Skip to content
Snippets Groups Projects
Verified Commit f64cd691 authored by Zachary Painter's avatar Zachary Painter Committed by GitLab
Browse files

Apply 1 suggestion(s) to 1 file(s)


Co-authored-by: default avatarLysanne Pinto <lpinto@gitlab.com>
parent e8c54326
No related branches found
No related tags found
1 merge request!172145Removes quotations from several docs
......@@ -138,8 +138,8 @@ To configure Gitaly servers, you must:
The `git` user must be able to read, write, and set permissions on the configured storage path.
To avoid downtime while rotating the Gitaly token, you can temporarily disable authentication using the `gitaly['auth_transitioning']` setting. For more information, see the documentation on
[enabling "auth transitioning mode"](#enable-auth-transitioning-mode).
To avoid downtime while rotating the Gitaly token, you can temporarily disable authentication using the `gitaly['auth_transitioning']` setting. For more information, see
[enable auth transitioning mode](#enable-auth-transitioning-mode).
#### Configure authentication
......@@ -716,7 +716,7 @@ In the previous example using the new configuration method:
- The top level memory limit is capped at 60 GB.
- Each of the 1000 cgroups in the repositories pool is capped at 20 GB.
This configuration leads to "oversubscription". Each cgroup in the pool has a much larger capacity than 1/1000th
This configuration leads to oversubscription. Each cgroup in the pool has a much larger capacity than 1/1000th
of the top-level memory limit.
This strategy has two main benefits:
......@@ -782,14 +782,14 @@ However, you can rotate Gitaly credentials without a service interruption. Rotat
authentication token involves:
- [Verifying authentication monitoring](#verify-authentication-monitoring).
- [Enabling "auth transitioning" mode](#enable-auth-transitioning-mode).
- [Enabling auth transitioning mode](#enable-auth-transitioning-mode).
- [Updating Gitaly authentication tokens](#update-gitaly-authentication-token).
- [Ensuring there are no authentication failures](#ensure-there-are-no-authentication-failures).
- [Disabling "auth transitioning" mode](#disable-auth-transitioning-mode).
- [Disabling auth transitioning mode](#disable-auth-transitioning-mode).
- [Verifying authentication is enforced](#verify-authentication-is-enforced).
This procedure also works if you are running GitLab on a single server. In that case, "Gitaly
server" and "Gitaly client" refers to the same machine.
This procedure also works if you are running GitLab on a single server. In that case, the Gitaly
server and the Gitaly client refer to the same machine.
### Verify authentication monitoring
......@@ -799,10 +799,10 @@ Prometheus.
You can then continue the rest of the procedure.
### Enable "auth transitioning" mode
### Enable auth transitioning mode
Temporarily disable Gitaly authentication on the Gitaly servers by putting them into "auth
transitioning" mode as follows:
Temporarily disable Gitaly authentication on the Gitaly servers by putting them into auth
transitioning mode as follows:
```ruby
# in /etc/gitlab/gitlab.rb
......@@ -861,9 +861,9 @@ After the new token is set, and all services involved have been restarted, you w
After the new token is picked up by all Gitaly clients and Gitaly servers, the
**only non-zero rate** should be `enforced="false",status="would be ok"`.
### Disable "auth transitioning" mode
### Disable auth transitioning mode
To re-enable Gitaly authentication, disable "auth transitioning" mode. Update the configuration on
To re-enable Gitaly authentication, disable auth transitioning mode. Update the configuration on
your Gitaly servers as follows:
```ruby
......@@ -1110,7 +1110,7 @@ A lot of Gitaly RPCs need to look up Git objects from repositories.
Most of the time we use `git cat-file --batch` processes for that. For
better performance, Gitaly can re-use these `git cat-file` processes
across RPC calls. Previously used processes are kept around in a
["Git cat-file cache"](https://about.gitlab.com/blog/2019/07/08/git-performance-on-nfs/#enter-cat-file-cache).
[`git cat-file` cache](https://about.gitlab.com/blog/2019/07/08/git-performance-on-nfs/#enter-cat-file-cache).
To control how much system resources this uses, we have a maximum number of
cat-file processes that can go into the cache.
......
......@@ -94,7 +94,7 @@ The `References` header is also accepted, however it is used specifically to rel
In GitLab 14.6 and later, [Service Desk](../user/project/service_desk/index.md)
also checks accepted headers.
Usually, the "To" field contains the email address of the primary receiver.
Usually, the `To` field contains the email address of the primary receiver.
However, it might not include the configured GitLab email address if:
- The address is in the `BCC` field.
......@@ -138,9 +138,9 @@ Workspace, and your company's private Slack instance requires a valid `@hooli.co
email address to sign up.
If you also host a public-facing GitLab instance at `hooli.com` and set your
incoming email domain to `hooli.com`, an attacker could abuse the "Create new
issue by email" or
"[Create new merge request by email](../user/project/merge_requests/creating_merge_requests.md#by-sending-an-email)"
incoming email domain to `hooli.com`, an attacker could abuse the Create new
issue by email or
[Create new merge request by email](../user/project/merge_requests/creating_merge_requests.md#by-sending-an-email)
features by using a project's unique address as the email when signing up for
Slack. This would send a confirmation email, which would create a new issue or
merge request on the project owned by the attacker, allowing them to select the
......
......@@ -10,7 +10,7 @@ DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
GitLab comes with its own application performance measuring system , called "GitLab Performance Monitoring".
GitLab comes with its own application performance measuring system called GitLab Performance Monitoring.
GitLab Performance Monitoring is available in both the Community and Enterprise editions.
Apart from this introduction, you are advised to read through the following
......
......@@ -27,10 +27,10 @@ Replying by email happens in three steps:
### GitLab sends a notification email
When GitLab sends a notification and Reply by email is enabled, the `Reply-To`
When GitLab sends a notification and Reply by email is active, the `Reply-To`
header is set to the address defined in your GitLab configuration, with the
`%{key}` placeholder (if present) replaced by a specific "reply key". In
addition, this "reply key" is also added to the `References` header.
`%{key}` placeholder (if present) replaced by a specific reply key. In
addition, this reply key is also added to the `References` header.
### You reply to the notification email
......@@ -44,8 +44,15 @@ When you reply to the notification email, your email client:
### GitLab receives your reply to the notification email
When GitLab receives your reply, it looks for the "reply key" in the
[list of accepted headers](incoming_email.md#accepted-headers).
When GitLab receives your reply, it looks for the reply key in the
following headers, in this order:
1. `To` header
1. `References` header
1. `Delivered-To` header
1. `Envelope-To` header
1. `X-Envelope-To` header
1. `Received` header
If it finds a reply key, it leaves your reply as a comment on
the entity the notification was about (issue, merge request, commit...).
......
......@@ -14,8 +14,7 @@ DETAILS:
An [emoji reaction](../user/emoji_reactions.md) tells a thousand words.
We call GitLab objects on which you can react with an emoji "awardables".
You can react with emoji on the following:
We call GitLab objects that accept emoji reactions awardables. You can react with emoji on the following:
- [Epics](../user/group/epics/index.md) ([API](epics.md)).
- [Issues](../user/project/issues/index.md) ([API](issues.md)).
......
......@@ -11,7 +11,7 @@ DETAILS:
**Offering:** GitLab.com, Self-managed, GitLab Dedicated
[Push mirrors](../user/project/repository/mirror/push.md)
defined on a project's repository settings are called "remote mirrors". You
defined on a project's repository settings are called remote mirrors. You
can query and modify the state of these mirrors with the remote mirror API.
For security reasons, the `url` attribute in the API response is always scrubbed of username
......
......@@ -73,7 +73,7 @@ hello-job:
### Jenkins pipeline syntax
A Jenkins configuration is composed of a `pipeline` block with "sections" and "directives".
A Jenkins configuration is composed of a `pipeline` block with sections and directives.
GitLab CI/CD has similar functionality, configured with YAML keywords.
#### Sections
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment