diff options
Diffstat (limited to 'doc/user/packages')
| -rw-r--r-- | doc/user/packages/composer_repository/index.md | 2 | ||||
| -rw-r--r-- | doc/user/packages/conan_repository/index.md | 7 | ||||
| -rw-r--r-- | doc/user/packages/container_registry/index.md | 67 | ||||
| -rw-r--r-- | doc/user/packages/debian_repository/index.md | 59 | ||||
| -rw-r--r-- | doc/user/packages/dependency_proxy/index.md | 25 | ||||
| -rw-r--r-- | doc/user/packages/generic_packages/index.md | 38 | ||||
| -rw-r--r-- | doc/user/packages/helm_repository/index.md | 22 | ||||
| -rw-r--r-- | doc/user/packages/maven_repository/index.md | 8 | ||||
| -rw-r--r-- | doc/user/packages/npm_registry/index.md | 12 | ||||
| -rw-r--r-- | doc/user/packages/nuget_repository/index.md | 19 | ||||
| -rw-r--r-- | doc/user/packages/pypi_repository/index.md | 16 | ||||
| -rw-r--r-- | doc/user/packages/terraform_module_registry/index.md | 4 |
12 files changed, 223 insertions, 56 deletions
diff --git a/doc/user/packages/composer_repository/index.md b/doc/user/packages/composer_repository/index.md index b6eb2975374..2787aefdeca 100644 --- a/doc/user/packages/composer_repository/index.md +++ b/doc/user/packages/composer_repository/index.md @@ -63,7 +63,7 @@ a group's namespace, rather than a user's namespace. Composer packages git commit -m 'Composer package test' git tag v1.0.0 git remote add origin git@gitlab.example.com:<namespace>/<project-name>.git - git push --set-upstream origin master + git push --set-upstream origin main git push origin v1.0.0 ``` diff --git a/doc/user/packages/conan_repository/index.md b/doc/user/packages/conan_repository/index.md index c6cc7e7905a..d3e913edfda 100644 --- a/doc/user/packages/conan_repository/index.md +++ b/doc/user/packages/conan_repository/index.md @@ -210,13 +210,6 @@ conan user <gitlab_username or deploy_token_username> -r gitlab -p <personal_acc Now when you run commands with `--remote=gitlab`, your username and password are included in the requests. -Alternatively, you can explicitly include your credentials in any given command. -For example: - -```shell -CONAN_LOGIN_USERNAME=<gitlab_username or deploy_token_username> CONAN_PASSWORD=<personal_access_token or deploy_token> conan upload Hello/0.1@mycompany/beta --all --remote=gitlab -``` - NOTE: Because your authentication with GitLab expires on a regular basis, you may occasionally need to re-enter your personal access token. diff --git a/doc/user/packages/container_registry/index.md b/doc/user/packages/container_registry/index.md index eecc17fd60d..18b86c4a357 100644 --- a/doc/user/packages/container_registry/index.md +++ b/doc/user/packages/container_registry/index.md @@ -236,7 +236,7 @@ combining the two to save us some typing in the `script` section. Here's a more elaborate example that splits up the tasks into 4 pipeline stages, including two tests that run in parallel. The `build` is stored in the container registry and used by subsequent stages, downloading the image -when needed. Changes to `master` also get tagged as `latest` and deployed using +when needed. Changes to `main` also get tagged as `latest` and deployed using an application-specific deploy script: ```yaml @@ -285,14 +285,14 @@ release-image: - docker tag $CONTAINER_TEST_IMAGE $CONTAINER_RELEASE_IMAGE - docker push $CONTAINER_RELEASE_IMAGE only: - - master + - main deploy: stage: deploy script: - ./deploy.sh only: - - master + - main ``` NOTE: @@ -436,7 +436,7 @@ build_image: only: - branches except: - - master + - main delete_image: image: docker:19.03.12 @@ -457,7 +457,7 @@ delete_image: only: - branches except: - - master + - main ``` NOTE: @@ -488,8 +488,8 @@ To delete the underlying layers and images that aren't associated with any tags, Cleanup policies can be run on all projects, with these exceptions: - For GitLab.com, the project must have been created after 2020-02-22. - Support for projects created earlier - [is planned](https://gitlab.com/gitlab-org/gitlab/-/issues/196124). + Support for projects created earlier is tracked + [in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/196124). - For self-managed GitLab instances, the project must have been created in GitLab 12.8 or later. However, an administrator can enable the cleanup policy for all projects (even those created before 12.8) in @@ -605,10 +605,10 @@ Here are examples of regex patterns you may want to use: v.+ ``` -- Match only the tag named `master`: +- Match only the tag named `main`: ```plaintext - master + main ``` - Match tags that are either named or start with `release`: @@ -617,10 +617,10 @@ Here are examples of regex patterns you may want to use: release.* ``` -- Match tags that either start with `v`, are named `master`, or begin with `release`: +- Match tags that either start with `v`, are named `main`, or begin with `release`: ```plaintext - (?:v.+|master|release.*) + (?:v.+|main|release.*) ``` ### Set cleanup limits to conserve resources @@ -675,11 +675,11 @@ You can set, update, and disable the cleanup policies using the GitLab API. Examples: -- Select all tags, keep at least 1 tag per image, clean up any tag older than 14 days, run once a month, preserve any images with the name `master` and the policy is enabled: +- Select all tags, keep at least 1 tag per image, clean up any tag older than 14 days, run once a month, preserve any images with the name `main` and the policy is enabled: ```shell curl --request PUT --header 'Content-Type: application/json;charset=UTF-8' --header "PRIVATE-TOKEN: <your_access_token>" \ - --data-binary '{"container_expiration_policy_attributes":{"cadence":"1month","enabled":true,"keep_n":1,"older_than":"14d","name_regex":"","name_regex_delete":".*","name_regex_keep":".*-master"}}' \ + --data-binary '{"container_expiration_policy_attributes":{"cadence":"1month","enabled":true,"keep_n":1,"older_than":"14d","name_regex":"","name_regex_delete":".*","name_regex_keep":".*-main"}}' \ "https://gitlab.example.com/api/v4/projects/2" ``` @@ -745,6 +745,47 @@ You can, however, remove the Container Registry for a project: The **Packages & Registries > Container Registry** entry is removed from the project's sidebar. +## Change visibility of the Container Registry + +By default, the Container Registry is visible to everyone with access to the project. +You can, however, change the visibility of the Container Registry for a project. + +See the [Container Registry visibility permissions](#container-registry-visibility-permissions) +for more details about the permissions that this setting grants to users. + +1. Go to your project's **Settings > General** page. +1. Expand the section **Visibility, project features, permissions**. +1. Under **Container Registry**, select an option from the dropdown: + + - **Everyone With Access** (Default): The Container Registry is visible to everyone with access + to the project. If the project is public, the Container Registry is also public. If the project + is internal or private, the Container Registry is also internal or private. + + - **Only Project Members**: The Container Registry is visible only to project members with + Reporter role or higher. This is similar to the behavior of a private project with Container + Registry visibility set to **Everyone With Access**. + +1. Select **Save changes**. + +## Container Registry visibility permissions + +The ability to view the Container Registry and pull images is controlled by the Container Registry's +visibility permissions. You can change this through the [visibility setting on the UI](#change-visibility-of-the-container-registry) +or the [API](../../../api/container_registry.md#change-the-visibility-of-the-container-registry). +[Other permissions](../../permissions.md) +such as updating the Container Registry, pushing or deleting images, and so on are not affected by +this setting. However, disabling the Container Registry disables all Container Registry operations. + +| | | Anonymous<br/>(Everyone on internet) | Guest | Reporter, Developer, Maintainer, Owner | +| -------------------- | --------------------- | --------- | ----- | ------------------------------------------ | +| Public project with Container Registry visibility <br/> set to **Everyone With Access** (UI) or `enabled` (API) | View Container Registry <br/> and pull images | Yes | Yes | Yes | +| Public project with Container Registry visibility <br/> set to **Only Project Members** (UI) or `private` (API) | View Container Registry <br/> and pull images | No | No | Yes | +| Internal project with Container Registry visibility <br/> set to **Everyone With Access** (UI) or `enabled` (API) | View Container Registry <br/> and pull images | No | Yes | Yes | +| Internal project with Container Registry visibility <br/> set to **Only Project Members** (UI) or `private` (API) | View Container Registry <br/> and pull images | No | No | Yes | +| Private project with Container Registry visibility <br/> set to **Everyone With Access** (UI) or `enabled` (API) | View Container Registry <br/> and pull images | No | No | Yes | +| Private project with Container Registry visibility <br/> set to **Only Project Members** (UI) or `private` (API) | View Container Registry <br/> and pull images | No | No | Yes | +| Any project with Container Registry `disabled` | All operations on Container Registry | No | No | No | + ## Manifest lists and garbage collection Manifest lists are commonly used for creating multi-architecture images. If you rely on manifest diff --git a/doc/user/packages/debian_repository/index.md b/doc/user/packages/debian_repository/index.md index 59213ccb1a0..789902c03e3 100644 --- a/doc/user/packages/debian_repository/index.md +++ b/doc/user/packages/debian_repository/index.md @@ -6,7 +6,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Debian packages in the Package Registry **(FREE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5835) in GitLab 14.1. +> - Debian API [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/42670) in GitLab 13.5. +> - Debian group API [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/66188) in GitLab 14.2. +> - [Deployed behind a feature flag](../../feature_flags.md), disabled by default. WARNING: The Debian package registry for GitLab is under development and isn't ready for production use due to @@ -20,7 +22,7 @@ Project and Group packages are supported. For documentation of the specific API endpoints that Debian package manager clients use, see the [Debian API documentation](../../../api/packages/debian.md). -## Enable Debian repository feature +## Enable the Debian API **(FREE SELF)** Debian repository support is still a work in progress. It's gated behind a feature flag that's **disabled by default**. @@ -39,10 +41,35 @@ To disable it: Feature.disable(:debian_packages) ``` +## Enable the Debian group API **(FREE SELF)** + +The Debian group repository is also behind a second feature flag that is disabled by default. + +To enable it: + +```ruby +Feature.enable(:debian_group_packages) +``` + +To disable it: + +```ruby +Feature.disable(:debian_group_packages) +``` + ## Build a Debian package Creating a Debian package is documented [on the Debian Wiki](https://wiki.debian.org/Packaging). +## Authenticate to the Package Registry + +To create a distribution, publish a package, or install a private package, you need one of the +following: + +- [Personal access token](../../../api/index.md#personalproject-access-tokens) +- [CI/CD job token](../../../api/index.md#gitlab-cicd-job-token) +- [Deploy token](../../project/deploy_tokens/index.md) + ## Create a Distribution On the project-level, Debian packages are published using *Debian Distributions*. To publish @@ -98,7 +125,7 @@ To upload these files, you can use `dput-ng >= 1.32` (Debian bullseye): cat <<EOF > dput.cf [gitlab] method = https -fqdn = <login>:<your_access_token>@gitlab.example.com +fqdn = <username>:<your_access_token>@gitlab.example.com incoming = /api/v4/projects/<project_id>/packages/debian EOF @@ -107,5 +134,27 @@ dput --config=dput.cf --unchecked --no-upload-log gitlab <your_package>.changes ## Install a package -The Debian package registry for GitLab is under development, and isn't ready for production use. You -cannot install packages from the registry. However, you can download files directly from the UI. +To install a package: + +1. Configure the repository: + + If you are using a private project, add your [credentials](#authenticate-to-the-package-registry) to your apt config: + + ```shell + echo 'machine gitlab.example.com login <username> password <your_access_token>' \ + | sudo tee /etc/apt/auth.conf.d/gitlab_project.conf + ``` + + Add your project as a source: + + ```shell + echo 'deb [trusted=yes] https://gitlab.example.com/api/v4/projects/<project_id>/packages/debian <codename> <component1> <component2>' \ + | sudo tee /etc/apt/sources.list.d/gitlab_project.list + sudo apt-get update + ``` + +1. Install the package: + + ```shell + sudo apt-get -y install -t <codename> <package-name> + ``` diff --git a/doc/user/packages/dependency_proxy/index.md b/doc/user/packages/dependency_proxy/index.md index e2957aff756..c76b0a6810f 100644 --- a/doc/user/packages/dependency_proxy/index.md +++ b/doc/user/packages/dependency_proxy/index.md @@ -20,7 +20,7 @@ upstream image from a registry, acting as a pull-through cache. ## Prerequisites -The Dependency Proxy must be [enabled by an administrator](../../../administration/packages/dependency_proxy.md). +- The Dependency Proxy is enabled by default but can be [turned off by an administrator](../../../administration/packages/dependency_proxy.md). ### Supported images and packages @@ -33,11 +33,6 @@ The following images and packages are supported. For a list of planned additions, view the [direction page](https://about.gitlab.com/direction/package/#dependency-proxy). -## Enable the Dependency Proxy - -The Dependency Proxy is disabled by default. -[Learn how an administrator can enable it](../../../administration/packages/dependency_proxy.md). - ## View the Dependency Proxy To view the Dependency Proxy: @@ -68,11 +63,6 @@ The requirement to authenticate is a breaking change added in 13.7. An [administ disable it](../../../administration/packages/dependency_proxy.md#disabling-authentication) if it has disrupted your existing Dependency Proxy usage. -WARNING: -If [SSO enforcement](../../group/saml_sso/index.md#sso-enforcement) -is enabled for your Group, requests to the dependency proxy will fail. This bug is being tracked in -[this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/294018). - Because the Dependency Proxy is storing Docker images in a space associated with your group, you must authenticate against the Dependency Proxy. @@ -89,6 +79,13 @@ You can authenticate using: - Your GitLab username and password. - A [personal access token](../../../user/profile/personal_access_tokens.md) with the scope set to `read_registry` and `write_registry`. +- A [group deploy token](../../../user/project/deploy_tokens/index.md#group-deploy-token) with the scope set to `read_registry` and `write_registry`. + +#### SAML SSO + +When [SSO enforcement](../../group/saml_sso/index.md#sso-enforcement) +is enabled, users must be signed-in through SSO before they can pull images through the Dependency +Proxy. #### Authenticate within CI/CD @@ -123,7 +120,7 @@ Proxy manually without including the port: docker pull gitlab.example.com:443/my-group/dependency_proxy/containers/alpine:latest ``` -You can also use [custom CI/CD variables](../../../ci/variables/index.md#custom-cicd-variables) to store and access your personal access token or other valid credentials. +You can also use [custom CI/CD variables](../../../ci/variables/index.md#custom-cicd-variables) to store and access your personal access token or deploy token. ### Store a Docker image in Dependency Proxy cache @@ -253,6 +250,10 @@ hub_docker_quota_check: TOKEN=$(curl "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ratelimitpreview/test:pull" | jq --raw-output .token) && curl --head --header "Authorization: Bearer $TOKEN" "https://registry-1.docker.io/v2/ratelimitpreview/test/manifests/latest" 2>&1 ``` +## Use the NPM Dependency Proxy for NPM packages + +For information on this, see [Dependency Proxy](../npm_registry/#dependency-proxy). + ## Troubleshooting ### Dependency Proxy Connection Failure diff --git a/doc/user/packages/generic_packages/index.md b/doc/user/packages/generic_packages/index.md index cb5258981be..aa6373b66cb 100644 --- a/doc/user/packages/generic_packages/index.md +++ b/doc/user/packages/generic_packages/index.md @@ -33,8 +33,6 @@ a [CI/CD job token](../../../api/index.md#gitlab-cicd-job-token), or a [deploy t When you publish a package file, if the package does not exist, it is created. -If a package with the same name, version, and filename already exists, it is also created. It does not overwrite the existing package. - Prerequisites: - You need to [authenticate with the API](../../../api/index.md#authentication). If authenticating with a deploy token, it must be configured with the `write_package_registry` scope. @@ -69,6 +67,30 @@ Example response: } ``` +### Publishing a package with the same name or version + +When you publish a package with the same name and version as an existing package, the new package +files are added to the existing package. You can still use the UI or API to access and view the +existing package's older files. To delete these older package revisions, consider using the Packages +API or the UI. + +#### Do not allow duplicate Generic packages + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/293755) in GitLab Free 13.12. + +To prevent users from publishing duplicate generic packages, you can use the [GraphQl API](../../../api/graphql/reference/index.md#packagesettings) +or the UI. + +In the UI: + +1. For your group, go to **Settings > Packages & Registries**. +1. Expand the **Package Registry** section. +1. Turn on the **Reject duplicates** toggle. +1. Optional. To allow some duplicate packages, in the **Exceptions** box enter a regex pattern that + matches the names and/or versions of packages to allow. + +Your changes are automatically saved. + ## Download package file Download a package file. @@ -131,6 +153,18 @@ download: - 'wget --header="JOB-TOKEN: $CI_JOB_TOKEN" ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/my_package/0.0.1/file.txt' ``` +When using a Windows runner with PowerShell, you must use `Invoke-WebRequest` or `Invoke-RestMethod` +instead of `curl` in the `upload` and `download` stages. + +For example: + +```yaml +upload: + stage: upload + script: + - Invoke-RestMethod -Headers @{ "JOB-TOKEN"="$CI_JOB_TOKEN" } -InFile path/to/file.txt -uri "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/my_package/0.0.1/file.txt" -Method put +``` + ### Enable or disable generic packages in the Package Registry Support for generic packages is under development but ready for production use. diff --git a/doc/user/packages/helm_repository/index.md b/doc/user/packages/helm_repository/index.md index 26d8bf76cd6..f98fc352ab5 100644 --- a/doc/user/packages/helm_repository/index.md +++ b/doc/user/packages/helm_repository/index.md @@ -8,10 +8,6 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18997) in GitLab 14.1. -WARNING: -The Helm package registry for GitLab is under development and isn't ready for production use due to -limited functionality. - Publish Helm packages in your project's Package Registry. Then install the packages whenever you need to use them as a dependency. @@ -20,7 +16,10 @@ clients use, see the [Helm API documentation](../../../api/packages/helm.md). ## Build a Helm package -Creating a Helm package is documented [in the Helm documentation](https://helm.sh/docs/intro/using_helm/#creating-your-own-charts). +Read more in the Helm documentation about these topics: + +- [Create your own Helm charts](https://helm.sh/docs/intro/using_helm/#creating-your-own-charts) +- [Package a Helm chart into a chart archive](https://helm.sh/docs/helm/helm_package/#helm-package) ## Authenticate to the Helm repository @@ -32,6 +31,10 @@ To authenticate to the Helm repository, you need either: ## Publish a package +NOTE: +You can publish Helm charts with duplicate names or versions. If duplicates exist, GitLab always +returns the chart with the latest version. + Once built, a chart can be uploaded to the `stable` channel with `curl` or `helm-push`: - With `curl`: @@ -87,3 +90,12 @@ helm repo update To update the Helm client with the most currently available charts. See [Using Helm](https://helm.sh/docs/intro/using_helm/) for more information. + +## Troubleshooting + +### The chart is not visible in the Package Registry after uploading + +Check the [Sidekiq log](../../../administration/logs.md#sidekiqlog) +for any related errors. If you see `Validation failed: Version is invalid`, it means that the +version in your `Chart.yaml` file does not follow [Helm Chart versioning specifications](https://helm.sh/docs/topics/charts/#charts-and-versioning). +To fix the error, use the correct version syntax and upload the chart again. diff --git a/doc/user/packages/maven_repository/index.md b/doc/user/packages/maven_repository/index.md index 70b9c28da76..17571047353 100644 --- a/doc/user/packages/maven_repository/index.md +++ b/doc/user/packages/maven_repository/index.md @@ -711,7 +711,7 @@ you can configure GitLab CI/CD to build new packages automatically. ### Create Maven packages with GitLab CI/CD by using Maven -You can create a new package each time the `master` branch is updated. +You can create a new package each time the `main` branch is updated. 1. Create a `ci_settings.xml` file that serves as Maven's `settings.xml` file. @@ -768,7 +768,7 @@ You can create a new package each time the `master` branch is updated. script: - 'mvn deploy -s ci_settings.xml' only: - - master + - main ``` 1. Push those files to your repository. @@ -781,7 +781,7 @@ user's home location. In this example: ### Create Maven packages with GitLab CI/CD by using Gradle -You can create a package each time the `master` branch +You can create a package each time the `main` branch is updated. 1. Authenticate with [a CI job token in Gradle](#authenticate-with-a-ci-job-token-in-gradle). @@ -794,7 +794,7 @@ is updated. script: - 'gradle publish' only: - - master + - main ``` 1. Commit files to your repository. diff --git a/doc/user/packages/npm_registry/index.md b/doc/user/packages/npm_registry/index.md index 1e5c294689b..fe7e6a0ea46 100644 --- a/doc/user/packages/npm_registry/index.md +++ b/doc/user/packages/npm_registry/index.md @@ -353,6 +353,13 @@ In this configuration: You cannot publish a package if a package of the same name and version already exists. You must delete the existing package first. +This rule has a different impact depending on the package name: + +- For packages following the [naming convention](#package-naming-convention), you can't publish a + package with a duplicate name and version to the root namespace. +- For packages not following the [naming convention](#package-naming-convention), you can't publish + a package with a duplicate name and version to the project you target with the upload. + This aligns with npmjs.org's behavior. However, npmjs.org does not ever let you publish the same version more than once, even if it has been deleted. @@ -594,3 +601,8 @@ The GitLab npm repository supports the following commands for the npm CLI (`npm` - `npm view`: Show package metadata. - `yarn add`: Install an npm package. - `yarn update`: Update your dependencies. + +## Dependency Proxy + +The NPM Dependency Proxy for NPM packages isn't available. For more information, see +[this epic](https://gitlab.com/groups/gitlab-org/-/epics/3608). diff --git a/doc/user/packages/nuget_repository/index.md b/doc/user/packages/nuget_repository/index.md index 46cfd763668..40e8b74c2b6 100644 --- a/doc/user/packages/nuget_repository/index.md +++ b/doc/user/packages/nuget_repository/index.md @@ -322,7 +322,7 @@ If you're using NuGet with GitLab CI/CD, a CI job token can be used instead of a personal access token or deploy token. The token inherits the permissions of the user that generates the pipeline. -This example shows how to create a new package each time the `master` branch is +This example shows how to create a new package each time the `main` branch is updated: 1. Add a `deploy` job to your `.gitlab-ci.yml` file: @@ -340,7 +340,7 @@ updated: - dotnet nuget add source "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/nuget/index.json" --name gitlab --username gitlab-ci-token --password $CI_JOB_TOKEN --store-password-in-clear-text - dotnet nuget push "bin/Release/*.nupkg" --source gitlab only: - - master + - main ``` 1. Commit the changes and push it to your GitLab repository to trigger a new CI/CD build. @@ -423,6 +423,21 @@ CLI (`dotnet`): - `nuget install`: Install a package from the registry. - `dotnet add`: Install a package from the registry. +## Example project + +For an example, see the Guided Exploration project +[Utterly Automated Software and Artifact Versioning with GitVersion](https://gitlab.com/guided-explorations/devops-patterns/utterly-automated-versioning). +This project: + +- Generates NuGet packages by the `msbuild` method. +- Generates NuGet packages by the `nuget.exe` method. +- Uses GitLab releases and `release-cli` in connection with NuGet packaging. +- Uses a tool called [GitVersion](https://gitversion.net/) + to automatically determine and increment versions for the NuGet package in complex repositories. + +You can copy this example project to your own group or instance for testing. See the project page +for more details on what other GitLab CI patterns are demonstrated. + ## Troubleshooting To improve performance, NuGet caches files related to a package. If you encounter issues, clear the diff --git a/doc/user/packages/pypi_repository/index.md b/doc/user/packages/pypi_repository/index.md index 30d61770094..2d54cfc5f7d 100644 --- a/doc/user/packages/pypi_repository/index.md +++ b/doc/user/packages/pypi_repository/index.md @@ -181,7 +181,9 @@ username = <your_personal_access_token_name> password = <your_personal_access_token> ``` -- Your project ID is on your project's home page. +The `<project_id>` is either the project's +[URL-encoded](../../../api/index.md#namespaced-path-encoding) +path (for example, `group%2Fproject`), or the project's ID (for example `42`). ### Authenticate with a deploy token @@ -198,7 +200,9 @@ username = <deploy token username> password = <deploy token> ``` -Your project ID is on your project's home page. +The `<project_id>` is either the project's +[URL-encoded](../../../api/index.md#namespaced-path-encoding) +path (for example, `group%2Fproject`), or the project's ID (for example `42`). ### Authenticate with a CI job token @@ -324,6 +328,11 @@ more than once, a `400 Bad Request` error occurs. ## Install a PyPI package +In [GitLab 14.2 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/233413), +when a PyPI package is not found in the Package Registry, the request is forwarded to [pypi.org](https://pypi.org/). + +Administrators can disable this behavior in the [Continuous Integration settings](../../admin_area/settings/continuous_integration.md). + ### Install from the project level To install the latest version of a package, use the following command: @@ -335,7 +344,8 @@ pip install --index-url https://<personal_access_token_name>:<personal_access_to - `<package_name>` is the package name. - `<personal_access_token_name>` is a personal access token name with the `read_api` scope. - `<personal_access_token>` is a personal access token with the `read_api` scope. -- `<project_id>` is the project ID. +- `<project_id>` is either the project's [URL-encoded](../../../api/index.md#namespaced-path-encoding) + path (for example, `group%2Fproject`), or the project's ID (for example `42`). In these commands, you can use `--extra-index-url` instead of `--index-url`. However, using `--extra-index-url` makes you vulnerable to dependency confusion attacks because it checks the PyPi diff --git a/doc/user/packages/terraform_module_registry/index.md b/doc/user/packages/terraform_module_registry/index.md index 1365f401506..e3b9563a143 100644 --- a/doc/user/packages/terraform_module_registry/index.md +++ b/doc/user/packages/terraform_module_registry/index.md @@ -35,8 +35,8 @@ PUT /projects/:id/packages/terraform/modules/:module_name/:module_system/:module | Attribute | Type | Required | Description | | -------------------| --------------- | ---------| -------------------------------------------------------------------------------------------------------------------------------- | | `id` | integer/string | yes | The ID or [URL-encoded path of the project](../../../api/index.md#namespaced-path-encoding). | -| `module_name` | string | yes | The package name. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), or hyphens (`-`). -| `module_system` | string | yes | The package name. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), or hyphens (`-`). +| `module_name` | string | yes | The package name. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), or hyphens (`-`) and cannot exceed 64 characters. +| `module_system` | string | yes | The package system. It can contain only lowercase letters (`a-z`) and numbers (`0-9`), and cannot exceed 64 characters. | `module_version` | string | yes | The package version. It must be valid according to the [Semantic Versioning Specification](https://semver.org/). Provide the file content in the request body. |