@@ -24,16 +24,11 @@ Issues and merge requests should be in English and contain appropriate language
To get support for your particular problem please use the channels as detailed in the [getting help section of the readme](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/README.md#getting-help). Professional [support subscriptions](http://www.gitlab.com/subscription/) and [consulting services](http://www.gitlab.com/consultancy/) are available from [GitLab.com](http://www.gitlab.com/).
The [issue tracker](https://gitlab.com/gitlab-org/gitlab-ce/issues) is only for obvious errors in the latest [stable or development release of GitLab](MAINTENANCE.md).
If something is wrong but it is not a regression compared to older versions of GitLab please do not open an issue but a feature request.
When submitting an issue please conform to the issue submission guidelines listed below.
Not all issues will be addressed and your issue is more likely to be addressed if you submit a merge request which partially or fully addresses the issue.
The [issue tracker](https://gitlab.com/gitlab-org/gitlab-ce/issues) is only for obvious errors in the latest [stable or development release of GitLab](MAINTENANCE.md). If something is wrong but it is not a regression compared to older versions of GitLab please do not open an issue but a feature request. When submitting an issue please conform to the issue submission guidelines listed below. Not all issues will be addressed and your issue is more likely to be addressed if you submit a merge request which partially or fully addresses the issue.
Issues can be filed either at [gitlab.com](https://gitlab.com/gitlab-org/gitlab-ce/issues) or [github.com](https://github.com/gitlabhq/gitlabhq/issues).
Do not use the issue tracker for feature requests.
We have a specific [feature request forum](http://feedback.gitlab.com) for this purpose.
Please keep feature requests as small and simple as possible, complex ones might be edited to make them small and simple.
Do not use the issue tracker for feature requests. We have a specific [feature request forum](http://feedback.gitlab.com) for this purpose. Please keep feature requests as small and simple as possible, complex ones might be edited to make them small and simple.
Please send a merge request with a tested solution or a merge request with a failing test instead of opening an issue if you can. If you're unsure where to post, post to the [mailing list](https://groups.google.com/forum/#!forum/gitlabhq) or [Stack Overflow](http://stackoverflow.com/questions/tagged/gitlab) first. There are a lot of helpful GitLab users there who may be able to help you quickly. If your particular issue turns out to be a bug, it will find its way from there.
...
...
@@ -42,16 +37,16 @@ Please send a merge request with a tested solution or a merge request with a fai
**[Search the issues](https://gitlab.com/gitlab-org/gitlab-ce/issues)** for similar entries before submitting your own, there's a good chance somebody else had the same issue. Show your support with `:+1:` and/or join the discussion. Please submit issues in the following format (as the first post):
1.**Summary:** Summarize your issue in one sentence (what goes wrong, what did you expect to happen)
2.**Steps to reproduce:** How can we reproduce the issue, preferably on the [GitLab development virtual machine with vagrant](https://gitlab.com/gitlab-org/cookbook-gitlab/blob/master/doc/development.md)(start your issue with: `vagrant destroy && vagrant up && vagrant ssh`)
3.**Expected behavior:** Describe your issue in detail
4.**Observed behavior**
5.**Relevant logs and/or screenshots:** Please use code blocks (\`\`\`) to format console output, logs, and code as it's very hard to read otherwise.
6.**Output of checks**
1.**Steps to reproduce:** How can we reproduce the issue, preferably on the [GitLab development virtual machine with vagrant](https://gitlab.com/gitlab-org/cookbook-gitlab/blob/master/doc/development.md)(start your issue with: `vagrant destroy && vagrant up && vagrant ssh`)
1.**Expected behavior:** Describe your issue in detail
1.**Observed behavior**
1.**Relevant logs and/or screenshots:** Please use code blocks (\`\`\`) to format console output, logs, and code as it's very hard to read otherwise.
1.**Output of checks**
* Results of GitLab [Application Check](doc/install/installation.md#check-application-status)(`sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production`); we will only investigate if the tests are passing
* Version of GitLab you are running; we will only investigate issues in the latest stable and development releases as per the [maintenance policy](MAINTENANCE.md)
* Add the last commit sha1 of the GitLab version you used to replicate the issue (obtainable from the help page)
* Describe your setup (use relevant parts from `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
7. **Possible fixes**: If you can, link to the line of code that might be responsible for the problem
1. **Possible fixes**: If you can, link to the line of code that might be responsible for the problem
## Merge requests
...
...
@@ -87,10 +82,10 @@ For examples of feedback on merge requests please look at already [closed merge
**Please format your merge request description as follows:**
1. What does this MR do?
2. Are there points in the code the reviewer needs to double check?
3. Why was this MR needed?
4. What are the relevant issue numbers / [Feature requests](http://feedback.gitlab.com/)?
5. Screenshots (If appropiate)
1. Are there points in the code the reviewer needs to double check?
1. Why was this MR needed?
1. What are the relevant issue numbers / [Feature requests](http://feedback.gitlab.com/)?
1. Screenshots (If appropiate)
## Contribution acceptance criteria
...
...
@@ -106,6 +101,7 @@ For examples of feedback on merge requests please look at already [closed merge
GitLab is a fast moving and evolving project. We currently don't have the
resources to support many releases concurrently. We support exactly one stable
release at any given time.
GitLab is a fast moving and evolving project. We currently don't have the resources to support many releases concurrently. We support exactly one stable release at any given time.
GitLab follows the [Semantic Versioning](http://semver.org/) for its releases:
`(Major).(Minor).(Patch)`.
GitLab follows the [Semantic Versioning](http://semver.org/) for its releases: `(Major).(Minor).(Patch)`.
***Major version**: Whenever there is something significant or any backwards
incompatible changes are introduced to the public API.
***Minor version**: When new, backwards compatible functionality is introduced
to the public API or a minor feature is introduced, or when a set of smaller
features is rolled out.
***Patch number**: When backwards compatible bug fixes are introduced that fix
incorrect behavior.
-**Major version**: Whenever there is something significant or any backwards incompatible changes are introduced to the public API.
-**Minor version**: When new, backwards compatible functionality is introduced to the public API or a minor feature is introduced, or when a set of smaller features is rolled out.
-**Patch number**: When backwards compatible bug fixes are introduced that fix incorrect behavior.
The current stable release will receive security patches and bug fixes
(eg. `5.0` -> `5.0.1`). Feature releases will mark the next supported stable
release where the minor version is increased numerically by increments of one
(eg. `5.0 -> 5.1`).
The current stable release will receive security patches and bug fixes (eg. `5.0` -> `5.0.1`). Feature releases will mark the next supported stable release where the minor version is increased numerically by increments of one (eg. `5.0 -> 5.1`).
We encourage everyone to run the latest stable release to ensure that you can easily upgrade to the most secure and feature rich GitLab experience. In order to make sure you can easily run the most recent stable release, we are working hard to keep the update process simple and reliable.
@@ -24,9 +24,9 @@ Below we describe the contributing process to GitLab for two reasons. So that co
## Priorities of the issue team
1. Mentioning people (critical)
2. Workflow labels (normal)
3. Functional labels (minor)
4. Assigning issues (avoid if possible)
1. Workflow labels (normal)
1. Functional labels (minor)
1. Assigning issues (avoid if possible)
## Mentioning people
...
...
@@ -36,11 +36,11 @@ The most important thing is making sure valid issues receive feedback from the d
Workflow labels are purposely not very detailed since that would be hard to keep updated as you would need to reevaluate them after every comment. We optionally use functional labels on demand when want to group related issues to get an overview (for example all issues related to RVM, to tackle them in one go) and to add details to the issue.
-_Awaiting feedback_: Feedback pending from the reporter
-_Awaiting confirmation of fix_: The issue should already be solved in **master** (generally you can avoid this workflow item and just close the issue right away)
-_Attached MR_: There is a MR attached and the discussion should happen there
-*Awaiting feedback*: Feedback pending from the reporter
-*Awaiting confirmation of fix*: The issue should already be solved in **master** (generally you can avoid this workflow item and just close the issue right away)
-*Attached MR*: There is a MR attached and the discussion should happen there
- We need to let issues stay in sync with the MR's. We can do this with a "Closing #XXXX" or "Fixes #XXXX" comment in the MR. We can't close the issue when there is a merge request because sometimes a MR is not good and we just close the MR, then the issue must stay.
-_Awaiting developer action/feedback_: Issue needs to be fixed or clarified by a developer
-*Awaiting developer action/feedback*: Issue needs to be fixed or clarified by a developer
## Functional labels
...
...
@@ -51,6 +51,7 @@ These labels describe what development specialities are involved such as: Postgr
If an issue is complex and needs the attention of a specific person, assignment is a good option but assigning issues might discourage other people from contributing to that issue. We need all the contributions we can get so this should never be discouraged. Also, an assigned person might not have time for a few weeks, so others should feel free to takeover.
## Label colors
- Light orange `#fef2c0`: workflow labels for issue team members (awaiting feedback, awaiting confirmation of fix)
- Bright orange `#eb6420`: workflow labels for core team members (attached MR, awaiting developer action/feedback)
- Light blue `#82C5FF`: functional labels
...
...
@@ -102,8 +103,4 @@ This merge request has been closed because a request for more information has no
### Accepting merge requests
Is there a request on [the feature request forum](http://feedback.gitlab.com/forums/176466-general) that is similar to this?
If so, can you make a comment with a link to it?
Please be aware that new functionality that is not marked [accepting merge/pull requests](http://feedback.gitlab.com/forums/176466-general/status/796455) on the forum might not make it into GitLab.
You might be asked to make changes and even after implementing them your feature might still be declined.
If you want to reduce the chance of this happening please have a discussion in the forum first.
Is there a request on [the feature request forum](http://feedback.gitlab.com/forums/176466-general) that is similar to this? If so, can you make a comment with a link to it? Please be aware that new functionality that is not marked [accepting merge/pull requests](http://feedback.gitlab.com/forums/176466-general/status/796455) on the forum might not make it into GitLab. You might be asked to make changes and even after implementing them your feature might still be declined. If you want to reduce the chance of this happening please have a discussion in the forum first.
### Gitlab is open source software to collaborate on code
## Open source software to collaborate on code
* Manage git repositories with fine grained access controls that keep your code secure
* Perform code reviews and enhance collaboration with merge requests
* Each project can also have an issue tracker and a wiki
* Used by more than 100,000 organizations, GitLab is the most popular solution to manage git repositories on-premises
* Completely free and open source (MIT Expat license)
* Powered by Ruby on Rails
- Manage Git repositories with fine grained access controls that keep your code secure
- Perform code reviews and enhance collaboration with merge requests
- Each project can also have an issue tracker and a wiki
- Used by more than 100,000 organizations, GitLab is the most popular solution to manage Git repositories on-premises
- Completely free and open source (MIT Expat license)
- Powered by Ruby on Rails
### Canonical source
## Canonical source
* The source of GitLab Community Edition is [hosted on GitLab.com](https://gitlab.com/gitlab-org/gitlab-ce/) and there are mirrors to make [contributing](CONTRIBUTING.md) as easy as possible.
- The source of GitLab Community Edition is [hosted on GitLab.com](https://gitlab.com/gitlab-org/gitlab-ce/) and there are mirrors to make [contributing](CONTRIBUTING.md) as easy as possible.
### Code status
## Code status
*[![build status](https://ci.gitlab.org/projects/1/status.png?ref=master)](https://ci.gitlab.org/projects/1?ref=master) on ci.gitlab.org (master branch)
-[![build status](https://ci.gitlab.org/projects/1/status.png?ref=master)](https://ci.gitlab.org/projects/1?ref=master) on ci.gitlab.org (master branch)
*[www.gitlab.com](https://www.gitlab.com/) includes information about [subscriptions](https://www.gitlab.com/subscription/), [consultancy](https://www.gitlab.com/consultancy/), the [community](https://www.gitlab.com/community/) and the [hosted GitLab.com](https://www.gitlab.com/gitlab-com/).
-[www.gitlab.com](https://www.gitlab.com/) includes information about [subscriptions](https://www.gitlab.com/subscription/), [consultancy](https://www.gitlab.com/consultancy/), the [community](https://www.gitlab.com/community/) and the [hosted GitLab.com](https://www.gitlab.com/gitlab-com/).
*[GitLab Enterprise Edition](https://www.gitlab.com/gitlab-ee/) offers additional features aimed at larger organizations.
-[GitLab Enterprise Edition](https://www.gitlab.com/gitlab-ee/) offers additional features aimed at larger organizations.
*[GitLab CI](https://www.gitlab.com/gitlab-ci/) is a continuous integration (CI) server that is easy to integrate with GitLab.
-[GitLab CI](https://www.gitlab.com/gitlab-ci/) is a continuous integration (CI) server that is easy to integrate with GitLab.
* Unofficial third-party [iPhone app](http://gitlabcontrol.com/), [Android app](https://play.google.com/store/apps/details?id=com.bd.gitlab&hl=en), [command line client](https://github.com/drewblessing/gitlab-cli), [Ruby API wrapper](https://github.com/NARKOZ/gitlab) and [Chrome app](https://chrome.google.com/webstore/detail/chrome-gitlab-notifier/eageapgbnjicdjjihgclpclilenjbobi) for GitLab.
- Unofficial third-party [iPhone app](http://gitlabcontrol.com/), [Android app](https://play.google.com/store/apps/details?id=com.bd.gitlab&hl=en), [command line client](https://github.com/drewblessing/gitlab-cli), [Ruby API wrapper](https://github.com/NARKOZ/gitlab) and [Chrome app](https://chrome.google.com/webstore/detail/chrome-gitlab-notifier/eageapgbnjicdjjihgclpclilenjbobi) for GitLab.
### Requirements
## Requirements
* Ubuntu/Debian/CentOS/RHEL**
* ruby 2.0+
* git 1.7.10+
* redis 2.0+
* MySQL or PostgreSQL
- Ubuntu/Debian/CentOS/RHEL**
- ruby 2.0+
- git 1.7.10+
- redis 2.0+
- MySQL or PostgreSQL
** More details are in the [requirements doc](doc/install/requirements.md)
** More details are in the [requirements doc](doc/install/requirements.md).
### Installation
## Installation
Please see [the installation page on the GitLab website](https://www.gitlab.com/installation/).
...
...
@@ -59,22 +61,21 @@ Since 2011 a minor or major version of GitLab is released on the 22nd of every m
For updating the the Omnibus installation please see the [update documentation](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/update.md). For manual installations there is an [upgrader script](doc/update/upgrader.md) and there are [upgrade guides](doc/update).
### Run in production mode
## Run in production mode
The Installation guide contains instructions on how to download an init script and run it automatically on boot. You can also start the init script manually:
sudo service gitlab start
or by directly calling the script
or by directly calling the script:
sudo /etc/init.d/gitlab start
Please login with root / 5iveL!fe
Please login with `root` / `5iveL!fe`.
### Install a development environment
We recommend setting up your development environment with [the cookbook](https://gitlab.com/gitlab-org/cookbook-gitlab/blob/master/README.md#installation).
If you do not use the cookbook you might need to copy the example development unicorn configuration file
We recommend setting up your development environment with [the cookbook](https://gitlab.com/gitlab-org/cookbook-gitlab/blob/master/README.md#installation). If you do not use the cookbook you might need to copy the example development unicorn configuration file
The API uses JSON to serialize data. You don't need to specify `.json` at the end of API URL.
## Status codes
The API is designed to return different status codes according to context and action. In this way
if a request results in an error the caller is able to get insight into what went wrong, e.g.
status code `400 Bad Request` is returned if a required attribute is missing from the request.
The following list gives an overview of how the API functions generally behave.
The API is designed to return different status codes according to context and action. In this way if a request results in an error the caller is able to get insight into what went wrong, e.g. status code `400 Bad Request` is returned if a required attribute is missing from the request. The following list gives an overview of how the API functions generally behave.
API request types:
*`GET` requests access one or more resources and return the result as JSON
*`POST` requests return `201 Created` if the resource is successfully created and return the newly created resource as JSON
*`GET`, `PUT` and `DELETE` return `200 Ok` if the resource is accessed, modified or deleted successfully, the (modified) result is returned as JSON
*`DELETE` requests are designed to be idempotent, meaning a request a resource still returns `200 Ok` even it was deleted before or is not available. The reasoning behind it is the user is not really interested if the resource existed before or not.
-`GET` requests access one or more resources and return the result as JSON
-`POST` requests return `201 Created` if the resource is successfully created and return the newly created resource as JSON
-`GET`, `PUT` and `DELETE` return `200 Ok` if the resource is accessed, modified or deleted successfully, the (modified) result is returned as JSON
-`DELETE` requests are designed to be idempotent, meaning a request a resource still returns `200 Ok` even it was deleted before or is not available. The reasoning behind it is the user is not really interested if the resource existed before or not.
The following list shows the possible return codes for API requests.
Return values:
*`200 Ok` - The `GET`, `PUT` or `DELETE` request was successful, the resource(s) itself is returned as JSON
*`201 Created` - The `POST` request was successful and the resource is returned as JSON
*`400 Bad Request` - A required attribute of the API request is missing, e.g. the title of an issue is not given
*`401 Unauthorized` - The user is not authenticated, a valid user token is necessary, see above
*`403 Forbidden` - The request is not allowed, e.g. the user is not allowed to delete a project
*`404 Not Found` - A resource could not be accessed, e.g. an ID for a resource could not be found
*`405 Method Not Allowed` - The request is not supported
*`409 Conflict` - A conflicting resource already exists, e.g. creating a project with a name that already exists
*`500 Server Error` - While handling the request something went wrong on the server side
-`200 Ok` - The `GET`, `PUT` or `DELETE` request was successful, the resource(s) itself is returned as JSON
-`201 Created` - The `POST` request was successful and the resource is returned as JSON
-`400 Bad Request` - A required attribute of the API request is missing, e.g. the title of an issue is not given
-`401 Unauthorized` - The user is not authenticated, a valid user token is necessary, see above
-`403 Forbidden` - The request is not allowed, e.g. the user is not allowed to delete a project
-`404 Not Found` - A resource could not be accessed, e.g. an ID for a resource could not be found
-`405 Method Not Allowed` - The request is not supported
-`409 Conflict` - A conflicting resource already exists, e.g. creating a project with a name that already exists
-`500 Server Error` - While handling the request something went wrong on the server side
## Sudo
All API requests support performing an api call as if you were another user, if your private token is for an administration account. You need to pass `sudo` parameter by url or header with an id or username of the user you want to perform the operation as. If passed as header, the header name must be "SUDO" (capitals).
If a non administrative `private_token` is provided then an error message will be returned with status code 403:
...
...
@@ -112,16 +106,17 @@ Example of a valid API with sudo request:
```
GET http://example.com/api/v3/projects?private_token=QVy1PB7sTxfy4pqfZM1U&sudo=username
```
```
GET http://example.com/api/v3/projects?private_token=QVy1PB7sTxfy4pqfZM1U&sudo=23
```
Example for a valid API request with sudo using curl and authentication via header:
When listing resources you can pass the following parameters:
+`page` (default: `1`) - page number
+`per_page` (default: `20`, max: `100`) - number of items to list per page
-`page` (default: `1`) - page number
-`per_page` (default: `20`, max: `100`) - number of items to list per page
[Link headers](http://www.w3.org/wiki/LinkHeader) are send back with each response.
These have `rel` prev/next/first/last and contain the relevant url.
Please use these instead of generating your own urls.
[Link headers](http://www.w3.org/wiki/LinkHeader) are send back with each response. These have `rel` prev/next/first/last and contain the relevant URL. Please use these instead of generating your own urls.
## id vs iid
When you work with API you may notice two similar fields in api entites: id and iid.
The main difference between them is scope. Example:
When you work with API you may notice two similar fields in api entites: id and iid. The main difference between them is scope. Example:
Issue:
Issue
id: 46
iid: 5
* id - is uniq across all Issues table. It used for any api calls.
* iid - is uniq only in scope of single project. When you browse issues or merge requests with Web UI - you see iid.
- id - is uniq across all Issues table. It used for any api calls.
- iid - is uniq only in scope of single project. When you browse issues or merge requests with Web UI - you see iid.
So if you want to get issue with api you use `http://host/api/v3/.../issues/:id.json`
But when you want to create a link to web page - use `http:://host/project/issues/:iid.json`
So if you want to get issue with api you use `http://host/api/v3/.../issues/:id.json`. But when you want to create a link to web page - use `http:://host/project/issues/:iid.json`
Get a list of project issues. This function accepts pagination parameters `page` and `per_page`
...
...
@@ -85,8 +84,7 @@ GET /projects/:id/issues
Parameters:
+`id` (required) - The ID of a project
-`id` (required) - The ID of a project
## Single issue
...
...
@@ -98,8 +96,8 @@ GET /projects/:id/issues/:issue_id
Parameters:
+`id` (required) - The ID of a project
+`issue_id` (required) - The ID of a project issue
-`id` (required) - The ID of a project
-`issue_id` (required) - The ID of a project issue
```json
{
...
...
@@ -142,7 +140,6 @@ Parameters:
}
```
## New issue
Creates a new project issue.
...
...
@@ -153,13 +150,12 @@ POST /projects/:id/issues
Parameters:
+`id` (required) - The ID of a project
+`title` (required) - The title of an issue
+`description` (optional) - The description of an issue
+`assignee_id` (optional) - The ID of a user to assign issue
+`milestone_id` (optional) - The ID of a milestone to assign issue
+`labels` (optional) - Comma-separated label names for an issue
-`id` (required) - The ID of a project
-`title` (required) - The title of an issue
-`description` (optional) - The description of an issue
-`assignee_id` (optional) - The ID of a user to assign issue
-`milestone_id` (optional) - The ID of a milestone to assign issue
-`labels` (optional) - Comma-separated label names for an issue
## Edit issue
...
...
@@ -171,21 +167,18 @@ PUT /projects/:id/issues/:issue_id
Parameters:
+`id` (required) - The ID of a project
+`issue_id` (required) - The ID of a project's issue
+`title` (optional) - The title of an issue
+`description` (optional) - The description of an issue
+`assignee_id` (optional) - The ID of a user to assign issue
+`milestone_id` (optional) - The ID of a milestone to assign issue
+`labels` (optional) - Comma-separated label names for an issue
+`state_event` (optional) - The state event of an issue ('close' to close issue and 'reopen' to reopen it)
-`id` (required) - The ID of a project
-`issue_id` (required) - The ID of a project's issue
-`title` (optional) - The title of an issue
-`description` (optional) - The description of an issue
-`assignee_id` (optional) - The ID of a user to assign issue
-`milestone_id` (optional) - The ID of a milestone to assign issue
-`labels` (optional) - Comma-separated label names for an issue
-`state_event` (optional) - The state event of an issue ('close' to close issue and 'reopen' to reopen it)
## Delete existing issue (**Deprecated**)
The function is deprecated and returns a `405 Method Not Allowed`
error if called. An issue gets now closed and is done by calling `PUT /projects/:id/issues/:issue_id` with
parameter `closed` set to 1.
The function is deprecated and returns a `405 Method Not Allowed` error if called. An issue gets now closed and is done by calling `PUT /projects/:id/issues/:issue_id` with parameter `closed` set to 1.
The `state` parameter can be used to get only merge requests with a
given state (`opened`, `closed`, or `merged`) or all of them (`all`).
The pagination parameters `page` and `per_page` can be used to restrict the
list of merge requests.
Get all merge requests for this project. The `state` parameter can be used to get only merge requests with a given state (`opened`, `closed`, or `merged`) or all of them (`all`). The pagination parameters `page` and `per_page` can be used to restrict the list of merge requests.
```
GET /projects/:id/merge_requests
...
...
@@ -16,8 +12,8 @@ GET /projects/:id/merge_requests?state=all
Parameters:
+`id` (required) - The ID of a project
+`state` (optional) - Return `all` requests or just those that are `merged`, `opened` or `closed`
-`id` (required) - The ID of a project
-`state` (optional) - Return `all` requests or just those that are `merged`, `opened` or `closed`
```json
[
...
...
@@ -51,7 +47,6 @@ Parameters:
]
```
## Get single MR
Shows information about a single merge request.
...
...
@@ -62,8 +57,8 @@ GET /projects/:id/merge_request/:merge_request_id
Parameters:
+`id` (required) - The ID of a project
+`merge_request_id` (required) - The ID of MR
-`id` (required) - The ID of a project
-`merge_request_id` (required) - The ID of MR
```json
{
...
...
@@ -95,7 +90,6 @@ Parameters:
}
```
## Create MR
Creates a new merge request.
...
...
@@ -106,12 +100,12 @@ POST /projects/:id/merge_requests
Parameters:
+`id` (required) - The ID of a project
+`source_branch` (required) - The source branch
+`target_branch` (required) - The target branch
+`assignee_id` (optional) - Assignee user ID
+`title` (required) - Title of MR
+`target_project_id` (optional) - The target project (numeric id)
-`id` (required) - The ID of a project
-`source_branch` (required) - The source branch
-`target_branch` (required) - The target branch
-`assignee_id` (optional) - Assignee user ID
-`title` (required) - Title of MR
-`target_project_id` (optional) - The target project (numeric id)
```json
{
...
...
@@ -142,7 +136,6 @@ Parameters:
}
```
## Update MR
Updates an existing merge request. You can change branches, title, or even close the MR.
...
...
@@ -153,13 +146,13 @@ PUT /projects/:id/merge_request/:merge_request_id
Parameters:
+`id` (required) - The ID of a project
+`merge_request_id` (required) - ID of MR
+`source_branch` - The source branch
+`target_branch` - The target branch
+`assignee_id` - Assignee user ID
+`title` - Title of MR
+`state_event` - New state (close|reopen|merge)
-`id` (required) - The ID of a project
-`merge_request_id` (required) - ID of MR
-`source_branch` - The source branch
-`target_branch` - The target branch
-`assignee_id` - Assignee user ID
-`title` - Title of MR
-`state_event` - New state (close|reopen|merge)
```json
{
...
...
@@ -190,13 +183,16 @@ Parameters:
}
```
## Accept MR
Merge changes submitted with MR usign this API.
If merge success you get 200 OK.
If it has some conflicts and can not be merged - you get 405 and error message 'Branch cannot be merged'
If merge request is already merged or closed - you get 405 and error message 'Method Not Allowed'
If you dont have permissions to accept this merge request - you get 401
```
...
...
@@ -205,9 +201,9 @@ PUT /projects/:id/merge_request/:merge_request_id/merge
The url endpoint of the system hooks can be configured in [the admin area under hooks](/admin/hooks).
The URL endpoint of the system hooks can be configured in [the admin area under hooks](/admin/hooks).
## List system hooks
...
...
@@ -14,7 +14,7 @@ GET /hooks
Parameters:
+**none**
-**none**
```json
[
...
...
@@ -34,8 +34,7 @@ POST /hooks
Parameters:
+`url` (required) - The hook URL
-`url` (required) - The hook URL
## Test system hook
...
...
@@ -45,7 +44,7 @@ GET /hooks/:id
Parameters:
+`id` (required) - The ID of hook
-`id` (required) - The ID of hook
```json
{
...
...
@@ -60,8 +59,7 @@ Parameters:
## Delete system hook
Deletes a system hook. This is an idempotent API function and returns `200 Ok` even if the hook
is not available. If the hook is deleted it is also returned as JSON.
Deletes a system hook. This is an idempotent API function and returns `200 Ok` even if the hook is not available. If the hook is deleted it is also returned as JSON.
This function takes pagination parameters `page` and `per_page` to restrict the list of users.
```
...
...
@@ -53,8 +54,7 @@ GET /users
]
```
You can search for a users by email or username with:
`/users?search=John`
You can search for a users by email or username with: `/users?search=John`
Also see `def search query` in `app/models/user.rb`.
...
...
@@ -68,7 +68,7 @@ GET /users/:id
Parameters:
+`id` (required) - The ID of a user
-`id` (required) - The ID of a user
```json
{
...
...
@@ -93,7 +93,6 @@ Parameters:
}
```
## User creation
Creates a new user. Note only administrators can create new users.
...
...
@@ -104,21 +103,20 @@ POST /users
Parameters:
+`email` (required) - Email
+`password` (required) - Password
+`username` (required) - Username
+`name` (required) - Name
+`skype` (optional) - Skype ID
+`linkedin` (optional) - Linkedin
+`twitter` (optional) - Twitter account
+`website_url` (optional) - Website url
+`projects_limit` (optional) - Number of projects user can create
+`extern_uid` (optional) - External UID
+`provider` (optional) - External provider name
+`bio` (optional) - User's bio
+`admin` (optional) - User is admin - true or false (default)
+`can_create_group` (optional) - User can create groups - true or false
-`email` (required) - Email
-`password` (required) - Password
-`username` (required) - Username
-`name` (required) - Name
-`skype` (optional) - Skype ID
-`linkedin` (optional) - Linkedin
-`twitter` (optional) - Twitter account
-`website_url` (optional) - Website url
-`projects_limit` (optional) - Number of projects user can create
-`extern_uid` (optional) - External UID
-`provider` (optional) - External provider name
-`bio` (optional) - User's bio
-`admin` (optional) - User is admin - true or false (default)
-`can_create_group` (optional) - User can create groups - true or false
## User modification
...
...
@@ -130,30 +128,26 @@ PUT /users/:id
Parameters:
+`email` - Email
+`username` - Username
+`name` - Name
+`password` - Password
+`skype` - Skype ID
+`linkedin` - Linkedin
+`twitter` - Twitter account
+`website_url` - Website url
+`projects_limit` - Limit projects each user can create
+`extern_uid` - External UID
+`provider` - External provider name
+`bio` - User's bio
+`admin` (optional) - User is admin - true or false (default)
+`can_create_group` (optional) - User can create groups - true or false
Note, at the moment this method does only return a 404 error, even in cases where a 409 (Conflict) would
be more appropriate, e.g. when renaming the email address to some existing one.
-`email` - Email
-`username` - Username
-`name` - Name
-`password` - Password
-`skype` - Skype ID
-`linkedin` - Linkedin
-`twitter` - Twitter account
-`website_url` - Website url
-`projects_limit` - Limit projects each user can create
-`extern_uid` - External UID
-`provider` - External provider name
-`bio` - User's bio
-`admin` (optional) - User is admin - true or false (default)
-`can_create_group` (optional) - User can create groups - true or false
Note, at the moment this method does only return a 404 error, even in cases where a 409 (Conflict) would be more appropriate, e.g. when renaming the email address to some existing one.
## User deletion
Deletes a user. Available only for administrators. This is an idempotent function, calling this function
for a non-existent user id still returns a status code `200 Ok`. The JSON response differs if the user
was actually deleted or not. In the former the user is returned and in the latter not.
Deletes a user. Available only for administrators. This is an idempotent function, calling this function for a non-existent user id still returns a status code `200 Ok`. The JSON response differs if the user was actually deleted or not. In the former the user is returned and in the latter not.
```
DELETE /users/:id
...
...
@@ -161,8 +155,7 @@ DELETE /users/:id
Parameters:
+`id` (required) - The ID of the user
-`id` (required) - The ID of the user
## Current user
...
...
@@ -194,7 +187,6 @@ GET /user
}
```
## List SSH keys
Get a list of currently authenticated user's SSH keys.
...
...
@@ -220,7 +212,7 @@ GET /user/keys
Parameters:
+**none**
-**none**
## List SSH keys for user
...
...
@@ -232,8 +224,7 @@ GET /users/:uid/keys
Parameters:
+`uid` (required) - id of specified user
-`uid` (required) - id of specified user
## Single SSH key
...
...
@@ -245,7 +236,7 @@ GET /user/keys/:id
Parameters:
+`id` (required) - The ID of an SSH key
-`id` (required) - The ID of an SSH key
```json
{
...
...
@@ -255,7 +246,6 @@ Parameters:
}
```
## Add SSH key
Creates a new key owned by the currently authenticated user.
...
...
@@ -266,9 +256,8 @@ POST /user/keys
Parameters:
+`title` (required) - new SSH Key's title
+`key` (required) - new SSH key
-`title` (required) - new SSH Key's title
-`key` (required) - new SSH key
## Add SSH key for user
...
...
@@ -280,17 +269,15 @@ POST /users/:id/keys
Parameters:
+`id` (required) - id of specified user
+`title` (required) - new SSH Key's title
+`key` (required) - new SSH key
-`id` (required) - id of specified user
-`title` (required) - new SSH Key's title
-`key` (required) - new SSH key
Will return created key with status `201 Created` on success, or `404 Not
found` on fail.
Will return created key with status `201 Created` on success, or `404 Not found` on fail.
## Delete SSH key
## Delete SSH key for current user
Deletes key owned by currently authenticated user. This is an idempotent function and calling it on a key that is already
deleted or not available results in `200 Ok`.
Deletes key owned by currently authenticated user. This is an idempotent function and calling it on a key that is already deleted or not available results in `200 Ok`.
```
DELETE /user/keys/:id
...
...
@@ -298,9 +285,9 @@ DELETE /user/keys/:id
Parameters:
+`id` (required) - SSH key ID
-`id` (required) - SSH key ID
## Delete SSH key
## Delete SSH key for given user
Deletes key owned by a specified user. Available only for admin.
...
...
@@ -310,8 +297,7 @@ DELETE /users/:uid/keys/:id
Parameters:
+`uid` (required) - id of specified user
+`id` (required) - SSH key ID
-`uid` (required) - id of specified user
-`id` (required) - SSH key ID
Will return `200 Ok` on success, or `404 Not found` if either user or key cannot be found.
There are two editions of GitLab: [Enterprise Edition](https://www.gitlab.com/gitlab-ee/)(EE) and [Community Edition](https://www.gitlab.com/gitlab-ce/)(CE).
GitLab CE is delivered via git from the [gitlabhq repository](https://gitlab.com/gitlab-org/gitlab-ce/tree/master).
New versions of GitLab are released in stable branches and the master branch is for bleeding edge development.
There are two editions of GitLab: [Enterprise Edition](https://www.gitlab.com/gitlab-ee/)(EE) and [Community Edition](https://www.gitlab.com/gitlab-ce/)(CE). GitLab CE is delivered via git from the [gitlabhq repository](https://gitlab.com/gitlab-org/gitlab-ce/tree/master). New versions of GitLab are released in stable branches and the master branch is for bleeding edge development.
EE releases are available not long after CE releases.
To obtain the GitLab EE there is a [repository at gitlab.com](https://gitlab.com/subscribers/gitlab-ee).
For more information about the release process see the section 'New versions and upgrading' in the readme.
EE releases are available not long after CE releases. To obtain the GitLab EE there is a [repository at gitlab.com](https://gitlab.com/subscribers/gitlab-ee). For more information about the release process see the section 'New versions and upgrading' in the readme.
Both EE and CE require an add-on component called gitlab-shell.
It is obtained from the [gitlab-shell repository](https://gitlab.com/gitlab-org/gitlab-shell/tree/master).
New versions are usually tags but staying on the master branch will give you the latest stable version.
New releases are generally around the same time as GitLab CE releases with exception for informal security updates deemed critical.
Both EE and CE require an add-on component called gitlab-shell. It is obtained from the [gitlab-shell repository](https://gitlab.com/gitlab-org/gitlab-shell/tree/master). New versions are usually tags but staying on the master branch will give you the latest stable version. New releases are generally around the same time as GitLab CE releases with exception for informal security updates deemed critical.
# System Layout
## System Layout
When referring to ~git in the pictures it means the home directory of the git user which is typically /home/git.
GitLab is primarily installed within the `/home/git` user home directory as `git` user.
Within the home directory is where the gitlabhq server software resides as well as the repositories (though the repository location is configurable).
The bare repositories are located in `/home/git/repositories`.
GitLab is a ruby on rails application so the particulars of the inner workings can be learned by studying how a ruby on rails application works.
GitLab is primarily installed within the `/home/git` user home directory as `git` user. Within the home directory is where the gitlabhq server software resides as well as the repositories (though the repository location is configurable).
The bare repositories are located in `/home/git/repositories`. GitLab is a ruby on rails application so the particulars of the inner workings can be learned by studying how a ruby on rails application works.
To serve repositories over SSH there's an add-on application called gitlab-shell which is installed in `/home/git/gitlab-shell`.
A typical install of GitLab will be on Ubuntu Linux or RHEL/CentOS.
It uses Nginx or Apache as a web front end to proxypass the Unicorn web server.
By default, communication between Unicorn and the front end is via a Unix domain socket but forwarding requests via TCP is also supported.
The web front end accesses `/home/git/gitlab/public` bypassing the Unicorn server to serve static pages, uploads (e.g. avatar images or attachments), and precompiled assets.
GitLab serves web pages and a [GitLab API](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/doc/api) using the Unicorn web server.
It uses Sidekiq as a job queue which, in turn, uses redis as a non-persistent database backend for job information, meta data, and incomming jobs.
The GitLab web app uses MySQL or PostgreSQL for persistent database information (e.g. users, permissions, issues, other meta data).
GitLab stores the bare git repositories it serves in `/home/git/repositories` by default.
It also keeps default branch and hook information with the bare repository.
`/home/git/gitlab-satellites` keeps checked out repositories when performing actions such as a merge request, editing files in the web interface, etc.
The satellite repository is used by the web interface for editing repositories and the wiki which is also a git repository.
When serving repositories over HTTP/HTTPS GitLab utilizes the GitLab API to resolve authorization and access as well as serving git objects.
The add-on component gitlab-shell serves repositories over SSH.
It manages the SSH keys within `/home/git/.ssh/authorized_keys` which should not be manually edited.
gitlab-shell accesses the bare repositories directly to serve git objects and communicates with redis to submit jobs to Sidekiq for GitLab to process.
gitlab-shell queries the GitLab API to determine authorization and access.
## Installation Folder Summary
A typical install of GitLab will be on Ubuntu Linux or RHEL/CentOS. It uses Nginx or Apache as a web front end to proxypass the Unicorn web server. By default, communication between Unicorn and the front end is via a Unix domain socket but forwarding requests via TCP is also supported. The web front end accesses `/home/git/gitlab/public` bypassing the Unicorn server to serve static pages, uploads (e.g. avatar images or attachments), and precompiled assets. GitLab serves web pages and a [GitLab API](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/doc/api) using the Unicorn web server. It uses Sidekiq as a job queue which, in turn, uses redis as a non-persistent database backend for job information, meta data, and incomming jobs.
To summarize here's the [directory structure of the `git` user home directory](../install/structure.md).
The GitLab web app uses MySQL or PostgreSQL for persistent database information (e.g. users, permissions, issues, other meta data). GitLab stores the bare git repositories it serves in `/home/git/repositories` by default. It also keeps default branch and hook information with the bare repository. `/home/git/gitlab-satellites` keeps checked out repositories when performing actions such as a merge request, editing files in the web interface, etc.
The satellite repository is used by the web interface for editing repositories and the wiki which is also a git repository. When serving repositories over HTTP/HTTPS GitLab utilizes the GitLab API to resolve authorization and access as well as serving git objects.
The add-on component gitlab-shell serves repositories over SSH. It manages the SSH keys within `/home/git/.ssh/authorized_keys` which should not be manually edited. gitlab-shell accesses the bare repositories directly to serve git objects and communicates with redis to submit jobs to Sidekiq for GitLab to process. gitlab-shell queries the GitLab API to determine authorization and access.
### Installation Folder Summary
To summarize here's the [directory structure of the `git` user home directory](../install/structure.md).
## Processes
### Processes
ps aux | grep '^git'
GitLab has several components to operate.
As a system user (i.e. any user that is not the `git` user) it requires a persistent database (MySQL/PostreSQL) and redis database.
It also uses Apache httpd or nginx to proxypass Unicorn.
As the `git` user it starts Sidekiq and Unicorn (a simple ruby HTTP server running on port `8080` by default).
Under the gitlab user there are normally 4 processes: `unicorn_rails master` (1 process), `unicorn_rails worker` (2 processes), `sidekiq` (1 process).
GitLab has several components to operate. As a system user (i.e. any user that is not the `git` user) it requires a persistent database (MySQL/PostreSQL) and redis database. It also uses Apache httpd or nginx to proxypass Unicorn. As the `git` user it starts Sidekiq and Unicorn (a simple ruby HTTP server running on port `8080` by default). Under the gitlab user there are normally 4 processes: `unicorn_rails master` (1 process), `unicorn_rails worker` (2 processes), `sidekiq` (1 process).
## Repository access
### Repository access
Repositories get accessed via HTTP or SSH.
HTTP cloning/push/pull utilizes the GitLab API and SSH cloning is handled by gitlab-shell (previously explained).
Repositories get accessed via HTTP or SSH. HTTP cloning/push/pull utilizes the GitLab API and SSH cloning is handled by gitlab-shell (previously explained).
# Troubleshooting
## Troubleshooting
See the README for more information.
## Init scripts of the services
### Init scripts of the services
The GitLab init script starts and stops Unicorn and Sidekiq.
*`/var/log/nginx/` contains error and access logs.
-`/var/log/nginx/` contains error and access logs.
Apache httpd
*[Explanation of apache logs](http://httpd.apache.org/docs/2.2/logs.html).
*`/var/log/apache2/` contains error and output logs (on Ubuntu).
*`/var/log/httpd/` contains error and output logs (on RHEL).
-[Explanation of apache logs](http://httpd.apache.org/docs/2.2/logs.html).
-`/var/log/apache2/` contains error and output logs (on Ubuntu).
-`/var/log/httpd/` contains error and output logs (on RHEL).
redis
*`/var/log/redis/redis.log` there are also logrotated logs there.
-`/var/log/redis/redis.log` there are also logrotated logs there.
PostgreSQL
*`/var/log/postgresql/*`
-`/var/log/postgresql/*`
MySQL
*`/var/log/mysql/*`
*`/var/log/mysql.*`
-`/var/log/mysql/*`
-`/var/log/mysql.*`
## GitLab specific config files
### GitLab specific config files
GitLab has configuration files located in `/home/git/gitlab/config/*`.
Commonly referenced config files include:
GitLab has configuration files located in `/home/git/gitlab/config/*`. Commonly referenced config files include:
*`gitlab.yml` - GitLab configuration.
*`unicorn.rb` - Unicorn web server settings.
*`database.yml` - Database connection settings.
-`gitlab.yml` - GitLab configuration.
-`unicorn.rb` - Unicorn web server settings.
-`database.yml` - Database connection settings.
gitlab-shell has a configuration file at `/home/git/gitlab-shell/config.yml`.
## Maintenance Tasks
### Maintenance Tasks
[GitLab](https://gitlab.com/gitlab-org/gitlab-ce/tree/master) provides rake tasks with which you see version information and run a quick check on your configuration to ensure it is configured properly within the application.
See [maintenance rake tasks](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/raketasks/maintenance.md).
[GitLab](https://gitlab.com/gitlab-org/gitlab-ce/tree/master) provides rake tasks with which you see version information and run a quick check on your configuration to ensure it is configured properly within the application. See [maintenance rake tasks](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/raketasks/maintenance.md).
Note: It is recommended to log into the `git` user using `sudo -i -u git` or `sudo su - git`.
While the sudo commands provided by gitlabhq work in Ubuntu they do not always work in RHEL.
\ No newline at end of file
Note: It is recommended to log into the `git` user using `sudo -i -u git` or `sudo su - git`. While the sudo commands provided by gitlabhq work in Ubuntu they do not always work in RHEL.
Sometimes we invoke basic Unix commands via the shell when there is also a Ruby API for doing it. Use the Ruby API if it exists. <http://www.ruby-doc.org/stdlib-2.0.0/libdoc/fileutils/rdoc/FileUtils.html#module-FileUtils-label-Module+Functions>
```ruby
# Wrong
...
...
@@ -30,12 +28,7 @@ This coding style could have prevented CVE-2013-4490.
## Bypass the shell by splitting commands into separate tokens
When we pass shell commands as a single string to Ruby, Ruby will let `/bin/sh` evaluate the entire string.
Essentially, we are asking the shell to evaluate a one-line script.
This creates a risk for shell injection attacks.
It is better to split the shell command into tokens ourselves.
Sometimes we use the scripting capabilities of the shell to change the working directory or set environment variables.
All of this can also be achieved securely straight from Ruby
When we pass shell commands as a single string to Ruby, Ruby will let `/bin/sh` evaluate the entire string. Essentially, we are asking the shell to evaluate a one-line script. This creates a risk for shell injection attacks. It is better to split the shell command into tokens ourselves. Sometimes we use the scripting capabilities of the shell to change the working directory or set environment variables. All of this can also be achieved securely straight from Ruby
```ruby
# Wrong
...
...
@@ -55,8 +48,7 @@ This coding style could have prevented CVE-2013-4546.
## Separate options from arguments with --
Make the difference between options and arguments clear to the argument parsers of system commands with `--`.
This is supported by many but not all Unix commands.
Make the difference between options and arguments clear to the argument parsers of system commands with `--`. This is supported by many but not all Unix commands.
To understand what `--` does, consider the problem below.
...
...
@@ -68,9 +60,7 @@ cat: illegal option -- l
usage: cat [-benstuv] [file ...]
```
In the example above, the argument parser of `cat` assumes that `-l` is an option.
The solution in the example above is to make it clear to `cat` that `-l` is really an argument, not an option.
Many Unix command line tools follow the convention of separating options from arguments with `--`.
In the example above, the argument parser of `cat` assumes that `-l` is an option. The solution in the example above is to make it clear to `cat` that `-l` is really an argument, not an option. Many Unix command line tools follow the convention of separating options from arguments with `--`.
```
# Example (continued)
...
...
@@ -91,9 +81,7 @@ This coding style could have prevented CVE-2013-4582.
## Do not use the backticks
Capturing the output of shell commands with backticks reads nicely, but you are forced to pass the command as one string to the shell.
We explained above that this is unsafe.
In the main GitLab codebase, the solution is to use `Gitlab::Popen.popen` instead.
Capturing the output of shell commands with backticks reads nicely, but you are forced to pass the command as one string to the shell. We explained above that this is unsafe. In the main GitLab codebase, the solution is to use `Gitlab::Popen.popen` instead.
Make sure you view [this installation guide](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/install/installation.md) from the branch (version) of GitLab you would like to install. In most cases
this should be the highest numbered stable branch (example shown below).
## Select Version to Install
Make sure you view [this installation guide](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/install/installation.md) from the branch (version) of GitLab you would like to install. In most cases this should be the highest numbered stable branch (example shown below).
![capture](http://i.imgur.com/d2AlIVj.png)
If the highest number stable branch is unclear please check the [GitLab Blog](https://www.gitlab.com/blog/) for installation guide links by version.
# Important notes
## Important notes
This guide is long because it covers many cases and includes all commands you need, this is [one of the few installation scripts that actually works out of the box](https://twitter.com/robinvdvleuten/status/424163226532986880).
...
...
@@ -20,21 +20,18 @@ The following steps have been known to work. Please **use caution when you devia
If you find a bug/error in this guide please **submit a merge request** following the [contributing guide](../../CONTRIBUTING.md).
- - -
# Overview
## Overview
The GitLab installation consists of setting up the following components:
1. Packages / Dependencies
2. Ruby
3. System Users
4. Database
5. GitLab
6. Nginx
1. Ruby
1. System Users
1. Database
1. GitLab
1. Nginx
# 1. Packages / Dependencies
## 1. Packages / Dependencies
`sudo` is not installed on Debian by default. Make sure your system is
up-to-date and install it.
...
...
@@ -44,10 +41,7 @@ up-to-date and install it.
apt-get upgrade -y
apt-get install sudo -y
**Note:**
During this installation some files will need to be edited manually.
If you are familiar with vim set it as default editor with the commands below.
If you are not familiar with vim please skip this and keep using the default editor.
**Note:** During this installation some files will need to be edited manually. If you are familiar with vim set it as default editor with the commands below. If you are not familiar with vim please skip this and keep using the default editor.
# Install vim and set as default editor
sudo apt-get install -y vim
...
...
@@ -84,15 +78,13 @@ Is the system packaged Git too old? Remove it and compile from source.
# When editing config/gitlab.yml (Step 6), change the git bin_path to /usr/local/bin/git
**Note:** In order to receive mail notifications, make sure to install a
mail server. By default, Debian is shipped with exim4 whereas Ubuntu
does not ship with one. The recommended mail server is postfix and you can install it with:
**Note:** In order to receive mail notifications, make sure to install a mail server. By default, Debian is shipped with exim4 whereas Ubuntu does not ship with one. The recommended mail server is postfix and you can install it with:
sudo apt-get install -y postfix
Then select 'Internet Site' and press enter to confirm the hostname.
# 2. Ruby
## 2. Ruby
The use of ruby version managers such as [RVM](http://rvm.io/), [rbenv](https://github.com/sstephenson/rbenv) or [chruby](https://github.com/postmodern/chruby) with GitLab in production frequently leads to hard to diagnose problems. For example, GitLab Shell is called from OpenSSH and having a version manager can prevent pushing and pulling over SSH. Version managers are not supported and we stronly advise everyone to follow the instructions below to use a system ruby.
We recommend using a PostgreSQL database. For MySQL check [MySQL setup guide](database_mysql.md).
NOTE: because we need to make use of extensions you need at least pgsql 9.1.
We recommend using a PostgreSQL database. For MySQL check [MySQL setup guide](database_mysql.md). *Note*: because we need to make use of extensions you need at least pgsql 9.1.
@@ -229,14 +216,9 @@ Make sure to edit both `gitlab.yml` and `unicorn.rb` to match your setup.
# Make config/database.yml readable to git only
sudo -u git -H chmod o-rwx config/database.yml
## Install Gems
### Install Gems
**Note:** As of bundler 1.5.2, you can invoke `bundle install -jN`
(where `N` the number of your processor cores) and enjoy the parallel gems installation with measurable
difference in completion time (~60% faster). Check the number of your cores with `nproc`.
For more information check this [post](http://robots.thoughtbot.com/parallel-gem-installing-using-bundler).
First make sure you have bundler >= 1.5.2 (run `bundle -v`) as it addresses some [issues](https://devcenter.heroku.com/changelog-items/411)
that were [fixed](https://github.com/bundler/bundler/pull/2817) in 1.5.2.
**Note:** As of bundler 1.5.2, you can invoke `bundle install -jN` (where `N` the number of your processor cores) and enjoy the parallel gems installation with measurable difference in completion time (~60% faster). Check the number of your cores with `nproc`. For more information check this [post](http://robots.thoughtbot.com/parallel-gem-installing-using-bundler). First make sure you have bundler >= 1.5.2 (run `bundle -v`) as it addresses some [issues](https://devcenter.heroku.com/changelog-items/411) that were [fixed](https://github.com/bundler/bundler/pull/2817) in 1.5.2.
cd /home/git/gitlab
...
...
@@ -246,7 +228,7 @@ that were [fixed](https://github.com/bundler/bundler/pull/2817) in 1.5.2.
# Or if you use MySQL (note, the option says "without ... postgres")
sudo -u git -H bundle install --deployment --without development test postgres aws
## Install GitLab shell
### Install GitLab shell
GitLab Shell is an ssh access and repository management software developed specially for GitLab.
...
...
@@ -259,8 +241,7 @@ GitLab Shell is an ssh access and repository management software developed speci
# By default, the gitlab-shell config is generated from your main gitlab config. You can review (and modify) it as follows:
**Note:** Nginx is the officially supported web server for GitLab. If you cannot or do not want to use Nginx as your web server, have a look at the [GitLab recipes](https://gitlab.com/gitlab-org/gitlab-recipes/).
## Installation
### Installation
sudo apt-get install -y nginx
## Site Configuration
### Site Configuration
Download an example site config:
...
...
@@ -327,14 +305,13 @@ Make sure to edit the config file to match your setup:
# domain name of your host serving GitLab.
sudo editor /etc/nginx/sites-available/gitlab
## Restart
### Restart
sudo service nginx restart
## Done!
# Done!
## Double-check Application Status
### Double-check Application Status
To make sure you didn't miss anything run a more thorough check with:
...
...
@@ -342,51 +319,38 @@ To make sure you didn't miss anything run a more thorough check with:
If all items are green, then congratulations on successfully installing GitLab!
## Initial Login
### Initial Login
Visit YOUR_SERVER in your web browser for your first GitLab login.
The setup has created an admin account for you. You can use it to log in:
Visit YOUR_SERVER in your web browser for your first GitLab login. The setup has created an admin account for you. You can use it to log in:
root
5iveL!fe
**Important Note:**
Please go over to your profile page and immediately change the password, so
nobody can access your GitLab by using this login information later on.
**Important Note:** Please go over to your profile page and immediately change the password, so nobody can access your GitLab by using this login information later on.
**Enjoy!**
## Advanced Setup Tips
- - -
# Advanced Setup Tips
### Additional markup styles
## Additional markup styles
Apart from the always supported markdown style there are other rich text files that GitLab can display.
But you might have to install a dependency to do so.
Please see the [github-markup gem readme](https://github.com/gitlabhq/markup#markups) for more information.
For example, reStructuredText markup language support requires python-docutils:
Apart from the always supported markdown style there are other rich text files that GitLab can display. But you might have to install a dependency to do so. Please see the [github-markup gem readme](https://github.com/gitlabhq/markup#markups) for more information. For example, reStructuredText markup language support requires python-docutils:
sudo apt-get install -y python-docutils
## Custom Redis Connection
### Custom Redis Connection
If you'd like Resque to connect to a Redis server on a non-standard port or on
a different host, you can configure its connection string via the
`config/resque.yml` file.
If you'd like Resque to connect to a Redis server on a non-standard port or on a different host, you can configure its connection string via the `config/resque.yml` file.
# example
production: redis://redis.example.tld:6379
If you want to connect the Redis server via socket, then use the "unix:" URL scheme
and the path to the Redis socket file in the `config/resque.yml` file.
If you want to connect the Redis server via socket, then use the "unix:" URL scheme and the path to the Redis socket file in the `config/resque.yml` file.
# example
production: unix:/path/to/redis/socket
## Custom SSH Connection
### Custom SSH Connection
If you are running SSH on a non-standard port, you must change the gitlab user's SSH config.
...
...
@@ -398,39 +362,44 @@ If you are running SSH on a non-standard port, you must change the gitlab user's
You also need to change the corresponding options (e.g. ssh_user, ssh_host, admin_uri) in the `config\gitlab.yml` file.
## LDAP authentication
### LDAP authentication
You can configure LDAP authentication in config/gitlab.yml. Please restart GitLab after editing this file.
## Using Custom Omniauth Providers
### Using Custom Omniauth Providers
GitLab uses [Omniauth](http://www.omniauth.org/) for authentication and already ships with a few providers preinstalled (e.g. LDAP, GitHub, Twitter). But sometimes that is not enough and you need to integrate with other authentication solutions. For these cases you can use the Omniauth provider.
### Steps
#### Steps
These steps are fairly general and you will need to figure out the exact details from the Omniauth provider's documentation.
* Stop GitLab
`sudo service gitlab stop`
- Stop GitLab:
* Add provider specific configuration options to your `config/gitlab.yml` (you can use the [auth providers section of the example config](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/gitlab.yml.example) as a reference)
sudo service gitlab stop
* Add the gem to your [Gemfile](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/Gemfile)
`gem "omniauth-your-auth-provider"`
* If you're using MySQL, install the new Omniauth provider gem by running the following command:
`sudo -u git -H bundle install --without development test postgres --path vendor/bundle --no-deployment`
- Add the gem to your [Gemfile](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/Gemfile):
* If you're using PostgreSQL, install the new Omniauth provider gem by running the following command:
`sudo -u git -H bundle install --without development test mysql --path vendor/bundle --no-deployment`
gem "omniauth-your-auth-provider"
> These are the same commands you used in the [Install Gems section](#install-gems) with `--path vendor/bundle --no-deployment` instead of `--deployment`.
- If you're using MySQL, install the new Omniauth provider gem by running the following command:
* Start GitLab
`sudo service gitlab start`
sudo -u git -H bundle install --without development test postgres --path vendor/bundle --no-deployment
- If you're using PostgreSQL, install the new Omniauth provider gem by running the following command:
sudo -u git -H bundle install --without development test mysql --path vendor/bundle --no-deployment
### Examples
> These are the same commands you used in the [Install Gems section](#install-gems) with `--path vendor/bundle --no-deployment` instead of `--deployment`.
- Start GitLab:
`sudo service gitlab start`
#### Examples
If you have successfully set up a provider that is not shipped with GitLab itself, please let us know.
You can help others by reporting successful configurations and probably share a few insights or provide warnings for common errors or pitfalls by sharing your experience [in the public Wiki](https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations).
While we can't officially support every possible auth mechanism out there, we'd like to at least help those with special needs.
GitLab is developed for the Linux operating system. For the installations options and instructions please see [the installation section of the readme](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/README.md#installation).
## Supported Linux distributions
### Supported Linux distributions
- Ubuntu
- Debian
...
...
@@ -13,37 +13,42 @@ GitLab is developed for the Linux operating system. For the installations option
- Scientific Linux
- Oracle Linux
## Unsupported Linux distributions
### Unsupported Linux distributions
- Arch Linux
- Fedora
- Gentoo
But on the above unsupported distributions is stll possible to install GitLab yourself with the [manual installation guide](https://github.com/gitlabhq/gitlabhq/blob/master/doc/install/installation.md).
But on the above unsupported distributions is still possible to install GitLab yourself with the [manual installation guide](https://github.com/gitlabhq/gitlabhq/blob/master/doc/install/installation.md).
## Unsupported Unix operating systems
### Unsupported Unix operating systems
There is nothing that prevents GitLab from running on other Unix operating systems.
This means you may get it to work on systems running FreeBSD or OS X.
If you want to do this, please be aware it could be a lot of work.
Please consider using a virtual machine to run GitLab.
## Other operating systems such as Windows
### Other operating systems such as Windows
GitLab does **not** run on Windows and we have no plans of supporting it in the near future.
Please consider using a virtual machine to run GitLab.
Please consider using a virtual machine to run GitLab.
# Ruby versions
## Ruby versions
GitLab requires Ruby (MRI) 2.0+.
>>>>>>> Update docs to markdown style guide.
You will have to use the standard MRI implementation of Ruby.
We love [JRuby](http://jruby.org/) and [Rubinius](http://rubini.us/)) but GitLab needs several Gems that have native extensions.
We love [JRuby](http://jruby.org/) and [Rubinius](http://rubini.us/)) but GitLab needs several Gems that have native extensions.
# Hardware requirements
## Hardware requirements
## CPU
### CPU
- 1 core works supports up to 100 users but the application will not be responsive
-**2 cores** is the **recommended** number of cores and supports up to 500 users
...
...
@@ -53,7 +58,7 @@ We love [JRuby](http://jruby.org/) and [Rubinius](http://rubini.us/)) but GitLab
- 32 cores supports up to 20,000 users
- 64 cores supports up to 40,000 users
## Memory
### Memory
- 512MB is the absolute minimum, you need 256MB of swap, you can configure only one slow unicorn worker, only ssh access will work, we do not recommend this
- 1GB supports up to 100 users (with individual repositories under 250MB, otherwise git memory usage necessitates using swap space)
...
...
@@ -64,11 +69,9 @@ We love [JRuby](http://jruby.org/) and [Rubinius](http://rubini.us/)) but GitLab
- 32GB supports up to 20,000 users
- 64GB supports up to 40,000 users
## Storage
### Storage
The necessary hard drive space largely depends on the size of the repos you want
to store in GitLab. But as a *rule of thumb* you should have at least twice as much
free space as your all repos combined take up. You need twice the storage because [GitLab satellites](structure.md) contain an extra copy of each repo.
The necessary hard drive space largely depends on the size of the repos you want to store in GitLab. But as a *rule of thumb* you should have at least twice as much free space as your all repos combined take up. You need twice the storage because [GitLab satellites](structure.md) contain an extra copy of each repo.
If you want to be flexible about growing your hard drive space in the future consider mounting it using LVM so you can add more hard drives when you need them.
...
...
@@ -80,7 +83,7 @@ If you have enough RAM memory and a recent CPU the speed of GitLab is mainly lim
If you want to run the database separately, the **recommended** database size is **1 MB per user**
GitLab has a great issue tracker but you can also use an external issue tracker such as JIRA or Redmine. This is something that you can turn on per GitLab project. If for example you configure JIRA it provides the following functionality:
- the 'Issues' link on the GitLab project pages takes you to the appropriate JIRA issue index;
To enable the GitHub OmniAuth provider you must register your application with GitHub. GitHub will generate a client ID and secret key for you to use.
1. Sign in to GitHub.
2. Navigate to your individual user settings or an organization's settings, depending on how you want the application registered. It does not matter if the application is registered as an individual or an organization - that is entirely up to you.
3. Select "Applications" in the left menu.
4. Select "Register new application".
5. Provide the required details.
* Application name: This can be anything. Consider something like "\<Organization\>'s GitLab" or "\<Your Name\>'s GitLab" or something else descriptive.
* Homepage URL: The URL to your GitLab installation. 'https://gitlab.company.com'
* Application description: Fill this in if you wish.
7. You should now see a Client ID and Client Secret near the top right of the page (see screenshot). Keep this page open as you continue configuration. ![GitHub app](github_app.png)
8. On your GitLab server, open the configuration file.
1. Navigate to your individual user settings or an organization's settings, depending on how you want the application registered. It does not matter if the application is registered as an individual or an organization - that is entirely up to you.
1. Select "Applications" in the left menu.
1. Select "Register new application".
1. Provide the required details.
- Application name: This can be anything. Consider something like "\<Organization\>'s GitLab" or "\<Your Name\>'s GitLab" or something else descriptive.
- Homepage URL: The URL to your GitLab installation. 'https://gitlab.company.com'
- Application description: Fill this in if you wish.
1. You should now see a Client ID and Client Secret near the top right of the page (see screenshot). Keep this page open as you continue configuration. ![GitHub app](github_app.png)
1. On your GitLab server, open the configuration file.
```sh
cd /home/git/gitlab
...
...
@@ -21,8 +27,9 @@ To enable the GitHub OmniAuth provider you must register your application with G
sudo -u git -H editor config/gitlab.yml
```
9. Find the section dealing with OmniAuth. See [Initial OmniAuth Configuration](README.md#initial-omniauth-configuration) for more details.
10. Under `providers:` uncomment (or add) lines that look like the following:
1. Find the section dealing with OmniAuth. See [Initial OmniAuth Configuration](README.md#initial-omniauth-configuration) for more details.
1. Under `providers:` uncomment (or add) lines that look like the following:
```
- { name: 'github', app_id: 'YOUR APP ID',
...
...
@@ -30,9 +37,12 @@ To enable the GitHub OmniAuth provider you must register your application with G
args: { scope: 'user:email' } }
```
11. Change 'YOUR APP ID' to the client ID from the GitHub application page from step 7.
12. Change 'YOUR APP SECRET' to the client secret from the GitHub application page from step 7.
13. Save the configuration file.
14. Restart GitLab for the changes to take effect.
1. Change 'YOUR APP ID' to the client ID from the GitHub application page from step 7.
1. Change 'YOUR APP SECRET' to the client secret from the GitHub application page from step 7.
1. Save the configuration file.
1. Restart GitLab for the changes to take effect.
On the sign in page there should now be a GitHub icon below the regular sign in form. Click the icon to begin the authentication process. GitHub will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
To enable the Google OAuth2 OmniAuth provider you must register your application with Google. Google will generate a client ID and secret key for you to use.
1. Sign in to the [Google Developers Console](https://console.developers.google.com/) with the Google account you want to use to register GitLab.
2. Select "Create Project".
3. Provide the project information
* Project name: 'GitLab' works just fine here.
* Project ID: Must be unique to all Google Developer registered applications. Google provides a randomly generated Project ID by default. You can use the randomly generated ID or choose a new one.
4. Refresh the page. You should now see your new project in the list. Click on the project.
5. Select "APIs & auth" in the left menu.
6. Select "Credentials" in the submenu.
7. Select "Create New Client ID".
8. Fill in the required information
* Application type: "Web Application"
* Authorized JavaScript origins: This isn't really used by GitLab but go ahead and put 'https://gitlab.example.com' here.
9. Under the heading "Client ID for web application" you should see a Client ID and Client secret (see screenshot). Keep this page open as you continue configuration. ![Google app](google_app.png)
10. On your GitLab server, open the configuration file.
1. Select "Create Project".
1. Provide the project information
- Project name: 'GitLab' works just fine here.
- Project ID: Must be unique to all Google Developer registered applications. Google provides a randomly generated Project ID by default. You can use the randomly generated ID or choose a new one.
1. Refresh the page. You should now see your new project in the list. Click on the project.
1. Select "APIs & auth" in the left menu.
1. Select "Credentials" in the submenu.
1. Select "Create New Client ID".
1. Fill in the required information
- Application type: "Web Application"
- Authorized JavaScript origins: This isn't really used by GitLab but go ahead and put 'https://gitlab.example.com' here.
1. Under the heading "Client ID for web application" you should see a Client ID and Client secret (see screenshot). Keep this page open as you continue configuration. ![Google app](google_app.png)
1. On your GitLab server, open the configuration file.
```sh
cd /home/git/gitlab
sudo -u git -H editor config/gitlab.yml
```
11. Find the section dealing with OmniAuth. See [Initial OmniAuth Configuration](README.md#initial-omniauth-configuration) for more details.
12. Under `providers:` uncomment (or add) lines that look like the following:
1. Find the section dealing with OmniAuth. See [Initial OmniAuth Configuration](README.md#initial-omniauth-configuration) for more details.
1. Under `providers:` uncomment (or add) lines that look like the following:
```
- { name: 'google_oauth2', app_id: 'YOUR APP ID',
...
...
@@ -31,10 +41,13 @@ To enable the Google OAuth2 OmniAuth provider you must register your application
13. Change 'YOUR APP ID' to the client ID from the GitHub application page from step 7.
14. Change 'YOUR APP SECRET' to the client secret from the GitHub application page from step 7.
15. Save the configuration file.
16. Restart GitLab for the changes to take effect.
1. Change 'YOUR APP ID' to the client ID from the GitHub application page from step 7.
1. Change 'YOUR APP SECRET' to the client secret from the GitHub application page from step 7.
1. Save the configuration file.
1. Restart GitLab for the changes to take effect.
On the sign in page there should now be a Google icon below the regular sign in form. Click the icon to begin the authentication process. Google will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
...
...
@@ -45,5 +58,5 @@ This further configuration is not required for Google authentication to function
At this point, when users first try to authenticate to your GitLab installation with Google they will see a generic application name on the prompt screen. The prompt informs the user that "Project Default Service Account" would like to access their account. "Project Default Service Account" isn't very recognizable and may confuse or cause users to be concerned. This is easily changeable.
1. Select 'Consent screen' in the left menu. (See steps 1, 4 and 5 above for instructions on how to get here if you closed your window).
2. Scroll down until you find "Product Name". Change the product name to something more descriptive.
3. Add any additional information as you wish - homepage, logo, privacy policy, etc. None of this is required, but it may help your users.
1. Scroll down until you find "Product Name". Change the product name to something more descriptive.
1. Add any additional information as you wish - homepage, logo, privacy policy, etc. None of this is required, but it may help your users.
GitLab can be configured to allow your users to sign with their LDAP credentials to integrate with e.g. Active Directory.
The first time a user signs in with LDAP credentials, GitLab will create a new GitLab user associated with the LDAP Distinguished Name (DN) of the LDAP user.
GitLab user attributes such as nickname and email will be copied from the LDAP user entry.
## Enabling LDAP sign-in for existing GitLab users
When a user signs in to GitLab with LDAP for the first time, and their LDAP email address is the primary email address of an existing GitLab user, then the LDAP DN will be associated with the existing user.
If the LDAP email attribute is not found in GitLab's database, a new user is created.
In other words, if an existing GitLab user wants to enable LDAP sign-in for themselves, they should check that their GitLab email address matches their LDAP email address, and then sign into GitLab via their LDAP credentials.
GitLab recognizes the following LDAP attributes as email addresses: `mail`, `email` and `userPrincipalName`.
If multiple LDAP email attributes are present, e.g. `mail: foo@bar.com` and `email: foo@example.com`, then the first attribute found wins -- in this case `foo@bar.com`.
+[Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user)
OmniAuth does not prevent standard GitLab authentication or LDAP (if configured) from continuing to work. Users can choose to sign in using any of the configured mechanisms.
-[Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user)
## Initial OmniAuth Configuration
Before configuring individual OmniAuth providers there are a few global settings that need to be verified.
1.Open the configuration file<br/>
1. Open the configuration file.
```sh
cd /home/git/gitlab
...
...
@@ -20,7 +20,7 @@ Before configuring individual OmniAuth providers there are a few global settings
sudo -u git -H editor config/gitlab.yml
```
2. Find the section dealing with OmniAuth. The section will look similar to the following.<br/>
1. Find the section dealing with OmniAuth. The section will look similar to the following.
```
## OmniAuth settings
...
...
@@ -52,32 +52,33 @@ Before configuring individual OmniAuth providers there are a few global settings
# args: { scope: 'user:email' } }
```
3. Change `enabled` to `true`.
4. Consider the next two configuration options: `allow_single_sign_on` and `block_auto_created_users`.
*`allow_single_sign_on` defaults to `false`. If `false` users must be created manually or they will not be able to
1. Change `enabled` to `true`.
1. Consider the next two configuration options: `allow_single_sign_on` and `block_auto_created_users`.
- `allow_single_sign_on` defaults to `false`. If `false` users must be created manually or they will not be able to
sign in via OmniAuth.
*`block_auto_created_users` defaults to `true`. If `true` auto created users will be blocked by default and will
- `block_auto_created_users` defaults to `true`. If `true` auto created users will be blocked by default and will
have to be unblocked by an administrator before they are able to sign in.
***Note:** If you set `allow_single_sign_on` to `true` and `block_auto_created_users` to `false` please be aware
- **Note:** If you set `allow_single_sign_on` to `true` and `block_auto_created_users` to `false` please be aware
that any user on the Internet will be able to successfully sign in to your GitLab without administrative approval.
5. Choose one or more of the Supported Providers below to continue configuration.
### Supported Providers
1. Choose one or more of the Supported Providers below to continue configuration.
## Supported Providers
+[GitHub](github.md)
+[Google](google.md)
+[Twitter](twitter.md)
-[GitHub](github.md)
-[Google](google.md)
-[Twitter](twitter.md)
### Enable OmniAuth for an Existing User
## Enable OmniAuth for an Existing User
Existing users can enable OmniAuth for specific providers after the account is created. For example, if the user
originally signed in with LDAP an OmniAuth provider such as Twitter can be enabled. Follow the steps below to enable an
OmniAuth provider for an existing user.
Existing users can enable OmniAuth for specific providers after the account is created. For example, if the user originally signed in with LDAP an OmniAuth provider such as Twitter can be enabled. Follow the steps below to enable an OmniAuth provider for an existing user.
1. Sign in normally - whether standard sign in, LDAP, or another OmniAuth provider.
2. Go to profile settings (the silhouette icon in the top right corner).
3. Select the "Account" tab.
4. Under "Social Accounts" select the desired OmniAuth provider, such as Twitter.
5. The user will be redirected to the provider. Once the user authorized GitLab they will be redirected back to GitLab.
1. Go to profile settings (the silhouette icon in the top right corner).
1. Select the "Account" tab.
1. Under "Social Accounts" select the desired OmniAuth provider, such as Twitter.
1. The user will be redirected to the provider. Once the user authorized GitLab they will be redirected back to GitLab.
The chosen OmniAuth provider is now active and can be used to sign in to GitLab from then on.
To enable Slack integration you must create an Incoming WebHooks integration on Slack;
1. Sign in to [Slack](https://slack.com)(https://YOURSUBDOMAIN.slack.com/services)
2. Click on the Integrations menu at the top of the page.
3. Add a new Integration.
4. Pick Incoming WebHooks
5. Choose the channel name you want to send notifications to, in the Settings section
6. Add Integrations.
* Optional step; You can change bot's name and avatar by clicking "change the name of your bot", and "change the icon" after that you have to click "Save settings".
1. Click on the Integrations menu at the top of the page.
1. Add a new Integration.
1. Pick Incoming WebHooks
1. Choose the channel name you want to send notifications to, in the Settings section
1. Add Integrations.
- Optional step; You can change bot's name and avatar by clicking "change the name of your bot", and "change the icon" after that you have to click "Save settings".
Now, Slack is ready to get external hooks. Before you leave this page don't forget to get the Token that you'll need on GitLab. You can find it by clicking Expand button, located in the "Instructions for creating Incoming WebHooks" section. It's a random alpha-numeric text 24 characters long.
### On GitLab
## On GitLab
After Slack is ready we need to setup GitLab. Here are the steps to achieve this.
1. Sign in to GitLab
2. Pick the repository you want.
3. Navigate to Settings -> Services -> Slack
4. Fill in your Slack details
* Mark as active it
* Type your subdomain's prefix (If your subdomain is https://somedomain.slack.com you only have to type the somedomain)
* Type in the token you got from Slack
* Type in the channel name you want to use (eg. #announcements)
1. Pick the repository you want.
1. Navigate to Settings -> Services -> Slack
1. Fill in your Slack details
- Mark as active it
- Type your subdomain's prefix (If your subdomain is https://somedomain.slack.com you only have to type the somedomain)
- Type in the token you got from Slack
- Type in the channel name you want to use (eg. #announcements)
Have fun :)
_P.S. You can set "branch,pushed,Compare changes" as highlight words on your Slack profile settings, so that you can be aware of new commits when somebody pushes them._
*P.S. You can set "branch,pushed,Compare changes" as highlight words on your Slack profile settings, so that you can be aware of new commits when somebody pushes them.*
To enable the Twitter OmniAuth provider you must register your application with Twitter. Twitter will generate a client
ID and secret key for you to use.
To enable the Twitter OmniAuth provider you must register your application with Twitter. Twitter will generate a client ID and secret key for you to use.
1. Sign in to [Twitter Developers](https://dev.twitter.com/) area.
2. Hover over the avatar in the top right corner and select "My applications."
3. Select "Create new app"
4. Fill in the application details.
* Name: This can be anything. Consider something like "\<Organization\>'s GitLab" or "\<Your Name\>'s GitLab" or
1. Hover over the avatar in the top right corner and select "My applications."
1. Select "Create new app"
1. Fill in the application details.
- Name: This can be anything. Consider something like "\<Organization\>'s GitLab" or "\<Your Name\>'s GitLab" or
something else descriptive.
* Description: Create a description.
* Website: The URL to your GitLab installation. 'https://gitlab.example.com'
8. Underneath the Callback URL check the box next to "Allow this application to be used to Sign in the Twitter."
9. Select "Update settings" at the bottom to save changes.
10. Select the "API Keys" tab.
11. You should now see an API key and API secret (see screenshot). Keep this page open as you continue configuration.
![Twitter app](twitter_app_api_keys.png)
12. On your GitLab server, open the configuration file.
1. Select "Create your Twitter application."
1. Select the "Settings" tab.
1. Underneath the Callback URL check the box next to "Allow this application to be used to Sign in the Twitter."
1. Select "Update settings" at the bottom to save changes.
1. Select the "API Keys" tab.
1. You should now see an API key and API secret (see screenshot). Keep this page open as you continue configuration.
![Twitter app](twitter_app_api_keys.png)
1. On your GitLab server, open the configuration file.
```sh
cd /home/git/gitlab
...
...
@@ -29,19 +39,22 @@ ID and secret key for you to use.
sudo -u git -H editor config/gitlab.yml
```
13. Find the section dealing with OmniAuth. See [Initial OmniAuth Configuration](README.md#initial-omniauth-configuration)
1. Find the section dealing with OmniAuth. See [Initial OmniAuth Configuration](README.md#initial-omniauth-configuration)
for more details.
14. Under `providers:` uncomment (or add) lines that look like the following:
1. Under `providers:` uncomment (or add) lines that look like the following:
```
- { name: 'twitter', app_id: 'YOUR APP ID',
app_secret: 'YOUR APP SECRET' }
```
15. Change 'YOUR APP ID' to the API key from Twitter page in step 11.
16. Change 'YOUR APP SECRET' to the API secret from the Twitter page in step 11.
17. Save the configuration file.
18. Restart GitLab for the changes to take effect.
1. Change 'YOUR APP ID' to the API key from Twitter page in step 11.
1. Change 'YOUR APP SECRET' to the API secret from the Twitter page in step 11.
1. Save the configuration file.
1. Restart GitLab for the changes to take effect.
On the sign in page there should now be a Twitter icon below the regular sign in form. Click the icon to begin the
authentication process. Twitter will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
On the sign in page there should now be a Twitter icon below the regular sign in form. Click the icon to begin the authentication process. Twitter will ask the user to sign in and authorize the GitLab application. If everything goes well the user will be returned to GitLab and will be signed in.
@@ -22,6 +22,4 @@ You accept and agree to the following terms and conditions for Your present and
8. It is your responsibility to notify GitLab B.V. when any change is required to the list of designated employees authorized to submit Contributions on behalf of the Corporation, or to the Corporation's Point of Contact with GitLab B.V..
---------------------------------------
This text is licensed under the [Creative Commons Attribution 3.0 License](http://creativecommons.org/licenses/by/3.0/) and the original source is the Google Open Source Programs Office.
@@ -22,6 +22,4 @@ You accept and agree to the following terms and conditions for Your present and
8. You agree to notify GitLab B.V. of any facts or circumstances of which you become aware that would make these representations inaccurate in any respect.
---------------------------------------
This text is licensed under the [Creative Commons Attribution 3.0 License](http://creativecommons.org/licenses/by/3.0/) and the original source is the Google Open Source Programs Office.
For GitLab we developed something we call "GitLab Flavored Markdown" (GFM).
It extends the standard Markdown in a few significant ways to add some useful functionality.
For GitLab we developed something we call "GitLab Flavored Markdown" (GFM). It extends the standard Markdown in a few significant ways to add some useful functionality.
You can use GFM in
* commit messages
* comments
* wall posts
* issues
* merge requests
* milestones
* wiki pages
- commit messages
- comments
- wall posts
- issues
- merge requests
- milestones
- wiki pages
You can also use other rich text files in GitLab.
You might have to install a depency to do so.
Please see the [github-markup gem readme](https://github.com/gitlabhq/markup#markups) for more information.
You can also use other rich text files in GitLab. You might have to install a depency to do so. Please see the [github-markup gem readme](https://github.com/gitlabhq/markup#markups) for more information.
## Newlines
Newlines
--------
GFM honors the markdown specification in how [paragraphs and line breaks are handled](http://daringfireball.net/projects/markdown/syntax#p).
A paragraph is simply one or more consecutive lines of text, separated by one or more blank lines.:
...
...
@@ -83,8 +72,8 @@ Violets are blue
Sugar is sweet
Multiple underscores in words
-----------------------------
## Multiple underscores in words
It is not reasonable to italicize just _part_ of a word, especially when you're dealing with code and names that often appear with multiple underscores. Therefore, GFM ignores multiple underscores in words.
perform_complicated_task
...
...
@@ -93,10 +82,9 @@ It is not reasonable to italicize just _part_ of a word, especially when you're
perform_complicated_task
do_this_and_do_that_and_another_thing
URL autolinking
---------------
GFM will autolink standard URLs you copy and paste into your text.
So if you want to link to a URL (instead of a textural link), you can simply put the URL in verbatim and it will be turned into a link to that URL.
## URL autolinking
GFM will autolink standard URLs you copy and paste into your text. So if you want to link to a URL (instead of a textural link), you can simply put the URL in verbatim and it will be turned into a link to that URL.
http://www.google.com
...
...
@@ -164,8 +152,7 @@ s = "There is no highlighting for this."
But let's throw in a <b>tag</b>.
```
Emoji
-----
## Emoji
Sometimes you want to be :cool: and add some :sparkles: to your :speech_balloon:. Well we have a :gift: for you:
...
...
@@ -187,26 +174,25 @@ If you are :new: to this, don't be :fearful:. You can easily join the emoji :cir
Consult the [Emoji Cheat Sheet](http://www.emoji-cheat-sheet.com/) for a list of all supported emoji codes. :thumbsup:
Special GitLab References
-----
## Special GitLab References
GFM recognized special references.
You can easily reference e.g. a team member, an issue, or a commit within a project.
GFM will turn that reference into a link so you can navigate between them easily.
GFM will recognize the following:
* @foo : for team members
* #123 : for issues
* !123 : for merge requests
* $123 : for snippets
* 1234567 : for commits
* \[file\](path/to/file) : for file references
- @foo : for team members
- #123 : for issues
- !123 : for merge requests
- $123 : for snippets
- 1234567 : for commits
- \[file\](path/to/file) : for file references
----------------------------------
# Standard Markdown
----------------------------------
## Headers
```no-highlight
...
...
@@ -249,12 +235,12 @@ On hover a link to those IDs becomes visible to make it easier to copy the link
The IDs are generated from the content of the header according to the following rules:
1) remove the heading hashes `#` and process the rest of the line as it would be processed if it were not a header
2) from the result, remove all HTML tags, but keep their inner content
3) convert all characters to lowercase
4) convert all characters except `[a-z0-9_-]` into hyphens `-`
5) transform multiple adjacent hyphens into a single hyphen
6) remove trailing and heading hyphens
1. remove the heading hashes `#` and process the rest of the line as it would be processed if it were not a header
2. from the result, remove all HTML tags, but keep their inner content
3. convert all characters to lowercase
4. convert all characters except `[a-z0-9_-]` into hyphens `-`
5. transform multiple adjacent hyphens into a single hyphen
6. remove trailing and heading hyphens
For example:
...
...
@@ -377,8 +363,7 @@ Some text to show that the reference links can follow later.
**Note**
Relative links do not allow referencing project files in a wiki page or wiki page in a project file.
The reason for this is that, in GitLab, wiki is always a separate git repository. For example:
Relative links do not allow referencing project files in a wiki page or wiki page in a project file. The reason for this is that, in GitLab, wiki is always a separate git repository. For example:
`[I'm a reference-style link][style]`
...
...
@@ -399,9 +384,11 @@ will point the link to `wikis/style` when the link is inside of a wiki markdown
Here's our logo:
Inline-style:
![alt text](/assets/logo-white.png)
Reference-style:
![alt text][logo]
[logo]: /assets/logo-white.png
...
...
@@ -518,10 +505,8 @@ Code above produces next output:
| cell 1 | cell 2 |
| cell 3 | cell 4 |
------------
## References
* This document leveraged heavily from the [Markdown-Cheatsheet](https://github.com/adam-p/markdown-here/wiki/Markdown-Cheatsheet).
* The [Markdown Syntax Guide](http://daringfireball.net/projects/markdown/syntax) at Daring Fireball is an excellent resource for a detailed explanation of standard markdown.
* [Dillinger.io](http://dillinger.io) is a handy tool for testing standard markdown.
- This document leveraged heavily from the [Markdown-Cheatsheet](https://github.com/adam-p/markdown-here/wiki/Markdown-Cheatsheet).
- The [Markdown Syntax Guide](http://daringfireball.net/projects/markdown/syntax) at Daring Fireball is an excellent resource for a detailed explanation of standard markdown.
- [Dillinger.io](http://dillinger.io) is a handy tool for testing standard markdown.
Gitlab allows you to open selected projects to be accessed **publicly** or **internally**.
Projects with either of these visibility levels will be listen in the [public access directory](/public).
Internal projects will only be available to authenticated users.
#### Public projects
## Public projects
Public projects can be cloned **without any** authentication.
It will also be listed on the [public access directory](/public).
**Any logged in user** will have [Guest](/help/permissions) permissions on the repository.
#### Internal projects
## Internal projects
Internal projects can be cloned by any logged in user.
It will also be listed on the [public access directory](/public) for logged in users.
Any logged in user will have [Guest](/help/permissions) permissions on the repository.
#### How to change project visibility
## How to change project visibility
1. Go to your project dashboard
2. Click on the "Edit" tab
3. Change "Visibility Level"
1. Click on the "Edit" tab
1. Change "Visibility Level"
## Visibility of users
#### Visibility of users
The public page of users, located at `/u/username` is visible if either:
* You are logged in.
* You are logged out, and the target user is authorized to (is Guest, Reporter, etc.) at least one public project.
- You are logged in.
- You are logged out, and the target user is authorized to (is Guest, Reporter, etc.) at least one public project.
Otherwise, you will be redirected to the sign in page.
When visiting the public page of an user, you will only see listed projects which you can view yourself.
#### Restricting the use of public or internal projects
In [gitlab.yml](https://gitlab.com/gitlab-org/gitlab-ce/blob/dbd88d453b8e6c78a423fa7e692004b1db6ea069/config/gitlab.yml.example#L64) you can disable public projects or public and internal projects for the entire GitLab installation to prevent people making code public by accident.
## Restricting the use of public or internal projects
In [gitlab.yml](https://gitlab.com/gitlab-org/gitlab-ce/blob/dbd88d453b8e6c78a423fa7e692004b1db6ea069/config/gitlab.yml.example#L64) you can disable public projects or public and internal projects for the entire GitLab installation to prevent people making code public by accident.
This command will build missing satellites for projects. After this you will be able to **merge a merge request** via GitLab and use the **online editor**.
### Gather information about GitLab and the system it runs on
## Gather information about GitLab and the system it runs on
This command gathers information about your GitLab installation and the System
it runs on. These may be useful when asking for help or reporting issues.
This command gathers information about your GitLab installation and the System it runs on. These may be useful when asking for help or reporting issues.
@@ -25,16 +25,18 @@ Consider naming the issue "Release x.x.x.rc1" to make it easier for later search
### **2. Update the installation guide**
1. Check if it references the correct branch `x-x-stable` (doesn't exist yet, but that is okay)
2. Check the [GitLab Shell version](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/tasks/gitlab/check.rake#L782)
3. Check the [Git version](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/tasks/gitlab/check.rake#L794)
4. There might be other changes. Ask around.
1. Check the [GitLab Shell version](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/tasks/gitlab/check.rake#L782)
1. Check the [Git version](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/tasks/gitlab/check.rake#L794)
1. There might be other changes. Ask around.
### **3. Create an update guide**
It's best to copy paste the previous guide and make changes where necessary. The typical steps are listed below with any points you should specifically look at.
#### 0. Any major changes?
List any major changes here, so the user is aware of them before starting to upgrade. For instance:
- Database updates
- Web server changes
- File structure changes
...
...
@@ -59,42 +61,43 @@ List any major changes here, so the user is aware of them before starting to upg
*[![Dependency Status](https://gemnasium.com/gitlabhq/gitlabhq.png)](https://gemnasium.com/gitlabhq/gitlabhq) this button can be yellow (small updates are available) but must not be red (a security fix or an important update is available)
-[![Dependency Status](https://gemnasium.com/gitlabhq/gitlabhq.png)](https://gemnasium.com/gitlabhq/gitlabhq) this button can be yellow (small updates are available) but must not be red (a security fix or an important update is available)
Create an annotated tag that points to the version change commit.
Create an annotated tag that points to the version change commit:
```
git tag -a vx.x.0.rc1 -m 'Version x.x.0.rc1'
```
...
...
@@ -105,6 +108,7 @@ Tweet about the RC release:
> GitLab x.x.x.rc1 is out. This is a release candidate intended for testing only. Please let us know if you find regressions.
n
### **8. Update GitLab.com**
Merge the RC1 code into GitLab.com. Once the build is green, deploy in the morning.
...
...
@@ -115,28 +119,27 @@ It is important to do this as soon as possible, so we can catch any errors befor
### **1. Prepare the blog post**
* Check the changelog of CE and EE for important changes. Based on [release blog template](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/doc/release_blog_template.md) fill in the important information.
* Create a WIP MR for the blog post and cc the team so everyone can give feedback.
* Ask Dmitriy to add screenshots to the WIP MR.
* Decide with team who will be the MVP user.
* Add a note if there are security fixes: This release fixes an important security issue and we advise everyone to upgrade as soon as possible.
- Check the changelog of CE and EE for important changes. Based on [release blog template](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/doc/release_blog_template.md) fill in the important information.
- Create a WIP MR for the blog post and cc the team so everyone can give feedback.
- Ask Dmitriy to add screenshots to the WIP MR.
- Decide with team who will be the MVP user.
- Add a note if there are security fixes: This release fixes an important security issue and we advise everyone to upgrade as soon as possible.
### **2. Q&A**
Create issue on dev.gitlab.org gitlab repository, named "GitLab X.X release" in order to keep track of the progress.
Create issue on dev.gitlab.org `gitlab` repository, named "GitLab X.X release" in order to keep track of the progress.
Use the omnibus packages of Enterprise Edition using [this guide](https://dev.gitlab.org/gitlab/gitlab-ee/blob/master/doc/release/manual_testing.md).
**NOTE** Upgrader can only be tested when tags are pushed to all repositories. Do not forget to confirm it is working before releasing. Note that in the issue.
### **3. Fix anything coming out of the QA**
Create an issue with description of a problem, if it is quick fix fix yourself otherwise contact the team for advice.
# **22nd - Release CE and EE**
For GitLab EE, append -ee to the branches and tags.
For GitLab EE, append `-ee` to the branches and tags.
[Follow this guide](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/release.md)
### **3. Set VERSION to x.x.x and push**
Change the VERSION file in `master` branch of the CE repository and commit.
Cherry-pick into the `x-x-stable` branch of CE.
Change the VERSION file in `master` branch of the CE repository and commit. Cherry-pick into the `x-x-stable` branch of CE.
Change the VERSION file in `master branch of the EE repository and commit.
Cherry-pick into the `x-x-stable-ee` branch of EE.
Change the VERSION file in `master` branch of the EE repository and commit. Cherry-pick into the `x-x-stable-ee` branch of EE.
### **4. Create annotated tag vx.x.x**
In `x-x-stable` branch check for the sha1 of the commit with VERSION file changed. Tag that commit,
In `x-x-stable` branch check for the SHA-1 of the commit with VERSION file changed. Tag that commit,
```
git tag -a vx.x.0 -m 'Version x.x.0' xxxxx
```
where `xxxxx` is sha1.
where `xxxxx` is SHA-1.
### **5. Push the tag**
...
...
@@ -200,7 +202,7 @@ Proposed tweet for EE "GitLab X.X.X EE is released! It brings *** <link-to-blogp
### **9. Send out newsletter**
In mailchimp replicate the former release newsletters to customers / newsletter subscribers (these are two separate things) and modify them accordingly.
In MailChimp replicate the former release newsletters to customers / newsletter subscribers (these are two separate things) and modify them accordingly.
Include a link to the blog post and keep it short.
@@ -4,12 +4,13 @@ NOTE: This is a guide for GitLab developers. If you are trying to install GitLab
## When to do a patch release
Do a patch release when there is a critical regression that needs to be adresses before the next monthly release.
Do a patch release when there is a critical regression that needs to be addresses before the next monthly release.
Otherwise include it in the monthly release and note there was a regression fix in the release announcement.
## Release Procedure
1. Verify that the issue can be repoduced
1. Verify that the issue can be reproduced
1. Note in the 'GitLab X.X regressions' that you will create a patch
1. Create an issue on private GitLab development server
1. Name the issue "Release X.X.X CE and X.X.X EE", this will make searching easier
...
...
@@ -25,5 +26,5 @@ Otherwise include it in the monthly release and note there was a regression fix
1. Apply the patch to GitLab Cloud and the private GitLab development server
1. Build new packages with the latest version
1. Cherry-pick the changelog update back into master
1. Send tweets about the release from @gitlabhq, tweet should include the most important feature that the release is addressing as well as the link to the changelog
1. Send tweets about the release from `@gitlabhq`, tweet should include the most important feature that the release is addressing as well as the link to the changelog
1. Note in the 'GitLab X.X regressions' issue that the patch was published
@@ -4,46 +4,48 @@ NOTE: This is a guide for GitLab developers. If you are trying to install GitLab
## When to do a security release
Do a security release when there is a critical issue that needs to be adresses before the next monthly release. Otherwise include it in the monthly release and note there was a security fix in the release announcement.
Do a security release when there is a critical issue that needs to be addresses before the next monthly release. Otherwise include it in the monthly release and note there was a security fix in the release announcement.
## Security vulnerability disclosure
Please report suspected security vulnerabilities in private to support@gitlab.com, also see the [disclosure section on the GitLab.com website](http://www.gitlab.com/disclosure/). Please do NOT create publicly viewable issues for suspected security vulnerabilities.
Please report suspected security vulnerabilities in private to <support@gitlab.com>, also see the [disclosure section on the GitLab.com website](http://www.gitlab.com/disclosure/). Please do NOT create publicly viewable issues for suspected security vulnerabilities.
## Release Procedure
1. Verify that the issue can be repoduced
1. Verify that the issue can be reproduced
1. Acknowledge the issue to the researcher that disclosed it
1. Do the steps from [patch release document](doc/release/patch.md), starting with "Create an issue on private GitLab development server"
1. Create feature branches for the blog post on GitLab.com and link them from the code branch
1. Merge and publish the blog posts
1. Send tweets about the release from @gitlabhq
1. Send tweets about the release from `@gitlabhq`
1. Send out an email to the subscribers mailing list on MailChimp
1. Send out an email to [the community google mailing list](https://groups.google.com/forum/#!forum/gitlabhq)
1. Send out an email to [the GitLab newsletter list](http://gitlab.us5.list-manage.com/subscribe?u=498dccd07cf3e9482bee33ba4&id=98a9a4992c)
1. Post a signed copy of our complete announcement to [oss-security](http://www.openwall.com/lists/oss-security/) and request a CVE number
1. Add the security researcher to the [Security Researcher Acknowledgments list](http://www.gitlab.com/vulnerability-acknowledgements/)
1. Thank the security researcher in an email for their cooperation
1. Update the blogpost and the CHANGELOG when we receive the CVE number
1. Update the blogpost and the CHANGELOG when we receive the CVE number
The timing of the code merge into master should be coordinated in advance.
After the merge we strive to publish the announcements within 60 minutes.
## Blog post template
XXX Security Advisory for GitLab
A recently discovered critical vulnerability in GitLab allows [unauthenticated API access|remote code execution|unauthorized access to repositories|XXX|PICKSOMETHING]. All users should update GitLab and gitlab-shell immediately.
We [have|haven't|XXX|PICKSOMETHING|] heard of this vulnerability being actively exploited.
A recently discovered critical vulnerability in GitLab allows [unauthenticated API access|remote code execution|unauthorized access to repositories|XXX|PICKSOMETHING]. All users should update GitLab and gitlab-shell immediately. We [have|haven't|XXX|PICKSOMETHING|] heard of this vulnerability being actively exploited.
If you want to enforce longer user passwords you can create an extra Devise initializer with the steps below.
If you do not use the `devise_password_length.rb` initializer the password length is set to a minimum of 8 characters in `config/initializers/devise.rb`.
To prevent abusive clients doing damage GitLab uses rack-attack gem.
If you installed or upgraded GitLab by following the official guides this should be enabled by default.
If you are missing `config/initializers/rack_attack.rb` the following steps need to be taken in order to enable protection for your GitLab instance:
1. In config/application.rb find and uncomment the following line:
config.middleware.use Rack::Attack
2. Rename config/initializers/rack_attack.rb.example to config/initializers/rack_attack.rb
3. Review the paths_to_be_protected and add any other path you need protecting
4. Restart GitLab instance
By default, user sign-in, user sign-up(if enabled) and user password reset is limited to 6 requests per minute.
After trying for 6 times, client will have to wait for the next minute to be able to try again.
These settings can be found in `config/initializers/rack_attack.rb`
1. Rename `config/initializers/rack_attack.rb.example` to `config/initializers/rack_attack.rb`.
1. Review the `paths_to_be_protected` and add any other path you need protecting.
1. Restart GitLab instance.
By default, user sign-in, user sign-up(if enabled) and user password reset is limited to 6 requests per minute. After trying for 6 times, client will have to wait for the next minute to be able to try again. These settings can be found in `config/initializers/rack_attack.rb`
If you want more restrictive/relaxed throttle rule change the `limit` or `period` values. For example, more relaxed throttle rule will be if you set limit: 3 and period: 1.second(this will allow 3 requests per second). You can also add other paths to the protected list by adding to `paths_to_be_protected` variable. If you change any of these settings do not forget to restart your GitLab instance.
Deploy keys allow read-only access one or multiple projects with a single SSH key.
This is really useful for cloning repositories to your Continuous Integration (CI) server.
By using a deploy keys you don't have to setup a dummy user account.
This is really useful for cloning repositories to your Continuous Integration (CI) server. By using a deploy keys you don't have to setup a dummy user account.
If you are a project master or owner you can add a deploy key in the project settings under the section Deploy Keys.
Press the 'New Deploy Key' button and upload a public ssh key.
After this the machine that uses the corresponding private key has read-only access to the project.
If you are a project master or owner you can add a deploy key in the project settings under the section Deploy Keys. Press the 'New Deploy Key' button and upload a public ssh key. After this the machine that uses the corresponding private key has read-only access to the project.
You can't add the same deploy key twice with the 'New Deploy Key' option.
If you want to add the same key to another project please enable it in the list that says 'Deploy keys from projects available to you'.
All the deploy keys of all the projects you have access to are available. This project access can happen through being a direct member of the project or through a group. See `def accessible_deploy_keys` in `app/models/user.rb` for more information.
You can't add the same deploy key twice with the 'New Deploy Key' option. If you want to add the same key to another project please enable it in the list that says 'Deploy keys from projects available to you'. All the deploy keys of all the projects you have access to are available. This project access can happen through being a direct member of the project or through a group. See `def accessible_deploy_keys` in `app/models/user.rb` for more information.
SSH key allows you to establish a secure connection between your computer and GitLab
Before generating an SSH key, check if your system already has one by running `cat ~/.ssh/id_rsa.pub` If your see a long string starting with `ssh-rsa` or `ssh-dsa`, you can skip the ssh-keygen step.
Before generating an SSH key, check if your system already has one by running `cat ~/.ssh/id_rsa.pub`
If your see a long string starting with `ssh-rsa` or `ssh-dsa`, you can skip the ssh-keygen step.
To generate a new SSH key just open your terminal and use code below. The ssh-keygen command prompts you for a location and filename to store the key pair and for a password.
When prompted for the location and filename you can press enter to use the default.
To generate a new SSH key just open your terminal and use code below. The ssh-keygen command prompts you for a location and filename to store the key pair and for a password. When prompted for the location and filename you can press enter to use the default.
It is a best practice to use a password for an SSH key but it is not required and you can skip creating a password by pressing enter.
Note that the password you choose here can't be altered or retrieved.
...
...
@@ -22,5 +18,4 @@ Use the code below to show your public key.
cat ~/.ssh/id_rsa.pub
```
Copy-paste the key to the 'My SSH Keys' section under the 'SSH' tab in your user profile.
Please copy the complete key starting with `ssh-` and ending with your username and host.
Copy-paste the key to the 'My SSH Keys' section under the 'SSH' tab in your user profile. Please copy the complete key starting with `ssh-` and ending with your username and host.
In this release __we moved Resque jobs under own gitlab namespace__.
In this release **we moved Resque jobs under own gitlab namespace**
Despite a lot of advantages it requires from our users to __replace gitolite post-receive hook with new one__.
Despite a lot of advantages it requires from our users to **replace gitolite post-receive hook with new one**.
Most of projects has post-receive file as symlink to gitolite `/home/git/.gitolite/hooks/post-receive`.
But some of them may have a real file. In this case you should rewrite it with symlink to gitolite hook.
Most of projects has post-receive file as symlink to gitolite `/home/git/.gitolite/hooks/post-receive`. But some of them may have a real file. In this case you should rewrite it with symlink to gitolite hook.
I wrote a bash script which will do it automatically for you. Just make sure all path inside is valid for you
- - -
### 1. Stop server & resque
## 1. Stop server & resque
sudo service gitlab stop
### 2. Update GitLab
## 2. Update GitLab
```bash
# Get latest code
sudo-u gitlab -H git fetch
sudo-u gitlab -H git checkout v3.1.0
...
...
@@ -35,12 +31,11 @@ sudo -u gitlab -H bundle install --without development test postgres sqlite
* The GitLab post-receive hook needs to be updated
* The configuration file needs to be updated
* Availability of `python2` executable
- Support for SQLite was dropped
- Support for Gitolite 2 was dropped
- Projects are organized in namespaces
- The GitLab post-receive hook needs to be updated
- The configuration file needs to be updated
- Availability of `python2` executable
Most of projects has post-receive file as symlink to gitolite `/home/git/.gitolite/hooks/post-receive`.
But some of them may have a real file. In this case you should rewrite it with symlink to gitolite hook.
Most of projects has post-receive file as symlink to Gitolite `/home/git/.gitolite/hooks/post-receive`. But some of them may have a real file. In this case you should rewrite it with symlink to Gitolite hook.
I wrote a bash script which will do it automatically for you. Just make sure all path inside is valid for you
* Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-2-stable/config/gitlab.yml.example but with your settings.
* Make `/home/git/gitlab/config/puma.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-2-stable/config/puma.rb.example but with your settings.
- Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-2-stable/config/gitlab.yml.example but with your settings.
- Make `/home/git/gitlab/config/puma.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-2-stable/config/puma.rb.example but with your settings.
Check if GitLab and its environment are configured correctly:
...
...
@@ -91,10 +92,10 @@ If all items are green, then congratulations upgrade complete!
## Things went south? Revert to previous version (5.1)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 5.0 to 5.1`](5.0-to-5.1.md), except for the database migration
(The backup is already migrated to the previous version)
### 2. Restore from the backup:
Follow the [`upgrade guide from 5.0 to 5.1`](5.0-to-5.1.md), except for the database migration (the backup is already migrated to the previous version).
It's useful to make a backup just in case things go south:
(With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
It's useful to make a backup just in case things go south (with MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version):
* Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-4-stable/config/gitlab.yml.example but with your settings.
* Make `/home/git/gitlab/config/puma.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-4-stable/config/puma.rb.example but with your settings.
- Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-4-stable/config/gitlab.yml.example but with your settings.
- Make `/home/git/gitlab/config/puma.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-4-stable/config/puma.rb.example but with your settings.
Check if GitLab and its environment are configured correctly:
...
...
@@ -89,8 +88,8 @@ If all items are green, then congratulations upgrade complete!
## Things went south? Revert to previous version (5.3)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 5.2 to 5.3`](5.2-to-5.3.md), except for the database migration
(The backup is already migrated to the previous version)
Follow the [`upgrade guide from 5.2 to 5.3`](5.2-to-5.3.md), except for the database migration (the backup is already migrated to the previous version).
GitLab 6.0 is affected by critical security vulnerabilities CVE-2013-4490 and CVE-2013-4489.
### Deprecations
## Deprecations
#### Global projects
### Global projects
The root (global) namespace for projects is deprecated.
So you need to move all your global projects under groups or users manually before update or they will be automatically moved to the project owner namespace during the update. When a project is moved all its members will receive an email with instructions how to update their git remote url. Please make sure you disable sending email when you do a test of the upgrade.
#### Teams
So you need to move all your global projects under groups or users manually before update or they will be automatically moved to the project owner namespace during the update. When a project is moved all its members will receive an email with instructions how to update their git remote URL. Please make sure you disable sending email when you do a test of the upgrade.
### Teams
We introduce group membership in 6.0 as a replacement for teams.
The old combination of groups and teams was confusing for a lot of people.
And when the members of a team where changed this wasn't reflected in the project permissions.
In GitLab 6.0 you will be able to add members to a group with a permission level for each member.
These group members will have access to the projects in that group.
Any changes to group members will immediately be reflected in the project permissions.
You can even have multiple owners for a group, greatly simplifying administration.
### 0. Backup
## 0. Backup
It's useful to make a backup just in case things go south:
(With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
Note: We switched from Puma in GitLab 5.x to unicorn in GitLab 6.0.
* Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/masterconfig/gitlab.yml.example but with your settings.
* Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/masterconfig/unicorn.rb.example but with your settings.
- Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/masterconfig/gitlab.yml.example but with your settings.
- Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/masterconfig/unicorn.rb.example but with your settings.
Check if GitLab and its environment are configured correctly:
...
...
@@ -127,8 +135,8 @@ If all items are green, then congratulations upgrade complete!
## Things went south? Revert to previous version (5.1)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 5.0 to 5.1`](5.0-to-5.1.md), except for the database migration
(The backup is already migrated to the previous version)
Follow the [`upgrade guide from 5.0 to 5.1`](5.0-to-5.1.md), except for the database migration (the backup is already migrated to the previous version).
The migrations in this update are very sensitive to incomplete or inconsistent data. If you have a long-running GitLab installation and some of the previous upgrades did not work out 100% correct this may bite you now. The following commands can be run in the rails console to look for 'bad' data.
GitLab 5.3 is affected by critical security vulnerabilities CVE-2013-4490 and CVE-2013-4489.
### 0. Backup
## 0. Backup
It's useful to make a backup just in case things go south:
(With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
It's useful to make a backup just in case things go south (with MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version):
* Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-3-stable/config/gitlab.yml.example but with your settings.
* Make `/home/git/gitlab/config/puma.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-3-stable/config/puma.rb.example but with your settings.
- Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-3-stable/config/gitlab.yml.example but with your settings.
- Make `/home/git/gitlab/config/puma.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-3-stable/config/puma.rb.example but with your settings.
Check if GitLab and its environment are configured correctly:
...
...
@@ -74,8 +74,8 @@ If all items are green, then congratulations upgrade complete!
## Things went south? Revert to previous version (5.2)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 5.1 to 5.2`](5.1-to-5.2.md), except for the database migration
(The backup is already migrated to the previous version)
Follow the [`upgrade guide from 5.1 to 5.2`](5.1-to-5.2.md), except for the database migration (the backup is already migrated to the previous version).
It's useful to make a backup just in case things go south:
(With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
It's useful to make a backup just in case things go south (with MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version):
* Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-4-stable/config/gitlab.yml.example but with your settings.
* Make `/home/git/gitlab/config/puma.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-4-stable/config/puma.rb.example but with your settings.
- Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-4-stable/config/gitlab.yml.example but with your settings.
- Make `/home/git/gitlab/config/puma.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/5-4-stable/config/puma.rb.example but with your settings.
Check if GitLab and its environment are configured correctly:
...
...
@@ -79,8 +78,8 @@ If all items are green, then congratulations upgrade complete!
## Things went south? Revert to previous version (5.3)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 5.2 to 5.3`](5.2-to-5.3.md), except for the database migration
(The backup is already migrated to the previous version)
Follow the [`upgrade guide from 5.2 to 5.3`](5.2-to-5.3.md), except for the database migration (the backup is already migrated to the previous version).
GitLab 6.0 is affected by critical security vulnerabilities CVE-2013-4490 and CVE-2013-4489.
### Deprecations
## Deprecations
#### Global projects
### Global projects
The root (global) namespace for projects is deprecated.
So you need to move all your global projects under groups or users manually before update or they will be automatically moved to the project owner namespace during the update. When a project is moved all its members will receive an email with instructions how to update their git remote url. Please make sure you disable sending email when you do a test of the upgrade.
#### Teams
### Teams
We introduce group membership in 6.0 as a replacement for teams.
The old combination of groups and teams was confusing for a lot of people.
And when the members of a team where changed this wasn't reflected in the project permissions.
In GitLab 6.0 you will be able to add members to a group with a permission level for each member.
These group members will have access to the projects in that group.
Any changes to group members will immediately be reflected in the project permissions.
You can even have multiple owners for a group, greatly simplifying administration.
### 0. Backup
## 0. Backup
It's useful to make a backup just in case things go south:
(With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
It's useful to make a backup just in case things go south (with MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version):
Note: We switched from Puma in GitLab 5.4 to unicorn in GitLab 6.0.
* Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/gitlab.yml.example but with your settings.
* Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/unicorn.rb.example but with your settings.
- Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/gitlab.yml.example but with your settings.
- Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/unicorn.rb.example but with your settings.
Check if GitLab and its environment are configured correctly:
...
...
@@ -115,20 +122,24 @@ To make sure you didn't miss anything run a more thorough check with:
If all items are green, then congratulations upgrade complete!
### Troubleshooting
## Troubleshooting
The migrations in this update are very sensitive to incomplete or inconsistent data. If you have a long-running GitLab installation and some of the previous upgrades did not work out 100% correct this may bite you now. The following commands can be run in the rails console to look for 'bad' data.
GitLab 6.1 is affected by critical security vulnerabilities CVE-2013-4490 and CVE-2013-4489.
# In 6.1 we remove a lot of deprecated code.
# You should update to 6.0 before installing 6.1 so all the necessary conversions are run.
**In 6.1 we remove a lot of deprecated code.**
**You should update to 6.0 before installing 6.1 so all the necessary conversions are run.**
### Deprecations
## Deprecations
#### Global issue numbers
### Global issue numbers
In 6.1 issue numbers are project specific. This means all issues are renumbered and get a new number in their url. If you use an old issue number url and the issue number does not exist yet you are redirected to the new one. This conversion does not trigger if the old number already exists for this project, this is unlikely but will happen with old issues and large projects.
In 6.1 issue numbers are project specific. This means all issues are renumbered and get a new number in their URL. If you use an old issue number URL and the issue number does not exist yet you are redirected to the new one. This conversion does not trigger if the old number already exists for this project, this is unlikely but will happen with old issues and large projects.
### 0. Backup
## 0. Backup
It's useful to make a backup just in case things go south:
(With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
It's useful to make a backup just in case things go south (with MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version):
* Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-1-stable/config/gitlab.yml.example but with your settings.
* Make `/home/git/gitlab/config/unicorn.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-1-stable/config/unicorn.rb.example but with your settings.
- Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-1-stable/config/gitlab.yml.example but with your settings.
- Make `/home/git/gitlab/config/unicorn.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-1-stable/config/unicorn.rb.example but with your settings.
Check if GitLab and its environment are configured correctly:
...
...
@@ -96,8 +97,8 @@ If all items are green, then congratulations upgrade complete!
## Things went south? Revert to previous version (6.0)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 5.4 to 6.0`](5.4-to-6.0.md), except for the database migration
(The backup is already migrated to the previous version)
Follow the [`upgrade guide from 5.4 to 6.0`](5.4-to-6.0.md), except for the database migration (the backup is already migrated to the previous version).
# You should update to 6.0 before installing 6.1 or higher so all the necessary conversions are run.
**In 6.1 we remove a lot of deprecated code.**
### Deprecations
**You should update to 6.0 before installing 6.1 or higher so all the necessary conversions are run.**
#### Global issue numbers
## Deprecations
As of 6.1 issue numbers are project specific. This means all issues are renumbered and get a new number in their url. If you use an old issue number url and the issue number does not exist yet you are redirected to the new one. This conversion does not trigger if the old number already exists for this project, this is unlikely but will happen with old issues and large projects.
## Global issue numbers
### 0. Backup
As of 6.1 issue numbers are project specific. This means all issues are renumbered and get a new number in their URL. If you use an old issue number URL and the issue number does not exist yet you are redirected to the new one. This conversion does not trigger if the old number already exists for this project, this is unlikely but will happen with old issues and large projects.
## 0. Backup
It's useful to make a backup just in case things go south:
(With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
Check if GitLab and its environment are configured correctly:
...
...
@@ -135,8 +136,8 @@ If all items are green, then congratulations upgrade complete!
## Things went south? Revert to previous version (6.0)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 5.4 to 6.0`](5.4-to-6.0.md), except for the database migration
(The backup is already migrated to the previous version)
Follow the [`upgrade guide from 5.4 to 6.0`](5.4-to-6.0.md), except for the database migration (the backup is already migrated to the previous version).
If running in https mode, be sure to read [Can't Verify csrf token authenticity](https://github.com/gitlabhq/gitlab-public-wiki/wiki/Trouble-Shooting-Guide#cant-verify-csrf-token-authenticitycant-get-past-login-pageredirected-to-login-page)
If running in HTTPS mode, be sure to read [Can't Verify CSRF token authenticity](https://github.com/gitlabhq/gitlab-public-wiki/wiki/Trouble-Shooting-Guide#cant-verify-csrf-token-authenticitycant-get-past-login-pageredirected-to-login-page)
# You should update to 6.1 before installing 6.2 so all the necessary conversions are run.
**You should update to 6.1 before installing 6.2 so all the necessary conversions are run.**
### 0. Backup
## 0. Backup
It's useful to make a backup just in case things go south:
(With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
It's useful to make a backup just in case things go south: (With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version).
* Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-2-stable/config/gitlab.yml.example but with your settings.
* Make `/home/git/gitlab/config/unicorn.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-2-stable/config/unicorn.rb.example but with your settings.
* Copy rack attack middleware config
- Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-2-stable/config/gitlab.yml.example but with your settings.
* Uncomment `config.middleware.use Rack::Attack` in `/home/git/gitlab/config/application.rb`
* Set up logrotate
- Make `/home/git/gitlab/config/unicorn.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-2-stable/config/unicorn.rb.example but with your settings.
Check if GitLab and its environment are configured correctly:
...
...
@@ -108,8 +111,8 @@ If all items are green, then congratulations upgrade complete!
## Things went south? Revert to previous version (6.1)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 6.0 to 6.1`](6.0-to-6.1.md), except for the database migration
(The backup is already migrated to the previous version)
Follow the [`upgrade guide from 6.0 to 6.1`](6.0-to-6.1.md), except for the database migration (the backup is already migrated to the previous version).
It's useful to make a backup just in case things go south:
(With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
It's useful to make a backup just in case things go south: (With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
The Gitlab-shell config changed recently, so check for config file changes and make `/home/git/gitlab-shell/config.yml` the same as https://github.com/gitlabhq/gitlab-shell/blob/master/config.yml.example
The Gitlab-shell config changed recently, so check for config file changes and make `/home/git/gitlab-shell/config.yml` the same as <https://github.com/gitlabhq/gitlab-shell/blob/master/config.yml.example>
* Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-3-stable/config/gitlab.yml.example but with your settings.
* Make `/home/git/gitlab/config/unicorn.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-3-stable/config/unicorn.rb.example but with your settings.
- Make `/home/git/gitlab/config/gitlab.yml` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-3-stable/config/gitlab.yml.example but with your settings.
- Make `/home/git/gitlab/config/unicorn.rb` same as https://gitlab.com/gitlab-org/gitlab-ce/blob/6-3-stable/config/unicorn.rb.example but with your settings.
Check if GitLab and its environment are configured correctly:
...
...
@@ -98,8 +97,8 @@ If all items are green, then congratulations upgrade complete!
## Things went south? Revert to previous version (6.2)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 6.1 to 6.2`](6.1-to-6.2.md), except for the database migration
(The backup is already migrated to the previous version)
Follow the [`upgrade guide from 6.1 to 6.2`](6.1-to-6.2.md), except for the database migration (the backup is already migrated to the previous version).
Check if GitLab and its environment are configured correctly:
...
...
@@ -78,8 +78,8 @@ If all items are green, then congratulations upgrade complete!
## Things went south? Revert to previous version (6.3)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 6.2 to 6.3`](6.2-to-6.3.md), except for the database migration
(The backup is already migrated to the previous version)
Follow the [`upgrade guide from 6.2 to 6.3`](6.2-to-6.3.md), except for the database migration (the backup is already migrated to the previous version).
Check if GitLab and its environment are configured correctly:
...
...
@@ -82,13 +82,14 @@ If all items are green, then congratulations upgrade is complete!
## Things went south? Revert to previous version (6.4)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 6.3 to 6.4`](6.3-to-6.4.md), except for the database migration
(The backup is already migrated to the previous version)
### 2. Restore from the backup:
Follow the [`upgrade guide from 6.3 to 6.4`](6.3-to-6.4.md), except for the database migration (the backup is already migrated to the previous version).
Check if GitLab and its environment are configured correctly:
...
...
@@ -93,13 +92,14 @@ If all items are green, then congratulations upgrade is complete!
## Things went south? Revert to previous version (6.6)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 6.5 to 6.6`](6.5-to-6.6.md), except for the database migration
(The backup is already migrated to the previous version)
### 2. Restore from the backup:
Follow the [`upgrade guide from 6.5 to 6.6`](6.5-to-6.6.md), except for the database migration (the backup is already migrated to the previous version).
If you are using MySQL as a database, remove `reaping_frequency` from you database.yml to prevent crashes. [Relevant commit](https://gitlab.com/gitlab-org/gitlab-ce/commit/5163a8fcb9cfd63435560fda00173b76df2ccc93).
#### HTTPS? Disable gzip
### HTTPS? Disable gzip
If you are using HTTPS, disable gzip as in [this commit](https://gitlab.com/gitlab-org/gitlab-ce/commit/563fec734912d81cd7caea6fa8ec2b397fb72a9b) to prevent BREACH attacks.
#### Turn on asset compression
### Turn on asset compression
To improve performance, enable gzip asset compression as seen [in this commit](https://gitlab.com/gitlab-org/gitlab-ce/commit/8af94ed75505f0253823b9b2d44320fecea5b5fb).
### 6. Start application
## 6. Start application
sudo service gitlab start
sudo service nginx restart
### 7. Check application status
## 7. Check application status
Check if GitLab and its environment are configured correctly:
...
...
@@ -110,10 +110,10 @@ If all items are green, then congratulations upgrade is complete!
## Things went south? Revert to previous version (6.7)
### 1. Revert the code to the previous version
Follow the [`upgrade guide from 6.6 to 6.7`](6.6-to-6.7.md), except for the database migration
(The backup is already migrated to the previous version)
### 2. Restore from the backup:
Follow the [`upgrade guide from 6.6 to 6.7`](6.6-to-6.7.md), except for the database migration (the backup is already migrated to the previous version).
If you are replacing MySQL with Postgres while keeping GitLab on the same
server all you need to do is to export from MySQL, import into Postgres and
rebuild the indexes as described below. If you are also moving GitLab to
another server, or if you are switching to omnibus-gitlab, you may want to use
a GitLab backup file. The second part of this documents explains the procedure
to do this.
If you are replacing MySQL with Postgres while keeping GitLab on the same server all you need to do is to export from MySQL, import into Postgres and rebuild the indexes as described below. If you are also moving GitLab to another server, or if you are switching to omnibus-gitlab, you may want to use a GitLab backup file. The second part of this documents explains the procedure to do this.
The lanyrd database converter script does not preserve all indexes, so we have
to recreate them ourselves after migrating from MySQL. It is not necessary to
shut down GitLab for this process.
The lanyrd database converter script does not preserve all indexes, so we have to recreate them ourselves after migrating from MySQL. It is not necessary to shut down GitLab for this process.
### For non-omnibus installations
On non-omnibus installations (distributed using Git) we retrieve the index
declarations from version control using `git stash`.
On non-omnibus installations (distributed using Git) we retrieve the index declarations from version control using `git stash`.
```
# Clone the database converter on your Postgres-backed GitLab server
On omnibus-gitlab we need to get the index declarations from a file called
`schema.rb.bundled`. For versions older than 6.9, we need to download the file.
On omnibus-gitlab we need to get the index declarations from a file called `schema.rb.bundled`. For versions older than 6.9, we need to download the file.
```
# Clone the database converter on your Postgres-backed GitLab server
...
...
@@ -80,10 +69,7 @@ test -e /opt/gitlab/embedded/service/gitlab-rails/db/schema.rb.bundled || sudo /
## Converting a GitLab backup file from MySQL to Postgres
GitLab backup files (<timestamp>_gitlab_backup.tar) contain a SQL dump. Using
the lanyrd database converter we can replace a MySQL database dump inside the
tar file with a Postgres database dump. This can be useful if you are moving to
another server.
GitLab backup files (<timestamp>_gitlab_backup.tar) contain a SQL dump. Using the lanyrd database converter we can replace a MySQL database dump inside the tar file with a Postgres database dump. This can be useful if you are moving to another server.
Find the latest stable version of Ruby 1.9 or 2.0 at https://www.ruby-lang.org/en/downloads/ . We recommend at least 2.0.0-p353, which is patched against [CVE-2013-4164](https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/).
## 4. Download, compile and install Ruby
Find the latest stable version of Ruby 1.9 or 2.0 at <https://www.ruby-lang.org/en/downloads/>. We recommend at least 2.0.0-p353, which is patched against [CVE-2013-4164](https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/).
```bash
cd /tmp
...
...
@@ -36,6 +39,7 @@ sudo gem install bundler
```
### 5. Reinstall GitLab gem bundle
Just to be sure we will reinstall the gems used by GitLab. Note that the `bundle install` command [depends on your choice of database](../install/installation.md#install-gems).
Project web hooks allow you to trigger an URL if new code is pushed or a new issue is created.
---
You can configure web hooks to listen for specific events like pushes, issues or merge requests. GitLab will send a POST request with data to the web hook URL.
You can configure web hooks to listen for specific events like pushes, issues or merge requests.
GitLab will send a POST request with data to the web hook URL.
Web hooks can be used to update an external issue tracker, trigger CI builds, update a backup mirror, or even deploy to your production server.
If you send a web hook to an SSL endpoint [the certificate will not be verified](https://gitlab.com/gitlab-org/gitlab-ce/blob/ccd617e58ea71c42b6b073e692447d0fe3c00be6/app/models/web_hook.rb#L35) since many people use self-signed certificates.
---
If you send a web hook to an SSL endpoint [the certificate will not be verified](https://gitlab.com/gitlab-org/gitlab-ce/blob/ccd617e58ea71c42b6b073e692447d0fe3c00be6/app/models/web_hook.rb#L35) since many people use self-signed certificates.
#### Push events
## Push events
Triggered when you push to the repository except when pushing tags.
...
...
@@ -57,7 +54,7 @@ Triggered when you push to the repository except when pushing tags.
}
```
#### Issues events
## Issues events
Triggered when a new issue is created or an existing issue was updated/closed/reopened.
...
...
@@ -84,7 +81,7 @@ Triggered when a new issue is created or an existing issue was updated/closed/re
}
```
#### Merge request events
## Merge request events
Triggered when a new merge request is created or an existing merge request was updated/merged/closed.
@@ -5,9 +5,13 @@ There are two main ways to have a merge request flow with GitLab: working with p
## Protected branch flow
With the protected branch flow everybody works within the same GitLab project.
The project maintainers get Master access and the regular developers get Developer access.
The maintainers mark the authoritative branches as 'Protected'.
The developers push feature branches to the project and create merge requests to have their feature branches reviewed and merged into one of the protected branches.
Only users with Master access can merge changes into a protected branch.
### Advantages
...
...
@@ -22,7 +26,9 @@ Only users with Master access can merge changes into a protected branch.
## Forking workflow
With the forking workflow the maintainers get Master access and the regular developers get Reporter access to the authoritative repository, which prohibits them from pushing any changes to it.
Developers create forks of the authoritative project and push their feature branches to their own forks.
To get their changes into master they need to create a merge request across forks.
When in a Project -> Settings, you will find Features on the bottom of the page that you can toggle.
Below you will find a more elaborate explanation of each of these.
Below you will find a more elaborate explanation of each of these.
## Issues
Issues is a really powerful, but lightweight issue tracking system.
You can make tickets, assign them to people, file them under milestones, order them with labels and have discussion in them.
They integrate deeply into GitLab and are easily referenced from anywhere by using # and the issuenumber.
They integrate deeply into GitLab and are easily referenced from anywhere by using `#` and the issue number.
## Merge Requests
Using a merge request, you can review and discuss code before it is merged in the branch of your code.
As with issues, it can be assigned; people, issues, etc. can be refereced; milestones attached.
We see it as an integral part of working together on code and couldn't work without it.
We see it as an integral part of working together on code and couldn't work without it.
## Wiki
This is a separate system for documentation, built right into GitLab.
It is source controlled and is very convenient if you don't want to keep you documentation in your source code, but you do want to keep it in your GitLab project.
It is source controlled and is very convenient if you don't want to keep you documentation in your source code, but you do want to keep it in your GitLab project.
## Wall
For simple, project specific conversations, the wall can be used.
It's very lightweight and simple and works well if you're not interested in using issues, but still want to occasionally communicate within a project.
It's very lightweight and simple and works well if you're not interested in using issues, but still want to occasionally communicate within a project.
## Snippets
Snippets are little bits of code or text.
This is a nice place to put code or text that is used semi-regularly within the project, but does not belong in source control.
For example, a specific config file that is used by > the team that is only valid for the people that work on the code.