diff options
Diffstat (limited to 'doc/integration')
-rw-r--r-- | doc/integration/alicloud.md | 91 | ||||
-rw-r--r-- | doc/integration/elasticsearch.md | 8 | ||||
-rw-r--r-- | doc/integration/gitpod.md | 2 | ||||
-rw-r--r-- | doc/integration/img/alicloud_scope.png | bin | 0 -> 107994 bytes | |||
-rw-r--r-- | doc/integration/index.md | 6 | ||||
-rw-r--r-- | doc/integration/jira/configure.md | 3 | ||||
-rw-r--r-- | doc/integration/jira/connect-app.md | 2 | ||||
-rw-r--r-- | doc/integration/jira/development_panel.md | 22 | ||||
-rw-r--r-- | doc/integration/jira/index.md | 2 | ||||
-rw-r--r-- | doc/integration/jira/issues.md | 2 | ||||
-rw-r--r-- | doc/integration/mattermost/index.md | 4 | ||||
-rw-r--r-- | doc/integration/omniauth.md | 6 | ||||
-rw-r--r-- | doc/integration/salesforce.md | 2 | ||||
-rw-r--r-- | doc/integration/saml.md | 7 |
14 files changed, 130 insertions, 27 deletions
diff --git a/doc/integration/alicloud.md b/doc/integration/alicloud.md new file mode 100644 index 00000000000..85e1e2d4154 --- /dev/null +++ b/doc/integration/alicloud.md @@ -0,0 +1,91 @@ +--- +stage: Ecosystem +group: Integrations +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Use AliCloud as an OmniAuth authentication provider **(FREE)** + +You can enable the AliCloud OAuth 2.0 OmniAuth provider and sign in to +GitLab using your AliCloud account. + +## Create an AliCloud application + +Sign in to the AliCloud platform and create an application on it. AliCloud generates a client ID and secret key for you to use. + +1. Sign in to the [AliCloud platform](https://account.aliyun.com/login/login.htm). + +1. Go to the [OAuth application management page](https://ram.console.aliyun.com/applications). + +1. Select **Create Application**. + +1. Fill in the application details: + + - **Application Name**: This can be anything. + - **Display Name**: This can be anything. + - **Callback URL**: This URL should be formatted as `'GitLab instance URL' + '/users/auth/alicloud/callback'`. For example, `http://test.gitlab.com/users/auth/alicloud/callback`. + + Select **Save**. + +1. Add OAuth scopes in the application details page: + + 1. Under the **Application Name** column, select the name of the application you created. The application's details page opens. + 1. Under the **Application OAuth Scopes** tab, select **Add OAuth Scopes**. + 1. Select the **aliuid** and **profile** checkboxes. + 1. Select **OK**. + + ![AliCloud OAuth scope](img/alicloud_scope.png) + +1. Create a secret in the application details page: + + 1. Under the **App Secrets** tab, select **Create Secret**. + 1. Copy the SecretValue generated. + +## Enable AliCloud OAuth in GitLab + +1. On your GitLab server, open the configuration file. + + - **For Omnibus installations** + + ```shell + sudo editor /etc/gitlab/gitlab.rb + ``` + + - **For installations from source** + + ```shell + cd /home/git/gitlab + + sudo -u git -H editor config/gitlab.yml + ``` + +1. [Configure the initial settings](omniauth.md#configure-initial-settings). + +1. Add the provider configuration. Replace `YOUR_APP_ID` with the ID on the application details page + and `YOUR_APP_SECRET` with the **SecretValue** you got when you registered the AliCloud application. + + - **For Omnibus installations** + + ```ruby + gitlab_rails['omniauth_providers'] = [ + { + name: "alicloud", + app_id: "YOUR_APP_ID", + app_secret: "YOUR_APP_SECRET" + } + ] + ``` + + - **For installations from source** + + ```yaml + - { name: 'alicloud', + app_id: 'YOUR_APP_ID', + app_secret: 'YOUR_APP_SECRET' } + ``` + +1. Save the configuration file. + +1. [Reconfigure GitLab](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) + if you installed using Omnibus, or [restart GitLab](../administration/restart_gitlab.md#installations-from-source) + if you installed from source. diff --git a/doc/integration/elasticsearch.md b/doc/integration/elasticsearch.md index 5265a24d299..5197a191b8e 100644 --- a/doc/integration/elasticsearch.md +++ b/doc/integration/elasticsearch.md @@ -982,7 +982,7 @@ There is also an easy way to check it automatically with `sudo gitlab-rake gitla This exception is seen when your Elasticsearch cluster is configured to reject requests above a certain size (10MiB in this case). This corresponds to the `http.max_content_length` setting in `elasticsearch.yml`. Increase it to a larger size and restart your Elasticsearch cluster. -AWS has [fixed limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/aes-limits.html) for this setting ("Maximum Size of HTTP Request Payloads"), based on the size of the underlying instance. +AWS has [fixed limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#network-limits) for this setting ("Maximum size of HTTP request payloads"), based on the size of the underlying instance. ### My single node Elasticsearch cluster status never goes from `yellow` to `green` even though everything seems to be running properly @@ -1080,6 +1080,12 @@ If `ElasticCommitIndexerWorker` Sidekiq workers are failing with this error duri - To decrease the indexing throughput you can decrease `Bulk request concurrency` (see [Advanced Search settings](#advanced-search-configuration)). This is set to `10` by default, but you change it to as low as 1 to reduce the number of concurrent indexing operations. - If changing `Bulk request concurrency` didn't help, you can use the [queue selector](../administration/operations/extra_sidekiq_processes.md#queue-selector) option to [limit indexing jobs only to specific Sidekiq nodes](#index-large-instances-with-dedicated-sidekiq-nodes-or-processes), which should reduce the number of indexing requests. +### Indexing is very slow or fails with `rejected execution of coordinating operation` messages + +Bulk requests are getting rejected by the Elasticsearch node(s) likely due to load and lack of available memory. +Ensure that your Elasticsearch cluster meets the [system requirements](#system-requirements) and has enough resources +to perform bulk operations. See also the error ["429 (Too Many Requests)"](#indexing-fails-with-error-elastic-error-429-too-many-requests). + ### Access requirements for the self-managed AWS OpenSearch Service To use the self-managed AWS OpenSearch Service with GitLab, configure your instance's domain access policies diff --git a/doc/integration/gitpod.md b/doc/integration/gitpod.md index 977e794396e..f54542ff43f 100644 --- a/doc/integration/gitpod.md +++ b/doc/integration/gitpod.md @@ -28,7 +28,7 @@ To use the GitLab Gitpod integration, it must be enabled for your GitLab instanc 1. It's [enabled and configured by a GitLab administrator](#configure-a-self-managed-instance). 1. It's [enabled in their user settings](#enable-gitpod-in-your-user-settings). -To learn more about Gitpod, see their [features](https://www.gitpod.io/features) and +To learn more about Gitpod, see their [features](https://www.gitpod.io/) and [documentation](https://www.gitpod.io/docs/). ## Enable Gitpod in your user settings diff --git a/doc/integration/img/alicloud_scope.png b/doc/integration/img/alicloud_scope.png Binary files differnew file mode 100644 index 00000000000..7a52d97ecd5 --- /dev/null +++ b/doc/integration/img/alicloud_scope.png diff --git a/doc/integration/index.md b/doc/integration/index.md index 61d8547aaf7..b26c841f943 100644 --- a/doc/integration/index.md +++ b/doc/integration/index.md @@ -24,8 +24,8 @@ GitLab can be configured to authenticate access requests with the following auth - Integrate with [Kerberos](kerberos.md). - Enable sign in via [LDAP](../administration/auth/ldap/index.md). - Enable [OAuth2 provider](oauth_provider.md) application creation. -- Use [OmniAuth](omniauth.md) to enable sign in via Twitter, GitHub, GitLab.com, Google, - Bitbucket, Facebook, Shibboleth, SAML, Crowd, Azure, or Authentiq ID. +- Use [OmniAuth](omniauth.md) to enable sign in through Twitter, GitHub, GitLab.com, Google, + Bitbucket, Facebook, SAML, Crowd, Azure, or Authentiq ID. - Use GitLab as an [OpenID Connect](openid_connect_provider.md) identity provider. - Authenticate to [Vault](vault.md) through GitLab OpenID Connect. - Configure GitLab as a [SAML](saml.md) 2.0 Service Provider. @@ -89,7 +89,7 @@ at Super User also has relevant information. **Omnibus Trusted Chain** -[Install the self signed certificate or custom certificate authorities](https://docs.gitlab.com/omnibus/common_installation_problems/index.html#using-self-signed-certificate-or-custom-certificate-authorities) +[Install the self signed certificate or custom certificate authorities](https://docs.gitlab.com/omnibus/troubleshooting.html#using-self-signed-certificate-or-custom-certificate-authorities) in to Omnibus GitLab. It is enough to concatenate the certificate to the main trusted certificate diff --git a/doc/integration/jira/configure.md b/doc/integration/jira/configure.md index 2033ddbad6f..bfeac230f89 100644 --- a/doc/integration/jira/configure.md +++ b/doc/integration/jira/configure.md @@ -22,7 +22,8 @@ Prerequisites: To configure your project: -1. Go to your project and select [**Settings > Integrations**](../../user/project/integrations/overview.md#accessing-integrations). +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > Integrations**. 1. Select **Jira**. 1. Select **Enable integration**. 1. Select **Trigger** actions. Your choice determines whether a mention of Jira issue diff --git a/doc/integration/jira/connect-app.md b/doc/integration/jira/connect-app.md index 59cdba93543..5c8f78a94b1 100644 --- a/doc/integration/jira/connect-app.md +++ b/doc/integration/jira/connect-app.md @@ -94,7 +94,7 @@ from outside the Marketplace, which allows you to install the application: 1. Place your Jira instance into [development mode](https://developer.atlassian.com/cloud/jira/platform/getting-started-with-connect/#step-2--enable-development-mode). 1. Sign in to your GitLab application as a user with administrator access. -1. Install the GitLab application from your self-managed GitLab instance, as +1. Install the GitLab application from your Jira instance, as described in the [Atlassian developer guides](https://developer.atlassian.com/cloud/jira/platform/getting-started-with-connect/#step-3--install-and-test-your-app): 1. In your Jira instance, go to **Apps > Manage Apps** and select **Upload app**: diff --git a/doc/integration/jira/development_panel.md b/doc/integration/jira/development_panel.md index 66810945d19..2f0ebea165a 100644 --- a/doc/integration/jira/development_panel.md +++ b/doc/integration/jira/development_panel.md @@ -4,25 +4,25 @@ group: Integrations info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# GitLab Jira Development panel integration **(FREE)** +# GitLab Jira development panel integration **(FREE)** > - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/233149) from GitLab Premium to GitLab Free in 13.4. -With the Jira Development panel integration, you can reference Jira issues in GitLab. +With the Jira development panel integration, you can reference Jira issues in GitLab. When configured, activity (such as pipeline, deployment, and feature flags) displays in the Jira issue's -[Development panel](https://support.atlassian.com/jira-software-cloud/docs/view-development-information-for-an-issue/). -From the Development panel, you can open a detailed view and +[development panel](https://support.atlassian.com/jira-software-cloud/docs/view-development-information-for-an-issue/). +From the development panel, you can open a detailed view and [take various actions](#use-the-integration), including creating a new merge request from a branch: ![Branch, Commit and Pull Requests links on Jira issue](img/jira_dev_panel_jira_setup_3.png) -The information displayed in the Jira Development panel depends on where you mention the Jira issue ID: +The information displayed in the Jira development panel depends on where you mention the Jira issue ID: | Your mention of Jira issue ID in GitLab context | Automated effect in Jira issue | |---------------------------------------------------|--------------------------------------------------------------------------------------------------------| -| In a merge request title or description | Link to the MR is displayed in Development panel. | -| In a branch name | Link to the branch is displayed in Development panel. | -| In a commit message | Link to the commit is displayed in Development panel. | +| In a merge request title or description | Link to the MR is displayed in the development panel. | +| In a branch name | Link to the branch is displayed in the development panel. | +| In a commit message | Link to the commit is displayed in the development panel. | | In a commit message with Jira [Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html) | Displays your custom comment or logged time spent and/or performs specified issue transition on merge. | This integration connects all GitLab projects to projects in the Jira instance in either: @@ -61,8 +61,8 @@ an issue transition, or add a custom comment, read the Atlassian page ## Configure the integration <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For an overview of how to configure Jira Development panel integration, see -[Agile Management - GitLab Jira Development panel integration](https://www.youtube.com/watch?v=VjVTOmMl85M). +For an overview of how to configure the Jira development panel integration, see +[Agile Management - GitLab Jira development panel integration](https://www.youtube.com/watch?v=VjVTOmMl85M). To simplify administration, we recommend that a GitLab group maintainer or group owner (or, if possible, instance administrator in the case of self-managed GitLab) set up the integration. @@ -89,7 +89,7 @@ This integration is not supported on GitLab instances under a [relative URL](https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-a-relative-url-for-gitlab). For example, `http://example.com/gitlab`. -## Troubleshoot the Development Panel +## Troubleshoot the development panel If you use Jira on your own server, go to the [Atlassian documentation](https://confluence.atlassian.com/jirakb/troubleshoot-the-development-panel-in-jira-server-574685212.html) for general troubleshooting information. diff --git a/doc/integration/jira/index.md b/doc/integration/jira/index.md index 3052d85b2cb..371f3a4ab8e 100644 --- a/doc/integration/jira/index.md +++ b/doc/integration/jira/index.md @@ -56,7 +56,7 @@ or the Jira DVCS (distributed version control system) connector, ## Authentication in Jira The authentication method in Jira depends on whether you host Jira on your own server or on -[Atlassian cloud](https://www.atlassian.com/cloud): +[Atlassian cloud](https://www.atlassian.com/migration/assess/why-cloud): - **Jira Server** supports basic authentication. When connecting, a **username and password** are required. Connecting to Jira Server using the Central Authentication Service (CAS) is not possible. For more information, read diff --git a/doc/integration/jira/issues.md b/doc/integration/jira/issues.md index e24862242e1..28998851697 100644 --- a/doc/integration/jira/issues.md +++ b/doc/integration/jira/issues.md @@ -106,7 +106,7 @@ sorts by **Created date** by default, with the newest issues listed at the top: ![Jira issues integration enabled](img/open_jira_issues_list_v14_6.png) -- To display the most recently updated issues first, select **Last updated**. +- To display the most recently updated issues first, select **Updated date**. - You can [search and filter](#search-and-filter-the-issues-list) the issues list. - In GitLab [versions 13.10 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/299832), you can select an issue from the list to view it in GitLab: diff --git a/doc/integration/mattermost/index.md b/doc/integration/mattermost/index.md index 6ac4faa5a35..c8e2df1f88f 100644 --- a/doc/integration/mattermost/index.md +++ b/doc/integration/mattermost/index.md @@ -477,7 +477,7 @@ Mattermost System Console or manually. If a configuration setting is specified via both the `gitlab.rb` (as an environment variable) and `config.json` files, the environment variable gets precedence. -If you encounter any issues [visit the GitLab Mattermost troubleshooting forum](https://forum.mattermost.org/t/upgrading-to-gitlab-mattermost-in-gitlab-8-9/1735) and share any relevant portions of `mattermost.log` along with the step at which you encountered issues. +If you encounter any issues [visit the GitLab Mattermost troubleshooting forum](https://forum.mattermost.com/t/upgrading-to-gitlab-mattermost-in-gitlab-8-9/1735) and share any relevant portions of `mattermost.log` along with the step at which you encountered issues. ### Upgrading GitLab Mattermost outside of GitLab @@ -523,7 +523,7 @@ You can fix this by setting up a `mattermost-cli` [shell alias](#mattermost-comm For help and support around your GitLab Mattermost deployment please see: -- [Troubleshooting Forum](https://forum.mattermost.org/t/how-to-use-the-troubleshooting-forum/150) for configuration questions and issues. +- [Troubleshooting Forum](https://forum.mattermost.com/t/how-to-use-the-troubleshooting-forum/150) for configuration questions and issues. - [Troubleshooting FAQ](https://docs.mattermost.com/install/troubleshooting.html). - [Mattermost GitLab Issues Support Handbook](https://docs.mattermost.com/process/support.html?highlight=omnibus#gitlab-issues). - [GitLab Mattermost issue tracker](https://gitlab.com/gitlab-org/gitlab-mattermost/-/issues) for verified bugs with repro steps. diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md index 7a4bcba25e4..f6e41e808af 100644 --- a/doc/integration/omniauth.md +++ b/doc/integration/omniauth.md @@ -21,6 +21,7 @@ GitLab supports the following OmniAuth providers. | Provider documentation | OmniAuth provider name | |---------------------------------------------------------------------|----------------------------| +| [AliCloud](alicloud.md) | `alicloud` | | [Atlassian Crowd](../administration/auth/crowd.md) | `crowd` | | [Atlassian](../administration/auth/atlassian.md) | `atlassian_oauth2` | | [Auth0](auth0.md) | `auth0` | @@ -41,7 +42,6 @@ GitLab supports the following OmniAuth providers. | [OpenID Connect](../administration/auth/oidc.md) | `openid_connect` | | [Salesforce](salesforce.md) | `salesforce` | | [SAML](saml.md) | `saml` | -| [Shibboleth](saml.md) | `shibboleth` | | [Twitter](twitter.md) | `twitter` | ## Configure initial settings @@ -53,7 +53,7 @@ Setting | Description | Default value ---------------------------|-------------|-------------- `allow_single_sign_on` | Enables you to list the providers that automatically create a GitLab account. The provider names are available in the **OmniAuth provider name** column in the [supported providers table](#supported-providers). | The default is `false`. If `false`, users must be created manually, or they can't sign in using OmniAuth. `auto_link_ldap_user` | If enabled, creates an LDAP identity in GitLab for users that are created through an OmniAuth provider. You can enable this setting if you have the [LDAP (ActiveDirectory)](../administration/auth/ldap/index.md) integration enabled. Requires the `uid` of the user to be the same in both LDAP and the OmniAuth provider. | The default is `false`. -`block_auto_created_users` | If enabled, blocks users that are automatically created from signing in until they are approved by an administrator. | The default is `true`. If you set the value to `false`, make sure you only define providers for `allow_single_sign_on` that you can control, like SAML, Shibboleth, Crowd, or Google. Otherwise, any user on the internet can sign in to GitLab without an administrator's approval. +`block_auto_created_users` | If enabled, blocks users that are automatically created from signing in until they are approved by an administrator. | The default is `true`. If you set the value to `false`, make sure you only define providers for `allow_single_sign_on` that you can control, like SAML, Crowd, or Google. Otherwise, any user on the internet can sign in to GitLab without an administrator's approval. To change these settings: @@ -197,7 +197,7 @@ To enable automatic linking for SAML, see the [SAML setup instructions](saml.md# ## Create an external providers list You can define a list of external OmniAuth providers. -Users who create accounts or sign in to GitLab through the listed providers do not get access to [internal projects](../public_access/public_access.md#internal-projects-and-groups). +Users who create accounts or sign in to GitLab through the listed providers do not get access to [internal projects](../user/public_access.md#internal-projects-and-groups). To define the external providers list, use the full name of the provider, for example, `google_oauth2` for Google. For provider names, see the diff --git a/doc/integration/salesforce.md b/doc/integration/salesforce.md index ebd936424d3..8d4d8ff9f52 100644 --- a/doc/integration/salesforce.md +++ b/doc/integration/salesforce.md @@ -11,7 +11,7 @@ You can integrate your GitLab instance with [Salesforce](https://www.salesforce. ## Create a Salesforce Connected App To enable Salesforce OmniAuth provider, you must use Salesforce's credentials for your GitLab instance. -To get the credentials (a pair of Client ID and Client Secret), you must [create a Connected App](https://help.salesforce.com/s/articleView?id=connected_app_create.htm&type=5) on Salesforce. +To get the credentials (a pair of Client ID and Client Secret), you must [create a Connected App](https://help.salesforce.com/s/articleView?id=sf.connected_app_create.htm&type=5) on Salesforce. 1. Sign in to [Salesforce](https://login.salesforce.com/). diff --git a/doc/integration/saml.md b/doc/integration/saml.md index 95bf835147d..c5383f9e34b 100644 --- a/doc/integration/saml.md +++ b/doc/integration/saml.md @@ -730,6 +730,11 @@ Refer to the documentation for your SAML Identity Provider for information on ho The [Generated passwords for users created through integrated authentication](../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via SAML. +## Link SAML identity for an existing user + +A user can manually link their SAML identity to an existing GitLab account by following the steps in +[Enable OmniAuth for an existing user](omniauth.md#enable-omniauth-for-an-existing-user). + ## Configuring Group SAML on a self-managed GitLab instance **(PREMIUM SELF)** For information on the GitLab.com implementation, please see the [SAML SSO for GitLab.com groups page](../user/group/saml_sso). @@ -785,7 +790,7 @@ documentation on how to use SAML to sign in to GitLab. Examples: - [ADFS (Active Directory Federation Services)](https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/create-a-relying-party-trust) -- [Auth0](https://auth0.com/docs/configure/saml-configuration/configure-auth0-saml-identity-provider) +- [Auth0](https://auth0.com/docs/authenticate/protocols/saml/saml-sso-integrations/configure-auth0-saml-identity-provider) - [PingOne by Ping Identity](http://docs.pingidentity.com/bundle/pingoneforenterprise/page/xsh1564020480660-1.html) GitLab provides the following setup notes for guidance only. |