'ClusterIntegration|Create a provision role on %{startAwsLink}Amazon Web Services %{externalLinkIcon}%{endLink} using the account and external ID above. %{startMoreInfoLink}More information%{endLink}',
'ClusterIntegration|The Amazon Resource Name (ARN) associated with your role. If you do not have a provision role, first create one on %{startAwsLink}Amazon Web Services %{externalLinkIcon}%{endLink} using the above account and external IDs. %{startMoreInfoLink}More information%{endLink}',
<h2>{{s__('ClusterIntegration|Authenticate with Amazon Web Services')}}</h2>
<p>
{{
s__(
'ClusterIntegration|You must grant access to your organization’s AWS resources in order to create a new EKS cluster. To grant access, create a provision role using the account and external ID below and provide us the ARN.',
=s_('Amazon authentication is not %{link_start}correctly configured%{link_end}. Ask your GitLab administrator if you want to use this service.').html_safe%{link_start: documentation_link_start,link_end: '<a/>'.html_safe}
@@ -212,6 +212,10 @@ are listed in the descriptions of the relevant settings.
...
@@ -212,6 +212,10 @@ are listed in the descriptions of the relevant settings.
| `dsa_key_restriction` | integer | no | The minimum allowed bit length of an uploaded DSA key. Default is `0` (no restriction). `-1` disables DSA keys. |
| `dsa_key_restriction` | integer | no | The minimum allowed bit length of an uploaded DSA key. Default is `0` (no restriction). `-1` disables DSA keys. |
| `ecdsa_key_restriction` | integer | no | The minimum allowed curve size (in bits) of an uploaded ECDSA key. Default is `0` (no restriction). `-1` disables ECDSA keys. |
| `ecdsa_key_restriction` | integer | no | The minimum allowed curve size (in bits) of an uploaded ECDSA key. Default is `0` (no restriction). `-1` disables ECDSA keys. |
| `ed25519_key_restriction` | integer | no | The minimum allowed curve size (in bits) of an uploaded ED25519 key. Default is `0` (no restriction). `-1` disables ED25519 keys. |
| `ed25519_key_restriction` | integer | no | The minimum allowed curve size (in bits) of an uploaded ED25519 key. Default is `0` (no restriction). `-1` disables ED25519 keys. |
| `eks_integration_enabled` | boolean | no | Enable integration with Amazon EKS |
| `eks_account_id` | string | no | Amazon account ID |
| `eks_access_key_id` | string | no | AWS IAM access key ID |
| `eks_secret_access_key` | string | no | AWS IAM secret access key |
| `elasticsearch_aws_access_key` | string | no | **(PREMIUM)** AWS IAM access key |
| `elasticsearch_aws_access_key` | string | no | **(PREMIUM)** AWS IAM access key |
| `elasticsearch_aws` | boolean | no | **(PREMIUM)** Enable the use of AWS hosted Elasticsearch |
| `elasticsearch_aws` | boolean | no | **(PREMIUM)** Enable the use of AWS hosted Elasticsearch |
| `elasticsearch_aws_region` | string | no | **(PREMIUM)** The AWS region the Elasticsearch domain is configured |
| `elasticsearch_aws_region` | string | no | **(PREMIUM)** The AWS region the Elasticsearch domain is configured |
GitLab integrates with multiple third-party services to allow external issue
GitLab can be integrated with external services for enhanced functionality.
trackers and external authentication.
## Issue trackers
See the documentation below for details on how to configure these services.
You can use an [external issue tracker](external-issue-tracker.md) at the same time as the GitLab issue tracker, or use only the external issue tracker.
-[Akismet](akismet.md) Configure Akismet to stop spam
-[Auth0 OmniAuth](auth0.md) Enable the Auth0 OmniAuth provider
GitLab can be integrated with the following external issue trackers:
-[Bitbucket](bitbucket.md) Import projects from Bitbucket.org and login to your GitLab instance with your Bitbucket.org account
-[CAS](cas.md) Configure GitLab to sign in using CAS
- Jira
-[External issue tracker](external-issue-tracker.md) Redmine, Jira, etc.
- Redmine
-[Gmail actions buttons](gmail_action_buttons_for_gitlab.md) Adds GitLab actions to messages
- Bugzilla
-[Jenkins](jenkins.md) Integrate with the Jenkins CI
- YouTrack
-[Jira](../user/project/integrations/jira.md) Integrate with the Jira issue tracker
Bitbucket, Facebook, Shibboleth, SAML, Crowd, Azure or Authentiq ID.
- Use GitLab as an [OpenID Connect](openid_connect_provider.md) identity provider.
- Configure GitLab as a [SAML](saml.md) 2.0 Service Provider.
## Security enhancements
GitLab can be integrated with the following external services to enhance security:
-[Akismet](akismet.md) helps reduce spam.
- Google [reCAPTCHA](recaptcha.md) helps verify new users.
GitLab also provides features to improve the security of your own application. For more details see [GitLab Secure](../user/application_security/index.md).
## Continuous integration
GitLab can be integrated with the following external service for continuous integration:
-[Jenkins](jenkins.md) CI. **(STARTER)**
## Feature enhancements
GitLab can be integrated with the following enhancements:
- Add GitLab actions to [Gmail actions buttons](gmail_action_buttons_for_gitlab.md).
- Configure [PlantUML](../administration/integration/plantuml.md) to use diagrams in AsciiDoc documents.
- Attach merge requests to [Trello](trello_power_up.md) cards.
## Project services
## Project services
Integration with services such as Campfire, Flowdock, HipChat,
Integration with services such as Campfire, Flowdock, HipChat, Pivotal Tracker, and Slack are available as [Project Services](../user/project/integrations/project_services.md).
Pivotal Tracker, and Slack are available in the form of a [Project Service][].
When trying to integrate GitLab with services that are using self-signed certificates, it is very likely that SSL certificate errors will occur in different parts of the application, most likely Sidekiq.
When trying to integrate GitLab with services that are using self-signed certificates,
There are two approaches you can take to solve this:
it is very likely that SSL certificate errors will occur on different parts of the
application, most likely Sidekiq. There are 2 approaches you can take to solve this:
1. Add the root certificate to the trusted chain of the OS.
1. Add the root certificate to the trusted chain of the OS.
1. If using Omnibus, you can add the certificate to GitLab's trusted certificates.
1. If using Omnibus, you can add the certificate to GitLab's trusted certificates.
...
@@ -62,12 +86,12 @@ in to GitLab Omnibus.
...
@@ -62,12 +86,12 @@ in to GitLab Omnibus.
It is enough to concatenate the certificate to the main trusted certificate
It is enough to concatenate the certificate to the main trusted certificate
optional:domain_blacklist_enabled,type: Boolean,desc: 'Enable domain blacklist for sign ups'
optional:domain_blacklist_enabled,type: Boolean,desc: 'Enable domain blacklist for sign ups'
optional:domain_blacklist,type: Array[String],coerce_with: Validations::Types::CommaSeparatedToArray.coerce,desc: 'Users with e-mail addresses that match these domain(s) will NOT be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com'
optional:domain_blacklist,type: Array[String],coerce_with: Validations::Types::CommaSeparatedToArray.coerce,desc: 'Users with e-mail addresses that match these domain(s) will NOT be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com'
optional:domain_whitelist,type: Array[String],coerce_with: Validations::Types::CommaSeparatedToArray.coerce,desc: 'ONLY users with e-mail addresses that match these domain(s) will be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com'
optional:domain_whitelist,type: Array[String],coerce_with: Validations::Types::CommaSeparatedToArray.coerce,desc: 'ONLY users with e-mail addresses that match these domain(s) will be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com'
optional:eks_integration_enabled,type: Boolean,desc: 'Enable integration with Amazon EKS'
giveneks_integration_enabled: ->(val){val}do
requires:eks_account_id,type: String,desc: 'Amazon account ID for EKS integration'
requires:eks_access_key_id,type: String,desc: 'Access key ID for the EKS integration IAM user'
requires:eks_secret_access_key,type: String,desc: 'Secret access key for the EKS integration IAM user'
end
optional:email_author_in_body,type: Boolean,desc: 'Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead.'
optional:email_author_in_body,type: Boolean,desc: 'Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead.'
optional:enabled_git_access_protocol,type: String,values: %w[ssh http nil],desc: 'Allow only the selected protocols to be used for Git access.'
optional:enabled_git_access_protocol,type: String,values: %w[ssh http nil],desc: 'Allow only the selected protocols to be used for Git access.'
optional:gitaly_timeout_default,type: Integer,desc: 'Default Gitaly timeout, in seconds. Set to 0 to disable timeouts.'
optional:gitaly_timeout_default,type: Integer,desc: 'Default Gitaly timeout, in seconds. Set to 0 to disable timeouts.'
msgid "ClusterIntegration|Create a provision role on %{startAwsLink}Amazon Web Services %{externalLinkIcon}%{endLink} using the account and external ID above. %{startMoreInfoLink}More information%{endLink}"
msgstr ""
msgid "ClusterIntegration|Create cluster on"
msgid "ClusterIntegration|Create cluster on"
msgstr ""
msgstr ""
...
@@ -3889,6 +3913,9 @@ msgstr ""
...
@@ -3889,6 +3913,9 @@ msgstr ""
msgid "ClusterIntegration|Prometheus is an open-source monitoring system with %{gitlabIntegrationLink} to monitor deployed applications."
msgid "ClusterIntegration|Prometheus is an open-source monitoring system with %{gitlabIntegrationLink} to monitor deployed applications."
msgstr ""
msgstr ""
msgid "ClusterIntegration|Provision Role ARN"
msgstr ""
msgid "ClusterIntegration|RBAC-enabled cluster"
msgid "ClusterIntegration|RBAC-enabled cluster"
msgstr ""
msgstr ""
...
@@ -4024,6 +4051,9 @@ msgstr ""
...
@@ -4024,6 +4051,9 @@ msgstr ""
msgid "ClusterIntegration|Subnet"
msgid "ClusterIntegration|Subnet"
msgstr ""
msgstr ""
msgid "ClusterIntegration|The Amazon Resource Name (ARN) associated with your role. If you do not have a provision role, first create one on %{startAwsLink}Amazon Web Services %{externalLinkIcon}%{endLink} using the above account and external IDs. %{startMoreInfoLink}More information%{endLink}"
msgstr ""
msgid "ClusterIntegration|The Kubernetes certificate used to authenticate to the cluster."
msgid "ClusterIntegration|The Kubernetes certificate used to authenticate to the cluster."
msgstr ""
msgstr ""
...
@@ -4093,6 +4123,9 @@ msgstr ""
...
@@ -4093,6 +4123,9 @@ msgstr ""
msgid "ClusterIntegration|You must first install Helm Tiller before installing the applications below"
msgid "ClusterIntegration|You must first install Helm Tiller before installing the applications below"
msgstr ""
msgstr ""
msgid "ClusterIntegration|You must grant access to your organization’s AWS resources in order to create a new EKS cluster. To grant access, create a provision role using the account and external ID below and provide us the ARN."
msgstr ""
msgid "ClusterIntegration|You must have an RBAC-enabled cluster to install Knative."
msgid "ClusterIntegration|You must have an RBAC-enabled cluster to install Knative."