diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-04-22 20:47:30 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-04-22 20:47:30 +0000 |
commit | 0ca9e9b7230cb262a04b524aee8ffe99dbe63060 (patch) | |
tree | b26b9c2667a025a7e72f690e6789292028ece9de /doc | |
parent | fe69f9a3841ee9b9ef2b35cb72b3e973c0301fcb (diff) | |
download | gitlab-ce-0ca9e9b7230cb262a04b524aee8ffe99dbe63060.tar.gz |
Add latest changes from gitlab-org/gitlab@13-11-stable-ee
Diffstat (limited to 'doc')
-rw-r--r-- | doc/administration/pages/index.md | 6 | ||||
-rw-r--r-- | doc/api/projects.md | 35 | ||||
-rw-r--r-- | doc/user/application_security/dast/index.md | 4 |
3 files changed, 40 insertions, 5 deletions
diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md index d04688dab7a..ae4fa086e3f 100644 --- a/doc/administration/pages/index.md +++ b/doc/administration/pages/index.md @@ -1001,7 +1001,7 @@ to using that. ### Migrate Pages deployments to object storage -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/325285) in GitLab 13.11 +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/325285) in GitLab 13.11. Existing Pages deployments objects (which store [ZIP archives](#zip-storage)) can similarly be migrated to [object storage](#using-object-storage), if @@ -1010,7 +1010,7 @@ you've been having them stored locally. Migrate your existing Pages deployments from local storage to object storage: ```shell -sudo gitlab-rails gitlab:pages:deployments:migrate_to_object_storage +sudo gitlab-rake gitlab:pages:deployments:migrate_to_object_storage ``` ### Rolling Pages deployments back to local storage @@ -1018,7 +1018,7 @@ sudo gitlab-rails gitlab:pages:deployments:migrate_to_object_storage After the migration to object storage is performed, you can choose to revert your Pages deployments back to local storage: ```shell -sudo gitlab-rails gitlab:pages:deployments:migrate_to_local +sudo gitlab-rake gitlab:pages:deployments:migrate_to_local ``` ## Backup diff --git a/doc/api/projects.md b/doc/api/projects.md index 50c1356dfd8..d9aabfbc337 100644 --- a/doc/api/projects.md +++ b/doc/api/projects.md @@ -2016,6 +2016,41 @@ The returned `url` is relative to the project path. The returned `full_path` is the absolute path to the file. In Markdown contexts, the link is expanded when the format in `markdown` is used. +### Max attachment size enforcement + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57250) in GitLab 13.11. + +GitLab 13.11 added enforcement of the [maximum attachment size limit](../user/admin_area/settings/account_and_limit_settings.md#max-attachment-size) behind the `enforce_max_attachment_size_upload_api` feature flag. GitLab 14.0 will enable this by default. + +**In Omnibus installations:** + +1. Enter the Rails console: + + ```shell + sudo gitlab-rails console + ``` + +1. Enable the feature flag: + + ```ruby + Feature.enable(:enforce_max_attachment_size_upload_api) + ``` + +**In installations from source:** + +1. Enter the Rails console: + + ```shell + cd /home/git/gitlab + sudo -u git -H bundle exec rails console -e production + ``` + +1. Enable the feature flag to disable the validation: + + ```ruby + Feature.enable(:enforce_max_attachment_size_upload_api) + ``` + ## Upload a project avatar Uploads an avatar to the specified project. diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index d3f679fe9dd..65ddece1bde 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -300,7 +300,7 @@ variables: DAST_SUBMIT_FIELD: login # the `id` or `name` of the element that when clicked will submit the login form or the password form of a multi-page login process DAST_FIRST_SUBMIT_FIELD: next # the `id` or `name` of the element that when clicked will submit the username form of a multi-page login process DAST_EXCLUDE_URLS: http://example.com/sign-out,http://example.com/sign-out-2 # optional, URLs to skip during the authenticated scan; comma-separated, no spaces in between - DAST_AUTH_VALIDATION_URL: http://example.com/loggedin_page # optional, a URL only accessible to logged in users that DAST can use to confirm successful authentication + DAST_AUTH_VERIFICATION_URL: http://example.com/loggedin_page # optional, a URL only accessible to logged in users that DAST can use to confirm successful authentication ``` The results are saved as a @@ -645,7 +645,7 @@ DAST can be [configured](#customizing-the-dast-settings) using CI/CD variables. | `DAST_API_SPECIFICATION` | URL or string | The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. | | `DAST_SPIDER_START_AT_HOST` | boolean | Set to `false` to prevent DAST from resetting the target to its host before scanning. When `true`, non-host targets `http://test.site/some_path` is reset to `http://test.site` before scan. Default: `true`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/258805) in GitLab 13.6. | | `DAST_AUTH_URL` | URL | The URL of the page containing the sign-in HTML form on the target website. `DAST_USERNAME` and `DAST_PASSWORD` are submitted with the login form to create an authenticated scan. Not supported for API scans. | -| `DAST_AUTH_VALIDATION_URL` | URL | A URL only accessible to logged in users that DAST can use to confirm successful authentication. If provided, DAST will exit if it cannot access the URL. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207335) in GitLab 13.8. +| `DAST_AUTH_VERIFICATION_URL` | URL | A URL only accessible to logged in users that DAST can use to confirm successful authentication. If provided, DAST will exit if it cannot access the URL. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207335) in GitLab 13.8. | `DAST_USERNAME` | string | The username to authenticate to in the website. | | `DAST_PASSWORD` | string | The password to authenticate to in the website. | | `DAST_USERNAME_FIELD` | string | The name of username field at the sign-in HTML form. | |