Commit 8c0da26e authored by Russell Dickenson's avatar Russell Dickenson

Merge branch 'selhorn-runner-13' into 'master'

Docs: Updated runner capitalization

See merge request gitlab-org/gitlab!42251
parents 19a5c1ae fb25fccf
...@@ -42,10 +42,10 @@ information directly in the merge request. ...@@ -42,10 +42,10 @@ information directly in the merge request.
To enable Container Scanning in your pipeline, you need the following: To enable Container Scanning in your pipeline, you need the following:
- [GitLab Runner](https://docs.gitlab.com/runner/) with the [Docker](https://docs.gitlab.com/runner/executors/docker.html) - [GitLab Runner](https://docs.gitlab.com/runner/) with the [`docker`](https://docs.gitlab.com/runner/executors/docker.html)
or [Kubernetes](https://docs.gitlab.com/runner/install/kubernetes.html) executor. or [`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html) executor.
- Docker `18.09.03` or higher installed on the same computer as the Runner. If you're using the - Docker `18.09.03` or higher installed on the same computer as the runner. If you're using the
shared Runners on GitLab.com, then this is already the case. shared runners on GitLab.com, then this is already the case.
- [Build and push](../../packages/container_registry/index.md#container-registry-examples-with-gitlab-cicd) - [Build and push](../../packages/container_registry/index.md#container-registry-examples-with-gitlab-cicd)
your Docker image to your project's container registry. The name of the Docker image should use your Docker image to your project's container registry. The name of the Docker image should use
the following [predefined environment variables](../../../ci/variables/predefined_variables.md): the following [predefined environment variables](../../../ci/variables/predefined_variables.md):
...@@ -221,8 +221,8 @@ To use Container Scanning in an offline environment, you need: ...@@ -221,8 +221,8 @@ To use Container Scanning in an offline environment, you need:
NOTE: **Note:** NOTE: **Note:**
GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy), GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy),
meaning the Runner tries to pull Docker images from the GitLab container registry even if a local meaning the runner tries to pull Docker images from the GitLab container registry even if a local
copy is available. GitLab Runner's [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy) copy is available. The GitLab Runner [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy)
in an offline environment if you prefer using only locally available Docker images. However, we in an offline environment if you prefer using only locally available Docker images. However, we
recommend keeping the pull policy setting to `always` if not in an offline environment, as this recommend keeping the pull policy setting to `always` if not in an offline environment, as this
enables the use of updated scanners in your CI/CD pipelines. enables the use of updated scanners in your CI/CD pipelines.
...@@ -421,7 +421,7 @@ Read more about the [solutions for vulnerabilities](../index.md#solutions-for-vu ...@@ -421,7 +421,7 @@ Read more about the [solutions for vulnerabilities](../index.md#solutions-for-vu
### `docker: Error response from daemon: failed to copy xattrs` ### `docker: Error response from daemon: failed to copy xattrs`
When the GitLab Runner uses the Docker executor and NFS is used When the runner uses the `docker` executor and NFS is used
(for example, `/var/lib/docker` is on an NFS mount), Container Scanning might fail with (for example, `/var/lib/docker` is on an NFS mount), Container Scanning might fail with
an error like the following: an error like the following:
...@@ -430,6 +430,6 @@ docker: Error response from daemon: failed to copy xattrs: failed to set xattr " ...@@ -430,6 +430,6 @@ docker: Error response from daemon: failed to copy xattrs: failed to set xattr "
``` ```
This is a result of a bug in Docker which is now [fixed](https://github.com/containerd/continuity/pull/138 "fs: add WithAllowXAttrErrors CopyOpt"). This is a result of a bug in Docker which is now [fixed](https://github.com/containerd/continuity/pull/138 "fs: add WithAllowXAttrErrors CopyOpt").
To prevent the error, ensure the Docker version that the Runner is using is To prevent the error, ensure the Docker version that the runner is using is
`18.09.03` or higher. For more information, see `18.09.03` or higher. For more information, see
[issue #10241](https://gitlab.com/gitlab-org/gitlab/-/issues/10241 "Investigate why Container Scanning is not working with NFS mounts"). [issue #10241](https://gitlab.com/gitlab-org/gitlab/-/issues/10241 "Investigate why Container Scanning is not working with NFS mounts").
...@@ -566,8 +566,8 @@ To use DAST in an offline environment, you need: ...@@ -566,8 +566,8 @@ To use DAST in an offline environment, you need:
NOTE: **Note:** NOTE: **Note:**
GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy), GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy),
meaning the Runner tries to pull Docker images from the GitLab container registry even if a local meaning the runner tries to pull Docker images from the GitLab container registry even if a local
copy is available. GitLab Runner's [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy) copy is available. The GitLab Runner [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy)
in an offline environment if you prefer using only locally available Docker images. However, we in an offline environment if you prefer using only locally available Docker images. However, we
recommend keeping the pull policy setting to `always` if not in an offline environment, as this recommend keeping the pull policy setting to `always` if not in an offline environment, as this
enables the use of updated scanners in your CI/CD pipelines. enables the use of updated scanners in your CI/CD pipelines.
......
...@@ -43,10 +43,10 @@ The results are sorted by the severity of the vulnerability: ...@@ -43,10 +43,10 @@ The results are sorted by the severity of the vulnerability:
To run Dependency Scanning jobs, by default, you need GitLab Runner with the To run Dependency Scanning jobs, by default, you need GitLab Runner with the
[`docker`](https://docs.gitlab.com/runner/executors/docker.html) or [`docker`](https://docs.gitlab.com/runner/executors/docker.html) or
[`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html) executor. [`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html) executor.
If you're using the shared Runners on GitLab.com, this is enabled by default. If you're using the shared runners on GitLab.com, this is enabled by default.
CAUTION: **Caution:** CAUTION: **Caution:**
If you use your own Runners, make sure your installed version of Docker If you use your own runners, make sure your installed version of Docker
is **not** `19.03.0`. See [troubleshooting information](#error-response-from-daemon-error-processing-tar-file-docker-tar-relocation-error) for details. is **not** `19.03.0`. See [troubleshooting information](#error-response-from-daemon-error-processing-tar-file-docker-tar-relocation-error) for details.
## Supported languages and package managers ## Supported languages and package managers
...@@ -362,8 +362,8 @@ Here are the requirements for using Dependency Scanning in an offline environmen ...@@ -362,8 +362,8 @@ Here are the requirements for using Dependency Scanning in an offline environmen
NOTE: **Note:** NOTE: **Note:**
GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy), GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy),
meaning the Runner tries to pull Docker images from the GitLab container registry even if a local meaning the runner tries to pull Docker images from the GitLab container registry even if a local
copy is available. GitLab Runner's [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy) copy is available. The GitLab Runner [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy)
in an offline environment if you prefer using only locally available Docker images. However, we in an offline environment if you prefer using only locally available Docker images. However, we
recommend keeping the pull policy setting to `always` if not in an offline environment, as this recommend keeping the pull policy setting to `always` if not in an offline environment, as this
enables the use of updated scanners in your CI/CD pipelines. enables the use of updated scanners in your CI/CD pipelines.
......
...@@ -96,7 +96,7 @@ above. You can find more information at each of the pages below: ...@@ -96,7 +96,7 @@ above. You can find more information at each of the pages below:
To use many GitLab features, including To use many GitLab features, including
[security scans](../index.md#working-in-an-offline-environment) [security scans](../index.md#working-in-an-offline-environment)
and [Auto DevOps](../../../topics/autodevops/index.md), the GitLab Runner must be able to fetch the and [Auto DevOps](../../../topics/autodevops/index.md), the runner must be able to fetch the
relevant Docker images. relevant Docker images.
The process for making these images available without direct access to the public internet The process for making these images available without direct access to the public internet
...@@ -124,7 +124,7 @@ The pipeline downloads the Docker images needed for the Security Scanners and sa ...@@ -124,7 +124,7 @@ The pipeline downloads the Docker images needed for the Security Scanners and sa
[job artifacts](../../../ci/pipelines/job_artifacts.md) or pushes them to the [Container Registry](../../packages/container_registry/index.md) [job artifacts](../../../ci/pipelines/job_artifacts.md) or pushes them to the [Container Registry](../../packages/container_registry/index.md)
of the project where the pipeline is executed. These archives can be transferred to another location of the project where the pipeline is executed. These archives can be transferred to another location
and [loaded](https://docs.docker.com/engine/reference/commandline/load/) in a Docker daemon. and [loaded](https://docs.docker.com/engine/reference/commandline/load/) in a Docker daemon.
This method requires a GitLab Runner with access to both `gitlab.com` (including This method requires a runner with access to both `gitlab.com` (including
`registry.gitlab.com`) and the local offline instance. This runner must run in `registry.gitlab.com`) and the local offline instance. This runner must run in
[privileged mode](https://docs.gitlab.com/runner/executors/docker.html#use-docker-in-docker-with-privileged-mode) [privileged mode](https://docs.gitlab.com/runner/executors/docker.html#use-docker-in-docker-with-privileged-mode)
to be able to use the `docker` command inside the jobs. This runner can be installed in a DMZ or on to be able to use the `docker` command inside the jobs. This runner can be installed in a DMZ or on
......
...@@ -43,16 +43,16 @@ A pipeline consists of multiple jobs, including SAST and DAST scanning. If any j ...@@ -43,16 +43,16 @@ A pipeline consists of multiple jobs, including SAST and DAST scanning. If any j
## Requirements ## Requirements
To run SAST jobs, by default, you need a GitLab Runner with the To run SAST jobs, by default, you need GitLab Runner with the
[`docker`](https://docs.gitlab.com/runner/executors/docker.html) or [`docker`](https://docs.gitlab.com/runner/executors/docker.html) or
[`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html) executor. [`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html) executor.
If you're using the shared Runners on GitLab.com, this is enabled by default. If you're using the shared runners on GitLab.com, this is enabled by default.
CAUTION: **Caution:** CAUTION: **Caution:**
Our SAST jobs require a Linux container type. Windows containers are not yet supported. Our SAST jobs require a Linux container type. Windows containers are not yet supported.
CAUTION: **Caution:** CAUTION: **Caution:**
If you use your own Runners, make sure the Docker version installed If you use your own runners, make sure the Docker version installed
is **not** `19.03.0`. See [troubleshooting information](#error-response-from-daemon-error-processing-tar-file-docker-tar-relocation-error) for details. is **not** `19.03.0`. See [troubleshooting information](#error-response-from-daemon-error-processing-tar-file-docker-tar-relocation-error) for details.
## Supported languages and frameworks ## Supported languages and frameworks
...@@ -476,14 +476,14 @@ run successfully. For more information, see [Offline environments](../offline_de ...@@ -476,14 +476,14 @@ run successfully. For more information, see [Offline environments](../offline_de
To use SAST in an offline environment, you need: To use SAST in an offline environment, you need:
- A GitLab Runner with the [`docker` or `kubernetes` executor](#requirements). - GitLab Runner with the [`docker` or `kubernetes` executor](#requirements).
- A Docker Container Registry with locally available copies of SAST [analyzer](https://gitlab.com/gitlab-org/security-products/analyzers) images. - A Docker Container Registry with locally available copies of SAST [analyzer](https://gitlab.com/gitlab-org/security-products/analyzers) images.
- Configure certificate checking of packages (optional). - Configure certificate checking of packages (optional).
NOTE: **Note:** NOTE: **Note:**
GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy), GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy),
meaning the Runner tries to pull Docker images from the GitLab container registry even if a local meaning the runner tries to pull Docker images from the GitLab container registry even if a local
copy is available. GitLab Runner's [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy) copy is available. The GitLab Runner [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy)
in an offline environment if you prefer using only locally available Docker images. However, we in an offline environment if you prefer using only locally available Docker images. However, we
recommend keeping the pull policy setting to `always` if not in an offline environment, as this recommend keeping the pull policy setting to `always` if not in an offline environment, as this
enables the use of updated scanners in your CI/CD pipelines. enables the use of updated scanners in your CI/CD pipelines.
......
...@@ -37,13 +37,13 @@ GitLab displays identified secrets visibly in a few places: ...@@ -37,13 +37,13 @@ GitLab displays identified secrets visibly in a few places:
To run Secret Detection jobs, by default, you need GitLab Runner with the To run Secret Detection jobs, by default, you need GitLab Runner with the
[`docker`](https://docs.gitlab.com/runner/executors/docker.html) or [`docker`](https://docs.gitlab.com/runner/executors/docker.html) or
[`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html) executor. [`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html) executor.
If you're using the shared Runners on GitLab.com, this is enabled by default. If you're using the shared runners on GitLab.com, this is enabled by default.
CAUTION: **Caution:** CAUTION: **Caution:**
Our Secret Detection jobs currently expect a Linux container type. Windows containers are not yet supported. Our Secret Detection jobs currently expect a Linux container type. Windows containers are not yet supported.
CAUTION: **Caution:** CAUTION: **Caution:**
If you use your own Runners, make sure the Docker version installed If you use your own runners, make sure the Docker version installed
is **not** `19.03.0`. See [troubleshooting information](../sast#error-response-from-daemon-error-processing-tar-file-docker-tar-relocation-error) for details. is **not** `19.03.0`. See [troubleshooting information](../sast#error-response-from-daemon-error-processing-tar-file-docker-tar-relocation-error) for details.
### Making Secret Detection available to all GitLab tiers ### Making Secret Detection available to all GitLab tiers
......
...@@ -35,7 +35,7 @@ To use the instance, group, project, or pipeline security dashboard: ...@@ -35,7 +35,7 @@ To use the instance, group, project, or pipeline security dashboard:
the [supported reports](#supported-reports). the [supported reports](#supported-reports).
1. The configured jobs must use the [new `reports` syntax](../../../ci/pipelines/job_artifacts.md#artifactsreports). 1. The configured jobs must use the [new `reports` syntax](../../../ci/pipelines/job_artifacts.md#artifactsreports).
1. [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 or newer must be used. 1. [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 or newer must be used.
If you're using the shared Runners on GitLab.com, this is already the case. If you're using the shared runners on GitLab.com, this is already the case.
## Pipeline Security ## Pipeline Security
......
...@@ -616,8 +616,8 @@ To use License Compliance in an offline environment, you need: ...@@ -616,8 +616,8 @@ To use License Compliance in an offline environment, you need:
NOTE: **Note:** NOTE: **Note:**
GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy), GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy),
meaning the Runner tries to pull Docker images from the GitLab container registry even if a local meaning the runner tries to pull Docker images from the GitLab container registry even if a local
copy is available. GitLab Runner's [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy) copy is available. The GitLab Runner [`pull_policy` can be set to `if-not-present`](https://docs.gitlab.com/runner/executors/docker.html#using-the-if-not-present-pull-policy)
in an offline environment if you prefer using only locally available Docker images. However, we in an offline environment if you prefer using only locally available Docker images. However, we
recommend keeping the pull policy setting to `always` if not in an offline environment, as this recommend keeping the pull policy setting to `always` if not in an offline environment, as this
enables the use of updated scanners in your CI/CD pipelines. enables the use of updated scanners in your CI/CD pipelines.
......
...@@ -81,8 +81,8 @@ To display the Deploy Boards for a specific [environment](../../ci/environments/ ...@@ -81,8 +81,8 @@ To display the Deploy Boards for a specific [environment](../../ci/environments/
[OpenShift docs](https://docs.openshift.com/container-platform/3.7/dev_guide/deployments/kubernetes_deployments.html#kubernetes-deployments-vs-deployment-configurations) [OpenShift docs](https://docs.openshift.com/container-platform/3.7/dev_guide/deployments/kubernetes_deployments.html#kubernetes-deployments-vs-deployment-configurations)
and [GitLab issue #4584](https://gitlab.com/gitlab-org/gitlab/-/issues/4584). and [GitLab issue #4584](https://gitlab.com/gitlab-org/gitlab/-/issues/4584).
1. [Configure GitLab Runner](../../ci/runners/README.md) with the [Docker](https://docs.gitlab.com/runner/executors/docker.html) or 1. [Configure GitLab Runner](../../ci/runners/README.md) with the [`docker`](https://docs.gitlab.com/runner/executors/docker.html) or
[Kubernetes](https://docs.gitlab.com/runner/executors/kubernetes.html) executor. [`kubernetes`](https://docs.gitlab.com/runner/executors/kubernetes.html) executor.
1. Configure the [Kubernetes integration](clusters/index.md) in your project for the 1. Configure the [Kubernetes integration](clusters/index.md) in your project for the
cluster. The Kubernetes namespace is of particular note as you will need it cluster. The Kubernetes namespace is of particular note as you will need it
for your deployment scripts (exposed by the `KUBE_NAMESPACE` env variable). for your deployment scripts (exposed by the `KUBE_NAMESPACE` env variable).
......
...@@ -236,12 +236,12 @@ below. ...@@ -236,12 +236,12 @@ below.
CAUTION: **Warning:** CAUTION: **Warning:**
Interactive Web Terminals for the Web IDE is currently in **Beta**. Interactive Web Terminals for the Web IDE is currently in **Beta**.
Shared Runners [do not yet support Interactive Web Terminals](https://gitlab.com/gitlab-org/gitlab/-/issues/24674), Shared runners [do not yet support Interactive Web Terminals](https://gitlab.com/gitlab-org/gitlab/-/issues/24674),
so you would need to use your own private Runner(s) to make use of this feature. so you would need to use your own private runner to make use of this feature.
[Interactive Web Terminals](../../../ci/interactive_web_terminal/index.md) [Interactive Web Terminals](../../../ci/interactive_web_terminal/index.md)
give the project [Maintainers](../../permissions.md#project-members-permissions) give the project [Maintainers](../../permissions.md#project-members-permissions)
user access to a terminal to interact with the Runner directly from user access to a terminal to interact with the runner directly from
GitLab, including through the Web IDE. GitLab, including through the Web IDE.
### Runner configuration ### Runner configuration
...@@ -249,7 +249,7 @@ GitLab, including through the Web IDE. ...@@ -249,7 +249,7 @@ GitLab, including through the Web IDE.
Some things need to be configured in the runner for the interactive web terminal Some things need to be configured in the runner for the interactive web terminal
to work: to work:
- The Runner needs to have - The runner needs to have
[`[session_server]` configured properly](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-session_server-section). [`[session_server]` configured properly](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-session_server-section).
This section requires at least a `session_timeout` value (which defaults to 1800 This section requires at least a `session_timeout` value (which defaults to 1800
seconds) and a `listen_address` value. If `advertise_address` is not defined, `listen_address` is used. seconds) and a `listen_address` value. If `advertise_address` is not defined, `listen_address` is used.
...@@ -346,7 +346,7 @@ environment. ...@@ -346,7 +346,7 @@ environment.
NOTE: **Note:** NOTE: **Note:**
Only file changes in the Web IDE are synced to the terminal. Only file changes in the Web IDE are synced to the terminal.
Changes made in the terminal are **not** synced to the Web IDE. Changes made in the terminal are **not** synced to the Web IDE.
This feature is only available for Kubernetes Runners. This feature is only available for Kubernetes runners.
To enable file syncing to the web terminal, the `.gitlab/.gitlab-webide.yml` To enable file syncing to the web terminal, the `.gitlab/.gitlab-webide.yml`
file needs to have a `webide-file-sync` service configured. Here is an example file needs to have a `webide-file-sync` service configured. Here is an example
...@@ -373,7 +373,7 @@ terminal: ...@@ -373,7 +373,7 @@ terminal:
more information. more information.
- `$CI_PROJECT_DIR` is a - `$CI_PROJECT_DIR` is a
[predefined environment variable](../../../ci/variables/predefined_variables.md) [predefined environment variable](../../../ci/variables/predefined_variables.md)
for GitLab Runners. This is where your project's repository will be. for GitLab Runner. This is where your project's repository will be.
Once you have configured the web terminal for file syncing, then when the web Once you have configured the web terminal for file syncing, then when the web
terminal is started, a **Terminal** status will be visible in the status bar. terminal is started, a **Terminal** status will be visible in the status bar.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment