From 14eaeb21d206eff70a3f3341b56c9584b947b4de Mon Sep 17 00:00:00 2001 From: lyb124553153 <124553153@qq.com> Date: Wed, 14 Jun 2023 16:30:29 +0800 Subject: [PATCH 1/9] Add a configuration page for gilab_shell_operation_limit Allow customers specify their own git using SSH limit Changelog: added --- app/helpers/application_settings_helper.rb | 3 ++- .../_gitlab_shell_operation_limits.html.haml | 19 +++++++++++++++++++ .../application_settings/network.html.haml | 4 ++++ spec/features/admin/admin_settings_spec.rb | 12 ++++++++++++ spec/requests/api/settings_spec.rb | 5 ++++- 5 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb index adbf7ab7cf2c34..aa2466372e1293 100644 --- a/app/helpers/application_settings_helper.rb +++ b/app/helpers/application_settings_helper.rb @@ -497,7 +497,8 @@ def visible_attributes :projects_api_rate_limit_unauthenticated, :gitlab_dedicated_instance, :ci_max_includes, - :allow_account_deletion + :allow_account_deletion, + :gitlab_shell_operation_limit ].tap do |settings| next if Gitlab.com? diff --git a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml new file mode 100644 index 00000000000000..3f8744369541c5 --- /dev/null +++ b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml @@ -0,0 +1,19 @@ +%section.settings.as-gitlab-shell-operation-limits.no-animate#js-projects-api-limits-settings{ class: ('expanded' if expanded_by_default?) } + .settings-header + %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only + = _('Git operations using SSH rate limit') + = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do + = expanded_by_default? ? _('Collapse') : _('Expand') + %p + = _('Limit the number of Git operations per minute a user can perform per repository.') + = link_to _('Learn more.'), help_page_path('user/admin_area/settings/rate_limit_on_projects_api.md'), target: '_blank', rel: 'noopener noreferrer' + .settings-content + = gitlab_ui_form_for @application_setting, url: network_admin_application_settings_path(anchor: 'js-projects-api-limits-settings'), html: { class: 'fieldset-form' } do |f| + = form_errors(@application_setting) + + %fieldset + .form-group + = f.label :gitlab_shell_operation_limit, _('Maximum number of Git operations per minute'), class: 'label-bold' + = f.number_field :gitlab_shell_operation_limit, class: 'form-control gl-form-input' + + = f.submit _('Save changes'), pajamas_button: true diff --git a/app/views/admin/application_settings/network.html.haml b/app/views/admin/application_settings/network.html.haml index 18ce7c1ceba3d3..8ad00d43cce312 100644 --- a/app/views/admin/application_settings/network.html.haml +++ b/app/views/admin/application_settings/network.html.haml @@ -84,6 +84,9 @@ .settings-content = render 'git_lfs_limits' + += render 'gitlab_shell_operation_limits' + %section.settings.as-outbound.no-animate#js-outbound-settings{ class: ('expanded' if expanded_by_default?), data: { qa_selector: 'outbound_requests_content' } } .settings-header %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only @@ -173,3 +176,4 @@ = render 'pipeline_limits' = render_if_exists 'admin/application_settings/ee_network_settings' + diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb index 5f0d697b1e0b16..a47e5f58c4d44e 100644 --- a/spec/features/admin/admin_settings_spec.rb +++ b/spec/features/admin/admin_settings_spec.rb @@ -775,6 +775,18 @@ expect(current_settings.users_get_by_id_limit_allowlist).to eq(%w[someone someone_else]) end + it 'changes gitlab shell operation limits settings' do + visit network_admin_application_settings_path + + page.within('.as-gitlab-shell-operation-limits') do + fill_in 'Maximum number of Git operations per minute', with: 100 + click_button 'Save changes' + end + + expect(page).to have_content "Application settings saved successfully" + expect(current_settings.gitlab_shell_operation_limit).to eq(100) + end + it 'changes Projects API rate limits settings' do visit network_admin_application_settings_path diff --git a/spec/requests/api/settings_spec.rb b/spec/requests/api/settings_spec.rb index 79e96d7ea3ebc8..28c4b0b3f08485 100644 --- a/spec/requests/api/settings_spec.rb +++ b/spec/requests/api/settings_spec.rb @@ -80,6 +80,7 @@ expect(json_response['valid_runner_registrars']).to match_array(%w(project group)) expect(json_response['ci_max_includes']).to eq(150) expect(json_response['allow_account_deletion']).to eq(true) + expect(json_response['gitlab_shell_operation_limit']).to eq(600) end end @@ -196,7 +197,8 @@ slack_app_signing_secret: 'SLACK_APP_SIGNING_SECRET', slack_app_verification_token: 'SLACK_APP_VERIFICATION_TOKEN', valid_runner_registrars: ['group'], - allow_account_deletion: false + allow_account_deletion: false, + gitlab_shell_operation_limit: 500 } expect(response).to have_gitlab_http_status(:ok) @@ -277,6 +279,7 @@ expect(json_response['slack_app_verification_token']).to eq('SLACK_APP_VERIFICATION_TOKEN') expect(json_response['valid_runner_registrars']).to eq(['group']) expect(json_response['allow_account_deletion']).to be(false) + expect(json_response['gitlab_shell_operation_limit']).to be(500) end end -- GitLab From afb0f09db37658d33f4d1dc5aede6aab59096537 Mon Sep 17 00:00:00 2001 From: lyb124553153 <124553153@qq.com> Date: Thu, 15 Jun 2023 22:13:02 +0800 Subject: [PATCH 2/9] Generate i18n text --- .../_gitlab_shell_operation_limits.html.haml | 4 ++-- locale/gitlab.pot | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml index 3f8744369541c5..8f909d5e0e57ee 100644 --- a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml +++ b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml @@ -1,11 +1,11 @@ %section.settings.as-gitlab-shell-operation-limits.no-animate#js-projects-api-limits-settings{ class: ('expanded' if expanded_by_default?) } .settings-header %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only - = _('Git operations using SSH rate limit') + = _('Git SSH operations rate limit') = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do = expanded_by_default? ? _('Collapse') : _('Expand') %p - = _('Limit the number of Git operations per minute a user can perform per repository.') + = _('Limit the number of Git operations per minute a user can perform per repository.') = link_to _('Learn more.'), help_page_path('user/admin_area/settings/rate_limit_on_projects_api.md'), target: '_blank', rel: 'noopener noreferrer' .settings-content = gitlab_ui_form_for @application_setting, url: network_admin_application_settings_path(anchor: 'js-projects-api-limits-settings'), html: { class: 'fieldset-form' } do |f| diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 4a033ded0bd4ea..3256ec96ed5c13 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -20371,6 +20371,9 @@ msgstr "" msgid "Git LFS status:" msgstr "" +msgid "Git SSH operations rate limit" +msgstr "" + msgid "Git global setup" msgstr "" @@ -27179,6 +27182,9 @@ msgstr "" msgid "Limit sign in from multiple IP addresses" msgstr "" +msgid "Limit the number of Git operations per minute a user can perform per repository." +msgstr "" + msgid "Limit the number of inbound incident management alerts that can be sent to a project." msgstr "" @@ -27994,6 +28000,9 @@ msgstr "" msgid "Maximum number of %{name} (%{count}) exceeded" msgstr "" +msgid "Maximum number of Git operations per minute" +msgstr "" + msgid "Maximum number of changes (branches or tags) in a single push above which a bulk push event is created (default is `3`). Setting to `0` does not disable throttling." msgstr "" -- GitLab From 04bbe842bed9a025d13119a393216e524ead04fc Mon Sep 17 00:00:00 2001 From: lyb124553153 <124553153@qq.com> Date: Mon, 19 Jun 2023 09:36:28 +0800 Subject: [PATCH 3/9] Add document for gitlab shell operation limit --- .../_gitlab_shell_operation_limits.html.haml | 2 +- doc/api/settings.md | 1 + doc/security/rate_limits.md | 18 ---------- .../settings/gitlab_shell_operation_limits.md | 33 +++++++++++++++++++ 4 files changed, 35 insertions(+), 19 deletions(-) create mode 100644 doc/user/admin_area/settings/gitlab_shell_operation_limits.md diff --git a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml index 8f909d5e0e57ee..153dbf5efcef8b 100644 --- a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml +++ b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml @@ -6,7 +6,7 @@ = expanded_by_default? ? _('Collapse') : _('Expand') %p = _('Limit the number of Git operations per minute a user can perform per repository.') - = link_to _('Learn more.'), help_page_path('user/admin_area/settings/rate_limit_on_projects_api.md'), target: '_blank', rel: 'noopener noreferrer' + = link_to _('Learn more.'), help_page_path('user/admin_area/settings/gitlab_shell_operation_limits.md'), target: '_blank', rel: 'noopener noreferrer' .settings-content = gitlab_ui_form_for @application_setting, url: network_admin_application_settings_path(anchor: 'js-projects-api-limits-settings'), html: { class: 'fieldset-form' } do |f| = form_errors(@application_setting) diff --git a/doc/api/settings.md b/doc/api/settings.md index ab78b9b7c74255..37586aa84515b6 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -550,6 +550,7 @@ listed in the descriptions of the relevant settings. | `wiki_page_max_content_bytes` | integer | no | Maximum wiki page content size in **bytes**. Default: 52428800 Bytes (50 MB). The minimum value is 1024 bytes. | | `jira_connect_application_key` | String | no | Application ID of the OAuth application that should be used to authenticate with the GitLab for Jira Cloud app | | `jira_connect_proxy_url` | String | no | URL of the GitLab instance that should be used as a proxy for the GitLab for Jira Cloud app | +| `gitlab_shell_operation_limit` | integer | no | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/412088) Max number of Git operations per minute a user can perform. Default: 600 | ### Configure inactive project deletion diff --git a/doc/security/rate_limits.md b/doc/security/rate_limits.md index d835d8eb08c2ec..c65bbf5da029d8 100644 --- a/doc/security/rate_limits.md +++ b/doc/security/rate_limits.md @@ -73,24 +73,6 @@ For configuration information, see ## Non-configurable limits -### Git operations using SSH - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/78373) in GitLab 14.7 [with a flag](../administration/feature_flags.md) named `rate_limit_gitlab_shell`. Available by default without a feature flag from 15.8. - -GitLab applies rate limits to Git operations that use SSH by user account and project. When the rate limit is exceeded, GitLab rejects -further connection requests from that user for the project. - -The rate limit applies at the Git command ([plumbing](https://git-scm.com/book/en/v2/Git-Internals-Plumbing-and-Porcelain)) level. -Each command has a rate limit of 600 per minute. For example: - -- `git push` has a rate limit of 600 per minute. -- `git pull` has its own rate limit of 600 per minute. - -Because the same commands are shared by `git-upload-pack`, `git pull`, and `git clone`, they share a rate limit. - -The requests per minute threshold for this rate limit is not configurable. Self-managed customers can disable this -rate limit. - ### Repository archives > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25750) in GitLab 12.9. diff --git a/doc/user/admin_area/settings/gitlab_shell_operation_limits.md b/doc/user/admin_area/settings/gitlab_shell_operation_limits.md new file mode 100644 index 00000000000000..e8a10b90112aaa --- /dev/null +++ b/doc/user/admin_area/settings/gitlab_shell_operation_limits.md @@ -0,0 +1,33 @@ +--- +stage: Create +group: Source Code +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +type: reference +--- + +# Rate limits on GitLab Shell operation **(FREE SELF)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/78373) in GitLab 14.7 [with a flag](../../../administration/feature_flags.md) named `rate_limit_gitlab_shell`. Available by default without a feature flag from 15.8. + +GitLab applies rate limits to Git operations that use SSH by user account and project. When the rate limit is exceeded, GitLab rejects +further connection requests from that user for the project. + +The rate limit applies at the Git command ([plumbing](https://git-scm.com/book/en/v2/Git-Internals-Plumbing-and-Porcelain)) level. +Each command has a rate limit of 600 per minute. For example: + +- `git push` has a rate limit of 600 per minute. +- `git pull` has its own rate limit of 600 per minute. + +Because the same commands are shared by `git-upload-pack`, `git pull`, and `git clone`, they share a rate limit. + +Self-managed customers can disable this rate limit. + +## Configure GitLab Shell operation limit + +`Git operations using SSH` is enabled by default. Defaults to 600 per user per minute. + +1. On the top bar, select **Main menu > Admin**. +1. On the left sidebar, select **Settings > Network**. +1. Expand **Git operations using SSH rate limit**. +1. Enter a value for **Maximum number of Git operations per minute**. +1. Select **Save changes**. -- GitLab From f5f77f59a38bff7cf0e1f4e479dc71d440ae3eb2 Mon Sep 17 00:00:00 2001 From: Yongbo li <124553153@qq.com> Date: Fri, 23 Jun 2023 15:23:58 +0000 Subject: [PATCH 4/9] Apply 4 suggestion(s) to 3 file(s) --- .../_gitlab_shell_operation_limits.html.haml | 4 ++-- doc/api/settings.md | 2 +- spec/features/admin/admin_settings_spec.rb | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml index 153dbf5efcef8b..4b337f71c4613f 100644 --- a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml +++ b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml @@ -1,4 +1,4 @@ -%section.settings.as-gitlab-shell-operation-limits.no-animate#js-projects-api-limits-settings{ class: ('expanded' if expanded_by_default?) } +%section.settings.no-animate#js-gitlab-shell-operation-limits-settings{ class: ('expanded' if expanded_by_default?), 'data-testid': 'gitlab-shell-operation-limits' } .settings-header %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only = _('Git SSH operations rate limit') @@ -8,7 +8,7 @@ = _('Limit the number of Git operations per minute a user can perform per repository.') = link_to _('Learn more.'), help_page_path('user/admin_area/settings/gitlab_shell_operation_limits.md'), target: '_blank', rel: 'noopener noreferrer' .settings-content - = gitlab_ui_form_for @application_setting, url: network_admin_application_settings_path(anchor: 'js-projects-api-limits-settings'), html: { class: 'fieldset-form' } do |f| + = gitlab_ui_form_for @application_setting, url: network_admin_application_settings_path(anchor: 'js-gitlab-shell-operation-limits-settings'), html: { class: 'fieldset-form' } do |f| = form_errors(@application_setting) %fieldset diff --git a/doc/api/settings.md b/doc/api/settings.md index 37586aa84515b6..0fd5491fbbacc9 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -550,7 +550,7 @@ listed in the descriptions of the relevant settings. | `wiki_page_max_content_bytes` | integer | no | Maximum wiki page content size in **bytes**. Default: 52428800 Bytes (50 MB). The minimum value is 1024 bytes. | | `jira_connect_application_key` | String | no | Application ID of the OAuth application that should be used to authenticate with the GitLab for Jira Cloud app | | `jira_connect_proxy_url` | String | no | URL of the GitLab instance that should be used as a proxy for the GitLab for Jira Cloud app | -| `gitlab_shell_operation_limit` | integer | no | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/412088) Max number of Git operations per minute a user can perform. Default: 600 | +| `gitlab_shell_operation_limit` | integer | no | Max number of Git operations per minute a user can perform. Defaults to 600. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/412088) in GitLab 16.2. | ### Configure inactive project deletion diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb index a47e5f58c4d44e..7cbee63cc5ec45 100644 --- a/spec/features/admin/admin_settings_spec.rb +++ b/spec/features/admin/admin_settings_spec.rb @@ -778,7 +778,7 @@ it 'changes gitlab shell operation limits settings' do visit network_admin_application_settings_path - page.within('.as-gitlab-shell-operation-limits') do + page.within('[data-testid="gitlab-shell-operation-limits"]') do fill_in 'Maximum number of Git operations per minute', with: 100 click_button 'Save changes' end -- GitLab From 833c1bf42cde5d7ce16ec08d2b82283d2f952a0d Mon Sep 17 00:00:00 2001 From: Diana Zubova Date: Fri, 23 Jun 2023 15:29:18 +0000 Subject: [PATCH 5/9] Apply 3 suggestion(s) to 1 file(s) --- .../_gitlab_shell_operation_limits.html.haml | 6 +++--- app/views/admin/application_settings/network.html.haml | 1 - 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml index 4b337f71c4613f..20688e5c1ed284 100644 --- a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml +++ b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml @@ -1,11 +1,11 @@ %section.settings.no-animate#js-gitlab-shell-operation-limits-settings{ class: ('expanded' if expanded_by_default?), 'data-testid': 'gitlab-shell-operation-limits' } .settings-header %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only - = _('Git SSH operations rate limit') + = s_('ShellOperations|Git SSH operations rate limit') = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do = expanded_by_default? ? _('Collapse') : _('Expand') %p - = _('Limit the number of Git operations per minute a user can perform per repository.') + = s_('ShellOperations|Limit the number of Git operations per minute a user can perform per repository.') = link_to _('Learn more.'), help_page_path('user/admin_area/settings/gitlab_shell_operation_limits.md'), target: '_blank', rel: 'noopener noreferrer' .settings-content = gitlab_ui_form_for @application_setting, url: network_admin_application_settings_path(anchor: 'js-gitlab-shell-operation-limits-settings'), html: { class: 'fieldset-form' } do |f| @@ -13,7 +13,7 @@ %fieldset .form-group - = f.label :gitlab_shell_operation_limit, _('Maximum number of Git operations per minute'), class: 'label-bold' + = f.label :gitlab_shell_operation_limit, s_('ShellOperations|Maximum number of Git operations per minute'), class: 'gl-font-bold' = f.number_field :gitlab_shell_operation_limit, class: 'form-control gl-form-input' = f.submit _('Save changes'), pajamas_button: true diff --git a/app/views/admin/application_settings/network.html.haml b/app/views/admin/application_settings/network.html.haml index 8ad00d43cce312..3b9fb930fd7690 100644 --- a/app/views/admin/application_settings/network.html.haml +++ b/app/views/admin/application_settings/network.html.haml @@ -176,4 +176,3 @@ = render 'pipeline_limits' = render_if_exists 'admin/application_settings/ee_network_settings' - -- GitLab From 23f12f038399103857a249e7e56eb7564528307a Mon Sep 17 00:00:00 2001 From: lyb124553153 <124553153@qq.com> Date: Fri, 23 Jun 2023 23:46:29 +0800 Subject: [PATCH 6/9] Fix document --- doc/user/admin_area/settings/gitlab_shell_operation_limits.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/user/admin_area/settings/gitlab_shell_operation_limits.md b/doc/user/admin_area/settings/gitlab_shell_operation_limits.md index e8a10b90112aaa..caba54446905b3 100644 --- a/doc/user/admin_area/settings/gitlab_shell_operation_limits.md +++ b/doc/user/admin_area/settings/gitlab_shell_operation_limits.md @@ -26,8 +26,8 @@ Self-managed customers can disable this rate limit. `Git operations using SSH` is enabled by default. Defaults to 600 per user per minute. -1. On the top bar, select **Main menu > Admin**. +1. On the left sidebar, select **Your work > Admin Area**. 1. On the left sidebar, select **Settings > Network**. -1. Expand **Git operations using SSH rate limit**. +1. Expand **Git SSH operations rate limit**. 1. Enter a value for **Maximum number of Git operations per minute**. 1. Select **Save changes**. -- GitLab From b0c948ca1ab4025f099b35cb72b2c38d4c84a808 Mon Sep 17 00:00:00 2001 From: lyb124553153 <124553153@qq.com> Date: Sat, 24 Jun 2023 01:23:45 +0800 Subject: [PATCH 7/9] Generate i18n text --- locale/gitlab.pot | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 3256ec96ed5c13..e0df7aca3d9449 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -20371,9 +20371,6 @@ msgstr "" msgid "Git LFS status:" msgstr "" -msgid "Git SSH operations rate limit" -msgstr "" - msgid "Git global setup" msgstr "" @@ -27182,9 +27179,6 @@ msgstr "" msgid "Limit sign in from multiple IP addresses" msgstr "" -msgid "Limit the number of Git operations per minute a user can perform per repository." -msgstr "" - msgid "Limit the number of inbound incident management alerts that can be sent to a project." msgstr "" @@ -28000,9 +27994,6 @@ msgstr "" msgid "Maximum number of %{name} (%{count}) exceeded" msgstr "" -msgid "Maximum number of Git operations per minute" -msgstr "" - msgid "Maximum number of changes (branches or tags) in a single push above which a bulk push event is created (default is `3`). Setting to `0` does not disable throttling." msgstr "" @@ -42639,6 +42630,15 @@ msgstr "" msgid "SharedRunnersMinutesSettings|When you reset the compute usage for this namespace, the compute usage changes to zero." msgstr "" +msgid "ShellOperations|Git SSH operations rate limit" +msgstr "" + +msgid "ShellOperations|Limit the number of Git operations per minute a user can perform per repository." +msgstr "" + +msgid "ShellOperations|Maximum number of Git operations per minute" +msgstr "" + msgid "Shimo|Go to Shimo Workspace" msgstr "" -- GitLab From f33d57acaac6839381a574fd9536f31228e8945c Mon Sep 17 00:00:00 2001 From: Marcin Sedlak-Jakubowski Date: Tue, 27 Jun 2023 01:28:57 +0000 Subject: [PATCH 8/9] Apply 4 suggestion(s) to 3 file(s) --- .../_gitlab_shell_operation_limits.html.haml | 2 +- doc/api/settings.md | 2 +- doc/user/admin_area/settings/gitlab_shell_operation_limits.md | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml index 20688e5c1ed284..4a991d42b96f45 100644 --- a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml +++ b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml @@ -5,7 +5,7 @@ = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do = expanded_by_default? ? _('Collapse') : _('Expand') %p - = s_('ShellOperations|Limit the number of Git operations per minute a user can perform per repository.') + = s_('ShellOperations|Limit the number of Git operations a user can perform per minute, per repository.') = link_to _('Learn more.'), help_page_path('user/admin_area/settings/gitlab_shell_operation_limits.md'), target: '_blank', rel: 'noopener noreferrer' .settings-content = gitlab_ui_form_for @application_setting, url: network_admin_application_settings_path(anchor: 'js-gitlab-shell-operation-limits-settings'), html: { class: 'fieldset-form' } do |f| diff --git a/doc/api/settings.md b/doc/api/settings.md index 0fd5491fbbacc9..bf4d4c201f1aca 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -550,7 +550,7 @@ listed in the descriptions of the relevant settings. | `wiki_page_max_content_bytes` | integer | no | Maximum wiki page content size in **bytes**. Default: 52428800 Bytes (50 MB). The minimum value is 1024 bytes. | | `jira_connect_application_key` | String | no | Application ID of the OAuth application that should be used to authenticate with the GitLab for Jira Cloud app | | `jira_connect_proxy_url` | String | no | URL of the GitLab instance that should be used as a proxy for the GitLab for Jira Cloud app | -| `gitlab_shell_operation_limit` | integer | no | Max number of Git operations per minute a user can perform. Defaults to 600. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/412088) in GitLab 16.2. | +| `gitlab_shell_operation_limit` | integer | no | Maximum number of Git operations per minute a user can perform. Default: `600`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/412088) in GitLab 16.2. | ### Configure inactive project deletion diff --git a/doc/user/admin_area/settings/gitlab_shell_operation_limits.md b/doc/user/admin_area/settings/gitlab_shell_operation_limits.md index caba54446905b3..7c6a5df604019f 100644 --- a/doc/user/admin_area/settings/gitlab_shell_operation_limits.md +++ b/doc/user/admin_area/settings/gitlab_shell_operation_limits.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference --- -# Rate limits on GitLab Shell operation **(FREE SELF)** +# Rate limits on Git SSH operations **(FREE SELF)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/78373) in GitLab 14.7 [with a flag](../../../administration/feature_flags.md) named `rate_limit_gitlab_shell`. Available by default without a feature flag from 15.8. @@ -20,7 +20,7 @@ Each command has a rate limit of 600 per minute. For example: Because the same commands are shared by `git-upload-pack`, `git pull`, and `git clone`, they share a rate limit. -Self-managed customers can disable this rate limit. +Users on self-managed GitLab can disable this rate limit. ## Configure GitLab Shell operation limit -- GitLab From 486b409a4befd4ecac07e1dcd611e9649cb0a751 Mon Sep 17 00:00:00 2001 From: lyb124553153 <124553153@qq.com> Date: Tue, 27 Jun 2023 09:52:24 +0800 Subject: [PATCH 9/9] Fix document details --- .../_gitlab_shell_operation_limits.html.haml | 2 +- doc/security/rate_limits.md | 1 + ...operation_limits.md => rate_limits_on_git_ssh_operations.md} | 0 locale/gitlab.pot | 2 +- 4 files changed, 3 insertions(+), 2 deletions(-) rename doc/user/admin_area/settings/{gitlab_shell_operation_limits.md => rate_limits_on_git_ssh_operations.md} (100%) diff --git a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml index 4a991d42b96f45..4bd44b922fabd5 100644 --- a/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml +++ b/app/views/admin/application_settings/_gitlab_shell_operation_limits.html.haml @@ -6,7 +6,7 @@ = expanded_by_default? ? _('Collapse') : _('Expand') %p = s_('ShellOperations|Limit the number of Git operations a user can perform per minute, per repository.') - = link_to _('Learn more.'), help_page_path('user/admin_area/settings/gitlab_shell_operation_limits.md'), target: '_blank', rel: 'noopener noreferrer' + = link_to _('Learn more.'), help_page_path('user/admin_area/settings/rate_limits_on_git_ssh_operations.md'), target: '_blank', rel: 'noopener noreferrer' .settings-content = gitlab_ui_form_for @application_setting, url: network_admin_application_settings_path(anchor: 'js-gitlab-shell-operation-limits-settings'), html: { class: 'fieldset-form' } do |f| = form_errors(@application_setting) diff --git a/doc/security/rate_limits.md b/doc/security/rate_limits.md index c65bbf5da029d8..74d1226942ca53 100644 --- a/doc/security/rate_limits.md +++ b/doc/security/rate_limits.md @@ -39,6 +39,7 @@ You can set these rate limits in the Admin Area of your instance: - [User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md) - [Package registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) - [Git LFS rate limits](../user/admin_area/settings/git_lfs_rate_limits.md) +- [Rate limits on Git SSH operations](../user/admin_area/settings/rate_limits_on_git_ssh_operations.md) - [Files API rate limits](../user/admin_area/settings/files_api_rate_limits.md) - [Deprecated API rate limits](../user/admin_area/settings/deprecated_api_rate_limits.md) - [GitLab Pages rate limits](../administration/pages/index.md#rate-limits) diff --git a/doc/user/admin_area/settings/gitlab_shell_operation_limits.md b/doc/user/admin_area/settings/rate_limits_on_git_ssh_operations.md similarity index 100% rename from doc/user/admin_area/settings/gitlab_shell_operation_limits.md rename to doc/user/admin_area/settings/rate_limits_on_git_ssh_operations.md diff --git a/locale/gitlab.pot b/locale/gitlab.pot index e0df7aca3d9449..9ac4269fc18995 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -42633,7 +42633,7 @@ msgstr "" msgid "ShellOperations|Git SSH operations rate limit" msgstr "" -msgid "ShellOperations|Limit the number of Git operations per minute a user can perform per repository." +msgid "ShellOperations|Limit the number of Git operations a user can perform per minute, per repository." msgstr "" msgid "ShellOperations|Maximum number of Git operations per minute" -- GitLab