summaryrefslogtreecommitdiff
path: root/doc/user
diff options
context:
space:
mode:
Diffstat (limited to 'doc/user')
-rw-r--r--doc/user/admin_area/appearance.md2
-rw-r--r--doc/user/admin_area/settings/continuous_integration.md2
-rw-r--r--doc/user/analytics/productivity_analytics.md4
-rw-r--r--doc/user/application_security/container_scanning/index.md8
-rw-r--r--doc/user/application_security/sast/index.md71
-rw-r--r--doc/user/application_security/security_dashboard/index.md2
-rw-r--r--doc/user/group/epics/index.md10
-rw-r--r--doc/user/group/index.md2
-rw-r--r--doc/user/group/saml_sso/index.md2
-rw-r--r--doc/user/instance_statistics/user_cohorts.md2
-rw-r--r--doc/user/packages/conan_repository/index.md2
-rw-r--r--doc/user/permissions.md8
-rw-r--r--doc/user/project/import/bitbucket_server.md2
-rw-r--r--doc/user/project/issues/issue_data_and_actions.md8
-rw-r--r--doc/user/project/labels.md2
15 files changed, 108 insertions, 19 deletions
diff --git a/doc/user/admin_area/appearance.md b/doc/user/admin_area/appearance.md
index 876fb67ea73..80440b63f71 100644
--- a/doc/user/admin_area/appearance.md
+++ b/doc/user/admin_area/appearance.md
@@ -47,7 +47,7 @@ instance, including the sign in / sign up page. The default color is white text
an orange background, but this can be customized by clicking on **Customize colors**.
Limited [Markdown](../markdown.md) is supported, such as bold, italics, and links, for
-example. Other Markdown features, including lists, images and quotes, are not supported,
+example. Other Markdown features, including lists, images, and quotes are not supported
as the header and footer messages can only be a single line.
![header and footer screenshot](img/appearance_header_footer_v12_3.png)
diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md
index da982acd28e..a77baf5d46c 100644
--- a/doc/user/admin_area/settings/continuous_integration.md
+++ b/doc/user/admin_area/settings/continuous_integration.md
@@ -4,7 +4,7 @@ type: reference
# Continuous Integration and Deployment Admin settings **(CORE ONLY)**
-In this area, you will find settings for Auto DevOps, Runners and job artifacts.
+In this area, you will find settings for Auto DevOps, Runners, and job artifacts.
You can find it in the **Admin Area > Settings > CI/CD**.
![Admin Area settings button](../img/admin_area_settings_button.png)
diff --git a/doc/user/analytics/productivity_analytics.md b/doc/user/analytics/productivity_analytics.md
index d80ffded000..0fa990150d7 100644
--- a/doc/user/analytics/productivity_analytics.md
+++ b/doc/user/analytics/productivity_analytics.md
@@ -8,7 +8,7 @@ For many companies, the development cycle is a blackbox and getting an estimate
long, on average, it takes to deliver features is an enormous endeavor.
While [Value Stream Analytics](../project/cycle_analytics.md) focuses on the entire
-Software Development Life Cycle (SDLC) process, Productivity Analytics provides a way for Engineering Management to drill down in a systematic way to uncover patterns and causes for success or failure at an individual, project or group level.
+Software Development Life Cycle (SDLC) process, Productivity Analytics provides a way for Engineering Management to drill down in a systematic way to uncover patterns and causes for success or failure at an individual, project, or group level.
Productivity can slow down for many reasons ranging from degrading code base to quickly growing teams. In order to investigate, department or team leaders can start by visualizing the time it takes for merge requests to be merged.
@@ -18,7 +18,7 @@ Productivity Analytics allows GitLab users to:
- Visualize typical merge request (MR) lifetime and statistics. Use a histogram that shows the distribution of the time elapsed between creating and merging merge requests.
- Drill down into the most time consuming merge requests, select a number of outliers, and filter down all subsequent charts to investigate potential causes.
-- Filter by group, project, author, label, milestone, or a specific date range. Filter down, for example, to the merge requests of a specific author in a group or project during a milestone or specific date range.
+- Filter by group, project, author, label, milestone, or a specific date range. For example, filter down to the merge requests of a specific author in a group or project during a milestone or specific date range.
- Measure velocity over time. Visualize the trends of each metric from the charts above over time in order to observe progress. Zoom in on a particular date range if you notice outliers.
## Accessing metrics and visualizations
diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md
index 0277576c96d..aa7aba97c08 100644
--- a/doc/user/application_security/container_scanning/index.md
+++ b/doc/user/application_security/container_scanning/index.md
@@ -35,6 +35,10 @@ Having an extra job in your pipeline that checks for those vulnerabilities,
and the fact that they are displayed inside a merge request, makes it very easy
to perform audits for your Docker-based apps.
+[//]: # "NOTE: The container scanning tool references the following heading in the code, so if you"
+[//]: # " make a change to this heading, make sure to update the documentation URLs used in the"
+[//]: # " container scanning tool (https://gitlab.com/gitlab-org/security-products/analyzers/klar)"
+
## Requirements
To enable Container Scanning in your pipeline, you need:
@@ -158,6 +162,10 @@ container_scanning:
GIT_STRATEGY: fetch
```
+[//]: # "NOTE: The container scanning tool references the following heading in the code, so if you"
+[//]: # " make a change to this heading, make sure to update the documentation URLs used in the"
+[//]: # " container scanning tool (https://gitlab.com/gitlab-org/security-products/analyzers/klar)"
+
### Available variables
Container Scanning can be [configured](#overriding-the-container-scanning-template)
diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md
index 675fc6c4f2a..9fbbd594cb2 100644
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -476,6 +476,77 @@ Once a vulnerability is found, you can interact with it. Read more on how to
For more information about the vulnerabilities database update, check the
[maintenance table](../index.md#maintenance-and-update-of-the-vulnerabilities-database).
+## GitLab SAST in an offline air-gapped installation
+
+For self-managed GitLab instances in an environment with limited, restricted, or intermittent access
+to external resources via the internet, some adjustments are required for the SAST job to
+successfully run.
+
+### Requirements for offline SAST
+
+To use SAST in an offline environment, you need:
+
+- GitLab Runner with the [`docker` or `kubernetes` executor](#requirements).
+- Docker Container Registry with locally available copies of SAST [analyzer](https://gitlab.com/gitlab-org/security-products/analyzers) images.
+
+NOTE: **Note:**
+GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy),
+meaning the runner may try to pull remote images even if a local copy is available. Set GitLab
+Runner's [`pull_policy` to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy)
+in an offline environment if you prefer using only locally available Docker images.
+
+### Make GitLab SAST analyzer images available inside your Docker registry
+
+For SAST with all [supported languages and frameworks](#supported-languages-and-frameworks),
+import the following default SAST analyzer images from `registry.gitlab.com` to your local "offline"
+registry:
+
+```
+registry.gitlab.com/gitlab-org/security-products/analyzers/bandit:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/brakeman:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/eslint:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/flawfinder:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/go-ast-scanner:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/gosec:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/kubesec:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/nodejs-scan:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/pmd-apex:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/secrets:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/security-code-scan:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/sobelow:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/spotbugs:2
+registry.gitlab.com/gitlab-org/security-products/analyzers/tslint:2
+```
+
+The process for importing Docker images into a local offline Docker registry depends on
+**your network security policy**. Please consult your IT staff to find an accepted and approved
+process by which external resources can be imported or temporarily accessed. Note that these scanners are [updated periodically](../index.md#maintenance-and-update-of-the-vulnerabilities-database)
+with new definitions, so consider if you are able to make periodic updates yourself.
+
+For details on saving and transporting Docker images as a file, see Docker's documentation on
+[`docker save`](https://docs.docker.com/engine/reference/commandline/save/), [`docker load`](https://docs.docker.com/engine/reference/commandline/load/),
+[`docker export`](https://docs.docker.com/engine/reference/commandline/export/), and [`docker import`](https://docs.docker.com/engine/reference/commandline/import/).
+
+### Set SAST CI job variables to use local SAST analyzers
+
+[Override SAST environment variables](#customizing-the-sast-settings) to use to your [local container registry](./analyzers.md#using-a-custom-docker-mirror)
+as the source for SAST analyzer images.
+
+For example, assuming a local Docker registry repository of `localhost:5000/analyzers`:
+
+ ```yaml
+include:
+ - template: SAST.gitlab-ci.yml
+
+variables:
+ SAST_ANALYZER_IMAGE_PREFIX: "localhost:5000/analyzers"
+ SAST_DISABLE_DIND: "true"
+ ```
+
+The SAST job should now use local copies of the SAST analyzers to scan your code and generate
+security reports without requiring internet access.
+
## Troubleshooting
### Error response from daemon: error processing tar file: docker-tar: relocation error
diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md
index a376ac1f26b..4b8c7aaac15 100644
--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -26,7 +26,7 @@ The Security Dashboard supports the following reports:
## Requirements
-To use the instance, group, project or pipeline security dashboard:
+To use the instance, group, project, or pipeline security dashboard:
1. At least one project inside a group must be configured with at least one of
the [supported reports](#supported-reports).
diff --git a/doc/user/group/epics/index.md b/doc/user/group/epics/index.md
index 91d6984efc5..421a43ba818 100644
--- a/doc/user/group/epics/index.md
+++ b/doc/user/group/epics/index.md
@@ -156,10 +156,12 @@ These are dynamic dates which are recalculated if any of the following occur:
> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/7332) in GitLab 12.5 to replace **From milestones**.
-If you select **Inherited** for the start date, GitLab will scan all child epics and issues assigned to the epic,
-and will set the start date to match the earliest found start date or milestone. Similarly, if you select
-**Inherited** for the due date, GitLab will set the due date to match the latest due date or milestone
-found among its child epics and issues.
+If you select:
+
+- **Inherited** for the start date, GitLab will scan all child epics and issues assigned to the epic,
+ and will set the start date to match the earliest found start date or milestone.
+- **Inherited** for the due date, GitLab will set the due date to match the latest due date or
+ milestone found among its child epics and issues.
These are dynamic dates and recalculated if any of the following occur:
diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index cca82f6a4fb..1956cd97b5d 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -347,7 +347,7 @@ Changing a group's path can have unintended side effects. Read
before proceeding.
If you are vacating the path so it can be claimed by another group or user,
-you may need to rename the group, too, since both names and paths must
+you may need to rename the group too, since both names and paths must
be unique.
To change your group path:
diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md
index 8aad15671e1..e81ce4c15cb 100644
--- a/doc/user/group/saml_sso/index.md
+++ b/doc/user/group/saml_sso/index.md
@@ -266,7 +266,7 @@ For example, to unlink the `MyOrg` account, the following **Disconnect** button
| Term | Description |
|------|-------------|
-| Identity Provider | The service which manages your user identities such as ADFS, Okta, Onelogin or Ping Identity. |
+| Identity Provider | The service which manages your user identities such as ADFS, Okta, Onelogin, or Ping Identity. |
| Service Provider | SAML considers GitLab to be a service provider. |
| Assertion | A piece of information about a user's identity, such as their name or role. Also know as claims or attributes. |
| SSO | Single Sign On. |
diff --git a/doc/user/instance_statistics/user_cohorts.md b/doc/user/instance_statistics/user_cohorts.md
index e664c38a21a..a61c4274286 100644
--- a/doc/user/instance_statistics/user_cohorts.md
+++ b/doc/user/instance_statistics/user_cohorts.md
@@ -25,5 +25,5 @@ How do we measure the activity of users? GitLab considers a user active if:
- The user signs in.
- The user has Git activity (whether push or pull).
-- The user visits pages related to Dashboards, Projects, Issues and Merge Requests ([introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/54947) in GitLab 11.8).
+- The user visits pages related to Dashboards, Projects, Issues, and Merge Requests ([introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/54947) in GitLab 11.8).
- The user uses the API
diff --git a/doc/user/packages/conan_repository/index.md b/doc/user/packages/conan_repository/index.md
index 522d6652e7a..3b993303391 100644
--- a/doc/user/packages/conan_repository/index.md
+++ b/doc/user/packages/conan_repository/index.md
@@ -198,7 +198,7 @@ Add the Conan recipe to the `[requires]` section of the file:
cmake
```
-Next, from the root of your project, create a build directory and navigate to it:
+Next, create a build directory from the root of your project and navigate to it:
```shell
mkdir build && cd build
diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 684aab12195..a6f7b2ba7af 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -9,7 +9,11 @@ particular group or project. If a user is both in a project's group and the
project itself, the highest permission level is used.
On public and internal projects the Guest role is not enforced. All users will
-be able to create issues, leave comments, and clone or download the project code.
+be able to:
+
+- Create issues.
+- Leave comments.
+- Clone or download the project code.
When a member leaves a team's project, all the assigned [Issues](project/issues/index.md) and [Merge Requests](project/merge_requests/index.md)
will be unassigned automatically.
@@ -267,7 +271,7 @@ External users:
logged out).
Access can be granted by adding the user as member to the project or group.
-They will, like usual users, receive a role in the project or group with all
+Like usual users, they will receive a role in the project or group with all
the abilities that are mentioned in the [permissions table above](#project-members-permissions).
For example, if an external user is added as Guest, and your project is
private, they will not have access to the code; you would need to grant the external
diff --git a/doc/user/project/import/bitbucket_server.md b/doc/user/project/import/bitbucket_server.md
index fd62165053e..32f986890b9 100644
--- a/doc/user/project/import/bitbucket_server.md
+++ b/doc/user/project/import/bitbucket_server.md
@@ -39,7 +39,7 @@ Import your projects from Bitbucket Server to GitLab with minimal effort.
The Bitbucket Server importer works as follows:
-1. The user will be prompted to enter the URl, username, and password or personal access token to login to Bitbucket.
+1. The user will be prompted to enter the URL, username, and password (or personal access token) to log in to Bitbucket.
These credentials are preserved only as long as the importer is running.
1. The importer will attempt to list all the current repositories on the Bitbucket Server.
1. Upon selection, the importer will clone the repository and import pull requests and comments.
diff --git a/doc/user/project/issues/issue_data_and_actions.md b/doc/user/project/issues/issue_data_and_actions.md
index 8bb43b1231f..d6576fc780d 100644
--- a/doc/user/project/issues/issue_data_and_actions.md
+++ b/doc/user/project/issues/issue_data_and_actions.md
@@ -200,8 +200,12 @@ to let them know your reaction without spamming them.
#### 21. Show all activity
You can filter what is displayed in the issue history by clicking on **Show all activity**
-and selecting either **Show comments only**, which only shows threads and hides
-updates to the issue, or **Show history only**, which hides threads and only shows updates.
+and selecting either:
+
+- **Show comments only**, which only shows threads and hides updates to the issue.
+- **Show history only**, which hides threads and only shows updates.
+
+Also:
- You can mention a user or a group present in your GitLab instance with
`@username` or `@groupname` and they will be notified via To-Do items
diff --git a/doc/user/project/labels.md b/doc/user/project/labels.md
index a5a7fc34ef9..cd106b062f4 100644
--- a/doc/user/project/labels.md
+++ b/doc/user/project/labels.md
@@ -210,7 +210,7 @@ means higher priority.
![Drag to change label priority](img/labels_drag_priority_v12_1.gif)
-On the epic, merge request, and issue list pages, for both groups and projects, you
+On the epic, merge request, and issue list pages (for both groups and projects) you
can sort by `Label priority` or `Priority`.
If you sort by `Label priority`, GitLab uses this sort comparison order: