# License Compliance
> 原文:[https://docs.gitlab.com/ee/user/compliance/license_compliance/](https://docs.gitlab.com/ee/user/compliance/license_compliance/)
* [Overview](#overview)
* [Use cases](#use-cases)
* [Supported languages and package managers](#supported-languages-and-package-managers)
* [Experimental support](#experimental-support)
* [Requirements](#requirements)
* [Configuration](#configuration)
* [Available variables](#available-variables)
* [Installing custom dependencies](#installing-custom-dependencies)
* [Overriding the template](#overriding-the-template)
* [Configuring Maven projects](#configuring-maven-projects)
* [Using private Maven repos](#using-private-maven-repos)
* [Selecting the version of Python](#selecting-the-version-of-python)
* [Custom root certificates for Python](#custom-root-certificates-for-python)
* [Using private Python repos](#using-private-python-repos)
* [Configuring NPM projects](#configuring-npm-projects)
* [Using private NPM registries](#using-private-npm-registries)
* [Custom root certificates for NPM](#custom-root-certificates-for-npm)
* [Configuring Yarn projects](#configuring-yarn-projects)
* [Using private Yarn registries](#using-private-yarn-registries)
* [Custom root certificates for Yarn](#custom-root-certificates-for-yarn)
* [Configuring Bower projects](#configuring-bower-projects)
* [Using private Bower registries](#using-private-bower-registries)
* [Custom root certificates for Bower](#custom-root-certificates-for-bower)
* [Using private Bundler registries](#using-private-bundler-registries)
* [Custom root certificates for Bundler](#custom-root-certificates-for-bundler)
* [Configuring Conan projects](#configuring-conan-projects)
* [Using private Conan registries](#using-private-conan-registries)
* [Custom root certificates for Conan](#custom-root-certificates-for-conan)
* [Configuring Go projects](#configuring-go-projects)
* [Using private Go registries](#using-private-go-registries)
* [Custom root certificates for Go](#custom-root-certificates-for-go)
* [Using private NuGet registries](#using-private-nuget-registries)
* [Custom root certificates for NuGet](#custom-root-certificates-for-nuget)
* [Migration from `license_management` to `license_scanning`](#migration-from-license_management-to-license_scanning)
* [Running License Compliance in an offline environment](#running-license-compliance-in-an-offline-environment)
* [Requirements for offline License Compliance](#requirements-for-offline-license-compliance)
* [Make GitLab License Compliance analyzer images available inside your Docker registry](#make-gitlab-license-compliance-analyzer-images-available-inside-your-docker-registry)
* [Set License Compliance CI job variables to use local License Compliance analyzers](#set-license-compliance-ci-job-variables-to-use-local-license-compliance-analyzers)
* [License list](#license-list)
* [Policies](#policies)
* [Enabling License Approvals within a project](#enabling-license-approvals-within-a-project)
* [Troubleshooting](#troubleshooting)
* [`ERROR -- : asdf: No preset version installed for command`](#error-----asdf-no-preset-version-installed-for-command)
# License Compliance[](#license-compliance-ultimate "Permalink")
[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5483) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.0.
## Overview[](#overview "Permalink")
如果您使用的是[GitLab CI / CD](../../../ci/README.html) ,則可以使用許可證合規性在項目依賴項中搜索其許可證.
您可以通過[將作業包括](#configuration)在現有的`.gitlab-ci.yml`文件中,或者隱式使用[Auto DevOps](../../../topics/autodevops/index.html)提供的[自動](../../../topics/autodevops/index.html) [許可證合規性](../../../topics/autodevops/stages.html#auto-license-compliance-ultimate)來利用[許可證合規性](../../../topics/autodevops/stages.html#auto-license-compliance-ultimate) .
GitLab 檢查"許可證合規性"報告,比較源分支機構和目標分支機構之間的許可證,并在合并請求中顯示信息. 拒絕許可證將有清晰可見的`x`紅色圖標旁邊還有哪些需要從你決定新的許可證. 此外,您可以在項目的許可證合規性政策部分中[手動允許或拒絕](#policies)許可證.
**注意:**如果許可證合規性報告沒有可比較的內容,則合并請求區域中將不會顯示任何信息. 第一次在`.gitlab-ci.yml`添加`license_scanning`作業時就是這種情況. 連續的合并請求將具有可比性,并且許可證合規性報告將正確顯示.
[](img/license_compliance_v13_0.png)
如果您是項目或組維護者,則可以單擊許可證以選擇允許或拒絕.
[](img/license_compliance_decision_v13_0.png)
當 GitLab 檢測到**拒絕的**許可證時,您可以在[許可證列表中](#license-list)查看它.
[](img/license_list_v13_0.png)
您可以從" [策略"](#policies)選項卡查看和修改現有策略.
[](img/policies_maintainer_edit_v13_2.png)
## Use cases[](#use-cases "Permalink")
It helps you find what licenses your project uses in its dependencies, and decide for each of then whether to allow it or forbid it. For example, your application is using an external (open source) library whose license is incompatible with yours.
## Supported languages and package managers[](#supported-languages-and-package-managers "Permalink")
支持以下語言和程序包管理器.
| Language | 包裝經理 | 掃描工具 |
| --- | --- | --- |
| JavaScript | [Bower](https://bower.io/), [npm](https://s0www0npmjs0com.icopy.site/) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| Go | [Godep](https://github.com/tools/godep), [go mod](https://github.com/golang/go/wiki/Modules) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| Java | [Gradle](https://s0gradle0org.icopy.site/), [Maven](https://maven.apache.org/) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| .NET | [Nuget](https://www.nuget.org/) (.NET Framework 通過[mono 項目](https://www.mono-project.com/)支持.目前不支持 Windows 特定的依賴項.) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| Python | [pip](https://pip.pypa.io/en/stable/) (通過[requirements.txt](https://pip.pypa.io/en/stable/user_guide/#requirements-files)和[Pipfile.lock](https://github.com/pypa/pipfile#pipfilelock)支持 Python.) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| Ruby | [gem](https://rubygems.org/) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| 的 Objective-C,斯威夫特 | [Carthage](https://github.com/Carthage/Carthage) | [License Finder](https://github.com/pivotal/LicenseFinder) |
**Note:**
不支持 Java 8 和 Gradle 1.x 項目.
### Experimental support[](#experimental-support "Permalink")
[實驗性支持](https://github.com/pivotal/LicenseFinder#experimental-project-types)以下語言和程序包管理器,這意味著報告的許可證可能不完整或不準確.
| Language | 包裝經理 | 掃描工具 |
| --- | --- | --- |
| JavaScript | [yarn](https://yarnpkg.com/) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| Go | 去獲取,gvt,滑行,部門,垃圾,govendor | [License Finder](https://github.com/pivotal/LicenseFinder) |
| Erlang | [rebar](https://www.rebar3.org/) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| 的 Objective-C,斯威夫特 | [CocoaPods](https://cocoapods.org/) v0.39 及以下 | [License Finder](https://github.com/pivotal/LicenseFinder) |
| Elixir | [mix](https://s0elixir-lang0org.icopy.site/getting-started/mix-otp/introduction-to-mix.html) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| C++/C | [conan](https://conan.io/) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| Scala | [sbt](https://www.scala-sbt.org/) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| Rust | [cargo](https://crates.io) | [License Finder](https://github.com/pivotal/LicenseFinder) |
| PHP | [composer](https://s0getcomposer0org.icopy.site/) | [License Finder](https://github.com/pivotal/LicenseFinder) |
## Requirements[](#requirements "Permalink")
要運行許可證合規性掃描作業,您需要具有[`docker` executor 的](https://docs.gitlab.com/runner/executors/docker.html) GitLab Runner.
## Configuration[](#configuration "Permalink")
對于 GitLab 12.8 及更高版本,要啟用許可證合規性,您必須[包括](../../../ci/yaml/README.html#includetemplate)在 GitLab 安裝過程中提供的[`License-Scanning.gitlab-ci.yml`模板](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml) . 對于從 11.9 到 12.7 的較舊版本的 GitLab,您必須[包括](../../../ci/yaml/README.html#includetemplate) [`License-Management.gitlab-ci.yml`模板](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/License-Management.gitlab-ci.yml) . 對于 11.9 之前的 GitLab 版本,您可以復制和使用該模板中定義的作業.
**注意:** GitLab 13.0 刪除了`License-Management.gitlab-ci.yml`模板. 請改用`License-Scanning.gitlab-ci.yml` .
將以下內容添加到您的`.gitlab-ci.yml`文件中:
```
include:
- template: License-Scanning.gitlab-ci.yml
```
The included template will create a `license_scanning` job in your CI/CD pipeline and scan your dependencies to find their licenses.
**注意:**在 GitLab 12.8 之前, `license_scanning`作業名為`license_management` . GitLab 13.0 刪除了`license_management`作業,因此建議您遷移到`license_scanning`作業,并使用新的`License-Scanning.gitlab-ci.yml`模板.
結果將保存為" [許可證合規性"報告工件](../../../ci/pipelines/job_artifacts.html#artifactsreportslicense_scanning-ultimate) ,您以后可以下載和分析該[工件](../../../ci/pipelines/job_artifacts.html#artifactsreportslicense_scanning-ultimate) . 由于實施限制,我們始終采用最新的許可證合規性工件. 在后臺, [GitLab 許可證合規性 Docker 映像](https://gitlab.com/gitlab-org/security-products/license-management)用于檢測語言/框架,進而分析許可證.
可以使用`.gitlab-ci.yml`的[`variables`](../../../ci/yaml/README.html#variables)參數通過[環境變量](#available-variables)來更改許可合規性設置.
### Available variables[](#available-variables "Permalink")
可以使用環境變量來配置許可證合規性.
| 環境變量 | Required | Description |
| --- | --- | --- |
| `ADDITIONAL_CA_CERT_BUNDLE` | no | 捆綁的可信 CA 證書(當前在 Pip,Pipenv,Maven,Gradle,Yarn 和 NPM 項目中受支持). |
| `ASDF_JAVA_VERSION` | no | 用于掃描的 Java 版本. |
| `ASDF_NODEJS_VERSION` | no | 用于掃描的 Node.js 版本. |
| `ASDF_PYTHON_VERSION` | no | 用于掃描的 Python 版本. |
| `ASDF_RUBY_VERSION` | no | 用于掃描的 Ruby 版本. |
| `GRADLE_CLI_OPTS` | no | gradle 可執行文件的其他參數. 如果未提供,則默認為`--exclude-task=test` . |
| `LICENSE_FINDER_CLI_OPTS` | no | `license_finder`可執行文件的其他參數. 例如,如果您的項目同時在不同的目錄中存儲了 Golang 和 Ruby 代碼,并且您只想掃描 Ruby 代碼,則可以更新`.gitlab-ci-yml`模板以指定要掃描的項目目錄,例如`LICENSE_FINDER_CLI_OPTS: '--debug --aggregate-paths=. ruby'` `LICENSE_FINDER_CLI_OPTS: '--debug --aggregate-paths=. ruby'` . |
| `LM_JAVA_VERSION` | no | Java 版本. 如果設置為`11` ,則 Maven 和 Gradle 使用 Java 11 而不是 Java 8. |
| `LM_PYTHON_VERSION` | no | Python 版本. 如果設置為`3` ,則將使用 Python 3 而非 Python 2.7 安裝依賴項. |
| `MAVEN_CLI_OPTS` | no | mvn 可執行文件的附加參數. 如果未提供,則默認為`-DskipTests` . |
| `PIP_INDEX_URL` | no | Python 軟件包索引的基本 URL(默認值: `https://pypi.org/simple/` : `https://pypi.org/simple/` ). |
| `SECURE_ANALYZERS_PREFIX` | no | 設置 Docker 注冊表基地址以從中下載分析器. |
| `SETUP_CMD` | no | 依賴項安裝的自定義設置(實驗性). |
### Installing custom dependencies[](#installing-custom-dependencies "Permalink")
在[GitLab Ultimate](https://about.gitlab.com/pricing/) 11.4 中引入.
`license_management`映像已經嵌入了許多自動檢測腳本,語言和軟件包. 但是,幾乎不可能涵蓋所有項目的所有案例. 這就是為什么有時需要安裝額外的程序包,或在項目自動設置中進行額外步驟的原因,例如證書的下載和安裝. 為此,可以將`LICENSE_MANAGEMENT_SETUP_CMD`環境變量與所需的命令一起傳遞到容器,以在許可證檢測之前運行.
如果存在,則此變量將覆蓋安裝應用程序所有軟件包所必需的設置步驟(例如:對于具有`Gemfile`的項目,設置步驟可以為`bundle install` ).
例如:
```
include:
- template: License-Scanning.gitlab-ci.yml
variables:
LICENSE_MANAGEMENT_SETUP_CMD: sh my-custom-install-script.sh
```
在此示例中, `my-custom-install-script.sh`是項目根目錄下的 shell 腳本.
### Overriding the template[](#overriding-the-template "Permalink")
**棄用:**從 GitLab 13.0 開始,不再支持[`only`和`except`](../../../ci/yaml/README.html#onlyexcept-basic)的使用. 覆蓋模板時,必須使用[`rules`](../../../ci/yaml/README.html#rules) .
如果要覆蓋作業定義(例如,更改諸如`variables`或`dependencies`類的屬性),則需要在包含模板之后聲明一個`license_scanning`作業,并在其下指定任何其他鍵. 例如:
```
include:
- template: License-Scanning.gitlab-ci.yml
license_scanning:
variables:
CI_DEBUG_TRACE: "true"
```
### Configuring Maven projects[](#configuring-maven-projects "Permalink")
許可證合規性工具提供了一個`MAVEN_CLI_OPTS`環境變量,該變量可以保存命令行參數,以傳遞給在`MAVEN_CLI_OPTS`執行的`mvn install`命令. 隨意使用它來定制 Maven 執行. 例如:
```
include:
- template: License-Scanning.gitlab-ci.yml
license_scanning:
variables:
MAVEN_CLI_OPTS: --debug
```
`mvn install`過所有的運行[構建生命周期](http://maven.apache.org/guides/introduction/introduction-to-the-lifecycle.html)前階段的`install` ,包括`test` . 出于許可證掃描的目的,運行單元測試不是直接必要的,并且會浪費時間,因此可以通過將`MAVEN_CLI_OPTS`的默認值`MAVEN_CLI_OPTS`為`-DskipTests`跳過它. 如果要提供自定義的`MAVEN_CLI_OPTS`并同時跳過測試,請不要忘記將`-DskipTests`顯式添加到您的選項中. 如果在`mvn install`期間仍然需要運行測試,則將`-DskipTests=false`添加到`MAVEN_CLI_OPTS` .
#### Using private Maven repos[](#using-private-maven-repos "Permalink")
如果您有需要登錄憑據的私有 Maven 存儲庫,則可以使用`MAVEN_CLI_OPTS`環境變量.
閱讀更多有關[如何使用私有 Maven 倉庫的信息](../../application_security/index.html#using-private-maven-repos) .
您還可以使用`MAVEN_CLI_OPTS`連接到使用自簽名或內部受信任證書的受信任 Maven 存儲庫. 例如:
```
include:
- template: License-Scanning.gitlab-ci.yml
license_scanning:
variables:
MAVEN_CLI_OPTS: -Dmaven.wagon.http.ssl.allowall=true -Dmaven.wagon.http.ssl.ignore.validity.dates=true -Dmaven.wagon.http.ssl.insecure=true
```
或者,您可以使用 Java 密鑰存儲來驗證 TLS 連接. 有關如何生成密鑰存儲文件的說明,請參閱《 [Maven 通過身份驗證的 HTTPS 進行遠程存儲庫訪問指南》](http://maven.apache.org/guides/mini/guide-repository-ssl.html) .
### Selecting the version of Python[](#selecting-the-version-of-python "Permalink")
版本歷史
* 在[GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0 中[引入](https://gitlab.com/gitlab-org/security-products/license-management/-/merge_requests/36) .
* 在[GitLab 12.2 中](https://gitlab.com/gitlab-org/gitlab/-/issues/12032) ,Python 3.5 成為默認設置.
* 在[GitLab 12.7 中](https://gitlab.com/gitlab-org/security-products/license-management/-/merge_requests/101) ,Python 3.8 成為默認設置.
默認情況下,許可證合規性使用 Python 3.8 和 pip 19.1\. 如果您的項目需要 Python 2,則可以通過將`LM_PYTHON_VERSION`環境變量設置為`2`來切換到 Python 2.7 和 pip 10.0.
```
include:
- template: License-Scanning.gitlab-ci.yml
license_scanning:
variables:
LM_PYTHON_VERSION: 2
```
### Custom root certificates for Python[](#custom-root-certificates-for-python "Permalink")
您可以使用`ADDITIONAL_CA_CERT_BUNDLE` [環境變量](#available-variables)提供自定義根證書來完成 TLS 驗證.
要繞過 TLS 驗證,可以使用自定義[`pip.conf`](https://pip.pypa.io/en/stable/user_guide/#config-file)文件來配置受信任的主機.
以下`gitlab-ci.yml`文件使用[`before_script`](../../../ci/yaml/README.html#before_script-and-after_script)注入自定義[`pip.conf`](https://pip.pypa.io/en/stable/user_guide/#config-file) :
```
include:
- template: License-Scanning.gitlab-ci.yml
license_scanning:
variables:
PIP_INDEX_URL: 'https://pypi.example.com/simple/'
before_script:
- mkdir -p ~/.config/pip/
- cp pip.conf ~/.config/pip/pip.conf
```
[`pip.conf`](https://pip.pypa.io/en/stable/reference/pip/)允許您指定[受信任主機](https://pip.pypa.io/en/stable/reference/pip/#cmdoption-trusted-host)的列表:
```
[global]
trusted-host = pypi.example.com
```
#### Using private Python repos[](#using-private-python-repos "Permalink")
如果您擁有專用的 Python 存儲庫,則可以使用`PIP_INDEX_URL` [環境變量](#available-variables)來指定其位置. 也可以提供自定義的`pip.conf`進行[其他配置](#custom-root-certificates-for-python) .
### Configuring NPM projects[](#configuring-npm-projects "Permalink")
您可以使用[`.npmrc`](https://s0docs0npmjs0com.icopy.site/configuring-npm/npmrc.html)文件配置 NPM 項目.
#### Using private NPM registries[](#using-private-npm-registries "Permalink")
如果您有私有 NPM 注冊表,則可以使用[`registry`](https://s0docs0npmjs0com.icopy.site/using-npm/config)設置來指定其位置.
例如:
```
registry = https://npm.example.com
```
#### Custom root certificates for NPM[](#custom-root-certificates-for-npm "Permalink")
您可以使用`ADDITIONAL_CA_CERT_BUNDLE` [環境變量](#available-variables)提供自定義根證書來完成 TLS 驗證.
要禁用 TLS 驗證,您可以提供[`strict-ssl`](https://s0docs0npmjs0com.icopy.site/using-npm/config)設置.
例如:
```
strict-ssl = false
```
### Configuring Yarn projects[](#configuring-yarn-projects "Permalink")
您可以使用[`.yarnrc.yml`](https://yarnpkg.com/configuration/yarnrc)文件配置 Yarn 項目.
#### Using private Yarn registries[](#using-private-yarn-registries "Permalink")
如果您有專用的 Yarn 注冊表,則可以使用[`npmRegistryServer`](https://yarnpkg.com/configuration/yarnrc#npmRegistryServer)設置來指定其位置.
例如:
```
npmRegistryServer: "https://npm.example.com"
```
#### Custom root certificates for Yarn[](#custom-root-certificates-for-yarn "Permalink")
您可以使用`ADDITIONAL_CA_CERT_BUNDLE` [環境變量](#available-variables)提供自定義根證書來完成 TLS 驗證.
### Configuring Bower projects[](#configuring-bower-projects "Permalink")
您可以使用[`.bowerrc`](https://bower.io/docs/config/#bowerrc-specification)文件配置 Bower 項目.
#### Using private Bower registries[](#using-private-bower-registries "Permalink")
如果您有專用的 Bower 注冊表,則可以使用[`registry`](https://bower.io/docs/config/#bowerrc-specification)設置來指定其位置.
例如:
```
{
"registry": "https://registry.bower.io"
}
```
#### Custom root certificates for Bower[](#custom-root-certificates-for-bower "Permalink")
您可以使用`ADDITIONAL_CA_CERT_BUNDLE` [環境變量](#available-variables)或在[`.bowerrc`](https://bower.io/docs/config/#bowerrc-specification)文件中指定`ca`設置來提供自定義根證書來完成 TLS 驗證.
#### Using private Bundler registries[](#using-private-bundler-registries "Permalink")
如果您有私人的 Bundler 注冊表,則可以使用[`source`](https://bundler.io/man/gemfile.5.html#GLOBAL-SOURCES)設置來指定其位置.
例如:
```
source "https://gems.example.com"
```
#### Custom root certificates for Bundler[](#custom-root-certificates-for-bundler "Permalink")
您可以使用`ADDITIONAL_CA_CERT_BUNDLE` [環境變量](#available-variables)或在作業定義中指定[`BUNDLE_SSL_CA_CERT`](https://bundler.io/v2.0/man/bundle-config.1.html) [環境變量](../../../ci/variables/README.html#custom-environment-variables)來提供自定義根證書來完成 TLS 驗證.
### Configuring Conan projects[](#configuring-conan-projects "Permalink")
您可以通過將`.conan`目錄添加到項目根目錄來配置[Conan](https://conan.io/)項目. 項目根用作[`CONAN_USER_HOME`](https://docs.conan.io/en/latest/reference/env_vars.html#conan-user-home) .
Consult the [Conan](https://docs.conan.io/en/latest/reference/config_files/conan.conf.html#conan-conf) documentation for a list of settings that you can apply.
`license_scanning`作業在[Debian 10](https://www.debian.org/releases/buster/) Docker 映像中運行. 提供的映像附帶了一些構建工具,例如[CMake](https://cmake.org/)和[GCC](https://gcc.gnu.org/) . 但是,默認情況下不支持所有項目類型. 要安裝編譯依賴關系所需的其他工具,請使用[`before_script`](../../../ci/yaml/README.html#before_script-and-after_script)使用[`apt`](https://wiki.debian.org/PackageManagementTools)軟件包管理器安裝必要的構建工具. 有關完整列表,請參閱[柯南文檔](https://docs.conan.io/en/latest/introduction.html#all-platforms-all-build-systems-and-compilers) .
默認的[柯南](https://conan.io/)配置將[`CONAN_LOGIN_USERNAME`](https://docs.conan.io/en/latest/reference/env_vars.html#conan-login-username-conan-login-username-remote-name)設置為`ci_user` ,并將[`CONAN_PASSWORD`](https://docs.conan.io/en/latest/reference/env_vars.html#conan-password-conan-password-remote-name)綁定到[`CI_JOB_TOKEN`](../../../ci/variables/predefined_variables.html)以用于正在運行的作業. 如果在`.conan/remotes.json`文件中指定了 GitLab 遙控器,則這允許 Conan 項目從[GitLab 科南存儲庫中](../../packages/conan_repository/#fetching-conan-package-information-from-the-gitlab-package-registry)獲取軟件包.
要覆蓋默認憑據,請指定一個[`CONAN_LOGIN_USERNAME_{REMOTE_NAME}`](https://docs.conan.io/en/latest/reference/env_vars.html#conan-login-username-conan-login-username-remote-name)與`.conan/remotes.json`文件中指定的遠程名稱匹配.
**注意:**不支持[MSBuild](https://github.com/mono/msbuild#microsoftbuild-msbuild)項目. `license_scanning`映像隨[Mono](https://www.mono-project.com/)和[MSBuild 一起提供](https://github.com/mono/msbuild#microsoftbuild-msbuild) . 可能需要其他設置才能生成此項目配置的軟件包.
#### Using private Conan registries[](#using-private-conan-registries "Permalink")
默認情況下, [柯南](https://conan.io/)使用[柯南](https://conan.io/) `conan-center`遙控器. 例如:
```
{ "remotes": [ { "name": "conan-center", "url": "https://conan.bintray.com", "verify_ssl": true } ] }
```
要從備用遠程獲取依賴項,請在`.conan/remotes.json`指定該遠程. 例如:
```
{ "remotes": [ { "name": "gitlab", "url": "https://gitlab.com/api/v4/packages/conan", "verify_ssl": true } ] }
```
如果需要使用憑據進行身份驗證,則可以按照[`CONAN_LOGIN_USERNAME`文檔中](https://docs.conan.io/en/latest/reference/env_vars.html#conan-login-username-conan-login-username-remote-name)描述的命名約定配置[受保護的變量](../../../ci/variables/README.html#protect-a-custom-variable) .
#### Custom root certificates for Conan[](#custom-root-certificates-for-conan "Permalink")
您可以通過將`.conan/cacert.pem`文件添加到項目根目錄并將[`CA_CERT_PATH`](https://docs.conan.io/en/latest/reference/env_vars.html#conan-cacert-path)設置為`.conan/cacert.pem`來提供自定義證書.
如果您指定`ADDITIONAL_CA_CERT_BUNDLE` [環境變量](#available-variables) ,則此變量的 X.509 證書將安裝在 Docker 映像的默認信任庫中,并且 Conan 配置為將其用作默認`CA_CERT_PATH` .
### Configuring Go projects[](#configuring-go-projects "Permalink")
要配置基于[Go 模塊](https://github.com/golang/go/wiki/Modules)的項目,請在`.gitlab-ci.yml`的`license_scanning`作業的[變量](#available-variables)部分中指定[環境變量](https://s0golang0org.icopy.site/pkg/cmd/go/) .
如果項目已[供應了](https://s0golang0org.icopy.site/pkg/cmd/go/)其模塊,則使用`vendor`目錄和`mod.sum`文件的組合來檢測與 Go 模塊依賴關系相關的軟件許可證.
#### Using private Go registries[](#using-private-go-registries "Permalink")
您可以使用[`GOPRIVATE`](https://s0golang0org.icopy.site/pkg/cmd/go/)和[`GOPROXY`](https://s0golang0org.icopy.site/pkg/cmd/go/)環境變量來控制模塊的來源. 另外,您可以使用[`go mod vendor`](https://s0golang0org.icopy.site/ref/mod)來供應項目的模塊.
#### Custom root certificates for Go[](#custom-root-certificates-for-go "Permalink")
您可以通過導出[`GOFLAGS`](https://s0golang0org.icopy.site/cmd/go/)環境變量來指定[`-insecure`](https://s0golang0org.icopy.site/pkg/cmd/go/internal/get/)標志. 例如:
```
include:
- template: License-Scanning.gitlab-ci.yml
license_scanning:
variables:
GOFLAGS: '-insecure'
```
#### Using private NuGet registries[](#using-private-nuget-registries "Permalink")
如果您擁有私有的 NuGet 注冊表,則可以通過將其添加到[`nuget.config`](https://docs.microsoft.com/en-us/nuget/reference/nuget-config-file)文件的[`packageSources`](https://docs.microsoft.com/en-us/nuget/reference/nuget-config-file#package-source-sections)部分中來將其添加為源.
例如:
```
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<clear />
<add key="custom" value="https://nuget.example.com/v3/index.json" />
</packageSources>
</configuration>
```
#### Custom root certificates for NuGet[](#custom-root-certificates-for-nuget "Permalink")
您可以使用`ADDITIONAL_CA_CERT_BUNDLE` [環境變量](#available-variables)提供自定義根證書來完成 TLS 驗證.
### Migration from `license_management` to `license_scanning`[](#migration-from-license_management-to-license_scanning "Permalink")
在 GitLab 12.8 中,引入了`license_management`作業的新名稱. 進行此更改是為了提高掃描目的的清晰度,即掃描并收集項目依賴項中存在的許可證類型. GitLab 13.0 放棄了對`license_management`支持. 如果您使用自定義設置來實現"許可證合規性",則需要相應地更新 CI 配置:
1. 將 CI 模板更改為`License-Scanning.gitlab-ci.yml` .
2. 將作業名稱更改為`license_scanning` (如果在`.gitlab-ci.yml`提到了該`.gitlab-ci.yml` ).
3. 將工件名稱更改為`license_scanning` ,并將文件名稱更改為`gl-license-scanning-report.json` (如果在`.gitlab-ci.yml`中`.gitlab-ci.yml` ).
例如,以下`.gitlab-ci.yml` :
```
include:
- template: License-Management.gitlab-ci.yml
license_management:
artifacts:
reports:
license_management: gl-license-management-report.json
```
應更改為:
```
include:
- template: License-Scanning.gitlab-ci.yml
license_scanning:
artifacts:
reports:
license_scanning: gl-license-scanning-report.json
```
如果您在 GitLab 13.0 或更高版本中使用`license_management`工件,則"許可證合規性"作業將產生以下錯誤:
```
WARNING: Uploading artifacts to coordinator... failed id=:id responseStatus=400 Bad Request status=400 Bad Request token=:sha
FATAL: invalid_argument
```
如果遇到此錯誤,請按照本節中的說明進行操作.
## Running License Compliance in an offline environment[](#running-license-compliance-in-an-offline-environment "Permalink")
對于在通過互聯網有限,受限或間歇性訪問外部資源的環境中進行自我管理的 GitLab 實例,需要進行一些調整才能成功運行許可合規性工作. 有關更多信息,請參閱[脫機環境](../../application_security/offline_deployments/index.html) .
### Requirements for offline License Compliance[](#requirements-for-offline-license-compliance "Permalink")
要在離線環境中使用許可證合規性,您需要:
* GitLab 亞軍與[`docker`或`kubernetes`執行](#requirements) .
* Docker 容器注冊表,其中包含許可證合規性[分析器](https://gitlab.com/gitlab-org/security-products/analyzers)映像的本地可用副本.
**注意:** GitLab Runner 的[默認`pull policy`為`always`](https://docs.gitlab.com/runner/executors/docker.html) ,這意味著即使本地副本可用,Runner 也會嘗試從 GitLab 容器注冊表中拉取 Docker 映像. 如果您只喜歡使用本地可用的 Docker 映像,則可以在離線環境[`pull_policy`](https://docs.gitlab.com/runner/executors/docker.html) GitLab Runner 的[`pull_policy`設置為`if-not-present`](https://docs.gitlab.com/runner/executors/docker.html) . 但是,如果不在離線環境中,我們建議將拉取策略設置保持為`always` ,因為這樣可以在 CI / CD 管道中使用更新的掃描儀.
### Make GitLab License Compliance analyzer images available inside your Docker registry[](#make-gitlab-license-compliance-analyzer-images-available-inside-your-docker-registry "Permalink")
要使用所有[支持的語言和程序包管理器進行](#supported-languages-and-package-managers)許可證合規性檢查,請將以下默認許可證合規性分析器映像從`registry.gitlab.com`導入到您的離線[本地 Docker 容器注冊表中](../../packages/container_registry/index.html) :
```
registry.gitlab.com/gitlab-org/security-products/license-management:latest
```
將 Docker 映像導入本地脫機 Docker 注冊表的過程取決于**您的網絡安全策略** . 請咨詢您的 IT 員工,以找到可以導入或臨時訪問外部資源的已接受和批準的流程. 請注意,這些掃描程序會[定期](../../application_security/index.html#maintenance-and-update-of-the-vulnerabilities-database)使用新定義進行[更新](../../application_security/index.html#maintenance-and-update-of-the-vulnerabilities-database) ,因此請考慮您是否能夠自己進行定期更新.
有關將 Docker 映像保存和傳輸為文件的詳細信息,請參閱 Docker 有關[`docker save`](https://s0docs0docker0com.icopy.site/engine/reference/commandline/save/) , [`docker load`](https://s0docs0docker0com.icopy.site/engine/reference/commandline/load/) , [`docker export`](https://s0docs0docker0com.icopy.site/engine/reference/commandline/export/)和[`docker import`](https://s0docs0docker0com.icopy.site/engine/reference/commandline/import/)的文檔.
### Set License Compliance CI job variables to use local License Compliance analyzers[](#set-license-compliance-ci-job-variables-to-use-local-license-compliance-analyzers "Permalink")
將以下配置添加到您的`.gitlab-ci.yml`文件. 您必須替換`image`以引用本地 Docker 容器注冊表中托管的 License Compliance Docker 映像:
```
include:
- template: License-Scanning.gitlab-ci.yml
license_scanning:
image:
name: localhost:5000/analyzers/license-management:latest
```
現在,"許可證合規性"作業應使用"許可證合規性"分析器的本地副本來掃描您的代碼并生成安全報告,而無需訪問 Internet.
連接到[私有 Bower 注冊表](#using-private-bower-registries) , [私有 Bundler 注冊表](#using-private-bundler-registries) , [私有 Conan 注冊表](#using-private-bower-registries) , [私有 Go 注冊表](#using-private-go-registries) , [私有 Maven 倉庫](#using-private-maven-repos) , [私有 NPM 注冊表](#using-private-npm-registries) , [私有 Python 倉庫](#using-private-python-repos)和[私有 Yarn 注冊表時](#using-private-yarn-registries) ,可能需要附加配置.
在脫機環境中運行時, [項目策略](#policies)必須與名稱完全匹配( [請參閱相關問題](https://gitlab.com/gitlab-org/gitlab/-/issues/212388) ).
## License list[](#license-list "Permalink")
[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13582) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.7.
許可證列表允許您查看項目的許可證以及有關許可證的關鍵詳細信息.
為了使許可證出現在許可證列表下,必須滿足以下要求:
1. 必須為您的項目[配置](#configuration)許可證合規性 CI 作業.
2. 您的項目必須至少使用一種[受支持的語言和程序包管理器](#supported-languages-and-package-managers) .
設置完所有內容后,請在項目的側邊欄中導航至" **安全性和合規性">"許可證合規性"** ,您將看到顯示的許可證,其中:
* **名稱:**許可證名稱.
* **Component:** The components which have this license.
* **違反政策:**許可證的[許可證政策](#policies)標記為**拒絕** .
[](img/license_list_v13_0.png)
## Policies[](#policies "Permalink")
[Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/22465) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.9.
通過" **策略"**選項卡,您可以查看項目的軟件許可證策略以及每個策略的關聯分類.
可以由項目的維護者配置策略.
[](img/policies_maintainer_edit_v13_2.png) [](img/policies_maintainer_add_v13_2.png)
項目的開發人員可以查看項目中配置的策略.
[](img/policies_v13_0.png)
### Enabling License Approvals within a project[](#enabling-license-approvals-within-a-project "Permalink")
[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13067) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.3.
`License-Check`是一個批準規則,您可以啟用它來允許批準人,個人或組批準包含`denied`許可證的合并請求.
您可以啟用`License-Check`的兩種方式之一:
* 使用區分大小寫的名稱`License-Check`創建[項目批準規則](../../project/merge_requests/merge_request_approvals.html#multiple-approval-rules-premium) .
* 在[項目策略部分中為許可合規](#policies)創建批準組. 您必須將此批準組的所需批準數量設置為大于零. 在項目中啟用該組后,將為所有合并請求啟用批準規則.
任何代碼更改都會導致重置所需的批準.
許可證報告如下時,需要批準:
* 包含包含被`denied`的軟件許可證的依賴項.
* 在管道執行期間未生成.
許可證報告如下時,批準是可選的:
* 不包含任何違反軟件許可證的行為.
* Contains only new licenses that are `allowed` or unknown.
## Troubleshooting[](#troubleshooting "Permalink")
### `ERROR -- : asdf: No preset version installed for command`[](#error-----asdf-no-preset-version-installed-for-command "Permalink")
當項目使用的工具的版本與`license_scanning` Docker 映像中可用的預安裝工具的版本不匹配時,會發生此錯誤. `license_scanning`作業使用[asdf-vm](https://asdf-vm.com/)來激活項目所依賴的工具的適當版本. 例如,如果您的項目依賴于特定版本的[Node.js](https://s0nodejs0org.icopy.site/)或任何其他受支持的工具,則可以通過向項目中添加[`.tool-versions`](https://asdf-vm.com/#/core-configuration?id=tool-versions)文件或使用適當的[`ASDF_<tool>_VERSION`](https://asdf-vm.com/#/core-configuration?id=environment-variables)環境變量來激活所需的版本,從而指定所需的版本.適當的版本.
例如,以下`.tool-versions`文件將激活[Node.js 的](https://s0nodejs0org.icopy.site/) `12.16.3`版和[Ruby 的](https://www.ruby-lang.org/) `2.6.6`版.
```
nodejs 12.16.3
ruby 2.6.6
```
下一個示例顯示如何通過使用項目的`.gitlab-ci.yml`文件中定義的環境變量來激活上述工具的相同版本.
```
include:
- template: License-Scanning.gitlab-ci.yml
license_scanning:
variables:
ASDF_NODEJS_VERSION: '12.16.3'
ASDF_RUBY_VERSION: '2.6.6'
```
完整的變量列表可以在[環境變量中](#available-variables)找到.
要了解在`license_scanning` Docker 映像中預安裝了哪些工具,請使用以下命令:
```
$ docker run --entrypoint='' registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:3 /bin/bash -lc 'asdf list'
golang
1.14
gradle
6.3
java
adopt-openjdk-11.0.7+10
adopt-openjdk-8u242-b08
maven
3.6.3
nodejs
10.20.1
12.16.3
php
7.4.5
python
2.7.18
3.8.2
ruby
2.6.6
sbt
1.3.8
```
要與`license_scanning`運行時環境進行交互,請使用以下命令:
```
$ docker run -it --entrypoint='' registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:3 /bin/bash -l
root@6abb70e9f193:~#
```
**注意:**當前不支持選擇[Mono](https://www.mono-project.com/)或[.NET Core](https://dotnet.microsoft.com/download/dotnet-core)的自定義版本.
- GitLab Docs
- Installation
- Requirements
- GitLab cloud native Helm Chart
- Install GitLab with Docker
- Installation from source
- Install GitLab on Microsoft Azure
- Installing GitLab on Google Cloud Platform
- Installing GitLab on Amazon Web Services (AWS)
- Analytics
- Code Review Analytics
- Productivity Analytics
- Value Stream Analytics
- Kubernetes clusters
- Adding and removing Kubernetes clusters
- Adding EKS clusters
- Adding GKE clusters
- Group-level Kubernetes clusters
- Instance-level Kubernetes clusters
- Canary Deployments
- Cluster Environments
- Deploy Boards
- GitLab Managed Apps
- Crossplane configuration
- Cluster management project (alpha)
- Kubernetes Logs
- Runbooks
- Serverless
- Deploying AWS Lambda function using GitLab CI/CD
- Securing your deployed applications
- Groups
- Contribution Analytics
- Custom group-level project templates
- Epics
- Manage epics
- Group Import/Export
- Insights
- Issues Analytics
- Iterations
- Public access
- SAML SSO for GitLab.com groups
- SCIM provisioning using SAML SSO for GitLab.com groups
- Subgroups
- Roadmap
- Projects
- GitLab Secure
- Security Configuration
- Container Scanning
- Dependency Scanning
- Dependency List
- Static Application Security Testing (SAST)
- Secret Detection
- Dynamic Application Security Testing (DAST)
- GitLab Security Dashboard
- Offline environments
- Standalone Vulnerability pages
- Security scanner integration
- Badges
- Bulk editing issues and merge requests at the project level
- Code Owners
- Compliance
- License Compliance
- Compliance Dashboard
- Create a project
- Description templates
- Deploy Keys
- Deploy Tokens
- File finder
- Project integrations
- Integrations
- Atlassian Bamboo CI Service
- Bugzilla Service
- Custom Issue Tracker service
- Discord Notifications service
- Enabling emails on push
- GitHub project integration
- Hangouts Chat service
- Atlassian HipChat
- Irker IRC Gateway
- GitLab Jira integration
- Mattermost Notifications Service
- Mattermost slash commands
- Microsoft Teams service
- Mock CI Service
- Prometheus integration
- Redmine Service
- Slack Notifications Service
- Slack slash commands
- GitLab Slack application
- Webhooks
- YouTrack Service
- Insights
- Issues
- Crosslinking Issues
- Design Management
- Confidential issues
- Due dates
- Issue Boards
- Issue Data and Actions
- Labels
- Managing issues
- Milestones
- Multiple Assignees for Issues
- Related issues
- Service Desk
- Sorting and ordering issue lists
- Issue weight
- Associate a Zoom meeting with an issue
- Merge requests
- Allow collaboration on merge requests across forks
- Merge Request Approvals
- Browser Performance Testing
- How to create a merge request
- Cherry-pick changes
- Code Quality
- Load Performance Testing
- Merge Request dependencies
- Fast-forward merge requests
- Merge when pipeline succeeds
- Merge request conflict resolution
- Reverting changes
- Reviewing and managing merge requests
- Squash and merge
- Merge requests versions
- Draft merge requests
- Members of a project
- Migrating projects to a GitLab instance
- Import your project from Bitbucket Cloud to GitLab
- Import your project from Bitbucket Server to GitLab
- Migrating from ClearCase
- Migrating from CVS
- Import your project from FogBugz to GitLab
- Gemnasium
- Import your project from GitHub to GitLab
- Project importing from GitLab.com to your private GitLab instance
- Import your project from Gitea to GitLab
- Import your Jira project issues to GitLab
- Migrating from Perforce Helix
- Import Phabricator tasks into a GitLab project
- Import multiple repositories by uploading a manifest file
- Import project from repo by URL
- Migrating from SVN to GitLab
- Migrating from TFVC to Git
- Push Options
- Releases
- Repository
- Branches
- Git Attributes
- File Locking
- Git file blame
- Git file history
- Repository mirroring
- Protected branches
- Protected tags
- Push Rules
- Reduce repository size
- Signing commits with GPG
- Syntax Highlighting
- GitLab Web Editor
- Web IDE
- Requirements Management
- Project settings
- Project import/export
- Project access tokens (Alpha)
- Share Projects with other Groups
- Snippets
- Static Site Editor
- Wiki
- Project operations
- Monitor metrics for your CI/CD environment
- Set up alerts for Prometheus metrics
- Embedding metric charts within GitLab-flavored Markdown
- Embedding Grafana charts
- Using the Metrics Dashboard
- Dashboard YAML properties
- Metrics dashboard settings
- Panel types for dashboards
- Using Variables
- Templating variables for metrics dashboards
- Prometheus Metrics library
- Monitoring AWS Resources
- Monitoring HAProxy
- Monitoring Kubernetes
- Monitoring NGINX
- Monitoring NGINX Ingress Controller
- Monitoring NGINX Ingress Controller with VTS metrics
- Alert Management
- Error Tracking
- Tracing
- Incident Management
- GitLab Status Page
- Feature Flags
- GitLab CI/CD
- GitLab CI/CD pipeline configuration reference
- GitLab CI/CD include examples
- Introduction to CI/CD with GitLab
- Getting started with GitLab CI/CD
- How to enable or disable GitLab CI/CD
- Using SSH keys with GitLab CI/CD
- Migrating from CircleCI
- Migrating from Jenkins
- Auto DevOps
- Getting started with Auto DevOps
- Requirements for Auto DevOps
- Customizing Auto DevOps
- Stages of Auto DevOps
- Upgrading PostgreSQL for Auto DevOps
- Cache dependencies in GitLab CI/CD
- GitLab ChatOps
- Cloud deployment
- Docker integration
- Building Docker images with GitLab CI/CD
- Using Docker images
- Building images with kaniko and GitLab CI/CD
- GitLab CI/CD environment variables
- Predefined environment variables reference
- Where variables can be used
- Deprecated GitLab CI/CD variables
- Environments and deployments
- Protected Environments
- GitLab CI/CD Examples
- Test a Clojure application with GitLab CI/CD
- Using Dpl as deployment tool
- Testing a Phoenix application with GitLab CI/CD
- End-to-end testing with GitLab CI/CD and WebdriverIO
- DevOps and Game Dev with GitLab CI/CD
- Deploy a Spring Boot application to Cloud Foundry with GitLab CI/CD
- How to deploy Maven projects to Artifactory with GitLab CI/CD
- Testing PHP projects
- Running Composer and NPM scripts with deployment via SCP in GitLab CI/CD
- Test and deploy Laravel applications with GitLab CI/CD and Envoy
- Test and deploy a Python application with GitLab CI/CD
- Test and deploy a Ruby application with GitLab CI/CD
- Test and deploy a Scala application to Heroku
- GitLab CI/CD for external repositories
- Using GitLab CI/CD with a Bitbucket Cloud repository
- Using GitLab CI/CD with a GitHub repository
- GitLab Pages
- GitLab Pages
- GitLab Pages domain names, URLs, and baseurls
- Create a GitLab Pages website from scratch
- Custom domains and SSL/TLS Certificates
- GitLab Pages integration with Let's Encrypt
- GitLab Pages Access Control
- Exploring GitLab Pages
- Incremental Rollouts with GitLab CI/CD
- Interactive Web Terminals
- Optimizing GitLab for large repositories
- Metrics Reports
- CI/CD pipelines
- Pipeline Architecture
- Directed Acyclic Graph
- Multi-project pipelines
- Parent-child pipelines
- Pipelines for Merge Requests
- Pipelines for Merged Results
- Merge Trains
- Job artifacts
- Pipeline schedules
- Pipeline settings
- Triggering pipelines through the API
- Review Apps
- Configuring GitLab Runners
- GitLab CI services examples
- Using MySQL
- Using PostgreSQL
- Using Redis
- Troubleshooting CI/CD
- GitLab Package Registry
- GitLab Container Registry
- Dependency Proxy
- GitLab Composer Repository
- GitLab Conan Repository
- GitLab Maven Repository
- GitLab NPM Registry
- GitLab NuGet Repository
- GitLab PyPi Repository
- API Docs
- API resources
- .gitignore API
- GitLab CI YMLs API
- Group and project access requests API
- Appearance API
- Applications API
- Audit Events API
- Avatar API
- Award Emoji API
- Project badges API
- Group badges API
- Branches API
- Broadcast Messages API
- Project clusters API
- Group clusters API
- Instance clusters API
- Commits API
- Container Registry API
- Custom Attributes API
- Dashboard annotations API
- Dependencies API
- Deploy Keys API
- Deployments API
- Discussions API
- Dockerfiles API
- Environments API
- Epics API
- Events
- Feature Flags API
- Feature flag user lists API
- Freeze Periods API
- Geo Nodes API
- Group Activity Analytics API
- Groups API
- Import API
- Issue Boards API
- Group Issue Boards API
- Issues API
- Epic Issues API
- Issues Statistics API
- Jobs API
- Keys API
- Labels API
- Group Labels API
- License
- Licenses API
- Issue links API
- Epic Links API
- Managed Licenses API
- Markdown API
- Group and project members API
- Merge request approvals API
- Merge requests API
- Project milestones API
- Group milestones API
- Namespaces API
- Notes API
- Notification settings API
- Packages API
- Pages domains API
- Pipeline schedules API
- Pipeline triggers API
- Pipelines API
- Project Aliases API
- Project import/export API
- Project repository storage moves API
- Project statistics API
- Project templates API
- Projects API
- Protected branches API
- Protected tags API
- Releases API
- Release links API
- Repositories API
- Repository files API
- Repository submodules API
- Resource label events API
- Resource milestone events API
- Resource weight events API
- Runners API
- SCIM API
- Search API
- Services API
- Application settings API
- Sidekiq Metrics API
- Snippets API
- Project snippets
- Application statistics API
- Suggest Changes API
- System hooks API
- Tags API
- Todos API
- Users API
- Project-level Variables API
- Group-level Variables API
- Version API
- Vulnerabilities API
- Vulnerability Findings API
- Wikis API
- GraphQL API
- Getting started with GitLab GraphQL API
- GraphQL API Resources
- API V3 to API V4
- Validate the .gitlab-ci.yml (API)
- User Docs
- Abuse reports
- User account
- Active sessions
- Deleting a User account
- Permissions
- Personal access tokens
- Profile preferences
- Threads
- GitLab and SSH keys
- GitLab integrations
- Git
- GitLab.com settings
- Infrastructure as code with Terraform and GitLab
- GitLab keyboard shortcuts
- GitLab Markdown
- AsciiDoc
- GitLab Notification Emails
- GitLab Quick Actions
- Autocomplete characters
- Reserved project and group names
- Search through GitLab
- Advanced Global Search
- Advanced Syntax Search
- Time Tracking
- GitLab To-Do List
- Administrator Docs
- Reference architectures
- Reference architecture: up to 1,000 users
- Reference architecture: up to 2,000 users
- Reference architecture: up to 3,000 users
- Reference architecture: up to 5,000 users
- Reference architecture: up to 10,000 users
- Reference architecture: up to 25,000 users
- Reference architecture: up to 50,000 users
- Troubleshooting a reference architecture set up
- Working with the bundled Consul service
- Configuring PostgreSQL for scaling
- Configuring GitLab application (Rails)
- Load Balancer for multi-node GitLab
- Configuring a Monitoring node for Scaling and High Availability
- NFS
- Working with the bundled PgBouncer service
- Configuring Redis for scaling
- Configuring Sidekiq
- Admin Area settings
- Continuous Integration and Deployment Admin settings
- Custom instance-level project templates
- Diff limits administration
- Enable and disable GitLab features deployed behind feature flags
- Geo nodes Admin Area
- GitLab Pages administration
- Health Check
- Job logs
- Labels administration
- Log system
- PlantUML & GitLab
- Repository checks
- Repository storage paths
- Repository storage types
- Account and limit settings
- Service templates
- System hooks
- Changing your time zone
- Uploads administration
- Abuse reports
- Activating and deactivating users
- Audit Events
- Blocking and unblocking users
- Broadcast Messages
- Elasticsearch integration
- Gitaly
- Gitaly Cluster
- Gitaly reference
- Monitoring GitLab
- Monitoring GitLab with Prometheus
- Performance Bar
- Usage statistics
- Object Storage
- Performing Operations in GitLab
- Cleaning up stale Redis sessions
- Fast lookup of authorized SSH keys in the database
- Filesystem Performance Benchmarking
- Moving repositories managed by GitLab
- Run multiple Sidekiq processes
- Sidekiq MemoryKiller
- Switching to Puma
- Understanding Unicorn and unicorn-worker-killer
- User lookup via OpenSSH's AuthorizedPrincipalsCommand
- GitLab Package Registry administration
- GitLab Container Registry administration
- Replication (Geo)
- Geo database replication
- Geo with external PostgreSQL instances
- Geo configuration
- Using a Geo Server
- Updating the Geo nodes
- Geo with Object storage
- Docker Registry for a secondary node
- Geo for multiple nodes
- Geo security review (Q&A)
- Location-aware Git remote URL with AWS Route53
- Tuning Geo
- Removing secondary Geo nodes
- Geo data types support
- Geo Frequently Asked Questions
- Geo Troubleshooting
- Geo validation tests
- Disaster Recovery (Geo)
- Disaster recovery for planned failover
- Bring a demoted primary node back online
- Automatic background verification
- Rake tasks
- Back up and restore GitLab
- Clean up
- Namespaces
- Maintenance Rake tasks
- Geo Rake Tasks
- GitHub import
- Import bare repositories
- Integrity check Rake task
- LDAP Rake tasks
- Listing repository directories
- Praefect Rake tasks
- Project import/export administration
- Repository storage Rake tasks
- Generate sample Prometheus data
- Uploads migrate Rake tasks
- Uploads sanitize Rake tasks
- User management
- Webhooks administration
- X.509 signatures
- Server hooks
- Static objects external storage
- Updating GitLab
- GitLab release and maintenance policy
- Security
- Password Storage
- Custom password length limits
- Restrict allowed SSH key technologies and minimum length
- Rate limits
- Webhooks and insecure internal web services
- Information exclusivity
- How to reset your root password
- How to unlock a locked user from the command line
- User File Uploads
- How we manage the TLS protocol CRIME vulnerability
- User email confirmation at sign-up
- Security of running jobs
- Proxying assets
- CI/CD Environment Variables
- Contributor and Development Docs
- Contribute to GitLab
- Community members & roles
- Implement design & UI elements
- Issues workflow
- Merge requests workflow
- Code Review Guidelines
- Style guides
- GitLab Architecture Overview
- CI/CD development documentation
- Database guides
- Database Review Guidelines
- Database Review Guidelines
- Migration Style Guide
- What requires downtime?
- Understanding EXPLAIN plans
- Rake tasks for developers
- Mass inserting Rails models
- GitLab Documentation guidelines
- Documentation Style Guide
- Documentation structure and template
- Documentation process
- Documentation site architecture
- Global navigation
- GitLab Docs monthly release process
- Telemetry Guide
- Usage Ping Guide
- Snowplow Guide
- Experiment Guide
- Feature flags in development of GitLab
- Feature flags process
- Developing with feature flags
- Feature flag controls
- Document features deployed behind feature flags
- Frontend Development Guidelines
- Accessibility & Readability
- Ajax
- Architecture
- Axios
- Design Patterns
- Frontend Development Process
- DropLab
- Emojis
- Filter
- Frontend FAQ
- GraphQL
- Icons and SVG Illustrations
- InputSetter
- Performance
- Principles
- Security
- Tooling
- Vuex
- Vue
- Geo (development)
- Geo self-service framework (alpha)
- Gitaly developers guide
- GitLab development style guides
- API style guide
- Go standards and style guidelines
- GraphQL API style guide
- Guidelines for shell commands in the GitLab codebase
- HTML style guide
- JavaScript style guide
- Migration Style Guide
- Newlines style guide
- Python Development Guidelines
- SCSS style guide
- Shell scripting standards and style guidelines
- Sidekiq debugging
- Sidekiq Style Guide
- SQL Query Guidelines
- Vue.js style guide
- Instrumenting Ruby code
- Testing standards and style guidelines
- Flaky tests
- Frontend testing standards and style guidelines
- GitLab tests in the Continuous Integration (CI) context
- Review Apps
- Smoke Tests
- Testing best practices
- Testing levels
- Testing Rails migrations at GitLab
- Testing Rake tasks
- End-to-end Testing
- Beginner's guide to writing end-to-end tests
- End-to-end testing Best Practices
- Dynamic Element Validation
- Flows in GitLab QA
- Page objects in GitLab QA
- Resource class in GitLab QA
- Style guide for writing end-to-end tests
- Testing with feature flags
- Translate GitLab to your language
- Internationalization for GitLab
- Translating GitLab
- Proofread Translations
- Merging translations from CrowdIn
- Value Stream Analytics development guide
- GitLab subscription
- Activate GitLab EE with a license