Commit 396ad861 authored by GitLab Bot's avatar GitLab Bot

Add latest changes from gitlab-org/gitlab@master

parent abae8f34
...@@ -3,23 +3,12 @@ ...@@ -3,23 +3,12 @@
module Projects module Projects
module Settings module Settings
class IntegrationsController < Projects::ApplicationController class IntegrationsController < Projects::ApplicationController
include ServiceParams
before_action :authorize_admin_project! before_action :authorize_admin_project!
layout "project_settings" layout "project_settings"
def show def show
@services = @project.find_or_initialize_services(exceptions: service_exceptions) @services = @project.find_or_initialize_services
end
private
# Returns a list of services that should be hidden from the list
def service_exceptions
@project.disabled_services.dup
end end
end end
end end
end end
Projects::Settings::IntegrationsController.prepend_if_ee('EE::Projects::Settings::IntegrationsController')
# frozen_string_literal: true # frozen_string_literal: true
class GroupMembersFinder < UnionFinder class GroupMembersFinder < UnionFinder
include CreatedAtFilter
# Params can be any of the following: # Params can be any of the following:
# two_factor: string. 'enabled' or 'disabled' are returning different set of data, other values are not effective. # two_factor: string. 'enabled' or 'disabled' are returning different set of data, other values are not effective.
# sort: string # sort: string
# search: string # search: string
# created_after: datetime
# created_before: datetime
def initialize(group, user = nil) def initialize(group, user = nil)
@group = group @group = group
...@@ -15,6 +19,7 @@ class GroupMembersFinder < UnionFinder ...@@ -15,6 +19,7 @@ class GroupMembersFinder < UnionFinder
def execute(include_relations: [:inherited, :direct], params: {}) def execute(include_relations: [:inherited, :direct], params: {})
group_members = group.members group_members = group.members
relations = [] relations = []
@params = params
return group_members if include_relations == [:direct] return group_members if include_relations == [:direct]
...@@ -39,15 +44,15 @@ class GroupMembersFinder < UnionFinder ...@@ -39,15 +44,15 @@ class GroupMembersFinder < UnionFinder
return GroupMember.none if relations.empty? return GroupMember.none if relations.empty?
members = find_union(relations, GroupMember) members = find_union(relations, GroupMember)
filter_members(members, params) filter_members(members)
end end
# rubocop: enable CodeReuse/ActiveRecord # rubocop: enable CodeReuse/ActiveRecord
private private
attr_reader :user, :group attr_reader :user, :group, :params
def filter_members(members, params) def filter_members(members)
members = members.search(params[:search]) if params[:search].present? members = members.search(params[:search]) if params[:search].present?
members = members.sort_by_attribute(params[:sort]) if params[:sort].present? members = members.sort_by_attribute(params[:sort]) if params[:sort].present?
...@@ -55,7 +60,7 @@ class GroupMembersFinder < UnionFinder ...@@ -55,7 +60,7 @@ class GroupMembersFinder < UnionFinder
members = members.filter_by_2fa(params[:two_factor]) members = members.filter_by_2fa(params[:two_factor])
end end
members by_created_at(members)
end end
def can_manage_members def can_manage_members
......
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
class GroupMember < Member class GroupMember < Member
include FromUnion include FromUnion
include CreatedAtFilterable
SOURCE_TYPE = 'Namespace' SOURCE_TYPE = 'Namespace'
......
...@@ -1238,14 +1238,12 @@ class Project < ApplicationRecord ...@@ -1238,14 +1238,12 @@ class Project < ApplicationRecord
update_column(:has_external_wiki, services.external_wikis.any?) if Gitlab::Database.read_write? update_column(:has_external_wiki, services.external_wikis.any?) if Gitlab::Database.read_write?
end end
def find_or_initialize_services(exceptions: []) def find_or_initialize_services
available_services_names = Service.available_services_names - exceptions available_services_names = Service.available_services_names - disabled_services
available_services = available_services_names.map do |service_name| available_services_names.map do |service_name|
find_or_initialize_service(service_name) find_or_initialize_service(service_name)
end end
available_services.compact
end end
def disabled_services def disabled_services
...@@ -1258,13 +1256,11 @@ class Project < ApplicationRecord ...@@ -1258,13 +1256,11 @@ class Project < ApplicationRecord
service = find_service(services, name) service = find_service(services, name)
return service if service return service if service
# We should check if template for the service exists
template = find_service(services_templates, name) template = find_service(services_templates, name)
if template if template
Service.build_from_template(id, template) Service.build_from_template(id, template)
else else
# If no template, we should create an instance. Ex `build_gitlab_ci_service`
public_send("build_#{name}_service") # rubocop:disable GitlabSecurity/PublicSend public_send("build_#{name}_service") # rubocop:disable GitlabSecurity/PublicSend
end end
end end
...@@ -1278,10 +1274,6 @@ class Project < ApplicationRecord ...@@ -1278,10 +1274,6 @@ class Project < ApplicationRecord
end end
# rubocop: enable CodeReuse/ServiceClass # rubocop: enable CodeReuse/ServiceClass
def find_service(list, name)
list.find { |service| service.to_param == name }
end
def ci_services def ci_services
services.where(category: :ci) services.where(category: :ci)
end end
...@@ -2422,6 +2414,10 @@ class Project < ApplicationRecord ...@@ -2422,6 +2414,10 @@ class Project < ApplicationRecord
private private
def find_service(services, name)
services.find { |service| service.to_param == name }
end
def closest_namespace_setting(name) def closest_namespace_setting(name)
namespace.closest_setting(name) namespace.closest_setting(name)
end end
......
...@@ -348,7 +348,7 @@ class Service < ApplicationRecord ...@@ -348,7 +348,7 @@ class Service < ApplicationRecord
service.template = false service.template = false
service.project_id = project_id service.project_id = project_id
service.active = false if service.active? && !service.valid? service.active = false if service.active? && service.invalid?
service service
end end
......
...@@ -16,8 +16,8 @@ class SystemNoteMetadata < ApplicationRecord ...@@ -16,8 +16,8 @@ class SystemNoteMetadata < ApplicationRecord
ICON_TYPES = %w[ ICON_TYPES = %w[
commit description merge confidential visible label assignee cross_reference commit description merge confidential visible label assignee cross_reference
title time_tracking branch milestone discussion task moved title time_tracking branch milestone discussion task moved
opened closed merged duplicate locked unlocked opened closed merged duplicate locked unlocked outdated
outdated tag due_date pinned_embed cherry_pick tag due_date pinned_embed cherry_pick health_status
].freeze ].freeze
validates :note, presence: true validates :note, presence: true
......
---
title: Update detected languages for dependency scanning in no dind mode
merge_request: 27723
author:
type: fixed
...@@ -42,7 +42,7 @@ Search queries are generated by the concerns found in [ee/app/models/concerns/el ...@@ -42,7 +42,7 @@ Search queries are generated by the concerns found in [ee/app/models/concerns/el
## Existing Analyzers/Tokenizers/Filters ## Existing Analyzers/Tokenizers/Filters
These are all defined in <https://gitlab.com/gitlab-org/gitlab/blob/master/ee/lib/elasticsearch/git/model.rb> These are all defined in [ee/lib/elastic/latest/config.rb](https://gitlab.com/gitlab-org/gitlab/blob/master/ee/lib/elastic/latest/config.rb)
### Analyzers ### Analyzers
......
...@@ -36,7 +36,8 @@ Access the default page for admin area settings by navigating to ...@@ -36,7 +36,8 @@ Access the default page for admin area settings by navigating to
| [Slack application](../../../user/project/integrations/gitlab_slack_application.md#configuration) **(FREE ONLY)** | Slack integration allows you to interact with GitLab via slash commands in a chat window. This option is only available on GitLab.com, though it may be [available for self-managed instances in the future](https://gitlab.com/gitlab-org/gitlab/-/issues/28164). | | [Slack application](../../../user/project/integrations/gitlab_slack_application.md#configuration) **(FREE ONLY)** | Slack integration allows you to interact with GitLab via slash commands in a chat window. This option is only available on GitLab.com, though it may be [available for self-managed instances in the future](https://gitlab.com/gitlab-org/gitlab/-/issues/28164). |
| [Third party offers](third_party_offers.md) | Control the display of third party offers. | | [Third party offers](third_party_offers.md) | Control the display of third party offers. |
| [Snowplow](../../../telemetry/index.md#enabling-tracking) | Configure the Snowplow integration. | | [Snowplow](../../../telemetry/index.md#enabling-tracking) | Configure the Snowplow integration. |
| [Amazon EKS](../../project/clusters/add_new_eks_cluster.md#additional-requirements-for-self-managed-instances-core-only) | Amazon EKS integration allows you to provision EKS clusters from GitLab. | | [Google GKE](../../project/clusters/add_gke_clusters.md) | Google GKE integration allows you to provision GKE clusters from GitLab. |
| [Amazon EKS](../../project/clusters/add_eks_clusters.md) | Amazon EKS integration allows you to provision EKS clusters from GitLab. |
## Repository ## Repository
...@@ -45,7 +46,7 @@ Access the default page for admin area settings by navigating to ...@@ -45,7 +46,7 @@ Access the default page for admin area settings by navigating to
| [Repository mirror](visibility_and_access_controls.md#allow-mirrors-to-be-set-up-for-projects) | Configure repository mirroring. | | [Repository mirror](visibility_and_access_controls.md#allow-mirrors-to-be-set-up-for-projects) | Configure repository mirroring. |
| [Repository storage](../../../administration/repository_storage_types.md#how-to-migrate-to-hashed-storage) | Configure storage path settings. | | [Repository storage](../../../administration/repository_storage_types.md#how-to-migrate-to-hashed-storage) | Configure storage path settings. |
| Repository maintenance | ([Repository checks](../../../administration/repository_checks.md) and [Housekeeping](../../../administration/housekeeping.md)). Configure automatic Git checks and housekeeping on repositories. | | Repository maintenance | ([Repository checks](../../../administration/repository_checks.md) and [Housekeeping](../../../administration/housekeeping.md)). Configure automatic Git checks and housekeeping on repositories. |
| [Repository static objects](../../../administration/static_objects_external_storage.md) | Serve repository static objects (e.g. archives, blobs, ...) from an external storage (e.g. a CDN). | | [Repository static objects](../../../administration/static_objects_external_storage.md) | Serve repository static objects (for example, archives, blobs, ...) from an external storage (for example, a CDN). |
## Templates **(PREMIUM ONLY)** ## Templates **(PREMIUM ONLY)**
......
...@@ -209,13 +209,14 @@ If you want to whitelist specific vulnerabilities, you'll need to: ...@@ -209,13 +209,14 @@ If you want to whitelist specific vulnerabilities, you'll need to:
in the [whitelist example file](https://github.com/arminc/clair-scanner/blob/v12/example-whitelist.yaml). in the [whitelist example file](https://github.com/arminc/clair-scanner/blob/v12/example-whitelist.yaml).
1. Add the `clair-whitelist.yml` file to the Git repository of your project. 1. Add the `clair-whitelist.yml` file to the Git repository of your project.
### Running Container Scanning in an offline, air-gapped installation ### Running Container Scanning in an offline environment deployment
Container Scanning can be executed on an offline air-gapped GitLab Ultimate installation using the following process: Container Scanning can be executed on an offline GitLab Ultimate installation by using the following process:
1. Host the following Docker images on a [local Docker container registry](../../packages/container_registry/index.md): 1. Host the following Docker images on a [local Docker container registry](../../packages/container_registry/index.md):
- [arminc/clair-db vulnerabilities database](https://hub.docker.com/r/arminc/clair-db) - [arminc/clair-db vulnerabilities database](https://hub.docker.com/r/arminc/clair-db)
- GitLab klar analyzer: `registry.gitlab.com/gitlab-org/security-products/analyzers/klar` - GitLab klar analyzer: `registry.gitlab.com/gitlab-org/security-products/analyzers/klar`
1. [Override the container scanning template](#overriding-the-container-scanning-template) in your `.gitlab-ci.yml` file to refer to the Docker images hosted on your local Docker container registry: 1. [Override the container scanning template](#overriding-the-container-scanning-template) in your `.gitlab-ci.yml` file to refer to the Docker images hosted on your local Docker container registry:
```yaml ```yaml
......
...@@ -442,9 +442,9 @@ dast: ...@@ -442,9 +442,9 @@ dast:
The DAST job does not require the project's repository to be present when running, so by default The DAST job does not require the project's repository to be present when running, so by default
[`GIT_STRATEGY`](../../../ci/yaml/README.md#git-strategy) is set to `none`. [`GIT_STRATEGY`](../../../ci/yaml/README.md#git-strategy) is set to `none`.
## Running DAST in an offline air-gapped installation ## Running DAST in an offline environment deployment
DAST can be executed on an offline air-gapped GitLab Ultimate installation using the following process: DAST can be executed on an offline GitLab Ultimate installation by using the following process:
1. Host the DAST image `registry.gitlab.com/gitlab-org/security-products/dast:latest` in your local 1. Host the DAST image `registry.gitlab.com/gitlab-org/security-products/dast:latest` in your local
Docker container registry. Docker container registry.
......
...@@ -226,7 +226,7 @@ must be created with the case-sensitive name `License-Check`. This approval grou ...@@ -226,7 +226,7 @@ must be created with the case-sensitive name `License-Check`. This approval grou
with the number of approvals required greater than zero. with the number of approvals required greater than zero.
Once this group is added to your project, the approval rule is enabled for all Merge Requests. To Once this group is added to your project, the approval rule is enabled for all Merge Requests. To
configure how this rule behaves, you can choose which licenses to `approve` or `blacklist` in the configure how this rule behaves, you can choose which licenses to `allow` or `deny` in the
[project policies for License Compliance](../compliance/license_compliance/index.md#project-policies-for-license-compliance) [project policies for License Compliance](../compliance/license_compliance/index.md#project-policies-for-license-compliance)
section. section.
...@@ -234,13 +234,13 @@ Any code changes cause the approvals required to reset. ...@@ -234,13 +234,13 @@ Any code changes cause the approvals required to reset.
An approval is required when a license report: An approval is required when a license report:
- Contains a dependency that includes a software license that is `blacklisted`. - Contains a dependency that includes a software license that is `denied`.
- Is not generated during pipeline execution. - Is not generated during pipeline execution.
An approval is optional when a license report: An approval is optional when a license report:
- Contains no software license violations. - Contains no software license violations.
- Contains only new licenses that are `approved` or unknown. - Contains only new licenses that are `allowed` or unknown.
## Working in an offline environment ## Working in an offline environment
......
...@@ -2,17 +2,26 @@ ...@@ -2,17 +2,26 @@
type: reference, howto type: reference, howto
--- ---
# Air-gapped (or offline) environment deployments # Offline environment deployments
It is possible to run most of the GitLab security scanners when not It is possible to run most of the GitLab security scanners when not
connected to the internet. connected to the internet.
This document describes how to operate Secure scanners in an air-gapped or offline envionment. These instructions also apply to This document describes how to operate Secure Categories (that is, scanner types) in an offline environment. These instructions also apply to
self-managed installations that are secured, have security policies (e.g., firewall policies), or otherwise restricted from self-managed installations that are secured, have security policies (for example, firewall policies), or are otherwise restricted from
accessing the full internet. These instructions are designed for physically disconnected networks, accessing the full internet. GitLab refers to these deployments as _offline environment deployments_.
but can also be followed in these other use cases. Other common names include:
## Air-gapped (or offline) environments - Air-gapped environments
- Limited connectivity environments
- Local area network (LAN) environments
- Intranet environments
These environments have physical barriers or security policies (for example, firewalls) that prevent
or limit internet access. These instructions are designed for physically disconnected networks, but
can also be followed in these other use cases.
## Offline environments
In this situation, the GitLab instance can be one or more servers and services that can communicate In this situation, the GitLab instance can be one or more servers and services that can communicate
on a local network, but with no or very restricted access to the internet. Assume anything within on a local network, but with no or very restricted access to the internet. Assume anything within
...@@ -64,6 +73,6 @@ hosted within your network. ...@@ -64,6 +73,6 @@ hosted within your network.
Each individual scanner may be slightly different than the steps described Each individual scanner may be slightly different than the steps described
above. You can find more info at each of the pages below: above. You can find more info at each of the pages below:
- [Container scanning offline directions](../container_scanning/index.md#running-container-scanning-in-an-offline-air-gapped-installation) - [Container scanning offline directions](../container_scanning/index.md#running-container-scanning-in-an-offline-environment-deployment)
- [SAST offline directions](../sast/index.md#gitlab-sast-in-an-offline-air-gapped-installation) - [SAST offline directions](../sast/index.md#gitlab-sast-in-an-offline-environment-deployment)
- [DAST offline directions](../dast/index.md#running-dast-in-an-offline-air-gapped-installation) - [DAST offline directions](../dast/index.md#running-dast-in-an-offline-environment-deployment)
...@@ -491,7 +491,7 @@ Once a vulnerability is found, you can interact with it. Read more on how to ...@@ -491,7 +491,7 @@ Once a vulnerability is found, you can interact with it. Read more on how to
For more information about the vulnerabilities database update, check the For more information about the vulnerabilities database update, check the
[maintenance table](../index.md#maintenance-and-update-of-the-vulnerabilities-database). [maintenance table](../index.md#maintenance-and-update-of-the-vulnerabilities-database).
## GitLab SAST in an offline air-gapped installation ## GitLab SAST in an offline environment deployment
For self-managed GitLab instances in an environment with limited, restricted, or intermittent access For self-managed GitLab instances in an environment with limited, restricted, or intermittent access
to external resources via the internet, some adjustments are required for the SAST job to to external resources via the internet, some adjustments are required for the SAST job to
......
# Adding a new EKS Cluster # Adding EKS clusters
GitLab supports adding new and existing EKS clusters.
## EKS requirements ## EKS requirements
...@@ -7,7 +9,7 @@ requirements are met: ...@@ -7,7 +9,7 @@ requirements are met:
- An [Amazon Web Services](https://aws.amazon.com/) account is set up and you are able to log in. - An [Amazon Web Services](https://aws.amazon.com/) account is set up and you are able to log in.
- You have permissions to manage IAM resources. - You have permissions to manage IAM resources.
- If you want to use an [existing EKS cluster](add_new_eks_cluster.md#existing-eks-cluster): - If you want to use an [existing EKS cluster](#existing-eks-cluster):
- An Amazon EKS cluster with worker nodes properly configured. - An Amazon EKS cluster with worker nodes properly configured.
- `kubectl` [installed and configured](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html#get-started-kubectl) - `kubectl` [installed and configured](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html#get-started-kubectl)
for access to the EKS cluster. for access to the EKS cluster.
...@@ -48,9 +50,9 @@ Generate an access key for the IAM user, and configure GitLab with the credentia ...@@ -48,9 +50,9 @@ Generate an access key for the IAM user, and configure GitLab with the credentia
To create and add a new Kubernetes cluster to your project, group, or instance: To create and add a new Kubernetes cluster to your project, group, or instance:
1. Navigate to your: 1. Navigate to your:
- Project's **Operations > Kubernetes** page, for a project-level cluster. - Project's **{cloud-gear}** **Operations > Kubernetes** page, for a project-level cluster.
- Group's **Kubernetes** page, for a group-level cluster. - Group's **{cloud-gear}** **Kubernetes** page, for a group-level cluster.
- **Admin Area > Kubernetes** page, for an instance-level cluster. - **{admin}** **Admin Area >** **{cloud-gear}** **Kubernetes**, for an instance-level cluster.
1. Click **Add Kubernetes cluster**. 1. Click **Add Kubernetes cluster**.
1. Under the **Create new cluster** tab, click **Amazon EKS**. You will be provided with an 1. Under the **Create new cluster** tab, click **Amazon EKS**. You will be provided with an
`Account ID` and `External ID` to use in the next step. `Account ID` and `External ID` to use in the next step.
...@@ -246,9 +248,9 @@ To add an existing EKS cluster to your project, group, or instance: ...@@ -246,9 +248,9 @@ To add an existing EKS cluster to your project, group, or instance:
1. Locate the the API server endpoint so GitLab can connect to the cluster. This is displayed on 1. Locate the the API server endpoint so GitLab can connect to the cluster. This is displayed on
the AWS EKS console, when viewing the EKS cluster details. the AWS EKS console, when viewing the EKS cluster details.
1. Navigate to your: 1. Navigate to your:
- Project's **Operations > Kubernetes** page, for a project-level cluster. - Project's **{cloud-gear}** **Operations > Kubernetes** page, for a project-level cluster.
- Group's **Kubernetes** page, for a group-level cluster. - Group's **{cloud-gear}** **Kubernetes** page, for a group-level cluster.
- **Admin Area > Kubernetes** page, for an instance-level cluster. - **{admin}** **Admin Area >** **{cloud-gear}** **Kubernetes** page, for an instance-level cluster.
1. Click **Add Kubernetes cluster**. 1. Click **Add Kubernetes cluster**.
1. Click the **Add existing cluster** tab and fill in the details: 1. Click the **Add existing cluster** tab and fill in the details:
- **Kubernetes cluster name**: A name for the cluster to identify it within GitLab. - **Kubernetes cluster name**: A name for the cluster to identify it within GitLab.
......
# Adding a new GKE Cluster # Adding GKE clusters
GitLab supports adding new and existing GKE clusters.
## GKE requirements ## GKE requirements
...@@ -39,9 +41,9 @@ Note the following: ...@@ -39,9 +41,9 @@ Note the following:
To create and add a new Kubernetes cluster to your project, group, or instance: To create and add a new Kubernetes cluster to your project, group, or instance:
1. Navigate to your: 1. Navigate to your:
- Project's **Operations > Kubernetes** page, for a project-level cluster. - Project's **{cloud-gear}** **Operations > Kubernetes** page, for a project-level cluster.
- Group's **Kubernetes** page, for a group-level cluster. - Group's **{cloud-gear}** **Kubernetes** page, for a group-level cluster.
- **Admin Area > Kubernetes** page, for an instance-level cluster. - **{admin}** **Admin Area >** **{cloud-gear}** **Kubernetes** page, for an instance-level cluster.
1. Click **Add Kubernetes cluster**. 1. Click **Add Kubernetes cluster**.
1. Under the **Create new cluster** tab, click **Google GKE**. 1. Under the **Create new cluster** tab, click **Google GKE**.
1. Connect your Google account if you haven't done already by clicking the 1. Connect your Google account if you haven't done already by clicking the
...@@ -74,3 +76,8 @@ You can choose to use Cloud Run for Anthos in place of installing Knative and Is ...@@ -74,3 +76,8 @@ You can choose to use Cloud Run for Anthos in place of installing Knative and Is
separately after the cluster has been created. This means that Cloud Run separately after the cluster has been created. This means that Cloud Run
(Knative), Istio, and HTTP Load Balancing will be enabled on the cluster at (Knative), Istio, and HTTP Load Balancing will be enabled on the cluster at
create time and cannot be [installed or uninstalled](../../clusters/applications.md) separately. create time and cannot be [installed or uninstalled](../../clusters/applications.md) separately.
## Existing GKE cluster
For information on adding an existing GKE cluster, see
[Existing Kubernetes cluster](add_remove_clusters.md#existing-kubernetes-cluster).
...@@ -28,13 +28,6 @@ Before [adding a Kubernetes cluster](#add-new-cluster) using GitLab, you need: ...@@ -28,13 +28,6 @@ Before [adding a Kubernetes cluster](#add-new-cluster) using GitLab, you need:
- [Admin Area access](../../admin_area/index.md) for a self-managed instance-level - [Admin Area access](../../admin_area/index.md) for a self-managed instance-level
cluster. **(CORE ONLY)** cluster. **(CORE ONLY)**
## Add new cluster
New clusters can be added using GitLab for:
- [Google Kubernetes Engine (GKE)](add_new_gke_cluster.md).
- [Amazon Elastic Kubernetes Service (EKS)](add_new_eks_cluster.md).
## Access controls ## Access controls
When creating a cluster in GitLab, you will be asked if you would like to create either: When creating a cluster in GitLab, you will be asked if you would like to create either:
...@@ -134,14 +127,21 @@ If you don't want to use GitLab Runner in privileged mode, either: ...@@ -134,14 +127,21 @@ If you don't want to use GitLab Runner in privileged mode, either:
1. Installing a Runner 1. Installing a Runner
[using `docker+machine`](https://docs.gitlab.com/runner/executors/docker_machine.html). [using `docker+machine`](https://docs.gitlab.com/runner/executors/docker_machine.html).
## Add new cluster
New clusters can be added using GitLab for:
- [Google Kubernetes Engine (GKE)](add_gke_clusters.md).
- [Amazon Elastic Kubernetes Service (EKS)](add_eks_clusters.md).
## Add existing cluster ## Add existing cluster
If you have an existing Kubernetes cluster, you can add it to a project, group, or instance. If you have an existing Kubernetes cluster, you can add it to a project, group, or instance.
For more information, see information for adding an: For more information, see information for adding an:
- [Existing Kubernetes cluster](#existing-kubernetes-cluster). - [Existing Kubernetes cluster](#existing-kubernetes-cluster), including GKE clusters.
- [Existing Elastic Kubernetes Service cluster](add_new_eks_cluster.md#existing-eks-cluster). - [Existing EKS cluster](add_eks_clusters.md#existing-eks-cluster).
NOTE: **Note:** NOTE: **Note:**
Kubernetes integration is not supported for arm64 clusters. See the issue Kubernetes integration is not supported for arm64 clusters. See the issue
...@@ -152,9 +152,9 @@ Kubernetes integration is not supported for arm64 clusters. See the issue ...@@ -152,9 +152,9 @@ Kubernetes integration is not supported for arm64 clusters. See the issue
To add a Kubernetes cluster to your project, group, or instance: To add a Kubernetes cluster to your project, group, or instance:
1. Navigate to your: 1. Navigate to your:
- Project's **Operations > Kubernetes** page, for a project-level cluster. - Project's **{cloud-gear}** **Operations > Kubernetes** page, for a project-level cluster.
- Group's **Kubernetes** page, for a group-level cluster. - Group's **{cloud-gear}** **Kubernetes** page, for a group-level cluster.
- **Admin Area > Kubernetes** page, for an instance-level cluster. - **{admin}** **Admin Area >** **{cloud-gear}** **Kubernetes** page, for an instance-level cluster.
1. Click **Add Kubernetes cluster**. 1. Click **Add Kubernetes cluster**.
1. Click the **Add existing cluster** tab and fill in the details: 1. Click the **Add existing cluster** tab and fill in the details:
- **Kubernetes cluster name** (required) - The name you wish to give the cluster. - **Kubernetes cluster name** (required) - The name you wish to give the cluster.
...@@ -162,8 +162,8 @@ To add a Kubernetes cluster to your project, group, or instance: ...@@ -162,8 +162,8 @@ To add a Kubernetes cluster to your project, group, or instance:
[associated environment](index.md#setting-the-environment-scope-premium) to this cluster. [associated environment](index.md#setting-the-environment-scope-premium) to this cluster.
- **API URL** (required) - - **API URL** (required) -
It's the URL that GitLab uses to access the Kubernetes API. Kubernetes It's the URL that GitLab uses to access the Kubernetes API. Kubernetes
exposes several APIs, we want the "base" URL that is common to all of them, exposes several APIs, we want the "base" URL that is common to all of them.
e.g., `https://kubernetes.example.com` rather than `https://kubernetes.example.com/api/v1`. For example, `https://kubernetes.example.com` rather than `https://kubernetes.example.com/api/v1`.
Get the API URL by running this command: Get the API URL by running this command:
......
--- ---
redirect_to: '../add_new_eks_cluster.md#existing-eks-cluster' redirect_to: '../add_eks_clusters.md#existing-eks-cluster'
--- ---
This document was moved to [another location](../add_new_eks_cluster.md#existing-eks-cluster). This document was moved to [another location](../add_eks_clusters.md#existing-eks-cluster).
...@@ -238,7 +238,7 @@ The result will then be: ...@@ -238,7 +238,7 @@ The result will then be:
With GitLab Premium, you can associate more than one Kubernetes cluster to your With GitLab Premium, you can associate more than one Kubernetes cluster to your
project. That way you can have different clusters for different environments, project. That way you can have different clusters for different environments,
like dev, staging, production, etc. like dev, staging, production, and so on.
Simply add another cluster, like you did the first time, and make sure to Simply add another cluster, like you did the first time, and make sure to
[set an environment scope](#setting-the-environment-scope-premium) that will [set an environment scope](#setting-the-environment-scope-premium) that will
...@@ -247,7 +247,7 @@ differentiate the new cluster with the rest. ...@@ -247,7 +247,7 @@ differentiate the new cluster with the rest.
## Installing applications ## Installing applications
GitLab can install and manage some applications like Helm, GitLab Runner, Ingress, GitLab can install and manage some applications like Helm, GitLab Runner, Ingress,
Prometheus, etc., in your project-level cluster. For more information on Prometheus, and so on, in your project-level cluster. For more information on
installing, upgrading, uninstalling, and troubleshooting applications for installing, upgrading, uninstalling, and troubleshooting applications for
your project cluster, see your project cluster, see
[GitLab Managed Apps](../../clusters/applications.md). [GitLab Managed Apps](../../clusters/applications.md).
......
...@@ -109,7 +109,7 @@ gemnasium-maven-dependency_scanning: ...@@ -109,7 +109,7 @@ gemnasium-maven-dependency_scanning:
variables: variables:
- $GITLAB_FEATURES =~ /\bdependency_scanning\b/ && - $GITLAB_FEATURES =~ /\bdependency_scanning\b/ &&
$DS_DEFAULT_ANALYZERS =~ /gemnasium-maven/ && $DS_DEFAULT_ANALYZERS =~ /gemnasium-maven/ &&
$CI_PROJECT_REPOSITORY_LANGUAGES =~ /\bjava\b/ $CI_PROJECT_REPOSITORY_LANGUAGES =~ /\b(java|scala)\b/
gemnasium-python-dependency_scanning: gemnasium-python-dependency_scanning:
extends: .ds-analyzer extends: .ds-analyzer
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment