Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
563849fc
Commit
563849fc
authored
Oct 18, 2021
by
Amy Qualls
Committed by
Fiona Neill
Oct 18, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Finish clarifying confidential merge requests
parent
2d89bff9
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
20 additions
and
17 deletions
+20
-17
doc/user/project/merge_requests/confidential.md
doc/user/project/merge_requests/confidential.md
+20
-17
No files found.
doc/user/project/merge_requests/confidential.md
View file @
563849fc
...
@@ -11,11 +11,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
...
@@ -11,11 +11,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
Merge requests in a public repository are also public, even when the merge
Merge requests in a public repository are also public, even when the merge
request is created for a
[
confidential issue
](
../issues/confidential_issues.md
)
.
request is created for a
[
confidential issue
](
../issues/confidential_issues.md
)
.
To avoid leaking confidential information when working on a confidential issue,
To avoid leaking confidential information when working on a confidential issue,
create your merge request from a private fork.
create your merge request from a private fork
in the same namespace
.
Roles are inherited from parent groups. If you create your private fork in the
Roles are inherited from parent groups. If you create your private fork in the
same
group or subgroup as the original (public) repository, developers receive
same
namespace (same group or subgroup) as the original (public) repository,
the same permissions in your fork. This inheritance ensures:
developers receive
the same permissions in your fork. This inheritance ensures:
-
Developer users have the needed permissions to view confidential issues and resolve them.
-
Developer users have the needed permissions to view confidential issues and resolve them.
-
You do not need grant individual users access to your fork.
-
You do not need grant individual users access to your fork.
...
@@ -24,13 +24,17 @@ The [security practices for confidential merge requests](https://gitlab.com/gitl
...
@@ -24,13 +24,17 @@ The [security practices for confidential merge requests](https://gitlab.com/gitl
## Create a confidential merge request
## Create a confidential merge request
WARNING:
To create a confidential merge request, you must create a private fork. This fork
may expose confidential information, if you create your fork in another namespace
that may have other members.
Branches are public by default. To protect the confidentiality of your work, you
Branches are public by default. To protect the confidentiality of your work, you
must create your changes in a private fork.
must create your branches and merge requests in the same namespace, but downstream
in a private fork. If you create your private fork in the same namespace as the
public repository, your fork inherits the permissions of the upstream public repository.
Users with the Developer role in the upstream public repository inherit those upstream
permissions in your downstream private fork without action by you. These users can
immediately push code to branches in your private fork to help fix the confidential issue.
WARNING:
Your private fork may expose confidential information, if you create it in a different
namespace than the upstream repository. The two namespaces may not contain the same users.
Prerequisites:
Prerequisites:
...
@@ -56,16 +60,15 @@ To create a confidential merge request:
...
@@ -56,16 +60,15 @@ To create a confidential merge request:
branches must be available in your selected fork.
branches must be available in your selected fork.
1.
Select
**Create**
.
1.
Select
**Create**
.
If you created a branch in your private fork, users with the Developer role in the
This merge request targets your private fork, not the public upstream project.
public repository can push code to that branch in your private fork to fix the
Your branch, merge requests, and commits remain in your private fork. This prevents
confidential issue
.
prematurely revealing confidential information
.
As your merge request targets your private fork, not the public upstream project,
Open a merge request
your branch, merge request, and commits do not enter the public repository. This
[
from your fork to the upstream repository
](
../repository/forking_workflow.md#merging-upstream
)
when:
prevents prematurely revealing confidential information.
To make a confidential commit public, open a merge request from the private fork
-
You are satisfied the problem is resolved in your private fork.
to the public upstream project
.
-
You are ready to make the confidential commits public
.
## Related links
## Related links
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment