Automatic merge of gitlab-org/gitlab-ce master

bba9011a · GitLab Bot · b54db00b · 671d7cdc · bba9011a · bba9011a
Commit bba9011a authored Jun 21, 2019 by GitLab Bot
Showing with 63 additions and 53 deletions

doc/user/application_security/container_scanning/index.md doc/user/application_security/container_scanning/index.md +20 -0

doc/user/project/web_ide/index.md doc/user/project/web_ide/index.md +43 -53

No files found.
--- a/doc/user/application_security/container_scanning/index.md
+++ b/doc/user/application_security/container_scanning/index.md
@@ -40,6 +40,9 @@ To enable Container Scanning in your pipeline, you need:
  [`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html#running-privileged-containers-for-the-runners)
  executor running in privileged mode. If you're using the shared Runners on GitLab.com,
  this is enabled by default.
+- Docker `18.09.03` or higher installed on the machine where the Runners are
+  running. If you're using the shared Runners on GitLab.com, this is already
+  the case.
 - To [build and push](../../../ci/docker/using_docker_build.md#container-registry-examples)
  your Docker image to your project's [Container Registry](../../project/container_registry.md).
  The name of the Docker image should match the following scheme:
@@ -202,3 +205,20 @@ vulnerabilities in your groups and projects. Read more about the
 Once a vulnerability is found, you can interact with it. Read more on how to
 [interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
+## Troubleshooting
+### docker: Error response from daemon: failed to copy xattrs
+When the GitLab Runner uses the Docker executor and NFS is used
+(e.g., `/var/lib/docker` is on an NFS mount), Container Scanning might fail with
+an error like the following:
+```
+docker: Error response from daemon: failed to copy xattrs: failed to set xattr "security.selinux" on /path/to/file: operation not supported.
+```
+This is a result of a bug in Docker which is now [fixed](https://github.com/containerd/continuity/pull/138 "fs: add WithAllowXAttrErrors CopyOpt").
+To prevent the error, ensure the Docker version that the Runner is using is
+`18.09.03` or higher. For more information, see
+[issue #10241](https://gitlab.com/gitlab-org/gitlab-ee/issues/10241 "Investigate why Container Scanning is not working with NFS mounts").
--- a/doc/user/project/web_ide/index.md
+++ b/doc/user/project/web_ide/index.md
@@ -135,18 +135,14 @@ below.
 CAUTION: **Warning:**
 Interactive Web Terminals for the Web IDE is currently in **Beta**.
+Shared Runners [do not yet support Interactive Web Terminals](https://gitlab.com/gitlab-org/gitlab-ce/issues/52611),
+so you would need to use your own private Runner(s) to make use of this feature.
-[Interactive web terminals](../../../ci/interactive_web_terminal/index.md)
+[Interactive Web Terminals](../../../ci/interactive_web_terminal/index.md)
-give the user access to a terminal to interact with the Runner directly from
+give the project [Maintainers](../../permissions.md#project-members-permissions)
+user access to a terminal to interact with the Runner directly from
 GitLab, including through the Web IDE.
-Only project [**maintainers**](../../permissions.md#project-members-permissions)
-can run Interactive Web Terminals through the Web IDE.
-CAUTION: **Warning:**
-GitLab.com [does not support Interactive Web Terminals yet](https://gitlab.com/gitlab-org/gitlab-ce/issues/52611).
-Shared Runners in private instances are not supported either.
 ### Runner configuration
 Some things need to be configured in the runner for the interactive web terminal
@@ -204,7 +200,7 @@ the selected branch of the Web IDE.
 If there is no configuration file in a branch, an error message will be shown.
-### Running Interactive Terminals in the Web IDE
+### Running interactive terminals in the Web IDE
 If Interactive Terminals are available for the current user, the **Terminal** button
 will be visible in the right sidebar of the Web IDE. Click this button to open
@@ -231,38 +227,20 @@ While the terminal is running, it can be stopped by clicking **Stop Terminal**.
 This will disconnect the terminal and stop the runner's terminal job. From here,
 click **Restart Terminal** to start a new terminal session.
-### File Syncing to Web Terminal
+### File syncing to web terminal
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/5276) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0.
-File changes in the Web IDE can be synced to a running Web Terminal.
+File changes in the Web IDE can be synced to a running web terminal.
 This enables users to test their code changes in a preconfigured terminal
 environment.
 NOTE: **Note:**
 Only file changes in the Web IDE are synced to the terminal.
 Changes made in the terminal are **not** synced to the Web IDE.
+This feature is only available for Kubernetes Runners.
-Once you have [configured the Web Terminal for File Syncing](#configuring-file-syncing),
+To enable file syncing to the web terminal, the `.gitlab/.gitlab-webide.yml`
-then when the Web terminal is started, a **Terminal** status will be visible
-in the status bar.
-![Web IDE Client Side Evaluation](img/terminal_status.png)
-Changes made to your files via the Web IDE will sync to the running terminal
-when:
- <kbd>Ctrl</kbd> + <kbd>S</kbd> (or <kbd>Cmd</kbd> + <kbd>S</kbd> on Mac) 
-  is pressed while editing a file.
- Anything outside the file editor is clicked after editing a file.
- A file or folder is created, deleted, or renamed.
-### Configuring File Syncing
-NOTE: **Note:**
-This feature is only available for Kubernetes runners.
-To enable file syncing to the Web Terminal, the `.gitlab/.gitlab-webide.yml` 
 file needs to have a `webide-file-sync` service configured. Here is an example
 configuration for a Node JS project which uses this service:
@@ -281,14 +259,26 @@ terminal:
        - number: 3000
 ```
-> **Notes:**
+- The `webide-file-sync` executable must start **after** the project
-> - For now, the `webide-file-sync` executable must start **after** the project
+  directory is available. This is why we need to add `sleep 5` to the `command`.
->  directory is available. This is why we need to add `sleep 5` to the `command`.
+  See [this issue](https://gitlab.com/gitlab-org/webide-file-sync/issues/7) for
->  See [this issue](https://gitlab.com/gitlab-org/webide-file-sync/issues/7) for 
+  more info.
->  more info.
+- `$CI_PROJECT_DIR` is a
-> - `$CI_PROJECT_DIR` is a 
+  [predefined environment variable](../../../ci/variables/predefined_variables.md)
->  [predefined environment variable](../../../ci/variables/predefined_variables.md) 
+  for GitLab Runners. This is where your project's repository will be.
->  for GitLab Runners. This is where your project's repository will be.
+Once you have configured the web terminal for file syncing, then when the web
+terminal is started, a **Terminal** status will be visible in the status bar.
+![Web IDE Client Side Evaluation](img/terminal_status.png)
+Changes made to your files via the Web IDE will sync to the running terminal
+when:
+- <kbd>Ctrl</kbd> + <kbd>S</kbd> (or <kbd>Cmd</kbd> + <kbd>S</kbd> on Mac)
+  is pressed while editing a file.
+- Anything outside the file editor is clicked after editing a file.
+- A file or folder is created, deleted, or renamed.
 ### Limitations