root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2025-02-26 00:13:36 +00:00
parent 35420bc287
commit 6b5779d60b
36 changed files with 516 additions and 202 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
.gitlab/merge_request_templates/Documentation SA Solutions Docs.md
View File

@ -12,25 +12,25 @@ This MR Template ensures that Solutions Docs published here: https://docs.gitlab
## Review
- [ ] I have read the [Solutions Docs Contributors Guide in the GitLab Handbook](https://handbook.gitlab.com/handbook/customer-success/solutions-architects/sa-documentation/) and believe that this contribution complies with the scope and requirements outlined there.
- [ ] I have read the [Solutions Architects GitLab Docs Section](https://handbook.gitlab.com/handbook/solutions-architects/sa-documentation/) and believe that this contribution complies with the scope and requirements outlined there.
- [ ] Assign yourself as the **Assignee** of this MR.
- [ ] Assign the latest release for the **Milestone**. If you're not sure, [view the list of releases](https://about.gitlab.com/releases/).
- [ ] Mention the reviewers in a comment, so they're aware that the MR is ready.
- [ ] If navigation changes are needed, create an MR in the gitlab-docs project according to this documentation process. [Here is an example](https://gitlab.com/gitlab-org/gitlab-docs/-/merge_requests/4863).
- [ ] If making a navigation change, list the Navigation MR here: `link to your navigation update MR`
- [ ] If navigation changes are needed, create a MR to [add a navigation entry](https://docs.gitlab.com/development/documentation/site_architecture/global_nav/#add-a-navigation-entry) in the `docs-gitlab-com` project.
- [ ] If making a navigation change, list the MR here: `link to your navigation update MR`.
## Merging
- [ ] Obtain approval from a member of the Solutions Documentation Approvers Group (CODEOWNERS for the Solutions directory)
- [ ] Obtain approval from a member of the Solutions Documentation Approvers Group (CODEOWNERS for the Solutions directory).
When a code owner approves, they can merge.
## Troubleshooting
The pipeline will test for style and link issues. If you have issues you're unable to resolve,
view the documentation [Style Guide](https://docs.gitlab.com/ee/development/documentation/styleguide/)
or ask for assistance in the #docs Slack channel.
The pipeline checks for style and broken links.
For help resolving issues, see the [Documentation Style Guide](https://docs.gitlab.com/development/documentation/styleguide/)
or ask in the #docs Slack channel.
/label ~documentation ~Solutions ~"type::maintenance" ~"maintenance::refactor"
/label ~documentation ~Solutions ~"type::maintenance" ~"maintenance::refactor"
/assign me
/request_review @DarwinJS @jmoverley

5
.rubocop_todo/rails/enum_hash.yml
View File

@ -1,5 +0,0 @@
---
# Cop supports --autocorrect.
Rails/EnumHash:
Exclude:
- 'app/models/activity_pub/releases_subscription.rb'

4
app/assets/javascripts/ci/job_details/components/sidebar/jobs_container.vue
View File

@ -25,7 +25,9 @@ export default {
</script>
<template>
<div class="block builds-container">
<b class="gl-mb-2 gl-flex gl-font-semibold">{{ __('Related jobs') }}</b>
<h2 class="gl-m-0 gl-mb-2 gl-text-base gl-leading-reset">
{{ __('Related jobs') }}
</h2>
<job-container-item
v-for="job in jobs"
:key="job.id"

12
app/assets/javascripts/security_configuration/components/secret_push_protection_feature_card.vue
View File

@ -9,7 +9,7 @@ import {
GlButton,
GlTooltipDirective,
} from '@gitlab/ui';
import ProjectPreReceiveSecretDetection from '~/security_configuration/graphql/set_pre_receive_secret_detection.graphql';
import ProjectSetSecretPushProtection from '~/security_configuration/graphql/set_secret_push_protection.graphql';
import { __, s__ } from '~/locale';
export default {
@ -99,7 +99,7 @@ export default {
async toggleSecretPushProtection(checked) {
try {
const { data } = await this.$apollo.mutate({
mutation: ProjectPreReceiveSecretDetection,
mutation: ProjectSetSecretPushProtection,
variables: {
input: {
namespacePath: this.projectFullPath,
@ -108,15 +108,15 @@ export default {
},
});
const { errors, preReceiveSecretDetectionEnabled } = data.setPreReceiveSecretDetection;
const { errors, secretPushProtectionEnabled } = data.setSecretPushProtection;
if (errors.length > 0) {
this.reportError(errors[0].message);
}
if (preReceiveSecretDetectionEnabled !== null) {
this.toggleValue = preReceiveSecretDetectionEnabled;
if (secretPushProtectionEnabled !== null) {
this.toggleValue = secretPushProtectionEnabled;
this.$toast.show(
preReceiveSecretDetectionEnabled
secretPushProtectionEnabled
? this.$options.i18n.toastMessageEnabled
: this.$options.i18n.toastMessageDisabled,
);

6
app/assets/javascripts/security_configuration/graphql/set_secret_push_protection.graphql Normal file
View File

@ -0,0 +1,6 @@
mutation SetSecretPushProtection($input: SetSecretPushProtectionInput!) {
setSecretPushProtection(input: $input) {
secretPushProtectionEnabled
errors
}
}

2
app/graphql/resolvers/user_discussions_count_resolver.rb
View File

@ -22,7 +22,7 @@ module Resolvers
def load_discussions_counts
BatchLoader::GraphQL.for(object.id).batch do |ids, loader, args|
counts = Note.count_for_collection(
ids, object.class.name, 'COUNT(DISTINCT discussion_id) as count'
ids, object.class.base_class.name, 'COUNT(DISTINCT discussion_id) as count'
).index_by(&:noteable_id)
ids.each do |id|

3
app/graphql/types/work_item_type.rb
View File

@ -46,6 +46,9 @@ module Types
field :create_note_email, GraphQL::Types::String,
null: true,
description: 'User specific email address for the work item.'
field :user_discussions_count, GraphQL::Types::Int, null: false,
description: 'Number of user discussions in the work item.',
resolver: Resolvers::UserDiscussionsCountResolver
field :reference, GraphQL::Types::String, null: false,
description: 'Internal reference of the work item. Returned in shortened format by default.',

2
app/models/activity_pub/releases_subscription.rb
View File

@ -4,7 +4,7 @@ module ActivityPub
class ReleasesSubscription < ApplicationRecord
belongs_to :project, optional: false
enum :status, [:requested, :accepted], default: :requested
enum :status, { requested: 0, accepted: 1 }, default: :requested
attribute :payload, Gitlab::Database::Type::JsonPgSafe.new

9
config/feature_flags/wip/filter_unknown_licenses_by_spdx_identifier.yml Normal file
View File

@ -0,0 +1,9 @@
---
name: filter_unknown_licenses_by_spdx_identifier
feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/482764
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/180677
rollout_issue_url:
milestone: '17.10'
group: group::security insights
type: wip
default_enabled: false

77
config/security/banned_ssh_keys.yml
View File

@ -1,16 +1,65 @@
---
# https://github.com/rapid7/ssh-badkeys/tree/master/authorized
# https://www.ctrlu.net/vuln/0006.html
rsa:
- SHA256:Z+q4XhSwWY7q0BIDVPR1v/S306FjGBsid7tLq/8kIxM
- SHA256:uy5wXyEgbRCGsk23+J6f85om7G55Cu3UIPwC7oMZhNQ
- SHA256:9prMbqhS4QteoFQ1ZRJDqSBLWoHXPyKB0iWR05Ghro4
- SHA256:1M4RzhMyWuFS/86uPY/ce2prh/dVTHW7iD2RhpquOZA
- SHA256:2ewGtK7Dc8XpnfNKShczdc8HSgoEGpoX+MiJkfH2p5I
dsa:
- SHA256:/JLp6z6uGE3BPcs70RQob6QOdEWQ6nDC0xY7ejPOCc0
- SHA256:whDP3xjKBEettbDuecxtGsfWBST+78gb6McdB9P7jCU
- SHA256:MEc4HfsOlMqJ3/9QMTmrKn5Xj/yfnMITMW8EwfUfTww
- SHA256:aPoYT2nPIfhqv6BIlbCCpbDjirBxaDFOtPfZ2K20uWw
- SHA256:VtjqZ5fiaeoZ3mXOYi49Lk9aO31iT4pahKFP9JPiQPc
...
- SHA256:/JLp6z6uGE3BPcs70RQob6QOdEWQ6nDC0xY7ejPOCc0
- SHA256:whDP3xjKBEettbDuecxtGsfWBST+78gb6McdB9P7jCU
- SHA256:MEc4HfsOlMqJ3/9QMTmrKn5Xj/yfnMITMW8EwfUfTww
- SHA256:aPoYT2nPIfhqv6BIlbCCpbDjirBxaDFOtPfZ2K20uWw
- SHA256:VtjqZ5fiaeoZ3mXOYi49Lk9aO31iT4pahKFP9JPiQPc
- SHA256:lS3HDtLKk215ScnBSvCMqPKyiF9mvP0o3XG7bJXPHIg
- SHA256:8XeiIuMMG6jRFYywuXqJZiLHIFcWoWN0yXR+fYCoy9A
- SHA256:9OC9c6oQKFimmPITx++YZ7AbfmZcDAmlhUP/u84wQJQ
- SHA256:vmpX3e8939kGt/oufoQQqbJBnC07xxcVQSZaTHGBE84
- SHA256:r0k4QauOKllur1qQApKhU4Vtg8YEkDNS/6TlOulsSKM
- SHA256:/rr9hHdFl2699bf+yo5oERj1wds/JKyOrHi8txBuEQs
- SHA256:HL7HchiArMmCJAyWCYJaL7NRsOkLi+5uzgeTYNp5za4
- SHA256:h1gD8T017XJ19NjY3wD9Vob81jHYUJubf2M23KLU7OU
- SHA256:TC9ANa1Feew8aA+jxSk0X2V8V7e7fpSrYyL3MXdU7cA
- SHA256:K0ibBdrSRO4qBHLntPb+cg8HXdxceUMYztFDPw6kCH0
- SHA256:jkhZ6rCXQMeFOi5A3nYfHXLxYCbGhYSenmSPXZ4nZc8
- SHA256:b4/5uEu8KsFn19ujuzOxxum/zf1lO9apXgJYQHMVwqk
- SHA256:dwjhp1334uoka9DL7ehVPgU7PtZVAPmF0e0xbryla1E
- SHA256:rGJYhJYrTK6yceV/v20fJCO+FTu8rlECNH3WHqcGQGI
- SHA256:d7Bv1O73pvsg7+XusOpsZ6edG3FBQ9KudBiNDBNKJHU
- SHA256:wuCw9eo7BPNjjv7e8qmXryjpZ9MGspIwmu8KoSH/Tis
rsa:
- SHA256:Z+q4XhSwWY7q0BIDVPR1v/S306FjGBsid7tLq/8kIxM
- SHA256:uy5wXyEgbRCGsk23+J6f85om7G55Cu3UIPwC7oMZhNQ
- SHA256:9prMbqhS4QteoFQ1ZRJDqSBLWoHXPyKB0iWR05Ghro4
- SHA256:1M4RzhMyWuFS/86uPY/ce2prh/dVTHW7iD2RhpquOZA
- SHA256:2ewGtK7Dc8XpnfNKShczdc8HSgoEGpoX+MiJkfH2p5I
- SHA256:s5Qw/PocHrvXYHlxaQvSI8lodaJiuCZrTp+KjEUw0tc
- SHA256:F9KYIspH9Bhy0ohvvWPEgP5HeCUIeZZ5pA+8Xu2Eky8
- SHA256:RPT99EeL7WwwWvtuzjRJmLQT2DL4zEh8WG/VxUQZhIg
- SHA256:KI1opHyhNi8e6cj1kBs2K5TuPj6NE5+8o6hcsQjKSY8
- SHA256:Lcl4dCjOz4H377asQgXNBK+kjKgD/RNMVZk0aMh5iYE
- SHA256:BpW4vxx4JMfXNh6PPa9w80x6YsDa7OZ1LcBCRwYJM/g
- SHA256:1T/tv+kuYxJkYpiCsuhb/SE8pLB7gkzTH43h/LjQ3cs
- SHA256:BuCSIg4STeG8QYS8dKSXGCQWpHB/Pe7FDRF3WpseB9E
- SHA256:AogxJW7+Yzu2/Xe2IYAf6VaWRJTBlan754aruVaqp0Q
- SHA256:m714YoMFjzLJdHQbu7sRH96Bxo8TzmuAbFqBjUAhECI
- SHA256:gIJVV2fPBgDqCqTr/+m8B9Hh2KOPvxVoTCM1p6hBwdE
- SHA256:csFEfFe32uUoWQLco1YyjRQqpuy1pluZFFvK/Lo1EJo
- SHA256:IO79IWaJRJC8/ZM2PfpsxzkpOk4+RY0pqbWt0v95hPg
- SHA256:+LQ1rkRWS3U5xJbzlCGyuiOoqsfkU3z8sveqU28bOjg
- SHA256:0RCgva9fjvPn6TkN89hkVQHIpHkKfvfsGmYtnOgki0g
- SHA256:HboyXnlo62NK5QYnTXT8/rKywPHrSoyvVfKMQIaPnKc
- SHA256:WtRSB8XG5R0LFE1KvRKV7sa2pTCQBpbVm8W7QLbCb5A
- SHA256:mzY0RSkZv3Rz5pSZcucTACZEhLko2ahTG2HhkiymQNA
- SHA256:MQXcP/tTXWJKfrytgQwPZgJyAt0WqdZTjRJ9qBeHQl8
- SHA256:MAQzAYCHIdlpbeld30qcnjU5nVRp42GNVft2YwaJdY0
- SHA256:iEYIZLsY3MtHzshoEMMdokU6JL6ilrp12zdZpzSf/hs
- SHA256:Lb30DJg8YvCnhbVVhw6k/WRtxXKN8+4TVZVQQhDVD7U
- SHA256:BHnRC+5WxXWTFjmXxUq/2PLljU8/X9bbcpiNEEk1xG0
- SHA256:Kdko2iZS8DAI8ZEYEhlWJOEoJ3J1FVoKIThHuKPxXy8
- SHA256:kTEn/MpGqbKcbRbBzhdthwzf1MZGExI4gVWaf9gNbA4
- SHA256:AKABay46vBa2bhMYZU2V/z5uqlAUXcuBTxMkW4MHd9s
- SHA256:v4+GWcG3ffxI72Au29EPundqWtdVVHaRwYffOKqYslw
- SHA256:zaEfS0zzZ4DyGf0BjXPPkEi+6puzJs73EkbEm3XSSqU
- SHA256:CJ/U/F9xf4ngDgjZL2+OPBoSGZ7gEU18oCjVWPL0qqE
- SHA256:z7xWJ0J6BW3zXhBrdcz0Pi9U88TfSQY/zdPYeyPbxyA
- SHA256:XOWiL0SiIchHnl1UAGqSwR+jwxBPM9ihiBg06Pk0yHg
- SHA256:fKki+o9MyIk8XUThmRfoejJudcef7mGvkooMCBLyqCM
- SHA256:4REJomy/ZbGbLVcbZzR/i6CQuzF+EI6DMvu/lHCxh4M
- SHA256:HCKmculX8PrmEXYtnKn3xMnHdnHC/A7+gceWmZNnq0A
- SHA256:aKZMxi51eXUYwJRXJ01Jy+iL6QLyhFUaMOG0cSSKJYc
- SHA256:Gh0eIu1Aym/yqjFYOrnTBfhYI7b++0NQIvkjwsGfFvI

8
db/docs/batched_background_migrations/sync_unlinked_security_policy_project_links.yml Normal file
View File

@ -0,0 +1,8 @@
---
migration_job_name: SyncUnlinkedSecurityPolicyProjectLinks
description: Creates the missing SecurityPolicyProjectLink records for existing security policies without project links.
feature_category: security_policy_management
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/181164
milestone: '17.10'
queued_migration_version: 20250211095858
finalized_by: # version of the migration that finalized this BBM

27
db/post_migrate/20250211095858_queue_sync_unlinked_security_policy_project_links.rb Normal file
View File

@ -0,0 +1,27 @@
# frozen_string_literal: true
class QueueSyncUnlinkedSecurityPolicyProjectLinks < Gitlab::Database::Migration[2.2]
milestone '17.10'
restrict_gitlab_migration gitlab_schema: :gitlab_main
MIGRATION = "SyncUnlinkedSecurityPolicyProjectLinks"
DELAY_INTERVAL = 2.minutes
BATCH_SIZE = 1000
SUB_BATCH_SIZE = 100
def up
queue_batched_background_migration(
MIGRATION,
:security_policies,
:id,
job_interval: DELAY_INTERVAL,
batch_size: BATCH_SIZE,
sub_batch_size: SUB_BATCH_SIZE
)
end
def down
delete_batched_background_migration(MIGRATION, :security_policies, :id, [])
end
end

1
db/schema_migrations/20250211095858 Normal file
View File

@ -0,0 +1 @@
fdb0f72e49d467d354b2c1f51e24df8740aee8c53cf6ead1c38fbf88d95fa9aa

18
doc/administration/geo/replication/container_registry.md
View File

@ -72,7 +72,7 @@ To configure container registry replication:
1. Configure the [**secondary** site](#configure-secondary-site).
1. Verify container registry [replication](#verify-replication).
### Configure **primary** site
### Configure primary site
Make sure that you have container registry set up and working on
the **primary** site before following the next steps.
@ -132,7 +132,7 @@ To be able to replicate new container images, the container registry must send n
gitlab-ctl reconfigure
```
### Configure **secondary** site
### Configure secondary site
Make sure you have container registry set up and working on
the **secondary** site before following the next steps.
@ -216,11 +216,19 @@ To fix this, make sure that the authorization headers being sent with the regist
#### Registry error: `token from untrusted issuer: "<token>"`
To replicate a container image, Sidekiq uses JWT to authenticate itself towards the container registry. Geo replication takes it as a prerequisite that the [container registry configuration](../../packages/container_registry.md) has been done correctly.
When replicating container images in Geo, you might see the error `token from untrusted issuer: "<token>"`.
Make sure that both sites share a single signing key pair, as instructed under [Configure secondary site](#configure-secondary-site), and that both container registries, plus primary and secondary sites are [all configured to use the same token issuer](../../packages/container_registry.md#configure-gitlab-and-registry-on-separate-nodes-linux-package-installations).
This issue occurs when the container registry configuration is incorrect, causing Sidekiq's JWT
authentication to fail.
On multinode deployments, make sure that the issuer configured on the Sidekiq node matches the value configured on the registries.
To resolve this issue:
1. Ensure both sites share a single signing key pair, as described in [configure secondary site](#configure-secondary-site).
1. Verify that both container registries and both primary and secondary sites are configured
to use the same token issuer. For more information, see
[configure GitLab and registry on separate nodes](../../packages/container_registry.md#configure-gitlab-and-registry-on-separate-nodes-linux-package-installations).
1. For multi-node deployments, confirm that the issuer configured on the Sidekiq node matches
the value configured on the registries.
### Manually trigger a container registry sync event

2
doc/administration/package_information/postgresql_versions.md
View File

@ -40,6 +40,8 @@ Read more about update policies and warnings in the PostgreSQL
| First GitLab version | PostgreSQL versions | Default version for fresh installs | Default version for upgrades | Notes |
| -------------- | ------------------- | ---------------------------------- | ---------------------------- | ----- |
| 17.10.0 | 14.15, 16.6 | 16.6 | 16.6 | |
| 17.8.0 | 14.15, 16.6 | 14.15 | 16.6 | |
| 17.5.0 | 14.11, 16.4 | 14.11 | 16.4 | Single node upgrades from PostgreSQL 14 to PostgreSQL 16 are now supported. Starting with GitLab 17.5.0, PostgreSQL 16 is fully supported for both new installations and upgrades in Geo deployments (the restriction from 17.4.0 no longer applies). |
| 17.4.0 | 14.11, 16.4 | 14.11 | 14.11 | PostgreSQL 16 is available for new installations if not using [Geo](../geo/_index.md#requirements-for-running-geo) or [Patroni](../postgresql/_index.md#postgresql-replication-and-failover-for-linux-package-installations). |
| 17.0.0 | 14.11 | 14.11 | 14.11 | Package upgrades are aborted if PostgreSQL is not upgraded to 14 already. |

11
doc/administration/postgresql/multiple_databases.md
View File

@ -20,7 +20,8 @@ title: Multiple Databases
{{< alert type="warning" >}}
This feature is not ready for production use
This feature is not ready for production use.
The migration script supports only dedicated `ci` databases.
{{< /alert >}}
@ -30,10 +31,10 @@ To scale GitLab, you can configure GitLab to use multiple application databases.
Due to [known issues](#known-issues), configuring GitLab with multiple databases is in limited [beta](../../policy/development_stages_support.md#beta).
After you have set up multiple databases, GitLab uses a second application database for
[CI/CD features](../../ci/_index.md), referred to as the `ci` database. We do not exclude hosting both databases on a single PostgreSQL instance.
After you set up multiple databases, GitLab may use secondary application databases for
[CI/CD features](../../ci/_index.md) (referred to as a `ci` database) or [security features](../../user/application_security/secure_your_application.md) (referred to as a `sec` database). You can host multiple databases on a single PostgreSQL instance.
All tables have exactly the same structure in both the `main`, and `ci`
All tables have exactly the same structure in the `main`, `ci`, and `sec`
databases. Some examples:
- When multiple databases are configured, the `ci_pipelines` table exists in
@ -55,7 +56,7 @@ databases. Some examples:
{{< history >}}
- A script for migrating existing Linux package installations was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/368729) in GitLab 16.8.
- A script for migrating existing Linux package installations for `ci` was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/368729) in GitLab 16.8.
{{< /history >}}

1
doc/api/graphql/reference/_index.md
View File

@ -39394,6 +39394,7 @@ four standard [pagination arguments](#pagination-arguments):
| <a id="workitemtitle"></a>`title` | [`String!`](#string) | Title of the work item. |
| <a id="workitemtitlehtml"></a>`titleHtml` | [`String`](#string) | GitLab Flavored Markdown rendering of `title`. |
| <a id="workitemupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of when the work item was last updated. |
| <a id="workitemuserdiscussionscount"></a>`userDiscussionsCount` | [`Int!`](#int) | Number of user discussions in the work item. |
| <a id="workitemuserpermissions"></a>`userPermissions` | [`WorkItemPermissions!`](#workitempermissions) | Permissions for the current user on the resource. |
| <a id="workitemweburl"></a>`webUrl` | [`String`](#string) | URL of this object. |
| <a id="workitemwidgets"></a>`widgets` | [`[WorkItemWidget!]`](#workitemwidget) | Collection of widgets that belong to the work item. |

8
doc/api/graphql/sample_issue_boards.md
View File

@ -25,11 +25,11 @@ You can use GraphiQL to list the issue boards for a project.
- For GitLab.com, use: `https://gitlab.com/-/graphql-explorer`
- For GitLab Self-Managed, use: `https://gitlab.example.com/-/graphql-explorer`
1. Copy the following text and paste it in the left window. This query
gets issue boards for the `gitlab-docs` repository.
gets issue boards for the `docs-gitlab-com` repository.
```graphql
query {
project(fullPath: "gitlab-org/gitlab-docs") {
project(fullPath: "gitlab-org/technical-writing/docs-gitlab-com") {
name
forksCount
statistics {
@ -49,10 +49,10 @@ You can use GraphiQL to list the issue boards for a project.
1. Select **Play**.
To view one of these issue boards, copy a numeric identifier from the output.
For example, if the identifier is `105011`, use this URL to go to the issue board:
For example, if the identifier is `7174622`, use this URL to go to the issue board:
```http
https://gitlab.com/gitlab-org/gitlab-docs/-/boards/105011
https:/gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/-/boards/7174622
```
## Related topics

134
doc/api/users.md
View File

@ -1450,3 +1450,137 @@ Supported attributes:
|:-----------|:--------|:---------|:------------|
| `id` | integer | yes | ID of a user |
| `provider` | string | yes | External provider name |
## Create a Support PIN
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
{{< history >}}
- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/175040)
in GitLab 17.8.
{{< /history >}}
Creates a Support PIN for your user account. The PIN expires seven days after creation.
GitLab Support may ask for this PIN to validate your identity.
Prerequisites:
- You must be authenticated.
```plaintext
POST /user/support_pin
```
Example request:
```shell
curl --request POST |
--header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://gitlab.example.com/api/v4/user/support_pin"
```
Example response:
```json
{
"pin":"123456",
"expires_at":"2025-02-27T22:06:57Z"
}
```
## Get details on a Support PIN
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
{{< history >}}
- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/175040)
in GitLab 17.8.
{{< /history >}}
Gets details on the Support PIN for your account.
GitLab Support may ask for this PIN to validate your identity.
Prerequisites:
- You must be authenticated.
```plaintext
GET /user/support_pin
```
Example request:
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/user/support_pin"
```
Example response:
```json
{
"pin":"123456",
"expires_at":"2025-02-27T22:06:57Z"
}
```
## Get a Support PIN for a user
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
{{< history >}}
- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/175040)
in GitLab 17.8.
{{< /history >}}
Gets details on a Support PIN for the specified user.
GitLab Support may ask for this PIN to validate your identity.
Prerequisites:
- You must be an administrator.
```plaintext
GET /users/:id/support_pin
```
Example request:
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/users/1234/support_pin"
```
Example response:
```json
{
"pin":"123456",
"expires_at":"2025-02-27T22:06:57Z"
}
```
Supported attributes:
| Attribute | Type | Required | Description |
|:-----------------------|:---------|:---------|:------------|
| `id` | integer | yes | ID of user account |

10
doc/development/documentation/site_architecture/_index.md
View File

@ -55,7 +55,6 @@ Then you can use one of these approaches:
- Recommended. [Add an entry in the global navigation](global_nav.md#add-a-navigation-entry) for
<https://docs.gitlab.com> that links directly to the documentation in that external repository.
The documentation pages are not indexed or searchable on <https://docs.gitlab.com>.
View [an example](https://gitlab.com/gitlab-org/gitlab-docs/-/blob/fedb6378a3c92274ba3b6031df0d34455594e4cc/content/_data/navigation.yaml#L2944-L2946).
- Create a landing page for the product in the `gitlab` repository, and add the landing page
[to the global navigation](global_nav.md#add-a-navigation-entry), but keep the rest
of the documentation in the external repository. The landing page is indexed and
@ -71,11 +70,10 @@ For more information, read about the [monthly release process](https://gitlab.co
## Danger Bot
GitLab uses [Danger](https://github.com/danger/danger) for some elements in
code review. For docs changes in merge requests, whenever a change to files under `/doc`
is made, Danger Bot leaves a comment with further instructions about the documentation
process. This is configured in the `Dangerfile` in the GitLab repository under
[/danger/documentation/](https://gitlab.com/gitlab-org/gitlab/-/tree/master/danger/documentation).
GitLab uses [Danger](https://github.com/danger/danger) to automate code review processes.
When documentation files in `/doc` are modified in a merge request,
Danger Bot automatically comments with documentation-related guidelines.
This automation is configured in the [`Dangerfile`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/danger/documentation/Dangerfile).
## Request a documentation survey banner

230
doc/development/documentation/site_architecture/deployment_process.md
View File

@ -7,9 +7,15 @@ title: Documentation deployments
## Deployment environments
The [GitLab documentation site](https://docs.gitlab.com/) is a static site hosted by [GitLab Pages](../../../user/project/pages/_index.md). The deployment is done by the [Pages deploy job](#pages-deploy-job).
The [GitLab documentation site](https://docs.gitlab.com/) is a static site hosted by [GitLab Pages](../../../user/project/pages/_index.md).
The deployment is done by the [Pages deploy jobs](#pages-deploy-jobs).
The website hosts documentation only for the [currently supported](../../../policy/maintenance.md) GitLab versions. Documentation for older versions is built and uploaded as Docker images to be downloaded from [GitLab Docs archives](https://docs.gitlab.com/archives/).
The website hosts documentation only for the [supported](https://about.gitlab.com/support/statement-of-support/#version-support) GitLab versions.
Documentation for older versions is available:
- Online at the [GitLab Docs Archives](https://archives.docs.gitlab.com).
- Offline or for self-hosted use at the [GitLab Docs Archives](https://docs.gitlab.com/archives/) as downloadable Docker packages.
## Parts of release process
@ -17,146 +23,123 @@ The documentation [release process](https://gitlab.com/gitlab-org/technical-writ
involves:
- Merge requests, to make changes to the `main` and relevant stable branches.
- Pipelines, to build and deploy Docker images to the [`docs-gitlab-com` container registry](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/container_registry)
for the relevant stable branches.
- Docker images used to build and deploy all the online documentation, including stable versions and the latest documentation.
Documentation deployments have dependencies on pipelines and Docker images as follows:
- The latest documentation pipelines and images depend on the stable documentation pipelines and images.
- The Pages deployment pipelines depend on the latest documentation images (which, in turn, depend on the stable
pipelines and images.)
For general information on using Docker with CI/CD pipelines, see [Docker integration](../../../ci/docker/_index.md).
- Pipelines, which:
- Build the documentation using Hugo.
- Deploy to GitLab Pages.
- Build Docker images used for testing and building.
- Docker images in the [`docs-gitlab-com` container registry](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/container_registry) used for the build environment.
## Stable branches
Pipelines for stable branches in the documentation project pull the relevant stable branches of included projects. For example, the documentation for stable version `14.4` is built from the [`14.4`](https://gitlab.com/gitlab-org/gitlab-docs/-/tree/14.4) branch of the `gitlab-docs` project, which then includes:
A stable branch (for example, `17.2`) is created in the documentation project for each GitLab release.
This branch pulls content from the corresponding stable branches of included projects:
- The [`14-4-stable-ee`](https://gitlab.com/gitlab-org/gitlab/-/tree/14-4-stable-ee) branch of the `gitlab` project.
- The [`14-4-stable`](https://gitlab.com/gitlab-org/gitlab-runner/-/tree/14-4-stable) branch of the `gitlab-runner` project.
- The [`14-4-stable`](https://gitlab.com/gitlab-org/omnibus-gitlab/-/tree/14-4-stable) branch of the `omnibus-gitlab` project.
- The [`5-4-stable`](https://gitlab.com/gitlab-org/charts/gitlab/-/tree/5-4-stable) branch of the `charts/gitlab` project.
`charts/gitlab` versions are [mapped](https://docs.gitlab.com/charts/installation/version_mappings.html) to GitLab
versions.
- The stable branch from the `gitlab` project (for example, `17-2-stable-ee`).
- The stable branch from the `gitlab-runner` project (for example, `17-2-stable`).
- The stable branch from the `omnibus-gitlab` project (for example, `17-2-stable`).
- The stable branch from the `charts/gitlab` project (for example, `7-2-stable`).
`charts/gitlab` versions are [mapped](https://docs.gitlab.com/charts/installation/version_mappings.html) to GitLab versions.
- The default branch for the `gitlab-org/cloud-native/gitlab-operator`.
The Technical Writing team
[creates the stable branch](https://gitlab.com/gitlab-org/gitlab-docs/-/blob/main/doc/releases.md#create-stable-branch-and-docker-image-for-release)
for the `gitlab-docs` project, which makes use of the stable branches created by other teams.
The Technical Writing team [creates the stable branch](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/-/blob/main/.gitlab/issue_templates/release.md?ref_type=heads#create-a-stable-branch-and-docker-image-for-the-release) for the `docs-gitlab-com` project, which makes use of the stable branches created by other teams.
## Stable documentation
When merge requests are merged that target stable branches of `gitlab-docs`, a pipeline builds
that stable documentation and deploys it to the registry. For example:
When merge requests that target stable branches of `docs-gitlab-com` are merged,
a pipeline builds the documentation using Hugo and deploys it as a [parallel deployment](../../../user/project/pages/_index.md#parallel-deployments).
- [14.4 merge request pipeline](https://gitlab.com/gitlab-org/gitlab-docs/-/pipelines/394459635).
- [14.3 merge request pipeline](https://gitlab.com/gitlab-org/gitlab-docs/-/pipelines/393774811).
- [14.2 merge request pipeline](https://gitlab.com/gitlab-org/gitlab-docs/-/pipelines/393774758).
- [13.12 merge request pipeline](https://gitlab.com/gitlab-org/gitlab-docs/-/pipelines/395365202).
- [12.10 merge request pipeline](https://gitlab.com/gitlab-org/gitlab-docs/-/pipelines/395365405).
Documentation is hosted at the following locations:
In particular, the [`image:docs-single` job](https://gitlab.com/gitlab-org/gitlab-docs/-/blob/4c18963fe0a414ad62f55b9e18f922588b2dd155/.gitlab-ci.yml#L655) in each pipeline runs automatically.
It takes what is built, and pushes it to the [container registry](https://gitlab.com/gitlab-org/gitlab-docs/container_registry/631635).
- The current stable version and two previous minor versions at `docs.gitlab.com/VERSION/`.
- Earlier versions at `archives.docs.gitlab.com/VERSION/`.
```mermaid
graph TD
A["14.4 MR merged"]
B["14.3 MR merged"]
C["14.2 MR merged"]
D["13.12 MR merged"]
E["12.10 MR merged"]
F{{"Container registry on gitlab-docs project"}}
A--"image:docs-single<br>job runs and pushes<br>gitlab-docs:14.4 image"-->F
B--"image:docs-single<br>job runs and pushes<br>gitlab-docs:14.3 image"-->F
C--"image:docs-single<br>job runs and pushes<br>gitlab-docs:14.2 image"-->F
D--"image:docs-single<br>job runs and pushes<br>gitlab-docs:13.12 image"-->F
E--"image:docs-single<br>job runs and pushes<br>gitlab-docs:12.10 image"-->F
```
When a new minor version is released, the oldest version on `docs.gitlab.com` gets moved to `archives.docs.gitlab.com`.
The [`image:docs-single`](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/-/blob/main/.gitlab/ci/docker-images.gitlab-ci.yml#L72)
job in each pipeline runs automatically. It takes what is built, and pushes it to the
[archives container registry](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/container_registry/8244403) for use in building and testing environments.
### Rebuild stable documentation images
To rebuild any of the stable documentation images, create a [new pipeline](https://gitlab.com/gitlab-org/gitlab-docs/-/pipelines/new)
for the stable branch of the image to rebuild. You might do this:
To rebuild any of the stable documentation images, create a [new pipeline](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/-/pipelines/new)
for the stable branch to rebuild. You might do this:
- To include new documentation changes from an upstream stable branch into a stable version Docker image. For example,
rebuild the `14.4` Docker image to include changes subsequently merged in the `gitlab` project's
[`14-4-stable-ee`](https://gitlab.com/gitlab-org/gitlab/-/tree/14-4-stable-ee) branch.
- To incorporate changes made to the `gitlab-docs` project itself to a stable branch. For example:
- CSS style changes.
- Changes to the [version menu for a new release](https://gitlab.com/gitlab-org/gitlab-docs/-/blob/main/doc/releases.md#update-dropdown-for-online-versions).
- To include new documentation changes from an upstream stable branch. For example,
rebuild the `17.9` documentation to include changes subsequently merged in the `gitlab` project's
[`17-9-stable-ee`](https://gitlab.com/gitlab-org/gitlab/-/tree/17-9-stable-ee) branch.
- To incorporate changes made to the `docs-gitlab-com` project itself to a stable branch. For example, CSS style changes.
## Latest documentation
We build a Docker image (tagged `latest`) that contains:
The latest (upcoming and unreleased) documentation is built from the default branch (`main`) of `docs-gitlab-com` and deployed to `docs.gitlab.com`.
- The latest online version of the documentation.
- The documentation from the stable branches of upstream projects.
The process involves:
The [`image:docs-latest` job](https://gitlab.com/gitlab-org/gitlab-docs/-/blob/4c18963fe0a414ad62f55b9e18f922588b2dd155/.gitlab-ci.yml#L678):
- Building the site (`build:compile_site` job):
- Pulls content from default branches of upstream projects (`gitlab`, `gitlab-runner`, `omnibus-gitlab`, `gitlab-operator` and `charts`).
- Compiles the site using Hugo.
- Pulls the latest documentation from the default branches of the relevant upstream projects.
- Pulls the Docker images previously built by the `image:docs-single` jobs.
- Must be run manually on a scheduled pipeline.
For example, [a pipeline](https://gitlab.com/gitlab-org/gitlab-docs/-/pipelines/399233948) containing the
[`image:docs-latest` job](https://gitlab.com/gitlab-org/gitlab-docs/-/jobs/1733948330):
```mermaid
graph TD
A["Latest gitlab, gitlab-runner<br>omnibus-gitlab, and charts"]
subgraph "Container registry on gitlab-docs project"
B["14.4 versioned docs<br>gitlab-docs:14.4"]
C["14.3 versioned docs<br>gitlab-docs:14.3"]
D["14.2 versioned docs<br>gitlab-docs:14.2"]
E["13.12 versioned docs<br>gitlab-docs:13.12"]
F["12.10 versioned docs<br>gitlab-docs:12.10"]
end
G[["Scheduled pipeline<br>image:docs-latest job<br>combines all these"]]
A--"Default branches<br>pulled down"-->G
B--"gitlab-docs:14.4 image<br>pulled down"-->G
C--"gitlab-docs:14.3 image<br>pulled down"-->G
D--"gitlab-docs:14.2 image<br>pulled down"-->G
E--"gitlab-docs:13.12 image<br>pulled down"-->G
F--"gitlab-docs:12.10 image<br>pulled down"-->G
H{{"Container registry on gitlab-docs project"}}
G--"Latest gitlab-docs:latest image<br>pushed up"-->H
```
## Pages deploy job
[GitLab Docs](https://docs.gitlab.com) is a [Pages site](../../../user/project/pages/_index.md) and documentation updates
for it must be deployed to become available.
The [`pages`](https://gitlab.com/gitlab-org/gitlab-docs/-/blob/4c18963fe0a414ad62f55b9e18f922588b2dd155/.gitlab-ci.yml#L491)
job runs automatically when a pipeline runs on the default branch (`main`).
It runs the necessary commands to combine:
- A very up-to-date build of the `gitlab-docs` site code.
- The latest docs from the default branches of the upstream projects.
- The documentation from `image:docs-latest`.
For example, [a pipeline](https://gitlab.com/gitlab-org/gitlab-docs/-/pipelines/399233948) containing the
[`pages` job](https://gitlab.com/gitlab-org/gitlab-docs/-/jobs/1733948332).
- Deploying the site (`pages` job):
- Takes the compiled site.
- Deploys it to `docs.gitlab.com` with GitLab Pages.
```mermaid
graph LR
A{{"Container registry on gitlab-docs project"}}
B[["Scheduled pipeline<br>`pages` and<br>`pages:deploy` job"]]
C([docs.gitlab.com])
A--"gitlab-docs:latest<br>pulled"-->B
B--"Unpacked documentation uploaded"-->C
A["Default branches<br>of upstream projects"]
B["build:compile_site job"]
C["pages job"]
D([docs.gitlab.com])
A--"Content pulled"-->B
B--"Compiled site"-->C
C--"Deployed with<br>GitLab Pages"-->D
```
The process runs automatically when changes are merged to the default branch.
This ensures `docs.gitlab.com` always shows the latest documentation for the upcoming release.
Docker images are used in the build process, but only as part of the build environment, not for serving the documentation.
## Pages deploy jobs
The deployment of all documentation versions is handled by two GitLab Pages jobs:
- [`pages`](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/-/blob/main/.gitlab/ci/deploy.gitlab-ci.yml#L5) job:
- Deploys the upcoming unreleased version to `docs.gitlab.com`.
- Triggered by pipelines on the default branch (`main`).
- Takes compiled site from `build:compile_site` job.
- [`pages-archives`](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/-/blob/main/.gitlab/ci/deploy.gitlab-ci.yml#L38) job:
- Deploys stable versions:
- The current stable version and two previous minor versions at `docs.gitlab.com/VERSION/`.
- Earlier versions at `archives.docs.gitlab.com/VERSION/` using the [`gitlab-docs-archives`](https://gitlab.com/gitlab-org/gitlab-docs-archives/-/branches) project.
- Takes compiled site from `build:compile_archive` job.
```mermaid
graph LR
A["build:compile_site job"]
B["build:compile_archive job"]
C["pages job"]
D["pages-archives job"]
E([docs.gitlab.com])
F([docs.gitlab.com/VERSION/])
G([archives.docs.gitlab.com/VERSION/])
A--"Compiled site"-->C
B--"Compiled site"-->D
C--"Deploys upcoming version"-->E
D--"Deploys current stable and two previous versions"-->F
D--"Deploys earlier versions"-->G
```
For example, a [pipeline](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/-/pipelines/1681025501) that contains the
[`pages`](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/-/jobs/9199739351) job.
### Manually deploy to production
GitLab Docs is deployed to production whenever the `Build docs.gitlab.com every hour` scheduled pipeline runs. By
default, this pipeline runs every hour.
Documentation is deployed to production automatically when changes are merged to the appropriate branches.
However, maintainers can [manually](../../../ci/pipelines/schedules.md#run-manually) trigger a deployment if needed:
Maintainers can [manually](../../../ci/pipelines/schedules.md#run-manually) run this pipeline to force a deployment to
production:
1. Go to the [scheduled pipelines](https://gitlab.com/gitlab-org/gitlab-docs/-/pipeline_schedules) for `gitlab-docs`.
1. Next to `Build docs.gitlab.com every hour`, select **Play** ({{< icon name="play" >}}).
1. Go to the [Pipeline schedules](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/-/pipeline_schedules) page.
1. Next to `Build docs.gitlab.com every hour`, select **Run schedule pipeline** ({{< icon name="play" >}}).
The updated documentation is available in production after the `pages` and `pages:deploy` jobs
complete in the new pipeline.
@ -166,22 +149,5 @@ If you do not have the Maintainer role to perform this task, ask for help in the
## Docker files
The [`dockerfiles` directory](https://gitlab.com/gitlab-org/gitlab-docs/-/tree/main/dockerfiles) contains Dockerfiles needed
to build, test, and deploy <https://docs.gitlab.com>.
## Troubleshooting
### Not a known icon in `@gitlab-org/gitlab-svg`
If you attempt to use an icon in the UI or documentation and receive this error
in the `docs-lint links` job, the `html-lint` Docker image needs an update:
```plaintext
ArgumentError: example-image is not a known icon in @gitlab-org/gitlab-svg
926lib/helpers/icons_helper.rb:22:in `icon':
example-image is not a known icon in @gitlab-org/gitlab-svg (ArgumentError)
```
Use the `#docs` channel in Slack to request a member of the Technical Writing team
update the Docker image. For more information, see the
[internal Technical Writing team documentation](https://gitlab.com/gitlab-org/gitlab-docs/-/blob/main/doc/troubleshooting.md?ref_type=heads#error-argumenterror-icon-name-is-not-a-known-icon-in-gitlab-orggitlab-svg).
The [`dockerfiles`](https://gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/-/tree/main/dockerfiles?ref_type=heads) directory
contains Dockerfiles needed to build, test, and deploy <https://docs.gitlab.com>.

3
doc/development/documentation/site_architecture/folder_structure.md
View File

@ -83,11 +83,10 @@ Then you can either:
- Publish it to <https://docs.gitlab.com>.
- Link to it from <https://docs.gitlab.com> by adding an entry in the global navigation.
View [an example](https://gitlab.com/gitlab-org/gitlab-docs/-/blob/fedb6378a3c92274ba3b6031df0d34455594e4cc/content/_data/navigation.yaml#L2944).
## References across documents
- Give each folder an `index.md` page that introduces the topic, and both introduces
- Give each folder an `_index.md` page that introduces the topic, and both introduces
and links to the child pages, including to the index pages of
any next-level sub-paths.
- To ensure discoverability, ensure each new or renamed doc is linked from its

2
doc/user/application_security/secret_detection/pipeline/_index.md
View File

@ -848,7 +848,7 @@ Pipeline secret detection can be customized by defining available CI/CD variable
| CI/CD variable | Default value | Description |
|-----------------------------------|---------------|-------------|
| `SECRET_DETECTION_EXCLUDED_PATHS` | "" | Exclude vulnerabilities from output based on the paths. The paths are a comma-separated list of patterns. Patterns can be globs (see [`doublestar.Match`](https://pkg.go.dev/github.com/bmatcuk/doublestar/v4@v4.0.2#Match) for supported patterns), or file or folder paths (for example, `doc,spec` ). Parent directories also match patterns. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/225273) in GitLab 13.3. |
| `SECRET_DETECTION_EXCLUDED_PATHS` | "" | Exclude vulnerabilities from output based on the paths. The paths are a comma-separated list of patterns. Patterns can be globs (see [`doublestar.Match`](https://pkg.go.dev/github.com/bmatcuk/doublestar/v4@v4.0.2#Match) for supported patterns), or file or folder paths (for example, `doc,spec` ). Parent directories also match patterns. Detected secrets previously added to the vulnerability report are not removed. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/225273) in GitLab 13.3. |
| `SECRET_DETECTION_HISTORIC_SCAN` | false | Flag to enable a historic Gitleaks scan. |
| `SECRET_DETECTION_IMAGE_SUFFIX` | "" | Suffix added to the image name. If set to `-fips`, `FIPS-enabled` images are used for scan. See [Use FIPS-enabled images](#fips-enabled-images) for more details. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/355519) in GitLab 14.10. |
| `SECRET_DETECTION_LOG_OPTIONS` | "" | [`git log`](https://git-scm.com/docs/git-log) options used to define commit ranges. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/350660) in GitLab 15.1.|

1
doc/user/duo_workflow/_index.md
View File

@ -46,6 +46,7 @@ Workflow:
For more information, see:
- [Set up Workflow](set_up.md).
- [Use Workflow in your IDE](use_in_your_ide.md).
- [Best practices](best_practices.md).

23
doc/user/profile/_index.md
View File

@ -30,6 +30,29 @@ To access your user settings:
1. On the left sidebar, select your avatar.
1. Select **Edit profile**.
## Generate or change your Support PIN
GitLab Support may ask for an personal identification number (PIN) to validate your identity.
The PIN expires seven days after creation.
To generate a new Support PIN:
1. On the left sidebar, select your avatar.
1. Select **Edit profile**.
1. On the left sidebar, select **Account**.
1. Select **Generate New PIN**.
## Access your Support Pin
If you've created a Support Pin previously,
the PIN is accessible in your profile and expires seven days after creation.
To access your Support PIN:
1. On the left sidebar, select your avatar.
1. Select **Edit profile**.
1. On the left sidebar, select **Account**.
## Change your username
Your username has a unique [namespace](../namespace/_index.md),

7
doc/user/profile/personal_access_tokens.md
View File

@ -191,9 +191,12 @@ Disabling the personal access tokens of a group's [enterprise users](../enterpri
- Stops the enterprise users from creating new personal access tokens. This behavior applies
even if an enterprise user is also an administrator of the group.
- Disables the existing personal access tokens of the enterprise users.
- Disables OAuth tokens. This prevents usage of the [Web IDE](../project/web_ide/_index.md).
- Disables OAuth tokens.
{{< alert type="note" >}}
{{< alert type="warning" >}}
Disabling personal access tokens for enterprise users prevents usage of the [Web IDE](../project/web_ide/_index.md),
limits access to GitLab Pages, and disrupts third-party integrations that use GitLab as an OAuth provider.
Disabling personal access tokens for enterprise users does not disable personal access tokens for [service accounts](service_accounts.md).

6
keeps/overdue_finalize_background_migration.rb
View File

@ -112,8 +112,12 @@ module Keeps
def truncate_migration_name(migration_name)
# File names not allowed to exceed 100 chars due to Cop/FilenameLength so we truncate to 70 because there will be
# underscores added.
if migration_name.length > 70
# Consisten 5 digit integer hash so that we always get the same name every time we run this keep
hash = Digest::SHA256.hexdigest(migration_name).to_i(16) % 100000
end
migration_name[0...70]
migration_name[0...65] + hash.to_s
end
def add_finalized_by_to_yaml(yaml_file, migration_number)

13
lib/gitlab/background_migration/sync_unlinked_security_policy_project_links.rb Normal file
View File

@ -0,0 +1,13 @@
# frozen_string_literal: true
module Gitlab
module BackgroundMigration
class SyncUnlinkedSecurityPolicyProjectLinks < BatchedMigrationJob
feature_category :security_policy_management
def perform; end
end
end
end
Gitlab::BackgroundMigration::SyncUnlinkedSecurityPolicyProjectLinks.prepend_mod

2
spec/factories/notes.rb
View File

@ -44,6 +44,8 @@ FactoryBot.define do
factory :legacy_diff_note_on_commit, traits: [:on_commit, :legacy_diff_note], class: 'LegacyDiffNote'
factory :discussion_note_on_work_item, traits: [:on_work_item], class: 'DiscussionNote'
factory :legacy_diff_note_on_merge_request, traits: [:on_merge_request, :legacy_diff_note], class: 'LegacyDiffNote' do
association :project, :repository
position { '' }

10
spec/frontend/security_configuration/components/secret_push_protection_feature_card_spec.js
View File

@ -5,7 +5,7 @@ import Vue from 'vue';
import { extendedWrapper } from 'helpers/vue_test_utils_helper';
import SecretPushProtectionFeatureCard from '~/security_configuration/components/secret_push_protection_feature_card.vue';
import createMockApollo from 'helpers/mock_apollo_helper';
import ProjectPreReceiveSecretDetection from '~/security_configuration/graphql/set_pre_receive_secret_detection.graphql';
import ProjectSetSecretPushProtection from '~/security_configuration/graphql/set_secret_push_protection.graphql';
import waitForPromises from 'helpers/wait_for_promises';
import { secretPushProtectionMock } from '../mock_data';
@ -13,8 +13,8 @@ Vue.use(VueApollo);
const setMockResponse = {
data: {
setPreReceiveSecretDetection: {
preReceiveSecretDetectionEnabled: true,
setSecretPushProtection: {
secretPushProtectionEnabled: true,
errors: [],
},
},
@ -38,9 +38,7 @@ describe('SecretPushProtectionFeatureCard component', () => {
requestHandlers = {
setMutationHandler: jest.fn().mockResolvedValue(setMockResponse),
};
return createMockApollo([
[ProjectPreReceiveSecretDetection, requestHandlers.setMutationHandler],
]);
return createMockApollo([[ProjectSetSecretPushProtection, requestHandlers.setMutationHandler]]);
};
const createComponent = ({ props = {}, provide = {} } = {}) => {

12
spec/graphql/resolvers/user_discussions_count_resolver_spec.rb
View File

@ -14,11 +14,23 @@ RSpec.describe Resolvers::UserDiscussionsCountResolver do
let_it_be(:public_discussions) { create_list(:discussion_note_on_issue, 2, noteable: issue, project: project) }
let_it_be(:system_discussion) { create(:discussion_note_on_issue, system: true, noteable: issue, project: project) }
let_it_be(:private_discussion) { create_list(:discussion_note_on_issue, 3, noteable: private_issue, project: private_project) }
let_it_be(:work_item) { create(:work_item, project: project) }
let_it_be(:private_work_item) { create(:work_item, project: private_project) }
let_it_be(:public_discussions_on_work_item) { create_list(:discussion_note_on_work_item, 2, noteable: work_item, project: project) }
let_it_be(:system_discussion_on_work_item) { create(:discussion_note_on_work_item, system: true, noteable: work_item, project: project) }
specify do
expect(described_class).to have_nullable_graphql_type(GraphQL::Types::Int)
end
context 'when counting discussions from a work item' do
subject { batch_sync { resolve_user_discussions_count(work_item) } }
it 'returns the number of discussions for the work item' do
expect(subject).to eq(2)
end
end
context 'when counting discussions from a public issue' do
subject { batch_sync { resolve_user_discussions_count(issue) } }

18
spec/keeps/overdue_finalize_background_migration_spec.rb
View File

@ -67,4 +67,22 @@ RSpec.describe Keeps::OverdueFinalizeBackgroundMigration, feature_category: :too
end
end
end
describe '#truncate_migration_name' do
let(:migration_name) { 'FinalizeHKSomeLongMigrationNameThatIsLongerThanLimitMigrationNameThatIsLongerThanLimit' }
subject(:truncated_name) { keep.truncate_migration_name(migration_name) }
it 'returns truncated name' do
expect(truncated_name).to eq('FinalizeHKSomeLongMigrationNameThatIsLongerThanLimitMigrationName51841')
end
context 'when name is short enough' do
let(:migration_name) { 'FinalizeHKSomeShortMigrationName' }
it 'returns the name' do
expect(truncated_name).to eq(migration_name)
end
end
end
end

2
spec/lib/gitlab/ssh_public_key_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe Gitlab::SSHPublicKey, :lib, fips_mode: false do
RSpec.describe Gitlab::SSHPublicKey, :lib, feature_category: :system_access, fips_mode: false do
let(:key) { attributes_for(:rsa_key_2048)[:key] }
let(:public_key) { described_class.new(key) }

27
spec/migrations/20250211095858_queue_sync_unlinked_security_policy_project_links_spec.rb Normal file
View File

@ -0,0 +1,27 @@
# frozen_string_literal: true
require 'spec_helper'
require_migration!
RSpec.describe QueueSyncUnlinkedSecurityPolicyProjectLinks, migration: :gitlab_main_cell, feature_category: :security_policy_management do
let!(:batched_migration) { described_class::MIGRATION }
it 'schedules a new batched migration' do
reversible_migration do |migration|
migration.before -> {
expect(batched_migration).not_to have_scheduled_batched_migration
}
migration.after -> {
expect(batched_migration).to have_scheduled_batched_migration(
gitlab_schema: :gitlab_main,
table_name: :security_policies,
column_name: :id,
interval: described_class::DELAY_INTERVAL,
batch_size: described_class::BATCH_SIZE,
sub_batch_size: described_class::SUB_BATCH_SIZE
)
}
end
end
end

2
spec/models/key_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe Key, :mailer do
RSpec.describe Key, :mailer, feature_category: :system_access do
it_behaves_like 'having unique enum values'
describe "Associations" do

4
spec/support/helpers/value_streams_dashboard_helpers.rb
View File

@ -31,6 +31,10 @@ module ValueStreamsDashboardHelpers
"[data-testid='dashboard-list-item']"
end
def dashboard_list_item_title
"[data-testid='dashboard-router-link']"
end
def create_custom_yaml_config(user, pointer_project, yaml_fixture_path)
repository_file_path = '.gitlab/analytics/dashboards/value_streams/value_streams.yaml'