root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-02-14 03:10:02 +00:00
parent af3390065e
commit 44d7c735d8
75 changed files with 315 additions and 269 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
.gitlab/merge_request_templates/Documentation_Solutions.md Normal file
View File

@ -0,0 +1,32 @@
<!-- Use this template for documentation updates in the /doc/solutions directory. -->
## What does this MR do?
<!-- Briefly describe what this MR is about. -->
## Related issues
<!-- Link related issues below. -->
## Review
- [ ] Assign yourself as the **Assignee** of this MR.
- [ ] I have read the [Solutions Docs Contributors Guide in the GitLab Handbook](https://handbook.gitlab.com/handbook/customer-success/solutions-architects/sa-documentation/).
- [ ] Assign another SA as the **Reviewer**.
- [ ] Assign the latest release for the **Milestone**. If you're not sure, [view the list of releases](https://about.gitlab.com/releases/).
- [ ] Mention the reviewer in a comment, so they're aware that the MR is ready.
## Merging
- [ ] Obtain approval from a member of the Solutions Documentation Approvers Group (CODEOWNERS for the Solutions directory)
When a code owner approves, they can merge.
## Troubleshooting
The pipeline will test for style and link issues. If you have issues you're unable to resolve,
view the documentation [Style Guide](https://docs.gitlab.com/ee/development/documentation/styleguide/)
or ask for assistance in the #docs Slack channel.
/label ~documentation ~Solutions ~"type::maintenance" ~"maintenance::refactor"
/assign me

2
Gemfile.checksum
View File

@ -525,7 +525,7 @@
{"name":"redcarpet","version":"3.6.0","platform":"ruby","checksum":"8ad1889c0355ff4c47174af14edd06d62f45a326da1da6e8a121d59bdcd2e9e9"},
{"name":"redis","version":"4.8.0","platform":"ruby","checksum":"2000cf5014669c9dc821704b6d322a35a9a33852a95208911d9175d63b448a44"},
{"name":"redis-actionpack","version":"5.4.0","platform":"ruby","checksum":"f10cf649ab05914716d63334d7f709221ecc883b87cf348f90ecfe0c35ea3540"},
{"name":"redis-client","version":"0.19.0","platform":"ruby","checksum":"6ed9af23ff5aa87cf4d59439db77082b4cae5a0abbdd114ec5420bd63456324d"},
{"name":"redis-client","version":"0.20.0","platform":"ruby","checksum":"239ac38fe4f0b62c8d2d8641989319b736b7dd40eebec868fd874a14686bdc8c"},
{"name":"redis-namespace","version":"1.10.0","platform":"ruby","checksum":"2c1c6ea7c6c5e343e75b9bee3aa4c265e364a5b9966507397467af2bb3758d94"},
{"name":"redis-rack","version":"3.0.0","platform":"ruby","checksum":"abb50b82ae10ad4d11ca2e4901bfc2b98256cdafbbd95f80c86fc9e001478380"},
{"name":"redis-store","version":"1.10.0","platform":"ruby","checksum":"f258894f9f7e82834308a3d86242294f0cff2c9db9ae66e5cb4c553a5ec8b09e"},

2
Gemfile.lock
View File

@ -1390,7 +1390,7 @@ GEM
actionpack (>= 5, < 8)
redis-rack (>= 2.1.0, < 4)
redis-store (>= 1.1.0, < 2)
redis-client (0.19.0)
redis-client (0.20.0)
connection_pool
redis-namespace (1.10.0)
redis (>= 4)

4
app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_preparing.vue
View File

@ -14,8 +14,8 @@ export default {
};
</script>
<template>
<div class="gl-w-full gl-display-flex gl-p-4">
<gl-loading-icon size="md" class="gl-pr-4" inline />
<div class="gl-w-full gl-display-flex gl-align-items-center gl-px-5 gl-py-4">
<gl-loading-icon size="sm" class="gl-pr-3" />
<div class="gl-display-flex gl-align-items-center">
{{ $options.i18n.preparing }}
</div>

2
app/views/projects/pipelines/charts.html.haml
View File

@ -6,6 +6,6 @@
should_render_quality_summary: should_render_quality_summary.to_s,
failed_pipelines_link: project_pipelines_path(@project, page: '1', scope: 'all', status: 'failed'),
coverage_chart_path: charts_project_graph_path(@project, @project.default_branch),
test_runs_empty_state_image_path: image_path('illustrations/pipeline.svg'),
test_runs_empty_state_image_path: image_path('illustrations/empty-state/empty-pipeline-md.svg'),
project_quality_summary_feedback_image_path: image_path('illustrations/chat-sm.svg'),
default_branch: @project.default_branch } }

2
config/metrics/counts_28d/20210216175436_projects_slack_notifications_active.yml
View File

@ -5,7 +5,7 @@ description: Unique projects created in the past 28 days that have Slack notific
enabled
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: 28d

2
config/metrics/counts_28d/20210216175437_projects_slack_slash_active.yml
View File

@ -5,7 +5,7 @@ description: Unique projects created in the past 28 days that have Slack /
enabled
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: 28d

2
config/metrics/counts_28d/20210216181150_projects_jira_active.yml
View File

@ -4,7 +4,7 @@ key_path: usage_activity_by_stage_monthly.plan.projects_jira_active
description: Distinct count of creator_id from projects with an active Jira integration.
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: 28d

2
config/metrics/counts_28d/20210216184941_i_ecosystem_jira_service_close_issue_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_jira_service_close_issue_mont
description: Number of users closing Jira issues by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: 28d

2
config/metrics/counts_28d/20210216184945_i_ecosystem_jira_service_cross_reference_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_jira_service_cross_reference_
description: Number of users that cross-referenced Jira issues by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: 28d

2
config/metrics/counts_28d/20210216184957_ecosystem_total_unique_counts_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.ecosystem_total_unique_counts_monthly
description: Number of users for Jira and Slack by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: 28d

2
config/metrics/counts_28d/20210303150507_i_ecosystem_slack_service_issue_notification_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_slack_service_issue_notificat
description: Calculated unique users to trigger a Slack message by performing an action on an issue by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "13.10"

2
config/metrics/counts_28d/20210303150654_i_ecosystem_slack_service_push_notification_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_slack_service_push_notificati
description: Calculated unique users to trigger a Slack message by performing a Git push by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "13.10"

2
config/metrics/counts_28d/20210303150912_i_ecosystem_slack_service_deployment_notification_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_slack_service_deployment_noti
description: Calculated unique users to trigger a Slack message by performing a deployment by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "13.10"

2
config/metrics/counts_28d/20210303151609_i_ecosystem_slack_service_wiki_page_notification_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_slack_service_wiki_page_notif
description: Calculated unique users to trigger a Slack message by performing an action on a wiki page by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "13.10"

2
config/metrics/counts_28d/20210303151831_i_ecosystem_slack_service_merge_request_notification_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_slack_service_merge_request_n
description: Calculated unique users to trigger a Slack message by performing an action on a merge request by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "13.10"

2
config/metrics/counts_28d/20210303151946_i_ecosystem_slack_service_note_notification_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_slack_service_note_notificati
description: Calculated unique users to trigger a Slack message by creating a note by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "13.10"

2
config/metrics/counts_28d/20210303152049_i_ecosystem_slack_service_tag_push_notification_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_slack_service_tag_push_notifi
description: Calculated unique users to trigger a Slack message by performing a tag push by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "13.10"

2
config/metrics/counts_28d/20210303152144_i_ecosystem_slack_service_confidential_note_notification_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_slack_service_confidential_no
description: Calculated unique users to trigger a Slack message by creating a confidential note by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "13.10"

2
config/metrics/counts_28d/20210303152233_i_ecosystem_slack_service_confidential_issue_notification_monthly.yml
View File

@ -4,7 +4,7 @@ key_path: redis_hll_counters.ecosystem.i_ecosystem_slack_service_confidential_is
description: Calculated unique users to trigger a Slack message by performing an action on a confidential issue by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "13.10"

2
config/metrics/counts_28d/20221101213234_integrations_gitlab_for_slack_app_confidential_issue_notification_monthly.yml
View File

@ -3,7 +3,7 @@ key_path: redis_hll_counters.integrations.i_integrations_gitlab_for_slack_app_co
description: Calculated unique users to trigger a Slack message by performing an action on a confidential issue by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "15.6"

2
config/metrics/counts_28d/20221101213234_integrations_gitlab_for_slack_app_confidential_note_notification_monthly.yml
View File

@ -3,7 +3,7 @@ key_path: redis_hll_counters.integrations.i_integrations_gitlab_for_slack_app_co
description: Calculated unique users to trigger a Slack message by creating a confidential note by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "15.6"

2
config/metrics/counts_28d/20221101213234_integrations_gitlab_for_slack_app_deployment_notification_monthly.yml
View File

@ -3,7 +3,7 @@ key_path: redis_hll_counters.integrations.i_integrations_gitlab_for_slack_app_de
description: Calculated unique users to trigger a Slack message by performing a deployment by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "15.6"

2
config/metrics/counts_28d/20221101213234_integrations_gitlab_for_slack_app_issue_notification_monthly.yml
View File

@ -3,7 +3,7 @@ key_path: redis_hll_counters.integrations.i_integrations_gitlab_for_slack_app_is
description: Calculated unique users to trigger a Slack message by performing an action on an issue by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "15.6"

2
config/metrics/counts_28d/20221101213234_integrations_gitlab_for_slack_app_merge_request_notification_monthly.yml
View File

@ -3,7 +3,7 @@ key_path: redis_hll_counters.integrations.i_integrations_gitlab_for_slack_app_me
description: Calculated unique users to trigger a Slack message by performing an action on a merge request by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "15.6"

2
config/metrics/counts_28d/20221101213234_integrations_gitlab_for_slack_app_note_notification_monthly.yml
View File

@ -3,7 +3,7 @@ key_path: redis_hll_counters.integrations.i_integrations_gitlab_for_slack_app_no
description: Calculated unique users to trigger a Slack message by creating a note by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "15.6"

2
config/metrics/counts_28d/20221101213234_integrations_gitlab_for_slack_app_push_notification_monthly.yml
View File

@ -3,7 +3,7 @@ key_path: redis_hll_counters.integrations.i_integrations_gitlab_for_slack_app_pu
description: Calculated unique users to trigger a Slack message by performing a Git push by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "15.6"

2
config/metrics/counts_28d/20221101213234_integrations_gitlab_for_slack_app_tag_push_notification_monthly.yml
View File

@ -3,7 +3,7 @@ key_path: redis_hll_counters.integrations.i_integrations_gitlab_for_slack_app_ta
description: Calculated unique users to trigger a Slack message by performing a tag push by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "15.6"

2
config/metrics/counts_28d/20221101213234_integrations_gitlab_for_slack_app_wiki_page_notification_monthly.yml
View File

@ -3,7 +3,7 @@ key_path: redis_hll_counters.integrations.i_integrations_gitlab_for_slack_app_wi
description: Calculated unique users to trigger a Slack message by performing an action on a wiki page by month
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "15.6"

2
config/metrics/counts_all/20210216175400_projects_slack_notifications_active.yml
View File

@ -4,7 +4,7 @@ key_path: usage_activity_by_stage.configure.projects_slack_notifications_active
description: Unique projects with Slack webhook enabled
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175644_groups_inheriting_assembla_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.groups_inheriting_assembla_active
description: Count of active groups inheriting integrations for Assembla
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175702_instances_bugzilla_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.instances_bugzilla_active
description: Count of active instance-level integrations for Bugzilla
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175719_projects_campfire_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.projects_campfire_active
description: Count of projects with active integrations for Campfire
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175745_templates_custom_issue_tracker_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.templates_custom_issue_tracker_active
description: Count of active service templates for a Custom Issue Tracker
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: removed
milestone_removed: '14.4'

2
config/metrics/counts_all/20210216175806_groups_drone_ci_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.groups_drone_ci_active
description: Count of groups with active integrations for Drone CI
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175820_instances_emails_on_push_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.instances_emails_on_push_active
description: Count of active instance-level integrations for Emails on Push
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175826_projects_external_wiki_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.projects_external_wiki_active
description: Count of projects with active integrations for External Wiki
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175926_instances_irker_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.instances_irker_active
description: Count of active instance-level integrations for Irker
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175945_groups_jira_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.groups_jira_active
description: Count of groups with active integrations for Jira
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175952_groups_inheriting_jira_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.groups_inheriting_jira_active
description: Count of active groups inheriting integrations for Jira
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175956_groups_mattermost_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.groups_mattermost_active
description: Count of groups with active integrations for Mattermost
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216175957_templates_mattermost_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.templates_mattermost_active
description: Count of active service templates for Mattermost
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: removed
milestone_removed: '14.4'

2
config/metrics/counts_all/20210216175959_instances_mattermost_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.instances_mattermost_active
description: Count of active instance-level integrations for Mattermost
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216180001_projects_inheriting_mattermost_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.projects_inheriting_mattermost_active
description: Count of active projects inheriting integrations for Mattermost
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216180003_groups_inheriting_mattermost_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.groups_inheriting_mattermost_active
description: Count of active groups inheriting integrations for Mattermost
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216180027_projects_packagist_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.projects_packagist_active
description: Count of projects with active integrations for Packagist
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216180100_projects_pushover_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.projects_pushover_active
description: Count of projects with active integrations for Pushover
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216180149_instances_teamcity_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.instances_teamcity_active
description: Count of active instance-level integrations for Teamcity CI
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216180223_instances_youtrack_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.instances_youtrack_active
description: Count of active instance-level integrations for YouTrack
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20210216182618_templates_ewm_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.templates_ewm_active
description: Count of active service templates for EWM
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: removed
milestone_removed: '14.4'

2
config/metrics/counts_all/20210216182724_groups_mock_ci_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.groups_mock_ci_active
description: Count of groups with active integrations for Mock CI
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: removed
milestone_removed: '13.12'

2
config/metrics/counts_all/20220315180127_instances_harbor_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.instances_harbor_active
description: Count of active instance-level integrations for Harbor
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20220802141715_groups_pumble_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.groups_pumble_active
description: Count of groups with active integrations for Pumble
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

2
config/metrics/counts_all/20230607170951_projects_inheriting_telegram_active.yml
View File

@ -3,7 +3,7 @@ key_path: counts.projects_inheriting_telegram_active
description: Count of active projects inheriting integrations for Telegram
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
milestone: "16.1"

2
config/metrics/counts_all/20231205140200_projects_inheriting_diffblue_cover_active.yml
View File

@ -4,7 +4,7 @@ key_path: counts.projects_inheriting_diffblue_cover_active
description: Count of active projects inheriting integrations for Diffblue Cover
product_section: dev
product_stage: manage
product_group: integrations
product_group: import_and_integrate
value_type: number
status: active
time_frame: all

42
doc/administration/auth/ldap/index.md
View File

@ -281,25 +281,29 @@ After configuring LDAP, to test the configuration, use the
The following basic settings are available:
| Setting | Required | Type | Description |
|--------------------|-------------|------|-------------|
| `label` | **{check-circle}** Yes | String | A human-friendly name for your LDAP server. It is displayed on your sign-in page. Example: `'Paris'` or `'Acme, Ltd.'` |
| `host` | **{check-circle}** Yes | String | IP address or domain name of your LDAP server. Ignored when `hosts` is defined. Example: `'ldap.mydomain.com'` |
| `port` | **{check-circle}** Yes | Integer | The port to connect with on your LDAP server. Ignored when `hosts` is defined. Example: `389` or `636` (for SSL) |
| `uid` | **{check-circle}** Yes | String | The LDAP attribute that maps to the username that users use to sign in. Should be the attribute, not the value that maps to the `uid`. Does not affect the GitLab username (see [attributes section](#attribute-configuration-settings)). Example: `'sAMAccountName'` or `'uid'` or `'userPrincipalName'` |
| `base` | **{check-circle}** Yes | String | Base where we can search for users. Example: `'ou=people,dc=gitlab,dc=example'` or `'DC=mydomain,DC=com'` |
| `encryption` | **{check-circle}** Yes | String | Encryption method (the `method` key is deprecated in favor of `encryption`). It can have one of three values: `'start_tls'`, `'simple_tls'`, or `'plain'`. `simple_tls` corresponds to 'Simple TLS' in the LDAP library. `start_tls` corresponds to StartTLS, not to be confused with regular TLS. If you specify `simple_tls`, usually it's on port 636, while `start_tls` (StartTLS) would be on port 389. `plain` also operates on port 389. |
| `hosts` | **{dotted-circle}** No | Array of strings and integers | An array of host and port pairs to open connections. Each configured server should have an identical data set. This is not meant to configure multiple distinct LDAP servers, but to configure failover. Hosts are tried in the order they are configured. Example: `[['ldap1.mydomain.com', 636], ['ldap2.mydomain.com', 636]]` |
| `bind_dn` | **{dotted-circle}** No | String | The full DN of the user you bind with. Example: `'america\momo'` or `'CN=Gitlab,OU=Users,DC=domain,DC=com'` |
| `password` | **{dotted-circle}** No | String | The password of the bind user. |
| `verify_certificates` | **{dotted-circle}** No | Boolean | Defaults to `true`. Enables SSL certificate verification if encryption method is `start_tls` or `simple_tls`. If set to `false`, no validation of the LDAP server's SSL certificate is performed. |
| `timeout` | **{dotted-circle}** No | Integer | Defaults to `10`. Set a timeout, in seconds, for LDAP queries. This helps avoid blocking a request if the LDAP server becomes unresponsive. A value of `0` means there is no timeout. |
| `active_directory` | **{dotted-circle}** No | Boolean | This setting specifies if LDAP server is Active Directory LDAP server. For non-AD servers it skips the AD specific queries. If your LDAP server is not AD, set this to false. |
| `allow_username_or_email_login` | **{dotted-circle}** No | Boolean | Defaults to `false`. If enabled, GitLab ignores everything after the first `@` in the LDAP username submitted by the user on sign-in. If you are using `uid: 'userPrincipalName'` on ActiveDirectory you must disable this setting, because the userPrincipalName contains an `@`. |
| `block_auto_created_users` | **{dotted-circle}** No | Boolean | Defaults to `false`. To maintain tight control over the number of billable users on your GitLab installation, enable this setting to keep new users blocked until they have been cleared by an administrator . |
| `user_filter` | **{dotted-circle}** No | String | Filter LDAP users. Follows the format of [RFC 4515](https://www.rfc-editor.org/rfc/rfc4515.html). GitLab does not support `omniauth-ldap`'s custom filter syntax. Examples of the `user_filter` field syntax:<br/><br/>- `'(employeeType=developer)'`<br/>- `'(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'` |
| `lowercase_usernames` | **{dotted-circle}** No | Boolean | If enabled, GitLab converts the name to lower case. |
| `retry_empty_result_with_codes` | **{dotted-circle}** No | Array | An array of LDAP query response code that attempt to retry the operation if the result/content is empty. For Google Secure LDAP, set this value to `[80]`. |
<!-- markdownlint-disable MD056 -->
| Setting | Required | Type | Description |
|---------------------------------|------------------------|-------------------------------|-------------|
| `label` | **{check-circle}** Yes | String | A human-friendly name for your LDAP server. It is displayed on your sign-in page. Example: `'Paris'` or `'Acme, Ltd.'` |
| `host` | **{check-circle}** Yes | String | IP address or domain name of your LDAP server. Ignored when `hosts` is defined. Example: `'ldap.mydomain.com'` |
| `port` | **{check-circle}** Yes | Integer | The port to connect with on your LDAP server. Ignored when `hosts` is defined. Example: `389` or `636` (for SSL) |
| `uid` | **{check-circle}** Yes | String | The LDAP attribute that maps to the username that users use to sign in. Should be the attribute, not the value that maps to the `uid`. Does not affect the GitLab username (see [attributes section](#attribute-configuration-settings)). Example: `'sAMAccountName'` or `'uid'` or `'userPrincipalName'` |
| `base` | **{check-circle}** Yes | String | Base where we can search for users. Example: `'ou=people,dc=gitlab,dc=example'` or `'DC=mydomain,DC=com'` |
| `encryption` | **{check-circle}** Yes | String | Encryption method (the `method` key is deprecated in favor of `encryption`). It can have one of three values: `'start_tls'`, `'simple_tls'`, or `'plain'`. `simple_tls` corresponds to 'Simple TLS' in the LDAP library. `start_tls` corresponds to StartTLS, not to be confused with regular TLS. If you specify `simple_tls`, usually it's on port 636, while `start_tls` (StartTLS) would be on port 389. `plain` also operates on port 389. |
| `hosts` | **{dotted-circle}** No | Array of strings and integers | An array of host and port pairs to open connections. Each configured server should have an identical data set. This is not meant to configure multiple distinct LDAP servers, but to configure failover. Hosts are tried in the order they are configured. Example: `[['ldap1.mydomain.com', 636], ['ldap2.mydomain.com', 636]]` |
| `bind_dn` | **{dotted-circle}** No | String | The full DN of the user you bind with. Example: `'america\momo'` or `'CN=Gitlab,OU=Users,DC=domain,DC=com'` |
| `password` | **{dotted-circle}** No | String | The password of the bind user. |
| `verify_certificates` | **{dotted-circle}** No | Boolean | Defaults to `true`. Enables SSL certificate verification if encryption method is `start_tls` or `simple_tls`. If set to `false`, no validation of the LDAP server's SSL certificate is performed. |
| `timeout` | **{dotted-circle}** No | Integer | Defaults to `10`. Set a timeout, in seconds, for LDAP queries. This helps avoid blocking a request if the LDAP server becomes unresponsive. A value of `0` means there is no timeout. |
| `active_directory` | **{dotted-circle}** No | Boolean | This setting specifies if LDAP server is Active Directory LDAP server. For non-AD servers it skips the AD specific queries. If your LDAP server is not AD, set this to false. |
| `allow_username_or_email_login` | **{dotted-circle}** No | Boolean | Defaults to `false`. If enabled, GitLab ignores everything after the first `@` in the LDAP username submitted by the user on sign-in. If you are using `uid: 'userPrincipalName'` on ActiveDirectory you must disable this setting, because the userPrincipalName contains an `@`. |
| `block_auto_created_users` | **{dotted-circle}** No | Boolean | Defaults to `false`. To maintain tight control over the number of billable users on your GitLab installation, enable this setting to keep new users blocked until they have been cleared by an administrator . |
| `user_filter` | **{dotted-circle}** No | String | Filter LDAP users. Follows the format of [RFC 4515](https://www.rfc-editor.org/rfc/rfc4515.html). GitLab does not support `omniauth-ldap`'s custom filter syntax. Examples of the `user_filter` field syntax:<br/><br/>- `'(employeeType=developer)'`<br/>- `'(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'` |
| `lowercase_usernames` | **{dotted-circle}** No | Boolean | If enabled, GitLab converts the name to lower case. |
| `retry_empty_result_with_codes` | **{dotted-circle}** No | Array | An array of LDAP query response code that attempt to retry the operation if the result/content is empty. For Google Secure LDAP, set this value to `[80]`. |
<!-- markdownlint-enable MD056 -->
### SSL configuration settings

58
doc/administration/geo/replication/datatypes.md
View File

@ -190,35 +190,35 @@ replicating data from those features causes the data to be **lost**.
To use those features on a **secondary** site, or to execute a failover
successfully, you must replicate their data using some other means.
|Feature | Replicated (added in GitLab version) | Verified (added in GitLab version) | GitLab-managed object storage replication (added in GitLab version) | GitLab-managed object storage verification (added in GitLab version) | Notes |
|:--------------------------------------------------------------------------------------------------------------|:------------------------------------------------------------------------|:---------------------------------------------------------------------------|:--------------------------------------------------------------------|:----------------------------------------------------------------|:------|
|[Application data in PostgreSQL](../../postgresql/index.md) | **Yes** (10.2) | **Yes** (10.2) | Not applicable | Not applicable | |
|[Project repository](../../../user/project/repository/index.md) | **Yes** (10.2) | **Yes** (10.7) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Migrated to [self-service framework](../../../development/geo/framework.md) in 16.2. See GitLab issue [#367925](https://gitlab.com/gitlab-org/gitlab/-/issues/367925) for more details.<br /><br />Behind feature flag `geo_project_repository_replication`, enabled by default in (16.3).<br /><br /> All projects, including [archived projects](../../../user/project/working_with_projects.md#archive-a-project), are replicated. |
|[Project wiki repository](../../../user/project/wiki/index.md) | **Yes** (10.2)<sup>2</sup> | **Yes** (10.7)<sup>2</sup> | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Migrated to [self-service framework](../../../development/geo/framework.md) in 15.11. See GitLab issue [#367925](https://gitlab.com/gitlab-org/gitlab/-/issues/367925) for more details.<br /><br />Behind feature flag `geo_project_wiki_repository_replication`, enabled by default in (15.11). |
|[Group wiki repository](../../../user/project/wiki/group.md) | [**Yes** (13.10)](https://gitlab.com/gitlab-org/gitlab/-/issues/208147) | [**Yes** (16.3)](https://gitlab.com/gitlab-org/gitlab/-/issues/323897) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Behind feature flag `geo_group_wiki_repository_replication`, enabled by default. |
|[Uploads](../../uploads.md) | **Yes** (10.2) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication is behind the feature flag `geo_upload_replication`, enabled by default. Verification was behind the feature flag `geo_upload_verification`, removed in 14.8. |
|[LFS objects](../../lfs/index.md) | **Yes** (10.2) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | GitLab versions 11.11.x and 12.0.x are affected by [a bug that prevents any new LFS objects from replicating](https://gitlab.com/gitlab-org/gitlab/-/issues/32696).<br /><br />Replication is behind the feature flag `geo_lfs_object_replication`, enabled by default. Verification was behind the feature flag `geo_lfs_object_verification`, removed in 14.7. |
|[Personal snippets](../../../user/snippets.md) | **Yes** (10.2) | **Yes** (10.2) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | |
|[Project snippets](../../../user/snippets.md) | **Yes** (10.2) | **Yes** (10.2) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | |
|[CI job artifacts](../../../ci/jobs/job_artifacts.md) | **Yes** (10.4) | **Yes** (14.10) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Verification is behind the feature flag `geo_job_artifact_replication`, enabled by default in 14.10. |
|[CI Pipeline Artifacts](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/ci/pipeline_artifact.rb) | [**Yes** (13.11)](https://gitlab.com/gitlab-org/gitlab/-/issues/238464) | [**Yes** (13.11)](https://gitlab.com/gitlab-org/gitlab/-/issues/238464) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Persists additional artifacts after a pipeline completes. |
|[CI Secure Files](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/ci/secure_file.rb) | [**Yes** (15.3)](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91430) | [**Yes** (15.3)](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91430) | [**Yes** (15.3)](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91430) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Verification is behind the feature flag `geo_ci_secure_file_replication`, enabled by default in 15.3. |
|[Container registry](../../packages/container_registry.md) | **Yes** (12.3)<sup>1</sup> | **Yes** (15.10) | **Yes** (12.3)<sup>1</sup> | **Yes** (15.10) | See [instructions](container_registry.md) to set up the container registry replication. |
|[Terraform Module Registry](../../../user/packages/terraform_module_registry/index.md) | **Yes** (14.0) | **Yes** (14.0) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Behind feature flag `geo_package_file_replication`, enabled by default. |
|[Project designs repository](../../../user/project/issues/design_management.md) | **Yes** (12.7) | **Yes** (16.1) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Designs also require replication of LFS objects and Uploads. |
|[Package registry](../../../user/packages/package_registry/index.md) | **Yes** (13.2) | **Yes** (13.10) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Behind feature flag `geo_package_file_replication`, enabled by default. |
|[Versioned Terraform State](../../terraform_state.md) | **Yes** (13.5) | **Yes** (13.12) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication is behind the feature flag `geo_terraform_state_version_replication`, enabled by default. Verification was behind the feature flag `geo_terraform_state_version_verification`, which was removed in 14.0. |
|[External merge request diffs](../../merge_request_diffs.md) | **Yes** (13.5) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication is behind the feature flag `geo_merge_request_diff_replication`, enabled by default. Verification was behind the feature flag `geo_merge_request_diff_verification`, removed in 14.7.|
|[Versioned snippets](../../../user/snippets.md#versioned-snippets) | [**Yes** (13.7)](https://gitlab.com/groups/gitlab-org/-/epics/2809) | [**Yes** (14.2)](https://gitlab.com/groups/gitlab-org/-/epics/2810) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Verification was implemented behind the feature flag `geo_snippet_repository_verification` in 13.11, and the feature flag was removed in 14.2. |
|[GitLab Pages](../../pages/index.md) | [**Yes** (14.3)](https://gitlab.com/groups/gitlab-org/-/epics/589) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Behind feature flag `geo_pages_deployment_replication`, enabled by default. Verification was behind the feature flag `geo_pages_deployment_verification`, removed in 14.7. |
|[Project-level Secure files](../../../ci/secure_files/index.md) | **Yes** (15.3) | **Yes** (15.3) | **Yes** (15.3) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | |
| [Incident Metric Images](../../../operations/incident_management/incidents.md#metrics) | **Yes** (15.5) | **Yes** (15.5) | **Yes** (15.5) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication/Verification is handled via the Uploads data type. | |
|[Alert Metric Images](../../../operations/incident_management/alerts.md#metrics-tab) | **Yes** (15.5) | **Yes** (15.5) | **Yes** (15.5) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication/Verification is handled via the Uploads data type. |
|[Server-side Git hooks](../../server_hooks.md) | [Not planned](https://gitlab.com/groups/gitlab-org/-/epics/1867) | No | Not applicable | Not applicable | Not planned because of current implementation complexity, low customer interest, and availability of alternatives to hooks. |
|[Elasticsearch integration](../../../integration/advanced_search/elasticsearch.md) | [Not planned](https://gitlab.com/gitlab-org/gitlab/-/issues/1186) | No | No | No | Not planned because further product discovery is required and Elasticsearch (ES) clusters can be rebuilt. Secondaries use the same ES cluster as the primary. |
|[Dependency Proxy Images](../../../user/packages/dependency_proxy/index.md) | [**Yes** (15.7)](https://gitlab.com/groups/gitlab-org/-/epics/8833) | [**Yes** (15.7)](https://gitlab.com/groups/gitlab-org/-/epics/8833) | [**Yes** (15.7)](https://gitlab.com/groups/gitlab-org/-/epics/8833) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | |
|[Vulnerability Export](../../../user/application_security/vulnerability_report/index.md#export-vulnerability-details) | [Not planned](https://gitlab.com/groups/gitlab-org/-/epics/3111) | No | No | No | Not planned because they are ephemeral and sensitive information. They can be regenerated on demand. |
|Packages NPM metadata cache | [Not planned](https://gitlab.com/gitlab-org/gitlab/-/issues/408278) | No | No | No | Not planned because it would not notably improve disaster recovery capabilities nor response times at secondary sites. |
| Feature | Replicated (added in GitLab version) | Verified (added in GitLab version) | GitLab-managed object storage replication (added in GitLab version) | GitLab-managed object storage verification (added in GitLab version) | Notes |
|:----------------------------------------------------------------------------------------------------------------------|:------------------------------------------------------------------------------|:------------------------------------------------------------------------------|:--------------------------------------------------------------------------------|:--------------------------------------------------------------------------------|:------|
| [Application data in PostgreSQL](../../postgresql/index.md) | **Yes** (10.2) | **Yes** (10.2) | Not applicable | Not applicable | |
| [Project repository](../../../user/project/repository/index.md) | **Yes** (10.2) | **Yes** (10.7) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Migrated to [self-service framework](../../../development/geo/framework.md) in 16.2. See GitLab issue [#367925](https://gitlab.com/gitlab-org/gitlab/-/issues/367925) for more details.<br /><br />Behind feature flag `geo_project_repository_replication`, enabled by default in (16.3).<br /><br /> All projects, including [archived projects](../../../user/project/working_with_projects.md#archive-a-project), are replicated. |
| [Project wiki repository](../../../user/project/wiki/index.md) | **Yes** (10.2)<sup>2</sup> | **Yes** (10.7)<sup>2</sup> | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Migrated to [self-service framework](../../../development/geo/framework.md) in 15.11. See GitLab issue [#367925](https://gitlab.com/gitlab-org/gitlab/-/issues/367925) for more details.<br /><br />Behind feature flag `geo_project_wiki_repository_replication`, enabled by default in (15.11). |
| [Group wiki repository](../../../user/project/wiki/group.md) | [**Yes** (13.10)](https://gitlab.com/gitlab-org/gitlab/-/issues/208147) | [**Yes** (16.3)](https://gitlab.com/gitlab-org/gitlab/-/issues/323897) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Behind feature flag `geo_group_wiki_repository_replication`, enabled by default. |
| [Uploads](../../uploads.md) | **Yes** (10.2) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication is behind the feature flag `geo_upload_replication`, enabled by default. Verification was behind the feature flag `geo_upload_verification`, removed in 14.8. |
| [LFS objects](../../lfs/index.md) | **Yes** (10.2) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | GitLab versions 11.11.x and 12.0.x are affected by [a bug that prevents any new LFS objects from replicating](https://gitlab.com/gitlab-org/gitlab/-/issues/32696).<br /><br />Replication is behind the feature flag `geo_lfs_object_replication`, enabled by default. Verification was behind the feature flag `geo_lfs_object_verification`, removed in 14.7. |
| [Personal snippets](../../../user/snippets.md) | **Yes** (10.2) | **Yes** (10.2) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | |
| [Project snippets](../../../user/snippets.md) | **Yes** (10.2) | **Yes** (10.2) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | |
| [CI job artifacts](../../../ci/jobs/job_artifacts.md) | **Yes** (10.4) | **Yes** (14.10) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Verification is behind the feature flag `geo_job_artifact_replication`, enabled by default in 14.10. |
| [CI Pipeline Artifacts](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/ci/pipeline_artifact.rb) | [**Yes** (13.11)](https://gitlab.com/gitlab-org/gitlab/-/issues/238464) | [**Yes** (13.11)](https://gitlab.com/gitlab-org/gitlab/-/issues/238464) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Persists additional artifacts after a pipeline completes. |
| [CI Secure Files](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/ci/secure_file.rb) | [**Yes** (15.3)](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91430) | [**Yes** (15.3)](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91430) | [**Yes** (15.3)](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91430) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Verification is behind the feature flag `geo_ci_secure_file_replication`, enabled by default in 15.3. |
| [Container registry](../../packages/container_registry.md) | **Yes** (12.3)<sup>1</sup> | **Yes** (15.10) | **Yes** (12.3)<sup>1</sup> | **Yes** (15.10) | See [instructions](container_registry.md) to set up the container registry replication. |
| [Terraform Module Registry](../../../user/packages/terraform_module_registry/index.md) | **Yes** (14.0) | **Yes** (14.0) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Behind feature flag `geo_package_file_replication`, enabled by default. |
| [Project designs repository](../../../user/project/issues/design_management.md) | **Yes** (12.7) | **Yes** (16.1) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Designs also require replication of LFS objects and Uploads. |
| [Package registry](../../../user/packages/package_registry/index.md) | **Yes** (13.2) | **Yes** (13.10) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Behind feature flag `geo_package_file_replication`, enabled by default. |
| [Versioned Terraform State](../../terraform_state.md) | **Yes** (13.5) | **Yes** (13.12) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication is behind the feature flag `geo_terraform_state_version_replication`, enabled by default. Verification was behind the feature flag `geo_terraform_state_version_verification`, which was removed in 14.0. |
| [External merge request diffs](../../merge_request_diffs.md) | **Yes** (13.5) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication is behind the feature flag `geo_merge_request_diff_replication`, enabled by default. Verification was behind the feature flag `geo_merge_request_diff_verification`, removed in 14.7. |
| [Versioned snippets](../../../user/snippets.md#versioned-snippets) | [**Yes** (13.7)](https://gitlab.com/groups/gitlab-org/-/epics/2809) | [**Yes** (14.2)](https://gitlab.com/groups/gitlab-org/-/epics/2810) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Verification was implemented behind the feature flag `geo_snippet_repository_verification` in 13.11, and the feature flag was removed in 14.2. |
| [GitLab Pages](../../pages/index.md) | [**Yes** (14.3)](https://gitlab.com/groups/gitlab-org/-/epics/589) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Behind feature flag `geo_pages_deployment_replication`, enabled by default. Verification was behind the feature flag `geo_pages_deployment_verification`, removed in 14.7. |
| [Project-level Secure files](../../../ci/secure_files/index.md) | **Yes** (15.3) | **Yes** (15.3) | **Yes** (15.3) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | |
| [Incident Metric Images](../../../operations/incident_management/incidents.md#metrics) | **Yes** (15.5) | **Yes** (15.5) | **Yes** (15.5) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication/Verification is handled via the Uploads data type. |
| [Alert Metric Images](../../../operations/incident_management/alerts.md#metrics-tab) | **Yes** (15.5) | **Yes** (15.5) | **Yes** (15.5) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication/Verification is handled via the Uploads data type. |
| [Server-side Git hooks](../../server_hooks.md) | [Not planned](https://gitlab.com/groups/gitlab-org/-/epics/1867) | No | Not applicable | Not applicable | Not planned because of current implementation complexity, low customer interest, and availability of alternatives to hooks. |
| [Elasticsearch integration](../../../integration/advanced_search/elasticsearch.md) | [Not planned](https://gitlab.com/gitlab-org/gitlab/-/issues/1186) | No | No | No | Not planned because further product discovery is required and Elasticsearch (ES) clusters can be rebuilt. Secondaries use the same ES cluster as the primary. |
| [Dependency Proxy Images](../../../user/packages/dependency_proxy/index.md) | [**Yes** (15.7)](https://gitlab.com/groups/gitlab-org/-/epics/8833) | [**Yes** (15.7)](https://gitlab.com/groups/gitlab-org/-/epics/8833) | [**Yes** (15.7)](https://gitlab.com/groups/gitlab-org/-/epics/8833) | [**Yes** (16.4)<sup>3</sup>](https://gitlab.com/groups/gitlab-org/-/epics/8056) | |
| [Vulnerability Export](../../../user/application_security/vulnerability_report/index.md#export-vulnerability-details) | [Not planned](https://gitlab.com/groups/gitlab-org/-/epics/3111) | No | No | No | Not planned because they are ephemeral and sensitive information. They can be regenerated on demand. |
| Packages NPM metadata cache | [Not planned](https://gitlab.com/gitlab-org/gitlab/-/issues/408278) | No | No | No | Not planned because it would not notably improve disaster recovery capabilities nor response times at secondary sites. |
<sup>1</sup> Migrated to [self-service framework](../../../development/geo/framework.md) in 15.5. See GitLab issue [#337436](https://gitlab.com/gitlab-org/gitlab/-/issues/337436) for more details.

2
doc/api/appearance.md
View File

@ -71,7 +71,7 @@ PUT /application/appearance
| `logo` | mixed | no | Instance image used on the sign in / sign up page. See [Change logo](#change-logo) |
| `header_logo` | mixed | no | Instance image used for the main navigation bar |
| `favicon` | mixed | no | Instance favicon in `.ico` or `.png` format |
| `member_guidelines` | string | no | Markdown text shown on the group or project member page for users with permission to change members
| `member_guidelines` | string | no | Markdown text shown on the group or project member page for users with permission to change members |
| `new_project_guidelines` | string | no | Markdown text shown on the new project page |
| `profile_image_guidelines` | string | no | Markdown text shown on the profile page below Public Avatar |
| `header_message` | string | no | Message in the system header bar |

8
doc/api/groups.md
View File

@ -2040,6 +2040,8 @@ Only available to group owners and administrators.
POST /groups/:id/push_rule
```
<!-- markdownlint-disable MD056 -->
| Attribute | Type | Required | Description |
| --------------------------------------------- | -------------- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) |
@ -2056,6 +2058,8 @@ POST /groups/:id/push_rule
| `commit_committer_check` | boolean | no | Only commits pushed using verified emails are allowed |
| `reject_unsigned_commits` | boolean | no | Only commits signed through GPG are allowed |
<!-- markdownlint-enable MD056 -->
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/19/push_rule"
```
@ -2089,6 +2093,8 @@ Only available to group owners and administrators.
PUT /groups/:id/push_rule
```
<!-- markdownlint-disable MD056 -->
| Attribute | Type | Required | Description |
| --------------------------------------------- | -------------- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) |
@ -2105,6 +2111,8 @@ PUT /groups/:id/push_rule
| `commit_committer_check` | boolean | no | Only commits pushed using verified emails are allowed |
| `reject_unsigned_commits` | boolean | no | Only commits signed through GPG are allowed |
<!-- markdownlint-enable MD056 -->
```shell
curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/19/push_rule"
```

8
doc/api/projects.md
View File

@ -2996,6 +2996,8 @@ Adds a push rule to a specified project.
POST /projects/:id/push_rule
```
<!-- markdownlint-disable MD056 -->
| Attribute | Type | Required | Description |
|---------------------------------|-------------------|----------|-------------|
| `id` | integer or string | Yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
@ -3012,6 +3014,8 @@ POST /projects/:id/push_rule
| `prevent_secrets` | boolean | No | GitLab rejects any files that are likely to contain secrets. |
| `reject_unsigned_commits` | boolean | No | Reject commit when it's not signed through GPG. |
<!-- markdownlint-enable MD056 -->
### Edit project push rule
Edits a push rule for a specified project.
@ -3020,6 +3024,8 @@ Edits a push rule for a specified project.
PUT /projects/:id/push_rule
```
<!-- markdownlint-disable MD056 -->
| Attribute | Type | Required | Description |
|---------------------------------|-------------------|----------|-------------|
| `id` | integer or string | Yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
@ -3036,6 +3042,8 @@ PUT /projects/:id/push_rule
| `prevent_secrets` | boolean | No | GitLab rejects any files that are likely to contain secrets. |
| `reject_unsigned_commits` | boolean | No | Reject commits when they are not GPG signed. |
<!-- markdownlint-enable MD056 -->
### Delete project push rule
> - Moved to GitLab Premium in 13.9.

110
doc/api/settings.md
View File

@ -328,8 +328,8 @@ listed in the descriptions of the relevant settings.
| `after_sign_up_text` | string | no | Text shown to the user after signing up. |
| `akismet_api_key` | string | required by: `akismet_enabled` | API key for Akismet spam protection. |
| `akismet_enabled` | boolean | no | (**If enabled, requires:** `akismet_api_key`) Enable or disable Akismet spam protection. |
| `allow_account_deletion` | boolean | no | Set to `true` to allow users to delete their accounts. Premium and Ultimate only. |
| `allow_group_owners_to_manage_ldap` | boolean | no | Set to `true` to allow group owners to manage LDAP. Premium and Ultimate only. |
| `allow_account_deletion` | boolean | no | Set to `true` to allow users to delete their accounts. Premium and Ultimate only. |
| `allow_group_owners_to_manage_ldap` | boolean | no | Set to `true` to allow group owners to manage LDAP. Premium and Ultimate only. |
| `allow_local_requests_from_hooks_and_services` | boolean | no | (Deprecated: Use `allow_local_requests_from_web_hooks_and_services` instead) Allow requests to the local network from webhooks and integrations. |
| `allow_local_requests_from_system_hooks` | boolean | no | Allow requests to the local network from system hooks. |
| `allow_local_requests_from_web_hooks_and_services` | boolean | no | Allow requests to the local network from webhooks and integrations. |
@ -374,9 +374,9 @@ listed in the descriptions of the relevant settings.
| `default_projects_limit` | integer | no | Project limit per user. Default is `100000`. |
| `default_snippet_visibility` | string | no | What visibility level new snippets receive. Can take `private`, `internal` and `public` as a parameter. Default is `private`. |
| `default_syntax_highlighting_theme` | integer | no | Default syntax highlighting theme for users who are new or not signed in. See [IDs of available themes](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/themes.rb#L16). |
| `default_project_deletion_protection` | boolean | no | Enable default project deletion protection so only administrators can delete projects. Default is `false`. Self-managed, Premium and Ultimate only. |
| `delete_unconfirmed_users` | boolean | no | Specifies whether users who have not confirmed their email should be deleted. Default is `false`. When set to `true`, unconfirmed users are deleted after `unconfirmed_users_delete_after_days` days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. Self-managed, Premium and Ultimate only. |
| `deletion_adjourned_period` | integer | no | Number of days to wait before deleting a project or group that is marked for deletion. Value must be between `1` and `90`. Defaults to `7`. Self-managed, Premium and Ultimate only. |
| `default_project_deletion_protection` | boolean | no | Enable default project deletion protection so only administrators can delete projects. Default is `false`. Self-managed, Premium and Ultimate only. |
| `delete_unconfirmed_users` | boolean | no | Specifies whether users who have not confirmed their email should be deleted. Default is `false`. When set to `true`, unconfirmed users are deleted after `unconfirmed_users_delete_after_days` days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. Self-managed, Premium and Ultimate only. |
| `deletion_adjourned_period` | integer | no | Number of days to wait before deleting a project or group that is marked for deletion. Value must be between `1` and `90`. Defaults to `7`. Self-managed, Premium and Ultimate only. |
| `diagramsnet_enabled` | boolean | no | (If enabled, requires `diagramsnet_url`) Enable [Diagrams.net integration](../administration/integration/diagrams_net.md). Default is `true`. |
| `diagramsnet_url` | string | required by: `diagramsnet_enabled` | The Diagrams.net instance URL for integration. |
| `diff_max_patch_bytes` | integer | no | Maximum [diff patch size](../administration/diff_limits.md), in bytes. |
@ -384,7 +384,7 @@ listed in the descriptions of the relevant settings.
| `diff_max_lines` | integer | no | Maximum [lines in a diff](../administration/diff_limits.md). |
| `disable_admin_oauth_scopes` | boolean | no | Stops administrators from connecting their GitLab accounts to non-trusted OAuth 2.0 applications that have the `api`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, or `sudo` scopes. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375043) in GitLab 15.6. |
| `disable_feed_token` | boolean | no | Disable display of RSS/Atom and calendar feed tokens. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/231493) in GitLab 13.7. |
| `disable_personal_access_token` | boolean | no | Disable personal access tokens. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384201) in GitLab 15.7. Self-managed, Premium and Ultimate only. |
| `disable_personal_access_token` | boolean | no | Disable personal access tokens. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384201) in GitLab 15.7. Self-managed, Premium and Ultimate only. |
| `disabled_oauth_sign_in_sources` | array of strings | no | Disabled OAuth sign-in sources. |
| `dns_rebinding_protection_enabled` | boolean | no | Enforce DNS-rebinding attack protection. |
| `domain_denylist_enabled` | boolean | no | (**If enabled, requires:** `domain_denylist`) Allows blocking sign-ups from emails from specific domains. |
@ -399,26 +399,26 @@ listed in the descriptions of the relevant settings.
| `eks_account_id` | string | no | Amazon account ID. |
| `eks_integration_enabled` | boolean | no | Enable integration with Amazon EKS. |
| `eks_secret_access_key` | string | no | AWS IAM secret access key. |
| `elasticsearch_aws_access_key` | string | no | AWS IAM access key. Premium and Ultimate only. |
| `elasticsearch_aws_region` | string | no | The AWS region the Elasticsearch domain is configured. Premium and Ultimate only. |
| `elasticsearch_aws_secret_access_key` | string | no | AWS IAM secret access key. Premium and Ultimate only. |
| `elasticsearch_aws` | boolean | no | Enable the use of AWS hosted Elasticsearch. Premium and Ultimate only. |
| `elasticsearch_indexed_field_length_limit` | integer | no | Maximum size of text fields to index by Elasticsearch. 0 value means no limit. This does not apply to repository and wiki indexing. Premium and Ultimate only. |
| `elasticsearch_indexed_file_size_limit_kb` | integer | no | Maximum size of repository and wiki files that are indexed by Elasticsearch. Premium and Ultimate only. |
| `elasticsearch_indexing` | boolean | no | Enable Elasticsearch indexing. Premium and Ultimate only. |
| `elasticsearch_requeue_workers` | boolean | no | Enable automatic requeuing of indexing workers. This improves non-code indexing throughput by enqueuing Sidekiq jobs until all documents are processed. Premium and Ultimate only. |
| `elasticsearch_limit_indexing` | boolean | no | Limit Elasticsearch to index certain namespaces and projects. Premium and Ultimate only. |
| `elasticsearch_max_bulk_concurrency` | integer | no | Maximum concurrency of Elasticsearch bulk requests per indexing operation. This only applies to repository indexing operations. Premium and Ultimate only. |
| `elasticsearch_max_code_indexing_concurrency` | integer | no | Maximum concurrency of Elasticsearch code indexing background jobs. This only applies to repository indexing operations. Premium and Ultimate only. |
| `elasticsearch_worker_number_of_shards` | integer | no | Number of indexing worker shards. This improves non-code indexing throughput by enqueuing more parallel Sidekiq jobs. Default is `2`. Premium and Ultimate only. |
| `elasticsearch_max_bulk_size_mb` | integer | no | Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations. Premium and Ultimate only. |
| `elasticsearch_namespace_ids` | array of integers | no | The namespaces to index via Elasticsearch if `elasticsearch_limit_indexing` is enabled. Premium and Ultimate only. |
| `elasticsearch_project_ids` | array of integers | no | The projects to index via Elasticsearch if `elasticsearch_limit_indexing` is enabled. Premium and Ultimate only. |
| `elasticsearch_search` | boolean | no | Enable Elasticsearch search. Premium and Ultimate only. |
| `elasticsearch_url` | string | no | The URL to use for connecting to Elasticsearch. Use a comma-separated list to support cluster (for example, `http://localhost:9200, http://localhost:9201"`). Premium and Ultimate only. |
| `elasticsearch_username` | string | no | The `username` of your Elasticsearch instance. Premium and Ultimate only. |
| `elasticsearch_password` | string | no | The password of your Elasticsearch instance. Premium and Ultimate only. |
| `email_additional_text` | string | no | Additional text added to the bottom of every email for legal/auditing/compliance reasons. Premium and Ultimate only. |
| `elasticsearch_aws_access_key` | string | no | AWS IAM access key. Premium and Ultimate only. |
| `elasticsearch_aws_region` | string | no | The AWS region the Elasticsearch domain is configured. Premium and Ultimate only. |
| `elasticsearch_aws_secret_access_key` | string | no | AWS IAM secret access key. Premium and Ultimate only. |
| `elasticsearch_aws` | boolean | no | Enable the use of AWS hosted Elasticsearch. Premium and Ultimate only. |
| `elasticsearch_indexed_field_length_limit` | integer | no | Maximum size of text fields to index by Elasticsearch. 0 value means no limit. This does not apply to repository and wiki indexing. Premium and Ultimate only. |
| `elasticsearch_indexed_file_size_limit_kb` | integer | no | Maximum size of repository and wiki files that are indexed by Elasticsearch. Premium and Ultimate only. |
| `elasticsearch_indexing` | boolean | no | Enable Elasticsearch indexing. Premium and Ultimate only. |
| `elasticsearch_requeue_workers` | boolean | no | Enable automatic requeuing of indexing workers. This improves non-code indexing throughput by enqueuing Sidekiq jobs until all documents are processed. Premium and Ultimate only. |
| `elasticsearch_limit_indexing` | boolean | no | Limit Elasticsearch to index certain namespaces and projects. Premium and Ultimate only. |
| `elasticsearch_max_bulk_concurrency` | integer | no | Maximum concurrency of Elasticsearch bulk requests per indexing operation. This only applies to repository indexing operations. Premium and Ultimate only. |
| `elasticsearch_max_code_indexing_concurrency` | integer | no | Maximum concurrency of Elasticsearch code indexing background jobs. This only applies to repository indexing operations. Premium and Ultimate only. |
| `elasticsearch_worker_number_of_shards` | integer | no | Number of indexing worker shards. This improves non-code indexing throughput by enqueuing more parallel Sidekiq jobs. Default is `2`. Premium and Ultimate only. |
| `elasticsearch_max_bulk_size_mb` | integer | no | Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations. Premium and Ultimate only. |
| `elasticsearch_namespace_ids` | array of integers | no | The namespaces to index via Elasticsearch if `elasticsearch_limit_indexing` is enabled. Premium and Ultimate only. |
| `elasticsearch_project_ids` | array of integers | no | The projects to index via Elasticsearch if `elasticsearch_limit_indexing` is enabled. Premium and Ultimate only. |
| `elasticsearch_search` | boolean | no | Enable Elasticsearch search. Premium and Ultimate only. |
| `elasticsearch_url` | string | no | The URL to use for connecting to Elasticsearch. Use a comma-separated list to support cluster (for example, `http://localhost:9200, http://localhost:9201"`). Premium and Ultimate only. |
| `elasticsearch_username` | string | no | The `username` of your Elasticsearch instance. Premium and Ultimate only. |
| `elasticsearch_password` | string | no | The password of your Elasticsearch instance. Premium and Ultimate only. |
| `email_additional_text` | string | no | Additional text added to the bottom of every email for legal/auditing/compliance reasons. Premium and Ultimate only. |
| `email_author_in_body` | boolean | no | Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead. |
| `email_confirmation_setting` | string | no | Specifies whether users must confirm their email before sign in. Possible values are `off`, `soft`, and `hard`. |
| `custom_http_clone_url_root` | string | no | Set a custom Git clone URL for HTTP(S). |
@ -437,13 +437,13 @@ listed in the descriptions of the relevant settings.
| `external_pipeline_validation_service_timeout` | integer | no | How long to wait for a response from the pipeline validation service. Assumes `OK` if it times out. |
| `static_objects_external_storage_url` | string | no | URL to an external storage for repository static objects. |
| `static_objects_external_storage_auth_token` | string | required by: `static_objects_external_storage_url` | Authentication token for the external storage linked in `static_objects_external_storage_url`. |
| `failed_login_attempts_unlock_period_in_minutes` | integer | no | Time period in minutes after which the user is unlocked when maximum number of failed sign-in attempts reached. |
| `file_template_project_id` | integer | no | The ID of a project to load custom file templates from. Premium and Ultimate only. |
| `failed_login_attempts_unlock_period_in_minutes` | integer | no | Time period in minutes after which the user is unlocked when maximum number of failed sign-in attempts reached. |
| `file_template_project_id` | integer | no | The ID of a project to load custom file templates from. Premium and Ultimate only. |
| `first_day_of_week` | integer | no | Start day of the week for calendar views and date pickers. Valid values are `0` (default) for Sunday, `1` for Monday, and `6` for Saturday. |
| `globally_allowed_ips` | string | no | Comma-separated list of IP addresses and CIDRs always allowed for inbound traffic. For example, `1.1.1.1, 2.2.2.0/24`. |
| `geo_node_allowed_ips` | string | yes | Comma-separated list of IPs and CIDRs of allowed secondary nodes. For example, `1.1.1.1, 2.2.2.0/24`. Self-managed, Premium and Ultimate only. |
| `geo_status_timeout` | integer | no | The amount of seconds after which a request to get a secondary node status times out. Self-managed, Premium and Ultimate only. |
| `git_two_factor_session_expiry` | integer | no | Maximum duration (in minutes) of a session for Git operations when 2FA is enabled. Premium and Ultimate only. |
| `git_two_factor_session_expiry` | integer | no | Maximum duration (in minutes) of a session for Git operations when 2FA is enabled. Premium and Ultimate only. |
| `gitaly_timeout_default` | integer | no | Default Gitaly timeout, in seconds. This timeout is not enforced for Git fetch/push operations or Sidekiq jobs. Set to `0` to disable timeouts. |
| `gitaly_timeout_fast` | integer | no | Gitaly fast operation timeout, in seconds. Some Gitaly operations are expected to be fast. If they exceed this threshold, there may be a problem with a storage shard and 'failing fast' can help maintain the stability of the GitLab instance. Set to `0` to disable timeouts. |
| `gitaly_timeout_medium` | integer | no | Medium Gitaly timeout, in seconds. This should be a value between the Fast and the Default timeout. Set to `0` to disable timeouts. |
@ -452,7 +452,7 @@ listed in the descriptions of the relevant settings.
| `grafana_enabled` | boolean | no | Enable Grafana. |
| `grafana_url` | string | no | Grafana URL. |
| `gravatar_enabled` | boolean | no | Enable Gravatar. |
| `group_owners_can_manage_default_branch_protection` | boolean | no | Prevent overrides of default branch protection. Self-managed, Premium and Ultimate only.|
| `group_owners_can_manage_default_branch_protection` | boolean | no | Prevent overrides of default branch protection. Self-managed, Premium and Ultimate only.|
| `hashed_storage_enabled` | boolean | no | Create new projects using hashed storage paths: Enable immutable, hash-based paths and repository names to store repositories on disk. This prevents repositories from having to be moved or renamed when the Project URL changes and may improve disk I/O performance. (Always enabled in GitLab versions 13.0 and later, configuration is scheduled for removal in 14.0) |
| `help_page_hide_commercial_content` | boolean | no | Hide marketing-related entries from help. |
| `help_page_support_url` | string | no | Alternate support URL for help page and help dropdown list. |
@ -478,7 +478,7 @@ listed in the descriptions of the relevant settings.
| `mailgun_signing_key` | string | no | The Mailgun HTTP webhook signing key for receiving events from webhook. |
| `mailgun_events_enabled` | boolean | no | Enable Mailgun event receiver. |
| `maintenance_mode_message` | string | no | Message displayed when instance is in maintenance mode. Premium and Ultimate only. |
| `maintenance_mode` | boolean | no | When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests. Premium and Ultimate only. |
| `maintenance_mode` | boolean | no | When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests. Premium and Ultimate only. |
| `max_artifacts_size` | integer | no | Maximum artifacts size in MB. |
| `max_attachment_size` | integer | no | Limit attachment size in MB. |
| `max_decompressed_archive_size` | integer | no | Maximum decompressed file size for imported archives in MB. Set to `0` for unlimited. Default is `25600`. |
@ -487,35 +487,35 @@ listed in the descriptions of the relevant settings.
| `max_import_remote_file_size` | integer | no | Maximum remote file size for imports from external object storages. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384976) in GitLab 16.3. |
| `max_login_attempts` | integer | no | Maximum number of sign-in attempts before locking out the user. |
| `max_pages_size` | integer | no | Maximum size of pages repositories in MB. |
| `max_personal_access_token_lifetime` | integer | no | Maximum allowable lifetime for access tokens in days. When left blank, default value of 365 is applied. When set, value must be 365 or less. When changed, existing access tokens with an expiration date beyond the maximum allowable lifetime are revoked. Self-managed, Ultimate only.|
| `max_ssh_key_lifetime` | integer | no | Maximum allowable lifetime for SSH keys in days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1007) in GitLab 14.6. Self-managed, Ultimate only.|
| `max_personal_access_token_lifetime` | integer | no | Maximum allowable lifetime for access tokens in days. When left blank, default value of 365 is applied. When set, value must be 365 or less. When changed, existing access tokens with an expiration date beyond the maximum allowable lifetime are revoked. Self-managed, Ultimate only.|
| `max_ssh_key_lifetime` | integer | no | Maximum allowable lifetime for SSH keys in days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1007) in GitLab 14.6. Self-managed, Ultimate only.|
| `max_terraform_state_size_bytes` | integer | no | Maximum size in bytes of the [Terraform state](../administration/terraform_state.md) files. Set this to 0 for unlimited file size. |
| `metrics_method_call_threshold` | integer | no | A method call is only tracked when it takes longer than the given amount of milliseconds. |
| `max_number_of_repository_downloads` | integer | no | Maximum number of unique repositories a user can download in the specified time period before they are banned. Default: 0, Maximum: 10,000 repositories. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. Self-managed, Ultimate only. |
| `max_number_of_repository_downloads_within_time_period` | integer | no | Reporting time period (in seconds). Default: 0, Maximum: 864000 seconds (10 days). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. Self-managed, Ultimate only. |
| `max_yaml_depth` | integer | no | The maximum depth of nested CI/CD configuration added with the [`include` keyword](../ci/yaml/index.md#include). Default: `100`. |
| `max_yaml_size_bytes` | integer | no | The maximum size in bytes of a single CI/CD configuration file. Default: `1048576`. |
| `git_rate_limit_users_allowlist` | array of strings | no | List of usernames excluded from Git anti-abuse rate limits. Default: `[]`, Maximum: 100 usernames. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90815) in GitLab 15.2. Self-managed, Ultimate only. |
| `git_rate_limit_users_alertlist` | array of integers | no | List of user IDs that are emailed when the Git abuse rate limit is exceeded. Default: `[]`, Maximum: 100 user IDs. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110201) in GitLab 15.9. Self-managed, Ultimate only. |
| `auto_ban_user_on_excessive_projects_download` | boolean | no | When enabled, users will get automatically banned from the application when they download more than the maximum number of unique projects in the time period specified by `max_number_of_repository_downloads` and `max_number_of_repository_downloads_within_time_period` respectively. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/94153) in GitLab 15.4. Self-managed, Ultimate only. |
| `max_number_of_repository_downloads` | integer | no | Maximum number of unique repositories a user can download in the specified time period before they are banned. Default: 0, Maximum: 10,000 repositories. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. Self-managed, Ultimate only. |
| `max_number_of_repository_downloads_within_time_period` | integer | no | Reporting time period (in seconds). Default: 0, Maximum: 864000 seconds (10 days). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. Self-managed, Ultimate only. |
| `max_yaml_depth` | integer | no | The maximum depth of nested CI/CD configuration added with the [`include` keyword](../ci/yaml/index.md#include). Default: `100`. |
| `max_yaml_size_bytes` | integer | no | The maximum size in bytes of a single CI/CD configuration file. Default: `1048576`. |
| `git_rate_limit_users_allowlist` | array of strings | no | List of usernames excluded from Git anti-abuse rate limits. Default: `[]`, Maximum: 100 usernames. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90815) in GitLab 15.2. Self-managed, Ultimate only. |
| `git_rate_limit_users_alertlist` | array of integers | no | List of user IDs that are emailed when the Git abuse rate limit is exceeded. Default: `[]`, Maximum: 100 user IDs. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110201) in GitLab 15.9. Self-managed, Ultimate only. |
| `auto_ban_user_on_excessive_projects_download` | boolean | no | When enabled, users will get automatically banned from the application when they download more than the maximum number of unique projects in the time period specified by `max_number_of_repository_downloads` and `max_number_of_repository_downloads_within_time_period` respectively. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/94153) in GitLab 15.4. Self-managed, Ultimate only. |
| `mirror_available` | boolean | no | Allow repository mirroring to configured by project Maintainers. If disabled, only Administrators can configure repository mirroring. |
| `mirror_capacity_threshold` | integer | no | Minimum capacity to be available before scheduling more mirrors preemptively. Premium and Ultimate only. |
| `mirror_capacity_threshold` | integer | no | Minimum capacity to be available before scheduling more mirrors preemptively. Premium and Ultimate only. |
| `mirror_max_capacity` | integer | no | Maximum number of mirrors that can be synchronizing at the same time. Premium and Ultimate only. |
| `mirror_max_delay` | integer | no | Maximum time (in minutes) between updates that a mirror can have when scheduled to synchronize. Premium and Ultimate only. |
| `maven_package_requests_forwarding` | boolean | no | Use repo.maven.apache.org as a default remote repository when the package is not found in the GitLab Package Registry for Maven. Premium and Ultimate only. |
| `npm_package_requests_forwarding` | boolean | no | Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm. Premium and Ultimate only. |
| `pypi_package_requests_forwarding` | boolean | no | Use pypi.org as a default remote repository when the package is not found in the GitLab Package Registry for PyPI. Premium and Ultimate only. |
| `maven_package_requests_forwarding` | boolean | no | Use repo.maven.apache.org as a default remote repository when the package is not found in the GitLab Package Registry for Maven. Premium and Ultimate only. |
| `npm_package_requests_forwarding` | boolean | no | Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm. Premium and Ultimate only. |
| `pypi_package_requests_forwarding` | boolean | no | Use pypi.org as a default remote repository when the package is not found in the GitLab Package Registry for PyPI. Premium and Ultimate only. |
| `outbound_local_requests_whitelist` | array of strings | no | Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for webhooks and integrations are disabled. |
| `package_registry_allow_anyone_to_pull_option` | boolean | no | Enable to [allow anyone to pull from Package Registry](../user/packages/package_registry/index.md#allow-anyone-to-pull-from-package-registry) visible and changeable. |
| `package_metadata_purl_types` | array of integers | no | List of [package registry metadata to sync](../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync). See [the list](https://gitlab.com/gitlab-org/gitlab/-/blob/ace16c20d5da7c4928dd03fb139692638b557fe3/app/models/concerns/enums/package_metadata.rb#L5) of the available values. Self-managed, Ultimate only. |
| `package_metadata_purl_types` | array of integers | no | List of [package registry metadata to sync](../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync). See [the list](https://gitlab.com/gitlab-org/gitlab/-/blob/ace16c20d5da7c4928dd03fb139692638b557fe3/app/models/concerns/enums/package_metadata.rb#L5) of the available values. Self-managed, Ultimate only. |
| `pages_domain_verification_enabled` | boolean | no | Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. |
| `password_authentication_enabled_for_git` | boolean | no | Enable authentication for Git over HTTP(S) via a GitLab account password. Default is `true`. |
| `password_authentication_enabled_for_web` | boolean | no | Enable authentication for the web interface via a GitLab account password. Default is `true`. |
| `minimum_password_length` | integer | no | Indicates whether passwords require a minimum length. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. |
| `password_number_required` | boolean | no | Indicates whether passwords require at least one number. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. |
| `password_symbol_required` | boolean | no | Indicates whether passwords require at least one symbol character. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. |
| `password_uppercase_required` | boolean | no | Indicates whether passwords require at least one uppercase letter. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. |
| `password_lowercase_required` | boolean | no | Indicates whether passwords require at least one lowercase letter. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. |
| `minimum_password_length` | integer | no | Indicates whether passwords require a minimum length. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. |
| `password_number_required` | boolean | no | Indicates whether passwords require at least one number. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. |
| `password_symbol_required` | boolean | no | Indicates whether passwords require at least one symbol character. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. |
| `password_uppercase_required` | boolean | no | Indicates whether passwords require at least one uppercase letter. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. |
| `password_lowercase_required` | boolean | no | Indicates whether passwords require at least one lowercase letter. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. |
| `performance_bar_allowed_group_id` | string | no | (Deprecated: Use `performance_bar_allowed_group_path` instead) Path of the group that is allowed to toggle the performance bar. |
| `performance_bar_allowed_group_path` | string | no | Path of the group that is allowed to toggle the performance bar. |
| `performance_bar_enabled` | boolean | no | (Deprecated: Pass `performance_bar_allowed_group_path: nil` instead) Allow enabling the performance bar. |
@ -525,12 +525,12 @@ listed in the descriptions of the relevant settings.
| `gitpod_url` | boolean | required by: `gitpod_enabled` | The Gitpod instance URL for integration. |
| `kroki_enabled` | boolean | no | (**If enabled, requires:** `kroki_url`) Enable [Kroki integration](../administration/integration/kroki.md). Default is `false`. |
| `kroki_url` | boolean | required by: `kroki_enabled` | The Kroki instance URL for integration. |
| `kroki_formats` | object | no | Additional formats supported by the Kroki instance. Possible values are: <code>bpmn: (true|false)</code>, <code>blockdiag: (true|false)</code> and <code>excalidraw: (true|false)</code> |
| `kroki_formats` | object | no | Additional formats supported by the Kroki instance. Possible values are `true` or `false` for formats `bpmn`, `blockdiag`, and `excalidraw` in the format `<format>: true` or `<format>: false`. |
| `plantuml_enabled` | boolean | no | (**If enabled, requires:** `plantuml_url`) Enable [PlantUML integration](../administration/integration/plantuml.md). Default is `false`. |
| `plantuml_url` | string | required by: `plantuml_enabled` | The PlantUML instance URL for integration. |
| `polling_interval_multiplier` | decimal | no | Interval multiplier used by endpoints that perform polling. Set to `0` to disable polling. |
| `project_export_enabled` | boolean | no | Enable project export. |
| `project_jobs_api_rate_limit` | integer |no | Maximum authenticated requests to `/project/:id/jobs` per minute. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129319) in GitLab 16.5. Default: 600. |
| `project_jobs_api_rate_limit` | integer | no | Maximum authenticated requests to `/project/:id/jobs` per minute. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129319) in GitLab 16.5. Default: 600. |
| `projects_api_rate_limit_unauthenticated` | integer | no | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112283) in GitLab 15.10. Max number of requests per 10 minutes per IP address for unauthenticated requests to the [list all projects API](projects.md#list-all-projects). Default: 400. To disable throttling set to 0.|
| `prometheus_metrics_enabled` | boolean | no | Enable Prometheus metrics. |
| `protected_ci_variables` | boolean | no | CI/CD variables are protected by default. |
@ -558,7 +558,7 @@ listed in the descriptions of the relevant settings.
| `session_expire_delay` | integer | no | Session duration in minutes. GitLab restart is required to apply changes. |
| `security_policy_global_group_approvers_enabled` | boolean | no | Whether to look up merge request approval policy approval groups globally or within project hierarchies. |
| `security_txt_content` | string | no | [Public security contact information](../administration/settings/security_contact_information.md). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/433210) in GitLab 16.7. |
| `service_access_tokens_expiration_enforced` | boolean | no | Flag to indicate if token expiry date can be optional for service account users |
| `service_access_tokens_expiration_enforced` | boolean | no | Flag to indicate if token expiry date can be optional for service account users |
| `shared_runners_enabled` | boolean | no | (**If enabled, requires:** `shared_runners_text` and `shared_runners_minutes`) Enable shared runners for new projects. |
| `shared_runners_minutes` | integer | required by: `shared_runners_enabled` | Set the maximum number of compute minutes that a group can use on shared runners per month. Premium and Ultimate only. |
| `shared_runners_text` | string | required by: `shared_runners_enabled` | Shared runners text. |
@ -590,7 +590,7 @@ listed in the descriptions of the relevant settings.
| `spam_check_endpoint_url` | string | no | URL of the external Spamcheck service endpoint. Valid URI schemes are `grpc` or `tls`. Specifying `tls` forces communication to be encrypted.|
| `spam_check_api_key` | string | no | API key used by GitLab for accessing the Spam Check service endpoint. |
| `suggest_pipeline_enabled` | boolean | no | Enable pipeline suggestion banner. |
| `enable_artifact_external_redirect_warning_page` | boolean | no | Show the external redirect page that warns you about user-generated content in GitLab Pages. |
| `enable_artifact_external_redirect_warning_page` | boolean | no | Show the external redirect page that warns you about user-generated content in GitLab Pages. |
| `terminal_max_session_time` | integer | no | Maximum time for web terminal websocket connection (in seconds). Set to `0` for unlimited time. |
| `terms` | text | required by: `enforce_terms` | (**Required by:** `enforce_terms`) Markdown content for the ToS. |
| `throttle_authenticated_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_authenticated_api_period_in_seconds` and `throttle_authenticated_api_requests_per_period`) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). |
@ -616,7 +616,7 @@ listed in the descriptions of the relevant settings.
| `throttle_unauthenticated_web_requests_per_period` | integer | required by:<br>`throttle_unauthenticated_web_enabled` | Max requests per period per IP. |
| `time_tracking_limit_to_hours` | boolean | no | Limit display of time tracking units to hours. Default is `false`. |
| `two_factor_grace_period` | integer | required by: `require_two_factor_authentication` | Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication. |
| `unconfirmed_users_delete_after_days` | integer | no | Specifies how many days after sign-up to delete users who have not confirmed their email. Only applicable if `delete_unconfirmed_users` is set to `true`. Must be `1` or greater. Default is `7`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. Self-managed, Premium and Ultimate only.|
| `unconfirmed_users_delete_after_days` | integer | no | Specifies how many days after sign-up to delete users who have not confirmed their email. Only applicable if `delete_unconfirmed_users` is set to `true`. Must be `1` or greater. Default is `7`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. Self-managed, Premium and Ultimate only. |
| `unique_ips_limit_enabled` | boolean | no | (**If enabled, requires:** `unique_ips_limit_per_user` and `unique_ips_limit_time_window`) Limit sign in from multiple IPs. |
| `unique_ips_limit_per_user` | integer | required by: `unique_ips_limit_enabled` | Maximum number of IPs per user. |
| `unique_ips_limit_time_window` | integer | required by: `unique_ips_limit_enabled` | How many seconds an IP is counted towards the limit. |

30
doc/architecture/blueprints/ci_pipeline_components/index.md
View File

@ -760,27 +760,27 @@ Proposal:
<!-- vale gitlab.Spelling = NO -->
| Role | Who
|--------------------------------|-------------------------|
| Author | Fabio Pitino |
| Engineering Leaders | Cheryl Li, Mark Nuzzo |
| Product Manager | Dov Hershkovitch |
| Role | Who |
|--------------------------------|-----|
| Author | Fabio Pitino |
| Engineering Leaders | Cheryl Li, Mark Nuzzo |
| Product Manager | Dov Hershkovitch |
| Architecture Evolution Coaches | Kamil Trzciński, Grzegorz Bizon |
DRIs:
| Role | Who
|------------------------------|------------------------|
| Leadership | Mark Nuzzo |
| Product | Dov Hershkovitch |
| Engineering | Fabio Pitino |
| UX | Sunjung Park |
| Role | Who |
|-------------|-----|
| Leadership | Mark Nuzzo |
| Product | Dov Hershkovitch |
| Engineering | Fabio Pitino |
| UX | Sunjung Park |
Domain experts:
| Area | Who
|------------------------------|------------------------|
| Verify / Pipeline authoring | Avielle Wolfe |
| Verify / Pipeline authoring | Laura Montemayor |
| Area | Who |
|-----------------------------|-----|
| Verify / Pipeline authoring | Avielle Wolfe |
| Verify / Pipeline authoring | Laura Montemayor |
<!-- vale gitlab.Spelling = YES -->

40
doc/architecture/blueprints/ci_scale/index.md
View File

@ -193,31 +193,31 @@ Proposal:
<!-- vale gitlab.Spelling = NO -->
| Role | Who
|------------------------------|-------------------------|
| Author | Grzegorz Bizon |
| Architecture Evolution Coach | Kamil Trzciński |
| Engineering Leader | Cheryl Li |
| Product Manager | Jackie Porter |
| Domain Expert / Verify | Fabio Pitino |
| Domain Expert / Database | Jose Finotto |
| Domain Expert / PostgreSQL | Nikolay Samokhvalov |
| Role | Who |
|------------------------------|-----|
| Author | Grzegorz Bizon |
| Architecture Evolution Coach | Kamil Trzciński |
| Engineering Leader | Cheryl Li |
| Product Manager | Jackie Porter |
| Domain Expert / Verify | Fabio Pitino |
| Domain Expert / Database | Jose Finotto |
| Domain Expert / PostgreSQL | Nikolay Samokhvalov |
DRIs:
| Role | Who
|------------------------------|------------------------|
| Leadership | Cheryl Li |
| Product | Jackie Porter |
| Engineering | Grzegorz Bizon |
| Role | Who |
|-------------|-----|
| Leadership | Cheryl Li |
| Product | Jackie Porter |
| Engineering | Grzegorz Bizon |
Domain experts:
| Area | Who
|------------------------------|------------------------|
| Domain Expert / Verify | Fabio Pitino |
| Domain Expert / Verify | Marius Bobin |
| Domain Expert / Database | Jose Finotto |
| Domain Expert / PostgreSQL | Nikolay Samokhvalov |
| Area | Who |
|----------------------------|-----|
| Domain Expert / Verify | Fabio Pitino |
| Domain Expert / Verify | Marius Bobin |
| Domain Expert / Database | Jose Finotto |
| Domain Expert / PostgreSQL | Nikolay Samokhvalov |
<!-- vale gitlab.Spelling = YES -->

8
doc/architecture/blueprints/database_scaling/size-limits.md
View File

@ -168,9 +168,9 @@ The [epic for `~group::database`](https://gitlab.com/groups/gitlab-org/-/epics/6
Identifying solutions for offending tables is driven by the [GitLab Database Team](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/data_stores/database/) and respective stage groups.
| Role | Who
|------------------------------|-------------------------|
| Author | Andreas Brandl |
| Engineering Leader | Craig Gomes |
| Role | Who |
|--------------------|-----|
| Author | Andreas Brandl |
| Engineering Leader | Craig Gomes |
<!-- vale gitlab.Spelling = YES -->

20
doc/architecture/blueprints/google_cloud_platform_integration/index.md
View File

@ -20,15 +20,15 @@ available in [GitLab-internal project](https://gitlab.com/gitlab-org/architectur
<!-- vale gitlab.Spelling = NO -->
| Who | Role
|------------------------|--------------------------------------------------|
| Sam Goldstein | Director of Engineering, Engineering DRI |
| Grzegorz Bizon | Distinguished Engineer - Technical Lead |
| Jessie Young | Principal Engineer |
| David Fernandez | Staff Engineer |
| Imre Farkas | Staff Engineer |
| João Pereira | Staff Engineer |
| Joe Burnett | Staff Engineer |
| Tomasz Maczukin | Senior Engineer |
| Who | Role |
|-----------------|------|
| Sam Goldstein | Director of Engineering, Engineering DRI |
| Grzegorz Bizon | Distinguished Engineer - Technical Lead |
| Jessie Young | Principal Engineer |
| David Fernandez | Staff Engineer |
| Imre Farkas | Staff Engineer |
| João Pereira | Staff Engineer |
| Joe Burnett | Staff Engineer |
| Tomasz Maczukin | Senior Engineer |
<!-- vale gitlab.Spelling = YES -->

24
doc/architecture/blueprints/image_resizing/index.md
View File

@ -63,13 +63,13 @@ Proposal:
<!-- vale gitlab.Spelling = NO -->
| Role | Who
|------------------------------|-------------------------|
| Author | Craig Gomes |
| Architecture Evolution Coach | Kamil Trzciński |
| Engineering Leader | Tim Zallmann |
| Domain Expert | Matthias Kaeppler |
| Domain Expert | Aleksei Lipniagov |
| Role | Who |
|------------------------------|-----|
| Author | Craig Gomes |
| Architecture Evolution Coach | Kamil Trzciński |
| Engineering Leader | Tim Zallmann |
| Domain Expert | Matthias Kaeppler |
| Domain Expert | Aleksei Lipniagov |
<!-- vale gitlab.Spelling = YES -->
@ -77,10 +77,10 @@ DRIs:
<!-- vale gitlab.Spelling = NO -->
| Role | Who
|------------------------------|------------------------|
| Product | Josh Lambert |
| Leadership | Craig Gomes |
| Engineering | Matthias Kaeppler |
| Role | Who |
|-------------|-----|
| Product | Josh Lambert |
| Leadership | Craig Gomes |
| Engineering | Matthias Kaeppler |
<!-- vale gitlab.Spelling = YES -->

10
doc/architecture/blueprints/runner_admission_controller/index.md
View File

@ -279,8 +279,8 @@ Each runner has a tag identifier unique to that runner, e.g. `DiscoveryOne`, `tu
## Technical issues to resolve
| issue | resolution|
| ------ | ------ |
|Rule definition for the queue web hook|
|What data to send to the admissions controller? Is it a subset or all of the [predefined variables](../../../ci/variables/predefined_variables.md)?|
|Is the `queueing web hook` able to run at GitLab.com scale? On GitLab.com we would trigger millions of webhooks per second and the concern is that would overload Sidekiq or be used to abuse the system.
| Issue | Resolution |
|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------|
| Rule definition for the queue web hook | |
| What data to send to the admissions controller? Is it a subset or all of the [predefined variables](../../../ci/variables/predefined_variables.md)? | |
| Is the `queueing web hook` able to run at GitLab.com scale? On GitLab.com we would trigger millions of webhooks per second and the concern is that would overload Sidekiq or be used to abuse the system. | |

26
doc/architecture/blueprints/runner_tokens/index.md
View File

@ -365,6 +365,8 @@ scope.
### Stage 3 - Database changes
<!-- markdownlint-disable MD056 -->
| Component | Milestone | Changes |
|------------------|----------:|---------|
| GitLab Rails app | `%15.8` | Create database migration to add columns to `ci_runners` table. |
@ -377,7 +379,7 @@ scope.
| GitLab Rails app | `%15.9` | Implement the `create_runner_machine` [feature flag](../../../administration/feature_flags.md). |
| GitLab Rails app | `%15.9` | Create `ci_runner_machines` record in `POST /runners/verify` request if the runner token is prefixed with `glrt-`. |
| GitLab Rails app | `%15.9` | Use runner token + `system_id` JSON parameters in `POST /jobs/request` request in the [heartbeat request](https://gitlab.com/gitlab-org/gitlab/blob/c73c96a8ffd515295842d72a3635a8ae873d688c/lib/api/ci/helpers/runner.rb#L14-20) to update the `ci_runner_machines` cache/table. |
| GitLab Rails app | `%15.9` | Implement the `create_runner_workflow_for_admin` [feature flag](../../../administration/feature_flags.md). |
| GitLab Rails app | `%15.9` | Implement the `create_runner_workflow_for_admin` [feature flag](../../../administration/feature_flags.md). |
| GitLab Rails app | `%15.9` | Implement `create_{instance|group|project}_runner` permissions. |
| GitLab Rails app | `%15.9` | Rename `ci_runner_machines.machine_xid` column to `system_xid` to be consistent with `system_id` passed in APIs. |
| GitLab Rails app | `%15.10` | Remove the ignore rule for `ci_runner_machines.machine_xid` column. |
@ -385,6 +387,8 @@ scope.
| GitLab Rails app | `%15.11` | Drop `ci_builds_metadata.runner_machine_id` column. |
| GitLab Rails app | `%16.0` | Remove the ignore rule for `ci_builds_metadata.runner_machine_id` column. |
<!-- markdownlint-enable MD056 -->
### Stage 4 - Create runners from the UI
| Component | Milestone | Changes |
@ -401,7 +405,7 @@ scope.
| GitLab Rails app | `%15.11` | Implement UI to create new instance runner. |
| GitLab Rails app | `%15.11` | Update service and mutation to accept groups and projects. |
| GitLab Rails app | `%15.11` | Implement UI to create new group/project runners. |
| GitLab Rails app | `%15.11` | Add runner_machine field to CiJob GraphQL type. |
| GitLab Rails app | `%15.11` | Add `runner_machine` field to CiJob GraphQL type. |
| GitLab Rails app | `%15.11` | UI changes to runner details view (listing of platform, architecture, IP address, etc.) (?) |
| GitLab Rails app | `%15.11` | Adapt `POST /api/v4/runners` REST endpoint to accept a request from an authorized user with a scope instead of a registration token. |
| GitLab Runner | `%15.11` | Handle `glrt-` runner tokens in `unregister` command. |
@ -410,6 +414,8 @@ scope.
### Stage 5 - Optional disabling of registration token
<!-- markdownlint-disable MD056 -->
| Component | Milestone | Changes |
|------------------|----------:|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| GitLab Rails app | `%16.0` | Adapt `register_{group|project}_runner` permissions to take [application setting](https://gitlab.com/gitlab-org/gitlab/-/issues/386712) in consideration. |
@ -418,14 +424,16 @@ scope.
| GitLab Rails app | | Add UI to allow disabling use of registration tokens in top-level group settings. |
| GitLab Rails app | | Hide legacy UI showing registration with a registration token, if it disabled on in top-level group settings or by admins. |
<!-- markdownlint-enable MD056 -->
### Stage 6 - Enforcement
| Component | Milestone | Changes |
|------------------|----------:|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| GitLab Rails app | `%17.0` | Disable registration tokens for all groups by running database migration (only on GitLab.com) | |
| GitLab Rails app | `%17.0` | Disable registration tokens on the instance level by running database migration (except GitLab.com) | |
| GitLab Rails app | `%17.0` | Disable registration tokens on the instance level for GitLab.com | |
| GitLab Rails app | `%16.3` | Implement new `:create_runner` PPGAT scope so that we don't require a full `api` scope. |
| Component | Milestone | Changes |
|------------------|----------:|---------|
| GitLab Rails app | `%17.0` | Disable registration tokens for all groups by running database migration (only on GitLab.com) |
| GitLab Rails app | `%17.0` | Disable registration tokens on the instance level by running database migration (except GitLab.com) |
| GitLab Rails app | `%17.0` | Disable registration tokens on the instance level for GitLab.com |
| GitLab Rails app | `%16.3` | Implement new `:create_runner` PPGAT scope so that we don't require a full `api` scope. |
| GitLab Rails app | | Document gotchas when [automatically rotating runner tokens](../../../ci/runners/configure_runners.md#automatically-rotate-runner-authentication-tokens) with multiple machines. |
### Stage 7 - Removals
@ -452,7 +460,7 @@ Proposal:
<!-- vale gitlab.Spelling = NO -->
| Role | Who
| Role | Who |
|------------------------------|--------------------------------------------------|
| Authors | Kamil Trzciński, Tomasz Maczukin, Pedro Pombeiro |
| Architecture Evolution Coach | Kamil Trzciński |

10
doc/development/git_object_deduplication.md
View File

@ -96,9 +96,6 @@ are as follows:
- a `PoolRepository` has exactly one "source `Project`"
(`pool.source_project`)
> TODO Fix invalid SQL data for pools created prior to GitLab 11.11
> <https://gitlab.com/gitlab-org/gitaly/-/issues/1653>.
### Assumptions
- All repositories in a pool must use [hashed storage](../administration/repository_storage_paths.md).
@ -139,9 +136,6 @@ are as follows:
Now C gets created as a fork of B. C is not part of a pool
repository.
> TODO should forks of forks be deduplicated?
> <https://gitlab.com/gitlab-org/gitaly/-/issues/1532>
### Consequences
- If a typical Project participating in a pool gets moved to another
@ -195,7 +189,3 @@ then creates the pool repository in Gitaly. This leads to an
"eventually consistent" situation because as each pool participant gets
synchronized, Geo eventually triggers garbage collection in Gitaly on
the secondary, at which stage Git objects are deduplicated.
> TODO How do we handle the edge case where at the time the Geo
> secondary tries to create the pool repository, the source project does
> not exist? <https://gitlab.com/gitlab-org/gitaly/-/issues/1533>

7
doc/development/internal_analytics/review_guidelines.md
View File

@ -32,6 +32,10 @@ In most cases, an Analytics Instrumentation review is automatically added, but i
review and remove the labels if the changes are not related to the Analytics Instrumentation domain.
- If an Analytics Instrumentation review is needed and was not assigned automatically, add the labels
`~analytics instrumentation` and `~analytics instrumentation::review pending`.
- If a change to an event is a part of the MR:
- Check that the events are firing locally using one of the [testing tools](internal_event_instrumentation/local_setup_and_debugging.md) available.
- If a change to a metric is a part of the MR:
- Make sure that the new metric is available in Service Ping payload, by running: `Gitlab::Usage::ServicePingReport.for(output: :all_metrics_values).dig(*'key_path'.split('.'))` with `key_path` substituted by the new metric's `key_path`.
- Use reviewer roulette to assign an [Analytics Instrumentation reviewer](https://gitlab-org.gitlab.io/gitlab-roulette/?hourFormat24=true&visible=reviewer%7Canalytics+instrumentation) who is not the author.
- Assign any other reviews as appropriate.
- `~analytics instrumentation` review does not require a maintainer review.
@ -41,8 +45,8 @@ In most cases, an Analytics Instrumentation review is automatically added, but i
- Perform a first-pass review on the merge request and suggest improvements to the author.
- Make sure that no deprecated analytics methods are used.
- If a change to an event is a part of the review:
- Check that the event(s) being fired have corresponding definition files.
- Check that the [event definition file](internal_event_instrumentation/event_definition_guide.md) is correct.
- Check that the events are firing locally using one of the [testing tools](internal_event_instrumentation/local_setup_and_debugging.md) available.
- If a change to a metric is a part of the review:
- Add the `~database` label and ask for a [database review](../database_review.md) for
metrics that are based on Database.
@ -54,5 +58,4 @@ In most cases, an Analytics Instrumentation review is automatically added, but i
- Check the file location. Consider the time frame, and if the file should be under `ee`.
- Check the tiers.
- If a metric was changed or removed: Make sure the MR author notified the Customer Success Ops team (`@csops-team`), Analytics Engineers (`@gitlab-data/analytics-engineers`), and Product Analysts (`@gitlab-data/product-analysts`) by `@` mentioning those groups in a comment on the issue for the MR and all of these groups have acknowledged the removal.
- Make sure that the new metric is available in Service Ping payload, by running: `Gitlab::Usage::ServicePingReport.for(output: :all_metrics_values).dig(*'key_path'.split('.'))` with `key_path` substituted by the new metric's `key_path`.
- Approve the MR, and relabel the MR with `~"analytics instrumentation::approved"`.

1
doc/install/openshift_and_gitlab/index.md
View File

@ -38,7 +38,6 @@ For Auto DevOps, the following features are not supported yet:
- [Auto Code Quality](../../ci/testing/code_quality.md)
- [License approval policies](../../user/compliance/license_approval_policies.md)
- [License Scanning](../../user/compliance/license_scanning_of_cyclonedx_files/index.md) is supported on OpenShift.
- Auto Browser Performance Testing
- Auto Build
- [Operational Container Scanning](../../user/clusters/agent/vulnerabilities.md) (Note: Pipeline [Container Scanning](../../user/application_security/container_scanning/index.md) is supported)

16
doc/topics/autodevops/cicd_variables.md
View File

@ -13,12 +13,14 @@ Helm chart, or scale your application.
Use these variables to customize and deploy your build.
| **CI/CD variable** | **Description** |
|-----------------------------------------|------------------------------------|
<!-- markdownlint-disable MD056 -->
| **CI/CD variable** | **Description** |
|-----------------------------------------|-----------------|
| `ADDITIONAL_HOSTS` | Fully qualified domain names specified as a comma-separated list that are added to the Ingress hosts. |
| `<ENVIRONMENT>_ADDITIONAL_HOSTS` | For a specific environment, the fully qualified domain names specified as a comma-separated list that are added to the Ingress hosts. This takes precedence over `ADDITIONAL_HOSTS`. |
| `AUTO_BUILD_IMAGE_VERSION` | Customize the image version used for the `build` job. See [list of versions](https://gitlab.com/gitlab-org/cluster-integration/auto-build-image/-/releases). |
| `AUTO_DEPLOY_IMAGE_VERSION` | Customize the image version used for Kubernetes deployment jobs. See [list of versions](https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image/-/releases). |
| `AUTO_DEPLOY_IMAGE_VERSION` | Customize the image version used for Kubernetes deployment jobs. See [list of versions](https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image/-/releases). |
| `AUTO_DEVOPS_ATOMIC_RELEASE` | As of GitLab 13.0, Auto DevOps uses [`--atomic`](https://v2.helm.sh/docs/helm/#options-43) for Helm deployments by default. Set this variable to `false` to disable the use of `--atomic` |
| `AUTO_DEVOPS_BUILD_IMAGE_CNB_ENABLED` | Set to `false` to use Herokuish instead of Cloud Native Buildpacks with Auto Build. [More details](stages.md#auto-build-using-cloud-native-buildpacks). |
| `AUTO_DEVOPS_BUILD_IMAGE_CNB_BUILDER` | The builder used when building with Cloud Native Buildpacks. The default builder is `heroku/buildpacks:18`. [More details](stages.md#auto-build-using-cloud-native-buildpacks). |
@ -32,9 +34,9 @@ Use these variables to customize and deploy your build.
| `AUTO_DEVOPS_CHART_REPOSITORY_PASSWORD` | Used to set a password to connect to the Helm repository. Defaults to no credentials. Also set `AUTO_DEVOPS_CHART_REPOSITORY_USERNAME`. |
| `AUTO_DEVOPS_CHART_REPOSITORY_PASS_CREDENTIALS` | From GitLab 14.2, set to a non-empty value to enable forwarding of the Helm repository credentials to the chart server when the chart artifacts are on a different host than repository. |
| `AUTO_DEVOPS_CHART_REPOSITORY_INSECURE` | Set to a non-empty value to add a `--insecure-skip-tls-verify` argument to the Helm commands. By default, Helm uses TLS verification. |
| `AUTO_DEVOPS_CHART_CUSTOM_ONLY` | Set to a non-empty value to use only a custom chart. By default, the latest chart is downloaded from GitLab. |
| `AUTO_DEVOPS_CHART_VERSION` | Set the version of the deployment chart. Defaults to the latest available version. |
| `AUTO_DEVOPS_COMMON_NAME` | From GitLab 15.5, set to a valid domain name to customize the common name used for the TLS certificate. Defaults to `le-$CI_PROJECT_ID.$KUBE_INGRESS_BASE_DOMAIN`. Set to `false` to not set this alternative host on the Ingress. |
| `AUTO_DEVOPS_CHART_CUSTOM_ONLY` | Set to a non-empty value to use only a custom chart. By default, the latest chart is downloaded from GitLab. |
| `AUTO_DEVOPS_CHART_VERSION` | Set the version of the deployment chart. Defaults to the latest available version. |
| `AUTO_DEVOPS_COMMON_NAME` | From GitLab 15.5, set to a valid domain name to customize the common name used for the TLS certificate. Defaults to `le-$CI_PROJECT_ID.$KUBE_INGRESS_BASE_DOMAIN`. Set to `false` to not set this alternative host on the Ingress. |
| `AUTO_DEVOPS_DEPLOY_DEBUG` | From GitLab 13.1, if this variable is present, Helm outputs debug logs. |
| `AUTO_DEVOPS_ALLOW_TO_FORCE_DEPLOY_V<N>` | From [auto-deploy-image](https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image) v1.0.0, if this variable is present, a new major version of chart is forcibly deployed. For more information, see [Ignore warnings and continue deploying](upgrading_auto_deploy_dependencies.md#ignore-warnings-and-continue-deploying). |
| `BUILDPACK_URL` | A full Buildpack URL. [Must point to a URL supported by Pack or Herokuish](customize.md#custom-buildpacks). |
@ -62,6 +64,8 @@ Use these variables to customize and deploy your build.
| `STAGING_ENABLED` | Used to define a [deploy policy for staging and production environments](#deploy-policy-for-staging-and-production-environments). |
| `TRACE` | Set to any value to make Helm commands produce verbose output. You can use this setting to help diagnose Auto DevOps deployment problems. |
<!-- markdownlint-enable MD056 -->
## Database variables
WARNING:

9
doc/user/project/pages/custom_domains_ssl_tls_certification/index.md
View File

@ -135,12 +135,11 @@ They require:
- A DNS `ALIAS`/`CNAME` record for the subdomain.
- A DNS `TXT` record for each.
| From | DNS Record | To |
| ------------------------------------------------- | ---------- | ---------------------- |
| `example.com` | `A` | `35.185.44.232` |
| From | DNS Record | To |
|---------------------------------------------------|------------|----|
| `example.com` | `A` | `35.185.44.232` |
| `_gitlab-pages-verification-code.example.com` | `TXT` | `gitlab-pages-verification-code=00112233445566778899aabbccddeeff` |
|---------------------------------------------------+------------+------------------------|
| `www.example.com` | `CNAME` | `namespace.gitlab.io` |
| `www.example.com` | `CNAME` | `namespace.gitlab.io` |
| `_gitlab-pages-verification-code.www.example.com` | `TXT` | `gitlab-pages-verification-code=00112233445566778899aabbccddeeff` |
If you're using Cloudflare, check

11
locale/gitlab.pot
View File

@ -750,12 +750,6 @@ msgstr ""
msgid "%{fork_icon} %{source_project_path}:%{source_branch}"
msgstr ""
msgid "%{gitlab_experience_text}. Don't worry, this information isn't shared outside of your self-managed GitLab instance."
msgstr ""
msgid "%{gitlab_experience_text}. We won't share this information with anyone."
msgstr ""
msgid "%{global_id} is not a valid ID for %{expected_types}."
msgstr ""
@ -31694,9 +31688,6 @@ msgstr ""
msgid "Modal updated"
msgstr ""
msgid "ModalButton|Add projects"
msgstr ""
msgid "Modal|Close"
msgstr ""
@ -51790,7 +51781,7 @@ msgstr ""
msgid "To pass variables to the triggered pipeline, add %{code_start}variables[VARIABLE]=VALUE%{code_end} to the API request."
msgstr ""
msgid "To personalize your GitLab experience, we'd like to know a bit more about you"
msgid "To personalize your GitLab experience, we'd like to know a bit more about you. We won't share this information with anyone."
msgstr ""
msgid "To protect this issue's confidentiality, %{linkStart}fork this project%{linkEnd} and set the fork's visibility to private."

2
qa/gdk/Dockerfile.gdk
View File

@ -1,4 +1,4 @@
ARG GDK_SHA=15d8fec7579b88a1cff7e9ee9802ebb0c587aaa7
ARG GDK_SHA=5dd3fde91e00da3e35c8358fd66e4cba8b97d46d
FROM registry.gitlab.com/gitlab-org/gitlab-development-kit/asdf-bootstrapped-verify/main:${GDK_SHA} as base