Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
e9204e24
Commit
e9204e24
authored
Apr 25, 2021
by
Judy Truong
Committed by
Suzanne Selhorn
Apr 25, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix Vale issues for unit_test_reports.md and ssh_certificates.md
parent
eb501c6e
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
26 additions
and
26 deletions
+26
-26
doc/administration/operations/ssh_certificates.md
doc/administration/operations/ssh_certificates.md
+13
-13
doc/ci/unit_test_reports.md
doc/ci/unit_test_reports.md
+13
-13
No files found.
doc/administration/operations/ssh_certificates.md
View file @
e9204e24
...
...
@@ -110,10 +110,10 @@ Where `{KEY_ID}` is the `%i` argument passed to the script
(e.g.
`aeanfjord`
), and
`{PRINCIPAL}`
is the principal passed to it
(e.g.
`sshUsers`
).
You
will
need to customize the
`sshUsers`
part of that. It should be
You need to customize the
`sshUsers`
part of that. It should be
some principal that's guaranteed to be part of the key for all users
who can log in to GitLab, or you must provide a list of principals,
one of which is
going to be
present for the user, e.g.:
one of which is present for the user, e.g.:
```
plaintext
[...]
...
...
@@ -122,7 +122,7 @@ one of which is going to be present for the user, e.g.:
## Principals and security
You can supply as many principals as you want, these
will b
e turned
You can supply as many principals as you want, these
ar
e turned
into multiple lines of
`authorized_keys`
output, as described in the
`AuthorizedPrincipalsFile`
documentation in
`sshd_config(5)`
.
...
...
@@ -130,32 +130,32 @@ Normally when using the `AuthorizedKeysCommand` with OpenSSH the
principal is some "group" that's allowed to log into that
server. However with GitLab it's only used to appease OpenSSH's
requirement for it, we effectively only care about the "key ID" being
correct. Once that's extracted GitLab
will enforce
its own ACLs for
correct. Once that's extracted GitLab
enforces
its own ACLs for
that user (e.g. what projects the user can access).
So it's OK to e.g. be overly generous in what you accept, since if the
user e.g. has no access to GitLab at all it
'll just error
out with a
user e.g. has no access to GitLab at all it
just errors
out with a
message about this being an invalid user.
## Interaction with the `authorized_keys` file
SSH certificates can be used in conjunction with the
`authorized_keys`
file, and if set up as configured above the
`authorized_keys`
file
will
still serve as a fallback.
file, and if set up as configured above the
`authorized_keys`
file
still serve
s
as a fallback.
This is because if the
`AuthorizedPrincipalsCommand`
can't
authenticate the user, OpenSSH
will fall
back on
authenticate the user, OpenSSH
falls
back on
`~/.ssh/authorized_keys`
(or the
`AuthorizedKeysCommand`
).
Therefore there may still be a reason to use the
[
"Fast lookup of
authorized SSH keys in the database"
](
fast_ssh_key_lookup.html
)
method
in conjunction with this. Since you
'll b
e using SSH certificates for
in conjunction with this. Since you
ar
e using SSH certificates for
all your normal users, and relying on the
`~/.ssh/authorized_keys`
fallback for deploy keys, if you make use of those.
But you may find that there's no reason to do that, since all your
normal users
will
use the fast
`AuthorizedPrincipalsCommand`
path, and
only automated deployment key access
will fall
back on
normal users use the fast
`AuthorizedPrincipalsCommand`
path, and
only automated deployment key access
falls
back on
`~/.ssh/authorized_keys`
, or that you have a lot more keys for normal
users (especially if they're renewed) than you have deploy keys.
...
...
@@ -167,14 +167,14 @@ uploading an SSH public key to their profile, relying on the
currently no feature to prevent this,
[
but there's an open request for
adding it
](
https://gitlab.com/gitlab-org/gitlab/-/issues/23260
)
.
Such a restriction can currently be hacked in by
e.g.
providing a
Such a restriction can currently be hacked in by
, for example,
providing a
custom
`AuthorizedKeysCommand`
which checks if the discovered key-ID
returned from
`gitlab-shell-authorized-keys-check`
is a deploy key or
not (all non-deploy keys should be refused).
## Disabling the global warning about users lacking SSH keys
By default GitLab
will show
a "You won't be able to pull or push
By default GitLab
shows
a "You won't be able to pull or push
project code via SSH" warning to users who have not uploaded an SSH
key to their profile.
...
...
doc/ci/unit_test_reports.md
View file @
e9204e24
...
...
@@ -11,12 +11,12 @@ type: reference
> - [Renamed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39737) from JUnit test reports to Unit test reports in GitLab 13.4.
It is very common that a
[
CI/CD pipeline
](
pipelines/index.md
)
contains a
test job that
will verify
your code.
test job that
verifies
your code.
If the tests fail, the pipeline fails and users get notified. The person that
works on the merge request
will have
to check the job logs and see where the
works on the merge request
has
to check the job logs and see where the
tests failed so that they can fix them.
You can configure your job to use Unit test reports, and GitLab
will display
a
You can configure your job to use Unit test reports, and GitLab
displays
a
report on the merge request so that it's easier and faster to identify the
failure without having to check the entire log. Unit test reports currently
only support test reports in the JUnit report format.
...
...
@@ -49,7 +49,7 @@ comparing the head and base branch's JUnit report format XML files, where:
The reports panel has a summary showing how many tests failed, how many had errors
and how many were fixed. If no comparison can be done because data for the base branch
is not available, the panel
will just show
the list of failed tests for head.
is not available, the panel
just shows
the list of failed tests for head.
There are four types of results:
...
...
@@ -59,8 +59,8 @@ There are four types of results:
1.
**Existing failures:**
Test cases which failed on base branch and failed on head branch
1.
**Resolved failures:**
Test cases which failed on base branch and passed on head branch
Each entry in the panel
will show
the test name and its type from the list
above. Clicking on the test name
will open
a modal window with details of its
Each entry in the panel
shows
the test name and its type from the list
above. Clicking on the test name
opens
a modal window with details of its
execution time and the error output.
![
Test Reports Widget
](
img/junit_test_report.png
)
...
...
@@ -115,7 +115,7 @@ ruby:
### Go example
Use the following job in
`.gitlab-ci.yml`
, and ensure you use
`-set-exit-code`
,
otherwise the pipeline
will be
marked successful, even if the tests fail:
otherwise the pipeline
is
marked successful, even if the tests fail:
```
yaml
## Use https://github.com/jstemmer/go-junit-report to generate a JUnit report format XML file with go
...
...
@@ -137,7 +137,7 @@ There are a few tools that can produce JUnit report format XML file in Java.
#### Gradle
In the following example,
`gradle`
is used to generate the test reports.
If there are multiple test tasks defined,
`gradle`
will generate
multiple
If there are multiple test tasks defined,
`gradle`
generates
multiple
directories under
`build/test-results/`
. In that case, you can leverage glob
matching by defining the following path:
`build/test-results/test/**/TEST-*.xml`
:
...
...
@@ -198,8 +198,8 @@ There are a few tools that can produce JUnit report format XML files in C/C++.
In the following example,
`gtest`
is used to generate the test reports.
If there are multiple
`gtest`
executables created for different architectures (
`x86`
,
`x64`
or
`arm`
),
you
will b
e required to run each test providing a unique filename. The results
will
then be aggregated together.
you
ar
e required to run each test providing a unique filename. The results
are
then be aggregated together.
```
yaml
cpp
:
...
...
@@ -313,8 +313,8 @@ test:
> - The feature flag was removed and the feature was [made generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/216478) in GitLab 13.3.
If JUnit report format XML files are generated and uploaded as part of a pipeline, these reports
can be viewed inside the pipelines details page. The
**Tests**
tab on this page
will
display a list of test suites and cases reported from the XML file.
can be viewed inside the pipelines details page. The
**Tests**
tab on this page
display
s
a list of test suites and cases reported from the XML file.
![
Test Reports Widget
](
img/pipelines_junit_test_report_v13_10.png
)
...
...
@@ -340,7 +340,7 @@ If parsing JUnit report XML results in an error, an indicator is shown next to t
WARNING:
This feature might not be available to you. Check the
**version history**
note above for details.
When
[
this issue
](
https://gitlab.com/gitlab-org/gitlab/-/issues/6061
)
is complete, the attached file
will be
visible on the pipeline details page.
When
[
this issue
](
https://gitlab.com/gitlab-org/gitlab/-/issues/6061
)
is complete, the attached file
is
visible on the pipeline details page.
If JUnit report format XML files contain an
`attachment`
tag, GitLab parses the attachment.
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment