summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-02-17 12:09:20 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-02-17 12:09:20 +0000
commitb84eeb256c4a780d902faee1f99ca9a711b3214a (patch)
tree32918aadbea9210eace50efbce9afbfb8cd3ba84 /doc
parent53ae6b7e3f83591ad251a3f771f5bf3b8cf087ba (diff)
downloadgitlab-ce-b84eeb256c4a780d902faee1f99ca9a711b3214a.tar.gz
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
-rw-r--r--doc/api/graphql/reference/gitlab_schema.graphql87
-rw-r--r--doc/api/graphql/reference/gitlab_schema.json210
-rw-r--r--doc/api/graphql/reference/index.md14
-rw-r--r--doc/user/analytics/productivity_analytics.md5
-rw-r--r--doc/user/application_security/container_scanning/index.md38
-rw-r--r--doc/user/application_security/index.md1
-rw-r--r--doc/user/project/issues/design_management.md6
7 files changed, 332 insertions, 29 deletions
diff --git a/doc/api/graphql/reference/gitlab_schema.graphql b/doc/api/graphql/reference/gitlab_schema.graphql
index ecf34b14aa0..f698db84982 100644
--- a/doc/api/graphql/reference/gitlab_schema.graphql
+++ b/doc/api/graphql/reference/gitlab_schema.graphql
@@ -1406,12 +1406,12 @@ input DiffImagePositionInput {
width: Int!
"""
- X position on which the comment was made
+ X position of the note
"""
x: Int!
"""
- Y position on which the comment was made
+ Y position of the note
"""
y: Int!
}
@@ -1475,12 +1475,12 @@ type DiffPosition {
width: Int
"""
- X position on which the comment was made
+ X position of the note
"""
x: Int
"""
- Y position on which the comment was made
+ Y position of the note
"""
y: Int
}
@@ -4660,6 +4660,18 @@ type Mutation {
todosMarkAllDone(input: TodosMarkAllDoneInput!): TodosMarkAllDonePayload
toggleAwardEmoji(input: ToggleAwardEmojiInput!): ToggleAwardEmojiPayload
updateEpic(input: UpdateEpicInput!): UpdateEpicPayload
+
+ """
+ Updates a DiffNote on an image (a `Note` where the `position.positionType` is
+ `"image"`). If the body of the Note contains only quick actions, the Note will
+ be destroyed during the update, and no Note will be returned
+ """
+ updateImageDiffNote(input: UpdateImageDiffNoteInput!): UpdateImageDiffNotePayload
+
+ """
+ Updates a Note. If the body of the Note contains only quick actions, the Note
+ will be destroyed during the update, and no Note will be returned
+ """
updateNote(input: UpdateNoteInput!): UpdateNotePayload
updateSnippet(input: UpdateSnippetInput!): UpdateSnippetPayload
}
@@ -7533,6 +7545,28 @@ enum TypeEnum {
project
}
+input UpdateDiffImagePositionInput {
+ """
+ Total height of the image
+ """
+ height: Int
+
+ """
+ Total width of the image
+ """
+ width: Int
+
+ """
+ X position of the note
+ """
+ x: Int
+
+ """
+ Y position of the note
+ """
+ y: Int
+}
+
"""
Autogenerated input type of UpdateEpic
"""
@@ -7619,6 +7653,51 @@ type UpdateEpicPayload {
}
"""
+Autogenerated input type of UpdateImageDiffNote
+"""
+input UpdateImageDiffNoteInput {
+ """
+ Content of the note
+ """
+ body: String
+
+ """
+ A unique identifier for the client performing the mutation.
+ """
+ clientMutationId: String
+
+ """
+ The global id of the note to update
+ """
+ id: ID!
+
+ """
+ The position of this note on a diff
+ """
+ position: UpdateDiffImagePositionInput
+}
+
+"""
+Autogenerated return type of UpdateImageDiffNote
+"""
+type UpdateImageDiffNotePayload {
+ """
+ A unique identifier for the client performing the mutation.
+ """
+ clientMutationId: String
+
+ """
+ Reasons why the mutation failed.
+ """
+ errors: [String!]!
+
+ """
+ The note after mutation
+ """
+ note: Note
+}
+
+"""
Autogenerated input type of UpdateNote
"""
input UpdateNoteInput {
diff --git a/doc/api/graphql/reference/gitlab_schema.json b/doc/api/graphql/reference/gitlab_schema.json
index 33252993682..38a836acb6b 100644
--- a/doc/api/graphql/reference/gitlab_schema.json
+++ b/doc/api/graphql/reference/gitlab_schema.json
@@ -8063,7 +8063,7 @@
},
{
"name": "x",
- "description": "X position on which the comment was made",
+ "description": "X position of the note",
"args": [
],
@@ -8077,7 +8077,7 @@
},
{
"name": "y",
- "description": "Y position on which the comment was made",
+ "description": "Y position of the note",
"args": [
],
@@ -19427,8 +19427,35 @@
"deprecationReason": null
},
{
+ "name": "updateImageDiffNote",
+ "description": "Updates a DiffNote on an image (a `Note` where the `position.positionType` is `\"image\"`). If the body of the Note contains only quick actions, the Note will be destroyed during the update, and no Note will be returned",
+ "args": [
+ {
+ "name": "input",
+ "description": null,
+ "type": {
+ "kind": "NON_NULL",
+ "name": null,
+ "ofType": {
+ "kind": "INPUT_OBJECT",
+ "name": "UpdateImageDiffNoteInput",
+ "ofType": null
+ }
+ },
+ "defaultValue": null
+ }
+ ],
+ "type": {
+ "kind": "OBJECT",
+ "name": "UpdateImageDiffNotePayload",
+ "ofType": null
+ },
+ "isDeprecated": false,
+ "deprecationReason": null
+ },
+ {
"name": "updateNote",
- "description": null,
+ "description": "Updates a Note. If the body of the Note contains only quick actions, the Note will be destroyed during the update, and no Note will be returned",
"args": [
{
"name": "input",
@@ -21640,7 +21667,7 @@
},
{
"name": "x",
- "description": "X position on which the comment was made",
+ "description": "X position of the note",
"type": {
"kind": "NON_NULL",
"name": null,
@@ -21654,7 +21681,7 @@
},
{
"name": "y",
- "description": "Y position on which the comment was made",
+ "description": "Y position of the note",
"type": {
"kind": "NON_NULL",
"name": null,
@@ -21817,6 +21844,179 @@
},
{
"kind": "OBJECT",
+ "name": "UpdateImageDiffNotePayload",
+ "description": "Autogenerated return type of UpdateImageDiffNote",
+ "fields": [
+ {
+ "name": "clientMutationId",
+ "description": "A unique identifier for the client performing the mutation.",
+ "args": [
+
+ ],
+ "type": {
+ "kind": "SCALAR",
+ "name": "String",
+ "ofType": null
+ },
+ "isDeprecated": false,
+ "deprecationReason": null
+ },
+ {
+ "name": "errors",
+ "description": "Reasons why the mutation failed.",
+ "args": [
+
+ ],
+ "type": {
+ "kind": "NON_NULL",
+ "name": null,
+ "ofType": {
+ "kind": "LIST",
+ "name": null,
+ "ofType": {
+ "kind": "NON_NULL",
+ "name": null,
+ "ofType": {
+ "kind": "SCALAR",
+ "name": "String",
+ "ofType": null
+ }
+ }
+ }
+ },
+ "isDeprecated": false,
+ "deprecationReason": null
+ },
+ {
+ "name": "note",
+ "description": "The note after mutation",
+ "args": [
+
+ ],
+ "type": {
+ "kind": "OBJECT",
+ "name": "Note",
+ "ofType": null
+ },
+ "isDeprecated": false,
+ "deprecationReason": null
+ }
+ ],
+ "inputFields": null,
+ "interfaces": [
+
+ ],
+ "enumValues": null,
+ "possibleTypes": null
+ },
+ {
+ "kind": "INPUT_OBJECT",
+ "name": "UpdateImageDiffNoteInput",
+ "description": "Autogenerated input type of UpdateImageDiffNote",
+ "fields": null,
+ "inputFields": [
+ {
+ "name": "id",
+ "description": "The global id of the note to update",
+ "type": {
+ "kind": "NON_NULL",
+ "name": null,
+ "ofType": {
+ "kind": "SCALAR",
+ "name": "ID",
+ "ofType": null
+ }
+ },
+ "defaultValue": null
+ },
+ {
+ "name": "body",
+ "description": "Content of the note",
+ "type": {
+ "kind": "SCALAR",
+ "name": "String",
+ "ofType": null
+ },
+ "defaultValue": null
+ },
+ {
+ "name": "position",
+ "description": "The position of this note on a diff",
+ "type": {
+ "kind": "INPUT_OBJECT",
+ "name": "UpdateDiffImagePositionInput",
+ "ofType": null
+ },
+ "defaultValue": null
+ },
+ {
+ "name": "clientMutationId",
+ "description": "A unique identifier for the client performing the mutation.",
+ "type": {
+ "kind": "SCALAR",
+ "name": "String",
+ "ofType": null
+ },
+ "defaultValue": null
+ }
+ ],
+ "interfaces": null,
+ "enumValues": null,
+ "possibleTypes": null
+ },
+ {
+ "kind": "INPUT_OBJECT",
+ "name": "UpdateDiffImagePositionInput",
+ "description": null,
+ "fields": null,
+ "inputFields": [
+ {
+ "name": "x",
+ "description": "X position of the note",
+ "type": {
+ "kind": "SCALAR",
+ "name": "Int",
+ "ofType": null
+ },
+ "defaultValue": null
+ },
+ {
+ "name": "y",
+ "description": "Y position of the note",
+ "type": {
+ "kind": "SCALAR",
+ "name": "Int",
+ "ofType": null
+ },
+ "defaultValue": null
+ },
+ {
+ "name": "width",
+ "description": "Total width of the image",
+ "type": {
+ "kind": "SCALAR",
+ "name": "Int",
+ "ofType": null
+ },
+ "defaultValue": null
+ },
+ {
+ "name": "height",
+ "description": "Total height of the image",
+ "type": {
+ "kind": "SCALAR",
+ "name": "Int",
+ "ofType": null
+ },
+ "defaultValue": null
+ }
+ ],
+ "interfaces": null,
+ "enumValues": null,
+ "possibleTypes": null
+ },
+ {
+ "kind": "OBJECT",
"name": "DestroyNotePayload",
"description": "Autogenerated return type of DestroyNote",
"fields": [
diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md
index 43e7aef59e8..c1a5882eb25 100644
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -246,8 +246,8 @@ Autogenerated return type of DestroySnippet
| `oldPath` | String | Path of the file on the start SHA |
| `positionType` | DiffPositionType! | Type of file the position refers to |
| `width` | Int | Total width of the image |
-| `x` | Int | X position on which the comment was made |
-| `y` | Int | Y position on which the comment was made |
+| `x` | Int | X position of the note |
+| `y` | Int | Y position of the note |
## DiffRefs
@@ -1230,6 +1230,16 @@ Autogenerated return type of UpdateEpic
| `epic` | Epic | The epic after mutation |
| `errors` | String! => Array | Reasons why the mutation failed. |
+## UpdateImageDiffNotePayload
+
+Autogenerated return type of UpdateImageDiffNote
+
+| Name | Type | Description |
+| --- | ---- | ---------- |
+| `clientMutationId` | String | A unique identifier for the client performing the mutation. |
+| `errors` | String! => Array | Reasons why the mutation failed. |
+| `note` | Note | The note after mutation |
+
## UpdateNotePayload
Autogenerated return type of UpdateNote
diff --git a/doc/user/analytics/productivity_analytics.md b/doc/user/analytics/productivity_analytics.md
index 572265b5b09..36dd9b5d6bf 100644
--- a/doc/user/analytics/productivity_analytics.md
+++ b/doc/user/analytics/productivity_analytics.md
@@ -25,10 +25,7 @@ Productivity Analytics allows GitLab users to:
## Accessing metrics and visualizations
-To access the **Productivity Analytics** page:
-
-1. Go to **Analytics** from the top navigation bar.
-1. Select **Productivity Analytics** from the menu.
+To access the chart, navigate to a group's sidebar and select **Analytics > Productivity Analytics**.
The following metrics and visualizations are available on a project or group level - currently only covering **merged** merge requests:
diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md
index 3bdda338b76..ff15b299cea 100644
--- a/doc/user/application_security/container_scanning/index.md
+++ b/doc/user/application_security/container_scanning/index.md
@@ -137,7 +137,7 @@ build:
If you want to whitelist specific vulnerabilities, you'll need to:
- 1. Set `GIT_STRATEGY: fetch` in your `.gitlab-ci.yml` file by following the instructions described in the
+ 1. Set [`GIT_STRATEGY: fetch`](../../../ci/yaml/README.md#git-strategy) in your `.gitlab-ci.yml` file by following the instructions described in the
[overriding the Container Scanning template](#overriding-the-container-scanning-template) section of this document.
1. Define the whitelisted vulnerabilities in a YAML file named `clair-whitelist.yml` which must use the format described
in the [following whitelist example file](https://github.com/arminc/clair-scanner/blob/v12/example-whitelist.yaml).
@@ -163,18 +163,19 @@ container_scanning:
Container Scanning can be [configured](#overriding-the-container-scanning-template)
using environment variables.
-| Environment Variable | Description | Default |
-| ------ | ------ | ------ |
-| `KLAR_TRACE` | Set to true to enable more verbose output from klar. | `"false"` |
-| `DOCKER_USER` | Username for accessing a Docker registry requiring authentication. | `$CI_REGISTRY_USER` |
-| `DOCKER_PASSWORD` | Password for accessing a Docker registry requiring authentication. | `$CI_REGISTRY_PASSWORD` |
-| `CLAIR_OUTPUT` | Severity level threshold. Vulnerabilities with severity level higher than or equal to this threshold will be outputted. Supported levels are `Unknown`, `Negligible`, `Low`, `Medium`, `High`, `Critical` and `Defcon1`. | `Unknown` |
-| `REGISTRY_INSECURE` | Allow [Klar](https://github.com/optiopay/klar) to access insecure registries (HTTP only). Should only be set to `true` when testing the image locally. | `"false"` |
+| Environment Variable | Description | Default |
+| ------ | ------ | ------ |
+| `KLAR_TRACE` | Set to true to enable more verbose output from klar. | `"false"` |
+| `DOCKER_USER` | Username for accessing a Docker registry requiring authentication. | `$CI_REGISTRY_USER` |
+| `DOCKER_PASSWORD` | Password for accessing a Docker registry requiring authentication. | `$CI_REGISTRY_PASSWORD` |
+| `CLAIR_OUTPUT` | Severity level threshold. Vulnerabilities with severity level higher than or equal to this threshold will be outputted. Supported levels are `Unknown`, `Negligible`, `Low`, `Medium`, `High`, `Critical` and `Defcon1`. | `Unknown` |
+| `REGISTRY_INSECURE` | Allow [Klar](https://github.com/optiopay/klar) to access insecure registries (HTTP only). Should only be set to `true` when testing the image locally. | `"false"` |
| `CLAIR_VULNERABILITIES_DB_URL` | This variable is explicitly set in the [services section](https://gitlab.com/gitlab-org/gitlab/blob/30522ca8b901223ac8c32b633d8d67f340b159c1/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml#L17-19) of the `Container-Scanning.gitlab-ci.yml` file and defaults to `clair-vulnerabilities-db`. This value represents the address that the [postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db) is running on and **shouldn't be changed** unless you're running the image locally as described in the [Running the scanning tool](https://gitlab.com/gitlab-org/security-products/analyzers/klar/#running-the-scanning-tool) section of the [GitLab klar analyzer readme](https://gitlab.com/gitlab-org/security-products/analyzers/klar). | `clair-vulnerabilities-db` |
-| `CI_APPLICATION_REPOSITORY` | Docker repository URL for the image to be scanned. | `$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG` |
-| `CI_APPLICATION_TAG` | Docker respository tag for the image to be scanned. | `$CI_COMMIT_SHA` |
-| `CLAIR_DB_IMAGE` | The Docker image name and tag for the [postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes, or to refer to a locally hosted vulnerabilities database for an on-premise air-gapped installation. | `arminc/clair-db:latest` |
-| `CLAIR_DB_IMAGE_TAG` | (**DEPRECATED - use `CLAIR_DB_IMAGE` instead**) The Docker image tag for the [postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes. | `latest` |
+| `CI_APPLICATION_REPOSITORY` | Docker repository URL for the image to be scanned. | `$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG` |
+| `CI_APPLICATION_TAG` | Docker respository tag for the image to be scanned. | `$CI_COMMIT_SHA` |
+| `CLAIR_DB_IMAGE` | The Docker image name and tag for the [Postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes, or to refer to a locally hosted vulnerabilities database for an on-premise air-gapped installation. | `arminc/clair-db:latest` |
+| `CLAIR_DB_IMAGE_TAG` | (**DEPRECATED - use `CLAIR_DB_IMAGE` instead**) The Docker image tag for the [Postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes. | `latest` |
+| `DOCKERFILE_PATH` | The path to the `Dockerfile` to be used for generating remediations. By default, the scanner will look for a file named `Dockerfile` in the root directory of the project, so this variable should only be configured if your `Dockerfile` is in a non-standard location, such as a subdirectory. See [Solutions for vulnerabilities](#solutions-for-vulnerabilities-auto-remediation) for more details. | `Dockerfile` |
## Security Dashboard
@@ -187,6 +188,19 @@ vulnerabilities in your groups, projects and pipelines. Read more about the
Once a vulnerability is found, you can interact with it. Read more on how to
[interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
+## Solutions for vulnerabilities (auto-remediation)
+
+Some vulnerabilities can be fixed by applying the solution that GitLab
+automatically generates.
+
+To enable remediation support, the scanning tool _must_ have access to the `Dockerfile` specified by
+the `DOCKERFILE_PATH` environment variable. To ensure that the scanning tool has access to this
+file, it's necessary to set [`GIT_STRATEGY: fetch`](../../../ci/yaml/README.md#git-strategy) in
+your `.gitlab-ci.yml` file by following the instructions described in this document's
+[overriding the Container Scanning template](#overriding-the-container-scanning-template) section.
+
+Read more about the [solutions for vulnerabilities](../index.md#solutions-for-vulnerabilities-auto-remediation).
+
## Vulnerabilities database update
For more information about the vulnerabilities database update, check the
diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md
index a48152c2aab..13ea45816b8 100644
--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@@ -112,6 +112,7 @@ automatically generates. The following scanners are supported:
- [Dependency Scanning](dependency_scanning/index.md):
Automatic Patch creation is only available for Node.js projects managed with
`yarn`.
+- [Container Scanning](container_scanning/index.md)
#### Manually applying the suggested patch
diff --git a/doc/user/project/issues/design_management.md b/doc/user/project/issues/design_management.md
index 627aeac54d6..58da77697d8 100644
--- a/doc/user/project/issues/design_management.md
+++ b/doc/user/project/issues/design_management.md
@@ -144,8 +144,10 @@ which you can start a new discussion:
![Starting a new discussion on design](img/adding_note_to_design_1.png)
-From GitLab 12.8 on, when you are starting a new discussion, you can adjust the badge's position by
-dragging it around the image.
+[Introduced](https://gitlab.com/gitlab-org/gitlab/issues/34353) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.8,
+you can adjust the badge's position by dragging it around the image. This is useful
+for when your design layout has changed between revisions, or if you need to move an
+existing badge to add a new one in its place.
Different discussions have different badge numbers:
View Lorry Controller Status