Merge branch 'axil-okr-pages-admin' into 'master'

Revise admin area Pages settings UI

See merge request gitlab-org/gitlab!66368

app/views/admin/application_settings/_pages.html.haml

@@ -2,43 +2,49 @@
   = form_errors(@application_setting)
 
   %fieldset
-    .form-group
-      = f.label :max_pages_size, _('Maximum size of pages (MB)'), class: 'label-bold'
-      = f.number_field :max_pages_size, class: 'form-control gl-form-input'
-      .form-text.text-muted
-        = _("0 for unlimited")
     .form-group
       .form-check
         = f.check_box :pages_domain_verification_enabled, class: 'form-check-input'
         = f.label :pages_domain_verification_enabled, class: 'form-check-label' do
-          = _("Require users to prove ownership of custom domains")
+          = s_("AdminSettings|Require users to prove ownership of custom domains")
       .form-text.text-muted
-        = _("Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled")
-        = link_to sprite_icon('question-o'), help_page_path('user/project/pages/custom_domains_ssl_tls_certification/index.md', anchor: '4-verify-the-domains-ownership')
+        - pages_link_url = help_page_path('administration/pages/index', anchor: 'custom-domain-verification')
+        - pages_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: pages_link_url }
+        = s_('AdminSettings|Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. %{link_start}Learn more.%{link_end}').html_safe % { link_start: pages_link_start, link_end: '</a>'.html_safe }
     - if Gitlab.config.pages.access_control
       .form-group
         .form-check
           = f.check_box :force_pages_access_control, class: 'form-check-input'
           = f.label :force_pages_access_control, class: 'form-check-label' do
-            = _("Disable public access to Pages sites")
+            = s_("AdminSettings|Disable public access to Pages sites")
         .form-text.text-muted
-          = _("Access to Pages websites are controlled based on the user's membership to a given project. By checking this box, users will be required to be logged in to have access to all Pages websites in your instance.")
-          = link_to sprite_icon('question-o'), help_page_path('administration/pages/index.md', anchor: 'disabling-public-access-to-all-pages-websites')
+          - pages_link_url = help_page_path('administration/pages/index', anchor: 'disable-public-access-to-all-pages-sites')
+          - pages_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: pages_link_url }
+          = s_("AdminSettings|Select to disable public access for Pages sites, which requires users to sign in for access to the Pages sites in your instance. %{link_start}Learn more.%{link_end}").html_safe % { link_start: pages_link_start, link_end: '</a>'.html_safe }
+    .form-group
+      = f.label :max_pages_size, _('Maximum size of pages (MB)'), class: 'label-bold'
+      = f.number_field :max_pages_size, class: 'form-control gl-form-input'
+      .form-text.text-muted
+        - pages_link_url = help_page_path('administration/pages/index', anchor: 'set-global-maximum-pages-size-per-project')
+        - pages_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: pages_link_url }
+        = s_('AdminSettings|Set the maximum size of GitLab Pages per project (0 for unlimited). %{link_start}Learn more.%{link_end}').html_safe % { link_start: pages_link_start, link_end: '</a>'.html_safe }
     %h5
-      = _("Configure Let's Encrypt")
+      = s_("AdminSettings|Configure Let's Encrypt")
     %p
       - lets_encrypt_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: "https://letsencrypt.org/" }
-      = _("%{lets_encrypt_link_start}Let's Encrypt%{lets_encrypt_link_end} is a free, automated, and open certificate authority (CA), that give digital certificates in order to enable HTTPS (SSL/TLS) for websites.").html_safe % { lets_encrypt_link_start: lets_encrypt_link_start, lets_encrypt_link_end: '</a>'.html_safe }
-    .form-group
-      = f.label :lets_encrypt_notification_email, _("Email"), class: 'label-bold'
-      = f.text_field :lets_encrypt_notification_email, class: 'form-control gl-form-input'
-      .form-text.text-muted
-        = _("A Let's Encrypt account will be configured for this GitLab installation using your email address. You will receive emails to warn of expiring certificates.")
-    .form-group
-      .form-check
-        = f.check_box :lets_encrypt_terms_of_service_accepted, class: 'form-check-input'
-        = f.label :lets_encrypt_terms_of_service_accepted, class: 'form-check-label' do
-          - terms_of_service_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: lets_encrypt_terms_of_service_admin_application_settings_path }
-          = _("I have read and agree to the Let's Encrypt %{link_start}Terms of Service%{link_end} (PDF)").html_safe % { link_start: terms_of_service_link_start, link_end: '</a>'.html_safe }
+      = _("%{lets_encrypt_link_start}Let's Encrypt%{lets_encrypt_link_end} is a free, automated, and open certificate authority (CA) that issues digital certificates to enable HTTPS (SSL/TLS) for sites.").html_safe % { lets_encrypt_link_start: lets_encrypt_link_start, lets_encrypt_link_end: '</a>'.html_safe }
+      .form-group
+        = f.label :lets_encrypt_notification_email, s_("AdminSettings|Let's Encrypt email"), class: 'label-bold'
+        = f.text_field :lets_encrypt_notification_email, class: 'form-control gl-form-input'
+        .form-text.text-muted
+          - pages_link_url = help_page_path('administration/pages/index', anchor: 'lets-encrypt-integration')
+          - pages_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: pages_link_url }
+          = s_("AdminSettings|A Let's Encrypt account will be configured for this GitLab instance using this email address. You will receive emails to warn of expiring certificates. %{link_start}Learn more.%{link_end}").html_safe % { link_start: pages_link_start, link_end: '</a>'.html_safe }
+      .form-group
+        .form-check
+          = f.check_box :lets_encrypt_terms_of_service_accepted, class: 'form-check-input'
+          = f.label :lets_encrypt_terms_of_service_accepted, class: 'form-check-label' do
+            - terms_of_service_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: lets_encrypt_terms_of_service_admin_application_settings_path }
+            = s_("AdminSettings|I have read and agree to the Let's Encrypt %{link_start}Terms of Service%{link_end} (PDF).").html_safe % { link_start: terms_of_service_link_start, link_end: '</a>'.html_safe }
 
   = f.submit _('Save changes'), class: "gl-button btn btn-confirm"

app/views/admin/application_settings/preferences.html.haml

@@ -43,7 +43,7 @@
     %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
       = expanded_by_default? ? _('Collapse') : _('Expand')
     %p
-      = _('Size and domain settings for static websites')
+      = s_('AdminSettings|Size and domain settings for Pages static sites.')
   .settings-content
     = render 'pages'
 

doc/administration/pages/index.md

@@ -407,17 +407,15 @@ verification requirement:
 allows users to add Let's Encrypt SSL certificates for GitLab Pages
 sites served under a custom domain.
 
-To enable it, you must:
+To enable it:
 
 1. Choose an email address on which you want to receive notifications about expiring domains.
 1. On the top bar, select **Menu >** **{admin}** **Admin**.
 1. On the left sidebar, select **Settings > Preferences**.
 1. Expand **Pages**.
-1. Enter the email address for receiving notifications and accept Let's Encrypt's Terms of Service as shown below.
+1. Enter the email address for receiving notifications and accept Let's Encrypt's Terms of Service.
 1. Select **Save changes**.
 
-![Let's Encrypt settings](img/lets_encrypt_integration_v12_1.png)
-
 ### Access control
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/33422) in GitLab 11.5.
@@ -466,6 +464,7 @@ The scope to use for authentication must match the GitLab Pages OAuth applicatio
 pre-existing applications must modify the GitLab Pages OAuth application. Follow these steps to do
 this:
 
+1. Enable [access control](#access-control).
 1. On the top bar, select **Menu >** **{admin}** **Admin**.
 1. On the left sidebar, select **Settings > Applications**.
 1. Expand **GitLab Pages**.
@@ -473,7 +472,7 @@ this:
    `read_api`).
 1. Select **Save changes**.
 
-#### Disabling public access to all Pages websites
+#### Disable public access to all Pages sites
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32095) in GitLab 12.7.
 
@@ -662,6 +661,16 @@ Follow the steps below to configure the proxy listener of GitLab Pages.
 
 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
 
+## Set global maximum pages size per project **(FREE SELF)**
+
+To set the global maximum pages size for a project:
+
+1. On the top bar, select **Menu >** **{admin}** **Admin**.
+1. On the left sidebar, select **Settings > Preferences**.
+1. Expand **Pages**.
+1. Edit the **Maximum size of pages**.
+1. Select **Save changes**.
+
 ## Override maximum pages size per project or group **(PREMIUM SELF)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16610) in GitLab 12.7.

locale/gitlab.pot

@@ -676,7 +676,7 @@ msgstr ""
 msgid "%{label_for_message} unavailable"
 msgstr ""
 
-msgid "%{lets_encrypt_link_start}Let's Encrypt%{lets_encrypt_link_end} is a free, automated, and open certificate authority (CA), that give digital certificates in order to enable HTTPS (SSL/TLS) for websites."
+msgid "%{lets_encrypt_link_start}Let's Encrypt%{lets_encrypt_link_end} is a free, automated, and open certificate authority (CA) that issues digital certificates to enable HTTPS (SSL/TLS) for sites."
 msgstr ""
 
 msgid "%{level_name} is not allowed in a %{group_level_name} group."
@@ -1191,9 +1191,6 @@ msgstr ""
 msgid "0 bytes"
 msgstr ""
 
-msgid "0 for unlimited"
-msgstr ""
-
 msgid "0 for unlimited, only effective with remote storage enabled."
 msgstr ""
 
@@ -1402,9 +1399,6 @@ msgstr ""
 msgid "A Let's Encrypt SSL certificate can not be obtained until your domain is verified."
 msgstr ""
 
-msgid "A Let's Encrypt account will be configured for this GitLab installation using your email address. You will receive emails to warn of expiring certificates."
-msgstr ""
-
 msgid "A Metrics Dashboard menu item appears in the Monitoring section of the Admin Area."
 msgstr ""
 
@@ -1726,9 +1720,6 @@ msgstr ""
 msgid "Access to '%{classification_label}' not allowed"
 msgstr ""
 
-msgid "Access to Pages websites are controlled based on the user's membership to a given project. By checking this box, users will be required to be logged in to have access to all Pages websites in your instance."
-msgstr ""
-
 msgid "AccessDropdown|Deploy Keys"
 msgstr ""
 
@@ -2365,27 +2356,45 @@ msgstr ""
 msgid "AdminProjects|Delete Project %{projectName}?"
 msgstr ""
 
+msgid "AdminSettings|A Let's Encrypt account will be configured for this GitLab instance using this email address. You will receive emails to warn of expiring certificates. %{link_start}Learn more.%{link_end}"
+msgstr ""
+
 msgid "AdminSettings|All new projects can use the instance's shared runners by default."
 msgstr ""
 
 msgid "AdminSettings|Auto DevOps domain"
 msgstr ""
 
+msgid "AdminSettings|Configure Let's Encrypt"
+msgstr ""
+
 msgid "AdminSettings|Disable feed token"
 msgstr ""
 
+msgid "AdminSettings|Disable public access to Pages sites"
+msgstr ""
+
+msgid "AdminSettings|Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. %{link_start}Learn more.%{link_end}"
+msgstr ""
+
 msgid "AdminSettings|Enable shared runners for new projects"
 msgstr ""
 
 msgid "AdminSettings|Feed token"
 msgstr ""
 
+msgid "AdminSettings|I have read and agree to the Let's Encrypt %{link_start}Terms of Service%{link_end} (PDF)."
+msgstr ""
+
 msgid "AdminSettings|If not specified at the group or instance level, the default is %{default_initial_branch_name}. Does not affect existing repositories."
 msgstr ""
 
 msgid "AdminSettings|Keep the latest artifacts for all jobs in the latest successful pipelines"
 msgstr ""
 
+msgid "AdminSettings|Let's Encrypt email"
+msgstr ""
+
 msgid "AdminSettings|Maximum duration of a session for Git operations when 2FA is enabled."
 msgstr ""
 
@@ -2398,6 +2407,9 @@ msgstr ""
 msgid "AdminSettings|Protect CI/CD variables by default"
 msgstr ""
 
+msgid "AdminSettings|Require users to prove ownership of custom domains"
+msgstr ""
+
 msgid "AdminSettings|Required pipeline configuration"
 msgstr ""
 
@@ -2407,12 +2419,21 @@ msgstr ""
 msgid "AdminSettings|Select a group to use as the source for instance-level project templates."
 msgstr ""
 
+msgid "AdminSettings|Select to disable public access for Pages sites, which requires users to sign in for access to the Pages sites in your instance. %{link_start}Learn more.%{link_end}"
+msgstr ""
+
 msgid "AdminSettings|Session duration for Git operations when 2FA is enabled (minutes)"
 msgstr ""
 
 msgid "AdminSettings|Set a CI/CD template as the required pipeline configuration for all projects in the instance. Project CI/CD configuration merges into the required pipeline configuration when the pipeline runs. %{link_start}What is a required pipeline configuration?%{link_end}"
 msgstr ""
 
+msgid "AdminSettings|Set the maximum size of GitLab Pages per project (0 for unlimited). %{link_start}Learn more.%{link_end}"
+msgstr ""
+
+msgid "AdminSettings|Size and domain settings for Pages static sites."
+msgstr ""
+
 msgid "AdminSettings|The default domain to use for Auto Review Apps and Auto Deploy stages in all projects."
 msgstr ""
 
@@ -8395,9 +8416,6 @@ msgstr ""
 msgid "Configure Integrations"
 msgstr ""
 
-msgid "Configure Let's Encrypt"
-msgstr ""
-
 msgid "Configure Prometheus"
 msgstr ""
 
@@ -11559,9 +11577,6 @@ msgstr ""
 msgid "Disable group runners"
 msgstr ""
 
-msgid "Disable public access to Pages sites"
-msgstr ""
-
 msgid "Disable two-factor authentication"
 msgstr ""
 
@@ -11732,9 +11747,6 @@ msgstr ""
 msgid "Domain cannot be deleted while associated to one or more clusters."
 msgstr ""
 
-msgid "Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled"
-msgstr ""
-
 msgid "Domain was successfully created."
 msgstr ""
 
@@ -16455,9 +16467,6 @@ msgstr ""
 msgid "I forgot my password"
 msgstr ""
 
-msgid "I have read and agree to the Let's Encrypt %{link_start}Terms of Service%{link_end} (PDF)"
-msgstr ""
-
 msgid "I want to explore GitLab to see if it’s worth switching to"
 msgstr ""
 
@@ -28074,9 +28083,6 @@ msgstr ""
 msgid "Require user password for approvals."
 msgstr ""
 
-msgid "Require users to prove ownership of custom domains"
-msgstr ""
-
 msgid "Required approvals (%{approvals_given} given)"
 msgstr ""
 
@@ -30652,9 +30658,6 @@ msgstr ""
 msgid "Size"
 msgstr ""
 
-msgid "Size and domain settings for static websites"
-msgstr ""
-
 msgid "Size limit per repository (MB)"
 msgstr ""
 

spec/features/admin/admin_settings_spec.rb

@@ -634,7 +634,7 @@ RSpec.describe 'Admin updates settings' do
       it "change Pages Let's Encrypt settings" do
         visit preferences_admin_application_settings_path
         page.within('.as-pages') do
-          fill_in 'Email', with: 'my@test.example.com'
+          fill_in "Let's Encrypt email", with: 'my@test.example.com'
           check "I have read and agree to the Let's Encrypt Terms of Service"
           click_button 'Save changes'
         end