root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-01-25 00:08:15 +00:00
parent 812618b55c
commit 93267beba8
1173 changed files with 10091 additions and 3109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitlab/ci/package-and-test/main.gitlab-ci.yml
View File

@ -567,7 +567,7 @@ importers:
- if: $QA_SUITES =~ /Test::Integration::Import/
- !reference [.rules:test:manual, rules]
ai-gateway-sync-seat-link:
ai-gateway:
extends:
- .qa
- .failure-videos
@ -578,11 +578,6 @@ ai-gateway-sync-seat-link:
- if: $QA_SUITES =~ /Test::Integration::AiGateway/
- !reference [.rules:test:manual, rules]
ai-gateway-sync-service-token:
extends: ai-gateway-sync-seat-link
variables:
QA_USE_SYNC_SERVICE_TOKEN_WORKER: "true"
# ------------------------------------------
# Update jobs
# ------------------------------------------

56
app/assets/javascripts/ci/catalog/components/list/ci_resources_list_item.vue
View File

@ -8,6 +8,7 @@ import { CI_RESOURCE_DETAILS_PAGE_NAME } from '../../router/constants';
export default {
i18n: {
components: s__('CiCatalog|Components:'),
unreleased: s__('CiCatalog|Unreleased'),
releasedMessage: s__('CiCatalog|Released %{timeAgo} by %{author}'),
},
@ -34,8 +35,12 @@ export default {
authorProfileUrl() {
return this.latestVersion.author.webUrl;
},
resourceId() {
return cleanLeadingSeparator(this.resource.webPath);
componentNames() {
const components = this.resource.latestVersion?.components?.nodes;
return components?.map((component) => component.name).join(', ') || null;
},
detailsPageHref() {
return decodeURIComponent(this.detailsPageResolved.href);
},
detailsPageResolved() {
return this.$router.resolve({
@ -43,33 +48,36 @@ export default {
params: { id: this.resourceId },
});
},
detailsPageHref() {
return decodeURIComponent(this.detailsPageResolved.href);
},
entityId() {
return getIdFromGraphQLId(this.resource.id);
},
formattedDate() {
return formatDate(this.latestVersion?.releasedAt);
},
hasComponents() {
return Boolean(this.componentNames);
},
hasReleasedVersion() {
return Boolean(this.latestVersion?.releasedAt);
},
latestVersion() {
return this.resource?.latestVersion || {};
},
name() {
return this.latestVersion?.name || this.$options.i18n.unreleased;
},
releasedAt() {
return getTimeago().format(this.latestVersion?.releasedAt);
},
resourceId() {
return cleanLeadingSeparator(this.resource.webPath);
},
starCount() {
return this.resource?.starCount || 0;
},
starCountText() {
return n__('Star', 'Stars', this.starCount);
},
hasReleasedVersion() {
return Boolean(this.latestVersion?.releasedAt);
},
formattedDate() {
return formatDate(this.latestVersion?.releasedAt);
},
latestVersion() {
return this.resource?.latestVersion || {};
},
releasedAt() {
return getTimeago().format(this.latestVersion?.releasedAt);
},
name() {
return this.latestVersion?.name || this.$options.i18n.unreleased;
},
webPath() {
return cleanLeadingSeparator(this.resource?.webPath);
},
@ -152,6 +160,14 @@ export default {
</span>
</div>
</div>
<div
v-if="hasComponents"
data-testid="ci-resource-component-names"
class="gl-font-sm gl-mt-1"
>
<span class="gl-font-weight-bold"> &#8226; {{ $options.i18n.components }} </span>
<span class="gl-text-gray-900">{{ componentNames }}</span>
</div>
</div>
</li>
</template>

6
app/assets/javascripts/ci/catalog/graphql/fragments/catalog_resource.fragment.graphql
View File

@ -7,6 +7,12 @@ fragment CatalogResourceFields on CiCatalogResource {
starCount
latestVersion {
id
components {
nodes {
id
name
}
}
name
path
releasedAt

4
app/models/concerns/pg_full_text_searchable.rb
View File

@ -58,7 +58,7 @@ module PgFullTextSearchable
column_text = self[column].gsub(LONG_WORDS_REGEX, ' ')
column_text = column_text[0..(TSVECTOR_MAX_LENGTH - 1)]
column_text = ActiveSupport::Inflector.transliterate(column_text)
column_text = Gitlab::I18n.with_default_locale { ActiveSupport::Inflector.transliterate(column_text) }
column_text = column_text.gsub(XML_TAG_REGEX, ' \1 ')
Arel::Nodes::NamedFunction.new(
@ -136,7 +136,7 @@ module PgFullTextSearchable
# URLs get broken up into separate words when : is removed below, so we just remove the whole scheme.
query = remove_url_scheme(query)
# Remove accents from search term to match indexed data
query = ActiveSupport::Inflector.transliterate(query)
query = Gitlab::I18n.with_default_locale { ActiveSupport::Inflector.transliterate(query) }
# Prevent users from using tsquery operators that can cause syntax errors.
query = filter_allowed_characters(query)

9
config/feature_flags/experiment/stop_precalling_binary_for_blobs.yml Normal file
View File

@ -0,0 +1,9 @@
---
name: stop_precalling_binary_for_blobs
feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/424140
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/142418
rollout_issue_url: https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17440
milestone: '16.9'
group: group::code review
type: experiment
default_enabled: false

17
data/deprecations/16-9-deprecate-license-scanning-ci-templates.yml Normal file
View File

@ -0,0 +1,17 @@
- title: "Deprecate License Scanning CI templates"
removal_milestone: "17.0"
announcement_milestone: "16.9"
breaking_change: true
reporter: thiagocsf
stage: secure
issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/439157
body: | # (required) Don't change this line.
GitLab 17.0 removes the License Scanning CI templates:
- [`Jobs/License-Scanning.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/6d9956863d3cd066edc50a29767c2cd4a939c6fd/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml)
- [`Jobs/License-Scanning.latest.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/6d9956863d3cd066edc50a29767c2cd4a939c6fd/lib/gitlab/ci/templates/Jobs/License-Scanning.latest.gitlab-ci.yml)
- [`Security/License-Scanning.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/6d9956863d3cd066edc50a29767c2cd4a939c6fd/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml)
CI configurations including any of the templates above will stop working in GitLab 17.0.
Users are advised to use [License scanning of CycloneDX files](https://docs.gitlab.com/ee/user/compliance/license_scanning_of_cyclonedx_files/) instead.

8
db/docs/batched_background_migrations/backfill_catalog_resource_versions_released_at.yml Normal file
View File

@ -0,0 +1,8 @@
---
migration_job_name: BackfillCatalogResourceVersionsReleasedAt
description: Backfills catalog_resource_versions.released_at with data from releases.released_at.
feature_category: pipeline_composition
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/142255
milestone: '16.9'
queued_migration_version: 20240118225727
finalize_after: '2024-01-22'

27
db/post_migrate/20240118225727_queue_backfill_catalog_resource_versions_released_at.rb Normal file
View File

@ -0,0 +1,27 @@
# frozen_string_literal: true
class QueueBackfillCatalogResourceVersionsReleasedAt < Gitlab::Database::Migration[2.2]
milestone '16.9'
restrict_gitlab_migration gitlab_schema: :gitlab_main
MIGRATION = 'BackfillCatalogResourceVersionsReleasedAt'
DELAY_INTERVAL = 2.minutes
BATCH_SIZE = 500
SUB_BATCH_SIZE = 100
def up
queue_batched_background_migration(
MIGRATION,
:catalog_resource_versions,
:id,
job_interval: DELAY_INTERVAL,
batch_size: BATCH_SIZE,
sub_batch_size: SUB_BATCH_SIZE
)
end
def down
delete_batched_background_migration(MIGRATION, :catalog_resource_versions, :id, [])
end
end

1
db/schema_migrations/20240118225727 Normal file
View File

@ -0,0 +1 @@
cdcbcde66af020836f20d076ba4ef757edc09b5659a681e2eeb2008ffc6cdf94

22
doc/administration/admin_area.md
View File

@ -4,7 +4,11 @@ group: unassigned
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# GitLab Admin Area **(FREE SELF)**
# GitLab Admin Area
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
The Admin Area provides a web UI to manage and configure features of GitLab
self-managed instances. If you are an administrator, to access the Admin Area:
@ -143,7 +147,11 @@ When using authentication providers, administrators can see the identities for a
This list shows the user's identities, including SCIM identities. Administrators can use this information to troubleshoot SCIM-related issues and confirm
the identities being used for an account.
### User Permission Export **(PREMIUM SELF)**
### User Permission Export
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1772) in GitLab 13.8.
> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/292436) in GitLab 13.9.
@ -326,7 +334,7 @@ For each Gitaly server, the following details are listed:
### Administering runners
> [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/340859) from **Overview > Runners** to **CI/CD > Runners** in GitLab 15.8.
> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/340859) from **Overview > Runners** to **CI/CD > Runners** in GitLab 15.8.
You can administer all runners in the GitLab instance from the Admin Area's **Runners** page. See
[GitLab Runner](https://docs.gitlab.com/runner/) for more information.
@ -383,7 +391,7 @@ You can also edit, pause, or remove each runner.
### Administering Jobs
> [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/386311) from **Overview > Jobs** to **CI/CD > Jobs** in GitLab 15.8.
> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/386311) from **Overview > Jobs** to **CI/CD > Jobs** in GitLab 15.8.
You can administer all jobs in the GitLab instance from the Admin Area's Jobs page.
@ -467,7 +475,11 @@ For details of these log files and their contents, see [Log system](logs/index.m
The content of each log file is listed in chronological order. To minimize performance issues, a maximum 2000 lines of each log file are shown.
### Audit Events **(PREMIUM SELF)**
### Audit Events
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
The **Audit Events** page lists changes made within the GitLab server. With this information you can control, analyze, and track every change.

12
doc/administration/analytics/dev_ops_reports.md
View File

@ -4,7 +4,11 @@ group: Optimize
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# DevOps Reports **(FREE SELF)**
# DevOps Reports
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
DevOps Reports give you an overview of your entire instance's adoption of
[DevOps](https://about.gitlab.com/topics/devops/)
@ -37,7 +41,11 @@ information is **not sent** to any other GitLab instances.
If you have just started using GitLab, it might take a few weeks for data to be collected before this
feature is available.
## DevOps Adoption **(ULTIMATE SELF)**
## DevOps Adoption
DETAILS:
**Tier:** Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/247112) in GitLab 13.7 as a [Beta feature](../../policy/experiment-beta-support.md#beta).
> - The Overview tab [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/330401) in GitLab 14.1.

8
doc/administration/analytics/index.md
View File

@ -4,9 +4,13 @@ group: Optimize
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Instance-level analytics **(FREE SELF)**
# Instance-level analytics
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41416) in GitLab 11.2.
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41416) in GitLab 11.2.
Instance-level analytics provide insights into the feature and data usage of your entire instance.

6
doc/administration/analytics/usage_trends.md
View File

@ -4,7 +4,11 @@ group: Optimize
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Usage Trends **(FREE SELF)**
# Usage Trends
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/235754) in GitLab 13.5 behind a feature flag, disabled by default.
> - [Became enabled by default](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/46962) in GitLab 13.6.

8
doc/administration/appearance.md
View File

@ -4,7 +4,11 @@ group: unassigned
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# GitLab Appearance **(FREE SELF)**
# GitLab Appearance
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
You can update your settings to change the look and feel of your GitLab self-managed instance.
@ -92,7 +96,7 @@ You can add also add a [customized help message](settings/help_page.md) below th
## Customize the Progressive Web App
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375708) in GitLab 15.9.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375708) in GitLab 15.9.
Customize the icon, display name, short name, and description for your Progessive Web App (PWA). For more information, see [Progressive Web App](https://developer.mozilla.org/en-US/docs/Web/Progressive_web_apps).

6
doc/administration/application_settings_cache.md
View File

@ -4,7 +4,11 @@ group: Cloud Connector
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Application cache interval **(FREE SELF)**
# Application cache interval
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
By default, GitLab caches application settings for 60 seconds. Occasionally,
you may need to increase that interval to have more delay between application

12
doc/administration/audit_event_streaming/examples.md
View File

@ -108,7 +108,7 @@ Push:
### Example payloads for Git over SSH events with Deploy Key
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/363876) in GitLab 15.3.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/363876) in GitLab 15.3.
Fetch:
@ -275,7 +275,7 @@ Fetch:
## Audit event streaming on merge request approval actions
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/271162) in GitLab 14.9.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/271162) in GitLab 14.9.
Stream audit events that relate to merge approval actions performed in a project.
@ -321,7 +321,7 @@ X-Gitlab-Audit-Event-Type: audit_operation
## Audit event streaming on merge request create actions
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90911) in GitLab 15.2.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90911) in GitLab 15.2.
Stream audit events that relate to merge request create actions using the `/logs` endpoint.
@ -370,7 +370,7 @@ X-Gitlab-Event-Streaming-Token: <DESTINATION_TOKEN>
## Audit event streaming on project fork actions
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90916) in GitLab 15.2.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90916) in GitLab 15.2.
Stream audit events that relate to project fork actions using the `/logs` endpoint.
@ -419,7 +419,7 @@ X-Gitlab-Event-Streaming-Token: <DESTINATION_TOKEN>
## Audit event streaming on project group link actions
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90955) in GitLab 15.2.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90955) in GitLab 15.2.
Stream audit events that relate to project group link creation, updates, and deletion using the `/logs` endpoint.
@ -533,7 +533,7 @@ X-Gitlab-Event-Streaming-Token: <DESTINATION_TOKEN>
## Audit event streaming on invalid merge request approver state
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/374566) in GitLab 15.5.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/374566) in GitLab 15.5.
Stream audit events that relate to invalid merge request approver states in a project.

16
doc/administration/audit_event_streaming/graphql_api.md
View File

@ -4,7 +4,11 @@ group: Compliance
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Audit event streaming GraphQL API **(ULTIMATE ALL)**
# Audit event streaming GraphQL API
DETAILS:
**Tier:** Ultimate
**Offering:** SaaS, self-managed
> - API [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332747) in GitLab 14.5 [with a flag](../feature_flags.md) named `ff_external_audit_events_namespace`. Disabled by default.
> - API [enabled on GitLab.com and by default on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/338939) in GitLab 14.7.
@ -335,7 +339,7 @@ Event type filters are removed if:
### Google Cloud Logging destinations
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/409422) in GitLab 16.1.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/409422) in GitLab 16.1.
Manage Google Cloud Logging destinations for top-level groups.
@ -467,7 +471,11 @@ Streaming configuration is deleted if:
- The returned `errors` object is empty.
- The API responds with `200 OK`.
## Instance streaming destinations **(ULTIMATE SELF)**
## Instance streaming destinations
DETAILS:
**Tier:** Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/335175) in GitLab 16.0 [with a flag](../feature_flags.md) named `ff_external_audit_events`. Disabled by default.
> - [Feature flag `ff_external_audit_events`](https://gitlab.com/gitlab-org/gitlab/-/issues/393772) enabled by default in GitLab 16.2.
@ -743,7 +751,7 @@ Event type filters are removed if:
### Google Cloud Logging destinations
> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/11303) in GitLab 16.5.
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/11303) in GitLab 16.5.
Manage Google Cloud Logging destinations for an entire instance.

18
doc/administration/audit_event_streaming/index.md
View File

@ -4,7 +4,11 @@ group: Compliance
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Audit event streaming **(ULTIMATE ALL)**
# Audit event streaming
DETAILS:
**Tier:** Ultimate
**Offering:** SaaS, self-managed
> - UI [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/336411) in GitLab 14.9.
> - [Subgroup events recording](https://gitlab.com/gitlab-org/gitlab/-/issues/366878) fixed in GitLab 15.2.
@ -130,7 +134,7 @@ To delete only the custom HTTP headers for a streaming destination:
#### Verify event authenticity
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/360814) in GitLab 15.2.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/360814) in GitLab 15.2.
Each streaming destination has a unique verification token (`verificationToken`) that can be used to verify the authenticity of the event. This
token is either specified by the Owner or generated automatically when the event destination is created and cannot be changed.
@ -200,7 +204,7 @@ To override the `content-type` header default value for a top-level group stream
### Google Cloud Logging destinations
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124384) in GitLab 16.2.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124384) in GitLab 16.2.
Manage Google Cloud Logging destinations for top-level groups.
@ -354,7 +358,11 @@ To delete AWS S3 streaming destinations to a top-level group:
1. Select **Delete destination**.
1. Confirm by selecting **Delete destination** in the dialog.
## Instance streaming destinations **(ULTIMATE SELF)**
## Instance streaming destinations
DETAILS:
**Tier:** Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/398107) in GitLab 16.1 [with a flag](../feature_flags.md) named `ff_external_audit_events`. Disabled by default.
> - [Feature flag `ff_external_audit_events`](https://gitlab.com/gitlab-org/gitlab/-/issues/393772) enabled by default in GitLab 16.2.
@ -511,7 +519,7 @@ To override the `content-type` header default value for an instance streaming de
### Google Cloud Logging destinations
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131851) in GitLab 16.5.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131851) in GitLab 16.5.
Manage Google Cloud Logging destinations for an entire instance.

20
doc/administration/audit_events.md
View File

@ -4,7 +4,11 @@ group: Compliance
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Audit events **(PREMIUM ALL)**
# Audit events
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** SaaS, self-managed
A security audit is a in-depth analysis and review of your infrastructure, which is used to display
areas of concern and potentially hazardous practices. To assist with the audit process, GitLab provides
@ -50,7 +54,11 @@ Group audit events can also be accessed using the [Group Audit Events API](../ap
Project audit events can also be accessed using the [Project Audit Events API](../api/audit_events.md#project-audit-events). Project audit event queries are limited to a maximum of 30 days.
### Instance audit events **(PREMIUM SELF)**
### Instance audit events
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
You can view audit events from user actions across an entire GitLab instance.
To view instance audit events:
@ -69,7 +77,11 @@ exist for this action. The
[`group_saml_provider_create` and `group_saml_provider_update` audit event types](audit_event_streaming/audit_event_types.md#compliance-management)
generate audit events for group-level configuration of SAML.
### Sign-in audit events **(FREE ALL)**
### Sign-in audit events
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** SaaS, self-managed
Successful sign-in events are the only audit events available at all tiers. To see successful sign-in events:
@ -137,7 +149,7 @@ When a user is [impersonated](../administration/admin_area.md#user-impersonation
## Time zones
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/242014) in GitLab 15.7, GitLab UI shows dates and times in the user's local time zone instead of UTC.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/242014) in GitLab 15.7, GitLab UI shows dates and times in the user's local time zone instead of UTC.
The time zone used for audit events depends on where you view them:

6
doc/administration/audit_reports.md
View File

@ -5,7 +5,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
description: 'Learn how to create evidence artifacts typically requested by a 3rd party auditor.'
---
# Audit reports **(FREE ALL)**
# Audit reports
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** SaaS, self-managed
GitLab can help owners and administrators respond to auditors by generating
comprehensive reports. These audit reports vary in scope, depending on the

8
doc/administration/auditor_users.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Auditor users **(PREMIUM SELF)**
# Auditor users
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
Users with auditor access have read-only access to all groups, projects, and other resources except:
@ -62,6 +66,6 @@ If you are signed in with auditor access, you:
## Maintain auditor users using API
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/366404) in GitLab 15.3.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/366404) in GitLab 15.3.
Administrators can use the GitLab API to [create](../api/users.md#user-creation) and [modify](../api/users.md#user-modification) auditor users.

6
doc/administration/auth/atlassian.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use Atlassian as an OAuth 2.0 authentication provider **(FREE SELF)**
# Use Atlassian as an OAuth 2.0 authentication provider
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
To enable the Atlassian OmniAuth provider for passwordless authentication you must register an application with Atlassian.

6
doc/administration/auth/cognito.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use AWS Cognito as an OAuth 2.0 authentication provider **(FREE SELF)**
# Use AWS Cognito as an OAuth 2.0 authentication provider
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
Amazon Web Services (AWS) Cognito lets you add user sign-up, sign-in, and access control to your GitLab instance.
The following documentation enables AWS Cognito as an OAuth 2.0 provider.

6
doc/administration/auth/crowd.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use Atlassian Crowd as an authentication provider (deprecated) **(FREE SELF)**
# Use Atlassian Crowd as an authentication provider (deprecated)
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
WARNING:
This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/369117) in GitLab 15.3 and is planned for

10
doc/administration/auth/index.md
View File

@ -5,7 +5,11 @@ description: Third-party authentication providers.
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# GitLab authentication and authorization **(FREE SELF)**
# GitLab authentication and authorization
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
GitLab integrates with a number of [OmniAuth providers](../../integration/omniauth.md#supported-providers),
and the following external authentication and authorization providers:
@ -13,8 +17,8 @@ and the following external authentication and authorization providers:
- [LDAP](ldap/index.md): Includes Active Directory, Apple Open Directory, Open LDAP,
and 389 Server.
- [Google Secure LDAP](ldap/google_secure_ldap.md)
- [SAML for GitLab.com groups](../../user/group/saml_sso/index.md) **(PREMIUM SAAS)**
- [Smartcard](smartcard.md) **(PREMIUM SELF)**
- [SAML for GitLab.com groups](../../user/group/saml_sso/index.md)
- [Smartcard](smartcard.md)
NOTE:
UltraAuth has removed their software which supports OmniAuth integration. We have therefore removed all references to UltraAuth integration.

6
doc/administration/auth/jwt.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use JWT as an authentication provider **(FREE SELF)**
# Use JWT as an authentication provider
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
To enable the JWT OmniAuth provider, you must register your application with JWT.
JWT provides you with a secret key for you to use.

8
doc/administration/auth/ldap/google_secure_ldap.md
View File

@ -4,9 +4,13 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Google Secure LDAP **(FREE SELF)**
# Google Secure LDAP
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/46391) in GitLab 11.9.
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/46391) in GitLab 11.9.
[Google Cloud Identity](https://cloud.google.com/identity/) provides a Secure
LDAP service that can be configured with GitLab for authentication and group sync.

20
doc/administration/auth/ldap/index.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Integrate LDAP with GitLab **(FREE SELF)**
# Integrate LDAP with GitLab
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
GitLab integrates with [LDAP - Lightweight Directory Access Protocol](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol)
to support user authentication.
@ -441,7 +445,11 @@ You must define the following attributes in an `attributes` hash.
| `first_name` | LDAP attribute for user first name. Used when the attribute configured for `name` does not exist. | **{dotted-circle}** No | `'givenName'` |
| `last_name` | LDAP attribute for user last name. Used when the attribute configured for `name` does not exist. | **{dotted-circle}** No | `'sn'` |
### LDAP sync configuration settings **(PREMIUM SELF)**
### LDAP sync configuration settings
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
These LDAP sync configuration settings are available:
@ -452,7 +460,11 @@ These LDAP sync configuration settings are available:
| `external_groups` | An array of CNs of groups containing users that should be considered external. Not `cn=interns` or the full DN. | **{dotted-circle}** No | `['interns', 'contractors']` |
| `sync_ssh_keys` | The LDAP attribute containing a user's public SSH key. | **{dotted-circle}** No | `'sshPublicKey'` or false if not set |
### Use multiple LDAP servers **(PREMIUM SELF)**
### Use multiple LDAP servers
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
If you have users on multiple LDAP servers, you can configure GitLab to use them. To add additional LDAP servers:
@ -1197,7 +1209,7 @@ You can find more details on the expected behavior of user updates in our [LDAP
## Google Secure LDAP
> Introduced in GitLab 11.9.
> - Introduced in GitLab 11.9.
[Google Cloud Identity](https://cloud.google.com/identity/) provides a Secure
LDAP service that can be configured with GitLab for authentication and group sync.

32
doc/administration/auth/ldap/ldap-troubleshooting.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Troubleshooting LDAP **(FREE SELF)**
# Troubleshooting LDAP
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
If you are an administrator, use the following information to troubleshoot LDAP.
@ -53,7 +57,11 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
admin_group: 'my_admin_group'
```
#### Query LDAP **(PREMIUM SELF)**
#### Query LDAP
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
The following allows you to perform a search in LDAP using the rails console.
Depending on what you're trying to do, it may make more sense to query [a user](#query-a-user-in-ldap)
@ -248,7 +256,11 @@ ldapsearch -H ldaps://$host:$port -D "$bind_dn" -y bind_dn_password.txt -b "$ba
port.
- We are assuming the password for the `bind_dn` user is in `bind_dn_password.txt`.
#### Sync all users **(PREMIUM SELF)**
#### Sync all users
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
The output from a manual [user sync](ldap_synchronization.md#user-sync) can show you what happens when
GitLab tries to sync its users against LDAP. Enter the [rails console](#rails-console)
@ -262,7 +274,11 @@ LdapSyncWorker.new.perform
Next, [learn how to read the output](#example-console-output-after-a-user-sync).
##### Example console output after a user sync **(PREMIUM SELF)**
##### Example console output after a user sync
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
The output from a [manual user sync](#sync-all-users) is very verbose, and a
single user's successful sync can look like this:
@ -353,7 +369,11 @@ adapter = Gitlab::Auth::Ldap::Adapter.new('ldapmain') # If `main` is the LDAP pr
Gitlab::Auth::Ldap::Person.find_by_uid('<uid>', adapter)
```
### Group memberships **(PREMIUM SELF)**
### Group memberships
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
#### Memberships not granted
@ -660,7 +680,7 @@ emails.each do |username, email|
end
```
You can then [run a UserSync](#sync-all-users) **(PREMIUM SELF)** to sync the latest DN
You can then [run a UserSync](#sync-all-users) to sync the latest DN
for each of these users.
## Could not authenticate from AzureActivedirectoryV2 because "Invalid grant"

8
doc/administration/auth/ldap/ldap_synchronization.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# LDAP synchronization **(PREMIUM SELF)**
# LDAP synchronization
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
If you have [configured LDAP to work with GitLab](index.md), GitLab can automatically synchronize
users and groups.
@ -485,7 +489,7 @@ group, GitLab revokes their `admin` role when syncing.
### Global group memberships lock
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/4354) in GitLab 12.0.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/4354) in GitLab 12.0.
GitLab administrators can prevent group members from inviting new members to subgroups that have their membership synchronized with LDAP.

22
doc/administration/auth/oidc.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use OpenID Connect as an authentication provider **(FREE SELF)**
# Use OpenID Connect as an authentication provider
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
You can use GitLab as a client application with [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html)
as an OmniAuth provider.
@ -459,7 +463,7 @@ gitlab_rails['omniauth_providers'] = [
#### Configure Keycloak with a symmetric key algorithm
> Introduced in GitLab 14.2.
> - Introduced in GitLab 14.2.
WARNING:
The following instructions are included for completeness, but only use symmetric key
@ -749,9 +753,13 @@ def sync_missing_provider(self, user: User, extern_uid: str)
For more information, see the [GitLab API user method documentation](https://python-gitlab.readthedocs.io/en/stable/gl_objects/users.html#examples).
## Configure users based on OIDC group membership **(PREMIUM ALL)**
## Configure users based on OIDC group membership
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209898) in GitLab 15.10.
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** SaaS, self-managed
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209898) in GitLab 15.10.
You can configure OIDC group membership to:
@ -928,7 +936,11 @@ based on group membership, configure GitLab to identify:
::EndTabs
### Auditor groups **(PREMIUM SELF)**
### Auditor groups
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
Your IdP must pass group information to GitLab in the OIDC response. To use this
response to assign users as auditors based on group membership, configure GitLab to identify:

14
doc/administration/auth/smartcard.md
View File

@ -4,13 +4,17 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Smartcard authentication **(PREMIUM SELF)**
# Smartcard authentication
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
GitLab supports authentication using smartcards.
## Existing password authentication
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/33669) in GitLab 12.6.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/33669) in GitLab 12.6.
By default, existing users can continue to sign in with a username and password when smartcard
authentication is enabled.
@ -27,7 +31,7 @@ GitLab supports two authentication methods:
### Authentication against a local database with X.509 certificates
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/726) in GitLab 11.6 as an experimental feature.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/726) in GitLab 11.6 as an experimental feature.
WARNING:
Smartcard authentication against local databases may change or be removed completely in future
@ -54,7 +58,7 @@ Certificate:
### Authentication against a local database with X.509 certificates and SAN extension
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/8605) in GitLab 12.3.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/8605) in GitLab 12.3.
Smartcards with X.509 certificates using SAN extensions can be used to authenticate
with GitLab.
@ -97,7 +101,7 @@ Certificate:
### Authentication against an LDAP server
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7693) in GitLab 11.8 as an experimental feature. Smartcard authentication against an LDAP server may change or be removed completely in the future.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7693) in GitLab 11.8 as an experimental feature. Smartcard authentication against an LDAP server may change or be removed completely in the future.
GitLab implements a standard way of certificate matching following
[RFC4523](https://www.rfc-editor.org/rfc/rfc4523). It uses the

6
doc/administration/auth/test_oidc_oauth.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Test OIDC/OAuth in GitLab **(FREE SELF)**
# Test OIDC/OAuth in GitLab
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
To test OIDC/OAuth in GitLab, you must:

12
doc/administration/backup_restore/backup_gitlab.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Back up GitLab **(FREE SELF)**
# Back up GitLab
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
The exact procedure for backing up GitLab depends on many factors. Your particular deployment's usage and configuration determine what kind of data exists, where it is located, and how much there is. These factors influence your options for how to perform a back up, how to store it, and how to restore it.
@ -649,7 +653,7 @@ sudo gitlab-backup create INCREMENTAL=yes SKIP=tar
#### Back up specific repository storages
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/86896) in GitLab 15.0.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/86896) in GitLab 15.0.
When using [multiple repository storages](../repository_storage_paths.md),
repositories from specific repository storages can be backed up separately
@ -743,7 +747,7 @@ For Linux package (Omnibus):
##### S3 Encrypted Buckets
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64765) in GitLab 14.3.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64765) in GitLab 14.3.
AWS supports these [modes for server side encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html):
@ -985,7 +989,7 @@ For self-compiled installations:
##### Using Azure Blob storage
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25877) in GitLab 13.4.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25877) in GitLab 13.4.
::Tabs

6
doc/administration/backup_restore/backup_large_reference_architectures.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Back up and restore large reference architectures **(FREE SELF)**
# Back up and restore large reference architectures
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
This document describes how to:

6
doc/administration/backup_restore/index.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Back up and restore GitLab **(FREE SELF)**
# Back up and restore GitLab
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
Your software or organization depends on the data in your GitLab instance. You need to ensure this data is protected from adverse events such as:

12
doc/administration/backup_restore/restore_gitlab.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Restore GitLab **(FREE SELF)**
# Restore GitLab
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
GitLab provides a command-line interface to restore your entire installation,
and is flexible enough to fit your needs.
@ -330,7 +334,7 @@ The `force=yes` environment variable also disables these prompts.
### Excluding tasks on restore
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/19347) in GitLab 14.10.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/19347) in GitLab 14.10.
You can exclude specific tasks on restore by adding the environment variable `SKIP`, whose values are a comma-separated list of the following options:
@ -361,7 +365,7 @@ To exclude specific tasks:
### Restore specific repository storages
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/86896) in GitLab 15.0.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/86896) in GitLab 15.0.
When using [multiple repository storages](../repository_storage_paths.md),
repositories from specific repository storages can be restored separately
@ -384,7 +388,7 @@ For example:
### Restore specific repositories
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/88094) in GitLab 15.1.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/88094) in GitLab 15.1.
You can restore specific repositories using the `REPOSITORIES_PATHS` and the `SKIP_REPOSITORIES_PATHS` options.
Both options accept a comma-separated list of project and group paths. If you

6
doc/administration/broadcast_messages.md
View File

@ -4,7 +4,11 @@ group: Acquisition
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Broadcast messages **(FREE SELF)**
# Broadcast messages
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
> - Target roles [introduced](https://gitlab.com/gitlab-org/growth/team-tasks/-/issues/461) in GitLab 14.8 [with a flag](../administration/feature_flags.md) named `role_targeted_broadcast_messages`. Disabled by default.
> - Theme [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/83251) and background color removed in GitLab 14.10.

12
doc/administration/cicd.md
View File

@ -4,7 +4,11 @@ group: Pipeline Execution
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# GitLab CI/CD instance configuration **(FREE SELF)**
# GitLab CI/CD instance configuration
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
GitLab administrators can manage the GitLab CI/CD configuration for their instance.
@ -57,7 +61,11 @@ For Linux package installations:
sudo gitlab-ctl reconfigure
```
## Set the `needs` job limit **(FREE SELF)**
## Set the `needs` job limit
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
The maximum number of jobs that can be defined in `needs` defaults to 50.

6
doc/administration/clusters/kas.md
View File

@ -4,7 +4,11 @@ group: Environments
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Install the GitLab agent server for Kubernetes (KAS) **(FREE SELF)**
# Install the GitLab agent server for Kubernetes (KAS)
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3834) in GitLab 13.10, the GitLab agent server (KAS) became available on GitLab.com at `wss://kas.gitlab.com`.
> - [Moved](https://gitlab.com/groups/gitlab-org/-/epics/6290) from GitLab Premium to GitLab Free in 14.5.

6
doc/administration/compliance.md
View File

@ -4,7 +4,11 @@ group: Compliance
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Compliance features **(FREE SELF)**
# Compliance features
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
GitLab compliance features ensure your GitLab instance meets common compliance standards, and are available at various pricing tiers. For more information about compliance management, see the compliance
management [solutions page](https://about.gitlab.com/solutions/compliance/).

6
doc/administration/configure.md
View File

@ -5,7 +5,11 @@ description: Installation settings.
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Configure your GitLab installation **(FREE SELF)**
# Configure your GitLab installation
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
Customize and configure your self-managed GitLab installation.

6
doc/administration/consul.md
View File

@ -4,7 +4,11 @@ group: Distribution
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# How to set up Consul **(PREMIUM SELF)**
# How to set up Consul
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
A Consul cluster consists of both
[server and client agents](https://developer.hashicorp.com/consul/docs/agent).

12
doc/administration/credentials_inventory.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Credentials inventory **(ULTIMATE SELF)**
# Credentials inventory
DETAILS:
**Tier:** Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20912) in GitLab 12.6.
> - [Bot-created access tokens not displayed in personal access token list](https://gitlab.com/gitlab-org/gitlab/-/issues/351759) in GitLab 14.9.
@ -32,7 +36,7 @@ You can also [revoke](#revoke-a-users-personal-access-token), [delete](#delete-a
## Revoke a user's personal access token
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214811) in GitLab 13.4.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214811) in GitLab 13.4.
You can revoke a user's personal access token.
@ -54,7 +58,7 @@ When a PAT is revoked from the credentials inventory, the instance notifies the
## Revoke a user's project access token
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/243833) in GitLab 14.8.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/243833) in GitLab 14.8.
1. On the left sidebar, at the bottom, select **Admin Area**.
1. Select **Credentials**.
@ -67,7 +71,7 @@ The project access token is revoked and a background worker is queued to delete
## Delete a user's SSH key
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/225248) in GitLab 13.5.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/225248) in GitLab 13.5.
1. On the left sidebar, at the bottom, select **Admin Area**.
1. Select **Credentials**.

6
doc/administration/custom_project_templates.md
View File

@ -4,7 +4,11 @@ group: Source Code
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Custom instance-level project templates **(PREMIUM SELF)**
# Custom instance-level project templates
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
As an administrator, you can configure a group that contains projects available for
use as the source of project templates on your instance. You can then

5
doc/administration/dedicated/index.md
View File

@ -5,7 +5,10 @@ description: IP allowlists, SAML, maintenance.
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Configure GitLab Dedicated **(ULTIMATE)**
# Configure GitLab Dedicated
DETAILS:
**Offering:** Dedicated
GitLab Dedicated is a single-tenant SaaS solution, fully managed and hosted by GitLab. For more information about this offering, see the [subscription page](../../subscriptions/gitlab_dedicated/index.md).

6
doc/administration/diff_limits.md
View File

@ -4,7 +4,11 @@ group: Source Code
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Diff limits administration **(FREE SELF)**
# Diff limits administration
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
You can set a maximum size for display of diff files (patches).

6
doc/administration/docs_self_host.md
View File

@ -4,7 +4,11 @@ group: Distribution
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Host the GitLab product documentation **(FREE SELF)**
# Host the GitLab product documentation
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
If you are not able to access the GitLab product documentation at `docs.gitlab.com`,
you can host the documentation yourself instead.

6
doc/administration/email_from_gitlab.md
View File

@ -4,7 +4,11 @@ group: unassigned
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Email from GitLab **(PREMIUM SELF)**
# Email from GitLab
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
Administrators can email all users, or users of a chosen group or project.
Users receive the email at their primary email address.

8
doc/administration/encrypted_configuration.md
View File

@ -4,9 +4,13 @@ group: Distribution
info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments"
---
# Encrypted Configuration **(FREE SELF)**
# Encrypted Configuration
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45712) in GitLab 13.7.
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45712) in GitLab 13.7.
GitLab can read settings for certain features from encrypted settings files. The supported features are:

6
doc/administration/environment_variables.md
View File

@ -4,7 +4,11 @@ group: Distribution
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Environment variables **(FREE SELF)**
# Environment variables
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
GitLab exposes certain environment variables which can be used to override
their defaults values.

6
doc/administration/external_pipeline_validation.md
View File

@ -4,7 +4,11 @@ group: Pipeline Execution
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# External pipeline validation **(FREE SELF)**
# External pipeline validation
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
You can use an external service to validate a pipeline before it's created.

6
doc/administration/external_users.md
View File

@ -4,7 +4,11 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# External users **(FREE SELF)**
# External users
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
In cases where it is desired that a user has access only to some internal or
private projects, there is the option of creating **External Users**. This

6
doc/administration/feature_flags.md
View File

@ -5,7 +5,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
description: "GitLab administrator: enable and disable GitLab features deployed behind feature flags"
---
# Enable and disable GitLab features deployed behind feature flags **(FREE SELF)**
# Enable and disable GitLab features deployed behind feature flags
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
GitLab adopted [feature flags strategies](../development/feature_flags/index.md)
to deploy features in an early stage of development so that they can be

6
doc/administration/file_hooks.md
View File

@ -4,7 +4,11 @@ group: Import and Integrate
info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments"
---
# File hooks **(FREE SELF)**
# File hooks
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
Use custom file hooks (not to be confused with [server hooks](server_hooks.md) or [system hooks](system_hooks.md)),
to introduce custom integrations without modifying the GitLab source code.

6
doc/administration/geo/disaster_recovery/background_verification.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Automatic background verification **(PREMIUM SELF)**
# Automatic background verification
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
Automatic background verification ensures that the transferred data matches a
calculated checksum. If the checksum of the data on the **primary** site matches checksum of the

8
doc/administration/geo/disaster_recovery/bring_primary_back.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Bring a demoted primary site back online **(PREMIUM SELF)**
# Bring a demoted primary site back online
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
After a failover, it is possible to fail back to the demoted **primary** site to
restore your original configuration. This process consists of two steps:
@ -95,7 +99,7 @@ This behavior is useful when:
### Skipping re-transfer of blobs or files
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352530) in GitLab 16.8 [with a flag](../../feature_flags.md) named `geo_skip_download_if_exists`. Disabled by default.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352530) in GitLab 16.8 [with a flag](../../feature_flags.md) named `geo_skip_download_if_exists`. Disabled by default.
FLAG:
On self-managed GitLab, by default this feature is not available. To make it available, an administrator can [enable the feature flag](../../feature_flags.md) named `geo_skip_download_if_exists`.

6
doc/administration/geo/disaster_recovery/index.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Disaster Recovery (Geo) **(PREMIUM SELF)**
# Disaster Recovery (Geo)
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
Geo replicates your database, your Git repositories, and few other assets,
but there are some [limitations](../index.md#limitations).

6
doc/administration/geo/disaster_recovery/planned_failover.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Disaster recovery for planned failover **(PREMIUM SELF)**
# Disaster recovery for planned failover
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
The primary use-case of Disaster Recovery is to ensure business continuity in
the event of unplanned outage, but it can be used in conjunction with a planned

6
doc/administration/geo/disaster_recovery/runbooks/planned_failover_multi_node.md
View File

@ -8,7 +8,11 @@ WARNING:
This runbook is an [Experiment](../../../../policy/experiment-beta-support.md#experiment). For complete, production-ready documentation, see the
[disaster recovery documentation](../index.md).
# Disaster Recovery (Geo) promotion runbooks **(PREMIUM SELF)**
# Disaster Recovery (Geo) promotion runbooks
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
## Geo planned failover for a multi-node configuration

6
doc/administration/geo/disaster_recovery/runbooks/planned_failover_single_node.md
View File

@ -8,7 +8,11 @@ WARNING:
This runbook is an [Experiment](../../../../policy/experiment-beta-support.md#experiment). For complete, production-ready documentation, see the
[disaster recovery documentation](../index.md).
# Disaster Recovery (Geo) promotion runbooks **(PREMIUM SELF)**
# Disaster Recovery (Geo) promotion runbooks
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
## Geo planned failover for a single-node configuration

6
doc/administration/geo/glossary.md
View File

@ -5,7 +5,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
---
# Geo Glossary **(PREMIUM SELF)**
# Geo Glossary
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
NOTE:
We are updating the Geo documentation, user interface and commands to reflect these changes. Not all pages comply with

8
doc/administration/geo/index.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo **(PREMIUM SELF)**
# Geo
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
Geo is the solution for widely distributed development teams and for providing
a warm-standby as part of a disaster recovery strategy.
@ -230,7 +234,7 @@ For information on how to update your Geo sites to the latest GitLab version, se
### Pausing and resuming replication
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35913) in GitLab 13.2.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35913) in GitLab 13.2.
WARNING:
In GitLab 13.2 and 13.3, promoting a secondary site to a primary while the

8
doc/administration/geo/replication/configuration.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo configuration **(PREMIUM SELF)**
# Geo configuration
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
## Configuring a new **secondary** site
@ -401,7 +405,7 @@ Selective synchronization:
### Git operations on unreplicated repositories
> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2562) in GitLab 12.10 for HTTP(S) and in GitLab 13.0 for SSH.
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2562) in GitLab 12.10 for HTTP(S) and in GitLab 13.0 for SSH.
Git clone, pull, and push operations over HTTP(S) and SSH are supported for repositories that
exist on the **primary** site but not on **secondary** sites. This situation can occur

6
doc/administration/geo/replication/container_registry.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Container registry for a secondary site **(PREMIUM SELF)**
# Container registry for a secondary site
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
You can set up a container registry on your **secondary** Geo site that mirrors the one on the **primary** Geo site.

10
doc/administration/geo/replication/datatypes.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Supported Geo data types **(PREMIUM SELF)**
# Supported Geo data types
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
A Geo data type is a specific class of data that is required by one or more GitLab features to
store relevant information.
@ -160,7 +164,7 @@ The replication for some data types is behind a corresponding feature flag:
> - They're enabled on GitLab.com.
> - They can't be enabled or disabled per-project.
> - They are recommended for production use.
> - For GitLab self-managed instances, GitLab administrators can opt to [disable them](#enable-or-disable-replication-for-some-data-types). **(FREE SELF)**
> - For GitLab self-managed instances, GitLab administrators can opt to [disable them](#enable-or-disable-replication-for-some-data-types).
#### Enable or disable replication (for some data types)
@ -208,7 +212,7 @@ successfully, you must replicate their data using some other means.
|[Versioned snippets](../../../user/snippets.md#versioned-snippets) | [**Yes** (13.7)](https://gitlab.com/groups/gitlab-org/-/epics/2809) | [**Yes** (14.2)](https://gitlab.com/groups/gitlab-org/-/epics/2810) | Not applicable | Not applicable | Verification was implemented behind the feature flag `geo_snippet_repository_verification` in 13.11, and the feature flag was removed in 14.2. |
|[GitLab Pages](../../pages/index.md) | [**Yes** (14.3)](https://gitlab.com/groups/gitlab-org/-/epics/589) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)](object_storage.md) | Behind feature flag `geo_pages_deployment_replication`, enabled by default. Verification was behind the feature flag `geo_pages_deployment_verification`, removed in 14.7. |
|[Project-level Secure files](../../../ci/secure_files/index.md) | **Yes** (15.3) | **Yes** (15.3) | **Yes** (15.3) | [**Yes** (16.4)](object_storage.md) | |
| [Incident Metric Images](../../../operations/incident_management/incidents.md#metrics) | **Yes** (15.5) | **Yes**(15.5) | **Yes** (15.5) | [**Yes** (16.4)](object_storage.md) | Replication/Verification is handled via the Uploads data type. | |
| [Incident Metric Images](../../../operations/incident_management/incidents.md#metrics) | **Yes** (15.5) | **Yes** (15.5) | **Yes** (15.5) | [**Yes** (16.4)](object_storage.md) | Replication/Verification is handled via the Uploads data type. | |
|[Alert Metric Images](../../../operations/incident_management/alerts.md#metrics-tab) | **Yes** (15.5) | **Yes** (15.5) | **Yes** (15.5) | [**Yes** (16.4)](object_storage.md) | Replication/Verification is handled via the Uploads data type. |
|[Server-side Git hooks](../../server_hooks.md) | [Not planned](https://gitlab.com/groups/gitlab-org/-/epics/1867) | No | Not applicable | Not applicable | Not planned because of current implementation complexity, low customer interest, and availability of alternatives to hooks. |
|[Elasticsearch integration](../../../integration/advanced_search/elasticsearch.md) | [Not planned](https://gitlab.com/gitlab-org/gitlab/-/issues/1186) | No | No | No | Not planned because further product discovery is required and Elasticsearch (ES) clusters can be rebuilt. Secondaries use the same ES cluster as the primary. |

6
doc/administration/geo/replication/disable_geo.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Disabling Geo **(PREMIUM SELF)**
# Disabling Geo
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
If you want to revert to a regular Linux package installation setup after a test, or you have encountered a Disaster Recovery
situation and you want to disable Geo momentarily, you can use these instructions to disable your

6
doc/administration/geo/replication/faq.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo Frequently Asked Questions **(PREMIUM SELF)**
# Geo Frequently Asked Questions
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
## What are the minimum requirements to run Geo?

6
doc/administration/geo/replication/geo_validation_tests.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo validation tests **(PREMIUM SELF)**
# Geo validation tests
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
The Geo team performs manual testing and validation on common deployment configurations to ensure
that Geo works when upgrading between minor GitLab versions and major PostgreSQL database versions.

6
doc/administration/geo/replication/location_aware_git_url.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Location-aware Git remote URL with AWS Route53 **(PREMIUM SELF)**
# Location-aware Git remote URL with AWS Route53
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
NOTE:
Since GitLab 14.6,

6
doc/administration/geo/replication/multiple_servers.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo for multiple nodes **(PREMIUM SELF)**
# Geo for multiple nodes
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
This document describes a minimal reference architecture for running Geo
in a multi-node configuration. If your multi-node setup differs from the one

6
doc/administration/geo/replication/object_storage.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo with Object storage **(PREMIUM SELF)**
# Geo with Object storage
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
> Verification of files stored in object storage was [introduced](https://gitlab.com/groups/gitlab-org/-/epics/8056) in GitLab 16.4 [with a flag](../../feature_flags.md) named `geo_object_storage_verification`. Enabled by default.

6
doc/administration/geo/replication/remove_geo_site.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Removing secondary Geo sites **(PREMIUM SELF)**
# Removing secondary Geo sites
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
**Secondary** sites can be removed from the Geo cluster using the Geo administration page of the **primary** site. To remove a **secondary** site:

6
doc/administration/geo/replication/security_review.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo security review (Q&A) **(PREMIUM SELF)**
# Geo security review (Q&A)
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
The following security review of the Geo feature set focuses on security aspects of
the feature as they apply to customers running their own GitLab instances. The review

6
doc/administration/geo/replication/single_sign_on.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo with Single Sign On (SSO) **(PREMIUM SELF)**
# Geo with Single Sign On (SSO)
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
This documentation only discusses Geo-specific SSO considerations and configuration. For more information on general authentication, see [GitLab authentication and authorization](../../auth/index.md).

6
doc/administration/geo/replication/troubleshooting.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Troubleshooting Geo **(PREMIUM SELF)**
# Troubleshooting Geo
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
Setting up Geo requires careful attention to details, and sometimes it's easy to
miss a step.

6
doc/administration/geo/replication/tuning.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Tuning Geo **(PREMIUM SELF)**
# Tuning Geo
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
You can limit the number of concurrent operations the sites can run
in the background.

6
doc/administration/geo/replication/upgrading_the_geo_sites.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Upgrading the Geo sites **(PREMIUM SELF)**
# Upgrading the Geo sites
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
WARNING:
Read these sections carefully before updating your Geo sites. Not following

6
doc/administration/geo/replication/usage.md
View File

@ -6,7 +6,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
<!-- Please update EE::GitLab::GeoGitAccess::GEO_SERVER_DOCS_URL if this file is moved) -->
# Using a Geo Site **(PREMIUM SELF)**
# Using a Geo Site
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
After you set up the [database replication and configure the Geo nodes](../index.md#setup-instructions), use your closest GitLab site as you would do with the primary one.

6
doc/administration/geo/secondary_proxy/index.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo proxying for secondary sites **(PREMIUM SELF)**
# Geo proxying for secondary sites
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5914) in GitLab 14.4 [with a flag](../../feature_flags.md) named `geo_secondary_proxy`. Disabled by default.
> - [Enabled by default for unified URLs](https://gitlab.com/gitlab-org/gitlab/-/issues/325732) in GitLab 14.6.

6
doc/administration/geo/secondary_proxy/location_aware_external_url.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Location-aware public URL **(PREMIUM SELF)**
# Location-aware public URL
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
With [Geo proxying for secondary sites](index.md), you can provide GitLab users
with a single URL that automatically uses the Geo site closest to them.

9
doc/administration/geo/secondary_proxy/runners.md
View File

@ -4,9 +4,14 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Secondary runners **(PREMIUM SELF EXPERIMENT)**
# Secondary runners
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/415179) in GitLab 16.7 [with a flag](../../feature_flags.md) named `geo_proxy_check_pipeline_refs`. Disabled by default.
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
**Status:** Experiment
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/415179) in GitLab 16.7 [with a flag](../../feature_flags.md) named `geo_proxy_check_pipeline_refs`. Disabled by default.
FLAG:
On self-managed GitLab, by default this feature is not available.

6
doc/administration/geo/setup/database.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo database replication **(PREMIUM SELF)**
# Geo database replication
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
This document describes the minimal required steps to replicate your primary
GitLab database to a secondary site's database. You may have to change some

6
doc/administration/geo/setup/external_database.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo with external PostgreSQL instances **(PREMIUM SELF)**
# Geo with external PostgreSQL instances
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
This document is relevant if you are using a PostgreSQL instance that is not
managed by the Linux package. This includes

6
doc/administration/geo/setup/index.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Setting up Geo **(PREMIUM SELF)**
# Setting up Geo
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
## Prerequisites

6
doc/administration/geo/setup/two_single_node_external_services.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Set up Geo for two single-node sites (with external PostgreSQL services) **(PREMIUM SELF)**
# Set up Geo for two single-node sites (with external PostgreSQL services)
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
The following guide provides concise instructions on how to deploy GitLab Geo for a two single-node site installation using two Linux package instances and external PostgreSQL databases like RDS, Azure Database, or Google Cloud SQL.

6
doc/administration/geo/setup/two_single_node_sites.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Set up Geo for two single-node sites **(PREMIUM SELF)**
# Set up Geo for two single-node sites
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
The following guide provides concise instructions on how to deploy GitLab Geo for a two single-node site installation using two Linux package instances with no external services set up.

6
doc/administration/geo_sites.md
View File

@ -4,7 +4,11 @@ group: Geo
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Geo sites Admin Area **(PREMIUM SELF)**
# Geo sites Admin Area
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
You can configure various settings for GitLab Geo sites. For more information, see
[Geo documentation](../administration/geo/index.md).

12
doc/administration/get_started.md
View File

@ -5,7 +5,11 @@ description: Administration overview.
info: For assistance with this tutorial, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments-to-other-projects-and-subjects.
---
# Get started administering GitLab **(FREE SELF)**
# Get started administering GitLab
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
Get started with GitLab administration. Configure your organization and its authentication, then secure, monitor,
and back up GitLab.
@ -181,7 +185,11 @@ The EC2 instance meets the requirements for an application data backup by taking
In general, if you're running GitLab on a virtualized server, you can create VM snapshots of the entire GitLab server.
It is common for a VM snapshot to require you to power down the server.
#### Option 2: GitLab Geo **(PREMIUM SELF)**
#### Option 2: GitLab Geo
DETAILS:
**Tier:** Premium, Ultimate
**Offering:** Self-managed
Geo provides local, read-only instances of your GitLab instances.

6
doc/administration/git_protocol.md
View File

@ -5,7 +5,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
description: "Set and configure Git protocol v2"
---
# Configuring Git Protocol v2 **(FREE SELF)**
# Configuring Git Protocol v2
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
> [Re-enabled](https://gitlab.com/gitlab-org/gitlab/-/issues/27828) in GitLab 12.8.

2
doc/administration/gitaly/concurrency_limiting.md
View File

@ -125,7 +125,7 @@ You can observe the behavior of this queue using Gitaly logs and Prometheus. For
## Adaptive concurrency limiting
> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/10734) in GitLab 16.6.
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/10734) in GitLab 16.6.
Gitaly supports two concurrency limits:

16
doc/administration/gitaly/configure_gitaly.md
View File

@ -4,7 +4,11 @@ group: Gitaly
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Configure Gitaly **(FREE SELF)**
# Configure Gitaly
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
Configure Gitaly in one of two ways:
@ -878,7 +882,11 @@ result as you did at the start. For example:
`enforced="true"` means that authentication is being enforced.
## Pack-objects cache **(FREE SELF)**
## Pack-objects cache
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
[Gitaly](index.md), the service that provides storage for Git
repositories, can be configured to cache a short rolling window of Git
@ -1008,7 +1016,7 @@ the deleted file have closed it.
#### Minimum key occurrences `min_occurrences`
> [Introduced](https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/2222) in GitLab 15.11.
> - [Introduced](https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/2222) in GitLab 15.11.
The `min_occurrences` setting controls how often an identical request
must occur before we create a new cache entry. The default value is `1`,
@ -1356,7 +1364,7 @@ Configure Gitaly to sign commits made with the GitLab UI in one of two ways:
## Generate configuration using an external command
> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/4828) in GitLab 15.11.
> - [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/4828) in GitLab 15.11.
You can generate parts of the Gitaly configuration using an external command. You might do this:

8
doc/administration/gitaly/index.md
View File

@ -4,7 +4,11 @@ group: Gitaly
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Gitaly and Gitaly Cluster **(FREE SELF)**
# Gitaly and Gitaly Cluster
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
[Gitaly](https://gitlab.com/gitlab-org/gitaly) provides high-level RPC access to Git repositories.
It is used by GitLab to read and write Git data.
@ -490,7 +494,7 @@ You can [monitor distribution of reads](monitoring.md#monitor-gitaly-cluster) us
#### Strong consistency
> In GitLab 14.0, strong consistency is the primary replication method.
> - In GitLab 14.0, strong consistency is the primary replication method.
Gitaly Cluster provides strong consistency by writing changes synchronously to all healthy, up-to-date replicas. If a
replica is outdated or unhealthy at the time of the transaction, the write is asynchronously replicated to it.

6
doc/administration/gitaly/monitoring.md
View File

@ -92,7 +92,7 @@ In Prometheus, look for the following metrics:
## Monitor Gitaly adaptive concurrency limiting
> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/10734) in GitLab 16.6.
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/10734) in GitLab 16.6.
You can observe specific behavior of [adaptive concurrency limiting](concurrency_limiting.md#adaptive-concurrency-limiting) using Gitaly logs and Prometheus.
@ -178,7 +178,7 @@ gitaly_streamcache_index_entries{dir="/var/opt/gitlab/git-data/repositories/+git
## Monitor Gitaly server-side backups
> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/5358) in GitLab 16.7.
> - [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/5358) in GitLab 16.7.
Monitor [server-side repository backups](configure_gitaly.md#configure-server-side-backups) with the following metrics:
@ -288,7 +288,7 @@ You can also monitor the [Praefect logs](../logs/index.md#praefect-logs).
### Database metrics `/db_metrics` endpoint
> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/3286) in GitLab 14.5.
> - [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/3286) in GitLab 14.5.
The following metrics are available from the `/db_metrics` endpoint:

12
doc/administration/gitaly/praefect.md
View File

@ -4,7 +4,11 @@ group: Gitaly
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Configure Gitaly Cluster **(FREE SELF)**
# Configure Gitaly Cluster
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
Configure Gitaly Cluster using either:
@ -491,7 +495,7 @@ praefect['configuration'] = {
### Praefect
> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/2634) in GitLab 13.4, Praefect nodes can no longer be designated as `primary`.
> - [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/2634) in GitLab 13.4, Praefect nodes can no longer be designated as `primary`.
If there are multiple Praefect nodes:
@ -870,7 +874,7 @@ For self-compiled installations:
#### Service discovery
> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/8971) in GitLab 15.10.
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/8971) in GitLab 15.10.
Prerequisites:
@ -1526,7 +1530,7 @@ For a replication factor:
## Repository verification
> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/4080) in GitLab 15.0.
> - [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/4080) in GitLab 15.0.
Praefect stores metadata about the repositories in a database. If the repositories are modified on disk
without going through Praefect, the metadata can become inaccurate. For example if a Gitaly node is

8
doc/administration/gitaly/recovery.md
View File

@ -180,7 +180,7 @@ Virtual storage: default
#### Unavailable replicas of available repositories
> Introduced in GitLab 14.0, flag renamed from `-partially-replicated` and behavior changed.
> - Introduced in GitLab 14.0, flag renamed from `-partially-replicated` and behavior changed.
To also list information of repositories which are available but are unavailable from some of the assigned nodes,
use the `-partially-unavailable` flag.
@ -273,7 +273,7 @@ These tools reconcile the outdated repositories to bring them fully up to date a
### Automatic reconciliation
> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/2717) in GitLab 13.4.
> - [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/2717) in GitLab 13.4.
Praefect automatically reconciles repositories that are not up to date. By default, this is done every
five minutes. For each outdated repository on a healthy Gitaly node, Praefect picks a
@ -498,7 +498,7 @@ This command fails if:
### Manually add many repositories to the tracking database
> [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/6319) in GitLab 15.4.
> - [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/6319) in GitLab 15.4.
WARNING:
Because of a [known issue](https://gitlab.com/gitlab-org/gitaly/-/issues/5402), you can't add repositories to the
@ -543,7 +543,7 @@ If any entry fails these checks, the command aborts prior to attempting to track
### List virtual storage details
> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/4609) in GitLab 15.1.
> - [Introduced](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/4609) in GitLab 15.1.
The `list-storages` Praefect sub-command lists virtual storages and their associated storage nodes. If a virtual storage is:

6
doc/administration/gitaly/reference.md
View File

@ -4,7 +4,11 @@ group: Gitaly
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Example configuration files **(FREE SELF)**
# Example configuration files
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
Gitaly and Gitaly Cluster are configured by using configuration files. The default location of the configuration files
depends on the type of installation you have:

6
doc/administration/gitaly/troubleshooting.md
View File

@ -4,7 +4,11 @@ group: Gitaly
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Troubleshooting Gitaly **(FREE SELF)**
# Troubleshooting Gitaly
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
Refer to the information below when troubleshooting Gitaly. For information on troubleshooting Gitaly Cluster (Praefect),
see [Troubleshooting Gitaly Cluster](troubleshooting_gitaly_cluster.md).

12
doc/administration/gitaly/troubleshooting_gitaly_cluster.md
View File

@ -4,14 +4,18 @@ group: Gitaly
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Troubleshooting Gitaly Cluster **(FREE SELF)**
# Troubleshooting Gitaly Cluster
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
Refer to the information below when troubleshooting Gitaly Cluster (Praefect). For information on troubleshooting Gitaly,
see [Troubleshooting Gitaly](troubleshooting.md).
## Check cluster health
> [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/5688) in GitLab 14.5.
> - [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/5688) in GitLab 14.5.
The `check` Praefect sub-command runs a series of checks to determine the health of the Gitaly Cluster.
@ -74,7 +78,7 @@ If this check fails:
### Check clock synchronization
> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/4225) in GitLab 14.8.
> - [Introduced](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/4225) in GitLab 14.8.
Authentication between Praefect and the Gitaly servers requires the server times to be
in sync so the token check succeeds.
@ -145,7 +149,7 @@ To determine the primary node of a repository:
## View repository metadata
> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/3481) in GitLab 14.6.
> - [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/3481) in GitLab 14.6.
Gitaly Cluster maintains a [metadata database](index.md#components) about the repositories stored on the cluster. Use the `praefect metadata` subcommand
to inspect the metadata for troubleshooting.

6
doc/administration/housekeeping.md
View File

@ -4,7 +4,11 @@ group: Gitaly
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Housekeeping **(FREE SELF)**
# Housekeeping
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
GitLab supports and automates housekeeping tasks in Git repositories to ensure
that they can be served as efficiently as possible. Housekeeping tasks include:

Some files were not shown because too many files have changed in this diff Show More