group/index.md#namespaces), members of that group. + +## Import users from another project + +You can import another project's users to your own project. Users +retain the same permissions as the project you import them from. + +Prerequisite: + +- You must have maintainer or owner [permissions](../../permissions.md). + +To import users: + +1. Go to your project and select **Members**. +1. On the **Invite member** tab, at the bottom of the panel, select **Import**. +1. Select the project. You can view only the projects for which you're a maintainer. +1. Select **Import project members**. + +A success message is displayed and the new members are now displayed in the list. ## Inherited membership -When your project belongs to the group, group members inherit the membership and permission +When your project belongs to a group, group members inherit the membership and permission level for the project from the group.  @@ -70,43 +126,6 @@ You can sort members by **Account**, **Access granted**, **Max role**, or **Last  -## Add a user - -Right next to **People**, start typing the name or username of the user you -want to add. - - - -Select the user and the [permission level](../../permissions.md) -that you'd like to give the user. You can add more than one user at a time. -The Owner role can only be assigned at the group level. - - - -Once done, select **Add users to project** and they are immediately added to -your project with the permissions you gave them above. - - - -From there on, you can either remove an existing user or change their access -level to the project. - -## Import users from another project - -You can import another project's users in your own project by hitting the -**Import members** button on the upper right corner of the **Members** menu. - -In the dropdown menu, you can see only the projects you are Maintainer on. - - - -Select the one you want and hit **Import project members**. A flash message -displays, notifying you that the import was successful, and the new members -are now in the project's members list. Notice that the permissions that they -had on the project you imported from are retained. - - - ## Invite people using their e-mail address NOTE: @@ -235,8 +254,7 @@ requests they are currently assigned or leave the assignments as they are. To remove a member from a project: -1. In a project, go to **{users}** **Members**. -1. Click the **Delete** **{remove}** button next to a project member you want to remove. - A **Remove member** modal appears. -1. (Optional) Select the **Also unassign this user from related issues and merge requests** checkbox. -1. Click **Remove member**. +1. Go to your project and select **Members**. +1. Next to the project member you want to remove, select **Remove member** **{remove}**. +1. Optional. In the confirmation box, select the **Also unassign this user from related issues and merge requests** checkbox. +1. Select **Remove member**. diff --git a/doc/user/project/members/share_project_with_groups.md b/doc/user/project/members/share_project_with_groups.md index 8338c17f4ba..085e4db0b94 100644 --- a/doc/user/project/members/share_project_with_groups.md +++ b/doc/user/project/members/share_project_with_groups.md @@ -4,7 +4,7 @@ group: unassigned info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Share Projects with other Groups +# Share projects with other groups You can share projects with other [groups](../../group/index.md). This makes it possible to add a group of users to a project with a single action. @@ -28,22 +28,14 @@ This is where the group sharing feature can be of use. To share 'Project Acme' with the 'Engineering' group: 1. For 'Project Acme' use the left navigation menu to go to **Members**. - -  - 1. Select the **Invite group** tab. 1. Add the 'Engineering' group with the maximum access level of your choice. 1. Optionally, select an expiring date. 1. Click **Invite**. 1. After sharing 'Project Acme' with 'Engineering': - The group is listed in the **Groups** tab. - -  - - The project is listed on the group dashboard. -  - Note that you can only share a project with: - groups for which you have an explicitly defined membership diff --git a/doc/user/project/merge_requests/img/approvals_premium_mr_widget_v13_3.png b/doc/user/project/merge_requests/approvals/img/approvals_premium_mr_widget_v13_3.png Binary files differindex 306bf57354d..306bf57354d 100644 --- a/doc/user/project/merge_requests/img/approvals_premium_mr_widget_v13_3.png +++ b/doc/user/project/merge_requests/approvals/img/approvals_premium_mr_widget_v13_3.png diff --git a/doc/user/project/merge_requests/img/mr_approvals_by_code_owners_v12_7.png b/doc/user/project/merge_requests/approvals/img/mr_approvals_by_code_owners_v12_7.png Binary files differindex 669148a41d8..669148a41d8 100644 --- a/doc/user/project/merge_requests/img/mr_approvals_by_code_owners_v12_7.png +++ b/doc/user/project/merge_requests/approvals/img/mr_approvals_by_code_owners_v12_7.png diff --git a/doc/user/project/merge_requests/img/scoped_to_protected_branch_v13_10.png b/doc/user/project/merge_requests/approvals/img/scoped_to_protected_branch_v13_10.png Binary files differindex a6636f0bc7f..a6636f0bc7f 100644 --- a/doc/user/project/merge_requests/img/scoped_to_protected_branch_v13_10.png +++ b/doc/user/project/merge_requests/approvals/img/scoped_to_protected_branch_v13_10.png diff --git a/doc/user/project/merge_requests/img/update_approval_rule_v13_10.png b/doc/user/project/merge_requests/approvals/img/update_approval_rule_v13_10.png Binary files differindex c5596b965ff..c5596b965ff 100644 --- a/doc/user/project/merge_requests/img/update_approval_rule_v13_10.png +++ b/doc/user/project/merge_requests/approvals/img/update_approval_rule_v13_10.png diff --git a/doc/user/project/merge_requests/approvals/index.md b/doc/user/project/merge_requests/approvals/index.md new file mode 100644 index 00000000000..ac48e44da52 --- /dev/null +++ b/doc/user/project/merge_requests/approvals/index.md @@ -0,0 +1,145 @@ +--- +stage: Create +group: Source Code +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" +type: reference, concepts +disqus_identifier: 'https://docs.gitlab.com/ee/user/project/merge_requests/merge_request_approvals.html' +--- + +# Merge request approvals **(FREE)** + +> Redesign [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1979) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.8 and [feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/10685) in 12.0. + +You can configure your merge requests so that they must be approved before +they can be merged. You can do this by creating [rules](rules.md) or by specifying +a list of users who act as [code owners](../../code_owners.md) for specific files. + +You can configure merge request approvals for each project. In higher GitLab tiers, +Administrators of self-managed GitLab instances can configure approvals +[for the entire instance](../../../admin_area/merge_requests_approvals.md). + +## How approvals work + +With [merge request approval rules](rules.md), you can set the minimum number of +required approvals before work can merge into your project. You can also extend these +rules to define what types of users can approve work. Some examples of rules you can create include: + +- Users with specific permissions can always approve work. +- [Code owners](../../code_owners.md) can approve work for files they own. +- Users with specific permissions can approve work, + [even if they don't have merge rights](rules.md#merge-request-approval-segregation-of-duties) + to the repository. +- Users with specific permissions can be allowed or denied the ability + to [override approval rules on a specific merge request](rules.md#edit-or-override-merge-request-approval-rules). + +You can also configure additional [settings for merge request approvals](settings.md) +for more control of the level of oversight and security your project needs, including: + +- [Prevent users from overriding a merge request approval rule.](settings.md#prevent-overrides-of-default-approvals) +- [Reset approvals when new code is pushed.](settings.md#reset-approvals-on-push) +- Allow (or disallow) [authors and committers](settings.md) to approve their own merge requests. +- [Require password authentication when approving.](settings.md#require-authentication-for-approvals) +- [Require security team approval.](settings.md#security-approvals-in-merge-requests) + +You can configure your merge request approval rules and settings through the GitLab +user interface or [with the API](../../../../api/merge_request_approvals.md). + +## Approve a merge request + +When an [eligible approver](rules.md#eligible-approvers) visits an open merge request, +GitLab displays one of these buttons after the body of the merge request: + +- **Approve**: The merge request doesn't yet have the required number of approvals. +- **Approve additionally**: The merge request has the required number of approvals. +- **Revoke approval**: The user viewing the merge request has already approved + the merge request. + +Eligible approvers can also use the `/approve` +[quick action](../../../project/quick_actions.md) when adding a comment to +a merge request. + +After a merge request receives the [number and type of approvals](rules.md) you configure, it can merge +unless it's blocked for another reason. Merge requests can be blocked by other problems, +such as merge conflicts, [pending discussions](../../../discussions/index.md#only-allow-merge-requests-to-be-merged-if-all-threads-are-resolved), +or a [failed CI/CD pipeline](../merge_when_pipeline_succeeds.md). + +To prevent merge request authors from approving their own merge requests, +enable [**Prevent author approval**](settings.md#prevent-authors-from-approving-their-own-work) +in your project's settings. + +If you enable [approval rule overrides](settings.md#prevent-overrides-of-default-approvals), +merge requests created before a change to default approval rules are not affected. +The only exceptions are changes to the [target branch](rules.md#approvals-for-protected-branches) +of the rule. + +## Optional approvals + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27426) in GitLab 13.2. + +GitLab allows all users with Developer or greater [permissions](../../../permissions.md) +to approve merge requests. Approvals in GitLab Free are optional, and don't prevent +a merge request from merging without approval. + +## Required approvals **(PREMIUM)** + +> Moved to [GitLab Premium](https://about.gitlab.com/pricing/) in 13.9. + +Required approvals enforce code reviews by the number and type of users you specify. +Without the approvals, the work cannot merge. Required approvals enable multiple use cases: + +- Enforce review of all code that gets merged into a repository. +- Specify reviewers for a given proposed code change, and a minimum number + of reviewers, through [Approval rules](rules.md). +- Specify categories of reviewers, such as backend, frontend, quality assurance, or + database, for all proposed code changes. +- Use the [code owners of changed files](rules.md#code-owners-as-eligible-approvers), + to determine who should review the work. +- [Require approval from a security team](../../../application_security/index.md#security-approvals-in-merge-requests) + before merging code that could introduce a vulnerability. **(ULTIMATE)** + +## Notify external services **(ULTIMATE)** + +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3869) in GitLab Ultimate 13.10. +> - [Deployed behind a feature flag](../../../feature_flags.md), disabled by default. +> - Disabled on GitLab.com. +> - Not recommended for production use. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](../../../../api/merge_request_approvals.md#enable-or-disable-external-project-level-mr-approvals). **(ULTIMATE SELF)** + +WARNING: +This feature might not be available to you. Check the **version history** note above for details. + +You can create an external approval rule to integrate approvals with third-party tools. +When users create, change, or close merge requests, GitLab sends a notification. +The users of the third-party tools can then approve merge requests from outside of GitLab. + +With this integration, you can integrate with third-party workflow tools, like +[ServiceNow](https://www.servicenow.co.uk/), or the custom tool of your choice. +You can modify your external approval rules +[by using the REST API](../../../../api/merge_request_approvals.md#external-project-level-mr-approvals). + +The lack of an external approval doesn't block the merging of a merge request. + +When [approval rule overrides](settings.md#prevent-overrides-of-default-approvals) are allowed, +changes to default approval rules will **not** be applied to existing +merge requests, except for changes to the [target branch](rules.md#approvals-for-protected-branches) +of the rule. + +To learn more about use cases, feature discovery, and development timelines, +see the [External API approval rules epic](https://gitlab.com/groups/gitlab-org/-/epics/3869). + +## Related links + +- [Merge request approvals API](../../../../api/merge_request_approvals.md) +- [Instance-level approval rules](../../../admin_area/merge_requests_approvals.md) for self-managed installations + +<!-- ## Troubleshooting + +Include any troubleshooting steps that you can foresee. If you know beforehand what issues +one might have when setting this up, or when something is changed, or on upgrading, it's +important to describe those, too. Think of things that may go wrong and include them here. +This is important to minimize requests for support, and to avoid doc comments with +questions that you know someone might ask. + +Each scenario can be a third-level heading, e.g. `### Getting error message X`. +If you have none to add when creating a doc, leave this section in place +but commented out to help encourage others to add to it in the future. --> diff --git a/doc/user/project/merge_requests/approvals/rules.md b/doc/user/project/merge_requests/approvals/rules.md new file mode 100644 index 00000000000..32f0160771f --- /dev/null +++ b/doc/user/project/merge_requests/approvals/rules.md @@ -0,0 +1,232 @@ +--- +stage: Create +group: Source Code +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" +type: reference, concepts +--- + +# Merge request approval rules + +Approval rules define how many [approvals](index.md) a merge request must receive before it can +be merged, and which users should do the approving. You can define approval rules: + +- [As project defaults](#add-an-approval-rule). +- [Per merge request](#edit-or-override-merge-request-approval-rules). +- [At the instance level](../../../admin_area/merge_requests_approvals.md) + +If you don't define a [default approval rule](#add-an-approval-rule), +any user can approve a merge request. Even if you don't define a rule, you can still +enforce a [minimum number of required approvers](settings.md) in the project's settings. + +You can define a single rule to approve merge requests from among the available +rules, or you can select [multiple approval rules](#add-multiple-approval-rules). + +Merge requests that target a different project, such as from a fork to the upstream project, +use the default approval rules from the target (upstream) project, not the source (fork). + +## Add an approval rule + +To add a merge request approval rule: + +1. Go to your project and select **Settings > General**. +1. Expand **Merge request (MR) approvals**, and then select **Add approval rule**. +1. Add a human-readable **Rule name**. +1. Set the number of required approvals in **Approvals required**. A value of `0` makes + [the rule optional](#configure-optional-approval-rules), and any number greater than `0` + creates a required rule. +1. To add users or groups as approvers, search for users or groups that are + [eligible to approve](#eligible-approvers), and select **Add**. GitLab suggests approvers based on + previous authors of the files changed by the merge request. + + NOTE: + On GitLab.com, you can add a group as an approver if you're a member of that group or the + group is public. + +1. Select **Add approval rule**. + +Users of GitLab Premium and higher tiers can create [additional approval rules](#add-multiple-approval-rules). + +Your configuration for approval rule overrides determines if the new rule is applied +to existing merge requests: + +- If [approval rule overrides](settings.md#prevent-overrides-of-default-approvals) are allowed, + changes to these default rules are not applied to existing merge requests, except for + changes to the [target branch](#approvals-for-protected-branches) of the rule. +- If approval rule overrides are not allowed, all changes to default rules + are applied to existing merge requests. Any approval rules that were previously + manually [overridden](#edit-or-override-merge-request-approval-rules) during the + period when approval rule overrides where allowed, are not modified. + +## Edit an approval rule + +To edit a merge request approval rule: + +1. Go to your project and select **Settings > General**. +1. Expand **Merge request (MR) approvals**, and then select **Edit**. +1. (Optional) Change the **Rule name**. +1. Set the number of required approvals in **Approvals required**. The minimum value is `0`. +1. Add or remove eligible approvers, as needed: + - *To add users or groups as approvers,* search for users or groups that are + [eligible to approve](#eligible-approvers), and select **Add**. + + NOTE: + On GitLab.com, you can add a group as an approver if you're a member of that group or the + group is public. + + - *To remove users or groups,* identify the group or user to remove, and + select **{remove}** **Remove**. +1. Select **Update approval rule**. + +## Add multiple approval rules **(PREMIUM)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1979) in GitLab Premium 11.10. + +In GitLab Premium and higher tiers, you can enforce multiple approval rules on a +merge request, and multiple default approval rules for a project. If your tier +supports multiple default rules: + +- When [adding](#add-an-approval-rule) or [editing](#edit-an-approval-rule) an approval rule + for a project, GitLab displays the **Add approval rule** button even after a rule is defined. +- When editing or overriding multiple approval rules + [on a merge request](#edit-or-override-merge-request-approval-rules), GitLab + displays the **Add approval rule** button even after a rule is defined. + +When an [eligible approver](#eligible-approvers) approves a merge request, it +reduces the number of approvals left (the **Approvals** column) for all rules that the approver belongs to: + + + +## Eligible approvers + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10294) in GitLab 13.3, when an eligible approver comments on a merge request, it appears in the **Commented by** column of the Approvals widget. + +To be eligible as an approver for a project, a user must be a member of one or +more of these: + +- The project. +- The project's immediate parent [group](#group-approvers). +- A group that has access to the project via a [share](../../members/share_project_with_groups.md). +- A [group added as approvers](#group-approvers). + +The following users can approve merge requests if they have Developer or +higher [permissions](../../../permissions.md): + +- Users added as approvers at the project or merge request level. +- Users who are [Code owners](#code-owners-as-eligible-approvers) of the files + changed in the merge request. + +To show who has participated in the merge request review, the Approvals widget in +a merge request displays a **Commented by** column. This column lists eligible approvers +who commented on the merge request. It helps authors and reviewers identify who to +contact with questions about the merge request's content. + +If the number of required approvals is greater than the number of assigned approvers, +approvals from other users with Developer [permissions](../../../permissions.md) or higher +in the project counts toward meeting the required number of approvals, even if the +users were not explicitly listed in the approval rules. + +### Group approvers + +You can add a group of users as approvers, but those users count as approvers only if +they have direct membership to the group. In the future, group approvers may be +restricted to only groups [with share access to the project](https://gitlab.com/gitlab-org/gitlab/-/issues/2048). + +A user's membership in an approvers group affects their individual ability to +approve in these ways: + +- A user already part of a group approver who is later added as an individual approver + counts as one approver, and not two. +- Merge request authors do not count as eligible approvers on their own merge requests by default. + To change this behavior, disable the + [**Prevent author approval**](settings.md#prevent-authors-from-approving-their-own-work) + project setting. +- Committers to merge requests can approve a merge request. To change this behavior, enable the + [**Prevent committers approval**](settings.md#prevent-committers-from-approving-their-own-work) + project setting. + +### Code owners as eligible approvers + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/7933) in GitLab 11.5. +> - Moved to GitLab Premium in 13.9. + +If you add [code owners](../../code_owners.md) to your repository, the owners of files +become eligible approvers in the project. To enable this merge request approval rule: + +1. Go to your project and select **Settings > General**. +1. Expand **Merge request (MR) approvals**. +1. Locate **Any eligible user** and select the number of approvals required: + +  + +You can also +[require code owner approval](../../protected_branches.md#protected-branches-approval-by-code-owners) +for protected branches. **(PREMIUM)** + +## Merge request approval segregation of duties + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40491) in GitLab 13.4. +> - Moved to GitLab Premium in 13.9. + +You may need to grant users with [Reporter permissions](../../../permissions.md#project-members-permissions), +permission to approve merge requests before they can merge to a protected branch. +Some users (like managers) may not need permission to push or merge code, but still need +oversight on proposed work. To enable approval permissions for these users without +granting them push access: + +1. [Create a new group](../../../group/index.md#create-a-group). +1. [Add the user to the group](../../../group/index.md#add-users-to-a-group), + and select the Reporter role for the user. +1. [Share the project with your group](../../members/share_project_with_groups.md#sharing-a-project-with-a-group-of-users), + based on the Reporter role. +1. Go to your project and select **Settings > General**. +1. Expand **Merge request (MR) approvals**. +1. Select **Add approval rule** or **Update approval rule**. +1. [Add the group](../../../group/index.md#create-a-group) to the permission list. + +  + +### Edit or override merge request approval rules + +By default, the merge request author (or a user with sufficient [permissions](../../../permissions.md)) +can edit the approval rule listed in a merge request. When editing an approval rule +on a merge request, you can either add or remove approvers: + +1. In the merge request, find the **Approval rules section**. +1. When creating a new merge request, scroll to the **Approval Rules** section, + and add or remove your desired approval rules before selecting **Create merge request**. +1. When viewing an existing merge request: + 1. Select **Edit**. + 1. Scroll to the **Approval Rules** section. + 1. Add or remove your desired approval rules. + 1. Select **Save changes**. + +Administrators can change the [merge request approvals settings](settings.md#prevent-overrides-of-default-approvals) +to prevent users from overriding approval rules for merge requests. + +## Configure optional approval rules + +Merge request approvals can be optional for projects where approvals are +appreciated, but not required. To make an approval rule optional: + +- When you [create or edit a rule](#edit-an-approval-rule), set **Approvals required** to `0`. +- Use the [Merge requests approvals API](../../../../api/merge_request_approvals.md#update-merge-request-level-rule) + to set the `approvals_required` attribute to `0`. + +## Approvals for protected branches **(PREMIUM)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/460) in GitLab Premium 12.8. + +Approval rules are often relevant only to specific branches, like your +[default branch](../../repository/branches/default.md). To configure an +approval rule for certain branches: + +1. [Create an approval rule](#add-an-approval-rule). +1. Go to your project and select **Settings**. +1. Expand **Merge request (MR) approvals**. +1. Select a **Target branch**: + - To protect all branches, select **Any branch**. + - To select a specific branch, select it from the list: + +  +1. To enable this configuration, read + [Code Owner's approvals for protected branches](../../protected_branches.md#protected-branches-approval-by-code-owners). diff --git a/doc/user/project/merge_requests/approvals/settings.md b/doc/user/project/merge_requests/approvals/settings.md new file mode 100644 index 00000000000..8769f6a7470 --- /dev/null +++ b/doc/user/project/merge_requests/approvals/settings.md @@ -0,0 +1,125 @@ +--- +stage: Create +group: Source Code +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" +type: reference, concepts +--- + +# Merge request approval settings + +You can configure the settings for [merge request approvals](index.md) to +ensure the approval rules meet your use case. You can also configure +[approval rules](rules.md), which define the number and type of users who must +approve work before it's merged. Merge request approval settings define how +those rules are applied as a merge request moves toward completion. + +## Edit merge request approval settings + +To view or edit merge request approval settings: + +1. Go to your project and select **Settings > General**. +1. Expand **Merge request (MR) approvals**. + +In this section of general settings, you can configure the settings described +on this page. + +## Prevent overrides of default approvals + +By default, users can override the approval rules you [create for a project](rules.md) +on a per-merge request basis. If you don't want users to change approval rules +on merge requests, you can disable this setting: + +1. Go to your project and select **Settings > General**. +1. Expand **Merge request (MR) approvals**. +1. Select the **Prevent users from modifying MR approval rules in merge requests** checkbox. +1. Select **Save changes**. + +TODO This change affects all open merge requests. + +## Reset approvals on push + +By default, an approval on a merge request remains in place, even if you add more changes +after the approval. If you want to remove all existing approvals on a merge request +when more changes are added to it: + +1. Go to your project and select **Settings > General**. +1. Expand **Merge request (MR) approvals**. +1. Select the **Require new approvals when new commits are added to an MR** checkbox. +1. Select **Save changes**. + +Approvals aren't reset when a merge request is [rebased from the UI](../fast_forward_merge.md) +However, approvals are reset if the target branch is changed. + +## Prevent authors from approving their own work **(PREMIUM)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3349) in GitLab 11.3. +> - Moved to GitLab Premium in 13.9. + +By default, the author of a merge request cannot approve it. To change this setting: + +1. Go to your project and select **Settings > General**. +1. Expand **Merge request (MR) approvals**. +1. Clear the **Prevent MR approval by the author** checkbox. +1. Select **Save changes**. + +Authors can edit the approval rule in an individual merge request and override +this setting, unless you configure one of these options: + +- [Prevent overrides of default approvals](#prevent-overrides-of-default-approvals) at + the project level. +- *(Self-managed instances only)* Prevent overrides of default approvals + [at the instance level](../../../admin_area/merge_requests_approvals.md). When configured + at the instance level, you can't edit this setting at the project or individual + merge request levels. + +## Prevent committers from approving their own work **(PREMIUM)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10441) in GitLab 11.10. +> - Moved to GitLab Premium in 13.9. + +By default, users who commit to a merge request can still approve it. At both +the project level or [instance level](../../../admin_area/merge_requests_approvals.md) +you can prevent committers from approving merge requests that are partially +their own. To do this: + +1. Go to your project and select **Settings > General**. +1. Expand **Merge request (MR) approvals**. +1. Select the **Prevent MR approvals from users who make commits to the MR** checkbox. + If this checkbox is cleared, an administrator has disabled it + [at the instance level](../../../admin_area/merge_requests_approvals.md), and + it can't be changed at the project level. +1. Select **Save changes**. + +Even with this configuration, [code owners](../../code_owners.md) who contribute +to a merge request can approve merge requests that affect files they own. + +To learn more about the [differences between authors and committers](https://git-scm.com/book/en/v2/Git-Basics-Viewing-the-Commit-History), +read the official Git documentation for an explanation. + +## Require authentication for approvals + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5981) in GitLab 12.0. +> - Moved to GitLab Premium in 13.9. + +You can force potential approvers to first authenticate with a password. This +permission enables an electronic signature for approvals, such as the one defined by +[Code of Federal Regulations (CFR) Part 11](https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?CFRPart=11&showFR=1&subpartNode=21:1.0.1.1.8.3)): + +1. Enable password authentication for the web interface, as described in the + [sign-in restrictions documentation](../../../admin_area/settings/sign_in_restrictions.md#password-authentication-enabled). +1. Go to your project and select **Settings > General**. +1. Expand **Merge request (MR) approvals**. +1. Select the **Require user password for approvals** checkbox. +1. Select **Save changes**. + +## Security approvals in merge requests **(ULTIMATE)** + +You can require that a member of your security team approves a merge request if a +merge request could introduce a vulnerability. To learn more, see +[Security approvals in merge requests](../../../application_security/index.md#security-approvals-in-merge-requests). + +## Related links + +- [Instance-level merge request approval settings](../../../admin_area/merge_requests_approvals.md) +- [Compliance Dashboard](../../../compliance/compliance_dashboard/index.md) +- [Merge request approvals API](../../../../api/merge_request_approvals.md) diff --git a/doc/user/project/merge_requests/browser_performance_testing.md b/doc/user/project/merge_requests/browser_performance_testing.md index 76913351283..b33919c7fbe 100644 --- a/doc/user/project/merge_requests/browser_performance_testing.md +++ b/doc/user/project/merge_requests/browser_performance_testing.md @@ -64,7 +64,7 @@ using Docker-in-Docker. 1. First, set up GitLab Runner with a [Docker-in-Docker build](../../../ci/docker/using_docker_build.md#use-the-docker-executor-with-the-docker-image-docker-in-docker). -1. Configure the default Browser Performance Testing CI job as follows in your `.gitlab-ci.yml` file: +1. Configure the default Browser Performance Testing CI/CD job as follows in your `.gitlab-ci.yml` file: ```yaml include: @@ -75,17 +75,19 @@ using Docker-in-Docker. URL: https://example.com ``` -NOTE: -For versions before 12.4, see the information for [older GitLab versions](#gitlab-versions-123-and-older). -If you are using a Kubernetes cluster, use [`template: Jobs/Browser-Performance-Testing.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml) -instead. +WARNING: +In GitLab 14.0 and later, the job [is scheduled to be renamed](https://gitlab.com/gitlab-org/gitlab/-/issues/225914) +from `performance` to `browser_performance`. -The above example creates a `performance` job in your CI/CD pipeline and runs -sitespeed.io against the webpage you defined in `URL` to gather key metrics. +The above example: -The example uses a CI/CD template that is included in all GitLab installations since -12.4, but it doesn't work with Kubernetes clusters. If you are using GitLab 12.3 -or older, you must [add the configuration manually](#gitlab-versions-123-and-older) +- Creates a `performance` job in your CI/CD pipeline and runs sitespeed.io against the webpage you + defined in `URL` to gather key metrics. +- Uses a template that doesn't work with Kubernetes clusters. If you are using a Kubernetes cluster, + use [`template: Jobs/Browser-Performance-Testing.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml) + instead. +- Uses a CI/CD template that is included in all GitLab installations since 12.4. If you are using + GitLab 12.3 or earlier, you must [add the configuration manually](#gitlab-versions-132-and-earlier). The template uses the [GitLab plugin for sitespeed.io](https://gitlab.com/gitlab-org/gl-performance), and it saves the full HTML sitespeed.io report as a [Browser Performance report artifact](../../../ci/yaml/README.md#artifactsreportsperformance) @@ -181,63 +183,62 @@ performance: URL: environment_url.txt ``` -### GitLab versions 12.3 and older +### GitLab versions 13.2 and earlier -Browser Performance Testing has gone through several changes since it's introduction. +Browser Performance Testing has gone through several changes since its introduction. In this section we detail these changes and how you can run the test based on your GitLab version: +- In 13.2 the feature was renamed from `Performance` to `Browser Performance` with additional + template CI/CD variables. - In GitLab 12.4 [a job template was made available](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Verify/Browser-Performance.gitlab-ci.yml). -- In 13.2 the feature was renamed from `Performance` to `Browser Performance` with -additional template CI/CD variables. The job name in the template is still `performance` -for compatibility reasons, but may be renamed to match in a future iteration. - For 11.5 to 12.3 no template is available and the job has to be defined manually as follows: -```yaml -performance: - stage: performance - image: docker:git - variables: - URL: https://example.com - SITESPEED_VERSION: 14.1.0 - SITESPEED_OPTIONS: '' - services: - - docker:stable-dind - script: - - mkdir gitlab-exporter - - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/1.1.0/index.js - - mkdir sitespeed-results - - docker run --shm-size=1g --rm -v "$(pwd)":/sitespeed.io sitespeedio/sitespeed.io:$SITESPEED_VERSION --plugins.add ./gitlab-exporter --outputFolder sitespeed-results $URL $SITESPEED_OPTIONS - - mv sitespeed-results/data/performance.json performance.json - artifacts: - paths: - - performance.json - - sitespeed-results/ - reports: - performance: performance.json -``` + ```yaml + performance: + stage: performance + image: docker:git + variables: + URL: https://example.com + SITESPEED_VERSION: 14.1.0 + SITESPEED_OPTIONS: '' + services: + - docker:stable-dind + script: + - mkdir gitlab-exporter + - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/1.1.0/index.js + - mkdir sitespeed-results + - docker run --shm-size=1g --rm -v "$(pwd)":/sitespeed.io sitespeedio/sitespeed.io:$SITESPEED_VERSION --plugins.add ./gitlab-exporter --outputFolder sitespeed-results $URL $SITESPEED_OPTIONS + - mv sitespeed-results/data/performance.json performance.json + artifacts: + paths: + - performance.json + - sitespeed-results/ + reports: + performance: performance.json + ``` - For 11.4 and earlier the job should be defined as follows: -```yaml -performance: - stage: performance - image: docker:git - variables: - URL: https://example.com - services: - - docker:stable-dind - script: - - mkdir gitlab-exporter - - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/1.1.0/index.js - - mkdir sitespeed-results - - docker run --shm-size=1g --rm -v "$(pwd)":/sitespeed.io sitespeedio/sitespeed.io:6.3.1 --plugins.add ./gitlab-exporter --outputFolder sitespeed-results $URL - - mv sitespeed-results/data/performance.json performance.json - artifacts: - paths: - - performance.json - - sitespeed-results/ -``` + ```yaml + performance: + stage: performance + image: docker:git + variables: + URL: https://example.com + services: + - docker:stable-dind + script: + - mkdir gitlab-exporter + - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/1.1.0/index.js + - mkdir sitespeed-results + - docker run --shm-size=1g --rm -v "$(pwd)":/sitespeed.io sitespeedio/sitespeed.io:6.3.1 --plugins.add ./gitlab-exporter --outputFolder sitespeed-results $URL + - mv sitespeed-results/data/performance.json performance.json + artifacts: + paths: + - performance.json + - sitespeed-results/ + ``` Upgrading to the latest version and using the templates is recommended, to ensure you receive the latest updates, including updates to the sitespeed.io versions. diff --git a/doc/user/project/merge_requests/changes.md b/doc/user/project/merge_requests/changes.md new file mode 100644 index 00000000000..adcf4518209 --- /dev/null +++ b/doc/user/project/merge_requests/changes.md @@ -0,0 +1,151 @@ +--- +stage: Create +group: Code Review +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: index, reference +--- + +# Changes tab in merge requests + +The **Changes** tab on a [merge request](index.md), below the main merge request details and next to the discussion tab, +shows the changes to files between branches or commits. This view of changes to a +file is also known as a **diff**. By default, the diff view compares the file in the +merge request branch and the file in the target branch. + +The diff view includes the following: + +- The file's name and path. +- The number of lines added and deleted. +- Buttons for the following options: + - Toggle comments for this file; useful for inline reviews. + - Edit the file in the merge request's branch. + - Show full file, in case you want to look at the changes in context with the rest of the file. + - View file at the current commit. + - Preview the changes with [Review Apps](../../../ci/review_apps/index.md). +- The changed lines, with the specific changes highlighted. + + + +## Merge request diff file navigation + +When reviewing changes in the **Changes** tab, the diff can be navigated using +the file tree or file list. As you scroll through large diffs with many +changes, you can quickly jump to any changed file using the file tree or file +list. + + + +## Collapsed files in the Changes view + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/232820) in GitLab 13.4. + +When you review changes in the **Changes** tab, files with a large number of changes are collapsed +to improve performance. When files are collapsed, a warning appears at the top of the changes. +Select **Expand file** on any file to view the changes for that file. + +## File-by-file diff navigation + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/222790) in GitLab 13.2. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/229848) in GitLab 13.7. + +For larger merge requests, consider reviewing one file at a time. To enable this feature: + +1. In the top-right corner, select your avatar. +1. Select **Preferences**. +1. Scroll to the **Behavior** section and select **Show one file at a time on merge request's Changes tab**. +1. Select **Save changes**. + +After you enable this setting, GitLab displays only one file at a time in the **Changes** tab when you review merge requests. You can select **Prev** and **Next** to view other changed files. + + + +In [GitLab 13.7](https://gitlab.com/gitlab-org/gitlab/-/issues/233898) and later, if you want to change +this behavior, you can do so from your **User preferences** (as explained above) or directly in a +merge request: + +1. Go to the merge request's **Changes** tab. +1. Select the cog icon (**{settings}**) to reveal the merge request's settings dropdown. +1. Select or clear the checkbox **Show one file at a time** to change the setting accordingly. + +This change overrides the choice you made in your user preferences and persists until you clear your +browser's cookies or change this behavior again. + +## Merge requests commit navigation + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18140) in GitLab 13.0. + +To seamlessly navigate among commits in a merge request: + +1. Select the **Commits** tab. +1. Select a commit to open it in the single-commit view. +1. Navigate through the commits by either: + + - Selecting **Prev** and **Next** buttons below the tab buttons. + - Using the <kbd>X</kbd> and <kbd>C</kbd> keyboard shortcuts. + + + +## Incrementally expand merge request diffs + +By default, the diff shows only the parts of a file which are changed. +To view more unchanged lines above or below a change select the +**Expand up** or **Expand down** icons. You can also select **Show unchanged lines** +to expand the entire file. + + + +In GitLab [versions 13.1 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/205401), when viewing a +merge request's **Changes** tab, if a certain file was only renamed, you can expand it to see the +entire content by selecting **Show file contents**. + +## Ignore whitespace changes in Merge Request diff view + +If you select the **Hide whitespace changes** button, you can see the diff +without whitespace changes (if there are any). This is also working when on a +specific commit page. + + + +NOTE: +You can append `?w=1` while on the diffs page of a merge request to ignore any +whitespace changes. + +## Mark files as viewed + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/51513) in GitLab 13.9. +> - Deployed behind a feature flag, enabled by default. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-file-views). **(FREE SELF)** + +When reviewing a merge request with many files multiple times, it may be useful to the reviewer +to focus on new changes and ignore the files that they have already reviewed and don't want to +see anymore unless they are changed again. + +To mark a file as viewed: + +1. Go to the merge request's **Diffs** tab. +1. On the right-top of the file, locate the **Viewed** checkbox. +1. Select it to mark the file as viewed. + +Once checked, the file remains marked for that reviewer unless there are newly introduced +changes to its content or the checkbox is unchecked. + +### Enable or disable file views **(FREE SELF)** + +The file view feature is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to enable it for your instance. + +To enable it: + +```ruby +Feature.enable(:local_file_reviews) +``` + +To disable it: + +```ruby +Feature.disable(:local_file_reviews) +``` diff --git a/doc/user/project/merge_requests/cherry_pick_changes.md b/doc/user/project/merge_requests/cherry_pick_changes.md index f531cd52af1..eaeef12444e 100644 --- a/doc/user/project/merge_requests/cherry_pick_changes.md +++ b/doc/user/project/merge_requests/cherry_pick_changes.md @@ -16,7 +16,7 @@ with a **Cherry-pick** button in merge requests and commit details. After the merge request has been merged, a **Cherry-pick** button displays to cherry-pick the changes introduced by that merge request. - + After you click that button, a modal displays a [branch filter search box](../repository/branches/index.md#branch-filter-search-box) @@ -32,7 +32,7 @@ where you can choose to either: When you cherry-pick a merge commit, GitLab displays a system note to the related merge request thread. It crosslinks the new commit and the existing merge request. - + Each deployment's [list of associated merge requests](../../../api/deployments.md#list-of-merge-requests-associated-with-a-deployment) includes cherry-picked merge commits. diff --git a/doc/user/project/merge_requests/code_quality.md b/doc/user/project/merge_requests/code_quality.md index 0fe1b9801cc..284d66dd591 100644 --- a/doc/user/project/merge_requests/code_quality.md +++ b/doc/user/project/merge_requests/code_quality.md @@ -53,20 +53,21 @@ See also the Code Climate list of [Supported Languages for Maintainability](http > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267612) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.11. > - [Deployed behind a feature flag](../../../user/feature_flags.md), disabled by default. +> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/284140) in GitLab 13.12. Changes to files in merge requests can cause Code Quality to fall if merged. In these cases, an indicator is displayed (**{information-o}** **Code Quality**) on the file in the merge request's diff view. For example:  -To enable this feature, a GitLab administrator can run the following in a +To disable this feature, a GitLab administrator can run the following in a [Rails console](../../../administration/operations/rails_console.md): ```ruby # For the instance -Feature.enable(:codequality_mr_diff) +Feature.disable(:codequality_mr_diff) # For a single project -Feature.enable(:codequality_mr_diff, Project.find(<project id>)) +Feature.disable(:codequality_mr_diff, Project.find(<project id>)) ``` ## Use cases @@ -519,7 +520,7 @@ to change the default configuration, **not** a `.codequality.yml` file. If you u the wrong filename, the [default `.codeclimate.yml`](https://gitlab.com/gitlab-org/ci-cd/codequality/-/blob/master/codeclimate_defaults/.codeclimate.yml.template) is still used. -### No Code Quality report is displayed in a Merge Request +### No Code Quality report is displayed in a merge request This can be due to multiple reasons: @@ -531,7 +532,7 @@ This can be due to multiple reasons: nothing is displayed. - The [`artifacts:expire_in`](../../../ci/yaml/README.md#artifactsexpire_in) CI/CD setting can cause the Code Quality artifact(s) to expire faster than desired. -- The widgets use the pipeline of the latest commit to the target branch. If commits are made to the default branch that do not run the code quality job, this may cause the Merge Request widget to have no base report for comparison. +- The widgets use the pipeline of the latest commit to the target branch. If commits are made to the default branch that do not run the code quality job, this may cause the merge request widget to have no base report for comparison. - If you use the [`REPORT_STDOUT` environment variable](https://gitlab.com/gitlab-org/ci-cd/codequality#environment-variables), no report file is generated and nothing displays in the merge request. - Large `gl-code-quality-report.json` files (esp. >10 MB) are [known to prevent the report from being displayed](https://gitlab.com/gitlab-org/gitlab/-/issues/2737). As a work-around, try removing [properties](https://github.com/codeclimate/platform/blob/master/spec/analyzers/SPEC.md#data-types) diff --git a/doc/user/project/merge_requests/creating_merge_requests.md b/doc/user/project/merge_requests/creating_merge_requests.md index 3a5a581198b..ce1dac0a96b 100644 --- a/doc/user/project/merge_requests/creating_merge_requests.md +++ b/doc/user/project/merge_requests/creating_merge_requests.md @@ -3,14 +3,14 @@ stage: Create group: Code Review info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: howto -description: "How to create Merge Requests in GitLab." +description: "How to create merge requests in GitLab." disqus_identifier: 'https://docs.gitlab.com/ee/gitlab-basics/add-merge-request.html' --- # How to create a merge request **(FREE)** Before creating a merge request, read through an -[introduction to Merge Requests](getting_started.md) +[introduction to merge requests](getting_started.md) to familiarize yourself with the concept, the terminology, and to learn what you can do with them. @@ -21,16 +21,16 @@ or through the [GitLab UI](#new-merge-request-from-a-new-branch-created-through- This document describes the several ways to create a merge request. When you start a new merge request, regardless of the method, -you are taken to the [**New Merge Request** page](#new-merge-request-page) +you are taken to the [**New merge request** page](#new-merge-request-page) to fill it with information about the merge request. If you push a new branch to GitLab, also regardless of the method, -you can click the [**Create Merge Request**](#create-merge-request-button) +you can click the [**Create merge request**](#create-merge-request-button) button and start a merge request from there. -## New Merge Request page +## New merge request page -On the **New Merge Request** page, start by filling in the title and description +On the **New merge request** page, start by filling in the title and description for the merge request. If commits already exist on the branch, GitLab suggests a merge request title for you: @@ -43,31 +43,31 @@ merge request title for you: The title is the only field that is mandatory in all cases. From there, you can fill it with information (title, description, -assignee(s), milestone, labels, approvers) and click **Create Merge Request**. +assignee(s), milestone, labels, approvers) and click **Create merge request**. From that initial screen, you can also see all the commits, pipelines, and file changes pushed to your branch before submitting the merge request. - + NOTE: You can push one or more times to your branch in GitLab before creating the merge request. -## Create Merge Request button +## Create merge request button Once you have pushed a new branch to GitLab, visit your repository in GitLab and to see a call-to-action at the top of your screen -from which you can click the button **Create Merge Request**. +from which you can click the button **Create merge request**. - + You can also see the **Create merge request** button in the top-right of the: - **Project** page. - **Repository > Files** page. -- **Merge Requests** page. +- **Merge requests** page. In this case, GitLab uses the most recent branch you pushed changes to as the source branch, and the default branch in the current @@ -90,7 +90,7 @@ Once you have added, edited, or uploaded the file: 1. Click **Commit changes**. If you chose to start a merge request, you are taken to the -[**New Merge Request** page](#new-merge-request-page), from +[**New merge request** page](#new-merge-request-page), from which you can fill it in with information and submit the merge request. The merge request targets the default branch of the repository. @@ -103,8 +103,8 @@ navigate to your project's **Repository > Branches** and click **New branch**. A new branch is created and you can start editing files. -Once committed and pushed, you can click on the [**Create Merge Request**](#create-merge-request-button) -button to open the [**New Merge Request** page](#new-merge-request-page). +Once committed and pushed, you can click on the [**Create merge request**](#create-merge-request-button) +button to open the [**New merge request** page](#new-merge-request-page). A new merge request is started using the current branch as the source, and the default branch in the current project as the target. @@ -140,7 +140,7 @@ remote: To create a merge request for docs-new-merge-request, visit: remote: https://gitlab-instance.com/my-group/my-project/merge_requests/new?merge_request%5Bsource_branch%5D=my-new-branch ``` -Copy that link and paste it in your browser, and the [**New Merge Request page**](#new-merge-request-page) +Copy that link and paste it in your browser, and the [**New merge request page**](#new-merge-request-page) is displayed. There is also a number of [flags you can add to commands when pushing through the command line](../push_options.md) to reduce the need for editing merge requests manually through the UI. @@ -148,20 +148,20 @@ There is also a number of [flags you can add to commands when pushing through th If you didn't push your branch to GitLab through the command line (for example, you used a Git CLI application to push your changes), you can create a merge request through the GitLab UI by clicking -the [**Create Merge Request**](#create-merge-request-button) button. +the [**Create merge request**](#create-merge-request-button) button. ## New merge request from an issue You can also [create a new merge request directly from an issue](../repository/web_editor.md#create-a-new-branch-from-an-issue). -## New merge request from the Merge Requests page +## New merge request from the merge requests page You can start creating a new merge request by clicking the -**New merge request** button on the **Merge Requests** page in a project. +**New merge request** button on the **merge requests** page in a project. Then choose the source project and branch that contain your changes, and the target project and branch where you want to merge the changes into. Click on **Compare branches and continue** to go to the -[**New Merge Request** page](#new-merge-request-page) and fill in the details. +[**New merge request** page](#new-merge-request-page) and fill in the details. ## New merge request from a fork @@ -169,7 +169,7 @@ After forking a project and applying your local changes, complete the following create a merge request from your fork to contribute back to the main project: 1. Go to **Projects > Your Projects** and select your fork of the repository. -1. In the left menu, go to **Merge Requests**, and click **New Merge Request**. +1. In the left menu, go to **Merge requests**, and click **New merge request**. 1. In the **Source branch** drop-down list box, select your branch in your forked repository as the source branch. 1. In the **Target branch** drop-down list box, select the branch from the upstream repository as the target branch. You can set a [default target project](#set-the-default-target-project) to @@ -247,6 +247,6 @@ apply the patches. The target branch can be specified using the [`/target_branch` quick action](../quick_actions.md). If the source branch already exists, the patches are applied on top of it. -## Reviewing and managing Merge Requests +## Reviewing and managing merge requests -Once you have submitted a merge request, it can be [reviewed and managed](reviewing_and_managing_merge_requests.md) through GitLab. +Once you have submitted a merge request, it can be [reviewed and managed](reviews/index.md) through GitLab. diff --git a/doc/user/project/merge_requests/csv_export.md b/doc/user/project/merge_requests/csv_export.md index f973d9220f2..5556e54f875 100644 --- a/doc/user/project/merge_requests/csv_export.md +++ b/doc/user/project/merge_requests/csv_export.md @@ -4,13 +4,13 @@ group: Compliance info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Export Merge Requests to CSV **(FREE)** +# Export merge requests to CSV **(FREE)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3619) in GitLab 13.6. -Exporting Merge Requests CSV enables you and your team to export all the data collected from merge requests into a comma-separated values (CSV) file, which stores tabular data in plain text. +Exporting merge requests CSV enables you and your team to export all the data collected from merge requests into a comma-separated values (CSV) file, which stores tabular data in plain text. -To export Merge Requests to CSV, navigate to your **Merge Requests** from the sidebar of a project and click **Export to CSV**. +To export merge requests to CSV, navigate to your **Merge requests** from the sidebar of a project and click **Export to CSV**. ## CSV Output diff --git a/doc/user/project/merge_requests/drafts.md b/doc/user/project/merge_requests/drafts.md index a030961e219..57850ad7304 100644 --- a/doc/user/project/merge_requests/drafts.md +++ b/doc/user/project/merge_requests/drafts.md @@ -66,7 +66,7 @@ when you mark a merge request as ready, notifications are triggered to When viewing or searching in your project's merge requests list, you can include or exclude draft merge requests: -1. In your project, select **Merge Requests** from the left sidebar. +1. Go to your project and select **Merge requests**. 1. In the navigation bar, click **Open**, **Merged**, **Closed**, or **All** to filter by merge request status. 1. Click the search box to display a list of filters and select **Draft**, or diff --git a/doc/user/project/merge_requests/fail_fast_testing.md b/doc/user/project/merge_requests/fail_fast_testing.md index 80bdbce8d2c..68a63aebb90 100644 --- a/doc/user/project/merge_requests/fail_fast_testing.md +++ b/doc/user/project/merge_requests/fail_fast_testing.md @@ -42,14 +42,14 @@ This template requires: - A project built in Rails that uses RSpec for testing. - CI/CD configured to: - Use a Docker image with Ruby available. - - Use [Pipelines for Merge Requests](../../../ci/merge_request_pipelines/index.md#configuring-pipelines-for-merge-requests) + - Use [Pipelines for merge requests](../../../ci/merge_request_pipelines/index.md#configuring-pipelines-for-merge-requests) - [Pipelines for Merged Results](../../../ci/merge_request_pipelines/pipelines_for_merged_results/index.md#enable-pipelines-for-merged-results) enabled in the project settings. - A Docker image with Ruby available. The template uses `image: ruby:2.6` by default, but you [can override](../../../ci/yaml/includes.md#overriding-external-template-values) this. ## Configuring Fast RSpec Failure -We'll use the following plain RSpec configuration as a starting point. It installs all the +We use the following plain RSpec configuration as a starting point. It installs all the project gems and executes `rspec`, on merge request pipelines only. ```yaml @@ -86,13 +86,13 @@ For illustrative purposes, let's say our Rails app spec suite consists of 100 sp If no Ruby files are changed: -- `rspec-rails-modified-paths-specs` will not run any tests. -- `rspec-complete` will run the full suite of 1000 tests. +- `rspec-rails-modified-paths-specs` does not run any tests. +- `rspec-complete` runs the full suite of 1000 tests. If one Ruby model is changed, for example `app/models/example.rb`, then `rspec-rails-modified-paths-specs` -will run the 100 tests for `example.rb`: +runs the 100 tests for `example.rb`: - If all of these 100 tests pass, then the full `rspec-complete` suite of 1000 tests is allowed to run. -- If any of these 100 tests fail, they will fail quickly, and `rspec-complete` will not run any tests. +- If any of these 100 tests fail, they fail quickly, and `rspec-complete` does not run any tests. The final case saves resources and time as the full 1000 test suite does not run. diff --git a/doc/user/project/merge_requests/getting_started.md b/doc/user/project/merge_requests/getting_started.md index 1bb333dcb14..459b8fa56ff 100644 --- a/doc/user/project/merge_requests/getting_started.md +++ b/doc/user/project/merge_requests/getting_started.md @@ -3,12 +3,12 @@ stage: Create group: Code Review info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: index, reference -description: "Getting started with Merge Requests." +description: "Getting started with merge requests." --- -# Getting started with Merge Requests **(FREE)** +# Getting started with merge requests **(FREE)** -A Merge Request (**MR**) is the basis of GitLab as a code +A merge request (**MR**) is the basis of GitLab as a code collaboration and version control. When working in a Git-based platform, you can use branching @@ -25,7 +25,7 @@ avoiding changes to be pushed directly to the default branch without prior reviews, tests, and approvals. When you create a new feature branch, change the files, and push -it to GitLab, you have the option to create a **Merge Request**, +it to GitLab, you have the option to create a **merge request**, which is essentially a _request_ to merge one branch into another. The branch you added your changes into is called _source branch_ @@ -56,7 +56,7 @@ request's page at the top-right side: - [Assign](#assignee) the merge request to a colleague for review. With [multiple assignees](#multiple-assignees), you can assign it to more than one person at a time. - Set a [milestone](../milestones/index.md) to track time-sensitive changes. - Add [labels](../labels.md) to help contextualize and filter your merge requests over time. -- Require [approval](merge_request_approvals.md) from your team. **(PREMIUM)** +- [Require approval](approvals/index.md#required-approvals) from your team. **(PREMIUM)** - [Close issues automatically](#merge-requests-to-close-issues) when they are merged. - Enable the [delete source branch when merge request is accepted](#deleting-the-source-branch) option to keep your repository clean. - Enable the [squash commits when merge request is accepted](squash_and_merge.md) option to combine all the commits into one before merging, thus keep a clean commit history in your repository. @@ -65,24 +65,24 @@ request's page at the top-right side: After you have created the merge request, you can also: - [Discuss](../../discussions/index.md) your implementation with your team in the merge request thread. -- [Perform inline code reviews](reviewing_and_managing_merge_requests.md#perform-inline-code-reviews). +- [Perform inline code reviews](reviews/index.md#perform-inline-code-reviews). - Add [merge request dependencies](merge_request_dependencies.md) to restrict it to be merged only when other merge requests have been merged. **(PREMIUM)** -- Preview continuous integration [pipelines on the merge request widget](reviewing_and_managing_merge_requests.md#pipeline-status-in-merge-requests-widgets). -- Preview how your changes look directly on your deployed application with [Review Apps](reviewing_and_managing_merge_requests.md#live-preview-with-review-apps). +- Preview continuous integration [pipelines on the merge request widget](reviews/index.md#pipeline-status-in-merge-requests-widgets). +- Preview how your changes look directly on your deployed application with [Review Apps](reviews/index.md#live-preview-with-review-apps). - [Allow collaboration on merge requests across forks](allow_collaboration.md). -- Perform a [Review](../../discussions/index.md#merge-request-reviews) to create multiple comments on a diff and publish them when you're ready. -- Add [code suggestions](../../discussions/index.md#suggest-changes) to change the content of merge requests directly into merge request threads, and easily apply them to the codebase directly from the UI. +- Perform a [Review](reviews/index.md) to create multiple comments on a diff and publish them when you're ready. +- Add [code suggestions](reviews/suggestions.md) to change the content of merge requests directly into merge request threads, and easily apply them to the codebase directly from the UI. - Add a time estimation and the time spent with that merge request with [Time Tracking](../time_tracking.md#time-tracking). Many of these can be set when pushing changes from the command line, with [Git push options](../push_options.md). -See also other [features associated to merge requests](reviewing_and_managing_merge_requests.md#associated-features). +See also other [features associated to merge requests](reviews/index.md#associated-features). ### Assignee Choose an assignee to designate someone as the person responsible -for the first [review of the merge request](reviewing_and_managing_merge_requests.md). +for the first [review of the merge request](reviews/index.md). Open the drop down box to search for the user you wish to assign, and the merge request is added to their [assigned merge request list](../../search/index.md#issues-and-merge-requests). @@ -122,7 +122,7 @@ Requesting a code review is an important part of contributing code. However, dec your code and asking for a review are no easy tasks. Using the "assignee" field for both authors and reviewers makes it hard for others to determine who's doing what on a merge request. -The Merge Request Reviewers feature enables you to request a review of your work, and +The merge request Reviewers feature enables you to request a review of your work, and see the status of the review. Reviewers help distinguish the roles of the users involved in the merge request. In comparison to an **Assignee**, who is directly responsible for creating or merging a merge request, a **Reviewer** is a team member @@ -138,7 +138,7 @@ When selected, GitLab creates a [to-do list item](../../todos.md) for each revie > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/293742) in GitLab 13.9. When editing the **Reviewers** field in a new or existing merge request, GitLab -displays the name of the matching [approval rule](merge_request_approvals.md#approval-rules) +displays the name of the matching [approval rule](approvals/rules.md) below the name of each suggested reviewer. [Code Owners](../code_owners.md) are displayed as `Codeowner` without group detail. This example shows reviewers and approval rules when creating a new merge request: @@ -234,7 +234,7 @@ The feature today works only on merge. Clicking the **Remove source branch** but after the merge request was merged will not automatically retarget a merge request. This improvement is [tracked as a follow-up](https://gitlab.com/gitlab-org/gitlab/-/issues/321559). -## Recommendations and best practices for Merge Requests +## Recommendations and best practices for merge requests - When working locally in your branch, add multiple commits and only push when you're done, so GitLab runs only one pipeline for all the commits pushed diff --git a/doc/user/project/merge_requests/img/approve.png b/doc/user/project/merge_requests/img/approve.png Binary files differdeleted file mode 100644 index e2641f48c7a..00000000000 --- a/doc/user/project/merge_requests/img/approve.png +++ /dev/null diff --git a/doc/user/project/merge_requests/img/approve_additionally.png b/doc/user/project/merge_requests/img/approve_additionally.png Binary files differdeleted file mode 100644 index bab0cd4e041..00000000000 --- a/doc/user/project/merge_requests/img/approve_additionally.png +++ /dev/null diff --git a/doc/user/project/merge_requests/img/group_merge_requests_list_view.png b/doc/user/project/merge_requests/img/group_merge_requests_list_view.png Binary files differdeleted file mode 100644 index 7d0756505db..00000000000 --- a/doc/user/project/merge_requests/img/group_merge_requests_list_view.png +++ /dev/null diff --git a/doc/user/project/merge_requests/img/remove_approval.png b/doc/user/project/merge_requests/img/remove_approval.png Binary files differdeleted file mode 100644 index b178d26cf85..00000000000 --- a/doc/user/project/merge_requests/img/remove_approval.png +++ /dev/null diff --git a/doc/user/project/merge_requests/index.md b/doc/user/project/merge_requests/index.md index 1fed30dc589..f587ab34d11 100644 --- a/doc/user/project/merge_requests/index.md +++ b/doc/user/project/merge_requests/index.md @@ -8,7 +8,6 @@ type: index, reference # Merge requests **(FREE)** Merge requests (MRs) are the way you check source code changes into a branch. - When you open a merge request, you can visualize and collaborate on the code changes before merge. Merge requests include: @@ -18,6 +17,11 @@ Merge requests include: - A comment section for discussion threads. - The list of commits. +Merge requests contain tabs at the top of the page to help you navigate to +important parts of the merge request: **Overview**, **Commits**, **Pipelines**, and **Changes**. + + + To get started, read the [introduction to merge requests](getting_started.md). ## Merge request workflows @@ -29,10 +33,10 @@ For a software developer working in a team: 1. You work on the implementation optimizing code with [Code Quality reports](code_quality.md). 1. You verify your changes with [Unit test reports](../../../ci/unit_test_reports.md) in GitLab CI/CD. 1. You avoid using dependencies whose license is not compatible with your project with [License Compliance reports](../../compliance/license_compliance/index.md). -1. You request the [approval](merge_request_approvals.md) from your manager. +1. You request the [approval](approvals/index.md) from your manager. 1. Your manager: 1. Pushes a commit with their final review. - 1. [Approves the merge request](merge_request_approvals.md). + 1. [Approves the merge request](approvals/index.md). 1. Sets it to [merge when pipeline succeeds](merge_when_pipeline_succeeds.md). 1. Your changes get deployed to production with [manual actions](../../../ci/yaml/README.md#whenmanual) for GitLab CI/CD. 1. Your implementations were successfully shipped to your customer. @@ -43,35 +47,13 @@ For a web developer writing a webpage for your company's website: 1. You gather feedback from your reviewers. 1. You preview your changes with [Review Apps](../../../ci/review_apps/index.md). 1. You request your web designers for their implementation. -1. You request the [approval](merge_request_approvals.md) from your manager. +1. You request the [approval](approvals/index.md) from your manager. 1. Once approved, your merge request is [squashed and merged](squash_and_merge.md), and [deployed to staging with GitLab Pages](https://about.gitlab.com/blog/2021/02/05/ci-deployment-and-environments/). 1. Your production team [cherry picks](cherry_pick_changes.md) the merge commit into production. -## Merge request navigation tabs at the top - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/33813) in GitLab 12.6. This positioning is experimental. - -In GitLab 12.5 and earlier, navigation tabs in merge requests (**Discussion**, -**Commits**, **Pipelines**, and **Changes**) were located after the merge request -widget. - -To facilitate navigation without scrolling, and based on user feedback, the tabs are -now located at the top of the merge request tab. A new **Overview** tab was added, -and next to **Overview** are **Commits**, **Pipelines**, and **Changes**. - - - -This change is behind a feature flag that is enabled by default. For -self-managed instances, it can be disabled through the Rails console by a GitLab -administrator with the following command: - -```ruby -Feature.disable(:mr_tabs_position) -``` - ## Related topics - [Create a merge request](creating_merge_requests.md) -- [Review and manage merge requests](reviewing_and_managing_merge_requests.md) +- [Review and manage merge requests](reviews/index.md) - [Authorization for merge requests](authorization_for_merge_requests.md) - [Testing and reports](testing_and_reports_in_merge_requests.md) diff --git a/doc/user/project/merge_requests/merge_request_approvals.md b/doc/user/project/merge_requests/merge_request_approvals.md index 835350ade44..38d6ba062e4 100644 --- a/doc/user/project/merge_requests/merge_request_approvals.md +++ b/doc/user/project/merge_requests/merge_request_approvals.md @@ -1,416 +1,8 @@ --- -stage: Create -group: Source Code -info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" -type: reference, concepts +redirect_to: 'approvals/index.md' --- -# Merge Request Approvals **(FREE)** +This document was moved to [another location](approvals/index.md). -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/580) in GitLab Enterprise Edition 7.2. Available in GitLab Free and higher tiers. -> - Redesign [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1979) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.8 and [feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/10685) in 12.0. - -Code review is an essential practice of every successful project. Approving a -merge request is an important part of the review -process, as it clearly communicates the ability to merge the change. -A [merge request approvals API](../../../api/merge_request_approvals.md) is also available. - -## Optional Approvals - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27426) in GitLab 13.2. - -Any user with Developer or greater [permissions](../../permissions.md) can approve a merge request in GitLab Free and higher tiers. -This provides a consistent mechanism for reviewers to approve merge requests, and ensures -maintainers know a change is ready to merge. Approvals in Free are optional, and do -not prevent a merge request from being merged when there is no approval. - -## External approvals **(ULTIMATE)** - -> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3869) in GitLab Ultimate 13.10. -> - It's [deployed behind a feature flag](../../feature_flags.md), disabled by default. -> - It's disabled on GitLab.com. -> - It's not recommended for production use. -> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](../../../api/merge_request_approvals.md#enable-or-disable-external-project-level-mr-approvals). **(ULTIMATE SELF)** - -WARNING: -This feature might not be available to you. Check the **version history** note above for details. - -When you create an external approval rule, the following merge request actions sends information -about a merge request to a third party service: - -- Create -- Change -- Close - -This action enables use-cases such as: - -- Integration with 3rd party workflow tools, such as [ServiceNow](https://www.servicenow.co.uk/). -- Integration with custom tools designed to approve merge requests from outside of GitLab. - -You can find more information about use-cases, development timelines and the feature discovery in -the [External API approval rules epic](https://gitlab.com/groups/gitlab-org/-/epics/3869). - -The intention for this feature is to allow those 3rd party tools to approve a merge request similarly to how users current do. - -NOTE: -The lack of an external approval does not block the merging of a merge request. - -You can modify external approval rules through the [REST API](../../../api/merge_request_approvals.md#external-project-level-mr-approvals). - -## Required Approvals **(PREMIUM)** - -> - [Introduced](https://about.gitlab.com/releases/2015/06/22/gitlab-7-12-released/#merge-request-approvers-ee-only) in GitLab Enterprise Edition 7.12. -> - Moved to GitLab Premium in 13.9. - -Required approvals enable enforced code review by requiring specified people -to approve a merge request before it can be merged. - -Required approvals enable multiple use cases: - -- Enforcing review of all code that gets merged into a repository. -- Specifying reviewers for a given proposed code change, as well as a minimum number - of reviewers, through [Approval rules](#approval-rules). -- Specifying categories of reviewers, such as backend, frontend, quality assurance, - database, and so on, for all proposed code changes. -- Designating [Code Owners as eligible approvers](#code-owners-as-eligible-approvers), - determined by the files changed in a merge request. -- [Requiring approval from a security team](#security-approvals-in-merge-requests) - before merging code that could introduce a vulnerability.**(ULTIMATE)** - -### Approval Rules - -Approval rules define how many approvals a merge request must receive before it can -be merged, and optionally which users should do the approving. Approvals can be defined: - -- [As project defaults](#adding--editing-a-default-approval-rule). -- [Per merge request](#editing--overriding-approval-rules-per-merge-request). - -If no approval rules are defined, any user can approve a merge request. However, the default -minimum number of required approvers can still be set in the -[settings for merge request approvals](#approval-settings). - -You can opt to define one single rule to approve a merge request among the available rules -or choose more than one with [multiple approval rules](#multiple-approval-rules). - -NOTE: -On GitLab.com, you can add a group as an approver if you're a member of that group or the -group is public. - -#### Eligible Approvers - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10294) in GitLab 13.3, when an eligible approver comments on a merge request, it appears in the **Commented by** column of the Approvals widget. - -The following users can approve merge requests: - -- Users who have been added as approvers at the project or merge request levels with - developer or higher [permissions](../../permissions.md). -- [Code owners](#code-owners-as-eligible-approvers) of the files changed by the merge request - that have developer or higher [permissions](../../permissions.md). - -An individual user can be added as an approver for a project if they are a member of: - -- The project. -- The project's immediate parent group. -- A group that has access to the project via a [share](../members/share_project_with_groups.md). - -A group of users can also be added as approvers, though they only count as approvers if -they have direct membership to the group. In the future, group approvers may be -[restricted to only groups with share access to the project](https://gitlab.com/gitlab-org/gitlab/-/issues/2048). - -If a user is added as an individual approver and is also part of a group approver, -then that user is just counted once. The merge request author, and users who have committed -to the merge request, do not count as eligible approvers, -if [**Prevent author approval**](#allowing-merge-request-authors-to-approve-their-own-merge-requests) (enabled by default) -and [**Prevent committers approval**](#prevent-approval-of-merge-requests-by-their-committers) (disabled by default) -are enabled on the project settings. - -When an eligible approver comments on a merge request, it displays in the -**Commented by** column of the Approvals widget. It indicates who participated in -the merge request review. Authors and reviewers can also identify who they should reach out -to if they have any questions about the content of the merge request. - -##### Implicit Approvers - -If the number of required approvals is greater than the number of assigned approvers, -approvals from other users counts towards meeting the requirement. These would be -users with developer [permissions](../../permissions.md) or higher in the project who -were not explicitly listed in the approval rules. - -##### Code Owners as eligible approvers - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/7933) in GitLab 11.5. -> - Moved to GitLab Premium in 13.9. - -If you add [Code Owners](../code_owners.md) to your repository, the owners to the -corresponding files become eligible approvers, together with members with Developer -or higher [permissions](../../permissions.md). - -To enable this merge request approval rule: - -1. Navigate to your project's **Settings > General** and expand - **Merge request (MR) approvals**. -1. Locate **Any eligible user** and choose the number of approvals required. - - - -Once set, merge requests can only be merged once approved by the -number of approvals you've set. GitLab accepts approvals from -users with Developer or higher permissions, as well as by Code Owners, -indistinguishably. - -Alternatively, you can **require** -[Code Owner's approvals for protected branches](../protected_branches.md#protected-branches-approval-by-code-owners). **(PREMIUM)** - -#### Merge Request approval segregation of duties - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40491) in GitLab 13.4. -> - Moved to Premium in 13.9. - -Managers or operators with [Reporter permissions](../../permissions.md#project-members-permissions) -to a project sometimes need to be required approvers of a merge request, -before a merge to a protected branch begins. These approvers aren't allowed -to push or merge code to any branches. - -To enable this access: - -1. [Create a new group](../../group/index.md#create-a-group), and then - [add the user to the group](../../group/index.md#add-users-to-a-group), - ensuring you select the Reporter role for the user. -1. [Share the project with your group](../members/share_project_with_groups.md#sharing-a-project-with-a-group-of-users), - based on the Reporter role. -1. Navigate to your project's **Settings > General**, and in the - **Merge request (MR) approvals** section, click **Expand**. -1. Select **Add approval rule** or **Update approval rule**. -1. [Add the group](../../group/index.md#create-a-group) to the permission list. - - - -#### Adding / editing a default approval rule - -To add or edit the default merge request approval rule: - -1. Navigate to your project's **Settings > General** and expand **Merge request (MR) approvals**. - -1. Click **Add approval rule**, or **Edit**. - - Add or change the **Rule name**. - - Set the number of required approvals in **Approvals required**. The minimum value is `0`. - - (Optional) Search for users or groups that are [eligible to approve](#eligible-approvers) - merge requests and click the **Add** button to add them as approvers. Before typing - in the search field, approvers are suggested based on the previous authors of - the files being changed by the merge request. - - (Optional) Click the **{remove}** **Remove** button next to a group or user to delete it from - the rule. -1. Click **Add approval rule** or **Update approval rule**. - -When [approval rule overrides](#prevent-overriding-default-approvals) are allowed, -changes to these default rules are not applied to existing merge -requests, except for changes to the [target branch](#scoped-to-protected-branch) of -the rule. - -When approval rule overrides are not allowed, all changes to these default rules -are applied to existing merge requests. Any approval rules that had previously been -manually [overridden](#editing--overriding-approval-rules-per-merge-request) during a -period when approval rule overrides where allowed, are not modified. - -NOTE: -If a merge request targets a different project, such as from a fork to the upstream project, -the default approval rules are taken from the target (upstream) project, not the -source (fork). - -##### Editing / overriding approval rules per merge request - -> Introduced in GitLab Enterprise Edition 9.4. - -By default, the merge request approval rule listed in each merge request (MR) can be -edited by the MR author or a user with sufficient [permissions](../../permissions.md). -This ability can be disabled in the [merge request approvals settings](#prevent-overriding-default-approvals). - -One possible scenario would be to add more approvers than were defined in the default -settings. - -When creating or editing a merge request, find the **Approval rules** section, then follow -the same steps as [Adding / editing a default approval rule](#adding--editing-a-default-approval-rule). - -#### Set up an optional approval rule - -MR approvals can be configured to be optional, which can help if you're working -on a team where approvals are appreciated, but not required. - -To configure an approval to be optional, set the number of required approvals in **Approvals required** to `0`. - -You can also set an optional approval rule through the [Merge requests approvals API](../../../api/merge_request_approvals.md#update-merge-request-level-rule), by setting the `approvals_required` attribute to `0`. - -#### Multiple approval rules **(PREMIUM)** - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1979) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.10. - -In GitLab Premium, it is possible to have multiple approval rules per merge request, -as well as multiple default approval rules per project. - -Adding or editing multiple default rules is identical to -[adding or editing a single default approval rule](#adding--editing-a-default-approval-rule), -except the **Add approval rule** button is available to add more rules, even after -a rule is already defined. - -Similarly, editing or overriding multiple approval rules per merge request is identical -to [editing or overriding approval rules per merge request](#editing--overriding-approval-rules-per-merge-request), -except the **Add approval rule** button is available to add more rules, even after -a rule is already defined. - -When an [eligible approver](#eligible-approvers) approves a merge request, it -reduces the number of approvals left for all rules that the approver belongs to. - - - -#### Scoped to protected branch **(PREMIUM)** - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/460) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.8. - -Approval rules are often only relevant to specific branches, like `master`. -When configuring [**Default Approval Rules**](#adding--editing-a-default-approval-rule) -these can be scoped to all the protected branches at once by navigating to your project's -**Settings**, expanding **Merge request (MR) approvals**, and selecting **Any branch** from -the **Target branch** dropdown. - -Alternatively, you can select a very specific protected branch from the **Target branch** dropdown: - - - -To enable this configuration, see [Code Owner's approvals for protected branches](../protected_branches.md#protected-branches-approval-by-code-owners). - -### Adding or removing an approval - -When an [eligible approver](#eligible-approvers) visits an open merge request, -one of the following is possible: - -- If the required number of approvals has _not_ been yet met, they can approve - it by clicking the displayed **Approve** button. - -  - -- If the required number of approvals has already been met, they can still - approve it by clicking the displayed **Approve additionally** button. - -  - -- **They have already approved this merge request**: They can remove their approval. - -  - -When [approval rule overrides](#prevent-overriding-default-approvals) are allowed, -changes to default approval rules will **not** be applied to existing -merge requests, except for changes to the [target branch](#scoped-to-protected-branch) -of the rule. - -NOTE: -The merge request author is not allowed to approve their own merge request if -[**Prevent author approval**](#allowing-merge-request-authors-to-approve-their-own-merge-requests) -is enabled in the project settings. - -After the approval rules have been met, the merge request can be merged if there is nothing -else blocking it. Note that the merge request could still be blocked by other conditions, -such as merge conflicts, [pending discussions](../../discussions/index.md#only-allow-merge-requests-to-be-merged-if-all-threads-are-resolved), -or a [failed CI/CD pipeline](merge_when_pipeline_succeeds.md). - -### Approval settings - -The settings for Merge Request Approvals are found by going to -**Settings > General** and expanding **Merge request (MR) approvals**. - -#### Prevent overriding default approvals - -Regardless of the approval rules you choose for your project, users can edit them in every merge -request, overriding the rules you set as [default](#adding--editing-a-default-approval-rule). -To prevent that from happening: - -1. Select the **Prevent users from modifying MR approval rules in merge requests.** checkbox. -1. Click **Save changes**. - -#### Resetting approvals on push - -You can force all approvals on a merge request to be removed when new commits are -pushed to the source branch of the merge request. If disabled, approvals persist -even if there are changes added to the merge request. To enable this feature: - -1. Check the **Require new approvals when new commits are added to an MR.** - checkbox. -1. Click **Save changes**. - -NOTE: -Approvals do not get reset when [rebasing a merge request](fast_forward_merge.md) -from the UI. However, approvals are reset if the target branch is changed. - -#### Allowing merge request authors to approve their own merge requests **(PREMIUM)** - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3349) in GitLab 11.3. -> - Moved to GitLab Premium in 13.9. - -By default, projects are configured to prevent merge requests from being approved by -their own authors. To change this setting: - -1. Go to your project's **Settings > General**, expand **Merge request (MR) approvals**. -1. Uncheck the **Prevent MR approval by the author.** checkbox. -1. Click **Save changes**. - -Note that users can edit the approval rules in every merge request and override pre-defined settings unless it's set [**not to allow** overrides](#prevent-overriding-default-approvals). - -You can prevent authors from approving their own merge requests -[at the instance level](../../admin_area/merge_requests_approvals.md). When enabled, -this setting is disabled on the project level, and not editable. - -#### Prevent approval of merge requests by their committers **(PREMIUM)** - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10441) in GitLab 11.10. -> - Moved to GitLab Premium in 13.9. - -You can prevent users who have committed to a merge request from approving it, -though code authors can still approve. You can enable this feature -[at the instance level](../../admin_area/merge_requests_approvals.md), which -disables changes to this feature at the project level. If you prefer to manage -this feature at the project level, you can: - -1. Check the **Prevent MR approvals from users who make commits to the MR.** checkbox. - If this check box is disabled, this feature has been disabled - [at the instance level](../../admin_area/merge_requests_approvals.md). -1. Click **Save changes**. - -Read the official Git documentation for an explanation of the -[differences between authors and committers](https://git-scm.com/book/en/v2/Git-Basics-Viewing-the-Commit-History). - -#### Require authentication when approving a merge request - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5981) in GitLab 12.0. -> - Moved to GitLab Premium in 13.9. - -NOTE: -To require authentication when approving a merge request, you must enable -**Password authentication enabled for web interface** under [sign-in restrictions](../../admin_area/settings/sign_in_restrictions.md#password-authentication-enabled). -in the Admin Area. - -You can force the approver to enter a password in order to authenticate before adding -the approval. This enables an Electronic Signature for approvals such as the one defined -by [CFR Part 11](https://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/CFRSearch.cfm?CFRPart=11&showFR=1&subpartNode=21:1.0.1.1.8.3)). -To enable this feature: - -1. Check the **Require user password for approvals.** checkbox. -1. Click **Save changes**. - -### Security approvals in merge requests **(ULTIMATE)** - -Merge Request Approvals can be configured to require approval from a member -of your security team when a vulnerability would be introduced by a merge request. - -For more information, see -[Security approvals in merge requests](../../application_security/index.md#security-approvals-in-merge-requests). - -<!-- ## Troubleshooting - -Include any troubleshooting steps that you can foresee. If you know beforehand what issues -one might have when setting this up, or when something is changed, or on upgrading, it's -important to describe those, too. Think of things that may go wrong and include them here. -This is important to minimize requests for support, and to avoid doc comments with -questions that you know someone might ask. - -Each scenario can be a third-level heading, e.g. `### Getting error message X`. -If you have none to add when creating a doc, leave this section in place -but commented out to help encourage others to add to it in the future. --> +<!-- This redirect file can be deleted after <2021-07-27>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/project/merge_requests/merge_request_dependencies.md b/doc/user/project/merge_requests/merge_request_dependencies.md index fc5cc4d958b..4534ce194bf 100644 --- a/doc/user/project/merge_requests/merge_request_dependencies.md +++ b/doc/user/project/merge_requests/merge_request_dependencies.md @@ -5,10 +5,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference, concepts --- -# Merge Request dependencies **(PREMIUM)** +# Merge request dependencies **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9688) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2. -> - [Renamed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/17291) from "Cross-project dependencies" to "Merge Requests dependencies" in [GitLab Premium](https://about.gitlab.com/pricing/) 12.4. +> - [Renamed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/17291) from "Cross-project dependencies" to "Merge request dependencies" in [GitLab Premium](https://about.gitlab.com/pricing/) 12.4. > - Intra-project MR dependencies were [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/16799) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.4. Merge request dependencies allows a required order of merging diff --git a/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md b/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md index 58f2c310375..b1da336aae9 100644 --- a/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md +++ b/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md @@ -67,7 +67,7 @@ You should be careful to configure CI/CD so that pipelines run for every merge r ### Limitations When this setting is enabled, a merge request is prevented from being merged if there -is no pipeline. This may conflict with some use cases where [`only/except`](../../../ci/yaml/README.md#onlyexcept-advanced) +is no pipeline. This may conflict with some use cases where [`only/except`](../../../ci/yaml/README.md#only--except) or [`rules`](../../../ci/yaml/README.md#rules) are used and they don't generate any pipelines. You should ensure that [there is always a pipeline](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/54226) diff --git a/doc/user/project/merge_requests/reviewing_and_managing_merge_requests.md b/doc/user/project/merge_requests/reviewing_and_managing_merge_requests.md index aba75403a2a..0475996cb9b 100644 --- a/doc/user/project/merge_requests/reviewing_and_managing_merge_requests.md +++ b/doc/user/project/merge_requests/reviewing_and_managing_merge_requests.md @@ -1,452 +1,8 @@ --- -stage: Create -group: Code Review -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: index, reference +redirect_to: 'reviews/index.md' --- -# Reviewing and managing merge requests **(FREE)** +This document was moved to [another location](reviews/index.md). -Merge requests are the primary method of making changes to files in a GitLab project. -Changes are proposed by [creating and submitting a merge request](creating_merge_requests.md), -which is then reviewed, and accepted (or rejected). - -## View project merge requests - -View all the merge requests in a project by navigating to **Project > Merge Requests**. - -When you access your project's merge requests, GitLab displays them in a list. -Use the tabs to quickly filter by open and closed. You can also [search and filter the results](../../search/index.md#filtering-issue-and-merge-request-lists). - - - -## View merge requests for all projects in a group - -View merge requests in all projects in the group, including all projects of all descendant subgroups of the group. Navigate to **Group > Merge Requests** to view these merge requests. This view also has the open and closed merge requests tabs. - -You can [search and filter the results](../../search/index.md#filtering-issue-and-merge-request-lists) from here. - - - -## Cached merge request count - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299542) in GitLab 13.11. -> - It's [deployed behind a feature flag](../../feature_flags.md), enabled by default. -> - It's enabled on GitLab.com. -> - It's recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-cached-merge-request-count). - -WARNING: -This feature might not be available to you. Check the **version history** note above for details. - -In a group, the sidebar displays the total count of open merge requests and this value is cached if higher -than 1000. The cached value is rounded to thousands (or millions) and updated every 24 hours. - -### Enable or disable cached merge request count **(FREE SELF)** - -Cached merge request count in the left sidebar is under development but ready for production use. It is -deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) -can disable it. - -To disable it: - -```ruby -Feature.disable(:cached_sidebar_merge_requests_count) -``` - -To enable it: - -```ruby -Feature.enable(:cached_sidebar_merge_requests_count) -``` - -## Semi-linear history merge requests - -A merge commit is created for every merge, but the branch is only merged if -a fast-forward merge is possible. This ensures that if the merge request build -succeeded, the target branch build also succeeds after the merge. - -Navigate to a project's settings, select the **Merge commit with semi-linear history** -option under **Merge Requests: Merge method** and save your changes. - -## View changes between file versions - -The **Changes** tab, below the main merge request details and next to the discussion tab, -shows the changes to files between branches or commits. This view of changes to a -file is also known as a **diff**. By default, the diff view compares the file in the -merge request branch and the file in the target branch. - -The diff view includes the following: - -- The file's name and path. -- The number of lines added and deleted. -- Buttons for the following options: - - Toggle comments for this file; useful for inline reviews. - - Edit the file in the merge request's branch. - - Show full file, in case you want to look at the changes in context with the rest of the file. - - View file at the current commit. - - Preview the changes with [Review Apps](../../../ci/review_apps/index.md). -- The changed lines, with the specific changes highlighted. - - - -### Merge request diff file navigation - -When reviewing changes in the **Changes** tab the diff can be navigated using -the file tree or file list. As you scroll through large diffs with many -changes, you can quickly jump to any changed file using the file tree or file -list. - - - -### Collapsed files in the Changes view - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/232820) in GitLab 13.4. - -When you review changes in the **Changes** tab, files with a large number of changes are collapsed -to improve performance. When files are collapsed, a warning appears at the top of the changes. -Click **Expand file** on any file to view the changes for that file. - -### File-by-file diff navigation - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/222790) in GitLab 13.2. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/229848) in GitLab 13.7. - -For larger merge requests, consider reviewing one file at a time. To enable this feature: - -1. In the top-right corner, select your avatar. -1. Select **Preferences**. -1. Scroll to the **Behavior** section and select **Show one file at a time on merge request's Changes tab**. -1. Select **Save changes**. - -After you enable this setting, GitLab displays only one file at a time in the **Changes** tab when you review merge requests. You can click **Prev** and **Next** to view other changed files. - - - -In [GitLab 13.7](https://gitlab.com/gitlab-org/gitlab/-/issues/233898) and later, if you want to change -this behavior, you can do so from your **User preferences** (as explained above) or directly in a -merge request: - -1. Go to the merge request's **Changes** tab. -1. Select the cog icon (**{settings}**) to reveal the merge request's settings dropdown. -1. Select or deselect the checkbox **Show one file at a time** to change the setting accordingly. - -This change overrides the choice you made in your user preferences and persists until you clear your -browser's cookies or change this behavior again. - -### Merge requests commit navigation - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18140) in GitLab 13.0. - -To seamlessly navigate among commits in a merge request: - -1. Select the **Commits** tab. -1. Select a commit to open it in the single-commit view. -1. Navigate through the commits by either: - - - Selecting **Prev** and **Next** buttons below the tab buttons. - - Using the <kbd>X</kbd> and <kbd>C</kbd> keyboard shortcuts. - - - -### Incrementally expand merge request diffs - -By default, the diff shows only the parts of a file which are changed. -To view more unchanged lines above or below a change click on the -**Expand up** or **Expand down** icons. You can also click on **Show unchanged lines** -to expand the entire file. - - - -In GitLab [versions 13.1 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/205401), when viewing a -merge request's **Changes** tab, if a certain file was only renamed, you can expand it to see the -entire content by clicking **Show file contents**. - -### Ignore whitespace changes in Merge Request diff view - -If you click the **Hide whitespace changes** button, you can see the diff -without whitespace changes (if there are any). This is also working when on a -specific commit page. - - - -NOTE: -You can append `?w=1` while on the diffs page of a merge request to ignore any -whitespace changes. - -## Mark files as viewed - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/51513) in GitLab 13.9. -> - It's deployed behind a feature flag, enabled by default. -> - It's enabled on GitLab.com. -> - It's recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-file-views). **(FREE SELF)** - -When reviewing a merge request with many files multiple times, it may be useful to the reviewer -to focus on new changes and ignore the files that they have already reviewed and don't want to -see anymore unless they are changed again. - -To mark a file as viewed: - -1. Go to the merge request's **Diffs** tab. -1. On the right-top of the file, locate the **Viewed** checkbox. -1. Check it to mark the file as viewed. - -Once checked, the file remains marked for that reviewer unless there are newly introduced -changes to its content or the checkbox is unchecked. - -### Enable or disable file views **(FREE SELF)** - -The file view feature is under development but ready for production use. -It is deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) -can opt to enable it for your instance. - -To enable it: - -```ruby -Feature.enable(:local_file_reviews) -``` - -To disable it: - -```ruby -Feature.disable(:local_file_reviews) -``` - -## Perform inline code reviews - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/13950) in GitLab 11.5. - -In a merge request, you can leave comments in any part of the file being changed. -In the Merge Request Diff UI, you can: - -- **Comment on a single line**: Click the **{comment}** **comment** icon in the - gutter to expand the diff lines and display a comment box. -- [**Comment on multiple lines**](#commenting-on-multiple-lines). - -### Commenting on multiple lines - -> - [Introduced](https://gitlab.com/gitlab-org/ux-research/-/issues/870) in GitLab 13.2. -> - [Added](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/49875) click-and-drag features in GitLab 13.8. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/299121) in GitLab 13.9. - -When commenting on a diff, you can select which lines of code your comment refers -to by either: - - - -- Clicking and dragging the **{comment}** **comment** icon in the gutter to highlight - lines in the diff. GitLab expands the diff lines and displays a comment box. -- After starting a comment by clicking the **{comment}** **comment** icon in the - gutter, select the first line number your comment refers to in the **Commenting on lines** - select box. New comments default to single-line comments, unless you select - a different starting line. - -Multiline comments display the comment's line numbers above the body of the comment: - - - -## Pipeline status in merge requests widgets - -If you've set up [GitLab CI/CD](../../../ci/README.md) in your project, -you can see: - -- Both pre-merge and post-merge pipelines and the environment information if any. -- Which deployments are in progress. - -If an application is successfully deployed to an -[environment](../../../ci/environments/index.md), the deployed environment and the link to the -Review App are both shown. - -NOTE: -When the pipeline fails in a merge request but it can still be merged, -the **Merge** button is colored red. - -### Post-merge pipeline status - -When a merge request is merged, you can see the post-merge pipeline status of -the branch the merge request was merged into. For example, when a merge request -is merged into the [default branch](../repository/branches/default.md) and then triggers a deployment to the staging -environment. - -Ongoing deployments are shown, and the state (deploying or deployed) -for environments. If it's the first time the branch is deployed, the link -returns a `404` error until done. During the deployment, the stop button is -disabled. If the pipeline fails to deploy, the deployment information is hidden. - - - -For more information, [read about pipelines](../../../ci/pipelines/index.md). - -### Merge when pipeline succeeds (MWPS) - -Set a merge request that looks ready to merge to -[merge automatically when CI pipeline succeeds](merge_when_pipeline_succeeds.md). - -### Live preview with Review Apps - -If you configured [Review Apps](https://about.gitlab.com/stages-devops-lifecycle/review-apps/) for your project, -you can preview the changes submitted to a feature branch through a merge request -on a per-branch basis. You don't need to checkout the branch, install, and preview locally. -All your changes are available to preview by anyone with the Review Apps link. - -With GitLab [Route Maps](../../../ci/review_apps/index.md#route-maps) set, the -merge request widget takes you directly to the pages changed, making it easier and -faster to preview proposed modifications. - -[Read more about Review Apps](../../../ci/review_apps/index.md). - -## Associated features - -These features are associated with merge requests: - -- [Bulk editing merge requests](../../project/bulk_editing.md): - Update the attributes of multiple merge requests simultaneously. -- [Cherry-pick changes](cherry_pick_changes.md): - Cherry-pick any commit in the UI by clicking the **Cherry-pick** button in a merged merge requests or a commit. -- [Fast-forward merge requests](fast_forward_merge.md): - For a linear Git history and a way to accept merge requests without creating merge commits -- [Find the merge request that introduced a change](versions.md): - When viewing the commit details page, GitLab links to the merge request(s) containing that commit. -- [Merge requests versions](versions.md): - Select and compare the different versions of merge request diffs -- [Resolve conflicts](resolve_conflicts.md): - GitLab can provide the option to resolve certain merge request conflicts in the GitLab UI. -- [Revert changes](revert_changes.md): - Revert changes from any commit from a merge request. - -## Troubleshooting - -Sometimes things don't go as expected in a merge request. Here are some -troubleshooting steps. - -### Merge request cannot retrieve the pipeline status - -This can occur if Sidekiq doesn't pick up the changes fast enough. - -#### Sidekiq - -Sidekiq didn't process the CI state change fast enough. Please wait a few -seconds and the status should update automatically. - -#### Bug - -Merge Request pipeline statuses can't be retrieved when the following occurs: - -1. A Merge Request is created -1. The Merge Request is closed -1. Changes are made in the project -1. The Merge Request is reopened - -To enable the pipeline status to be properly retrieved, close and reopen the -Merge Request again. - -## Tips - -Here are some tips to help you be more efficient with merge requests in -the command line. - -### Copy the branch name for local checkout - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/23767) in GitLab 13.4. - -The merge request sidebar contains the branch reference for the source branch -used to contribute changes for this merge request. - -To copy the branch reference into your clipboard, click the **Copy branch name** button -(**{copy-to-clipboard}**) in the right sidebar. Use it to checkout the branch locally -via command line by running `git checkout <branch-name>`. - -### Checkout merge requests locally through the `head` ref - -A merge request contains all the history from a repository, plus the additional -commits added to the branch associated with the merge request. Here's a few -ways to checkout a merge request locally. - -You can checkout a merge request locally even if the source -project is a fork (even a private fork) of the target project. - -This relies on the merge request `head` ref (`refs/merge-requests/:iid/head`) -that is available for each merge request. It allows checking out a merge -request via its ID instead of its branch. - -[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/223156) in GitLab -13.4, 14 days after a merge request gets closed or merged, the merge request -`head` ref is deleted. This means that the merge request is not available -for local checkout via the merge request `head` ref anymore. The merge request -can still be re-opened. If the merge request's branch -exists, you can still check out the branch, as it isn't affected. - -#### Checkout locally by adding a Git alias - -Add the following alias to your `~/.gitconfig`: - -```plaintext -[alias] - mr = !sh -c 'git fetch $1 merge-requests/$2/head:mr-$1-$2 && git checkout mr-$1-$2' - -``` - -Now you can check out a particular merge request from any repository and any -remote. For example, to check out the merge request with ID 5 as shown in GitLab -from the `origin` remote, do: - -```shell -git mr origin 5 -``` - -This fetches the merge request into a local `mr-origin-5` branch and check -it out. - -#### Checkout locally by modifying `.git/config` for a given repository - -Locate the section for your GitLab remote in the `.git/config` file. It looks -like this: - -```plaintext -[remote "origin"] - url = https://gitlab.com/gitlab-org/gitlab-foss.git - fetch = +refs/heads/*:refs/remotes/origin/* -``` - -You can open the file with: - -```shell -git config -e -``` - -Now add the following line to the above section: - -```plaintext -fetch = +refs/merge-requests/*/head:refs/remotes/origin/merge-requests/* -``` - -In the end, it should look like this: - -```plaintext -[remote "origin"] - url = https://gitlab.com/gitlab-org/gitlab-foss.git - fetch = +refs/heads/*:refs/remotes/origin/* - fetch = +refs/merge-requests/*/head:refs/remotes/origin/merge-requests/* -``` - -Now you can fetch all the merge requests: - -```shell -git fetch origin - -... -From https://gitlab.com/gitlab-org/gitlab-foss.git - * [new ref] refs/merge-requests/1/head -> origin/merge-requests/1 - * [new ref] refs/merge-requests/2/head -> origin/merge-requests/2 -... -``` - -And to check out a particular merge request: - -```shell -git checkout origin/merge-requests/1 -``` - -All the above can be done with the [`git-mr`](https://gitlab.com/glensc/git-mr) script. +<!-- This redirect file can be deleted after <2021-08-03>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/discussions/img/add_another_suggestion_to_batch_v13_1.jpg b/doc/user/project/merge_requests/reviews/img/add_another_suggestion_to_batch_v13_1.jpg Binary files differindex e8aa4b7c730..e8aa4b7c730 100644 --- a/doc/user/discussions/img/add_another_suggestion_to_batch_v13_1.jpg +++ b/doc/user/project/merge_requests/reviews/img/add_another_suggestion_to_batch_v13_1.jpg diff --git a/doc/user/discussions/img/add_first_suggestion_to_batch_v13_1.jpg b/doc/user/project/merge_requests/reviews/img/add_first_suggestion_to_batch_v13_1.jpg Binary files differindex d15f5d53e55..d15f5d53e55 100644 --- a/doc/user/discussions/img/add_first_suggestion_to_batch_v13_1.jpg +++ b/doc/user/project/merge_requests/reviews/img/add_first_suggestion_to_batch_v13_1.jpg diff --git a/doc/user/discussions/img/apply_batch_of_suggestions_v13_1.jpg b/doc/user/project/merge_requests/reviews/img/apply_batch_of_suggestions_v13_1.jpg Binary files differindex 3e1e9c20af9..3e1e9c20af9 100644 --- a/doc/user/discussions/img/apply_batch_of_suggestions_v13_1.jpg +++ b/doc/user/project/merge_requests/reviews/img/apply_batch_of_suggestions_v13_1.jpg diff --git a/doc/user/discussions/img/apply_suggestion_v13_9.png b/doc/user/project/merge_requests/reviews/img/apply_suggestion_v13_9.png Binary files differindex e27fa629672..e27fa629672 100644 --- a/doc/user/discussions/img/apply_suggestion_v13_9.png +++ b/doc/user/project/merge_requests/reviews/img/apply_suggestion_v13_9.png diff --git a/doc/user/project/merge_requests/img/comment-on-any-diff-line_v13_10.png b/doc/user/project/merge_requests/reviews/img/comment-on-any-diff-line_v13_10.png Binary files differindex a31fea85be9..a31fea85be9 100644 --- a/doc/user/project/merge_requests/img/comment-on-any-diff-line_v13_10.png +++ b/doc/user/project/merge_requests/reviews/img/comment-on-any-diff-line_v13_10.png diff --git a/doc/user/discussions/img/custom_commit_v13_9.png b/doc/user/project/merge_requests/reviews/img/custom_commit_v13_9.png Binary files differindex 170c04542dd..170c04542dd 100644 --- a/doc/user/discussions/img/custom_commit_v13_9.png +++ b/doc/user/project/merge_requests/reviews/img/custom_commit_v13_9.png diff --git a/doc/user/discussions/img/make_suggestion_v13_9.png b/doc/user/project/merge_requests/reviews/img/make_suggestion_v13_9.png Binary files differindex 92d5ba5ddda..92d5ba5ddda 100644 --- a/doc/user/discussions/img/make_suggestion_v13_9.png +++ b/doc/user/project/merge_requests/reviews/img/make_suggestion_v13_9.png diff --git a/doc/user/project/merge_requests/img/merge_request_pipeline.png b/doc/user/project/merge_requests/reviews/img/merge_request_pipeline.png Binary files differindex ce1d6bab536..ce1d6bab536 100644 --- a/doc/user/project/merge_requests/img/merge_request_pipeline.png +++ b/doc/user/project/merge_requests/reviews/img/merge_request_pipeline.png diff --git a/doc/user/discussions/img/mr_review_new_comment_v13_11.png b/doc/user/project/merge_requests/reviews/img/mr_review_new_comment_v13_11.png Binary files differindex 6b4899bf67f..6b4899bf67f 100644 --- a/doc/user/discussions/img/mr_review_new_comment_v13_11.png +++ b/doc/user/project/merge_requests/reviews/img/mr_review_new_comment_v13_11.png diff --git a/doc/user/discussions/img/mr_review_resolve.png b/doc/user/project/merge_requests/reviews/img/mr_review_resolve.png Binary files differindex ced33682459..ced33682459 100644 --- a/doc/user/discussions/img/mr_review_resolve.png +++ b/doc/user/project/merge_requests/reviews/img/mr_review_resolve.png diff --git a/doc/user/discussions/img/mr_review_resolve2.png b/doc/user/project/merge_requests/reviews/img/mr_review_resolve2.png Binary files differindex 2f0be3b6d06..2f0be3b6d06 100644 --- a/doc/user/discussions/img/mr_review_resolve2.png +++ b/doc/user/project/merge_requests/reviews/img/mr_review_resolve2.png diff --git a/doc/user/discussions/img/mr_review_start.png b/doc/user/project/merge_requests/reviews/img/mr_review_start.png Binary files differindex 08b4c6bb82b..08b4c6bb82b 100644 --- a/doc/user/discussions/img/mr_review_start.png +++ b/doc/user/project/merge_requests/reviews/img/mr_review_start.png diff --git a/doc/user/discussions/img/mr_review_unresolve.png b/doc/user/project/merge_requests/reviews/img/mr_review_unresolve.png Binary files differindex 4bef38f7808..4bef38f7808 100644 --- a/doc/user/discussions/img/mr_review_unresolve.png +++ b/doc/user/project/merge_requests/reviews/img/mr_review_unresolve.png diff --git a/doc/user/discussions/img/multi-line-suggestion-preview.png b/doc/user/project/merge_requests/reviews/img/multi-line-suggestion-preview.png Binary files differindex 476c50b9098..476c50b9098 100644 --- a/doc/user/discussions/img/multi-line-suggestion-preview.png +++ b/doc/user/project/merge_requests/reviews/img/multi-line-suggestion-preview.png diff --git a/doc/user/discussions/img/multi-line-suggestion-syntax.png b/doc/user/project/merge_requests/reviews/img/multi-line-suggestion-syntax.png Binary files differindex 80424d1f056..80424d1f056 100644 --- a/doc/user/discussions/img/multi-line-suggestion-syntax.png +++ b/doc/user/project/merge_requests/reviews/img/multi-line-suggestion-syntax.png diff --git a/doc/user/project/merge_requests/img/multiline-comment-saved.png b/doc/user/project/merge_requests/reviews/img/multiline-comment-saved.png Binary files differindex cceab36e62b..cceab36e62b 100644 --- a/doc/user/project/merge_requests/img/multiline-comment-saved.png +++ b/doc/user/project/merge_requests/reviews/img/multiline-comment-saved.png diff --git a/doc/user/discussions/img/pending_review_comment.png b/doc/user/project/merge_requests/reviews/img/pending_review_comment.png Binary files differindex 70a66b3f4f0..70a66b3f4f0 100644 --- a/doc/user/discussions/img/pending_review_comment.png +++ b/doc/user/project/merge_requests/reviews/img/pending_review_comment.png diff --git a/doc/user/project/merge_requests/img/project_merge_requests_list_view_v13_5.png b/doc/user/project/merge_requests/reviews/img/project_merge_requests_list_view_v13_5.png Binary files differindex 625d47b1142..625d47b1142 100644 --- a/doc/user/project/merge_requests/img/project_merge_requests_list_view_v13_5.png +++ b/doc/user/project/merge_requests/reviews/img/project_merge_requests_list_view_v13_5.png diff --git a/doc/user/discussions/img/remove_suggestion_from_batch_v13_1.jpg b/doc/user/project/merge_requests/reviews/img/remove_suggestion_from_batch_v13_1.jpg Binary files differindex fa8331effdb..fa8331effdb 100644 --- a/doc/user/discussions/img/remove_suggestion_from_batch_v13_1.jpg +++ b/doc/user/project/merge_requests/reviews/img/remove_suggestion_from_batch_v13_1.jpg diff --git a/doc/user/discussions/img/suggestion_button_v13_9.png b/doc/user/project/merge_requests/reviews/img/suggestion_button_v13_9.png Binary files differindex 58e0508d8cf..58e0508d8cf 100644 --- a/doc/user/discussions/img/suggestion_button_v13_9.png +++ b/doc/user/project/merge_requests/reviews/img/suggestion_button_v13_9.png diff --git a/doc/user/discussions/img/suggestion_code_block_editor_v12_8.png b/doc/user/project/merge_requests/reviews/img/suggestion_code_block_editor_v12_8.png Binary files differindex 927b4f812a5..927b4f812a5 100644 --- a/doc/user/discussions/img/suggestion_code_block_editor_v12_8.png +++ b/doc/user/project/merge_requests/reviews/img/suggestion_code_block_editor_v12_8.png diff --git a/doc/user/discussions/img/suggestion_code_block_output_v12_8.png b/doc/user/project/merge_requests/reviews/img/suggestion_code_block_output_v12_8.png Binary files differindex 6f29107146d..6f29107146d 100644 --- a/doc/user/discussions/img/suggestion_code_block_output_v12_8.png +++ b/doc/user/project/merge_requests/reviews/img/suggestion_code_block_output_v12_8.png diff --git a/doc/user/discussions/img/suggestions_custom_commit_messages_v13_1.jpg b/doc/user/project/merge_requests/reviews/img/suggestions_custom_commit_messages_v13_1.jpg Binary files differindex a4c9df0ebb9..a4c9df0ebb9 100644 --- a/doc/user/discussions/img/suggestions_custom_commit_messages_v13_1.jpg +++ b/doc/user/project/merge_requests/reviews/img/suggestions_custom_commit_messages_v13_1.jpg diff --git a/doc/user/project/merge_requests/reviews/index.md b/doc/user/project/merge_requests/reviews/index.md new file mode 100644 index 00000000000..e98a230c0de --- /dev/null +++ b/doc/user/project/merge_requests/reviews/index.md @@ -0,0 +1,417 @@ +--- +stage: Create +group: Code Review +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: index, reference +--- + +# Review and manage merge requests **(FREE)** + +[Merge requests](../index.md) are the primary method of making changes to files in a +GitLab project. [Create and submit a merge request](../creating_merge_requests.md) +to propose changes. Your team makes [suggestions](suggestions.md) and leaves +[comments](../../../discussions/index.md). When your work is reviewed, your team +members can choose to accept or reject it. + +## View merge requests + +You can view merge requests for a specific project, or for all projects in a group: + +- **Specific project**: Go to your project and select **Merge requests**. +- **All projects in a group**: Go to your group and select **Merge requests**. + If your group contains subgroups, this view also displays merge requests from the subgroup projects. + GitLab displays a count of open merge requests in the left sidebar, but + [caches the value](#cached-merge-request-count) for groups with a large number of + open merge requests. + +GitLab displays open merge requests, with tabs to filter the list by open and closed status: + + + +You can [search and filter](../../../search/index.md#filtering-issue-and-merge-request-lists), +the results, or select a merge request to begin a review. + +## Bulk edit merge requests at the project level + +Users with permission level of [Developer or higher](../../../permissions.md) can manage merge requests. + +When bulk editing merge requests in a project, you can edit the following attributes: + +- Status (open/closed) +- Assignee +- Milestone +- Labels +- Subscriptions + +To update multiple project merge requests at the same time: + +1. In a project, go to **Merge requests**. +1. Click **Edit merge requests**. A sidebar on the right-hand side of your screen appears with + editable fields. +1. Select the checkboxes next to each merge request you want to edit. +1. Select the appropriate fields and their values from the sidebar. +1. Click **Update all**. + +## Bulk edit merge requests at the group level + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12719) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2. + +Users with permission level of [Developer or higher](../../../permissions.md) can manage merge requests. + +When bulk editing merge requests in a group, you can edit the following attributes: + +- Milestone +- Labels + +To update multiple group merge requests at the same time: + +1. In a group, go to **Merge requests**. +1. Click **Edit merge requests**. A sidebar on the right-hand side of your screen appears with + editable fields. +1. Select the checkboxes next to each merge request you want to edit. +1. Select the appropriate fields and their values from the sidebar. +1. Click **Update all**. + +## Review a merge request + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/4213) in GitLab Premium 11.4. +> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/28154) to GitLab Free in 13.1. + +When you review a merge request, you can create comments that are visible only +to you. When you're ready, you can publish them together in a single action. +To start your review: + +1. Go to the merge request you want to review, and select the **Changes** tab. + To learn more about navigating the diffs displayed in this tab, read + [Changes tab in merge requests](../changes.md). +1. Select a line of code. In GitLab version 13.2 and later, you can [highlight a set of lines](#comment-on-multiple-lines). +1. Write your first comment, and select **Start a review** below your comment: +  +1. Continue adding comments to lines of code, and select the appropriate button after + you write a comment: + - **Add to review**: Keep this comment private and add to the current review. + These review comments are marked **Pending** and are visible only to you. + - **Add comment now**: Submits the specific comment as a regular comment instead of as part of the review. +1. (Optional) You can use [quick actions](../../quick_actions.md) inside review comments. + The comment shows the actions to perform after publication, but does not perform them + until you submit your review. +1. When your review is complete, you can [submit the review](#submit-a-review). Your comments + are now visible, and any quick actions included your comments are performed. + +### Submit a review + +You can submit your completed review in multiple ways: + +- Use the `/submit_review` [quick action](../../quick_actions.md) in the text of a non-review comment. +- When creating a review comment, select **Submit review**. +- Scroll to the bottom of the screen and select **Submit review**. + +When you submit your review, GitLab: + +- Publishes the comments in your review. +- Sends a single email to every notifiable user of the merge request, with your + review comments attached. Replying to this email creates a new comment on the merge request. +- Perform any quick actions you added to your review comments. + +### Resolving/Unresolving threads + +Review comments can also resolve or unresolve [resolvable threads](../../../discussions/index.md#resolvable-comments-and-threads). +When replying to a comment, a checkbox is displayed to resolve or unresolve +the thread after publication. + + + +If a particular pending comment resolves or unresolves the thread, this is shown on the pending +comment itself. + + + + + +### Adding a new comment + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/8225) in GitLab 13.10. + +If you have a review in progress, you will be presented with the option to **Add to review**: + + + +## Semi-linear history merge requests + +A merge commit is created for every merge, but the branch is only merged if +a fast-forward merge is possible. This ensures that if the merge request build +succeeded, the target branch build also succeeds after the merge. + +1. Go to your project and select **Settings > General**. +1. Expand **Merge requests**. +1. In the **Merge method** section, select **Merge commit with semi-linear history**. +1. Select **Save changes**. + +## Perform inline code reviews + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/13950) in GitLab 11.5. + +In a merge request, you can leave comments in any part of the file being changed. +In the merge request Diff UI, you can: + +- **Comment on a single line**: Select the **{comment}** **comment** icon in the + gutter to expand the diff lines and display a comment box. +- [**Comment on multiple lines**](#comment-on-multiple-lines). + +### Comment on multiple lines + +> - [Introduced](https://gitlab.com/gitlab-org/ux-research/-/issues/870) in GitLab 13.2. +> - [Added](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/49875) click-and-drag features in GitLab 13.8. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/299121) in GitLab 13.9. + +When commenting on a diff, you can select which lines of code your comment refers +to by either: + + + +- Dragging the **{comment}** **comment** icon in the gutter to highlight + lines in the diff. GitLab expands the diff lines and displays a comment box. +- After starting a comment by selecting the **{comment}** **comment** icon in the + gutter, select the first line number your comment refers to in the **Commenting on lines** + select box. New comments default to single-line comments, unless you select + a different starting line. + +Multiline comments display the comment's line numbers above the body of the comment: + + + +## Pipeline status in merge requests widgets + +If you've set up [GitLab CI/CD](../../../../ci/README.md) in your project, +you can see: + +- Both pre-merge and post-merge pipelines and the environment information if any. +- Which deployments are in progress. + +If an application is successfully deployed to an +[environment](../../../../ci/environments/index.md), the deployed environment and the link to the +Review App are both shown. + +NOTE: +When the pipeline fails in a merge request but it can still be merged, +the **Merge** button is colored red. + +### Post-merge pipeline status + +When a merge request is merged, you can see the post-merge pipeline status of +the branch the merge request was merged into. For example, when a merge request +is merged into the [default branch](../../repository/branches/default.md) and then triggers a deployment to the staging +environment. + +Ongoing deployments are shown, and the state (deploying or deployed) +for environments. If it's the first time the branch is deployed, the link +returns a `404` error until done. During the deployment, the stop button is +disabled. If the pipeline fails to deploy, the deployment information is hidden. + + + +For more information, [read about pipelines](../../../../ci/pipelines/index.md). + +### Merge when pipeline succeeds (MWPS) + +Set a merge request that looks ready to merge to +[merge automatically when CI pipeline succeeds](../merge_when_pipeline_succeeds.md). + +### Live preview with Review Apps + +If you configured [Review Apps](https://about.gitlab.com/stages-devops-lifecycle/review-apps/) for your project, +you can preview the changes submitted to a feature branch through a merge request +on a per-branch basis. You don't need to checkout the branch, install, and preview locally. +All your changes are available to preview by anyone with the Review Apps link. + +With GitLab [Route Maps](../../../../ci/review_apps/index.md#route-maps) set, the +merge request widget takes you directly to the pages changed, making it easier and +faster to preview proposed modifications. + +[Read more about Review Apps](../../../../ci/review_apps/index.md). + +## Associated features + +These features are associated with merge requests: + +- [Bulk editing merge requests](../../../project/bulk_editing.md): + Update the attributes of multiple merge requests simultaneously. +- [Cherry-pick changes](../cherry_pick_changes.md): + Cherry-pick any commit in the UI by selecting the **Cherry-pick** button in a merged merge requests or a commit. +- [Fast-forward merge requests](../fast_forward_merge.md): + For a linear Git history and a way to accept merge requests without creating merge commits +- [Find the merge request that introduced a change](../versions.md): + When viewing the commit details page, GitLab links to the merge request(s) containing that commit. +- [Merge requests versions](../versions.md): + Select and compare the different versions of merge request diffs +- [Resolve conflicts](../resolve_conflicts.md): + GitLab can provide the option to resolve certain merge request conflicts in the GitLab UI. +- [Revert changes](../revert_changes.md): + Revert changes from any commit from a merge request. + +## Troubleshooting + +Sometimes things don't go as expected in a merge request. Here are some +troubleshooting steps. + +### Merge request cannot retrieve the pipeline status + +This can occur if Sidekiq doesn't pick up the changes fast enough. + +#### Sidekiq + +Sidekiq didn't process the CI state change fast enough. Please wait a few +seconds and the status should update automatically. + +#### Bug + +Merge request pipeline statuses can't be retrieved when the following occurs: + +1. A merge request is created +1. The merge request is closed +1. Changes are made in the project +1. The merge request is reopened + +To enable the pipeline status to be properly retrieved, close and reopen the +merge request again. + +## Tips + +Here are some tips to help you be more efficient with merge requests in +the command line. + +### Copy the branch name for local checkout + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/23767) in GitLab 13.4. + +The merge request sidebar contains the branch reference for the source branch +used to contribute changes for this merge request. + +To copy the branch reference into your clipboard, select the **Copy branch name** button +(**{copy-to-clipboard}**) in the right sidebar. Use it to checkout the branch locally +from the command line by running `git checkout <branch-name>`. + +### Checkout merge requests locally through the `head` ref + +A merge request contains all the history from a repository, plus the additional +commits added to the branch associated with the merge request. Here's a few +ways to check out a merge request locally. + +You can check out a merge request locally even if the source +project is a fork (even a private fork) of the target project. + +This relies on the merge request `head` ref (`refs/merge-requests/:iid/head`) +that is available for each merge request. It allows checking out a merge +request by using its ID instead of its branch. + +[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/223156) in GitLab +13.4, 14 days after a merge request gets closed or merged, the merge request +`head` ref is deleted. This means that the merge request isn't available +for local checkout from the merge request `head` ref anymore. The merge request +can still be re-opened. If the merge request's branch +exists, you can still check out the branch, as it isn't affected. + +#### Checkout locally by adding a Git alias + +Add the following alias to your `~/.gitconfig`: + +```plaintext +[alias] + mr = !sh -c 'git fetch $1 merge-requests/$2/head:mr-$1-$2 && git checkout mr-$1-$2' - +``` + +Now you can check out a particular merge request from any repository and any +remote. For example, to check out the merge request with ID 5 as shown in GitLab +from the `origin` remote, do: + +```shell +git mr origin 5 +``` + +This fetches the merge request into a local `mr-origin-5` branch and check +it out. + +#### Checkout locally by modifying `.git/config` for a given repository + +Locate the section for your GitLab remote in the `.git/config` file. It looks +like this: + +```plaintext +[remote "origin"] + url = https://gitlab.com/gitlab-org/gitlab-foss.git + fetch = +refs/heads/*:refs/remotes/origin/* +``` + +You can open the file with: + +```shell +git config -e +``` + +Now add the following line to the above section: + +```plaintext +fetch = +refs/merge-requests/*/head:refs/remotes/origin/merge-requests/* +``` + +In the end, it should look like this: + +```plaintext +[remote "origin"] + url = https://gitlab.com/gitlab-org/gitlab-foss.git + fetch = +refs/heads/*:refs/remotes/origin/* + fetch = +refs/merge-requests/*/head:refs/remotes/origin/merge-requests/* +``` + +Now you can fetch all the merge requests: + +```shell +git fetch origin + +... +From https://gitlab.com/gitlab-org/gitlab-foss.git + * [new ref] refs/merge-requests/1/head -> origin/merge-requests/1 + * [new ref] refs/merge-requests/2/head -> origin/merge-requests/2 +... +``` + +And to check out a particular merge request: + +```shell +git checkout origin/merge-requests/1 +``` + +All the above can be done with the [`git-mr`](https://gitlab.com/glensc/git-mr) script. + +## Cached merge request count + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299542) in GitLab 13.11. +> - It's [deployed behind a feature flag](../../../feature_flags.md), enabled by default. +> - It's enabled on GitLab.com. +> - It's recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-cached-merge-request-count). + +WARNING: +This feature might not be available to you. Refer to the previous **version history** note for details. + +In a group, the sidebar displays the total count of open merge requests. This value is cached if it's greater than +than 1000. The cached value is rounded to thousands (or millions) and updated every 24 hours. + +### Enable or disable cached merge request count **(FREE SELF)** + +Cached merge request count in the left sidebar is under development but ready for production use. It is +deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../../administration/feature_flags.md) +can disable it. + +To disable it: + +```ruby +Feature.disable(:cached_sidebar_merge_requests_count) +``` + +To enable it: + +```ruby +Feature.enable(:cached_sidebar_merge_requests_count) +``` diff --git a/doc/user/project/merge_requests/reviews/suggestions.md b/doc/user/project/merge_requests/reviews/suggestions.md new file mode 100644 index 00000000000..0c8dd384b88 --- /dev/null +++ b/doc/user/project/merge_requests/reviews/suggestions.md @@ -0,0 +1,142 @@ +--- +stage: Create +group: Code Review +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: index, reference +--- + +# Suggest changes **(FREE)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/18008) in GitLab 11.6. +> - Custom commit messages for suggestions was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25381) in GitLab 13.9 behind a [feature flag](../../../feature_flags.md), disabled by default. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/297404) in GitLab 13.10. + +As a reviewer, you're able to suggest code changes with a Markdown syntax in merge request +diff threads. Then, the merge request author (or other users with appropriate +[permission](../../../permissions.md)) is able to apply these suggestions with a click, +which generates a commit in the merge request authored by the user that applied them. + +1. Choose a line of code to be changed, add a new comment, then select + the **Insert suggestion** icon in the toolbar: + +  + +1. In the comment, add your suggestion to the pre-populated code block: + +  + +1. Select either **Start a review** or **Add to review** to add your comment to a + [review](index.md), or **Add comment now** to add the comment to the thread immediately. + + The suggestion in the comment can be applied by the merge request author + directly from the merge request: + +  + +1. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25381) in GitLab 13.9, + you can opt to add a custom commit message to describe your change. If you don't + specify it, the default commit message is used. It is not supported for [batch suggestions](#batch-suggestions). + +  + +After the author applies a suggestion, it's marked with the **Applied** label, +the thread is automatically resolved, and GitLab creates a new commit +and pushes the suggested change directly into the codebase in the merge request's +branch. [Developer permission](../../../permissions.md) is required to do so. + +## Multi-line suggestions + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53310) in GitLab 11.10. + +Reviewers can also suggest changes to multiple lines with a single suggestion +within merge request diff threads by adjusting the range offsets. The +offsets are relative to the position of the diff thread, and specify the +range to be replaced by the suggestion when it is applied. + + + +In the previous example, the suggestion covers three lines above and four lines +below the commented line. When applied, it would replace from 3 lines _above_ +to 4 lines _below_ the commented line, with the suggested change. + + + +NOTE: +Suggestions for multiple lines are limited to 100 lines _above_ and 100 +lines _below_ the commented diff line. This allows for up to 200 changed lines per +suggestion. + +## Code block nested in suggestions + +If you need to make a suggestion that involves a +[fenced code block](../../../markdown.md#code-spans-and-blocks), wrap your suggestion in four backticks +instead of the usual three. + + + + + +## Configure the commit message for applied suggestions + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13086) in GitLab 12.7. + +GitLab uses a default commit message +when applying suggestions: `Apply %{suggestions_count} suggestion(s) to %{files_count} file(s)` + +For example, consider that a user applied 3 suggestions to 2 different files, the +default commit message is: **Apply 3 suggestion(s) to 2 file(s)** + +These commit messages can be customized to follow any guidelines you might have. +To do so, expand the **Merge requests** tab within your project's **General** +settings and change the **Merge suggestions** text: + + + +You can also use following variables besides static text: + +| Variable | Description | Output example | +|------------------------|-------------|----------------| +| `%{branch_name}` | The name of the branch the suggestion(s) was(were) applied to. | `my-feature-branch` | +| `%{files_count}` | The number of file(s) to which suggestion(s) was(were) applied.| **2** | +| `%{file_paths}` | The path(s) of the file(s) suggestion(s) was(were) applied to. Paths are separated by commas.| `docs/index.md, docs/about.md` | +| `%{project_path}` | The project path. | `my-group/my-project` | +| `%{project_name}` | The human-readable name of the project. | **My Project** | +| `%{suggestions_count}` | The number of suggestions applied.| **3** | +| `%{username}` | The username of the user applying suggestion(s). | `user_1` | +| `%{user_full_name}` | The full name of the user applying suggestion(s). | **User 1** | + +For example, to customize the commit message to output +**Addresses user_1's review**, set the custom text to +`Addresses %{username}'s review`. + +NOTE: +Custom commit messages for each applied suggestion is +introduced by [#25381](https://gitlab.com/gitlab-org/gitlab/-/issues/25381). + +## Batch suggestions + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25486) in GitLab 13.1 as an [alpha feature](https://about.gitlab.com/handbook/product/gitlab-the-product/#alpha) behind a feature flag, disabled by default. +> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/227799) in GitLab 13.2. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/320755) in GitLab 13.11. + +You can apply multiple suggestions at once to reduce the number of commits added +to your branch to address your reviewers' requests. + +1. To start a batch of suggestions to apply with a single commit, select **Add suggestion to batch**: + +  + +1. Add as many additional suggestions to the batch as you wish: + +  + +1. To remove suggestions, select **Remove from batch**: + +  + +1. Having added all the suggestions to your liking, when ready, select **Apply suggestions**: + +  + +WARNING: +Suggestions applied from multiple authors creates a commit authored by the user applying the suggestions. diff --git a/doc/user/project/merge_requests/test_coverage_visualization.md b/doc/user/project/merge_requests/test_coverage_visualization.md index 147171e8488..c25ee1a8a94 100644 --- a/doc/user/project/merge_requests/test_coverage_visualization.md +++ b/doc/user/project/merge_requests/test_coverage_visualization.md @@ -23,7 +23,7 @@ MR is merged. Collecting the coverage information is done via GitLab CI/CD's [artifacts reports feature](../../../ci/yaml/README.md#artifactsreports). You can specify one or more coverage reports to collect, including wildcard paths. -GitLab will then take the coverage information in all the files and combine it +GitLab then takes the coverage information in all the files and combines it together. For the coverage analysis to work, you have to provide a properly formatted @@ -41,24 +41,24 @@ Other coverage analysis frameworks support the format out of the box, for exampl - [Coverage.py](https://coverage.readthedocs.io/en/coverage-5.0.4/cmd.html#xml-reporting) (Python) Once configured, if you create a merge request that triggers a pipeline which collects -coverage reports, the coverage will be shown in the diff view. This includes reports -from any job in any stage in the pipeline. The coverage will be displayed for each line: +coverage reports, the coverage is shown in the diff view. This includes reports +from any job in any stage in the pipeline. The coverage displays for each line: - `covered` (green): lines which have been checked at least once by tests - `no test coverage` (orange): lines which are loaded but never executed - no coverage information: lines which are non-instrumented or not loaded -Hovering over the coverage bar will provide further information, such as the number +Hovering over the coverage bar provides further information, such as the number of times the line was checked by tests. NOTE: A limit of 100 `<source>` nodes for Cobertura format XML files applies. If your Cobertura report exceeds -100 nodes, there can be mismatches or no matches in the Merge Request diff view. +100 nodes, there can be mismatches or no matches in the merge request diff view. ### Artifact expiration By default, the [pipeline artifact](../../../ci/pipelines/pipeline_artifacts.md#storage) used -to draw the visualization on the Merge Request expires **one week** after creation. +to draw the visualization on the merge request expires **one week** after creation. ### Automatic class path correction @@ -69,8 +69,8 @@ For the coverage report to properly match the files displayed on a merge request must contain the full path relative to the project root. But in some coverage analysis frameworks, the generated Cobertura XML has the `filename` path relative to the class package directory instead. -To make an intelligent guess on the project root relative `class` path, the Cobertura XML parser will attempt to build the -full path by doing following: +To make an intelligent guess on the project root relative `class` path, the Cobertura XML parser attempts to build the +full path by doing the following: 1. Extract a portion of the `source` paths from the `sources` element and combine them with the class `filename` path. 1. Check if the candidate path exists in the project. @@ -82,6 +82,14 @@ to the project root: ```shell Auth/User.cs Lib/Utils/User.cs +src/main/java +``` + +In the Cobertura XML, the `filename` attribute in the `class` element assumes the value is a +relative path to project's root. + +```xml +<class name="packet.name" filename="src/main/java" line-rate="0.0" branch-rate="0.0" complexity="5"> ``` And the `sources` from Cobertura XML with paths in the format of `<CI_BUILDS_DIR>/<PROJECT_FULL_PATH>/...`: @@ -93,16 +101,16 @@ And the `sources` from Cobertura XML with paths in the format of `<CI_BUILDS_DIR </sources> ``` -The parser will extract `Auth` and `Lib/Utils` from the sources and use these as basis to determine the class path relative to +The parser extracts `Auth` and `Lib/Utils` from the sources and use these as basis to determine the class path relative to the project root, combining these extracted sources and the class filename. -If for example there is a `class` element with the `filename` value of `User.cs`, the parser will take the first candidate path -that matches which is `Auth/User.cs`. +If for example there is a `class` element with the `filename` value of `User.cs`, the parser takes the first candidate path +that matches, which is `Auth/User.cs`. -For each `class` element, the parser will attempt to look for a match for each extracted `source` path up to `100` iterations. If it reaches this limit without finding a matching path in the file tree, the class will not be included in the final coverage report. +For each `class` element, the parser attempts to look for a match for each extracted `source` path up to `100` iterations. If it reaches this limit without finding a matching path in the file tree, the class will not be included in the final coverage report. NOTE: -The automatic class path correction only works on `source` paths in the format of `<CI_BUILDS_DIR>/<PROJECT_FULL_PATH>/...`. If `source` will be ignored if the path does not follow this pattern. The parser will assume that +The automatic class path correction only works on `source` paths in the format of `<CI_BUILDS_DIR>/<PROJECT_FULL_PATH>/...`. If `source` will be ignored if the path does not follow this pattern. The parser assumes that the `filename` of a `class` element contains the full path relative to the project root. ## Example test coverage configurations @@ -153,7 +161,7 @@ coverage-jdk11: stage: visualize image: registry.gitlab.com/haynes/jacoco2cobertura:1.0.7 script: - # convert report from jacoco to cobertura + # convert report from jacoco to cobertura, use relative project path - 'python /opt/cover2cover.py target/site/jacoco/jacoco.xml src/main/java > target/site/cobertura.xml' # read the <source></source> tag and prepend the path to every filename attribute - 'python /opt/source2filename.py target/site/cobertura.xml' @@ -193,7 +201,7 @@ coverage-jdk11: stage: visualize image: registry.gitlab.com/haynes/jacoco2cobertura:1.0.7 script: - # convert report from jacoco to cobertura + # convert report from jacoco to cobertura, use relative project path - 'python /opt/cover2cover.py build/jacoco/jacoco.xml src/main/java > build/cobertura.xml' # read the <source></source> tag and prepend the path to every filename attribute - 'python /opt/source2filename.py build/cobertura.xml' diff --git a/doc/user/project/merge_requests/versions.md b/doc/user/project/merge_requests/versions.md index 2c77957c98d..676af4b2881 100644 --- a/doc/user/project/merge_requests/versions.md +++ b/doc/user/project/merge_requests/versions.md @@ -49,11 +49,11 @@ This only applies to commits that are in the most recent version of a merge request - if commits were in a merge request, then rebased out of that merge request, they aren't linked. -## `HEAD` comparison mode for Merge Requests +## `HEAD` comparison mode for merge requests > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27008) in GitLab 12.10. -Merge Requests, particularly the **Changes** tab, is where source code +Merge requests, particularly the **Changes** tab, is where source code is reviewed and discussed. In circumstances where the target branch was merged into the source branch of the merge request, the changes in the source and target branch can be shown mixed together making it hard to diff --git a/doc/user/project/milestones/img/milestones_new_group_milestone_v13_5.png b/doc/user/project/milestones/img/milestones_new_group_milestone_v13_5.png Binary files differindex a865221c5d7..ffe1328b7d3 100644 --- a/doc/user/project/milestones/img/milestones_new_group_milestone_v13_5.png +++ b/doc/user/project/milestones/img/milestones_new_group_milestone_v13_5.png diff --git a/doc/user/project/milestones/img/milestones_project_milestone_page.png b/doc/user/project/milestones/img/milestones_project_milestone_page.png Binary files differdeleted file mode 100644 index 1faaf0b3979..00000000000 --- a/doc/user/project/milestones/img/milestones_project_milestone_page.png +++ /dev/null diff --git a/doc/user/project/milestones/img/milestones_project_milestone_page_sidebar_v13_11.png b/doc/user/project/milestones/img/milestones_project_milestone_page_sidebar_v13_11.png Binary files differnew file mode 100644 index 00000000000..3bdec8e219a --- /dev/null +++ b/doc/user/project/milestones/img/milestones_project_milestone_page_sidebar_v13_11.png diff --git a/doc/user/project/milestones/index.md b/doc/user/project/milestones/index.md index fe34dca4959..2399774c96d 100644 --- a/doc/user/project/milestones/index.md +++ b/doc/user/project/milestones/index.md @@ -38,7 +38,7 @@ You can assign **group milestones** to any issue or merge request of any project To view the group milestone list, in a group, go to **{issues}** **Issues > Milestones**. You can also view all milestones you have access to in the dashboard milestones list. -To view both project milestones and group milestones you have access to, click **More > Milestones** +To view both project milestones and group milestones you have access to, select **More > Milestones** on the top navigation bar. For information about project and group milestones API, see: @@ -47,9 +47,9 @@ For information about project and group milestones API, see: - [Group Milestones API](../../../api/group_milestones.md) NOTE: -If you're in a group and click **Issues > Milestones**, GitLab displays group milestones +If you're in a group and select **Issues > Milestones**, GitLab displays group milestones and the milestones of projects in this group. -If you're in a project and click **Issues > Milestones**, GitLab displays only this project's milestones. +If you're in a project and select **Issues > Milestones**, GitLab displays only this project's milestones. ## Creating milestones @@ -58,23 +58,23 @@ A permission level of [Developer or higher](../../permissions.md) is required to ### New project milestone -To create a **project milestone**: +To create a project milestone: 1. In a project, go to **{issues}** **Issues > Milestones**. -1. Click **New milestone**. +1. Select **New milestone**. 1. Enter the title, an optional description, an optional start date, and an optional due date. -1. Click **New milestone**. +1. Select **New milestone**.  ### New group milestone -To create a **group milestone**: +To create a group milestone: 1. In a group, go to **{issues}** **Issues > Milestones**. -1. Click **New milestone**. +1. Select **New milestone**. 1. Enter the title, an optional description, an optional start date, and an optional due date. -1. Click **New milestone**. +1. Select **New milestone**.  @@ -86,10 +86,10 @@ A permission level of [Developer or higher](../../permissions.md) is required to To edit a milestone: 1. In a project or group, go to **{issues}** **Issues > Milestones**. -1. Click a milestone's title. -1. Click **Edit**. +1. Select a milestone's title. +1. Select **Edit**. -You can delete a milestone by clicking the **Delete** button. +You can delete a milestone by selecting the **Delete** button. ### Promoting project milestones to group milestones @@ -182,7 +182,7 @@ The milestone sidebar on the milestone view shows the following: - The total time spent on all issues and merge requests assigned to the milestone. - The total issue weight of all issues assigned to the milestone. - + <!-- ## Troubleshooting diff --git a/doc/user/project/pages/introduction.md b/doc/user/project/pages/introduction.md index 3c3de26d7dd..18acb360f5a 100644 --- a/doc/user/project/pages/introduction.md +++ b/doc/user/project/pages/introduction.md @@ -129,7 +129,7 @@ See this document for a [step-by-step guide](getting_started/pages_from_scratch. Remember that GitLab Pages are by default branch/tag agnostic and their deployment relies solely on what you specify in `.gitlab-ci.yml`. You can limit -the `pages` job with the [`only` parameter](../../../ci/yaml/README.md#onlyexcept-basic), +the `pages` job with the [`only` parameter](../../../ci/yaml/README.md#only--except), whenever a new commit is pushed to a branch used specifically for your pages. @@ -273,6 +273,10 @@ Sure. All you need to do is download the artifacts archive from the job page. Yes. GitLab Pages doesn't care whether you set your project's visibility level to private, internal or public. +### Can I create a personal or a group website + +Yes. See the documentation about [GitLab Pages domain names, URLs, and base URLs](getting_started_part_one.md). + ### Do I need to create a user/group website before creating a project website? No, you don't. You can create your project first and access it under @@ -297,3 +301,27 @@ Files listed under the public directory can be accessed through the Pages URL fo A 404 can also be related to incorrect permissions. If [Pages Access Control](pages_access_control.md) is enabled, and a user navigates to the Pages URL and receives a 404 response, it is possible that the user does not have permission to view the site. To fix this, verify that the user is a member of the project. + +For Geo instances, 404 errors on Pages occur after promoting a secondary to a primary. +Find more details in the [Pages administration documentation](../../../administration/pages/index.md#404-error-after-promoting-a-geo-secondary-to-a-primary-node) + +### Cannot play media content on Safari + +Safari requires the web server to support the [Range request header](https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariWebContent/CreatingVideoforSafarioniPhone/CreatingVideoforSafarioniPhone.html#//apple_ref/doc/uid/TP40006514-SW6) +in order to play your media content. For GitLab Pages to serve +HTTP Range requests, you should use the following two variables in your `.gitlab-ci.yaml` file: + +```yaml +pages: + stage: deploy + variables: + FF_USE_FASTZIP: "true" + ARTIFACT_COMPRESSION_LEVEL: "fastest" + script: + - echo "Deploying pages" + artifacts: + paths: + - public +``` + +The `FF_USE_FASTZIP` variable enables the [feature flag](https://docs.gitlab.com/runner/configuration/feature-flags.html#available-feature-flags) which is needed for [`ARTIFACT_COMPRESSION_LEVEL`](../../../ci/runners/README.md#artifact-and-cache-settings). diff --git a/doc/user/project/protected_branches.md b/doc/user/project/protected_branches.md index c66f9038ed2..673a756f18d 100644 --- a/doc/user/project/protected_branches.md +++ b/doc/user/project/protected_branches.md @@ -7,46 +7,45 @@ type: reference, howto # Protected branches **(FREE)** -[Permissions](../permissions.md) in GitLab are fundamentally defined around the +In GitLab, [permissions](../permissions.md) are fundamentally defined around the idea of having read or write permission to the repository and branches. To impose further restrictions on certain branches, they can be protected. -## Overview +The default branch for your repository is protected by default. -By default, a protected branch does these things: +## Who can access a protected branch -- It prevents its creation, if not already created, from everybody except users - with Maintainer permission. -- It prevents pushes from everybody except users with **Allowed** permission. -- It prevents **anyone** from force pushing to the branch. -- It prevents **anyone** from deleting the branch. +When a branch is protected, the default behavior enforces +these restrictions on the branch. -**Permissions:** +| Action | Who can do it | +|--------------------------|---------------| +| Protect a branch | Maintainers only. | +| Push to the branch | GitLab administrators and anyone with **Allowed** permission. (*) | +| Force push to the branch | No one. | +| Delete the branch | No one. | -- GitLab administrators are allowed to push to the protected branches. -- Users with [Developer permissions](../permissions.md) are allowed to - create a project in a group, but might not be allowed to initially - push to the [default branch](repository/branches/default.md). +(*) Users with developer permissions can create a project in a group, +but might not be allowed to initially push to the [default branch](repository/branches/default.md). -The default branch protection level is set in the [Admin Area](../admin_area/settings/visibility_and_access_controls.md#default-branch-protection). +### Set the branch protection default level -See the [Changelog](#changelog) section for changes over time. +The default branch protection level is set in the [Admin Area](../admin_area/settings/visibility_and_access_controls.md#default-branch-protection). -## Configuring protected branches +## Configure a protected branch -To protect a branch, you need to have at least Maintainer permission level. -The default branch for your repository is protected by default. +Prerequisite: -1. In your project, go to **Settings > Repository**. -1. Scroll to find the **Protected branches** section. -1. From the **Branch** dropdown menu, select the branch you want to protect and - click **Protect**. In the screenshot below, we chose the `develop` branch. +- You must have at least maintainer permissions. -  +To protect a branch: -1. Once done, the protected branch displays in the **Protected branches** list. +1. Go to your project and select **Settings > Repository**. +1. Expand **Protected branches**. +1. From the **Branch** dropdown menu, select the branch you want to protect. +1. Select **Protect**. -  +The protected branch displays in the **Protected branches** list. ## Using the Allowed to merge and Allowed to push settings @@ -141,7 +140,7 @@ all matching branches:  -## Creating a protected branch +## Create a protected branch > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53361) in GitLab 11.9. @@ -161,7 +160,7 @@ To create a new branch through the user interface: base the new branch on. Only existing protected branches and commits that are already in protected branches are accepted. -## Deleting a protected branch +## Delete a protected branch From time to time, you may need to delete or clean up protected branches. User with [Maintainer permissions](../permissions.md) and greater can manually delete protected diff --git a/doc/user/project/push_options.md b/doc/user/project/push_options.md index 3c5cc668986..728c682b009 100644 --- a/doc/user/project/push_options.md +++ b/doc/user/project/push_options.md @@ -68,8 +68,8 @@ time as pushing changes: | `merge_request.description="<description>"` | Set the description of the merge request. Ex: `git push -o merge_request.description="The description I want"`. | [12.2](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/64320) | | `merge_request.label="<label>"` | Add labels to the merge request. If the label does not exist, it is created. For example, for two labels: `git push -o merge_request.label="label1" -o merge_request.label="label2"`. | [12.3](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/31831) | | `merge_request.unlabel="<label>"` | Remove labels from the merge request. For example, for two labels: `git push -o merge_request.unlabel="label1" -o merge_request.unlabel="label2"`. | [12.3](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/31831) | -| `merge_request.assign="<user>"` | Assign users to the merge request. For example, for two users: `git push -o merge_request.assign="user1" -o merge_request.assign="user2"`. | [12.9](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/XXXXX) | -| `merge_request.unassign="<user>"` | Remove assigned users from the merge request. For example, for two users: `git push -o merge_request.unassign="user1" -o merge_request.unassign="user2"`. | [12.9](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/XXXXX) | +| `merge_request.assign="<user>"` | Assign users to the merge request. For example, for two users: `git push -o merge_request.assign="user1" -o merge_request.assign="user2"`. | [13.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25904) | +| `merge_request.unassign="<user>"` | Remove assigned users from the merge request. For example, for two users: `git push -o merge_request.unassign="user1" -o merge_request.unassign="user2"`. | [13.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25904) | If you use a push option that requires text with spaces in it, you need to enclose it in quotes (`"`). You can omit the quotes if there are no spaces. Some examples: diff --git a/doc/user/project/releases/index.md b/doc/user/project/releases/index.md index 06ad71713d7..1ea21b1f269 100644 --- a/doc/user/project/releases/index.md +++ b/doc/user/project/releases/index.md @@ -86,7 +86,7 @@ by using a `release` node in the job definition. The release is created only if the job processes without error. If the Rails API returns an error during release creation, the release job fails. -### Schedule a future release +### Upcoming releases > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/38105) in GitLab 12.1. @@ -271,10 +271,15 @@ Release note descriptions are unrelated. Description supports [Markdown](../../m ### Release assets -You can add the following types of assets to each release: +A release contains the following types of assets: - [Source code](#source-code) -- [Links](#links) +- [Permanent links to release assets](#permanent-links-to-release-assets) + +#### Source code + +GitLab automatically generates `zip`, `tar.gz`, `tar.bz2`, and `tar` +archived source code from the given Git tag. These are read-only assets. #### Permanent links to release assets @@ -285,9 +290,21 @@ GitLab always redirects this URL to the actual asset location, so even if the assets move to a different location, you can continue to use the same URL. This is defined during [link creation](../../../api/releases/links.md#create-a-link) or [updating](../../../api/releases/links.md#update-a-link). -Each asset has a name, a URL of the *actual* asset location, and optionally, a -`filepath` parameter, which, if you specify it, creates a URL pointing -to the asset for the Release. The format of the URL is: +Each asset has a `name`, a `url` of the *actual* asset location, and optionally, +`filepath` and `link_type` parameters. + +A `filepath` creates a URL pointing to the asset for the Release. + +The `link_type` parameter accepts one of the following four values: + +- `runbook` +- `package` +- `image` +- `other` (default) + +This field has no effect on the URL and it's only used for visual purposes in the Releases page of your project. + +The format of the URL is: ```plaintext https://host/namespace/project/releases/:release/downloads/:filepath @@ -300,7 +317,8 @@ namespace and `gitlab-runner` project on `gitlab.com`, for example: { "name": "linux amd64", "filepath": "/binaries/gitlab-runner-linux-amd64", - "url": "https://gitlab-runner-downloads.s3.amazonaws.com/v11.9.0-rc2/binaries/gitlab-runner-linux-amd64" + "url": "https://gitlab-runner-downloads.s3.amazonaws.com/v11.9.0-rc2/binaries/gitlab-runner-linux-amd64", + "link_type": "other" } ``` @@ -312,11 +330,6 @@ https://gitlab.com/gitlab-org/gitlab-runner/releases/v11.9.0-rc2/downloads/binar The physical location of the asset can change at any time and the direct link remains unchanged. -### Source code - -GitLab automatically generates `zip`, `tar.gz`, `tar.bz2` and `tar` -archived source code from the given Git tag. These are read-only assets. - ### Links A link is any URL which can point to whatever you like: documentation, built diff --git a/doc/user/project/repository/branches/default.md b/doc/user/project/repository/branches/default.md index 1363d883e76..deacf119d38 100644 --- a/doc/user/project/repository/branches/default.md +++ b/doc/user/project/repository/branches/default.md @@ -5,7 +5,7 @@ info: "To determine the technical writer assigned to the Stage/Group associated type: concepts, howto --- -# Default branch +# Default branch **(FREE)** When you create a new [project](../../index.md), GitLab creates a default branch in the repository. A default branch has special configuration options not shared @@ -60,7 +60,6 @@ GitLab administrators can configure a new default branch name at the > - It's deployed behind a feature flag, enabled by default. > - It cannot be enabled or disabled per-project. > - It's recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-custom-initial-branch-name). GitLab [administrators](../../../permissions.md) of self-managed instances can customize the initial branch for projects hosted on that instance. Individual @@ -75,26 +74,7 @@ Projects created on this instance after you change the setting use the custom branch name, unless a group-level or subgroup-level configuration overrides it. -#### Enable or disable custom initial branch name **(FREE SELF)** - -Setting the default initial branch name is under development but ready for production use. -It is deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../../../administration/feature_flags.md) -can opt to disable it for your instance. - -To disable it: - -```ruby -Feature.disable(:global_default_branch_name) -``` - -To enable it: - -```ruby -Feature.enable(:global_default_branch_name) -``` - -### Group-level custom initial branch name **(FREE)** +### Group-level custom initial branch name > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/221014) in GitLab 13.6. diff --git a/doc/user/project/repository/branches/img/branch_filter_search_box_v13_10.png b/doc/user/project/repository/branches/img/branch_filter_search_box_v13_10.png Binary files differdeleted file mode 100644 index fdda3858c3b..00000000000 --- a/doc/user/project/repository/branches/img/branch_filter_search_box_v13_10.png +++ /dev/null diff --git a/doc/user/project/repository/branches/img/branch_filter_search_box_v13_12.png b/doc/user/project/repository/branches/img/branch_filter_search_box_v13_12.png Binary files differnew file mode 100644 index 00000000000..a1cf9f10122 --- /dev/null +++ b/doc/user/project/repository/branches/img/branch_filter_search_box_v13_12.png diff --git a/doc/user/project/repository/branches/img/compare_branches_v13_10.png b/doc/user/project/repository/branches/img/compare_branches_v13_10.png Binary files differdeleted file mode 100644 index 2b9a5751938..00000000000 --- a/doc/user/project/repository/branches/img/compare_branches_v13_10.png +++ /dev/null diff --git a/doc/user/project/repository/branches/img/compare_branches_v13_12.png b/doc/user/project/repository/branches/img/compare_branches_v13_12.png Binary files differnew file mode 100644 index 00000000000..29627406729 --- /dev/null +++ b/doc/user/project/repository/branches/img/compare_branches_v13_12.png diff --git a/doc/user/project/repository/branches/img/repository_filter_search_box_v13_10.png b/doc/user/project/repository/branches/img/repository_filter_search_box_v13_10.png Binary files differdeleted file mode 100644 index fdda3858c3b..00000000000 --- a/doc/user/project/repository/branches/img/repository_filter_search_box_v13_10.png +++ /dev/null diff --git a/doc/user/project/repository/branches/img/repository_filter_search_box_v13_12.png b/doc/user/project/repository/branches/img/repository_filter_search_box_v13_12.png Binary files differnew file mode 100644 index 00000000000..230abf0d875 --- /dev/null +++ b/doc/user/project/repository/branches/img/repository_filter_search_box_v13_12.png diff --git a/doc/user/project/repository/branches/img/swap_revisions_after_v13_12.png b/doc/user/project/repository/branches/img/swap_revisions_after_v13_12.png Binary files differnew file mode 100644 index 00000000000..7eb10d10938 --- /dev/null +++ b/doc/user/project/repository/branches/img/swap_revisions_after_v13_12.png diff --git a/doc/user/project/repository/branches/img/swap_revisions_before_v13_12.png b/doc/user/project/repository/branches/img/swap_revisions_before_v13_12.png Binary files differnew file mode 100644 index 00000000000..f92c4279871 --- /dev/null +++ b/doc/user/project/repository/branches/img/swap_revisions_before_v13_12.png diff --git a/doc/user/project/repository/branches/index.md b/doc/user/project/repository/branches/index.md index f2562ef89e3..91858ff9a65 100644 --- a/doc/user/project/repository/branches/index.md +++ b/doc/user/project/repository/branches/index.md @@ -19,7 +19,7 @@ After pushing your changes to a new branch, you can: - [Discuss](../../../discussions/index.md) your implementation with your team - Preview changes submitted to a new branch with [Review Apps](../../../../ci/review_apps/index.md). -You can also request [approval](../../merge_requests/merge_request_approvals.md) +You can also request [approval](../../merge_requests/approvals/index.md) from your managers. For more information on managing branches using the GitLab UI, see: @@ -40,7 +40,7 @@ You can also manage branches using the See also: - [Branches API](../../../../api/branches.md), for information on operating on repository branches using the GitLab API. -- [GitLab Flow](../../../../university/training/gitlab_flow.md) documentation. +- [GitLab Flow](../../../../topics/gitlab_flow.md) documentation. - [Getting started with Git](../../../../topics/git/index.md) and GitLab. ## Compare @@ -53,7 +53,7 @@ To compare branches in a repository: 1. Select branches to compare using the [branch filter search box](#branch-filter-search-box). 1. Click **Compare** to view the changes inline: -  +  ## Delete merged branches @@ -74,7 +74,7 @@ automatically when a merge request was merged. This feature allows you to search and select a repository quickly when [comparing branches](#compare). - + Search results appear in the following order: @@ -85,7 +85,7 @@ Search results appear in the following order: > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/22166) in GitLab 11.5. - + This feature allows you to search and select branches quickly. Search results appear in the following order: @@ -97,6 +97,16 @@ Sometimes when you have hundreds of branches you may want a more flexible matchi - `^feature` matches only branch names that begin with 'feature'. - `feature$` matches only branch names that end with 'feature'. +## Swap revisions + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60491) in GitLab 13.12. + + + +The Swap revisions feature allows you to swap the Source and Target revisions. When the Swap revisions button is clicked, the selected revisions for Source and Target will be swapped. + + + <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/project/repository/img/forking_workflow_choose_namespace_v13_2.png b/doc/user/project/repository/img/forking_workflow_choose_namespace_v13_2.png Binary files differdeleted file mode 100644 index f48cf176ba1..00000000000 --- a/doc/user/project/repository/img/forking_workflow_choose_namespace_v13_2.png +++ /dev/null diff --git a/doc/user/project/repository/index.md b/doc/user/project/repository/index.md index 70c5ef63dd4..ed5bcc1f85a 100644 --- a/doc/user/project/repository/index.md +++ b/doc/user/project/repository/index.md @@ -208,7 +208,7 @@ The repository graph displays the history of the repository network visually, in Find it under your project's **Repository > Graph**. -## Repository Languages +## Repository languages For the default branch of each repository, GitLab determines what programming languages were used and displays this on the project's pages. If this information is missing, it's @@ -226,6 +226,10 @@ detected, add the following to `.gitattributes` in the root of your repository. *.proto linguist-detectable=true ``` +Sometimes this feature can use excessive CPU. +[Read about troubleshooting this](#repository-languages-excessive-cpu-use) +and also more about customizing this feature using `.gitattributes`. + ## Locked files **(PREMIUM)** Use [File Locking](../file_lock.md) to @@ -268,7 +272,7 @@ All projects can be cloned into Visual Studio Code. To do that: When VS Code has successfully cloned your project, it opens the folder. -## Download Source Code +## Download source code > - Support for directory download was [introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/24704) in GitLab 11.11. > - Support for [including Git LFS blobs](../../../topics/git/lfs#lfs-objects-in-project-archives) was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15079) in GitLab 13.5. @@ -310,14 +314,40 @@ When [renaming a user](../../profile/index.md#change-your-username), - The redirects are available as long as the original path is not claimed by another group, user or project. -<!-- ## Troubleshooting +## Troubleshooting + +### Repository Languages: excessive CPU use + +GitLab uses a Ruby gem to scan all the files in the repository to determine what languages are used. +[Sometimes this can use excessive CPU](https://gitlab.com/gitlab-org/gitaly/-/issues/1565) if +a file type needs to be parsed by the gem to determine what sort of file it is. +The gem contains a [heuristics configuration file](https://github.com/github/linguist/blob/master/lib/linguist/heuristics.yml) +that defines what file extensions need to be parsed. + +Excessive CPU use has been reported for files with the extension `.txt` and XML files with +a file extension that is not defined by the gem. + +The workaround is to specify what language to assign to specific file extensions. +The same approach should also allow misidentified file types to be fixed. + +1. Identify which language to specify. The gem contains a [configuration file for known data types](https://github.com/github/linguist/blob/master/lib/linguist/languages.yml). + The entry for `Text` files, for example: + + ```yaml + Text: + type: prose + wrap: true + aliases: + - fundamental + - plain text + extensions: + - ".txt" + ``` + +1. Add or modify `.gitattributes` in the root of your repository: -Include any troubleshooting steps that you can foresee. If you know beforehand what issues -one might have when setting this up, or when something is changed, or on upgrading, it's -important to describe those, too. Think of things that may go wrong and include them here. -This is important to minimize requests for support, and to avoid doc comments with -questions that you know someone might ask. + ```plaintext + *.txt linguist-language=Text + ``` -Each scenario can be a third-level heading, e.g. `### Getting error message X`. -If you have none to add when creating a doc, leave this section in place -but commented out to help encourage others to add to it in the future. --> + `*.txt` files have an entry in the heuristics file. The example above prevents parsing of these files. diff --git a/doc/user/project/repository/repository_mirroring.md b/doc/user/project/repository/repository_mirroring.md index 980c5417da6..3bbe9e6cb66 100644 --- a/doc/user/project/repository/repository_mirroring.md +++ b/doc/user/project/repository/repository_mirroring.md @@ -22,7 +22,7 @@ There are two kinds of repository mirroring supported by GitLab: When the mirror repository is updated, all new branches, tags, and commits are visible in the project's activity feed. -Users with at least [Developer access](../../permissions.md) to the project can also force an +Users with [Maintainer access](../../permissions.md) to the project can also force an immediate update, unless: - The mirror is already being updated. @@ -65,7 +65,10 @@ For an existing project, you can set up push mirroring as follows:  When push mirroring is enabled, only push commits directly to the mirrored repository to prevent the -mirror diverging. The mirrored repository receives all changes when: +mirror diverging. + +Unlike [pull mirroring](#how-it-works), the mirrored repository is not periodically auto-synced. +The mirrored repository receives all changes only when: - Commits are pushed to GitLab. - A [forced update](#forcing-an-update) is initiated. diff --git a/doc/user/project/repository/web_editor.md b/doc/user/project/repository/web_editor.md index b6bde46b26a..4e8e3f1bbce 100644 --- a/doc/user/project/repository/web_editor.md +++ b/doc/user/project/repository/web_editor.md @@ -58,6 +58,9 @@ to display, add a file to your repository. ## Highlight lines +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/56159) in GitLab 13.10 for GitLab SaaS instances. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/56159) in GitLab 13.11 for self-managed instances. + Web Editor enables you to highlight a single line by adding specially formatted hash information to the URL's file path segment. For example, the file path segment `MY_FILE.js#L3` instructs the Web Editor to highlight line 3. diff --git a/doc/user/project/requirements/img/requirements_archived_list_view_v13_1.png b/doc/user/project/requirements/img/requirements_archived_list_view_v13_1.png Binary files differindex 04cb011ff89..f839a391074 100644 --- a/doc/user/project/requirements/img/requirements_archived_list_view_v13_1.png +++ b/doc/user/project/requirements/img/requirements_archived_list_view_v13_1.png diff --git a/doc/user/project/settings/import_export.md b/doc/user/project/settings/import_export.md index 6fa1b0aa368..f5fa6e37d1c 100644 --- a/doc/user/project/settings/import_export.md +++ b/doc/user/project/settings/import_export.md @@ -37,26 +37,34 @@ Note the following: for how you can export a project through the UI. - Imports from a newer version of GitLab are not supported. The Importing GitLab version must be greater than or equal to the Exporting GitLab version. -- Imports will fail unless the import and export GitLab instances are +- Imports fail unless the import and export GitLab instances are compatible as described in the [Version history](#version-history). -- Exports are generated in your configured `shared_path`, a temporary [shared directory](../../../development/shared_files.md) +- Exports are generated in your configured `shared_path`, a temporary shared directory, and are moved to your configured `uploads_directory`. Every 24 hours, a specific worker deletes these export files. - Group members are exported as project members, as long as the user has maintainer or administrator access to the group where the exported project lives. -- Project members with owner access will be imported as maintainers. +- Project members with owner access are imported as maintainers. - Imported users can be mapped by their primary email on self-managed instances, if an administrative user (not an owner) does the import. Otherwise, a supplementary comment is left to mention that the original author and - the MRs, notes, or issues will be owned by the importer. + the MRs, notes, or issues are owned by the importer. + - For project migration imports performed over GitLab.com Groups, preserving author information is + possible through a [professional services engagement](https://about.gitlab.com/services/migration/). - If an imported project contains merge requests originating from forks, - then new branches associated with such merge requests will be created + then new branches associated with such merge requests are created within a project during the import/export. Thus, the number of branches in the exported project could be bigger than in the original project. - Deploy keys allowed to push to protected branches are not exported. Therefore, - you will need to recreate this association by first enabling these deploy keys in your + you need to recreate this association by first enabling these deploy keys in your imported project and then updating your protected branches accordingly. ## Version history +### 14.0+ + +In GitLab 14.0, the JSON format is no longer supported for project and group exports. To allow for a +transitional period, you can still import any JSON exports. The new format for imports and exports +is NDJSON. + ### 13.0+ Starting with GitLab 13.0, GitLab can import bundles that were exported from a different GitLab deployment. @@ -95,7 +103,7 @@ Prior to 13.0 this was a defined compatibility table: Projects can be exported and imported only between versions of GitLab with matching Import/Export versions. For example, 8.10.3 and 8.11 have the same Import/Export version (0.1.3) -and the exports between them will be compatible. +and the exports between them are compatible. ## Between CE and EE @@ -106,7 +114,7 @@ If you're exporting a project from the Enterprise Edition to the Community Editi ## Exported contents -The following items will be exported: +The following items are exported: - Project and wiki repositories - Project uploads @@ -120,7 +128,7 @@ The following items will be exported: - Push Rules - Awards -The following items will **not** be exported: +The following items are **not** exported: - Build traces and artifacts - Container registry images @@ -171,7 +179,7 @@ To export a project and its data, follow these steps:  1. Click on **Import project** to begin importing. Your newly imported project - page will appear soon. + page appears shortly. NOTE: If use of the `Internal` visibility level diff --git a/doc/user/project/settings/index.md b/doc/user/project/settings/index.md index 6d37d26f6e8..d3177aa7585 100644 --- a/doc/user/project/settings/index.md +++ b/doc/user/project/settings/index.md @@ -32,38 +32,19 @@ Adjust your project's name, description, avatar, [default branch](../repository/ The project description also partially supports [standard Markdown](../../markdown.md#standard-markdown-and-extensions-in-gitlab). You can use [emphasis](../../markdown.md#emphasis), [links](../../markdown.md#links), and [line-breaks](../../markdown.md#line-breaks) to add more context to the project description. -#### Compliance framework **(PREMIUM)** - -You can select a framework label to identify that your project has certain compliance requirements or needs additional oversight. Available labels include: - -- GDPR (General Data Protection Regulation) -- HIPAA (Health Insurance Portability and Accountability Act) -- PCI-DSS (Payment Card Industry-Data Security Standard) -- SOC 2 (Service Organization Control 2) -- SOX (Sarbanes-Oxley) - -NOTE: -Compliance framework labels do not affect your project settings. - -#### Custom compliance frameworks +#### Compliance frameworks **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276221) in GitLab 13.9. -> - [Deployed behind a feature flag](../../feature_flags.md). -> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/287779) in GitLab 13.11. -> - Enabled on GitLab.com. -> - Recommended for production use. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/287779) in GitLab 13.12. -WARNING: -This feature might not be available to you. Check the **version history** note above for details. +You can create a framework label to identify that your project has certain compliance requirements or needs additional oversight. -GitLab 13.9 introduces custom compliance frameworks at the group-level. A group owner can create a compliance framework label -and assign it to any number of projects within that group or subgroups. When this feature is enabled, projects can only -be assigned compliance framework labels that already exist within that group. +Group owners can create, edit and delete compliance frameworks by going to **Settings** > **General** and expanding the **Compliance frameworks** section. +Compliance frameworks created can then be assigned to any number of projects via the project settings page inside the group or subgroups. -If existing [Compliance frameworks](#compliance-framework) are not sufficient, project and group owners -can now create their own. - -New compliance framework labels can be created and updated using GraphQL. +NOTE: +Attempting to create compliance frameworks on subgroups via GraphQL will cause the framework to be created on the root ancestor if the user has the correct permissions. +The web UI presents a read-only view to discourage this behavior. #### Compliance pipeline configuration **(ULTIMATE)** @@ -79,7 +60,7 @@ This feature might not be available to you. Check the **version history** note a Group owners can use the compliance pipeline configuration to define compliance requirements such as scans or tests, and enforce them in individual projects. -The [custom compliance framework](#custom-compliance-frameworks) feature allows group owners to specify the location +The [custom compliance framework](#compliance-frameworks) feature allows group owners to specify the location of a compliance pipeline configuration stored and managed in a dedicated project, distinct from a developer's project. When you set up the compliance pipeline configuration field, use the @@ -96,7 +77,9 @@ The user running the pipeline in the project should at least have Reporter acces Example `.compliance-gitlab-ci.yml` ```yaml -stages: # Allows compliance team to control the ordering and interweaving of stages/jobs +# Allows compliance team to control the ordering and interweaving of stages/jobs. +# Stages without jobs defined will remain hidden. +stages: - pre-compliance - build - test @@ -209,11 +192,12 @@ Set up your project's merge request settings: - Set up the merge request method (merge commit, [fast-forward merge](../merge_requests/fast_forward_merge.md)). - Add merge request [description templates](../description_templates.md#description-templates). -- Enable [merge request approvals](../merge_requests/merge_request_approvals.md). +- Enable [merge request approvals](../merge_requests/approvals/index.md). - Enable [merge only if pipeline succeeds](../merge_requests/merge_when_pipeline_succeeds.md). - Enable [merge only when all threads are resolved](../../discussions/index.md#only-allow-merge-requests-to-be-merged-if-all-threads-are-resolved). -- Enable [`delete source branch after merge` option by default](../merge_requests/getting_started.md#deleting-the-source-branch) -- Configure [suggested changes commit messages](../../discussions/index.md#configure-the-commit-message-for-applied-suggestions) +- Enable [require an associated issue from Jira](../../../integration/jira/issues.md#require-associated-jira-issue-for-merge-requests-to-be-merged). +- Enable [`delete source branch after merge` option by default](../merge_requests/getting_started.md#deleting-the-source-branch). +- Configure [suggested changes commit messages](../merge_requests/reviews/suggestions.md#configure-the-commit-message-for-applied-suggestions). - Configure [the default target project](../merge_requests/creating_merge_requests.md#set-the-default-target-project) for merge requests coming from forks. ### Service Desk @@ -375,6 +359,24 @@ to remove a fork relationship. ## Operations settings +### Alerts + +Configure [alert integrations](../../../operations/incident_management/integrations.md#configuration) to triage and manage critical problems in your application as [alerts](../../../operations/incident_management/alerts.md). + +### Incidents + +#### Alert integration + +Automatically [create](../../../operations/incident_management/incidents.md#create-incidents-automatically), [notify on](../../../operations/incident_management/paging.md#email-notifications), and [resolve](../../../operations/incident_management/incidents.md#automatically-close-incidents-via-recovery-alerts) incidents based on GitLab alerts. + +#### PagerDuty integration + +[Create incidents in GitLab for each PagerDuty incident](../../../operations/incident_management/incidents.md#create-incidents-via-the-pagerduty-webhook). + +#### Incident settings + +[Manage Service Level Agreements for incidents](../../../operations/incident_management/incidents.md#service-level-agreement-countdown-timer) with an SLA countdown timer. + ### Error Tracking Configure Error Tracking to discover and view [Sentry errors within GitLab](../../../operations/error_tracking.md). @@ -387,22 +389,3 @@ Add the URL of a Jaeger server to allow your users to [easily access the Jaeger [Add Storage credentials](../../../operations/incident_management/status_page.md#sync-incidents-to-the-status-page) to enable the syncing of public Issues to a [deployed status page](../../../operations/incident_management/status_page.md#create-a-status-page-project). - -### Enable or disable custom compliance frameworks **(PREMIUM)** - -Enabling or disabling custom compliance frameworks is under development and not ready for production use. It is -deployed behind a feature flag that is **disabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) -can enable it. - -To enable it: - -```ruby -Feature.enable(:ff_custom_compliance_frameworks, Group.find(<group id>)) -``` - -To disable it: - -```ruby -Feature.disable(:ff_custom_compliance_frameworks, Group.find(<group id>)) -``` diff --git a/doc/user/project/time_tracking.md b/doc/user/project/time_tracking.md index 78e7ded9784..df76c4682f3 100644 --- a/doc/user/project/time_tracking.md +++ b/doc/user/project/time_tracking.md @@ -20,13 +20,14 @@ Time Tracking allows you to: - Record the time spent working on an issue or a merge request. - Add an estimate of the amount of time needed to complete an issue or a merge request. +- View a breakdown of time spent working on an issue or a merge request. You don't have to indicate an estimate to enter the time spent, and vice versa. Data about time tracking is shown on the issue/merge request sidebar, as shown below. - + ## How to enter data @@ -56,7 +57,7 @@ To remove an estimation entirely, use `/remove_estimate`. ### Time spent -To enter time spent, write `/spend`, followed by the time. For example, if you need +To enter time spent, write `/spend`, followed by the time. For example, if you need to log 1 month, 2 weeks, 3 days, 4 hours and 5 minutes, you would write `/spend 1mo 2w 3d 4h 5m`. Time units that we support are listed at the bottom of this help page. @@ -68,13 +69,26 @@ days from the total time spent. You can't go below 0 minutes of time spent, so GitLab automatically resets the time spent if you remove a larger amount of time compared to the time that was entered already. -You can log time in the past by providing a date after the time. +You can log time in the past by providing a date after the time. For example, if you want to log 1 hour of time spent on the 31 January 2021, you would write `/spend 1h 2021-01-31`. If you supply a date in the future, the command fails and no time is logged. To remove all the time spent at once, use `/remove_time_spent`. +## View a time tracking report + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/271409) in GitLab 13.12. + +You can view a breakdown of time spent on an issue or merge request. + +To view a time tracking report, go to an issue or a merge request and select **Time tracking report** +in the right sidebar. + + + +The breakdown of spent time is limited to a maximum of 100 entries. + ## Configuration The following time units are available: @@ -98,4 +112,9 @@ With this option enabled, `75h` is displayed instead of `1w 4d 3h`. ## Other interesting links -- [Time Tracking landing page in the GitLab handbook](https://about.gitlab.com/solutions/time-tracking/) +- [Time Tracking solutions page](https://about.gitlab.com/solutions/time-tracking/) +- Time Tracking GraphQL references: + - [Connection](../../api/graphql/reference/index.md#timelogconnection) + - [Edge](../../api/graphql/reference/index.md#timelogedge) + - [Fields](../../api/graphql/reference/index.md#timelog) + - [Group Timelogs](../../api/graphql/reference/index.md#grouptimelogs) diff --git a/doc/user/project/wiki/index.md b/doc/user/project/wiki/index.md index a69141ac04d..22915efef94 100644 --- a/doc/user/project/wiki/index.md +++ b/doc/user/project/wiki/index.md @@ -182,6 +182,8 @@ GitLab tracks wiki creation, deletion, and update events. These events are displ [group](../../group/index.md#view-group-activity), and [project](../working_with_projects.md#project-activity) activity pages. +Commits to wikis are not counted in [repository analytics](../../analytics/repository_analytics.md). + ## Customize sidebar > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/23109) in GitLab 13.8, the sidebar can be customized by selecting the **Edit sidebar** button. diff --git a/doc/user/project/working_with_projects.md b/doc/user/project/working_with_projects.md index 43df1cce70f..ddca0b64f81 100644 --- a/doc/user/project/working_with_projects.md +++ b/doc/user/project/working_with_projects.md @@ -41,7 +41,8 @@ For a list of words that can't be used as project names see To create a new blank project on the **New project** page: -1. On the **Blank project** tab, provide the following information: +1. Click **Create blank project** +1. Provide the following information: - The name of your project in the **Project name** field. You can't use special characters, but you can use spaces, hyphens, underscores, or even emoji. When adding the name, the **Project slug** auto populates. @@ -86,7 +87,8 @@ Built-in templates are project templates that are: To use a built-in template on the **New project** page: -1. On the **Create from template** tab, select the **Built-in** tab. +1. Click **Create from template** +1. Select the **Built-in** tab. 1. From the list of available built-in templates, click the: - **Preview** button to look at the template source itself. - **Use template** button to start creating the project. @@ -99,7 +101,8 @@ GitLab is developing Enterprise templates to help you streamline audit managemen To create a new project with an Enterprise template, on the **New project** page: -1. On the **Create from template** tab, select the **Built-in** tab. +1. Click **Create from template** +1. Select the **Built-in** tab. 1. From the list of available built-in Enterprise templates, click the: - **Preview** button to look at the template source itself. - **Use template** button to start creating the project. @@ -123,11 +126,12 @@ quickly starting projects. Custom projects are available at the [instance-level](../../user/admin_area/custom_project_templates.md) from the **Instance** tab, or at the [group-level](../../user/group/custom_project_templates.md) -from the **Group** tab, under the **Create from template** tab. +from the **Group** tab, on the **Create from template** page. To use a custom project template on the **New project** page: -1. On the **Create from template** tab, select the **Instance** tab or the **Group** tab. +1. Click **Create from template** +1. Select the **Instance** tab or the **Group** tab. 1. From the list of available custom templates, click the: - **Preview** button to look at the template source itself. - **Use template** button to start creating the project. diff --git a/doc/user/report_abuse.md b/doc/user/report_abuse.md new file mode 100644 index 00000000000..2b585315326 --- /dev/null +++ b/doc/user/report_abuse.md @@ -0,0 +1,68 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Report abuse **(FREE)** + +You can report abuse from other GitLab users to GitLab administrators. + +A GitLab administrator [can then choose](admin_area/review_abuse_reports.md) to: + +- Remove the user, which deletes them from the instance. +- Block the user, which denies them access to the instance. +- Or remove the report, which retains the user's access to the instance. + +You can report a user through their: + +- [Profile](#reporting-abuse-through-a-users-profile) +- [Comments](#reporting-abuse-through-a-users-comment) +- [Issues and Merge requests](#reporting-abuse-through-a-users-issue-or-merge-request) + +## Reporting abuse through a user's profile + +To report abuse from a user's profile page: + +1. Click on the exclamation point report abuse button at the top right of the + user's profile. +1. Complete an abuse report. +1. Click the **Send report** button. + +## Reporting abuse through a user's comment + +To report abuse from a user's comment: + +1. Click on the vertical ellipsis (⋮) more actions button to open the dropdown. +1. Select **Report as abuse**. +1. Complete an abuse report. +1. Click the **Send report** button. + +NOTE: +A URL to the reported user's comment is pre-filled in the abuse report's +**Message** field. + +## Reporting abuse through a user's issue or merge request + +The **Report abuse** button is displayed at the top right of the issue or merge request: + +- When **Report abuse** is selected from the menu that appears when the + **Close issue** or **Close merge request** button is clicked, for users that + have permission to close the issue or merge request. +- When viewing the issue or merge request, for users that don't have permission + to close the issue or merge request. + +With the **Report abuse** button displayed, to submit an abuse report: + +1. Click the **Report abuse** button. +1. Submit an abuse report. +1. Click the **Send report** button. + +NOTE: +A URL to the reported user's issue or merge request is pre-filled +in the abuse report's **Message** field. + +## Managing abuse reports + +Admins are able to view and resolve abuse reports. +For more information, see [abuse reports administration documentation](admin_area/review_abuse_reports.md). diff --git a/doc/user/shortcuts.md b/doc/user/shortcuts.md index 2a3ee09b40b..6673611267d 100644 --- a/doc/user/shortcuts.md +++ b/doc/user/shortcuts.md @@ -15,7 +15,7 @@ To display a window in GitLab that lists its keyboard shortcuts, use one of the following methods: - Press <kbd>?</kbd>. -- In the Help menu in the top right of the appication, select **Keyboard shortcuts**. +- In the Help menu in the top right of the application, select **Keyboard shortcuts**. In [GitLab 12.8 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/22113), you can disable keyboard shortcuts by using the **Keyboard shortcuts** toggle diff --git a/doc/user/todos.md b/doc/user/todos.md index 57ab7d4d888..695532abf9f 100644 --- a/doc/user/todos.md +++ b/doc/user/todos.md @@ -20,11 +20,12 @@ Your *To-Do List* offers a chronological list of items waiting for your input The To-Do List supports tracking [actions](#what-triggers-a-to-do-item) related to the following: -- Issues -- Merge Requests -- Epics **(ULTIMATE)** +- [Issues](project/issues/index.md) +- [Merge requests](project/merge_requests/index.md) +- [Epics](group/epics/index.md) +- [Designs](project/issues/design_management.md) - + You can access your To-Do List by clicking the To-Do List icon (**{task-done}**) next to the search bar in the top navigation. If the to-do item count is: @@ -33,15 +34,13 @@ next to the search bar in the top navigation. If the to-do item count is: - *100 or more*, the number displays as 99+. The exact number displays in the To-Do List. - - ## What triggers a to-do item A to-do item appears on your To-Do List when: - An issue or merge request is assigned to you. - You're `@mentioned` in the description or comment of an issue or merge request - (or epic **(ULTIMATE)**). + (or epic). - You are `@mentioned` in a comment on a: - Commit - Design @@ -54,7 +53,7 @@ A to-do item appears on your To-Do List when: - [In GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/12136) and later, a merge request is removed from a [merge train](../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md), - and you're the user that added it. **(PREMIUM)** + and you're the user that added it. When several trigger actions occur for the same user on the same object (for example, an issue), GitLab displays only the first action as a single to do @@ -93,18 +92,18 @@ for filtering purposes; otherwise, they appear as normal. ### Manually creating a to-do item -You can also add the following to your To-Do List by clicking the **Add a to do** button on an: +You can also add the following to your To-Do List by clicking the **Add a to do** button on: -- [Issue](project/issues/index.md) -- [Merge Request](project/merge_requests/index.md) -- [Epic](group/epics/index.md) **(ULTIMATE)** -- [Design](project/issues/design_management.md) +- [Issues](project/issues/index.md) +- [Merge requests](project/merge_requests/index.md) +- [Epics](group/epics/index.md) +- [Designs](project/issues/design_management.md)  ## Marking a to-do item as done -Any action to an issue or merge request (or epic **(PREMIUM)**) marks its +Any action to an issue, merge request, or epic marks its corresponding to-do item as done. Actions that dismiss to-do items include: @@ -119,8 +118,8 @@ action. If you close the issue or merge request, your to-do item is marked as done. To prevent other users from closing issues without you being notified, if -someone else closes, merges, or takes action on an issue or merge request (or -epic **(ULTIMATE)**), your to-do item remains pending. +someone else closes, merges, or takes action on an issue, merge request, or +epic, your to-do item remains pending. There's just one to-do item for each of these, so mentioning a user many times in an issue only triggers one to-do item. @@ -132,7 +131,7 @@ your To-Do List.  You can also mark a to-do item as done by clicking the **Mark as done** button -in the sidebar of an issue or merge request (or epic **(ULTIMATE)**). +in the sidebar of an issue, merge request, or epic.  @@ -148,7 +147,7 @@ You can use the following types of filters with your To-Do List: | Project | Filter by project. | | Group | Filter by group. | | Author | Filter by the author that triggered the to do. | -| Type | Filter by issue, merge request, design, or epic. **(ULTIMATE)** | +| Type | Filter by issue, merge request, design, or epic. | | Action | Filter by the action that triggered the to do. | You can also filter by more than one of these at the same time. The previously diff --git a/doc/user/upgrade_email_bypass.md b/doc/user/upgrade_email_bypass.md index 199c1a47e04..7d2f2395815 100644 --- a/doc/user/upgrade_email_bypass.md +++ b/doc/user/upgrade_email_bypass.md @@ -73,7 +73,7 @@ Your account has been blocked. Fatal: Could not read from remote repository Your primary email address is not confirmed. ``` -You can assure your users that they have not been [Blocked](admin_area/blocking_unblocking_users.md) by an administrator. +You can assure your users that they have not been [Blocked](admin_area/moderate_users.md#blocking-and-unblocking-users) by an administrator. When affected users see this message, they must confirm their email address before they can commit code. ## What do I need to know as an administrator of a GitLab self-managed Instance? |
