Commit 026610e1 authored by Amy Qualls's avatar Amy Qualls Committed by Russell Dickenson

Correct more spelling issues

parent 97d7576e
...@@ -61,8 +61,8 @@ consul .[#e76a9b,norank]r-> postgres_secondary ...@@ -61,8 +61,8 @@ consul .[#e76a9b,norank]r-> postgres_secondary
To enable Database Load Balancing, make sure that: To enable Database Load Balancing, make sure that:
- The HA Postgres setup has one or more secondary nodes replicating the primary. - The HA PostgreSQL setup has one or more secondary nodes replicating the primary.
- Each Postgres node is connected with the same credentials and on the same port. - Each PostgreSQL node is connected with the same credentials and on the same port.
For Omnibus GitLab, you also need PgBouncer configured on each PostgreSQL node to pool For Omnibus GitLab, you also need PgBouncer configured on each PostgreSQL node to pool
all load-balanced connections when [configuring a multi-node setup](replication_and_failover.md). all load-balanced connections when [configuring a multi-node setup](replication_and_failover.md).
......
...@@ -7,7 +7,7 @@ type: concepts, howto ...@@ -7,7 +7,7 @@ type: concepts, howto
# Resource Groups API # Resource Groups API
You can read more about [controling the job concurrency with resource groups](../ci/resource_groups/index.md). You can read more about [controlling the job concurrency with resource groups](../ci/resource_groups/index.md).
## Get a specific resource group ## Get a specific resource group
......
...@@ -20,7 +20,7 @@ store all the builds in PostgreSQL in `ci_builds` table, and because we are ...@@ -20,7 +20,7 @@ store all the builds in PostgreSQL in `ci_builds` table, and because we are
creating more than [2 million builds each day on GitLab.com](https://docs.google.com/spreadsheets/d/17ZdTWQMnTHWbyERlvj1GA7qhw_uIfCoI5Zfrrsh95zU), creating more than [2 million builds each day on GitLab.com](https://docs.google.com/spreadsheets/d/17ZdTWQMnTHWbyERlvj1GA7qhw_uIfCoI5Zfrrsh95zU),
we are reaching database limits that are slowing our development velocity down. we are reaching database limits that are slowing our development velocity down.
On February 1st, 2021, GitLab.com surpased 1 billion CI/CD builds created and the number of On February 1st, 2021, GitLab.com surpassed 1 billion CI/CD builds created and the number of
builds continues to grow exponentially. builds continues to grow exponentially.
![CI builds cumulative with forecast](ci_builds_cumulative_forecast.png) ![CI builds cumulative with forecast](ci_builds_cumulative_forecast.png)
...@@ -99,7 +99,7 @@ sustain in upcoming years. ...@@ -99,7 +99,7 @@ sustain in upcoming years.
**Status**: As of October 2021 we reduced the growth rate of `ci_builds` table **Status**: As of October 2021 we reduced the growth rate of `ci_builds` table
by writing build options and variables to `ci_builds_metadata` table. We plan by writing build options and variables to `ci_builds_metadata` table. We plan
to ship futher improvements that will be described in a separate blueprint. to ship further improvements that will be described in a separate blueprint.
### Queuing mechanisms are using the large table ### Queuing mechanisms are using the large table
......
...@@ -133,7 +133,7 @@ The initial iteration will provide a framework to house features under `Namespac ...@@ -133,7 +133,7 @@ The initial iteration will provide a framework to house features under `Namespac
1. **Conceptual model**: What are the current and future state conceptual models of these features ([see object modeling for designers](https://hpadkisson.medium.com/object-modeling-for-designers-an-introduction-7871bdcf8baf))? These should be documented in Pajamas (example: [Merge Requests](https://design.gitlab.com/objects/merge-request)). 1. **Conceptual model**: What are the current and future state conceptual models of these features ([see object modeling for designers](https://hpadkisson.medium.com/object-modeling-for-designers-an-introduction-7871bdcf8baf))? These should be documented in Pajamas (example: [Merge Requests](https://design.gitlab.com/objects/merge-request)).
1. **Merge conflicts**: What inconsistencies are there across project, group, and admin levels? How might these be addressed? For an example of how we rationalized this for labels, please see [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/338820). 1. **Merge conflicts**: What inconsistencies are there across project, group, and admin levels? How might these be addressed? For an example of how we rationalized this for labels, please see [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/338820).
1. **Inheritence & information flow**: How is information inherited across our container hierarchy currently? How might this be impacted if complying with the new [inheritence behavior](https://gitlab.com/gitlab-org/gitlab/-/issues/343316) framework? 1. **Inheritance & information flow**: How is information inherited across our container hierarchy currently? How might this be impacted if complying with the new [inheritance behavior](https://gitlab.com/gitlab-org/gitlab/-/issues/343316) framework?
1. **Settings**: Where can settings for this feature be found currently? How will these be impacted by `Namespaces`? 1. **Settings**: Where can settings for this feature be found currently? How will these be impacted by `Namespaces`?
1. **Access**: Who can access this feature and is that impacted by the new container structure? Are there any role or privacy considerations? 1. **Access**: Who can access this feature and is that impacted by the new container structure? Are there any role or privacy considerations?
1. **Tier**: Is there any tier functionality that is differentiated by projects and groups? 1. **Tier**: Is there any tier functionality that is differentiated by projects and groups?
......
...@@ -52,7 +52,7 @@ deploy: ...@@ -52,7 +52,7 @@ deploy:
``` ```
With this configuration, the safety on the deployments is assured while you With this configuration, the safety on the deployments is assured while you
can still run `build` jobs concurrently for maximizing the pipeline efficency. can still run `build` jobs concurrently for maximizing the pipeline efficiency.
## Requirements ## Requirements
......
...@@ -59,8 +59,12 @@ When using the GitLab UI form builder, the following components are available fo ...@@ -59,8 +59,12 @@ When using the GitLab UI form builder, the following components are available fo
NOTE: NOTE:
Currently only the listed components are available but more components are planned. Currently only the listed components are available but more components are planned.
<!-- vale gitlab.Spelling = NO -->
#### gitlab_ui_checkbox_component #### gitlab_ui_checkbox_component
<!-- vale gitlab.Spelling = YES -->
[GitLab UI Docs](https://gitlab-org.gitlab.io/gitlab-ui/?path=/story/base-form-form-checkbox--default) [GitLab UI Docs](https://gitlab-org.gitlab.io/gitlab-ui/?path=/story/base-form-form-checkbox--default)
| Argument | Description | Type | Required (default value) | | Argument | Description | Type | Required (default value) |
...@@ -73,8 +77,12 @@ Currently only the listed components are available but more components are plann ...@@ -73,8 +77,12 @@ Currently only the listed components are available but more components are plann
| `unchecked_value` | Value when checkbox is unchecked. | `String` | `false` (`'0'`) | | `unchecked_value` | Value when checkbox is unchecked. | `String` | `false` (`'0'`) |
| `label_options` | Options that are passed to [Rails `label` method](https://api.rubyonrails.org/classes/ActionView/Helpers/FormBuilder.html#method-i-label). | `Hash` | `false` (`{}`) | | `label_options` | Options that are passed to [Rails `label` method](https://api.rubyonrails.org/classes/ActionView/Helpers/FormBuilder.html#method-i-label). | `Hash` | `false` (`{}`) |
<!-- vale gitlab.Spelling = NO -->
#### gitlab_ui_radio_component #### gitlab_ui_radio_component
<!-- vale gitlab.Spelling = YES -->
[GitLab UI Docs](https://gitlab-org.gitlab.io/gitlab-ui/?path=/story/base-form-form-radio--default) [GitLab UI Docs](https://gitlab-org.gitlab.io/gitlab-ui/?path=/story/base-form-form-radio--default)
| Argument | Description | Type | Required (default value) | | Argument | Description | Type | Required (default value) |
......
...@@ -64,7 +64,7 @@ To illustrate how these problems arise, take a look at this example: ...@@ -64,7 +64,7 @@ To illustrate how these problems arise, take a look at this example:
In this example, you can imagine that we are updating by one monthly release. But refer to [How long must code be backwards-compatible?](#how-long-must-code-be-backwards-compatible). In this example, you can imagine that we are updating by one monthly release. But refer to [How long must code be backwards-compatible?](#how-long-must-code-be-backwards-compatible).
| Update step | Postgres DB | Web nodes | API nodes | Sidekiq nodes | Compatibility concerns | | Update step | PostgreSQL DB | Web nodes | API nodes | Sidekiq nodes | Compatibility concerns |
| --- | --- | --- | --- | --- | --- | | --- | --- | --- | --- | --- | --- |
| Initial state | 🙂 | 🙂 | 🙂 | 🙂 | | | Initial state | 🙂 | 🙂 | 🙂 | 🙂 | |
| Ran pre-deployment migrations | 🚢 except post-deploy migrations | 🙂 | 🙂 | 🙂 | Rails code in 🙂 is making DB calls to 🚢 | | Ran pre-deployment migrations | 🚢 except post-deploy migrations | 🙂 | 🙂 | 🙂 | Rails code in 🙂 is making DB calls to 🚢 |
...@@ -102,7 +102,7 @@ But the problem isn't just that there are many nodes. The bigger problem is that ...@@ -102,7 +102,7 @@ But the problem isn't just that there are many nodes. The bigger problem is that
- "Web app nodes": Handle web requests - "Web app nodes": Handle web requests
- "API app nodes": Handle API requests - "API app nodes": Handle API requests
- "Sidekiq app nodes": Handle Sidekiq jobs - "Sidekiq app nodes": Handle Sidekiq jobs
- "Postgres database": Handle internal Postgres calls - "PostgreSQL database": Handle internal PostgreSQL calls
- "Redis database": Handle internal Redis calls - "Redis database": Handle internal Redis calls
- "Gitaly nodes": Handle internal Gitaly calls - "Gitaly nodes": Handle internal Gitaly calls
...@@ -110,7 +110,7 @@ During an update, there will be [two different versions of GitLab running in dif ...@@ -110,7 +110,7 @@ During an update, there will be [two different versions of GitLab running in dif
## Doesn't the order of update steps matter? ## Doesn't the order of update steps matter?
Yes! We have specific instructions for [zero-downtime updates](../update/index.md#upgrading-without-downtime) because it allows us to ignore some permutations of compatibility. This is why we don't worry about Rails code making DB calls to an old Postgres database schema. Yes! We have specific instructions for [zero-downtime updates](../update/index.md#upgrading-without-downtime) because it allows us to ignore some permutations of compatibility. This is why we don't worry about Rails code making DB calls to an old PostgreSQL database schema.
## I've identified a potential backwards compatibility problem, what can I do about it? ## I've identified a potential backwards compatibility problem, what can I do about it?
......
...@@ -355,7 +355,7 @@ making sure that we read from the replica that is fully caught up. ...@@ -355,7 +355,7 @@ making sure that we read from the replica that is fully caught up.
FLAG: FLAG:
On self-managed GitLab, by default this feature is available. To hide the feature, ask an administrator to On self-managed GitLab, by default this feature is available. To hide the feature, ask an administrator to
[disable the feature flag](../administration/feature_flags.md) named preserve_latest_wal_locations_for_idempotent_jobs flag. [disable the feature flag](../administration/feature_flags.md) named `preserve_latest_wal_locations_for_idempotent_jobs`.
This feature flag is related to GitLab development and is not intended to be used by GitLab administrators, though. This feature flag is related to GitLab development and is not intended to be used by GitLab administrators, though.
On GitLab.com, this feature is available. On GitLab.com, this feature is available.
......
...@@ -173,7 +173,7 @@ curl --request POST \ ...@@ -173,7 +173,7 @@ curl --request POST \
The authorization key can be used as the `password`. The `username` is left blank: The authorization key can be used as the `password`. The `username` is left blank:
- username: `<blank>` - username: `<blank>`
- pasword: authorization_key - password: authorization_key
```shell ```shell
curl --request POST \ curl --request POST \
......
...@@ -1185,7 +1185,7 @@ A bug exists in versions of the API Fuzzing analyzer prior to v1.6.196 that can ...@@ -1185,7 +1185,7 @@ A bug exists in versions of the API Fuzzing analyzer prior to v1.6.196 that can
The version information can be found in the job details for the `apifuzzer_fuzz` job. The version information can be found in the job details for the `apifuzzer_fuzz` job.
If the issue is occuring with versions v1.6.196 or greater, please contact Support and provide the following information: If the issue is occurring with versions v1.6.196 or greater, please contact Support and provide the following information:
1. Reference this troubleshooting section and ask for the issue to be escalated to the Dynamic Analysis Team. 1. Reference this troubleshooting section and ask for the issue to be escalated to the Dynamic Analysis Team.
1. The full console output of the job. 1. The full console output of the job.
......
...@@ -36,6 +36,6 @@ Set-Cookie: {cookie_name}=<random secure value>; HttpOnly ...@@ -36,6 +36,6 @@ Set-Cookie: {cookie_name}=<random secure value>; HttpOnly
## Links ## Links
- [owasp](https://owasp.org/www-community/HttpOnly) - [OWASP](https://owasp.org/www-community/HttpOnly)
- [cwe](https://cwe.mitre.org/data/definitions/1004.html) - [CWE](https://cwe.mitre.org/data/definitions/1004.html)
- [Mozilla MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies) - [Mozilla MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies)
...@@ -29,5 +29,5 @@ header to disable user agents from mis-interpreting resources. ...@@ -29,5 +29,5 @@ header to disable user agents from mis-interpreting resources.
## Links ## Links
- [cwe](https://cwe.mitre.org/data/definitions/16.html) - [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [Mozilla Blog on MIME Confusion attacks](https://blog.mozilla.org/security/2016/08/26/mitigating-mime-confusion-attacks-in-firefox/) - [Mozilla Blog on MIME Confusion attacks](https://blog.mozilla.org/security/2016/08/26/mitigating-mime-confusion-attacks-in-firefox/)
...@@ -31,5 +31,5 @@ information from the `X-Powered-By` header. ...@@ -31,5 +31,5 @@ information from the `X-Powered-By` header.
## Links ## Links
- [cwe](https://cwe.mitre.org/data/definitions/16.html) - [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [PHP expose_php](https://www.php.net/manual/en/ini.core.php#ini.expose-php) - [PHP `expose_php`](https://www.php.net/manual/en/ini.core.php#ini.expose-php)
...@@ -25,4 +25,4 @@ Consult your proxy/load balancer documentation or provider on how to disable rev ...@@ -25,4 +25,4 @@ Consult your proxy/load balancer documentation or provider on how to disable rev
## Links ## Links
- [cwe](https://cwe.mitre.org/data/definitions/16.html) - [CWE](https://cwe.mitre.org/data/definitions/16.html)
...@@ -26,5 +26,5 @@ section of the `Web.config` file. ...@@ -26,5 +26,5 @@ section of the `Web.config` file.
## Links ## Links
- [cwe](https://cwe.mitre.org/data/definitions/16.html) - [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [IIS Remove Unwanted Headers](https://techcommunity.microsoft.com/t5/iis-support-blog/remove-unwanted-http-response-headers/ba-p/369710) - [IIS Remove Unwanted Headers](https://techcommunity.microsoft.com/t5/iis-support-blog/remove-unwanted-http-response-headers/ba-p/369710)
...@@ -33,5 +33,5 @@ protected void Application_Start() ...@@ -33,5 +33,5 @@ protected void Application_Start()
## Links ## Links
- [cwe](https://cwe.mitre.org/data/definitions/16.html) - [CWE](https://cwe.mitre.org/data/definitions/16.html)
- [IIS Remove Unwanted Headers](https://techcommunity.microsoft.com/t5/iis-support-blog/remove-unwanted-http-response-headers/ba-p/369710) - [IIS Remove Unwanted Headers](https://techcommunity.microsoft.com/t5/iis-support-blog/remove-unwanted-http-response-headers/ba-p/369710)
...@@ -36,5 +36,5 @@ Set-Cookie: {cookie_name}=<random secure value>; Secure ...@@ -36,5 +36,5 @@ Set-Cookie: {cookie_name}=<random secure value>; Secure
## Links ## Links
- [owasp](https://owasp.org/www-community/controls/SecureCookieAttribute) - [owasp](https://owasp.org/www-community/controls/SecureCookieAttribute)
- [cwe](https://cwe.mitre.org/data/definitions/614.html) - [CWE](https://cwe.mitre.org/data/definitions/614.html)
- [Mozilla MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies) - [Mozilla MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies)
...@@ -30,7 +30,7 @@ misinterpreted. ...@@ -30,7 +30,7 @@ misinterpreted.
## Links ## Links
- [owasp](https://owasp.org/www-project-secure-headers/#x-content-type-options) - [OWASP](https://owasp.org/www-project-secure-headers/#x-content-type-options)
- [cwe](https://cwe.mitre.org/data/definitions/693.html) - [CWE](https://cwe.mitre.org/data/definitions/693.html)
- [Mozilla Blog on MIME Confusion attacks](https://blog.mozilla.org/security/2016/08/26/mitigating-mime-confusion-attacks-in-firefox/) - [Mozilla Blog on MIME Confusion attacks](https://blog.mozilla.org/security/2016/08/26/mitigating-mime-confusion-attacks-in-firefox/)
- [Mozilla MDN on X-Content-Type-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) - [Mozilla MDN on X-Content-Type-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options)
...@@ -1027,7 +1027,7 @@ The on-demand DAST scan runs, and the project's dashboard shows the results. ...@@ -1027,7 +1027,7 @@ The on-demand DAST scan runs, and the project's dashboard shows the results.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/328749) in GitLab 14.3. [Deployed behind the `dast_on_demand_scans_scheduler` flag](../../../administration/feature_flags.md), disabled by default. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/328749) in GitLab 14.3. [Deployed behind the `dast_on_demand_scans_scheduler` flag](../../../administration/feature_flags.md), disabled by default.
> - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/328749) in GitLab 14.4. > - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/328749) in GitLab 14.4.
> - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/328749) in GitLab 14.4. > - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/328749) in GitLab 14.4.
> - [Feature flag dast_on_demand_scans_scheduler removed](https://gitlab.com/gitlab-org/gitlab/-/issues/328749) in GitLab 14.5. > - [Feature flag `dast_on_demand_scans_scheduler` removed](https://gitlab.com/gitlab-org/gitlab/-/issues/328749) in GitLab 14.5.
To schedule a scan: To schedule a scan:
......
...@@ -1138,7 +1138,7 @@ A bug exists in versions of the DAST API analyzer prior to v1.6.196 that can cau ...@@ -1138,7 +1138,7 @@ A bug exists in versions of the DAST API analyzer prior to v1.6.196 that can cau
The version information can be found in the job details for the `dast_api` job. The version information can be found in the job details for the `dast_api` job.
If the issue is occuring with versions v1.6.196 or greater, please contact Support and provide the following information: If the issue is occurring with versions v1.6.196 or greater, please contact Support and provide the following information:
1. Reference this troubleshooting section and ask for the issue to be escalated to the Dynamic Analysis Team. 1. Reference this troubleshooting section and ask for the issue to be escalated to the Dynamic Analysis Team.
1. The full console output of the job. 1. The full console output of the job.
......
...@@ -82,4 +82,4 @@ You can download your project's list of dependencies and their details in JSON f ...@@ -82,4 +82,4 @@ You can download your project's list of dependencies and their details in JSON f
### Using the API ### Using the API
You can download your project's list of dependencies [using the API](../../../api/dependencies.md#list-project-dependencies). Note this only provides the dependencies identified by the gemnasium family of analyzers and [not any other of the GitLab dependency analyzers](../dependency_scanning/analyzers.md). You can download your project's list of dependencies [using the API](../../../api/dependencies.md#list-project-dependencies). Note this only provides the dependencies identified by the Gemnasium family of analyzers and [not any other of the GitLab dependency analyzers](../dependency_scanning/analyzers.md).
...@@ -283,10 +283,10 @@ table.supported-languages ul { ...@@ -283,10 +283,10 @@ table.supported-languages ul {
GitLab analyzers obtain dependency information using one of the following two methods: GitLab analyzers obtain dependency information using one of the following two methods:
1. [Parsing lockfiles directly.](#obtaining-dependendency-information-by-parsing-lockfiles) 1. [Parsing lockfiles directly.](#obtaining-dependency-information-by-parsing-lockfiles)
1. [Running a package manager or build tool to generate a dependency information file which is then parsed.](#obtaining-dependendency-information-by-running-a-package-manager-to-generate-a-parsable-file) 1. [Running a package manager or build tool to generate a dependency information file which is then parsed.](#obtaining-dependency-information-by-running-a-package-manager-to-generate-a-parsable-file)
#### Obtaining dependendency information by parsing lockfiles #### Obtaining dependency information by parsing lockfiles
The following package managers use lockfiles that GitLab analyzers are capable of parsing directly: The following package managers use lockfiles that GitLab analyzers are capable of parsing directly:
...@@ -300,7 +300,7 @@ The following package managers use lockfiles that GitLab analyzers are capable o ...@@ -300,7 +300,7 @@ The following package managers use lockfiles that GitLab analyzers are capable o
| npm | v1, v2 | [6.x](https://gitlab.com/gitlab-org/security-products/tests/js-npm/-/blob/master/package-lock.json#L4), [7.x](https://gitlab.com/gitlab-org/security-products/tests/js-npm/-/blob/lockfile-v2-FREEZE/package-lock.json#L4) | | npm | v1, v2 | [6.x](https://gitlab.com/gitlab-org/security-products/tests/js-npm/-/blob/master/package-lock.json#L4), [7.x](https://gitlab.com/gitlab-org/security-products/tests/js-npm/-/blob/lockfile-v2-FREEZE/package-lock.json#L4) |
| yarn | v1 | [1.x](https://gitlab.com/gitlab-org/security-products/tests/js-yarn/-/blob/master/yarn.lock) | | yarn | v1 | [1.x](https://gitlab.com/gitlab-org/security-products/tests/js-yarn/-/blob/master/yarn.lock) |
#### Obtaining dependendency information by running a package manager to generate a parsable file #### Obtaining dependency information by running a package manager to generate a parsable file
To support the following package managers, the GitLab analyzers proceed in two steps: To support the following package managers, the GitLab analyzers proceed in two steps:
...@@ -374,7 +374,7 @@ We only execute one build in the directory where a build file has been detected, ...@@ -374,7 +374,7 @@ We only execute one build in the directory where a build file has been detected,
Please note, we support the following types of Java project structures: Please note, we support the following types of Java project structures:
- [multi-project sbt builds](https://www.scala-sbt.org/1.x/docs/Multi-Project.html) - [multi-project sbt builds](https://www.scala-sbt.org/1.x/docs/Multi-Project.html)
- [multi-project gradle builds](https://docs.gradle.org/current/userguide/intro_multi_project_builds.html) - [multi-project Gradle builds](https://docs.gradle.org/current/userguide/intro_multi_project_builds.html)
- [multi-module maven projects](https://maven.apache.org/pom.html#Aggregation) - [multi-module maven projects](https://maven.apache.org/pom.html#Aggregation)
#### JavaScript #### JavaScript
...@@ -600,7 +600,7 @@ The dependency scanning tool emits a JSON report file. For more information, see ...@@ -600,7 +600,7 @@ The dependency scanning tool emits a JSON report file. For more information, see
Here's an example dependency scanning report: Here's an example dependency scanning report:
```json-doc ```json
{ {
"version": "2.0", "version": "2.0",
"vulnerabilities": [ "vulnerabilities": [
...@@ -713,7 +713,7 @@ Please check the [Release Process documentation](https://gitlab.com/gitlab-org/s ...@@ -713,7 +713,7 @@ Please check the [Release Process documentation](https://gitlab.com/gitlab-org/s
## Contributing to the vulnerability database ## Contributing to the vulnerability database
You can search the [gemnasium-db](https://gitlab.com/gitlab-org/security-products/gemnasium-db) project You can search the [`gemnasium-db`](https://gitlab.com/gitlab-org/security-products/gemnasium-db) project
to find a vulnerability in the Gemnasium database. to find a vulnerability in the Gemnasium database.
You can also [submit new vulnerabilities](https://gitlab.com/gitlab-org/security-products/gemnasium-db/blob/master/CONTRIBUTING.md). You can also [submit new vulnerabilities](https://gitlab.com/gitlab-org/security-products/gemnasium-db/blob/master/CONTRIBUTING.md).
...@@ -785,7 +785,7 @@ Support for custom certificate authorities was introduced in the following versi ...@@ -785,7 +785,7 @@ Support for custom certificate authorities was introduced in the following versi
Add the following configuration to your `.gitlab-ci.yml` file. You must change the value of Add the following configuration to your `.gitlab-ci.yml` file. You must change the value of
`SECURE_ANALYZERS_PREFIX` to refer to your local Docker container registry. You must also change the `SECURE_ANALYZERS_PREFIX` to refer to your local Docker container registry. You must also change the
value of `GEMNASIUM_DB_REMOTE_URL` to the location of your offline Git copy of the value of `GEMNASIUM_DB_REMOTE_URL` to the location of your offline Git copy of the
[gemnasium-db advisory database](https://gitlab.com/gitlab-org/security-products/gemnasium-db/): [`gemnasium-db` advisory database](https://gitlab.com/gitlab-org/security-products/gemnasium-db/):
```yaml ```yaml
include: include:
......
...@@ -32,14 +32,14 @@ GitLab IaC scanning supports a variety of IaC configuration files. Our IaC secur ...@@ -32,14 +32,14 @@ GitLab IaC scanning supports a variety of IaC configuration files. Our IaC secur
| Configuration File Type | Scan tool | Introduced in GitLab Version | | Configuration File Type | Scan tool | Introduced in GitLab Version |
|------------------------------------------|----------------------------------|-------------------------------| |------------------------------------------|----------------------------------|-------------------------------|
| Ansible | [kics](https://kics.io/) | 14.5 | | Ansible | [KICS](https://kics.io/) | 14.5 |
| AWS CloudFormation | [kics](https://kics.io/) | 14.5 | | AWS CloudFormation | [KICS](https://kics.io/) | 14.5 |
| Kubernetes | [kics](https://kics.io/) | 14.5 | | Kubernetes | [KICS](https://kics.io/) | 14.5 |
| Terraform | [kics](https://kics.io/) | 14.5 | | Terraform | [KICS](https://kics.io/) | 14.5 |
### Making IaC analyzers available to all GitLab tiers ### Making IaC analyzers available to all GitLab tiers
All open source (OSS) analyzers are availibile with the GitLab Free tier. Future propietary analyzers may be restricted to higher tiers. All open source (OSS) analyzers are available with the GitLab Free tier. Future proprietary analyzers may be restricted to higher tiers.
#### Summary of features per tier #### Summary of features per tier
......
...@@ -46,7 +46,7 @@ GitLab uses the following tools to scan and report known vulnerabilities found i ...@@ -46,7 +46,7 @@ GitLab uses the following tools to scan and report known vulnerabilities found i
| [Secret Detection](secret_detection/index.md) | Analyze Git history for leaked secrets. | | [Secret Detection](secret_detection/index.md) | Analyze Git history for leaked secrets. |
| [Security Dashboard](security_dashboard/index.md) | View vulnerabilities in all your projects and groups. | | [Security Dashboard](security_dashboard/index.md) | View vulnerabilities in all your projects and groups. |
| [Static Application Security Testing (SAST)](sast/index.md) | Analyze source code for known vulnerabilities. | | [Static Application Security Testing (SAST)](sast/index.md) | Analyze source code for known vulnerabilities. |
| [Infrastructure as Code (IaC) Scanning](iac_scanning/index.md) | Analyze your IaC coniguration files for known vulnerabilities. | | [Infrastructure as Code (IaC) Scanning](iac_scanning/index.md) | Analyze your IaC configuration files for known vulnerabilities. |
| [Coverage fuzzing](coverage_fuzzing/index.md) | Find unknown bugs and vulnerabilities with coverage-guided fuzzing. | | [Coverage fuzzing](coverage_fuzzing/index.md) | Find unknown bugs and vulnerabilities with coverage-guided fuzzing. |
| [Cluster Image Scanning](cluster_image_scanning/index.md) | Scan Kubernetes clusters for known vulnerabilities. | | [Cluster Image Scanning](cluster_image_scanning/index.md) | Scan Kubernetes clusters for known vulnerabilities. |
......
...@@ -10,7 +10,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w ...@@ -10,7 +10,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
> - [Deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) in GitLab 14.5. > - [Deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) in GitLab 14.5.
WARNING: WARNING:
This feature was deprecated in GitLab 14.5. Use [Infrastrucure as Code](../../infrastructure/iac/index.md#create-a-new-cluster-through-iac) This feature was deprecated in GitLab 14.5. Use [Infrastructure as Code](../../infrastructure/iac/index.md#create-a-new-cluster-through-iac)
to create new clusters. to create new clusters.
Through GitLab, you can create new clusters and add existing clusters hosted on Amazon Elastic Through GitLab, you can create new clusters and add existing clusters hosted on Amazon Elastic
......
...@@ -10,7 +10,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w ...@@ -10,7 +10,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
WARNING: WARNING:
This feature was [deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) in GitLab 14.5. This feature was [deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8) in GitLab 14.5.
Use [Infrastrucure as Code](../../infrastructure/clusters/connect/new_gke_cluster.md) Use [Infrastructure as Code](../../infrastructure/clusters/connect/new_gke_cluster.md)
to create a cluster hosted on Google Kubernetes Engine (GKE). to create a cluster hosted on Google Kubernetes Engine (GKE).
Through GitLab, you can create new and connect existing clusters Through GitLab, you can create new and connect existing clusters
......
...@@ -67,7 +67,7 @@ associated Pages domain. GitLab also renews it automatically. ...@@ -67,7 +67,7 @@ associated Pages domain. GitLab also renews it automatically.
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30146) in GitLab 13.0. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30146) in GitLab 13.0.
If you get an error **Something went wrong while obtaining the Let's Encrypt certificate**, first, make sure that your pages site is set to "Everyone" in your project's **Settings > General > Visbility**. This allows the Let's Encrypt Servers reach your pages site. Once this is confirmed, you can try obtaining the certificate again by following these steps: If you get an error **Something went wrong while obtaining the Let's Encrypt certificate**, first, make sure that your pages site is set to "Everyone" in your project's **Settings > General > Visibility**. This allows the Let's Encrypt Servers reach your pages site. Once this is confirmed, you can try obtaining the certificate again by following these steps:
1. Go to your project's **Settings > Pages**. 1. Go to your project's **Settings > Pages**.
1. Click **Edit** on your domain. 1. Click **Edit** on your domain.
......
...@@ -795,7 +795,7 @@ You can copy the example project to your own group or instance for testing. More ...@@ -795,7 +795,7 @@ You can copy the example project to your own group or instance for testing. More
### Getting `403 Forbidden` or `Something went wrong while creating a new release` errors when creating, updating or deleting releases and their assets ### Getting `403 Forbidden` or `Something went wrong while creating a new release` errors when creating, updating or deleting releases and their assets
If the release is associted with a [protected tag](../protected_tags.md), If the release is associated with a [protected tag](../protected_tags.md),
the UI/API request might result in an authorization failure. the UI/API request might result in an authorization failure.
Make sure that the user or a service/bot account is allowed to Make sure that the user or a service/bot account is allowed to
[create the protected tag](../protected_tags.md#configuring-protected-tags) too. [create the protected tag](../protected_tags.md#configuring-protected-tags) too.
......
...@@ -64,7 +64,7 @@ For the bot: ...@@ -64,7 +64,7 @@ For the bot:
- The username is set to `project_{project_id}_bot` for the first access token, such as `project_123_bot`. - The username is set to `project_{project_id}_bot` for the first access token, such as `project_123_bot`.
- The email is set to `project{project_id}_bot@example.com`, for example `project123_bot@example.com`. - The email is set to `project{project_id}_bot@example.com`, for example `project123_bot@example.com`.
- For additional access tokens in the same project, the username is set to `project_{project_id}_bot{bot_count}`, for example `project_123_bot1`. - For additional access tokens in the same project, the username is set to `project_{project_id}_bot{bot_count}`, for example `project_123_bot1`.
- For additional acess tokens in the same project, the email is set to `project{project_id}_bot{bot_count}@example.com`, for example `project123_bot1@example.com` - For additional access tokens in the same project, the email is set to `project{project_id}_bot{bot_count}@example.com`, for example `project123_bot1@example.com`
API calls made with a project access token are associated with the corresponding bot user. API calls made with a project access token are associated with the corresponding bot user.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment