From a94adeb6b2b212e824d1bbce5da16ecd7d1b5a20 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Wed, 19 Jul 2023 00:07:13 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- .rubocop_todo/style/redundant_freeze.yml | 21 --- .../_apply_generated_description_warning.haml | 4 +- ...613_add_read_dependency_to_member_roles.rb | 7 + db/schema_migrations/20230712214613 | 1 + db/structure.sql | 3 +- doc/api/broadcast_messages.md | 2 +- doc/api/group_import_export.md | 4 +- doc/api/issues.md | 2 +- doc/api/lint.md | 2 +- doc/api/notes.md | 2 +- doc/api/project_import_export.md | 4 +- doc/api/project_snippets.md | 2 +- doc/api/projects.md | 4 +- doc/api/protected_branches.md | 20 +-- doc/api/repository_files.md | 2 +- doc/api/settings.md | 16 +-- doc/api/snippets.md | 2 +- doc/api/templates/dockerfiles.md | 2 +- doc/ci/examples/index.md | 2 +- doc/ci/migration/circleci.md | 2 +- doc/ci/migration/jenkins.md | 4 +- doc/ci/pipelines/settings.md | 4 +- doc/ci/variables/predefined_variables.md | 2 +- doc/development/application_limits.md | 2 +- .../cicd_reference_documentation_guide.md | 2 +- .../site_architecture/folder_structure.md | 13 +- doc/development/geo.md | 4 +- doc/install/aws/manual_install_aws.md | 6 +- doc/integration/omniauth.md | 2 +- .../hardening_application_recommendations.md | 8 +- doc/security/index.md | 2 +- doc/security/rate_limits.md | 28 ++-- .../responding_to_security_incidents.md | 2 +- doc/subscriptions/bronze_starter.md | 2 +- doc/subscriptions/self_managed/index.md | 6 +- doc/user/clusters/create/index.md | 1 + doc/user/gitlab_com/index.md | 2 +- .../clusters/connect/new_aks_cluster.md | 132 ++++++++++++++++++ doc/user/project/index.md | 2 +- doc/user/snippets.md | 2 +- .../load_balancing/service_discovery.rb | 2 +- .../super_sidebar_menus/analyze_menu.rb | 1 + locale/gitlab.pot | 6 + qa/qa/page/project/snippet/new.rb | 2 +- qa/qa/support/matchers/have_matcher.rb | 1 + qa/qa/support/parallel_pipeline_jobs.rb | 2 +- qa/qa/tools/ci/qa_changes.rb | 4 +- rubocop/cop/gitlab/doc_url.rb | 2 +- rubocop/cop/gitlab/finder_with_find_by.rb | 2 +- .../cop/inject_enterprise_edition_module.rb | 2 +- rubocop/cop/project_path_helper.rb | 2 +- rubocop/cop/qa/selector_usage.rb | 2 +- scripts/lint-docs-blueprints.rb | 2 +- scripts/qa/testcases-check | 2 +- scripts/validate_migration_timestamps | 2 +- spec/initializers/secret_token_spec.rb | 4 +- .../super_sidebar_menus/analyze_menu_spec.rb | 1 + .../support/helpers/next_found_instance_of.rb | 2 +- spec/support/helpers/require_migration.rb | 2 +- spec/support/matchers/exceed_query_limit.rb | 2 +- tooling/danger/config_files.rb | 2 +- tooling/danger/customer_success.rb | 4 +- tooling/danger/datateam.rb | 8 +- tooling/danger/stable_branch.rb | 4 +- tooling/lib/tooling/kubernetes_client.rb | 2 +- .../tooling/mappings/view_to_js_mappings.rb | 4 +- 66 files changed, 262 insertions(+), 137 deletions(-) create mode 100644 db/migrate/20230712214613_add_read_dependency_to_member_roles.rb create mode 100644 db/schema_migrations/20230712214613 create mode 100644 doc/user/infrastructure/clusters/connect/new_aks_cluster.md diff --git a/.rubocop_todo/style/redundant_freeze.yml b/.rubocop_todo/style/redundant_freeze.yml index c2ff275db69..0877c752827 100644 --- a/.rubocop_todo/style/redundant_freeze.yml +++ b/.rubocop_todo/style/redundant_freeze.yml @@ -212,24 +212,3 @@ Style/RedundantFreeze: - 'lib/gitlab/zoom_link_extractor.rb' - 'lib/sbom/package_url/argument_validator.rb' - 'lib/tasks/gitlab/db/decomposition/rollback/bump_ci_sequences.rake' - - 'qa/qa/support/parallel_pipeline_jobs.rb' - - 'qa/qa/tools/ci/qa_changes.rb' - - 'rubocop/cop/gitlab/doc_url.rb' - - 'rubocop/cop/gitlab/finder_with_find_by.rb' - - 'rubocop/cop/inject_enterprise_edition_module.rb' - - 'rubocop/cop/project_path_helper.rb' - - 'rubocop/cop/qa/selector_usage.rb' - - 'scripts/lint-docs-blueprints.rb' - - 'scripts/qa/testcases-check' - - 'scripts/validate_migration_timestamps' - - 'spec/contracts/provider/helpers/contract_source_helper.rb' - - 'spec/initializers/secret_token_spec.rb' - - 'spec/support/helpers/next_found_instance_of.rb' - - 'spec/support/helpers/require_migration.rb' - - 'spec/support/matchers/exceed_query_limit.rb' - - 'tooling/danger/config_files.rb' - - 'tooling/danger/customer_success.rb' - - 'tooling/danger/datateam.rb' - - 'tooling/danger/stable_branch.rb' - - 'tooling/lib/tooling/kubernetes_client.rb' - - 'tooling/lib/tooling/mappings/view_to_js_mappings.rb' diff --git a/app/views/shared/form_elements/_apply_generated_description_warning.haml b/app/views/shared/form_elements/_apply_generated_description_warning.haml index b695ae4f292..906f60d01e6 100644 --- a/app/views/shared/form_elements/_apply_generated_description_warning.haml +++ b/app/views/shared/form_elements/_apply_generated_description_warning.haml @@ -5,9 +5,9 @@ = sprite_icon("close") %p - = _("AI|Replace the existing description with an AI-generated description? Any changes you have made will be lost.") + = s_("AI|Replace the existing description with an AI-generated description? Any changes you have made will be lost.") = render Pajamas::ButtonComponent.new(variant: :confirm, button_options: { class: 'gl-mr-3 js-ai-override-description' }) do - = _("AI|Apply AI-generated description") + = s_("AI|Apply AI-generated description") = render Pajamas::ButtonComponent.new(button_options: { class: 'js-cancel-btn' }) do = _("Cancel") diff --git a/db/migrate/20230712214613_add_read_dependency_to_member_roles.rb b/db/migrate/20230712214613_add_read_dependency_to_member_roles.rb new file mode 100644 index 00000000000..c6c9f3a0611 --- /dev/null +++ b/db/migrate/20230712214613_add_read_dependency_to_member_roles.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +class AddReadDependencyToMemberRoles < Gitlab::Database::Migration[2.1] + def change + add_column :member_roles, :read_dependency, :boolean, default: false, null: false + end +end diff --git a/db/schema_migrations/20230712214613 b/db/schema_migrations/20230712214613 new file mode 100644 index 00000000000..f9afbe825d6 --- /dev/null +++ b/db/schema_migrations/20230712214613 @@ -0,0 +1 @@ +56415a907d3bba749b9d42b5f37919981e779f0422c86793028d128350875f2d \ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index dcefc769996..408d9d851aa 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -17909,7 +17909,8 @@ CREATE TABLE member_roles ( base_access_level integer NOT NULL, read_code boolean DEFAULT false, read_vulnerability boolean DEFAULT false NOT NULL, - admin_vulnerability boolean DEFAULT false NOT NULL + admin_vulnerability boolean DEFAULT false NOT NULL, + read_dependency boolean DEFAULT false NOT NULL ); CREATE SEQUENCE member_roles_id_seq diff --git a/doc/api/broadcast_messages.md b/doc/api/broadcast_messages.md index d91557523a9..9dbae6f5727 100644 --- a/doc/api/broadcast_messages.md +++ b/doc/api/broadcast_messages.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w - > `target_access_levels` [introduced](https://gitlab.com/gitlab-org/growth/team-tasks/-/issues/461) in GitLab 14.8 [with a flag](../administration/feature_flags.md) named `role_targeted_broadcast_messages`. Disabled by default. - > `color` parameter [removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/95829) in GitLab 15.6. -Broadcast messages API operates on [broadcast messages](../user/admin_area/broadcast_messages.md). +Broadcast messages API operates on [broadcast messages](../administration/broadcast_messages.md). As of GitLab 12.8, GET requests do not require authentication. All other broadcast message API endpoints are accessible only to administrators. Non-GET requests by: diff --git a/doc/api/group_import_export.md b/doc/api/group_import_export.md index a409b2e3a11..314fb63058c 100644 --- a/doc/api/group_import_export.md +++ b/doc/api/group_import_export.md @@ -93,8 +93,8 @@ returns either: The maximum import file size can be set by the Administrator on self-managed instances (default is `0` (unlimited)). As an administrator, you can modify the maximum import file size either: -- The admin [Admin Area](../user/admin_area/settings/account_and_limit_settings.md). -- The `max_import_size` option in the [Application settings API](settings.md#change-application-settings). +- In the [Admin Area](../administration/settings/account_and_limit_settings.md). +- By using the `max_import_size` option in the [Application settings API](settings.md#change-application-settings). For information on the maximum import file size on GitLab.com, see [Account and limit settings](../user/gitlab_com/index.md#account-and-limit-settings). diff --git a/doc/api/issues.md b/doc/api/issues.md index 03cc107415f..9f9775c1746 100644 --- a/doc/api/issues.md +++ b/doc/api/issues.md @@ -1142,7 +1142,7 @@ Please use `iid` of the `epic` attribute instead. ## Rate limits To help avoid abuse, users can be limited to a specific number of `Create` requests per minute. -See [Issues rate limits](../user/admin_area/settings/rate_limit_on_issues_creation.md). +See [Issues rate limits](../administration/settings/rate_limit_on_issues_creation.md). ## Edit issue diff --git a/doc/api/lint.md b/doc/api/lint.md index af7c2f68a14..b0282b89f6e 100644 --- a/doc/api/lint.md +++ b/doc/api/lint.md @@ -119,7 +119,7 @@ and: - Does not have an [allowlist or denylist](../administration/settings/sign_up_restrictions.md#allow-or-deny-sign-ups-using-specific-email-domains). - Does not [require administrator approval for new sign ups](../administration/settings/sign_up_restrictions.md#require-administrator-approval-for-new-sign-ups). -- Does not have additional [sign up restrictions](../user/admin_area/settings/sign_up_restrictions.md). +- Does not have additional [sign up restrictions](../administration/settings/sign_up_restrictions.md). Otherwise, authentication is required. diff --git a/doc/api/notes.md b/doc/api/notes.md index 41b4ab7fd9a..ab8abc0973f 100644 --- a/doc/api/notes.md +++ b/doc/api/notes.md @@ -39,7 +39,7 @@ Read more on [pagination](rest/index.md#pagination). ## Rate limits To help avoid abuse, you can limit your users to a specific number of `Create` request per minute. -See [Notes rate limits](../user/admin_area/settings/rate_limit_on_notes_creation.md). +See [Notes rate limits](../administration/settings/rate_limit_on_notes_creation.md). ## Issues diff --git a/doc/api/project_import_export.md b/doc/api/project_import_export.md index 4910fcb5f86..bae300efaf4 100644 --- a/doc/api/project_import_export.md +++ b/doc/api/project_import_export.md @@ -32,7 +32,7 @@ project to a web server or to any S3-compatible platform. For exports, GitLab: time and is available throughout the export process. - Administrators can modify the maximum export file size. By default, the maximum is unlimited (`0`). To change this, edit `max_export_size` using either: - - [GitLab UI](../user/admin_area/settings/account_and_limit_settings.md). + - [GitLab UI](../administration/settings/account_and_limit_settings.md). - [Application settings API](settings.md#change-application-settings) - Has a fixed limit for the maximum import file size on GitLab.com. For more information, see [Account and limit settings](../user/gitlab_com/index.md#account-and-limit-settings). @@ -203,7 +203,7 @@ requests.post(url, headers=headers, data=data, files=files) NOTE: The maximum import file size can be set by the Administrator. It defaults to `0` (unlimited). -As an administrator, you can modify the maximum import file size. To do so, use the `max_import_size` option in the [Application settings API](settings.md#change-application-settings) or the [Admin Area](../user/admin_area/settings/account_and_limit_settings.md). Default [modified](https://gitlab.com/gitlab-org/gitlab/-/issues/251106) from 50 MB to 0 in GitLab 13.8. +As an administrator, you can modify the maximum import file size. To do so, use the `max_import_size` option in the [Application settings API](settings.md#change-application-settings) or the [Admin Area](../administration/settings/account_and_limit_settings.md). Default [modified](https://gitlab.com/gitlab-org/gitlab/-/issues/251106) from 50 MB to 0 in GitLab 13.8. ## Import a file from a remote object storage (Beta) diff --git a/doc/api/project_snippets.md b/doc/api/project_snippets.md index e39836f2781..b82e46a03cc 100644 --- a/doc/api/project_snippets.md +++ b/doc/api/project_snippets.md @@ -14,7 +14,7 @@ You can set it with the `visibility` field in the snippet. Constants for snippet visibility levels are: - **Private**: The snippet is visible only to project members. -- **Internal**: The snippet is visible for any authenticated user except [external users](../user/admin_area/external_users.md). +- **Internal**: The snippet is visible for any authenticated user except [external users](../administration/external_users.md). - **Public**: The snippet can be accessed without any authentication. NOTE: diff --git a/doc/api/projects.md b/doc/api/projects.md index 273b5e4207d..6afed915135 100644 --- a/doc/api/projects.md +++ b/doc/api/projects.md @@ -1552,7 +1552,7 @@ curl --request POST --header "PRIVATE-TOKEN: " \ | `template_name` | string | **{dotted-circle}** No | When used without `use_custom_template`, name of a [built-in project template](../user/project/index.md#create-a-project-from-a-built-in-template). When used with `use_custom_template`, name of a custom project template. | | `template_project_id` **(PREMIUM)** | integer | **{dotted-circle}** No | When used with `use_custom_template`, project ID of a custom project template. Using a project ID is preferable to using `template_name` since `template_name` may be ambiguous. | | `topics` | array | **{dotted-circle}** No | The list of topics for a project; put array of topics, that should be finally assigned to a project. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/328226) in GitLab 14.0.)_ | -| `use_custom_template` **(PREMIUM)** | boolean | **{dotted-circle}** No | Use either custom [instance](../user/admin_area/custom_project_templates.md) or [group](../user/group/custom_project_templates.md) (with `group_with_project_templates_id`) project template. | +| `use_custom_template` **(PREMIUM)** | boolean | **{dotted-circle}** No | Use either custom [instance](../administration/custom_project_templates.md) or [group](../user/group/custom_project_templates.md) (with `group_with_project_templates_id`) project template. | | `visibility` | string | **{dotted-circle}** No | See [project visibility level](#project-visibility-level). | | `wiki_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. | | `wiki_enabled` | boolean | **{dotted-circle}** No | _(Deprecated)_ Enable wiki for this project. Use `wiki_access_level` instead. | @@ -1640,7 +1640,7 @@ POST /projects/user/:user_id | `tag_list` | array | **{dotted-circle}** No | _([Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/328226) in GitLab 14.0)_ The list of tags for a project; put array of tags, that should be finally assigned to a project. Use `topics` instead. | | `template_name` | string | **{dotted-circle}** No | When used without `use_custom_template`, name of a [built-in project template](../user/project/index.md#create-a-project-from-a-built-in-template). When used with `use_custom_template`, name of a custom project template. | | `topics` | array | **{dotted-circle}** No | The list of topics for the project. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/328226) in GitLab 14.0.)_ | -| `use_custom_template` **(PREMIUM)** | boolean | **{dotted-circle}** No | Use either custom [instance](../user/admin_area/custom_project_templates.md) or [group](../user/group/custom_project_templates.md) (with `group_with_project_templates_id`) project template. | +| `use_custom_template` **(PREMIUM)** | boolean | **{dotted-circle}** No | Use either custom [instance](../administration/custom_project_templates.md) or [group](../user/group/custom_project_templates.md) (with `group_with_project_templates_id`) project template. | | `visibility` | string | **{dotted-circle}** No | See [project visibility level](#project-visibility-level). | | `wiki_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. | | `wiki_enabled` | boolean | **{dotted-circle}** No | _(Deprecated)_ Enable wiki for this project. Use `wiki_access_level` instead. | diff --git a/doc/api/protected_branches.md b/doc/api/protected_branches.md index b4f1e6b5ec1..0de32a4a25d 100644 --- a/doc/api/protected_branches.md +++ b/doc/api/protected_branches.md @@ -228,10 +228,10 @@ curl --request POST --header "PRIVATE-TOKEN: " "https://gitla | -------------------------------------------- | ---- | -------- | ----------- | | `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. | `name` | string | yes | The name of the branch or wildcard. -| `allow_force_push` | boolean | no | Allow all users with push access to force push. (default: `false`) -| `allowed_to_merge` **(PREMIUM)** | array | no | Array of access levels allowed to merge, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. -| `allowed_to_push` **(PREMIUM)** | array | no | Array of access levels allowed to push, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. -| `allowed_to_unprotect` **(PREMIUM)** | array | no | Array of access levels allowed to unprotect, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. The access level `No access` is not available for this field. | +| `allow_force_push` | boolean | no | When enabled, members who can push to this branch can also force push. (default: `false`) +| `allowed_to_merge` **(PREMIUM)** | array | no | Array of merge access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. +| `allowed_to_push` **(PREMIUM)** | array | no | Array of push access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. +| `allowed_to_unprotect` **(PREMIUM)** | array | no | Array of unprotect access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. The access level `No access` is not available for this field. | | `code_owner_approval_required` **(PREMIUM)** | boolean | no | Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/codeowners/index.md). (defaults: false) | `merge_access_level` | integer | no | Access levels allowed to merge. (defaults: `40`, Maintainer role) | `push_access_level` | integer | no | Access levels allowed to push. (defaults: `40`, Maintainer role) @@ -458,12 +458,12 @@ curl --request PATCH --header "PRIVATE-TOKEN: " "https://gitl | Attribute | Type | Required | Description | | -------------------------------------------- | ---- | -------- | ----------- | | `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. -| `name` | string | yes | The name of the branch. -| `allow_force_push` | boolean | no | When enabled, members who can push to this branch can also force push. -| `allowed_to_push` **(PREMIUM)** | array | no | Array of push access levels, with each described by a hash. -| `allowed_to_merge` **(PREMIUM)** | array | no | Array of merge access levels, with each described by a hash. -| `allowed_to_unprotect` **(PREMIUM)** | array | no | Array of unprotect access levels, with each described by a hash. The access level `No access` is not available for this field. -| `code_owner_approval_required` **(PREMIUM)** | boolean | no | Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/codeowners/index.md). Defaults to `false`. | +| `name` | string | yes | The name of the branch or wildcard. +| `allow_force_push` | boolean | no | When enabled, members who can push to this branch can also force push. +| `allowed_to_merge` **(PREMIUM)** | array | no | Array of merge access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. +| `allowed_to_push` **(PREMIUM)** | array | no | Array of push access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. +| `allowed_to_unprotect` **(PREMIUM)** | array | no | Array of unprotect access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, `{access_level: integer}`, or `{id: integer, _destroy: true}` to destroy an existing access level. The access level `No access` is not available for this field. | +| `code_owner_approval_required` **(PREMIUM)** | boolean | no | Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/codeowners/index.md). | Elements in the `allowed_to_push`, `allowed_to_merge` and `allowed_to_unprotect` arrays should be one of `user_id`, `group_id` or `access_level`, and take the form `{user_id: integer}`, `{group_id: integer}` or diff --git a/doc/api/repository_files.md b/doc/api/repository_files.md index 187ee2f5a2a..65ed67541d3 100644 --- a/doc/api/repository_files.md +++ b/doc/api/repository_files.md @@ -8,7 +8,7 @@ type: reference, api # Repository files API **(FREE)** You can fetch, create, update, and delete files in your repository with this API. -You can also [configure rate limits](../user/admin_area/settings/files_api_rate_limits.md) +You can also [configure rate limits](../administration/settings/files_api_rate_limits.md) for this API. ## Available scopes for personal access tokens diff --git a/doc/api/settings.md b/doc/api/settings.md index d969f2abaa1..ea023a25a1d 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -478,7 +478,7 @@ listed in the descriptions of the relevant settings. | `projects_api_rate_limit_unauthenticated` | integer | no | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112283) in GitLab 15.10. Max number of requests per 10 minutes per IP address for unauthenticated requests to the [list all projects API](projects.md#list-all-projects). Default: 400. To disable throttling set to 0.| | `prometheus_metrics_enabled` | boolean | no | Enable Prometheus metrics. | | `protected_ci_variables` | boolean | no | CI/CD variables are protected by default. | -| `push_event_activities_limit` | integer | no | Maximum number of changes (branches or tags) in a single push above which a [bulk push event is created](../user/admin_area/settings/push_event_activities_limit.md). Setting to `0` does not disable throttling. | +| `push_event_activities_limit` | integer | no | Maximum number of changes (branches or tags) in a single push above which a [bulk push event is created](../administration/settings/push_event_activities_limit.md). Setting to `0` does not disable throttling. | | `push_event_hooks_limit` | integer | no | Maximum number of changes (branches or tags) in a single push above which webhooks and integrations are not triggered. Setting to `0` does not disable throttling. | | `rate_limiting_response_text` | string | no | When rate limiting is enabled via the `throttle_*` settings, send this plain text response when a rate limit is exceeded. 'Retry later' is sent if this is blank. | | `raw_blob_request_limit` | integer | no | Maximum number of requests per minute for each raw path (default is `300`). Set to `0` to disable throttling.| @@ -502,7 +502,7 @@ listed in the descriptions of the relevant settings. | `shared_runners_enabled` | boolean | no | (**If enabled, requires:** `shared_runners_text` and `shared_runners_minutes`) Enable shared runners for new projects. | | `shared_runners_minutes` **(PREMIUM)** | integer | required by: `shared_runners_enabled` | Set the maximum number of compute minutes that a group can use on shared runners per month. | | `shared_runners_text` | string | required by: `shared_runners_enabled` | Shared runners text. | -| `sidekiq_job_limiter_mode` | string | no | `track` or `compress`. Sets the behavior for [Sidekiq job size limits](../user/admin_area/settings/sidekiq_job_limits.md). Default: 'compress'. | +| `sidekiq_job_limiter_mode` | string | no | `track` or `compress`. Sets the behavior for [Sidekiq job size limits](../administration/settings/sidekiq_job_limits.md). Default: 'compress'. | | `sidekiq_job_limiter_compression_threshold_bytes` | integer | no | The threshold in bytes at which Sidekiq jobs are compressed before being stored in Redis. Default: 100,000 bytes (100 KB). | | `sidekiq_job_limiter_limit_bytes` | integer | no | The threshold in bytes at which Sidekiq jobs are rejected. Default: 0 bytes (doesn't reject any job). | | `sign_in_text` | string | no | Deprecated: Use `description` parameter in the [Appearance API](../api/appearance.md). Custom text in sign-in page. | @@ -531,9 +531,9 @@ listed in the descriptions of the relevant settings. | `throttle_authenticated_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_authenticated_api_period_in_seconds` and `throttle_authenticated_api_requests_per_period`) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | | `throttle_authenticated_api_period_in_seconds` | integer | required by:
`throttle_authenticated_api_enabled` | Rate limit period (in seconds). | | `throttle_authenticated_api_requests_per_period` | integer | required by:
`throttle_authenticated_api_enabled` | Maximum requests per period per user. | -| `throttle_authenticated_packages_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_authenticated_packages_api_period_in_seconds` and `throttle_authenticated_packages_api_requests_per_period`) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | -| `throttle_authenticated_packages_api_period_in_seconds` | integer | required by:
`throttle_authenticated_packages_api_enabled` | Rate limit period (in seconds). View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | -| `throttle_authenticated_packages_api_requests_per_period` | integer | required by:
`throttle_authenticated_packages_api_enabled` | Maximum requests per period per user. View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | +| `throttle_authenticated_packages_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_authenticated_packages_api_period_in_seconds` and `throttle_authenticated_packages_api_requests_per_period`) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View [Package Registry rate limits](../administration/settings/package_registry_rate_limits.md) for more details. | +| `throttle_authenticated_packages_api_period_in_seconds` | integer | required by:
`throttle_authenticated_packages_api_enabled` | Rate limit period (in seconds). View [Package Registry rate limits](../administration/settings/package_registry_rate_limits.md) for more details. | +| `throttle_authenticated_packages_api_requests_per_period` | integer | required by:
`throttle_authenticated_packages_api_enabled` | Maximum requests per period per user. View [Package Registry rate limits](../administration/settings/package_registry_rate_limits.md) for more details. | | `throttle_authenticated_web_enabled` | boolean | no | (**If enabled, requires:** `throttle_authenticated_web_period_in_seconds` and `throttle_authenticated_web_requests_per_period`) Enable authenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | | `throttle_authenticated_web_period_in_seconds` | integer | required by:
`throttle_authenticated_web_enabled` | Rate limit period (in seconds). | | `throttle_authenticated_web_requests_per_period` | integer | required by:
`throttle_authenticated_web_enabled` | Maximum requests per period per user. | @@ -543,9 +543,9 @@ listed in the descriptions of the relevant settings. | `throttle_unauthenticated_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_unauthenticated_api_period_in_seconds` and `throttle_unauthenticated_api_requests_per_period`) Enable unauthenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | | `throttle_unauthenticated_api_period_in_seconds` | integer | required by:
`throttle_unauthenticated_api_enabled` | Rate limit period in seconds. | | `throttle_unauthenticated_api_requests_per_period` | integer | required by:
`throttle_unauthenticated_api_enabled` | Max requests per period per IP. | -| `throttle_unauthenticated_packages_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_unauthenticated_packages_api_period_in_seconds` and `throttle_unauthenticated_packages_api_requests_per_period`) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | -| `throttle_unauthenticated_packages_api_period_in_seconds` | integer | required by:
`throttle_unauthenticated_packages_api_enabled` | Rate limit period (in seconds). View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | -| `throttle_unauthenticated_packages_api_requests_per_period` | integer | required by:
`throttle_unauthenticated_packages_api_enabled` | Maximum requests per period per user. View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | +| `throttle_unauthenticated_packages_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_unauthenticated_packages_api_period_in_seconds` and `throttle_unauthenticated_packages_api_requests_per_period`) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View [Package Registry rate limits](../administration/settings/package_registry_rate_limits.md) for more details. | +| `throttle_unauthenticated_packages_api_period_in_seconds` | integer | required by:
`throttle_unauthenticated_packages_api_enabled` | Rate limit period (in seconds). View [Package Registry rate limits](../administration/settings/package_registry_rate_limits.md) for more details. | +| `throttle_unauthenticated_packages_api_requests_per_period` | integer | required by:
`throttle_unauthenticated_packages_api_enabled` | Maximum requests per period per user. View [Package Registry rate limits](../administration/settings/package_registry_rate_limits.md) for more details. | | `throttle_unauthenticated_web_enabled` | boolean | no | (**If enabled, requires:** `throttle_unauthenticated_web_period_in_seconds` and `throttle_unauthenticated_web_requests_per_period`) Enable unauthenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | | `throttle_unauthenticated_web_period_in_seconds` | integer | required by:
`throttle_unauthenticated_web_enabled` | Rate limit period in seconds. | | `throttle_unauthenticated_web_requests_per_period` | integer | required by:
`throttle_unauthenticated_web_enabled` | Max requests per period per IP. | diff --git a/doc/api/snippets.md b/doc/api/snippets.md index 39965ae91f3..578c72a0502 100644 --- a/doc/api/snippets.md +++ b/doc/api/snippets.md @@ -20,7 +20,7 @@ Valid values for snippet visibility levels are: | Visibility | Description | |:-----------|:----------------------------------------------------| | `private` | Snippet is visible only to the snippet creator. | -| `internal` | Snippet is visible for any authenticated user except [external users](../user/admin_area/external_users.md). | +| `internal` | Snippet is visible for any authenticated user except [external users](../administration/external_users.md). | | `public` | Snippet can be accessed without any authentication. | ## List all snippets for a user diff --git a/doc/api/templates/dockerfiles.md b/doc/api/templates/dockerfiles.md index e9d57061510..70c104612b8 100644 --- a/doc/api/templates/dockerfiles.md +++ b/doc/api/templates/dockerfiles.md @@ -16,7 +16,7 @@ in the GitLab repository. In [GitLab Premium and Ultimate](https://about.gitlab.com/pricing/) tiers, GitLab instance administrators can override templates in the -[Admin Area](../../user/admin_area/settings/instance_template_repository.md). +[Admin Area](../../administration/settings/instance_template_repository.md). ## List Dockerfile templates diff --git a/doc/ci/examples/index.md b/doc/ci/examples/index.md index a020f673fd7..514817adc91 100644 --- a/doc/ci/examples/index.md +++ b/doc/ci/examples/index.md @@ -102,7 +102,7 @@ to [the templates list](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/g ### Adding templates to your GitLab installation **(PREMIUM SELF)** You can add custom examples and templates to your self-managed GitLab instance. -Your GitLab administrator can [designate an instance template repository](../../user/admin_area/settings/instance_template_repository.md) +Your GitLab administrator can [designate an instance template repository](../../administration/settings/instance_template_repository.md) that contains examples and templates specific to your organization. ## Other resources diff --git a/doc/ci/migration/circleci.md b/doc/ci/migration/circleci.md index 8242bbd748f..a05fe87013c 100644 --- a/doc/ci/migration/circleci.md +++ b/doc/ci/migration/circleci.md @@ -16,7 +16,7 @@ We have collected several resources that you may find useful before starting to The [Quick Start Guide](../quick_start/index.md) is a good overview of how GitLab CI/CD works. You may also be interested in [Auto DevOps](../../topics/autodevops/index.md) which can be used to build, test, and deploy your applications with little to no configuration needed at all. -For advanced CI/CD teams, [custom project templates](../../user/admin_area/custom_project_templates.md) can enable the reuse of pipeline configurations. +For advanced CI/CD teams, [custom project templates](../../administration/custom_project_templates.md) can enable the reuse of pipeline configurations. If you have questions that are not answered here, the [GitLab community forum](https://forum.gitlab.com/) can be a great resource. diff --git a/doc/ci/migration/jenkins.md b/doc/ci/migration/jenkins.md index dc1944e65c6..f3f14da037f 100644 --- a/doc/ci/migration/jenkins.md +++ b/doc/ci/migration/jenkins.md @@ -209,10 +209,10 @@ Refer to this index if these features aren't working as expected, or if you'd li For advanced CI/CD teams, project templates can enable the reuse of pipeline configurations, as well as encourage inner sourcing. -In self-managed GitLab instances, you can build an [Instance Template Repository](../../user/admin_area/settings/instance_template_repository.md). +In self-managed GitLab instances, you can build an [Instance Template Repository](../../administration/settings/instance_template_repository.md). Development teams across the whole organization can select templates from a dropdown list. A group maintainer or a group owner is able to set a group to use as the source for the -[custom project templates](../../user/admin_area/custom_project_templates.md). This can +[custom project templates](../../administration/custom_project_templates.md). This can be used by all projects in the group. An instance administrator can set a group as the source for [instance project templates](../../user/group/custom_project_templates.md), which can be used by projects in that instance. diff --git a/doc/ci/pipelines/settings.md b/doc/ci/pipelines/settings.md index 38cdc5ed578..fe6c88c9c4d 100644 --- a/doc/ci/pipelines/settings.md +++ b/doc/ci/pipelines/settings.md @@ -31,7 +31,7 @@ To change the visibility of your pipelines and related features: When it is selected, pipelines and related features are visible: - For [**Public**](../../user/public_access.md) projects, to everyone. - - For **Internal** projects, to all authenticated users except [external users](../../user/admin_area/external_users.md). + - For **Internal** projects, to all authenticated users except [external users](../../administration/external_users.md). - For **Private** projects, to all project members (Guest or higher). When it is cleared: @@ -40,7 +40,7 @@ To change the visibility of your pipelines and related features: and the **CI/CD** menu items are visible only to project members (Reporter or higher). Other users, including guest users, can only view the status of pipelines and jobs, and only when viewing merge requests or commits. - - For **Internal** projects, pipelines are visible to all authenticated users except [external users](../../user/admin_area/external_users.md). + - For **Internal** projects, pipelines are visible to all authenticated users except [external users](../../administration/external_users.md). Related features are visible only to project members (Reporter or higher). - For **Private** projects, pipelines and related features are visible to project members (Reporter or higher) only. diff --git a/doc/ci/variables/predefined_variables.md b/doc/ci/variables/predefined_variables.md index 1656b2147d5..73aaafe46c0 100644 --- a/doc/ci/variables/predefined_variables.md +++ b/doc/ci/variables/predefined_variables.md @@ -105,7 +105,7 @@ as it can cause the pipeline to behave unexpectedly. | `CI_PROJECT_DESCRIPTION` | 15.1 | all | The project description as displayed in the GitLab web interface. | | `CI_PROJECT_URL` | 8.10 | 0.5 | The HTTP(S) address of the project. | | `CI_PROJECT_VISIBILITY` | 10.3 | all | The project visibility. Can be `internal`, `private`, or `public`. | -| `CI_PROJECT_CLASSIFICATION_LABEL` | 14.2 | all | The project [external authorization classification label](../../user/admin_area/settings/external_authorization.md). | +| `CI_PROJECT_CLASSIFICATION_LABEL` | 14.2 | all | The project [external authorization classification label](../../administration/settings/external_authorization.md). | | `CI_REGISTRY_IMAGE` | 8.10 | 0.5 | The address of the project's Container Registry. Only available if the Container Registry is enabled for the project. | | `CI_REGISTRY_PASSWORD` | 9.0 | all | The password to push containers to the project's GitLab Container Registry. Only available if the Container Registry is enabled for the project. This password value is the same as the `CI_JOB_TOKEN` and is valid only as long as the job is running. Use the `CI_DEPLOY_PASSWORD` for long-lived access to the registry | | `CI_REGISTRY_USER` | 9.0 | all | The username to push containers to the project's GitLab Container Registry. Only available if the Container Registry is enabled for the project. | diff --git a/doc/development/application_limits.md b/doc/development/application_limits.md index b1efc11db62..40d157a4411 100644 --- a/doc/development/application_limits.md +++ b/doc/development/application_limits.md @@ -171,7 +171,7 @@ The process for adding a new throttle is loosely: 1. Extend `Gitlab::RackAttack` and `Gitlab::RackAttack::Request` to configure the new rate limit, and apply it to the desired requests. 1. Add the new settings to the Admin Area form in `app/views/admin/application_settings/_ip_limits.html.haml`. -1. Document the new settings in [User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md) and [Application settings API](../api/settings.md). +1. Document the new settings in [User and IP rate limits](../administration/settings/user_and_ip_rate_limits.md) and [Application settings API](../api/settings.md). 1. Configure the rate limit for GitLab.com and document it in [GitLab.com-specific rate limits](../user/gitlab_com/index.md#gitlabcom-specific-rate-limits). Refer to these past issues for implementation details: diff --git a/doc/development/cicd/cicd_reference_documentation_guide.md b/doc/development/cicd/cicd_reference_documentation_guide.md index 530bc62b603..e358b24c60f 100644 --- a/doc/development/cicd/cicd_reference_documentation_guide.md +++ b/doc/development/cicd/cicd_reference_documentation_guide.md @@ -125,7 +125,7 @@ can include changes introduced in different GitLab versions. For example: **Additional details**: - The expiration time period begins when the artifact is uploaded and stored on GitLab. - If the expiry time is not defined, it defaults to the [instance wide setting](../../user/admin_area/settings/continuous_integration.md#default-artifacts-expiration). + If the expiry time is not defined, it defaults to the [instance wide setting](../../administration/settings/continuous_integration.md#default-artifacts-expiration). - To override the expiration date and protect artifacts from being automatically deleted: - Select **Keep** on the job page. - [In GitLab 13.3 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/22761), set the value of diff --git a/doc/development/documentation/site_architecture/folder_structure.md b/doc/development/documentation/site_architecture/folder_structure.md index f59e24c19c5..1c9fc1441c4 100644 --- a/doc/development/documentation/site_architecture/folder_structure.md +++ b/doc/development/documentation/site_architecture/folder_structure.md @@ -26,7 +26,7 @@ Put files for a specific product area into the related folder: | Directory | Contents | |:----------------------|:------------------| | `doc/user/` | Documentation for users. Anything that can be done in the GitLab user interface goes here, including usage of the `/admin` interface. | -| `doc/administration/` | Documentation that requires the user to have access to the server where GitLab is installed. Administrator settings in the GitLab user interface are under `doc/user/admin_area/`. | +| `doc/administration/` | Documentation that requires the user to have access to the server where GitLab is installed. Administrator settings in the GitLab user interface are under `doc/administration/`. | | `doc/api/` | Documentation for the API. | | `doc/development/` | Documentation related to the development of GitLab, whether contributing code or documentation. Related process and style guides should go here. | | `doc/legal/` | Legal documents about contributing to GitLab. | @@ -61,14 +61,9 @@ When working with directories and files: - `doc/user/profile/` should contain all profile related documentation. Every page you would navigate under `/profile` should have its own document, for example, `account.md`, `applications.md`, or `emails.md`. - - `doc/user/admin_area/` should contain all administrator-related - documentation describing what can be achieved by accessing the GitLab - administrator interface (not to be confused with `doc/administration` where - server access is required). - - Every category under `/admin/application_settings/` should have its - own document located at `doc/user/admin_area/settings/`. For example, - the **Visibility and Access Controls** category should have a document - located at `doc/user/admin_area/settings/visibility_and_access_controls.md`. +1. In the `doc/administration/` directory: all administrator-related + documentation for administrators, including admin tasks done in both + the UI and on the backend servers. If you're unsure where to place a document or a content addition, this shouldn't stop you from authoring and contributing. Use your best judgment, and then ask diff --git a/doc/development/geo.md b/doc/development/geo.md index a53e7fa0a96..a39f97f1241 100644 --- a/doc/development/geo.md +++ b/doc/development/geo.md @@ -111,7 +111,7 @@ projects that need updating. Those projects can be: timestamp that is more recent than the `last_repository_successful_sync_at` timestamp in the `Geo::ProjectRegistry` model. - Manual: The administrator can manually flag a repository to resync in the - [Geo Admin Area](../user/admin_area/geo_sites.md). + [Geo Admin Area](../administration/geo_sites.md). When we fail to fetch a repository on the secondary `RETRIES_BEFORE_REDOWNLOAD` times, Geo does a so-called _re-download_. It will do a clean clone @@ -466,7 +466,7 @@ basically hashes all Git refs together and stores that hash in the The **secondary** site does the same to calculate the hash of its clone, and compares the hash with the value the **primary** site calculated. If there is a mismatch, Geo will mark this as a mismatch -and the administrator can see this in the [Geo Admin Area](../user/admin_area/geo_sites.md). +and the administrator can see this in the [Geo Admin Area](../administration/geo_sites.md). ## Geo proxying diff --git a/doc/install/aws/manual_install_aws.md b/doc/install/aws/manual_install_aws.md index 01d79e67d53..92ef08c2447 100644 --- a/doc/install/aws/manual_install_aws.md +++ b/doc/install/aws/manual_install_aws.md @@ -268,7 +268,7 @@ On the EC2 dashboard, look for Load Balancer in the left navigation bar: 1. Select **Configure Health Check** and set up a health check for your EC2 instances. 1. For **Ping Protocol**, select HTTP. 1. For **Ping Port**, enter 80. - 1. For **Ping Path** - we recommend that you [use the Readiness check endpoint](../../administration/load_balancer.md#readiness-check). You must add [the VPC IP Address Range (CIDR)](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-groups.html#elb-vpc-nacl) to the [IP allowlist](../../administration/monitoring/ip_allowlist.md) for the [Health Check endpoints](../../user/admin_area/monitoring/health_check.md) + 1. For **Ping Path** - we recommend that you [use the Readiness check endpoint](../../administration/load_balancer.md#readiness-check). You must add [the VPC IP Address Range (CIDR)](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-groups.html#elb-vpc-nacl) to the [IP allowlist](../../administration/monitoring/ip_allowlist.md) for the [Health Check endpoints](../../administration/monitoring/health_check.md) 1. Keep the default **Advanced Details** or adjust them according to your needs. 1. Select **Add EC2 Instances** - don't add anything as we create an Auto Scaling Group later to manage instances for us. 1. Select **Add Tags** and add any tags you need. @@ -741,7 +741,7 @@ GitLab provides its own integrated monitoring solution based on Prometheus. For more information about how to set it up, see [GitLab Prometheus](../../administration/monitoring/prometheus/index.md). -GitLab also has various [health check endpoints](../../user/admin_area/monitoring/health_check.md) +GitLab also has various [health check endpoints](../../administration/monitoring/health_check.md) that you can ping and get reports. ## GitLab Runner @@ -833,7 +833,7 @@ to request additional material: Geo is the solution for widely distributed development teams. - [Linux package](https://docs.gitlab.com/omnibus/) - Everything you must know about administering your GitLab instance. -- [Add a license](../../user/admin_area/license.md): +- [Add a license](../../administration/license.md): Activate all GitLab Enterprise Edition functionality with a license. - [Pricing](https://about.gitlab.com/pricing/): Pricing for the different tiers. diff --git a/doc/integration/omniauth.md b/doc/integration/omniauth.md index 0389b91fc70..01ea6408469 100644 --- a/doc/integration/omniauth.md +++ b/doc/integration/omniauth.md @@ -309,7 +309,7 @@ To enable automatic linking for SAML, see the [SAML setup instructions](saml.md# ## Create an external providers list You can define a list of external OmniAuth providers. -Users who create accounts or sign in to GitLab through the listed providers do not get access to [internal projects](../user/public_access.md#internal-projects-and-groups) and are marked as [external users](../user/admin_area/external_users.md). +Users who create accounts or sign in to GitLab through the listed providers do not get access to [internal projects](../user/public_access.md#internal-projects-and-groups) and are marked as [external users](../administration/external_users.md). To define the external providers list, use the full name of the provider, for example, `google_oauth2` for Google. For provider names, see the diff --git a/doc/security/hardening_application_recommendations.md b/doc/security/hardening_application_recommendations.md index 9d4d2d562fd..e9c09abdea1 100644 --- a/doc/security/hardening_application_recommendations.md +++ b/doc/security/hardening_application_recommendations.md @@ -121,7 +121,7 @@ select the **Disabled feed token** checkbox. If all of your users are coming from specific IP addresses, use **Global-allowed IP ranges** to specifically allow only those addresses. -For more details on **Visibility and access control**, see [visibility and access controls](../user/admin_area/settings/visibility_and_access_controls.md). +For more details on **Visibility and access control**, see [visibility and access controls](../administration/settings/visibility_and_access_controls.md). For information on SSH settings, see [SSH keys restrictions](../security/ssh_keys_restrictions.md). @@ -134,7 +134,7 @@ restricted. Account avatars can be manually uploaded by users. The settings in this section are intended to help enforce a custom implementation of your own specific standards on your users. As the various scenarios are too many and too varied, you should review the -[account and limit settings documentation](../user/admin_area/settings/account_and_limit_settings.md) +[account and limit settings documentation](../administration/settings/account_and_limit_settings.md) and apply changes to enforce your own policies. ### Sign-up restrictions @@ -158,7 +158,7 @@ email addresses, then list that domain in **Allowed domains for sign-ups**. This prevents those with email addresses in other domains from signing up. For more detailed information, see -[sign-up restrictions](../user/admin_area/settings/sign_up_restrictions.md). +[sign-up restrictions](../administration/settings/sign_up_restrictions.md). ### Sign-in restrictions @@ -176,7 +176,7 @@ In **Email notification for unknown sign-ins**, ensure that **Enable email notif is selected. This sends an email to users when a sign-in occurs from an unrecognized location. For more detailed information, see -[sign-in restrictions](../user/admin_area/settings/sign_in_restrictions.md). +[sign-in restrictions](../administration/settings/sign_in_restrictions.md). ## Integrations diff --git a/doc/security/index.md b/doc/security/index.md index a62d7171112..1b486ab5feb 100644 --- a/doc/security/index.md +++ b/doc/security/index.md @@ -27,6 +27,6 @@ type: index - [Project Import decompressed archive size limits](project_import_decompressed_archive_size_limits.md) - [Responding to security incidents](responding_to_security_incidents.md) -To harden your GitLab instance and minimize the risk of unwanted user account creation, consider access control features like [Sign up restrictions](../user/admin_area/settings/sign_up_restrictions.md) and [Authentication options](../topics/authentication/index.md). For more detailed information, refer to [Hardening](hardening.md). +To harden your GitLab instance and minimize the risk of unwanted user account creation, consider access control features like [Sign up restrictions](../administration/settings/sign_up_restrictions.md) and [Authentication options](../topics/authentication/index.md). For more detailed information, refer to [Hardening](hardening.md). Self-managed GitLab customers and administrators are responsible for the security of their underlying hosts, and for keeping GitLab itself up to date. It is important to [regularly patch GitLab](../policy/maintenance.md), patch your operating system and its software, and harden your hosts in accordance with vendor guidance. diff --git a/doc/security/rate_limits.md b/doc/security/rate_limits.md index 74d1226942c..5353c11d2f1 100644 --- a/doc/security/rate_limits.md +++ b/doc/security/rate_limits.md @@ -31,21 +31,21 @@ similarly mitigated by a rate limit. You can set these rate limits in the Admin Area of your instance: -- [Import/Export rate limits](../user/admin_area/settings/import_export_rate_limits.md) -- [Issue rate limits](../user/admin_area/settings/rate_limit_on_issues_creation.md) -- [Note rate limits](../user/admin_area/settings/rate_limit_on_notes_creation.md) -- [Protected paths](../user/admin_area/settings/protected_paths.md) -- [Raw endpoints rate limits](../user/admin_area/settings/rate_limits_on_raw_endpoints.md) -- [User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md) -- [Package registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) -- [Git LFS rate limits](../user/admin_area/settings/git_lfs_rate_limits.md) -- [Rate limits on Git SSH operations](../user/admin_area/settings/rate_limits_on_git_ssh_operations.md) -- [Files API rate limits](../user/admin_area/settings/files_api_rate_limits.md) -- [Deprecated API rate limits](../user/admin_area/settings/deprecated_api_rate_limits.md) +- [Import/Export rate limits](../administration/settings/import_export_rate_limits.md) +- [Issue rate limits](../administration/settings/rate_limit_on_issues_creation.md) +- [Note rate limits](../administration/settings/rate_limit_on_notes_creation.md) +- [Protected paths](../administration/settings/protected_paths.md) +- [Raw endpoints rate limits](../administration/settings/rate_limits_on_raw_endpoints.md) +- [User and IP rate limits](../administration/settings/user_and_ip_rate_limits.md) +- [Package registry rate limits](../administration/settings/package_registry_rate_limits.md) +- [Git LFS rate limits](../administration/settings/git_lfs_rate_limits.md) +- [Rate limits on Git SSH operations](../administration/settings/rate_limits_on_git_ssh_operations.md) +- [Files API rate limits](../administration/settings/files_api_rate_limits.md) +- [Deprecated API rate limits](../administration/settings/deprecated_api_rate_limits.md) - [GitLab Pages rate limits](../administration/pages/index.md#rate-limits) -- [Pipeline rate limits](../user/admin_area/settings/rate_limit_on_pipelines_creation.md) -- [Incident management rate limits](../user/admin_area/settings/incident_management_rate_limits.md) -- [Unauthenticated access to Projects List API rate limits](../user/admin_area/settings/rate_limit_on_projects_api.md) +- [Pipeline rate limits](../administration/settings/rate_limit_on_pipelines_creation.md) +- [Incident management rate limits](../administration/settings/incident_management_rate_limits.md) +- [Unauthenticated access to Projects List API rate limits](../administration/settings/rate_limit_on_projects_api.md) You can set these rate limits using the Rails console: diff --git a/doc/security/responding_to_security_incidents.md b/doc/security/responding_to_security_incidents.md index c3f8d6026d4..0cd7170d35b 100644 --- a/doc/security/responding_to_security_incidents.md +++ b/doc/security/responding_to_security_incidents.md @@ -45,7 +45,7 @@ If you suspect that your GitLab instance has been compromised, consider taking t - [Review the audit events](../administration/audit_events.md) available to you for suspicious account behavior. - [Review all users](../administration/moderate_users.md) (including the Administrative root user), and follow the steps in [Suspected compromised user account](#suspected-compromised-user-account) if necessary. -- Review the [Credentials Inventory](../user/admin_area/credentials_inventory.md), if available to you. +- Review the [Credentials Inventory](../administration/credentials_inventory.md), if available to you. - Change any sensitive credentials, variables, tokens, and secrets. For example, those located in instance configuration, database, CI/CD pipelines, or elsewhere. - Upgrade to the latest version of GitLab and adopt a plan to upgrade after every security patch release. diff --git a/doc/subscriptions/bronze_starter.md b/doc/subscriptions/bronze_starter.md index e45adb7d348..1f84c27d27a 100644 --- a/doc/subscriptions/bronze_starter.md +++ b/doc/subscriptions/bronze_starter.md @@ -21,7 +21,7 @@ the tiers are no longer mentioned in GitLab documentation: - [Code owners](../user/project/codeowners/index.md) - Description templates: - [Setting a default template for merge requests and issues](../user/project/description_templates.md#set-a-default-template-for-merge-requests-and-issues) -- [Email from GitLab](../user/admin_area/email_from_gitlab.md) +- [Email from GitLab](../administration/email_from_gitlab.md) - Groups: - [Creating group memberships via CN](../user/group/access_and_permissions.md#create-group-links-via-cn) - [Group push rules](../user/group/access_and_permissions.md#group-push-rules) diff --git a/doc/subscriptions/self_managed/index.md b/doc/subscriptions/self_managed/index.md index 8366e9a701c..e754c2a06a2 100644 --- a/doc/subscriptions/self_managed/index.md +++ b/doc/subscriptions/self_managed/index.md @@ -101,7 +101,7 @@ The user must not be assigned any other role, anywhere in the instance. NOTE: If a user creates a project, they are assigned the Maintainer or Owner role. To prevent a user from creating projects, as an administrator, you can mark the user -as [external](../../user/admin_area/external_users.md). +as [external](../../administration/external_users.md). ## Tips for managing users and subscription seats @@ -119,7 +119,7 @@ GitLab has several features which can help you manage the number of users: - Enable `block_auto_created_users` for new sign-ups via [LDAP](../../administration/auth/ldap/index.md#basic-configuration-settings) or [OmniAuth](../../integration/omniauth.md#configure-common-settings). - Enable the [User cap](../../administration/settings/sign_up_restrictions.md#user-cap) option. **Available in GitLab 13.7 and later**. -- [Disable new sign-ups](../../user/admin_area/settings/sign_up_restrictions.md), and instead manage new +- [Disable new sign-ups](../../administration/settings/sign_up_restrictions.md), and instead manage new users manually. - View a breakdown of users by role in the [Users statistics](../../administration/admin_area.md#users-statistics) page. @@ -421,7 +421,7 @@ The following is emailed to you: [**View invoices**](https://customers.gitlab.com/receipts). - A new activation code for your license. -[Add the activation code](../../user/admin_area/license.md) to your instance. +[Add the activation code](../../administration/license.md) to your instance. The new tier takes effect when the new license is activated. ## Add or change the contacts for your subscription diff --git a/doc/user/clusters/create/index.md b/doc/user/clusters/create/index.md index 57526394301..8dfeafeb48e 100644 --- a/doc/user/clusters/create/index.md +++ b/doc/user/clusters/create/index.md @@ -11,4 +11,5 @@ You connect the clusters to GitLab by using the agent for Kubernetes. - [Create a cluster on Google GKE](../../infrastructure/clusters/connect/new_gke_cluster.md) - [Create a cluster on Amazon EKS](../../infrastructure/clusters/connect/new_eks_cluster.md) +- [Create a cluster on Azure AKS](../../infrastructure/clusters/connect/new_aks_cluster.md) - [Create a cluster on Civo](../../infrastructure/clusters/connect/new_civo_cluster.md) diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md index 7e21516eef2..04858d8ac34 100644 --- a/doc/user/gitlab_com/index.md +++ b/doc/user/gitlab_com/index.md @@ -351,7 +351,7 @@ after the limits change in January, 2021: More details are available on the rate limits for [protected paths](#protected-paths-throttle) and -[raw endpoints](../../user/admin_area/settings/rate_limits_on_raw_endpoints.md). +[raw endpoints](../../administration/settings/rate_limits_on_raw_endpoints.md). GitLab can rate-limit requests at several layers. The rate limits listed here are configured in the application. These limits are the most diff --git a/doc/user/infrastructure/clusters/connect/new_aks_cluster.md b/doc/user/infrastructure/clusters/connect/new_aks_cluster.md new file mode 100644 index 00000000000..24933875d48 --- /dev/null +++ b/doc/user/infrastructure/clusters/connect/new_aks_cluster.md @@ -0,0 +1,132 @@ +--- +stage: Deploy +group: Environments +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +--- + +# Create an Azure AKS cluster + +You can create a cluster on Azure Kubernetes Service (AKS) through +[Infrastructure as Code (IaC)](../../index.md). This process uses the Azure and +Kubernetes Terraform providers to create AKS clusters. You connect the clusters to GitLab +by using the GitLab agent for Kubernetes. + +**Prerequisites:** + +- A Microsoft Azure account, with a set of configured + [security credentials](https://learn.microsoft.com/en-us/cli/azure/authenticate-azure-cli). +- [A runner](https://docs.gitlab.com/runner/install/) you can use to run the GitLab CI/CD pipeline. + +**Steps:** + +1. [Import the example project](#import-the-example-project). +1. [Register the agent for Kubernetes](#register-the-agent). +1. [Configure your project](#configure-your-project). +1. [Provision your cluster](#provision-your-cluster). + +## Import the example project + +To create a cluster from GitLab using Infrastructure as Code, you must +create a project to manage the cluster from. In this tutorial, you start with +a sample project and modify it according to your needs. + +Start by [importing the example project by URL](../../../project/import/repo_by_url.md). + +To import the project: + +1. On the left sidebar, at the top, select **Create new** (**{plus}**) and **New project/repository**. +1. Select **Import project**. +1. Select **Repository by URL**. +1. For the **Git repository URL**, enter `https://gitlab.com/gitlab-org/ci-cd/deploy-stage/environments-group/examples/gitlab-terraform-aks.git`. +1. Complete the fields and select **Create project**. + +This project provides you with: + +- An [Azure Kubernetes Service (AKS)](https://gitlab.com/gitlab-org/ci-cd/deploy-stage/environments-group/examples/gitlab-terraform-aks/-/blob/main/aks.tf) cluster. +- The [GitLab agent for Kubernetes](https://gitlab.com/gitlab-org/ci-cd/deploy-stage/environments-group/examples/gitlab-terraform-aks/-/blob/main/agent.tf) installed in the cluster. + +## Register the agent + +To create a GitLab agent for Kubernetes: + +1. On the left sidebar, select **Operate > Kubernetes clusters**. +1. Select **Connect a cluster (agent)**. +1. From the **Select an agent** dropdown list, select `aks-agent` and select **Register an agent**. +1. GitLab generates a registration token for the agent. Securely store this secret token, as you will need it later. +1. GitLab provides an address for the agent server (KAS), which you will also need later. + +## Configure your project + +Use CI/CD environment variables to configure your project. + +**Required configuration:** + +1. On the left sidebar, select **Settings > CI/CD**. +1. Expand **Variables**. +1. Set the variable `AZURE_CLIENT_ID` to your Azure client ID. +1. Set the variable `AZURE_CLIENT_SECRET` to your Azure client secret. +1. Set the variable `AZURE_TENANT_ID` to your service principal. +1. Set the variable `TF_VAR_agent_token` to the agent token displayed in the previous task. +1. Set the variable `TF_VAR_kas_address` to the agent server address displayed in the previous task. + +**Optional configuration:** + +The file [`variables.tf`](https://gitlab.com/gitlab-org/ci-cd/deploy-stage/environments-group/examples/gitlab-terraform-aks/-/blob/main/variables.tf) +contains other variables that you can override according to your needs: + +- `TF_VAR_location`: Set your cluster's region. +- `TF_VAR_cluster_name`: Set your cluster's name. +- `TF_VAR_kubernetes_version`: Set the version of Kubernetes. +- `TF_VAR_create_resource_group`: Allow to enable or disable the creation of a new resource group. (Default set to true). +- `TF_VAR_resource_group_name`: Set the name of resource group. +- `TF_VAR_agent_namespace`: Set the Kubernetes namespace for the GitLab agent. + +See the [Azure Terraform provider](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs) and the [Kubernetes Terraform provider](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs) documentation for further resource options. + +## Provision your cluster + +After configuring your project, manually trigger the provisioning of your cluster. In GitLab: + +1. On the left sidebar, select **Build > Pipelines**. +1. Next to **Play** (**{play}**), select the dropdown list icon (**{chevron-lg-down}**). +1. Select **Deploy** to manually trigger the deployment job. + +When the pipeline finishes successfully, you can view the new cluster: + +- In Azure: From the [Azure portal](https://portal.azure.com/#home), select **Kubernetes services > View**. +- In GitLab: On the left sidebar, select **Operate > Kubernetes clusters**. + +## Use your cluster + +After you provision the cluster, it is connected to GitLab and is ready for deployments. To check the connection: + +1. On the left sidebar, select **Operate > Kubernetes clusters**. +1. In the list, view the **Connection status** column. + +For more information about the capabilities of the connection, see [the GitLab agent for Kubernetes documentation](../index.md). + +## Remove the cluster + +A cleanup job is not included in your pipeline by default. To remove all created resources, you +must modify your GitLab CI/CD template before running the cleanup job. + +To remove all resources: + +1. Add the following to your `.gitlab-ci.yml` file: + + ```yaml + stages: + - init + - validate + - test + - build + - deploy + - cleanup + + destroy: + extends: .terraform:destroy + needs: [] + ``` + +1. On the left sidebar, select **Build > Pipelines** and select the most recent pipeline. +1. For the `destroy` job, select **Play** (**{play}**). diff --git a/doc/user/project/index.md b/doc/user/project/index.md index 39b126bc826..b7bdf47ae49 100644 --- a/doc/user/project/index.md +++ b/doc/user/project/index.md @@ -68,7 +68,7 @@ For this reason, the creation date of imported objects can be older than the cre Custom project templates are available at: -- The [instance-level](../../user/admin_area/custom_project_templates.md) +- The [instance-level](../../administration/custom_project_templates.md) - The [group-level](../../user/group/custom_project_templates.md) 1. On the left sidebar, at the top, select **Create new** (**{plus}**) and **New project/repository**. diff --git a/doc/user/snippets.md b/doc/user/snippets.md index bc243aec7fb..aace26b4bb0 100644 --- a/doc/user/snippets.md +++ b/doc/user/snippets.md @@ -253,7 +253,7 @@ GitLab forwards the spam to Akismet. ### Reduce snippets repository size -Because versioned snippets are considered as part of the [namespace storage size](../user/admin_area/settings/account_and_limit_settings.md), +Because versioned snippets are considered as part of the [namespace storage size](../administration/settings/account_and_limit_settings.md), it's recommended to keep snippets' repositories as compact as possible. For more information about tools to compact repositories, diff --git a/lib/gitlab/database/load_balancing/service_discovery.rb b/lib/gitlab/database/load_balancing/service_discovery.rb index b260945bf9e..a0b0ad19f73 100644 --- a/lib/gitlab/database/load_balancing/service_discovery.rb +++ b/lib/gitlab/database/load_balancing/service_discovery.rb @@ -22,7 +22,7 @@ module Gitlab MAX_SLEEP_ADJUSTMENT = 10 MAX_DISCOVERY_RETRIES = 3 - DISCOVERY_THREAD_REFRESH_DELTA = 3 + DISCOVERY_THREAD_REFRESH_DELTA = 5 RETRY_DELAY_RANGE = (0.1..0.2).freeze diff --git a/lib/sidebars/groups/super_sidebar_menus/analyze_menu.rb b/lib/sidebars/groups/super_sidebar_menus/analyze_menu.rb index 4d76a2567cb..a053288ccea 100644 --- a/lib/sidebars/groups/super_sidebar_menus/analyze_menu.rb +++ b/lib/sidebars/groups/super_sidebar_menus/analyze_menu.rb @@ -17,6 +17,7 @@ module Sidebars override :configure_menu_items def configure_menu_items [ + :analytics_dashboards, :dashboards_analytics, :cycle_analytics, :ci_cd_analytics, diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 4e38d51588f..20b9c16642a 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -5253,6 +5253,9 @@ msgstr "" msgid "Analytics" msgstr "" +msgid "Analytics dashboards" +msgstr "" + msgid "Analytics|A visualization with that name already exists." msgstr "" @@ -14019,6 +14022,9 @@ msgstr "" msgid "DORA4Metrics|All labels" msgstr "" +msgid "DORA4Metrics|Analytics Dashboards" +msgstr "" + msgid "DORA4Metrics|Average (last %{days}d)" msgstr "" diff --git a/qa/qa/page/project/snippet/new.rb b/qa/qa/page/project/snippet/new.rb index 47200ba5fda..4a13e597e15 100644 --- a/qa/qa/page/project/snippet/new.rb +++ b/qa/qa/page/project/snippet/new.rb @@ -20,7 +20,7 @@ module QA # webdriver to miss the hit so we wait for the svg to load before # clicking the button. within_element(:svg_content) do - has_element?(:js_lazy_loaded) + has_element?(:js_lazy_loaded_content) end click_element(:create_first_snippet_link) end diff --git a/qa/qa/support/matchers/have_matcher.rb b/qa/qa/support/matchers/have_matcher.rb index a9b365f7e81..c77b585ada8 100644 --- a/qa/qa/support/matchers/have_matcher.rb +++ b/qa/qa/support/matchers/have_matcher.rb @@ -8,6 +8,7 @@ module QA auto_devops_container element file_content + file_name assignee child_pipeline linked_pipeline diff --git a/qa/qa/support/parallel_pipeline_jobs.rb b/qa/qa/support/parallel_pipeline_jobs.rb index a551bf9978b..7984412685d 100644 --- a/qa/qa/support/parallel_pipeline_jobs.rb +++ b/qa/qa/support/parallel_pipeline_jobs.rb @@ -7,7 +7,7 @@ module QA class ParallelPipelineJobs include API - PARALLEL_JOB_NAME_PATTERN = %r{^\S+ \d+/\d+$}.freeze + PARALLEL_JOB_NAME_PATTERN = %r{^\S+ \d+/\d+$} def initialize(stage_name:, project_id:, pipeline_id:, access_token:) @stage_name = stage_name diff --git a/qa/qa/tools/ci/qa_changes.rb b/qa/qa/tools/ci/qa_changes.rb index 1ab93b6dfbf..1e3ef9e4816 100644 --- a/qa/qa/tools/ci/qa_changes.rb +++ b/qa/qa/tools/ci/qa_changes.rb @@ -9,8 +9,8 @@ module QA class QaChanges include Helpers - QA_PATTERN = %r{^qa/}.freeze - SPEC_PATTERN = %r{^qa/qa/specs/features/\S+_spec\.rb}.freeze + QA_PATTERN = %r{^qa/} + SPEC_PATTERN = %r{^qa/qa/specs/features/\S+_spec\.rb} DEPENDENCY_PATTERN = Regexp.union( /_VERSION/, /Gemfile\.lock/, diff --git a/rubocop/cop/gitlab/doc_url.rb b/rubocop/cop/gitlab/doc_url.rb index cbfbdf7eb57..41a1c2f8b36 100644 --- a/rubocop/cop/gitlab/doc_url.rb +++ b/rubocop/cop/gitlab/doc_url.rb @@ -21,7 +21,7 @@ module RuboCop MSG = 'Use `#help_page_url` instead of directly including link. ' \ 'See https://docs.gitlab.com/ee/development/documentation/#linking-to-help-in-ruby.' - DOCS_URL_REGEXP = %r{https://docs.gitlab.com/ee/[\w#%./-]+}.freeze + DOCS_URL_REGEXP = %r{https://docs.gitlab.com/ee/[\w#%./-]+} def on_str(node) match = DOCS_URL_REGEXP.match(node.source) diff --git a/rubocop/cop/gitlab/finder_with_find_by.rb b/rubocop/cop/gitlab/finder_with_find_by.rb index ac454398f9c..e6d190e4476 100644 --- a/rubocop/cop/gitlab/finder_with_find_by.rb +++ b/rubocop/cop/gitlab/finder_with_find_by.rb @@ -6,7 +6,7 @@ module RuboCop class FinderWithFindBy < RuboCop::Cop::Base extend RuboCop::Cop::AutoCorrector - FIND_PATTERN = /\Afind(_by!?)?\z/.freeze + FIND_PATTERN = /\Afind(_by!?)?\z/ ALLOWED_MODULES = ['FinderMethods'].freeze def message(used_method) diff --git a/rubocop/cop/inject_enterprise_edition_module.rb b/rubocop/cop/inject_enterprise_edition_module.rb index 333af10d82f..24b679e092d 100644 --- a/rubocop/cop/inject_enterprise_edition_module.rb +++ b/rubocop/cop/inject_enterprise_edition_module.rb @@ -20,7 +20,7 @@ module RuboCop DISALLOW_METHODS = Set.new(%i[include extend prepend]).freeze - COMMENT_OR_EMPTY_LINE = /^\s*(#.*|$)/.freeze + COMMENT_OR_EMPTY_LINE = /^\s*(#.*|$)/ CHECK_LINE_METHODS_REGEXP = Regexp.union((CHECK_LINE_METHODS + DISALLOW_METHODS).map(&:to_s) + [COMMENT_OR_EMPTY_LINE]).freeze diff --git a/rubocop/cop/project_path_helper.rb b/rubocop/cop/project_path_helper.rb index f053c9a01b7..fdf452ccbae 100644 --- a/rubocop/cop/project_path_helper.rb +++ b/rubocop/cop/project_path_helper.rb @@ -9,7 +9,7 @@ module RuboCop '`foo_project_bar_path(project, bar)` instead of ' \ '`foo_namespace_project_bar_path(project.namespace, project, bar)`.' - METHOD_NAME_PATTERN = /\A([a-z_]+_)?namespace_project(?:_[a-z_]+)?_(?:url|path)\z/.freeze + METHOD_NAME_PATTERN = /\A([a-z_]+_)?namespace_project(?:_[a-z_]+)?_(?:url|path)\z/ def on_send(node) return unless METHOD_NAME_PATTERN.match?(method_name(node).to_s) diff --git a/rubocop/cop/qa/selector_usage.rb b/rubocop/cop/qa/selector_usage.rb index c17f642bd06..331c2c8a18b 100644 --- a/rubocop/cop/qa/selector_usage.rb +++ b/rubocop/cop/qa/selector_usage.rb @@ -20,7 +20,7 @@ module RuboCop include QAHelpers include CodeReuseHelpers - SELECTORS = /\.qa-\w+|data-qa-\w+/.freeze + SELECTORS = /\.qa-\w+|data-qa-\w+/ MESSAGE = %(Do not use `%s` as this is reserved for the end-to-end specs. Use a different selector or a data-testid instead.) def on_str(node) diff --git a/scripts/lint-docs-blueprints.rb b/scripts/lint-docs-blueprints.rb index d0a0a6a05de..f3c60a45fda 100755 --- a/scripts/lint-docs-blueprints.rb +++ b/scripts/lint-docs-blueprints.rb @@ -4,7 +4,7 @@ # Taken from Jekyll # https://github.com/jekyll/jekyll/blob/3.5-stable/lib/jekyll/document.rb#L13 -YAML_FRONT_MATTER_REGEXP = /\A(---\s*\n.*?\n?)^((---|\.\.\.)\s*$\n?)/m.freeze +YAML_FRONT_MATTER_REGEXP = /\A(---\s*\n.*?\n?)^((---|\.\.\.)\s*$\n?)/m READ_LIMIT_BYTES = 1024 require 'yaml' diff --git a/scripts/qa/testcases-check b/scripts/qa/testcases-check index 26098678f7c..2bc1ea2c5c7 100755 --- a/scripts/qa/testcases-check +++ b/scripts/qa/testcases-check @@ -3,7 +3,7 @@ require 'json' -TESTCASE_FORMAT = %r{https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/\d+}.freeze +TESTCASE_FORMAT = %r{https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/\d+} testcases = [] missing_testcases = [] diff --git a/scripts/validate_migration_timestamps b/scripts/validate_migration_timestamps index d3722e7a4af..affcd2ad0a2 100755 --- a/scripts/validate_migration_timestamps +++ b/scripts/validate_migration_timestamps @@ -6,7 +6,7 @@ require 'time' MIGRATION_DIRS = %w[db/migrate db/post_migrate].freeze VERSION_DIGITS = 14 -MIGRATION_TIMESTAMP_REGEX = /\A(?\d{#{VERSION_DIGITS}})_/.freeze +MIGRATION_TIMESTAMP_REGEX = /\A(?\d{#{VERSION_DIGITS}})_/ maximum_timestamp = Time.now.utc.strftime('%Y%m%d%H%M%S').to_i diff --git a/spec/initializers/secret_token_spec.rb b/spec/initializers/secret_token_spec.rb index 2c396a18361..5c39bee16b2 100644 --- a/spec/initializers/secret_token_spec.rb +++ b/spec/initializers/secret_token_spec.rb @@ -7,8 +7,8 @@ RSpec.describe 'create_tokens' do include StubENV let(:secrets) { ActiveSupport::OrderedOptions.new } - let(:hex_key) { /\h{128}/.freeze } - let(:rsa_key) { /\A-----BEGIN RSA PRIVATE KEY-----\n.+\n-----END RSA PRIVATE KEY-----\n\Z/m.freeze } + let(:hex_key) { /\h{128}/ } + let(:rsa_key) { /\A-----BEGIN RSA PRIVATE KEY-----\n.+\n-----END RSA PRIVATE KEY-----\n\Z/m } before do allow(Rails).to receive_message_chain(:application, :secrets).and_return(secrets) diff --git a/spec/lib/sidebars/groups/super_sidebar_menus/analyze_menu_spec.rb b/spec/lib/sidebars/groups/super_sidebar_menus/analyze_menu_spec.rb index 6114dee61bd..cc2809df85f 100644 --- a/spec/lib/sidebars/groups/super_sidebar_menus/analyze_menu_spec.rb +++ b/spec/lib/sidebars/groups/super_sidebar_menus/analyze_menu_spec.rb @@ -15,6 +15,7 @@ RSpec.describe Sidebars::Groups::SuperSidebarMenus::AnalyzeMenu, feature_categor it 'defines list of NilMenuItem placeholders' do expect(items.map(&:class).uniq).to eq([Sidebars::NilMenuItem]) expect(items.map(&:item_id)).to eq([ + :analytics_dashboards, :dashboards_analytics, :cycle_analytics, :ci_cd_analytics, diff --git a/spec/support/helpers/next_found_instance_of.rb b/spec/support/helpers/next_found_instance_of.rb index c7079e64ffd..f53798c1856 100644 --- a/spec/support/helpers/next_found_instance_of.rb +++ b/spec/support/helpers/next_found_instance_of.rb @@ -2,7 +2,7 @@ module NextFoundInstanceOf ERROR_MESSAGE = 'NextFoundInstanceOf mock helpers can only be used with ActiveRecord targets' - HELPER_METHOD_PATTERN = /(?:allow|expect)_next_found_(?\d+)_instances_of/.freeze + HELPER_METHOD_PATTERN = /(?:allow|expect)_next_found_(?\d+)_instances_of/ def method_missing(method_name, ...) return super unless match_data = method_name.match(HELPER_METHOD_PATTERN) diff --git a/spec/support/helpers/require_migration.rb b/spec/support/helpers/require_migration.rb index ee28f8e504c..c9cb7b4d90c 100644 --- a/spec/support/helpers/require_migration.rb +++ b/spec/support/helpers/require_migration.rb @@ -15,7 +15,7 @@ class RequireMigration end MIGRATION_FOLDERS = %w[db/migrate db/post_migrate].freeze - SPEC_FILE_PATTERN = %r{.+/(?:\d+_)?(?.+)_spec\.rb}.freeze + SPEC_FILE_PATTERN = %r{.+/(?:\d+_)?(?.+)_spec\.rb} class << self def require_migration!(file_name) diff --git a/spec/support/matchers/exceed_query_limit.rb b/spec/support/matchers/exceed_query_limit.rb index 4b08c13945c..29ebe5a3918 100644 --- a/spec/support/matchers/exceed_query_limit.rb +++ b/spec/support/matchers/exceed_query_limit.rb @@ -63,7 +63,7 @@ module ExceedQueryLimitHelpers end end - MARGINALIA_ANNOTATION_REGEX = %r{\s*/\*.*\*/}.freeze + MARGINALIA_ANNOTATION_REGEX = %r{\s*/\*.*\*/} DB_QUERY_RE = Regexp.union( [ diff --git a/tooling/danger/config_files.rb b/tooling/danger/config_files.rb index e165792471f..1b09da6c8c9 100644 --- a/tooling/danger/config_files.rb +++ b/tooling/danger/config_files.rb @@ -8,7 +8,7 @@ module Tooling module ConfigFiles include ::Tooling::Danger::Suggestor - MISSING_INTRODUCED_BY_REGEX = /^\+?(?\s*introduced_by_url):\s*$/.freeze + MISSING_INTRODUCED_BY_REGEX = /^\+?(?\s*introduced_by_url):\s*$/ CONFIG_DIRS = %w[ config/feature_flags diff --git a/tooling/danger/customer_success.rb b/tooling/danger/customer_success.rb index 43bdeadd8a4..22911adee06 100644 --- a/tooling/danger/customer_success.rb +++ b/tooling/danger/customer_success.rb @@ -11,8 +11,8 @@ module Tooling The following files require a review: MSG - FILE_PATH_REGEX = %r{((ee|jh)/)?config/metrics/.+\.yml}.freeze - CATEGORY_CHANGED = /data_category: operational/i.freeze + FILE_PATH_REGEX = %r{((ee|jh)/)?config/metrics/.+\.yml} + CATEGORY_CHANGED = /data_category: operational/i def build_message return unless impacted? diff --git a/tooling/danger/datateam.rb b/tooling/danger/datateam.rb index dfa8e1549ef..86e413e55b6 100644 --- a/tooling/danger/datateam.rb +++ b/tooling/danger/datateam.rb @@ -13,10 +13,10 @@ module Tooling MSG DATA_WAREHOUSE_SCOPE = 'Data Warehouse::' - FILE_PATH_REGEX = %r{((ee|jh)/)?config/metrics(/.+\.yml)}.freeze - PERFORMANCE_INDICATOR_REGEX = %r{gmau|smau|paid_gmau|umau}.freeze - METRIC_REMOVED = %r{\+status: removed}.freeze - DATABASE_REGEX = %r{\Adb/structure\.sql}.freeze + FILE_PATH_REGEX = %r{((ee|jh)/)?config/metrics(/.+\.yml)} + PERFORMANCE_INDICATOR_REGEX = %r{gmau|smau|paid_gmau|umau} + METRIC_REMOVED = %r{\+status: removed} + DATABASE_REGEX = %r{\Adb/structure\.sql} STRUCTURE_SQL_FILE = %w(db/structure.sql).freeze def build_message diff --git a/tooling/danger/stable_branch.rb b/tooling/danger/stable_branch.rb index bba198d1310..efcd3cfc967 100644 --- a/tooling/danger/stable_branch.rb +++ b/tooling/danger/stable_branch.rb @@ -5,7 +5,7 @@ module Tooling module StableBranch VersionApiError = Class.new(StandardError) - STABLE_BRANCH_REGEX = %r{\A(?\d+-\d+)-stable-ee\z}.freeze + STABLE_BRANCH_REGEX = %r{\A(?\d+-\d+)-stable-ee\z} FAILING_PACKAGE_AND_TEST_STATUSES = %w[manual canceled].freeze # rubocop:disable Lint/MixedRegexpCaptureTypes @@ -16,7 +16,7 @@ module Tooling (-(?rc(?\d*)))? (-\h+\.\h+)? (-ee|\.ee\.\d+)?\z - }x.freeze + }x # rubocop:enable Lint/MixedRegexpCaptureTypes MAINTENANCE_POLICY_URL = 'https://docs.gitlab.com/ee/policy/maintenance.html' diff --git a/tooling/lib/tooling/kubernetes_client.rb b/tooling/lib/tooling/kubernetes_client.rb index 5579f130a84..276a7e64473 100644 --- a/tooling/lib/tooling/kubernetes_client.rb +++ b/tooling/lib/tooling/kubernetes_client.rb @@ -6,7 +6,7 @@ require_relative '../../../lib/gitlab/popen' unless defined?(Gitlab::Popen) module Tooling class KubernetesClient - K8S_ALLOWED_NAMESPACES_REGEX = /^review-(?!apps).+/.freeze + K8S_ALLOWED_NAMESPACES_REGEX = /^review-(?!apps).+/ CommandFailedError = Class.new(StandardError) def cleanup_namespaces_by_created_at(created_before:) diff --git a/tooling/lib/tooling/mappings/view_to_js_mappings.rb b/tooling/lib/tooling/mappings/view_to_js_mappings.rb index b78c354f9d2..56168592f0d 100644 --- a/tooling/lib/tooling/mappings/view_to_js_mappings.rb +++ b/tooling/lib/tooling/mappings/view_to_js_mappings.rb @@ -10,10 +10,10 @@ module Tooling include Helpers::PredictiveTestsHelper # The HTML attribute value pattern we're looking for to match an HTML file to a JS file. - HTML_ATTRIBUTE_VALUE_REGEXP = /js-[-\w]+/.freeze + HTML_ATTRIBUTE_VALUE_REGEXP = /js-[-\w]+/ # Search for Rails partials included in an HTML file - RAILS_PARTIAL_INVOCATION_REGEXP = %r{(?:render|render_if_exists)(?: |\()(?:partial: ?)?['"]([\w/-]+)['"]}.freeze + RAILS_PARTIAL_INVOCATION_REGEXP = %r{(?:render|render_if_exists)(?: |\()(?:partial: ?)?['"]([\w/-]+)['"]} def initialize( changed_files_pathname, predictive_tests_pathname,