root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2021-06-15 03:10:34 +00:00
parent 94668f5cca
commit 03c5d7f2c1
32 changed files with 664 additions and 605 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Gemfile
View File

@ -482,6 +482,9 @@ gem 'spamcheck', '~> 0.1.0'
# Gitaly GRPC protocol definitions
gem 'gitaly', '~> 13.12.0.pre.rc1'
# KAS GRPC protocol definitions
gem 'kas-grpc', '~> 0.0.2'
gem 'grpc', '~> 1.30.2'
gem 'google-protobuf', '~> 3.17.1'

3
Gemfile.lock
View File

@ -682,6 +682,8 @@ GEM
activerecord
kaminari-core (= 1.2.1)
kaminari-core (1.2.1)
kas-grpc (0.0.2)
grpc (~> 1.0)
knapsack (1.21.1)
rake
kramdown (2.3.1)
@ -1520,6 +1522,7 @@ DEPENDENCIES
json_schemer (~> 0.2.12)
jwt (~> 2.1.0)
kaminari (~> 1.0)
kas-grpc (~> 0.0.2)
knapsack (~> 1.21.1)
kramdown (~> 2.3.1)
kubeclient (~> 4.9.1)

8
config/feature_flags/development/gitaly_backup.yml Normal file
View File

@ -0,0 +1,8 @@
---
name: gitaly_backup
introduced_by_url: https://gitlab.com/gitlab-org/gitaly/-/merge_requests/3554
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/333034
milestone: '14.0'
type: development
group: group::gitaly
default_enabled: false

1
doc/administration/index.md
View File

@ -103,7 +103,6 @@ Learn how to install, configure, update, and maintain your GitLab instance.
- [GitLab in maintenance mode](maintenance_mode/index.md): Put GitLab in maintenance mode.
- [Update GitLab](../update/index.md): Update guides to upgrade your installation to a new version.
- [Upgrading without downtime](../update/index.md#upgrading-without-downtime): Upgrade to a newer major, minor, or patch version of GitLab without taking your GitLab instance offline.
- [Migrate your GitLab CI/CD data to another version of GitLab](../migrate_ci_to_ce/README.md): If you have an old GitLab installation (older than 8.0), follow this guide to migrate your existing GitLab CI/CD data to another version of GitLab.
### Upgrading or downgrading GitLab

88
doc/api/graphql/reference/index.md
View File

@ -4247,6 +4247,29 @@ Some of the types in the schema exist solely to model connections. Each connecti
has a distinct, named type, with a distinct named edge type. These are listed separately
below.
#### `AgentConfigurationConnection`
The connection type for [`AgentConfiguration`](#agentconfiguration).
##### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="agentconfigurationconnectionedges"></a>`edges` | [`[AgentConfigurationEdge]`](#agentconfigurationedge) | A list of edges. |
| <a id="agentconfigurationconnectionnodes"></a>`nodes` | [`[AgentConfiguration]`](#agentconfiguration) | A list of nodes. |
| <a id="agentconfigurationconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. |
#### `AgentConfigurationEdge`
The edge type for [`AgentConfiguration`](#agentconfiguration).
##### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="agentconfigurationedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. |
| <a id="agentconfigurationedgenode"></a>`node` | [`AgentConfiguration`](#agentconfiguration) | The item at the end of the edge. |
#### `AlertManagementAlertConnection`
The connection type for [`AlertManagementAlert`](#alertmanagementalert).
@ -5753,6 +5776,29 @@ The edge type for [`Namespace`](#namespace).
| <a id="namespaceedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. |
| <a id="namespaceedgenode"></a>`node` | [`Namespace`](#namespace) | The item at the end of the edge. |
#### `NetworkPolicyConnection`
The connection type for [`NetworkPolicy`](#networkpolicy).
##### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="networkpolicyconnectionedges"></a>`edges` | [`[NetworkPolicyEdge]`](#networkpolicyedge) | A list of edges. |
| <a id="networkpolicyconnectionnodes"></a>`nodes` | [`[NetworkPolicy]`](#networkpolicy) | A list of nodes. |
| <a id="networkpolicyconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. |
#### `NetworkPolicyEdge`
The edge type for [`NetworkPolicy`](#networkpolicy).
##### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="networkpolicyedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. |
| <a id="networkpolicyedgenode"></a>`node` | [`NetworkPolicy`](#networkpolicy) | The item at the end of the edge. |
#### `NoteConnection`
The connection type for [`Note`](#note).
@ -6886,6 +6932,16 @@ Represents the access level of a relationship between a User and object that it
| <a id="accesslevelintegervalue"></a>`integerValue` | [`Int`](#int) | Integer representation of access level. |
| <a id="accesslevelstringvalue"></a>`stringValue` | [`AccessLevelEnum`](#accesslevelenum) | String representation of access level. |
### `AgentConfiguration`
Configuration details for an Agent.
#### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="agentconfigurationagentname"></a>`agentName` | [`String`](#string) | Name of the agent. |
### `AlertManagementAlert`
Describes an alert from the project's Alert Management.
@ -10642,6 +10698,21 @@ four standard [pagination arguments](#connection-pagination-arguments):
| <a id="namespaceprojectssearch"></a>`search` | [`String`](#string) | Search project with most similar names or paths. |
| <a id="namespaceprojectssort"></a>`sort` | [`NamespaceProjectSort`](#namespaceprojectsort) | Sort projects by this criteria. |
### `NetworkPolicy`
Represents the network policy.
#### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="networkpolicyenabled"></a>`enabled` | [`Boolean!`](#boolean) | Indicates whether this policy is enabled. |
| <a id="networkpolicyfromautodevops"></a>`fromAutoDevops` | [`Boolean!`](#boolean) | Indicates whether this policy is created from AutoDevops. |
| <a id="networkpolicyname"></a>`name` | [`String!`](#string) | Name of the policy. |
| <a id="networkpolicynamespace"></a>`namespace` | [`String!`](#string) | Namespace of the policy. |
| <a id="networkpolicyupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of when the policy YAML was last updated. |
| <a id="networkpolicyyaml"></a>`yaml` | [`String!`](#string) | YAML definition of the policy. |
### `Note`
#### Fields
@ -11036,6 +11107,7 @@ Represents vulnerability finding of a security report on the pipeline.
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="projectactualrepositorysizelimit"></a>`actualRepositorySizeLimit` | [`Float`](#float) | Size limit for the repository in bytes. |
| <a id="projectagentconfigurations"></a>`agentConfigurations` | [`AgentConfigurationConnection`](#agentconfigurationconnection) | Agent configurations defined by the project. (see [Connections](#connections)) |
| <a id="projectallowmergeonskippedpipeline"></a>`allowMergeOnSkippedPipeline` | [`Boolean`](#boolean) | If `only_allow_merge_if_pipeline_succeeds` is true, indicates if merge requests of the project can also be merged with skipped jobs. |
| <a id="projectapifuzzingciconfiguration"></a>`apiFuzzingCiConfiguration` | [`ApiFuzzingCiConfiguration`](#apifuzzingciconfiguration) | API fuzzing configuration for the project. |
| <a id="projectarchived"></a>`archived` | [`Boolean`](#boolean) | Indicates the archived status of the project. |
@ -11618,6 +11690,22 @@ four standard [pagination arguments](#connection-pagination-arguments):
| <a id="projectmilestonestimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
| <a id="projectmilestonestitle"></a>`title` | [`String`](#string) | The title of the milestone. |
##### `Project.networkPolicies`
Network Policies of the project.
Returns [`NetworkPolicyConnection`](#networkpolicyconnection).
This field returns a [connection](#connections). It accepts the
four standard [pagination arguments](#connection-pagination-arguments):
`before: String`, `after: String`, `first: Int`, `last: Int`.
###### Arguments
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="projectnetworkpoliciesenvironmentid"></a>`environmentId` | [`EnvironmentID`](#environmentid) | The global ID of the environment to filter policies. |
##### `Project.packages`
Packages of the project.

42
doc/api/merge_request_approvals.md
View File

@ -29,7 +29,7 @@ GET /projects/:id/approvals
| Attribute | Type | Required | Description |
| --------- | ------- | -------- | ------------------- |
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
```json
{
@ -58,7 +58,7 @@ POST /projects/:id/approvals
| Attribute | Type | Required | Description |
| ------------------------------------------------ | ------- | -------- | --------------------------------------------------------------------------------------------------- |
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `approvals_before_merge` | integer | no | How many approvals are required before an MR can be merged. Deprecated in 12.0 in favor of Approval Rules API. |
| `reset_approvals_on_push` | boolean | no | Reset approvals on a new push |
| `disable_overriding_approvers_per_merge_request` | boolean | no | Allow/Disallow overriding approvers per MR |
@ -93,7 +93,7 @@ GET /projects/:id/approval_rules
| Attribute | Type | Required | Description |
|----------------------|---------|----------|-----------------------------------------------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
```json
[
@ -192,7 +192,7 @@ GET /projects/:id/approval_rules/:approval_rule_id
| Attribute | Type | Required | Description |
|----------------------|---------|----------|-----------------------------------------------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `approval_rule_id` | integer | yes | The ID of a approval rule |
```json
@ -291,7 +291,7 @@ POST /projects/:id/approval_rules
| Attribute | Type | Required | Description |
|------------------------|---------|----------|------------------------------------------------------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `name` | string | yes | The name of the approval rule |
| `approvals_required` | integer | yes | The number of required approvals for this rule |
| `user_ids` | Array | no | The ids of users as approvers |
@ -396,7 +396,7 @@ PUT /projects/:id/approval_rules/:approval_rule_id
| Attribute | Type | Required | Description |
|------------------------|---------|----------|------------------------------------------------------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `approval_rule_id` | integer | yes | The ID of a approval rule |
| `name` | string | yes | The name of the approval rule |
| `approvals_required` | integer | yes | The number of required approvals for this rule |
@ -500,7 +500,7 @@ DELETE /projects/:id/approval_rules/:approval_rule_id
| Attribute | Type | Required | Description |
|----------------------|---------|----------|-----------------------------------------------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `approval_rule_id` | integer | yes | The ID of a approval rule
## Merge Request-level MR approvals
@ -523,7 +523,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/approvals
| Attribute | Type | Required | Description |
|---------------------|---------|----------|---------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `merge_request_iid` | integer | yes | The IID of MR |
```json
@ -570,7 +570,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/approvals
| Attribute | Type | Required | Description |
|----------------------|---------|----------|--------------------------------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `merge_request_iid` | integer | yes | The IID of MR |
| `approvals_required` | integer | yes | Approvals required before MR can be merged. Deprecated in 12.0 in favor of Approval Rules API. |
@ -612,7 +612,7 @@ This includes additional information about the users who have already approved
| Attribute | Type | Required | Description |
|----------------------|---------|----------|---------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `merge_request_iid` | integer | yes | The IID of MR |
```json
@ -679,7 +679,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/approval_rules
| Attribute | Type | Required | Description |
|---------------------|---------|----------|---------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `merge_request_iid` | integer | yes | The IID of MR |
```json
@ -757,7 +757,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/approval_rules
| Attribute | Type | Required | Description |
|----------------------------|---------|----------|------------------------------------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `merge_request_iid` | integer | yes | The IID of MR |
| `name` | string | yes | The name of the approval rule |
| `approvals_required` | integer | yes | The number of required approvals for this rule |
@ -847,7 +847,7 @@ These are system generated rules.
| Attribute | Type | Required | Description |
|----------------------|---------|----------|------------------------------------------------|
| `id` | integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `merge_request_iid` | integer | yes | The ID of MR |
| `approval_rule_id` | integer | yes | The ID of a approval rule |
| `name` | string | yes | The name of the approval rule |
@ -931,9 +931,9 @@ These are system generated rules.
| Attribute | Type | Required | Description |
|---------------------|---------|----------|---------------------------|
| `id` | integer | yes | The ID of a project |
| `merge_request_iid` | integer | yes | The ID of MR |
| `approval_rule_id` | integer | yes | The ID of a approval rule |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `merge_request_iid` | integer | yes | The IID of the merge request |
| `approval_rule_id` | integer | yes | The ID of an approval rule |
## Approve Merge Request
@ -951,9 +951,9 @@ POST /projects/:id/merge_requests/:merge_request_iid/approve
| Attribute | Type | Required | Description |
|---------------------|---------|----------|-------------------------|
| `id` | integer | yes | The ID of a project |
| `merge_request_iid` | integer | yes | The IID of MR |
| `sha` | string | no | The HEAD of the MR |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `merge_request_iid` | integer | yes | The IID of the merge request |
| `sha` | string | no | The `HEAD` of the merge request |
| `approval_password` **(PREMIUM)** | string | no | Current user's password. Required if [**Require user password to approve**](../user/project/merge_requests/approvals/settings.md#require-authentication-for-approvals) is enabled in the project settings. |
The `sha` parameter works in the same way as
@ -1015,5 +1015,5 @@ POST /projects/:id/merge_requests/:merge_request_iid/unapprove
| Attribute | Type | Required | Description |
|---------------------|---------|----------|---------------------|
| `id` | integer | yes | The ID of a project |
| `merge_request_iid` | integer | yes | The IID of MR |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) |
| `merge_request_iid` | integer | yes | The IID of a merge request |

4
doc/api/notification_settings.md
View File

@ -123,7 +123,7 @@ curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/a
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The group/project ID or path |
| `id` | integer or string | yes | The ID, or [URL-encoded path, of the group or project](README.md#namespaced-path-encoding). |
Example response:
@ -149,7 +149,7 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The group/project ID or path |
| `id` | integer or string | yes | The ID, or [URL-encoded path, of the group or project](README.md#namespaced-path-encoding) |
| `level` | string | no | The global notification level |
| `new_note` | boolean | no | Enable/disable this notification |
| `new_issue` | boolean | no | Enable/disable this notification |

10
doc/api/project_clusters.md
View File

@ -22,7 +22,7 @@ Parameters:
| Attribute | Type | Required | Description |
| --------- | ------- | -------- | ----------------------------------------------------- |
| `id` | integer | yes | The ID of the project owned by the authenticated user |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
Example request:
@ -92,7 +92,7 @@ Parameters:
| Attribute | Type | Required | Description |
| ------------ | ------- | -------- | ----------------------------------------------------- |
| `id` | integer | yes | The ID of the project owned by the authenticated user |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
| `cluster_id` | integer | yes | The ID of the cluster |
Example request:
@ -186,7 +186,7 @@ Parameters:
| Attribute | Type | Required | Description |
| ---------------------------------------------------- | ------- | -------- | ----------------------------------------------------------------------------------------------------- |
| `id` | integer | yes | The ID of the project owned by the authenticated user |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
| `name` | string | yes | The name of the cluster |
| `domain` | string | no | The [base domain](../user/project/clusters/index.md#base-domain) of the cluster |
| `management_project_id` | integer | no | The ID of the [management project](../user/clusters/management_project.md) for the cluster |
@ -283,7 +283,7 @@ Parameters:
| Attribute | Type | Required | Description |
| ------------------------------------------- | ------- | -------- | ------------------------------------------------------------------------------------------ |
| `id` | integer | yes | The ID of the project owned by the authenticated user |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
| `cluster_id` | integer | yes | The ID of the cluster |
| `name` | string | no | The name of the cluster |
| `domain` | string | no | The [base domain](../user/project/clusters/index.md#base-domain) of the cluster |
@ -395,7 +395,7 @@ Parameters:
| Attribute | Type | Required | Description |
| ------------ | ------- | -------- | ----------------------------------------------------- |
| `id` | integer | yes | The ID of the project owned by the authenticated user |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
| `cluster_id` | integer | yes | The ID of the cluster |
Example request:

4
doc/api/project_snippets.md
View File

@ -239,7 +239,7 @@ curl "https://gitlab.com/api/v4/projects/1/snippets/2/files/master/snippet%2Erb/
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/29508) in GitLab 9.4.
Available only for users with Administrator [permissions](../user/permissions.md).
Available only for users with the Administrator [role](../user/permissions.md).
```plaintext
GET /projects/:id/snippets/:snippet_id/user_agent_detail
@ -247,7 +247,7 @@ GET /projects/:id/snippets/:snippet_id/user_agent_detail
| Attribute | Type | Required | Description |
|---------------|---------|----------|--------------------------------------|
| `id` | Integer | yes | The ID of a project |
| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding). |
| `snippet_id` | Integer | yes | The ID of a snippet |
Example request:

72
doc/api/projects.md
View File

@ -827,7 +827,7 @@ GET /projects/:id
| Attribute | Type | Required | Description |
|--------------------------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `license` | boolean | **{dotted-circle}** No | Include project license data. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. |
| `with_custom_attributes` | boolean | **{dotted-circle}** No | Include [custom attributes](custom_attributes.md) in response. _(admins only)_ |
@ -1080,7 +1080,7 @@ GET /projects/:id/users
| Attribute | Type | Required | Description |
|--------------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `search` | string | **{dotted-circle}** No | Search for specific users. |
| `skip_users` | integer array | **{dotted-circle}** No | Filter out users with the specified IDs. |
@ -1115,7 +1115,7 @@ GET /projects/:id/groups
| Attribute | Type | Required | Description |
|-----------------------------|-------------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `search` | string | **{dotted-circle}** No | Search for specific groups. |
| `skip_groups` | array of integers | **{dotted-circle}** No | Skip the group IDs passed. |
| `with_shared` | boolean | **{dotted-circle}** No | Include projects shared with this group. Default is `false`. |
@ -1335,7 +1335,7 @@ PUT /projects/:id
| `emails_disabled` | boolean | **{dotted-circle}** No | Disable email notifications. |
| `external_authorization_classification_label` **(PREMIUM)** | string | **{dotted-circle}** No | The classification label for the project. |
| `forking_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `import_url` | string | **{dotted-circle}** No | URL to import repository from. |
| `issues_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. |
| `issues_enabled` | boolean | **{dotted-circle}** No | _(Deprecated)_ Enable issues for this project. Use `issues_access_level` instead. |
@ -1393,11 +1393,11 @@ POST /projects/:id/fork
| Attribute | Type | Required | Description |
|------------------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `name` | string | **{dotted-circle}** No | The name assigned to the resultant project after forking. |
| `namespace_id` | integer | **{dotted-circle}** No | The ID of the namespace that the project is forked to. |
| `namespace_path` | string | **{dotted-circle}** No | The path of the namespace that the project is forked to. |
| `namespace` | integer/string | **{dotted-circle}** No | _(Deprecated)_ The ID or path of the namespace that the project is forked to. |
| `namespace` | integer or string | **{dotted-circle}** No | _(Deprecated)_ The ID or path of the namespace that the project is forked to. |
| `path` | string | **{dotted-circle}** No | The path assigned to the resultant project after forking. |
| `description` | string | **{dotted-circle}** No | The description assigned to the resultant project after forking. |
| `visibility` | string | **{dotted-circle}** No | The [visibility level](#project-visibility-level) assigned to the resultant project after forking. |
@ -1416,7 +1416,7 @@ GET /projects/:id/forks
| Attribute | Type | Required | Description |
|-------------------------------|----------------|------------------------|-------------|
| `archived` | boolean | **{dotted-circle}** No | Limit by archived status. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `membership` | boolean | **{dotted-circle}** No | Limit by projects that the current user is a member of. |
| `min_access_level` | integer | **{dotted-circle}** No | Limit by current user minimal [access level](members.md#valid-access-levels). |
| `order_by` | string | **{dotted-circle}** No | Return projects ordered by `id`, `name`, `path`, `created_at`, `updated_at`, or `last_activity_at` fields. Default is `created_at`. |
@ -1522,7 +1522,7 @@ POST /projects/:id/star
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/star"
@ -1620,7 +1620,7 @@ POST /projects/:id/unstar
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/unstar"
@ -1718,7 +1718,7 @@ GET /projects/:id/starrers
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `search` | string | **{dotted-circle}** No | Search for specific users. |
```shell
@ -1764,7 +1764,7 @@ GET /projects/:id/languages
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/languages"
@ -1793,7 +1793,7 @@ POST /projects/:id/archive
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/archive"
@ -1912,7 +1912,7 @@ POST /projects/:id/unarchive
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/unarchive"
@ -2043,7 +2043,7 @@ DELETE /projects/:id
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
## Restore project marked for deletion **(PREMIUM)**
@ -2057,7 +2057,7 @@ POST /projects/:id/restore
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
## Upload a file
@ -2072,7 +2072,7 @@ POST /projects/:id/uploads
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `file` | string | **{check-circle}** Yes | The file to be uploaded. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
To upload a file from your file system, use the `--form` argument. This causes
cURL to post data using the header `Content-Type: multipart/form-data`. The
@ -2146,7 +2146,7 @@ PUT /projects/:id
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `avatar` | string | **{check-circle}** Yes | The file to be uploaded. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
To upload an avatar from your file system, use the `--form` argument. This causes
cURL to post data using the header `Content-Type: multipart/form-data`. The
@ -2181,7 +2181,7 @@ POST /projects/:id/share
| `expires_at` | string | **{dotted-circle}** No | Share expiration date in ISO 8601 format: 2016-09-26 |
| `group_access` | integer | **{check-circle}** Yes | The [access level](members.md#valid-access-levels) to grant the group. |
| `group_id` | integer | **{check-circle}** Yes | The ID of the group to share with. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
## Delete a shared project link within a group
@ -2194,7 +2194,7 @@ DELETE /projects/:id/share/:group_id
| Attribute | Type | Required | Description |
|------------|----------------|------------------------|-------------|
| `group_id` | integer | **{check-circle}** Yes | The ID of the group. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
```shell
curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/share/17"
@ -2215,7 +2215,7 @@ GET /projects/:id/hooks
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
### Get project hook
@ -2228,7 +2228,7 @@ GET /projects/:id/hooks/:hook_id
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|---------------------------|
| `hook_id` | integer | **{check-circle}** Yes | The ID of a project hook. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
```json
{
@ -2267,7 +2267,7 @@ POST /projects/:id/hooks
| `confidential_note_events` | boolean | **{dotted-circle}** No | Trigger hook on confidential note events. |
| `deployment_events` | boolean | **{dotted-circle}** No | Trigger hook on deployment events. |
| `enable_ssl_verification` | boolean | **{dotted-circle}** No | Do SSL verification when triggering the hook. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `issues_events` | boolean | **{dotted-circle}** No | Trigger hook on issues events. |
| `job_events` | boolean | **{dotted-circle}** No | Trigger hook on job events. |
| `merge_requests_events` | boolean | **{dotted-circle}** No | Trigger hook on merge requests events. |
@ -2295,7 +2295,7 @@ PUT /projects/:id/hooks/:hook_id
| `deployment_events` | boolean | **{dotted-circle}** No | Trigger hook on deployment events. |
| `enable_ssl_verification` | boolean | **{dotted-circle}** No | Do SSL verification when triggering the hook. |
| `hook_id` | integer | **{check-circle}** Yes | The ID of the project hook. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `issues_events` | boolean | **{dotted-circle}** No | Trigger hook on issues events. |
| `job_events` | boolean | **{dotted-circle}** No | Trigger hook on job events. |
| `merge_requests_events` | boolean | **{dotted-circle}** No | Trigger hook on merge requests events. |
@ -2321,7 +2321,7 @@ DELETE /projects/:id/hooks/:hook_id
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `hook_id` | integer | **{check-circle}** Yes | The ID of the project hook. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
Note the JSON response differs if the hook is available or not. If the project
hook is available before it's returned in the JSON response or an empty response
@ -2341,7 +2341,7 @@ POST /projects/:id/fork/:forked_from_id
| Attribute | Type | Required | Description |
|------------------|----------------|------------------------|-------------|
| `forked_from_id` | ID | **{check-circle}** Yes | The ID of the project that was forked from. |
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
### Delete an existing forked from relationship
@ -2351,7 +2351,7 @@ DELETE /projects/:id/fork
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
## Search for projects by name
@ -2381,7 +2381,7 @@ POST /projects/:id/housekeeping
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID of the project or NAMESPACE/PROJECT_NAME. |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
## Push Rules **(PREMIUM)**
@ -2396,7 +2396,7 @@ GET /projects/:id/push_rule
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID of the project or NAMESPACE/PROJECT_NAME. |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) |
```json
{
@ -2448,7 +2448,7 @@ POST /projects/:id/push_rule
| `commit_message_regex` | string | **{dotted-circle}** No | All commit messages must match this, for example `Fixed \d+\..*`. |
| `deny_delete_tag` | boolean | **{dotted-circle}** No | Deny deleting a tag. |
| `file_name_regex` | string | **{dotted-circle}** No | All committed filenames must **not** match this, for example `(jar|exe)$`. |
| `id` | integer/string | **{check-circle}** Yes | The ID of the project or NAMESPACE/PROJECT_NAME. |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding), |
| `max_file_size` | integer | **{dotted-circle}** No | Maximum file size (MB). |
| `member_check` | boolean | **{dotted-circle}** No | Restrict commits by author (email) to existing GitLab users. |
| `prevent_secrets` | boolean | **{dotted-circle}** No | GitLab rejects any files that are likely to contain secrets. |
@ -2471,7 +2471,7 @@ PUT /projects/:id/push_rule
| `commit_message_regex` | string | **{dotted-circle}** No | All commit messages must match this, for example `Fixed \d+\..*`. |
| `deny_delete_tag` | boolean | **{dotted-circle}** No | Deny deleting a tag. |
| `file_name_regex` | string | **{dotted-circle}** No | All committed filenames must **not** match this, for example `(jar|exe)$`. |
| `id` | integer/string | **{check-circle}** Yes | The ID of the project or NAMESPACE/PROJECT_NAME. |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `max_file_size` | integer | **{dotted-circle}** No | Maximum file size (MB). |
| `member_check` | boolean | **{dotted-circle}** No | Restrict commits by author (email) to existing GitLab users. |
| `prevent_secrets` | boolean | **{dotted-circle}** No | GitLab rejects any files that are likely to contain secrets. |
@ -2490,7 +2490,7 @@ DELETE /projects/:id/push_rule
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
## Transfer a project to a new namespace
@ -2502,8 +2502,8 @@ PUT /projects/:id/transfer
| Attribute | Type | Required | Description |
|-------------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `namespace` | integer/string | **{check-circle}** Yes | The ID or path of the namespace to transfer to project to. |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `namespace` | integer or string | **{check-circle}** Yes | The ID or path of the namespace to transfer to project to. |
Example request:
@ -2652,7 +2652,7 @@ POST /projects/:id/mirror/pull
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/:id/mirror/pull"
@ -2681,7 +2681,7 @@ GET /projects/:id/snapshot
| Attribute | Type | Required | Description |
|-----------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `wiki` | boolean | **{dotted-circle}** No | Whether to download the wiki, rather than project, repository. |
## Get the path to repository storage
@ -2696,7 +2696,7 @@ GET /projects/:id/storage
| Attribute | Type | Required | Description |
|--------------|----------------|------------------------|-------------|
| `id` | integer/string | **{check-circle}** Yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
| `id` | integer or string | **{check-circle}** Yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
```json
[

10
doc/api/resource_access_tokens.md
View File

@ -20,7 +20,7 @@ GET projects/:id/access_tokens
| Attribute | Type | required | Description |
|-----------|---------|----------|---------------------|
| `id` | integer/string | yes | The ID of the project |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/<project_id>/access_tokens"
@ -55,9 +55,9 @@ POST projects/:id/access_tokens
| Attribute | Type | required | Description |
|-----------|---------|----------|---------------------|
| `id` | integer/string | yes | The ID of the project |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) |
| `name` | String | yes | The name of the project access token |
| `scopes` | Array\[String] | yes | [List of scopes](../user/project/settings/project_access_tokens.md#limiting-scopes-of-a-project-access-token) |
| `scopes` | `Array[String]` | yes | [List of scopes](../user/project/settings/project_access_tokens.md#limiting-scopes-of-a-project-access-token) |
| `expires_at` | Date | no | The token expires at midnight UTC on that date |
```shell
@ -96,8 +96,8 @@ DELETE projects/:id/access_tokens/:token_id
| Attribute | Type | required | Description |
|-----------|---------|----------|---------------------|
| `id` | integer/string | yes | The ID of the project |
| `token_id` | integer/string | yes | The ID of the project access token |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) |
| `token_id` | integer or string | yes | The ID of the project access token |
```shell
curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/<project_id>/access_tokens/<token_id>"

462
doc/migrate_ci_to_ce/README.md
View File

@ -1,461 +1,9 @@
---
stage: none
group: unassigned
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
type: howto
redirect_to: 'https://docs.gitlab.com/'
remove_date: '2021-06-14'
---
# Migrate GitLab CI to GitLab CE or EE
This document was moved to [another location](https://docs.gitlab.com/).
Beginning with version 8.0 of GitLab Community Edition (CE) and Enterprise
Edition (EE), GitLab CI is no longer its own application, but is instead built
into the CE and EE applications.
This guide details the process of migrating your CI installation and data
into your GitLab CE or EE installation. **You can only migrate CI data from
GitLab CI 8.0 to GitLab 8.0; migrating between other versions (e.g.7.14 to 8.1)
is not possible.**
We recommend that you read through the entire migration process in this
document before beginning.
## Overview
In this document we assume you have a GitLab server and a GitLab CI server. It
does not matter if these are the same machine.
The migration consists of three parts: updating GitLab and GitLab CI, moving
data, and redirecting traffic.
Please note that CI builds triggered on your GitLab server in the time between
updating to 8.0 and finishing the migration are lost. Your GitLab server
can be online for most of the procedure; the only GitLab downtime (if any) is
during the upgrade to 8.0. Your CI service remains offline from the moment you
upgrade to 8.0 until you finish the migration procedure.
## Before upgrading
If you have GitLab CI installed using Omnibus GitLab packages but **you don't want to migrate your existing data**:
```shell
mv /var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/gitlab-ci/builds.$(date +%s)
```
run `sudo gitlab-ctl reconfigure` and you can reach CI at `gitlab.example.com/ci`.
If you want to migrate your existing data, continue reading.
### 0. Updating Omnibus from versions prior to 7.13
If you are updating from older versions you should first update to 7.14 and then to 8.0
to avoid the problems described in the [Troubleshooting](#troubleshooting) section.
### 1. Verify that backups work
Make sure that the backup script on both servers can connect to the database.
```shell
# On your CI server:
# Omnibus
sudo chown gitlab-ci:gitlab-ci /var/opt/gitlab/gitlab-ci/builds
sudo gitlab-ci-rake backup:create
# Source
cd /home/gitlab_ci/gitlab-ci
sudo -u gitlab_ci -H bundle exec rake backup:create RAILS_ENV=production
```
Also check on your GitLab server.
```shell
# On your GitLab server:
# Omnibus
sudo gitlab-backup create SKIP=repositories,uploads
# Source
cd /home/git/gitlab
sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production SKIP=repositories,uploads
```
If this fails you need to fix it before upgrading to 8.0. Also see
<https://about.gitlab.com/get-help/>
NOTE:
For GitLab 12.1 and earlier, use `gitlab-rake gitlab:backup:create`.
### 2. Check source and target database types
Check what databases you use on your GitLab server and your CI server.
Look for the 'adapter:' line. If your CI server and your GitLab server use
the same database adapter no special care is needed. If your CI server uses
MySQL and your GitLab server uses PostgreSQL you need to pass a special option
during the 'Moving data' part. **If your CI server uses PostgreSQL and your
GitLab server uses MySQL you cannot migrate your CI data to GitLab 8.0.**
```shell
# On your CI server:
# Omnibus
sudo gitlab-ci-rake env:info
# Source
cd /home/gitlab_ci/gitlab-ci
sudo -u gitlab_ci -H bundle exec rake env:info RAILS_ENV=production
```
```shell
# On your GitLab server:
# Omnibus
sudo gitlab-rake gitlab:env:info
# Source
cd /home/git/gitlab
sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
```
### 3. Storage planning
Decide where to store CI build traces on GitLab server. GitLab CI uses
files on disk to store CI build traces. The default path for these build
traces is `/var/opt/gitlab/gitlab-ci/builds` (Omnibus) or
`/home/git/gitlab/builds` (Source). If you are storing your repository data in
a special location, or if you are using NFS, you should make sure that you
store build traces on the same storage as your Git repositories.
## I. Upgrading
From this point on, GitLab CI is unavailable for your end users.
### 1. Upgrade GitLab to 8.0
First upgrade your GitLab server to version 8.0:
<https://about.gitlab.com/update/>
### 2. Disable CI on the GitLab server during the migration
After you update, go to the admin panel and temporarily disable CI. As
an administrator, go to **Admin Area** -> **Settings**, and under
**Continuous Integration** uncheck **Disable to prevent CI usage until `rake
ci:migrate` is run (8.0 only)**.
### 3. CI settings are now in GitLab
If you want to use custom CI settings (e.g. change where builds are
stored), please update `/etc/gitlab/gitlab.rb` (Omnibus) or
`/home/git/gitlab/config/gitlab.yml` (Source).
### 4. Upgrade GitLab CI to 8.0
Now upgrade GitLab CI to version 8.0. If you are using Omnibus packages,
this may have already happened when you upgraded GitLab to 8.0.
### 5. Disable GitLab CI on the CI server
Disable GitLab CI after upgrading to 8.0.
```shell
# On your CI server:
# Omnibus
sudo gitlab-ctl stop ci-unicorn
sudo gitlab-ctl stop ci-sidekiq
# Source
sudo service gitlab_ci stop
cd /home/gitlab_ci/gitlab-ci
sudo -u gitlab_ci -H bundle exec whenever --clear-crontab RAILS_ENV=production
```
## II. Moving data
### 1. Database encryption key
Move the database encryption key from your CI server to your GitLab
server. The command below shows you what you need to copy-paste to your
GitLab server. On Omnibus GitLab servers you must add a line to
`/etc/gitlab/gitlab.rb`. On GitLab servers installed from source you must
replace the contents of `/home/git/gitlab/config/secrets.yml`.
```shell
# On your CI server:
# Omnibus
sudo gitlab-ci-rake backup:show_secrets
# Source
cd /home/gitlab_ci/gitlab-ci
sudo -u gitlab_ci -H bundle exec rake backup:show_secrets RAILS_ENV=production
```
### 2. SQL data and build traces
Create your final CI data export. If you are converting from MySQL to
PostgreSQL, add `MYSQL_TO_POSTGRESQL=1` to the end of the Rake command. When
the command finishes it prints the path to your data export archive; you
need this file later.
```shell
# On your CI server:
# Omnibus
sudo chown gitlab-ci:gitlab-ci /var/opt/gitlab/gitlab-ci/builds
sudo gitlab-ci-rake backup:create
# Source
cd /home/gitlab_ci/gitlab-ci
sudo -u gitlab_ci -H bundle exec rake backup:create RAILS_ENV=production
```
### 3. Copy data to the GitLab server
If you were running GitLab and GitLab CI on the same server you can skip this
step.
Copy your CI data archive to your GitLab server. There are many ways to do
this, below we use SSH agent forwarding and `scp`, which is easy and fast
for most setups. You can also copy the data archive first from the CI server to
your laptop and then from your laptop to the GitLab server.
```shell
# Start from your laptop
ssh -A ci_admin@ci_server.example
# Now on the CI server
scp /path/to/12345_gitlab_ci_backup.tar gitlab_admin@gitlab_server.example:~
```
### 4. Move data to the GitLab backups folder
Make the CI data archive discoverable for GitLab. We assume below that you
store backups in the default path, adjust the command if necessary.
```shell
# On your GitLab server:
# Omnibus
sudo mv /path/to/12345_gitlab_ci_backup.tar /var/opt/gitlab/backups/
# Source
sudo mv /path/to/12345_gitlab_ci_backup.tar /home/git/gitlab/tmp/backups/
```
### 5. Import the CI data into GitLab
This step deletes any existing CI data on your GitLab server. There should
be no CI data yet because you turned CI on the GitLab server off earlier.
```shell
# On your GitLab server:
# Omnibus
sudo chown git:git /var/opt/gitlab/gitlab-ci/builds
sudo gitlab-rake ci:migrate
# Source
cd /home/git/gitlab
sudo -u git -H bundle exec rake ci:migrate RAILS_ENV=production
```
### 6. Restart GitLab
```shell
# On your GitLab server:
# Omnibus
sudo gitlab-ctl hup unicorn
sudo gitlab-ctl restart sidekiq
# Source
sudo service gitlab reload
```
## III. Redirecting traffic
If you were running GitLab CI with Omnibus packages and you were using the
internal NGINX configuration your CI service should now be available both at
`ci.example.com` (the old address) and `gitlab.example.com/ci`. **You are done!**
If you installed GitLab CI from source we now need to configure a redirect in
NGINX so that existing CI runners can keep using the old CI server address, and
so that existing links to your CI server keep working.
### 1. Update NGINX configuration
To ensure that your existing CI runners are able to communicate with the
migrated installation, and that existing build triggers still work, you must
update your NGINX configuration to redirect requests for the old locations to
the new ones.
Edit `/etc/nginx/sites-available/gitlab_ci` and paste:
```nginx
# GITLAB CI
server {
listen 80 default_server; # e.g., listen 192.168.1.1:80;
server_name YOUR_CI_SERVER_FQDN; # e.g., server_name source.example.com;
access_log /var/log/nginx/gitlab_ci_access.log;
error_log /var/log/nginx/gitlab_ci_error.log;
# expose API to fix runners
location /api {
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
# You need to specify your DNS servers that are able to resolve YOUR_GITLAB_SERVER_FQDN
resolver 8.8.8.8 8.8.4.4;
proxy_pass $scheme://YOUR_GITLAB_SERVER_FQDN/ci$request_uri;
}
# redirect all other CI requests
location / {
return 301 $scheme://YOUR_GITLAB_SERVER_FQDN/ci$request_uri;
}
# adjust this to match the largest build log your runners might submit,
# set to 0 to disable limit
client_max_body_size 10m;
}
```
Make sure you substitute these placeholder values with your real ones:
1. `YOUR_CI_SERVER_FQDN`: The existing public-facing address of your GitLab CI
install (e.g., `ci.gitlab.com`).
1. `YOUR_GITLAB_SERVER_FQDN`: The current public-facing address of your GitLab
CE (or EE) install (e.g., `gitlab.com`).
**Make sure not to remove the `/ci$request_uri` part. This is required to
properly forward the requests.**
You should also make sure that you can:
1. `curl "https://YOUR_GITLAB_SERVER_FQDN/"` from your previous GitLab CI server.
1. `curl "https://YOUR_CI_SERVER_FQDN/"` from your GitLab CE (or EE) server.
### 2. Check NGINX configuration
```shell
sudo nginx -t
```
### 3. Restart NGINX
```shell
sudo /etc/init.d/nginx restart
```
### Restore from backup
If something went wrong and you need to restore a backup, consult the [Backup
restoration](../raketasks/backup_restore.md) guide.
## Troubleshooting
### show:secrets problem (Omnibus-only)
If you see errors like this:
```plaintext
Missing `secret_key_base` or `db_key_base` for 'production' environment. The secrets will be generated and stored in `config/secrets.yml`
rake aborted!
Errno::EACCES: Permission denied @ rb_sysopen - config/secrets.yml
```
This can happen if you are updating from versions prior to 7.13 straight to 8.0.
The fix for this is to update to Omnibus 7.14 first and then update it to 8.0.
### Permission denied when accessing `/var/opt/gitlab/gitlab-ci/builds`
To fix that issue you have to change builds/ folder permission before doing final backup:
```shell
sudo chown -R gitlab-ci:gitlab-ci /var/opt/gitlab/gitlab-ci/builds
```
Then before executing `ci:migrate` you need to fix builds folder permission:
```shell
sudo chown git:git /var/opt/gitlab/gitlab-ci/builds
```
### Problems when importing CI database to GitLab
If you were migrating CI database from MySQL to PostgreSQL manually you can see errors during import about missing sequences:
```sql
ALTER SEQUENCE
ERROR: relation "ci_builds_id_seq" does not exist
ERROR: relation "ci_commits_id_seq" does not exist
ERROR: relation "ci_events_id_seq" does not exist
ERROR: relation "ci_jobs_id_seq" does not exist
ERROR: relation "ci_projects_id_seq" does not exist
ERROR: relation "ci_runner_projects_id_seq" does not exist
ERROR: relation "ci_runners_id_seq" does not exist
ERROR: relation "ci_services_id_seq" does not exist
ERROR: relation "ci_taggings_id_seq" does not exist
ERROR: relation "ci_tags_id_seq" does not exist
CREATE TABLE
```
To fix that you need to apply this SQL statement before doing final backup:
Omnibus GitLab installations:
```sql
gitlab-ci-rails dbconsole <<EOF
-- ALTER TABLES - DROP DEFAULTS
ALTER TABLE ONLY ci_application_settings ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_builds ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_commits ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_events ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_jobs ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_projects ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_runner_projects ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_runners ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_services ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_taggings ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_tags ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_trigger_requests ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_triggers ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_variables ALTER COLUMN id DROP DEFAULT;
ALTER TABLE ONLY ci_web_hooks ALTER COLUMN id DROP DEFAULT;
-- ALTER SEQUENCES
ALTER SEQUENCE ci_application_settings_id_seq OWNED BY ci_application_settings.id;
ALTER SEQUENCE ci_builds_id_seq OWNED BY ci_builds.id;
ALTER SEQUENCE ci_commits_id_seq OWNED BY ci_commits.id;
ALTER SEQUENCE ci_events_id_seq OWNED BY ci_events.id;
ALTER SEQUENCE ci_jobs_id_seq OWNED BY ci_jobs.id;
ALTER SEQUENCE ci_projects_id_seq OWNED BY ci_projects.id;
ALTER SEQUENCE ci_runner_projects_id_seq OWNED BY ci_runner_projects.id;
ALTER SEQUENCE ci_runners_id_seq OWNED BY ci_runners.id;
ALTER SEQUENCE ci_services_id_seq OWNED BY ci_services.id;
ALTER SEQUENCE ci_taggings_id_seq OWNED BY ci_taggings.id;
ALTER SEQUENCE ci_tags_id_seq OWNED BY ci_tags.id;
ALTER SEQUENCE ci_trigger_requests_id_seq OWNED BY ci_trigger_requests.id;
ALTER SEQUENCE ci_triggers_id_seq OWNED BY ci_triggers.id;
ALTER SEQUENCE ci_variables_id_seq OWNED BY ci_variables.id;
ALTER SEQUENCE ci_web_hooks_id_seq OWNED BY ci_web_hooks.id;
-- ALTER TABLES - RE-APPLY DEFAULTS
ALTER TABLE ONLY ci_application_settings ALTER COLUMN id SET DEFAULT nextval('ci_application_settings_id_seq'::regclass);
ALTER TABLE ONLY ci_builds ALTER COLUMN id SET DEFAULT nextval('ci_builds_id_seq'::regclass);
ALTER TABLE ONLY ci_commits ALTER COLUMN id SET DEFAULT nextval('ci_commits_id_seq'::regclass);
ALTER TABLE ONLY ci_events ALTER COLUMN id SET DEFAULT nextval('ci_events_id_seq'::regclass);
ALTER TABLE ONLY ci_jobs ALTER COLUMN id SET DEFAULT nextval('ci_jobs_id_seq'::regclass);
ALTER TABLE ONLY ci_projects ALTER COLUMN id SET DEFAULT nextval('ci_projects_id_seq'::regclass);
ALTER TABLE ONLY ci_runner_projects ALTER COLUMN id SET DEFAULT nextval('ci_runner_projects_id_seq'::regclass);
ALTER TABLE ONLY ci_runners ALTER COLUMN id SET DEFAULT nextval('ci_runners_id_seq'::regclass);
ALTER TABLE ONLY ci_services ALTER COLUMN id SET DEFAULT nextval('ci_services_id_seq'::regclass);
ALTER TABLE ONLY ci_taggings ALTER COLUMN id SET DEFAULT nextval('ci_taggings_id_seq'::regclass);
ALTER TABLE ONLY ci_tags ALTER COLUMN id SET DEFAULT nextval('ci_tags_id_seq'::regclass);
ALTER TABLE ONLY ci_trigger_requests ALTER COLUMN id SET DEFAULT nextval('ci_trigger_requests_id_seq'::regclass);
ALTER TABLE ONLY ci_triggers ALTER COLUMN id SET DEFAULT nextval('ci_triggers_id_seq'::regclass);
ALTER TABLE ONLY ci_variables ALTER COLUMN id SET DEFAULT nextval('ci_variables_id_seq'::regclass);
ALTER TABLE ONLY ci_web_hooks ALTER COLUMN id SET DEFAULT nextval('ci_web_hooks_id_seq'::regclass);
EOF
```
Source installations:
```shell
cd /home/gitlab_ci/gitlab-ci
sudo -u gitlab_ci -H bundle exec rails dbconsole production <<EOF
... COPY SQL STATEMENTS FROM ABOVE ...
EOF
```
<!-- This redirect file can be deleted after <2021-09-14>. -->
<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->

19
doc/security/webhooks.md
View File

@ -44,11 +44,13 @@ private network are forbidden by default. That means that all requests made
to `127.0.0.1`, `::1` and `0.0.0.0`, as well as IPv4 `10.0.0.0/8`, `172.16.0.0/12`,
`192.168.0.0/16` and IPv6 site-local (`ffc0::/10`) addresses aren't allowed.
This behavior can be overridden by enabling the option *"Allow requests to the
local network from web hooks and services"* in the *"Outbound requests"* section
inside the **Admin Area > Settings** (`/admin/application_settings/network`):
This behavior can be overridden:
![Outbound requests admin settings](img/outbound_requests_section_v12_2.png)
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Settings > Network**.
1. Expand the **Outbound requests** section:
![Outbound requests admin settings](img/outbound_requests_section_v12_2.png)
1. Select **Allow requests to the local network from web hooks and services**.
NOTE:
*System hooks* are enabled to make requests to local network by default since they are
@ -61,10 +63,13 @@ set up by administrators. However, you can turn this off by disabling the
You can allow certain domains and IP addresses to be accessible to both *system hooks*
and *webhooks* even when local requests are not allowed by adding them to the
allowlist. Navigate to **Admin Area > Settings > Network** (`/admin/application_settings/network`)
and expand **Outbound requests**:
allowlist:
![Outbound local requests allowlist](img/allowlist_v13_0.png)
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Settings > Network** (`/admin/application_settings/network`)
and expand **Outbound requests**:
![Outbound local requests allowlist](img/allowlist_v13_0.png)
The allowed entries can be separated by semicolons, commas or whitespaces
(including newlines) and be in different formats like hostnames, IP addresses and/or

2
doc/system_hooks/system_hooks.md
View File

@ -52,7 +52,7 @@ for Push and Tag events, but we never display commits.
To create a system hook:
1. In the top navigation bar, go to **{admin}** **Admin Area**.
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **System Hooks**.
1. Provide the **URL** and **Secret Token**.
1. Select the check box next to each **Trigger** you want to enable.

5
doc/tools/email.md
View File

@ -22,8 +22,9 @@ For information about email notifications originating from GitLab, read
## Sending emails to users from within GitLab
1. Navigate to the **Admin Area > Overview > Users** and press the
**Send email to users** button.
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Overview > Users**.
1. Select **Send email to users**.
![admin users](email1.png)

5
doc/user/admin_area/analytics/dev_ops_report.md
View File

@ -12,7 +12,10 @@ The DevOps Report gives you an overview of your entire instance's adoption of
[Concurrent DevOps](https://about.gitlab.com/topics/concurrent-devops/)
from planning to monitoring.
To see DevOps Report, go to **Admin Area > Analytics > DevOps Report**.
To see DevOps Report:
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Analytics > DevOps Report**.
## DevOps Score

5
doc/user/admin_area/analytics/index.md
View File

@ -8,7 +8,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41416) in GitLab 11.2.
Administrators have access to instance-wide analytics, as shown in **Admin Area > Analytics**.
Administrators have access to instance-wide analytics:
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Analytics**.
There are several kinds of statistics:

6
doc/user/admin_area/appearance.md
View File

@ -9,8 +9,10 @@ disqus_identifier: 'https://docs.gitlab.com/ee/customization/branded_login_page.
# GitLab Appearance **(FREE SELF)**
There are several options for customizing the appearance of a self-managed instance
of GitLab. These settings are accessed from the **Admin Area** in the **Settings > Appearance**
section.
of GitLab. To access these settings:
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Settings > Appearance**.
## Navigation bar

45
doc/user/admin_area/index.md
View File

@ -47,7 +47,7 @@ The Dashboard provides statistics and system information about the GitLab instan
To access the Dashboard, either:
- Click the Admin Area icon (**{admin}**).
- On the top bar, select **Menu >** **{admin}** **Admin**.
- Visit `/admin` on your self-managed instance.
The Dashboard is the default view of the Admin Area, and is made up of the following sections:
@ -69,10 +69,12 @@ The following topics document the **Overview** section of the Admin Area.
You can administer all projects in the GitLab instance from the Admin Area's Projects page.
To access the Projects page, go to **Admin Area > Overview > Projects**.
To access the Projects page:
Click the **All**, **Private**, **Internal**, or **Public** tab to list only projects of that
criteria.
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Overview > Projects**.
1. Select the **All**, **Private**, **Internal**, or **Public** tab to list only
projects of that criteria.
By default, all projects are listed, in reverse order of when they were last updated. For each
project, the following information is listed:
@ -107,9 +109,10 @@ You can combine the filter options. For example, to list only public projects wi
### Administering Users
You can administer all users in the GitLab instance from the Admin Area's Users page.
You can administer all users in the GitLab instance from the Admin Area's Users page:
To access the Users page, go to **Admin Area > Overview > Users**.
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Overview > Users**.
To list users matching a specific criteria, click on one of the following tabs on the **Users** page:
@ -152,7 +155,11 @@ An administrator can "impersonate" any other user, including other administrator
This allows the administrator to "see what the user sees," and take actions on behalf of the user.
You can impersonate a user in the following ways:
- Through the UI, by selecting **Admin Area > Overview > Users > Select a user > Impersonate**.
- Through the UI:
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Overview > Users**.
1. From the list of users, select a user.
1. Select **Impersonate**.
- With the API, using [impersonation tokens](../../api/README.md#impersonation-tokens).
All impersonation activities are [captured with audit events](../../administration/audit_events.md#impersonation-data).
@ -198,7 +205,10 @@ The [Cohorts](user_cohorts.md) tab displays the monthly cohorts of new users and
You can administer all groups in the GitLab instance from the Admin Area's Groups page.
To access the Groups page, go to **Admin Area > Overview > Groups**.
To access the Groups page:
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Overview > Groups**.
For each group, the page displays their name, description, size, number of projects in the group,
number of members, and whether the group is private, internal, or public. To edit a group, click
@ -217,11 +227,12 @@ To [Create a new group](../group/index.md#create-a-group) click **New group**.
You can administer all jobs in the GitLab instance from the Admin Area's Jobs page.
To access the Jobs page, go to **Admin Area > Overview > Jobs**.
To access the Jobs page:
All jobs are listed, in descending order of job ID.
Click the **All** tab to list all jobs. Click the **Pending**, **Running**, or **Finished** tab to list only jobs of that status.
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Overview > Jobs**. All jobs are listed, in descending order of job ID.
1. Click the **All** tab to list all jobs. Click the **Pending**, **Running**, or **Finished**
tab to list only jobs of that status.
For each job, the following details are listed:
@ -242,7 +253,10 @@ For each job, the following details are listed:
You can administer all runners in the GitLab instance from the Admin Area's **Runners** page. See
[GitLab Runner](https://docs.gitlab.com/runner/) for more information.
To access the **Runners** page, go to **Admin Area > Overview > Runners**.
To access the **Runners** page:
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Overview > Runners**.
The **Runners** page features:
@ -288,7 +302,10 @@ You can also edit, pause, or remove each runner.
You can list all Gitaly servers in the GitLab instance from the Admin Area's **Gitaly Servers**
page. For more details, see [Gitaly](../../administration/gitaly/index.md).
To access the **Gitaly Servers** page, go to **Admin Area > Overview > Gitaly Servers**.
To access the **Gitaly Servers** page:
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Overview > Gitaly Servers**.
For each Gitaly server, the following details are listed:

8
doc/user/admin_area/monitoring/health_check.md
View File

@ -143,9 +143,11 @@ This check is being exempt from Rack Attack.
NOTE:
Access token has been deprecated in GitLab 9.4 in favor of [IP whitelist](#ip-whitelist).
An access token needs to be provided while accessing the probe endpoints. The current
accepted token can be found under the **Admin Area > Monitoring > Health check**
(`admin/health_check`) page of your GitLab instance.
An access token needs to be provided while accessing the probe endpoints. You can
find the current accepted token in the user interface:
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Monitoring > Health Check**. (`admin/health_check`)
![access token](img/health_check_token.png)

7
doc/user/admin_area/settings/external_authorization.md
View File

@ -39,10 +39,11 @@ the [Omnibus GitLab documentation](https://docs.gitlab.com/omnibus/settings/logs
## Configuration
The external authorization service can be enabled by an administrator on the GitLab
**Admin Area > Settings > General** page:
The external authorization service can be enabled by an administrator:
![Enable external authorization service](img/external_authorization_service_settings.png)
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Settings > General**:
![Enable external authorization service](img/external_authorization_service_settings.png)
The available required properties are:

6
doc/user/admin_area/user_cohorts.md
View File

@ -8,7 +8,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
You can analyze your users' GitLab activities over time.
To see user cohorts, go to **Admin Area > Overview > Users**.
To view user cohorts:
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. In the left sidebar, select **Overview > Users**.
1. Select the **Cohorts** tab.
## Overview

67
lib/backup/gitaly_backup.rb Normal file
View File

@ -0,0 +1,67 @@
# frozen_string_literal: true
module Backup
# Backup and restores repositories using gitaly-backup
class GitalyBackup
def initialize(progress)
@progress = progress
end
def start(type)
raise Error, 'already started' if started?
command = case type
when :create
'create'
when :restore
'restore'
else
raise Error, "unknown backup type: #{type}"
end
@read_io, @write_io = IO.pipe
@pid = Process.spawn(bin_path, command, '-path', backup_repos_path, in: @read_io, out: progress)
end
def wait
return unless started?
@write_io.close
Process.wait(@pid)
status = $?
@pid = nil
raise Error, "gitaly-backup exit status #{status.exitstatus}" if status.exitstatus != 0
end
def enqueue(container, repo_type)
raise Error, 'not started' unless started?
repository = repo_type.repository_for(container)
@write_io.puts({
storage_name: repository.storage,
relative_path: repository.relative_path,
gl_project_path: repository.gl_project_path,
always_create: repo_type.project?
}.merge(Gitlab::GitalyClient.connection_data(repository.storage)).to_json)
end
private
attr_reader :progress
def started?
@pid.present?
end
def backup_repos_path
File.absolute_path(File.join(Gitlab.config.backup.path, 'repositories'))
end
def bin_path
File.absolute_path(File.join(Gitlab.config.gitaly.client_path, 'gitaly-backup'))
end
end
end

2
lib/backup/repositories.rb
View File

@ -4,7 +4,7 @@ require 'yaml'
module Backup
class Repositories
def initialize(progress, strategy: GitalyRpcBackup.new(progress))
def initialize(progress, strategy:)
@progress = progress
@strategy = strategy
end

15
lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml
View File

@ -1,3 +1,18 @@
################################################################################
# WARNING
################################################################################
#
# This template is DEPRECATED and scheduled for removal in GitLab 15.0
# See https://gitlab.com/gitlab-org/gitlab/-/issues/333610 for more context.
#
# To get started with a Cluster Management Project, we instead recommend
# using the updated project template:
#
# - Documentation: https://docs.gitlab.com/ee/user/clusters/management_project_template.html
# - Source code: https://gitlab.com/gitlab-org/project-templates/cluster-management/
#
################################################################################
apply:
stage: deploy
image: "registry.gitlab.com/gitlab-org/cluster-integration/cluster-applications:v0.43.1"

7
lib/gitlab/kas.rb
View File

@ -45,6 +45,13 @@ module Gitlab
Gitlab.config.gitlab_kas.external_url
end
# Return GitLab KAS internal_url
#
# @return [String] internal_url
def internal_url
Gitlab.config.gitlab_kas.internal_url
end
# Return whether GitLab KAS is enabled
#
# @return [Boolean] external_url

75
lib/gitlab/kas/client.rb Normal file
View File

@ -0,0 +1,75 @@
# frozen_string_literal: true
module Gitlab
module Kas
class Client
TIMEOUT = 2.seconds.freeze
JWT_AUDIENCE = 'gitlab-kas'
STUB_CLASSES = {
configuration_project: Gitlab::Agent::ConfigurationProject::Rpc::ConfigurationProject::Stub
}.freeze
ConfigurationError = Class.new(StandardError)
def initialize
raise ConfigurationError, 'GitLab KAS is not enabled' unless Gitlab::Kas.enabled?
raise ConfigurationError, 'KAS internal URL is not configured' unless Gitlab::Kas.internal_url.present?
end
def list_agent_config_files(project:)
request = Gitlab::Agent::ConfigurationProject::Rpc::ListAgentConfigFilesRequest.new(
repository: repository(project),
gitaly_address: gitaly_address(project)
)
stub_for(:configuration_project)
.list_agent_config_files(request, metadata: metadata)
.config_files
.to_a
end
private
def stub_for(service)
@stubs ||= {}
@stubs[service] ||= STUB_CLASSES.fetch(service).new(kas_endpoint_url, credentials, timeout: TIMEOUT)
end
def repository(project)
gitaly_repository = project.repository.gitaly_repository
Gitlab::Agent::Modserver::Repository.new(gitaly_repository.to_h)
end
def gitaly_address(project)
connection_data = Gitlab::GitalyClient.connection_data(project.repository_storage)
Gitlab::Agent::Modserver::GitalyAddress.new(connection_data)
end
def kas_endpoint_url
Gitlab::Kas.internal_url.delete_prefix('grpc://')
end
def credentials
if Rails.env.test? || Rails.env.development?
:this_channel_is_insecure
else
GRPC::Core::ChannelCredentials.new
end
end
def metadata
{ 'authorization' => "bearer #{token}" }
end
def token
JSONWebToken::HMACToken.new(Gitlab::Kas.secret).tap do |token|
token.issuer = Settings.gitlab.host
token.audience = JWT_AUDIENCE
end.encoded
end
end
end
end

12
lib/tasks/gitlab/backup.rake
View File

@ -109,7 +109,7 @@ namespace :gitlab do
puts "GITLAB_BACKUP_MAX_CONCURRENCY and GITLAB_BACKUP_MAX_STORAGE_CONCURRENCY must have a value of at least 1".color(:red)
exit 1
else
Backup::Repositories.new(progress).dump(
Backup::Repositories.new(progress, strategy: repository_backup_strategy).dump(
max_concurrency: max_concurrency,
max_storage_concurrency: max_storage_concurrency
)
@ -119,7 +119,7 @@ namespace :gitlab do
task restore: :gitlab_environment do
puts_time "Restoring repositories ...".color(:blue)
Backup::Repositories.new(progress).restore
Backup::Repositories.new(progress, strategy: repository_backup_strategy).restore
puts_time "done".color(:green)
end
end
@ -294,6 +294,14 @@ namespace :gitlab do
$stdout
end
end
def repository_backup_strategy
if Feature.enabled?(:gitaly_backup)
Backup::GitalyBackup.new(progress)
else
Backup::GitalyRpcBackup.new(progress)
end
end
end
# namespace end: backup
end

110
spec/lib/backup/gitaly_backup_spec.rb Normal file
View File

@ -0,0 +1,110 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Backup::GitalyBackup do
let(:progress) do
Tempfile.new('progress').tap do |progress|
progress.unlink
end
end
after do
progress.close
end
subject { described_class.new(progress) }
context 'unknown' do
it 'fails to start unknown' do
expect { subject.start(:unknown) }.to raise_error(::Backup::Error, 'unknown backup type: unknown')
end
end
context 'create' do
RSpec.shared_examples 'creates a repository backup' do
it 'creates repository bundles', :aggregate_failures do
# Add data to the wiki, design repositories, and snippets, so they will be included in the dump.
create(:wiki_page, container: project)
create(:design, :with_file, issue: create(:issue, project: project))
project_snippet = create(:project_snippet, :repository, project: project)
personal_snippet = create(:personal_snippet, :repository, author: project.owner)
subject.start(:create)
subject.enqueue(project, Gitlab::GlRepository::PROJECT)
subject.enqueue(project, Gitlab::GlRepository::WIKI)
subject.enqueue(project, Gitlab::GlRepository::DESIGN)
subject.enqueue(personal_snippet, Gitlab::GlRepository::SNIPPET)
subject.enqueue(project_snippet, Gitlab::GlRepository::SNIPPET)
subject.wait
expect(File).to exist(File.join(Gitlab.config.backup.path, 'repositories', project.disk_path + '.bundle'))
expect(File).to exist(File.join(Gitlab.config.backup.path, 'repositories', project.disk_path + '.wiki.bundle'))
expect(File).to exist(File.join(Gitlab.config.backup.path, 'repositories', project.disk_path + '.design.bundle'))
expect(File).to exist(File.join(Gitlab.config.backup.path, 'repositories', personal_snippet.disk_path + '.bundle'))
expect(File).to exist(File.join(Gitlab.config.backup.path, 'repositories', project_snippet.disk_path + '.bundle'))
end
it 'raises when the exit code not zero' do
expect(subject).to receive(:bin_path).and_return(Gitlab::Utils.which('false'))
subject.start(:create)
expect { subject.wait }.to raise_error(::Backup::Error, 'gitaly-backup exit status 1')
end
end
context 'hashed storage' do
let_it_be(:project) { create(:project, :repository) }
it_behaves_like 'creates a repository backup'
end
context 'legacy storage' do
let_it_be(:project) { create(:project, :repository, :legacy_storage) }
it_behaves_like 'creates a repository backup'
end
end
context 'restore' do
let_it_be(:project) { create(:project, :repository) }
let_it_be(:personal_snippet) { create(:personal_snippet, author: project.owner) }
let_it_be(:project_snippet) { create(:project_snippet, project: project, author: project.owner) }
def copy_bundle_to_backup_path(bundle_name, destination)
FileUtils.mkdir_p(File.join(Gitlab.config.backup.path, 'repositories', File.dirname(destination)))
FileUtils.cp(Rails.root.join('spec/fixtures/lib/backup', bundle_name), File.join(Gitlab.config.backup.path, 'repositories', destination))
end
it 'restores from repository bundles', :aggregate_failures do
copy_bundle_to_backup_path('project_repo.bundle', project.disk_path + '.bundle')
copy_bundle_to_backup_path('wiki_repo.bundle', project.disk_path + '.wiki.bundle')
copy_bundle_to_backup_path('design_repo.bundle', project.disk_path + '.design.bundle')
copy_bundle_to_backup_path('personal_snippet_repo.bundle', personal_snippet.disk_path + '.bundle')
copy_bundle_to_backup_path('project_snippet_repo.bundle', project_snippet.disk_path + '.bundle')
subject.start(:restore)
subject.enqueue(project, Gitlab::GlRepository::PROJECT)
subject.enqueue(project, Gitlab::GlRepository::WIKI)
subject.enqueue(project, Gitlab::GlRepository::DESIGN)
subject.enqueue(personal_snippet, Gitlab::GlRepository::SNIPPET)
subject.enqueue(project_snippet, Gitlab::GlRepository::SNIPPET)
subject.wait
collect_commit_shas = -> (repo) { repo.commits('master', limit: 10).map(&:sha) }
expect(collect_commit_shas.call(project.repository)).to eq(['393a7d860a5a4c3cc736d7eb00604e3472bb95ec'])
expect(collect_commit_shas.call(project.wiki.repository)).to eq(['c74b9948d0088d703ee1fafeddd9ed9add2901ea'])
expect(collect_commit_shas.call(project.design_repository)).to eq(['c3cd4d7bd73a51a0f22045c3a4c871c435dc959d'])
expect(collect_commit_shas.call(personal_snippet.repository)).to eq(['3b3c067a3bc1d1b695b51e2be30c0f8cf698a06e'])
expect(collect_commit_shas.call(project_snippet.repository)).to eq(['6e44ba56a4748be361a841e759c20e421a1651a1'])
end
it 'raises when the exit code not zero' do
expect(subject).to receive(:bin_path).and_return(Gitlab::Utils.which('false'))
subject.start(:restore)
expect { subject.wait }.to raise_error(::Backup::Error, 'gitaly-backup exit status 1')
end
end
end

84
spec/lib/gitlab/kas/client_spec.rb Normal file
View File

@ -0,0 +1,84 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::Kas::Client do
let_it_be(:project) { create(:project) }
describe '#initialize' do
context 'kas is not enabled' do
before do
allow(Gitlab::Kas).to receive(:enabled?).and_return(false)
end
it 'raises a configuration error' do
expect { described_class.new }.to raise_error(described_class::ConfigurationError, 'GitLab KAS is not enabled')
end
end
context 'internal url is not set' do
before do
allow(Gitlab::Kas).to receive(:enabled?).and_return(true)
allow(Gitlab::Kas).to receive(:internal_url).and_return(nil)
end
it 'raises a configuration error' do
expect { described_class.new }.to raise_error(described_class::ConfigurationError, 'KAS internal URL is not configured')
end
end
end
describe 'gRPC calls' do
let(:token) { instance_double(JSONWebToken::HMACToken, encoded: 'test-token') }
before do
allow(Gitlab::Kas).to receive(:enabled?).and_return(true)
allow(Gitlab::Kas).to receive(:internal_url).and_return('grpc://example.kas.internal')
expect(JSONWebToken::HMACToken).to receive(:new)
.with(Gitlab::Kas.secret)
.and_return(token)
expect(token).to receive(:issuer=).with(Settings.gitlab.host)
expect(token).to receive(:audience=).with(described_class::JWT_AUDIENCE)
end
describe '#list_agent_config_files' do
let(:stub) { instance_double(Gitlab::Agent::ConfigurationProject::Rpc::ConfigurationProject::Stub) }
let(:request) { instance_double(Gitlab::Agent::ConfigurationProject::Rpc::ListAgentConfigFilesRequest) }
let(:response) { double(Gitlab::Agent::ConfigurationProject::Rpc::ListAgentConfigFilesResponse, config_files: agent_configurations) }
let(:repository) { instance_double(Gitlab::Agent::Modserver::Repository) }
let(:gitaly_address) { instance_double(Gitlab::Agent::Modserver::GitalyAddress) }
let(:agent_configurations) { [double] }
subject { described_class.new.list_agent_config_files(project: project) }
before do
expect(Gitlab::Agent::ConfigurationProject::Rpc::ConfigurationProject::Stub).to receive(:new)
.with('example.kas.internal', :this_channel_is_insecure, timeout: described_class::TIMEOUT)
.and_return(stub)
expect(Gitlab::Agent::Modserver::Repository).to receive(:new)
.with(project.repository.gitaly_repository.to_h)
.and_return(repository)
expect(Gitlab::Agent::Modserver::GitalyAddress).to receive(:new)
.with(Gitlab::GitalyClient.connection_data(project.repository_storage))
.and_return(gitaly_address)
expect(Gitlab::Agent::ConfigurationProject::Rpc::ListAgentConfigFilesRequest).to receive(:new)
.with(repository: repository, gitaly_address: gitaly_address)
.and_return(request)
expect(stub).to receive(:list_agent_config_files)
.with(request, metadata: { 'authorization' => 'bearer test-token' })
.and_return(response)
end
it { expect(subject).to eq(agent_configurations) }
end
end
end

6
spec/lib/gitlab/kas_spec.rb
View File

@ -65,6 +65,12 @@ RSpec.describe Gitlab::Kas do
end
end
describe '.internal_url' do
it 'returns gitlab_kas internal_url config' do
expect(described_class.internal_url).to eq(Gitlab.config.gitlab_kas.internal_url)
end
end
describe '.version' do
it 'returns gitlab_kas version config' do
version_file = Rails.root.join(described_class::VERSION_FILE)

76
spec/tasks/gitlab/backup_rake_spec.rb
View File

@ -1,7 +1,6 @@
# frozen_string_literal: true
require 'spec_helper'
require 'rake'
require 'rake_helper'
RSpec.describe 'gitlab:app namespace rake task', :delete do
let(:enable_registry) { true }
@ -24,14 +23,10 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
before(:all) do
Rake.application.rake_require 'active_record/railties/databases'
Rake.application.rake_require 'tasks/gitlab/helpers'
Rake.application.rake_require 'tasks/gitlab/backup'
Rake.application.rake_require 'tasks/gitlab/shell'
Rake.application.rake_require 'tasks/gitlab/db'
Rake.application.rake_require 'tasks/cache'
# empty task as env is already loaded
Rake::Task.define_task :environment
end
before do
@ -39,6 +34,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
FileUtils.rm(tars_glob, force: true)
FileUtils.rm(backup_files, force: true)
FileUtils.rm_rf(backup_directories, secure: true)
FileUtils.mkdir_p('tmp/tests/public/uploads')
reenable_backup_sub_tasks
stub_container_registry_config(enabled: enable_registry)
end
@ -47,12 +43,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
FileUtils.rm(tars_glob, force: true)
FileUtils.rm(backup_files, force: true)
FileUtils.rm_rf(backup_directories, secure: true)
end
def run_rake_task(task_name)
FileUtils.mkdir_p('tmp/tests/public/uploads')
Rake::Task[task_name].reenable
Rake.application.invoke_task task_name
FileUtils.rm_rf('tmp/tests/public/uploads', secure: true)
end
def reenable_backup_sub_tasks
@ -92,11 +83,11 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
end
it 'invokes restoration on match' do
expect { run_rake_task('gitlab:backup:restore') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:restore') }.to output.to_stdout_from_any_process
end
it 'prints timestamps on messages' do
expect { run_rake_task('gitlab:backup:restore') }.to output(/.*\d{4}-\d{2}-\d{2}\s\d{2}:\d{2}:\d{2}\s[-+]\d{4}\s--\s.*/).to_stdout
expect { run_rake_task('gitlab:backup:restore') }.to output(/.*\d{4}-\d{2}-\d{2}\s\d{2}:\d{2}:\d{2}\s[-+]\d{4}\s--\s.*/).to_stdout_from_any_process
end
end
end
@ -105,14 +96,16 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
before do
# We only need a backup of the repositories for this test
stub_env('SKIP', 'db,uploads,builds,artifacts,lfs,registry')
create(:project, :repository)
end
it 'removes stale data' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
excluded_project = create(:project, :repository, name: 'mepmep')
expect { run_rake_task('gitlab:backup:restore') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:restore') }.to output.to_stdout_from_any_process
raw_repo = excluded_project.repository.raw
@ -124,9 +117,10 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
context 'when the backup is restored' do
let!(:included_project) { create(:project, :repository) }
let!(:original_checksum) { included_project.repository.checksum }
before do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
backup_tar = Dir.glob(File.join(Gitlab.config.backup.path, '*_gitlab_backup.tar')).last
allow(Dir).to receive(:glob).and_return([backup_tar])
@ -153,11 +147,12 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
end
it 'restores the data' do
expect { run_rake_task('gitlab:backup:restore') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:restore') }.to output.to_stdout_from_any_process
raw_repo = included_project.repository.raw
expect(raw_repo.empty?).to be(false)
expect(included_project.repository.checksum).to eq(original_checksum)
end
end
end
@ -169,8 +164,9 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
allow(ActiveRecord::Base.connection).to receive(:reconnect!)
end
let!(:project) { create(:project, :repository) }
describe 'backup creation and deletion using custom_hooks' do
let(:project) { create(:project, :repository) }
let(:user_backup_path) { "repositories/#{project.disk_path}" }
before do
@ -184,7 +180,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
context 'project uses custom_hooks and successfully creates backup' do
it 'creates custom_hooks.tar and project bundle' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
tar_contents, exit_status = Gitlab::Popen.popen(%W{tar -tvf #{backup_tar}})
@ -195,8 +191,8 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
end
it 'restores files correctly' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:restore') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
expect { run_rake_task('gitlab:backup:restore') }.to output.to_stdout_from_any_process
repo_path = Gitlab::GitalyClient::StorageSettings.allow_disk_access do
project.repository.path
@ -210,7 +206,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
it 'prints a progress message to stdout' do
task_list.each do |task|
expect { run_rake_task("gitlab:backup:#{task}:create") }.to output(/Dumping /).to_stdout
expect { run_rake_task("gitlab:backup:#{task}:create") }.to output(/Dumping /).to_stdout_from_any_process
end
end
end
@ -219,7 +215,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
context 'tar creation' do
context 'archive file permissions' do
it 'sets correct permissions on the tar file' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
expect(File.exist?(backup_tar)).to be_truthy
expect(File::Stat.new(backup_tar).mode.to_s(8)).to eq('100600')
@ -231,7 +227,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
end
it 'uses the custom permissions' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
expect(File::Stat.new(backup_tar).mode.to_s(8)).to eq('100651')
end
@ -239,7 +235,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
end
it 'sets correct permissions on the tar contents' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
tar_contents, exit_status = Gitlab::Popen.popen(
%W{tar -tvf #{backup_tar} db uploads.tar.gz repositories builds.tar.gz artifacts.tar.gz pages.tar.gz lfs.tar.gz registry.tar.gz}
@ -258,7 +254,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
end
it 'deletes temp directories' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
temp_dirs = Dir.glob(
File.join(Gitlab.config.backup.path, '{db,repositories,uploads,builds,artifacts,pages,lfs,registry}')
@ -271,7 +267,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
let(:enable_registry) { false }
it 'does not create registry.tar.gz' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
tar_contents, exit_status = Gitlab::Popen.popen(
%W{tar -tvf #{backup_tar}}
@ -311,7 +307,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
move_repository_to_secondary(project_b)
move_repository_to_secondary(project_snippet_b)
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
tar_contents, exit_status = Gitlab::Popen.popen(
%W{tar -tvf #{backup_tar} repositories}
@ -377,7 +373,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
.and_call_original
end
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
end
it 'passes through concurrency environment variables' do
@ -390,7 +386,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
.and_call_original
end
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
end
end
end
@ -399,10 +395,12 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
describe "Skipping items" do
before do
stub_env('SKIP', 'repositories,uploads')
create(:project, :repository)
end
it "does not contain skipped item" do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
tar_contents, _exit_status = Gitlab::Popen.popen(
%W{tar -tvf #{backup_tar} db uploads.tar.gz repositories builds.tar.gz artifacts.tar.gz pages.tar.gz lfs.tar.gz registry.tar.gz}
@ -419,7 +417,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
end
it 'does not invoke repositories restore' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
allow(Rake::Task['gitlab:shell:setup'])
.to receive(:invoke).and_return(true)
@ -434,17 +432,19 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
expect(Rake::Task['gitlab:backup:lfs:restore']).to receive :invoke
expect(Rake::Task['gitlab:backup:registry:restore']).to receive :invoke
expect(Rake::Task['gitlab:shell:setup']).to receive :invoke
expect { run_rake_task('gitlab:backup:restore') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:restore') }.to output.to_stdout_from_any_process
end
end
describe 'skipping tar archive creation' do
before do
stub_env('SKIP', 'tar')
create(:project, :repository)
end
it 'created files with backup content and no tar archive' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
dir_contents = Dir.children(Gitlab.config.backup.path)
@ -463,7 +463,7 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
end
it 'those component files can be restored from' do
expect { run_rake_task("gitlab:backup:create") }.to output.to_stdout
expect { run_rake_task("gitlab:backup:create") }.to output.to_stdout_from_any_process
allow(Rake::Task['gitlab:shell:setup'])
.to receive(:invoke).and_return(true)
@ -478,13 +478,13 @@ RSpec.describe 'gitlab:app namespace rake task', :delete do
expect(Rake::Task['gitlab:backup:lfs:restore']).to receive :invoke
expect(Rake::Task['gitlab:backup:registry:restore']).to receive :invoke
expect(Rake::Task['gitlab:shell:setup']).to receive :invoke
expect { run_rake_task("gitlab:backup:restore") }.to output.to_stdout
expect { run_rake_task("gitlab:backup:restore") }.to output.to_stdout_from_any_process
end
end
describe "Human Readable Backup Name" do
it 'name has human readable time' do
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout
expect { run_rake_task('gitlab:backup:create') }.to output.to_stdout_from_any_process
expect(backup_tar).to match(/\d+_\d{4}_\d{2}_\d{2}_\d+\.\d+\.\d+.*_gitlab_backup.tar$/)
end