# Protected branches
> 原文:[https://docs.gitlab.com/ee/user/project/protected_branches.html](https://docs.gitlab.com/ee/user/project/protected_branches.html)
* [Overview](#overview)
* [Configuring protected branches](#configuring-protected-branches)
* [Using the Allowed to merge and Allowed to push settings](#using-the-allowed-to-merge-and-allowed-to-push-settings)
* [Restricting push and merge access to certain users](#restricting-push-and-merge-access-to-certain-users-starter)
* [Wildcard protected branches](#wildcard-protected-branches)
* [Creating a protected branch](#creating-a-protected-branch)
* [Deleting a protected branch](#deleting-a-protected-branch)
* [Protected Branches approval by Code Owners](#protected-branches-approval-by-code-owners-premium)
* [Running pipelines on protected branches](#running-pipelines-on-protected-branches)
* [Changelog](#changelog)
# Protected branches[](#protected-branches "Permalink")
GitLab 中的[权限](../permissions.html)基本上是围绕对存储库和分支具有读或写权限的想法定义的. 为了对某些分支机构施加进一步的限制,可以对其进行保护.
## Overview[](#overview "Permalink")
默认情况下,受保护的分支执行以下四个简单的操作:
* 它会阻止除具有维护者权限的用户之外的所有用户创建它(如果尚未创建).
* 它可以防止除具有**允许的**权限的用户以外的其他任何人推送.
* 它可以防止**任何人**用力推动分支机构.
* 它可以防止**任何人**删除分支.
**注意:**允许 GitLab 管理员推送到受保护的分支.
有关随时间的变化,请参见" [更改日志"](#changelog)部分.
默认的分支保护级别在[管理区域中](../admin_area/settings/visibility_and_access_controls.html#default-branch-protection)设置.
## Configuring protected branches[](#configuring-protected-branches "Permalink")
要保护分支,您需要至少具有维护者权限级别. 请注意,默认情况下`master`分支是受保护的.
1. 导航到项目的**"设置"➔"存储库"**
2. 滚动查找" **受保护的分支"**部分.
3. 从" **分支"**下拉菜单中,选择要保护的分支,然后单击" **保护"** . 在下面的屏幕截图中,我们选择了`develop`分支.
[![Protected branches page](https://img.kancloud.cn/ae/a9/aea917875484cc53df22a2cbcc7a6553_855x458.png)](img/protected_branches_page_v12_3.png)
4. 完成后,受保护的分支将出现在"受保护的分支"列表中.
[![Protected branches list](https://img.kancloud.cn/00/fc/00fc80090cf260b177728df3450734a3_856x196.png)](img/protected_branches_list_v12_3.png)
## Using the Allowed to merge and Allowed to push settings[](#using-the-allowed-to-merge-and-allowed-to-push-settings "Permalink")
在 GitLab 8.11 中[引入](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5081) .
从 GitLab 8.11 开始,我们增加了分支保护的另一层,它提供了对受保护分支的更精细的管理. "开发人员可以推送"选项由"允许推送"设置代替,该设置可以设置为允许/禁止维护者和/或开发人员推送到受保护的分支.
使用"允许推送"和"允许合并"设置,您可以控制不同角色可以在受保护分支中执行的操作. 例如,您可以将"允许推送"设置为"无人",将"允许合并"设置为"开发人员+维护人员",以要求*每个人都*提交合并请求,以请求更改进入受保护分支. 这与[GitLab 工作](../../topics/gitlab_flow.html)流程等[工作流程](../../topics/gitlab_flow.html)兼容.
但是,有些工作流程不需要这样做,只有防止强行推动和移除分支才有用. 对于这些工作流程,您可以通过将"允许推送"设置为"开发人员+维护人员"来允许具有写访问权的每个人推送到受保护的分支.
您可以在创建受保护的分支时设置"允许推送"和"允许合并"选项,也可以在之后通过从"已保护"区域的下拉列表中选择所需的选项来设置.
[![Developers can push](https://img.kancloud.cn/67/e1/67e18f7ac1d7ab022a8409bd6246e904_858x244.png)](img/protected_branches_devs_can_push_v12_3.png)
如果在创建受保护的分支时未选择任何这些选项,则默认情况下会将它们设置为"维护者".
## Restricting push and merge access to certain users[](#restricting-push-and-merge-access-to-certain-users-starter "Permalink")
[Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5081) in [GitLab Starter](https://about.gitlab.com/pricing/) 8.11.
使用 GitLab 企业版,您可以通过选择角色(维护者,开发者)以及某些用户来限制对受保护分支的访问. 从下拉菜单中选择您要合并或推送访问的角色和/或用户.
[![Select roles and users](https://img.kancloud.cn/fa/89/fa89a796de997156fe7d01bb9cc271de_940x330.png)](img/protected_branches_select_roles_and_users.png)
单击" **保护"** ,该分支将出现在"受保护的分支"列表中.
[![Roles and users list](https://img.kancloud.cn/bc/a8/bca8f26050761aec56c5a98b5319af1b_936x166.png)](img/protected_branches_select_roles_and_users_list.png)
## Wildcard protected branches[](#wildcard-protected-branches "Permalink")
在 GitLab 8.10 中[引入](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/4665) .
您可以指定一个通配符保护的分支,该分支将保护所有与通配符匹配的分支. 例如:
| 通配符保护的分支 | 匹配分支 |
| --- | --- |
| `*-stable` | `production-stable`, `staging-stable` |
| `production/*` | `production/app-server`, `production/load-balancer` |
| `*gitlab*` | `gitlab`, `gitlab/staging`, `master/gitlab/production` |
受保护的分支设置(如"开发人员可以推送")适用于所有匹配的分支.
两个不同的通配符可能会匹配同一分支. 例如, `*-stable` `production-stable`和`production-*`都将与`production-stable`分支匹配. 在这种情况下,如果*这些*受保护的分支有这样一个设定"允许推送",然后`production-stable`也将继承这一设置.
如果单击受保护分支的名称,将显示所有匹配分支的列表:
[![Protected branch matches](https://img.kancloud.cn/02/c2/02c286fb70232131d109afc48d417d27_930x224.png)](img/protected_branches_matches.png)
## Creating a protected branch[](#creating-a-protected-branch "Permalink")
在 GitLab 11.9 中[引入](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53361) .
当受保护的分支或通配符受保护的分支设置为" [**不允许任何人** **推送"时**](#using-the-allowed-to-merge-and-allowed-to-push-settings) ,只要允许开发人员(和具有较高[权限级别的](../permissions.html)用户) [**合并**](#using-the-allowed-to-merge-and-allowed-to-push-settings) ,就可以创建新的受保护分支. 这只能通过 UI 或 API 来完成(为避免意外地从命令行或 Git 客户端应用程序创建受保护的分支).
通过用户界面创建新分支:
1. Visit **资料库>分支机构**.
2. Click on **新分支**.
3. 填写分支名称,然后选择一个现有的分支,标记或确认新分支将基于该分支. 仅接受现有的受保护分支和已经在受保护分支中的提交.
## Deleting a protected branch[](#deleting-a-protected-branch "Permalink")
在 GitLab 9.3 中[引入](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/21393) .
有时可能需要删除或清理受保护的分支.
具有[维护者权限](../permissions.html)并具有[维护者权限的](../permissions.html)用户可以通过 GitLab 的 Web 界面手动删除受保护的分支:
1. Visit **资料库>分支机构**
2. 单击您要删除的分支旁边的删除图标
3. 为了防止意外删除,需要额外的确认
[![Delete protected branches](https://img.kancloud.cn/b4/00/b4003680efa9bd7e968db90bedab3a3a_877x344.png)](img/protected_branches_delete.png)
只能通过 Web 界面而不是 Git 删除受保护的分支. 这意味着您不能从命令行或 Git 客户端应用程序中意外删除受保护的分支.
## Protected Branches approval by Code Owners[](#protected-branches-approval-by-code-owners-premium "Permalink")
[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13251) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.4.
对于合并请求更改的文件,可能需要[代码所有者的](code_owners.html)至少一项批准. 可以在保护新分支时设置"代码所有者"批准,也可以将其设置为已经受保护的分支,如下所述.
要保护新分支并获得代码所有者的批准:
1. 导航到项目的**"设置">"存储库",**然后展开" **受保护的分支"** .
2. 向下滚动到**保护一个分支** ,选择**分支**或通配符你想保护,选择谁的**允许合并** **,**并**允许推** ,以及切换**需要从代码的业主**滑块**批准** .
3. Click **Protect**.
[![Code Owners approval - new protected branch](https://img.kancloud.cn/05/54/05544b54c7e8a6ecb910c1bbb26aaa46_1972x1042.png)](img/code_owners_approval_new_protected_branch_v12_4.png)
要使代码所有者批准已受保护的分支机构,请执行以下操作:
1. 导航到项目的**"设置">"存储库",**然后展开" **受保护的分支"** .
2. 向下滚动到" **受保护"分支,**然后切换所选分支的**"代码所有者"批准**滑块.
[![Code Owners approval - branch already protected](https://img.kancloud.cn/05/b7/05b7961822986b15b92178640915e852_1894x308.png)](img/code_owners_approval_protected_branch_v12_4.png)
启用后,所有针对这些分支的合并请求都将需要代码所有者根据匹配的规则进行批准,然后才能合并. 此外,如果匹配规则,则拒绝直接推送到受保护的分支.
## Running pipelines on protected branches[](#running-pipelines-on-protected-branches "Permalink")
合并或推送到受保护分支的权限用于定义用户是否可以运行 CI / CD 管道并在与那些分支相关的作业上执行操作.
有关管道安全模型的详细信息,请参阅[受保护分支上](../../ci/pipelines/index.html#pipeline-security-on-protected-branches)的安全性.
## Changelog[](#changelog "Permalink")
**11.9**
* [允许](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53361)开发人员(和具有更高权限级别的用户)通过 API 和用户界面[创建受保护的分支](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53361) .
**9.2**
* 允许通过 Web 界面删除受保护的分支( [问题#21393](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/21393) ).
**8.11**
* 允许创建无法推送到的受保护分支( [合并请求!5081](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5081) ).
**8.10**
* 允许没有推送访问权限的开发人员合并到受保护的分支中( [合并请求!4892](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/4892) ).
* 允许使用通配符指定受保护的分支( [合并请求!4665](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/4665) ).
- GitLab Docs
- Installation
- Requirements
- GitLab cloud native Helm Chart
- Install GitLab with Docker
- Installation from source
- Install GitLab on Microsoft Azure
- Installing GitLab on Google Cloud Platform
- Installing GitLab on Amazon Web Services (AWS)
- Analytics
- Code Review Analytics
- Productivity Analytics
- Value Stream Analytics
- Kubernetes clusters
- Adding and removing Kubernetes clusters
- Adding EKS clusters
- Adding GKE clusters
- Group-level Kubernetes clusters
- Instance-level Kubernetes clusters
- Canary Deployments
- Cluster Environments
- Deploy Boards
- GitLab Managed Apps
- Crossplane configuration
- Cluster management project (alpha)
- Kubernetes Logs
- Runbooks
- Serverless
- Deploying AWS Lambda function using GitLab CI/CD
- Securing your deployed applications
- Groups
- Contribution Analytics
- Custom group-level project templates
- Epics
- Manage epics
- Group Import/Export
- Insights
- Issues Analytics
- Iterations
- Public access
- SAML SSO for GitLab.com groups
- SCIM provisioning using SAML SSO for GitLab.com groups
- Subgroups
- Roadmap
- Projects
- GitLab Secure
- Security Configuration
- Container Scanning
- Dependency Scanning
- Dependency List
- Static Application Security Testing (SAST)
- Secret Detection
- Dynamic Application Security Testing (DAST)
- GitLab Security Dashboard
- Offline environments
- Standalone Vulnerability pages
- Security scanner integration
- Badges
- Bulk editing issues and merge requests at the project level
- Code Owners
- Compliance
- License Compliance
- Compliance Dashboard
- Create a project
- Description templates
- Deploy Keys
- Deploy Tokens
- File finder
- Project integrations
- Integrations
- Atlassian Bamboo CI Service
- Bugzilla Service
- Custom Issue Tracker service
- Discord Notifications service
- Enabling emails on push
- GitHub project integration
- Hangouts Chat service
- Atlassian HipChat
- Irker IRC Gateway
- GitLab Jira integration
- Mattermost Notifications Service
- Mattermost slash commands
- Microsoft Teams service
- Mock CI Service
- Prometheus integration
- Redmine Service
- Slack Notifications Service
- Slack slash commands
- GitLab Slack application
- Webhooks
- YouTrack Service
- Insights
- Issues
- Crosslinking Issues
- Design Management
- Confidential issues
- Due dates
- Issue Boards
- Issue Data and Actions
- Labels
- Managing issues
- Milestones
- Multiple Assignees for Issues
- Related issues
- Service Desk
- Sorting and ordering issue lists
- Issue weight
- Associate a Zoom meeting with an issue
- Merge requests
- Allow collaboration on merge requests across forks
- Merge Request Approvals
- Browser Performance Testing
- How to create a merge request
- Cherry-pick changes
- Code Quality
- Load Performance Testing
- Merge Request dependencies
- Fast-forward merge requests
- Merge when pipeline succeeds
- Merge request conflict resolution
- Reverting changes
- Reviewing and managing merge requests
- Squash and merge
- Merge requests versions
- Draft merge requests
- Members of a project
- Migrating projects to a GitLab instance
- Import your project from Bitbucket Cloud to GitLab
- Import your project from Bitbucket Server to GitLab
- Migrating from ClearCase
- Migrating from CVS
- Import your project from FogBugz to GitLab
- Gemnasium
- Import your project from GitHub to GitLab
- Project importing from GitLab.com to your private GitLab instance
- Import your project from Gitea to GitLab
- Import your Jira project issues to GitLab
- Migrating from Perforce Helix
- Import Phabricator tasks into a GitLab project
- Import multiple repositories by uploading a manifest file
- Import project from repo by URL
- Migrating from SVN to GitLab
- Migrating from TFVC to Git
- Push Options
- Releases
- Repository
- Branches
- Git Attributes
- File Locking
- Git file blame
- Git file history
- Repository mirroring
- Protected branches
- Protected tags
- Push Rules
- Reduce repository size
- Signing commits with GPG
- Syntax Highlighting
- GitLab Web Editor
- Web IDE
- Requirements Management
- Project settings
- Project import/export
- Project access tokens (Alpha)
- Share Projects with other Groups
- Snippets
- Static Site Editor
- Wiki
- Project operations
- Monitor metrics for your CI/CD environment
- Set up alerts for Prometheus metrics
- Embedding metric charts within GitLab-flavored Markdown
- Embedding Grafana charts
- Using the Metrics Dashboard
- Dashboard YAML properties
- Metrics dashboard settings
- Panel types for dashboards
- Using Variables
- Templating variables for metrics dashboards
- Prometheus Metrics library
- Monitoring AWS Resources
- Monitoring HAProxy
- Monitoring Kubernetes
- Monitoring NGINX
- Monitoring NGINX Ingress Controller
- Monitoring NGINX Ingress Controller with VTS metrics
- Alert Management
- Error Tracking
- Tracing
- Incident Management
- GitLab Status Page
- Feature Flags
- GitLab CI/CD
- GitLab CI/CD pipeline configuration reference
- GitLab CI/CD include examples
- Introduction to CI/CD with GitLab
- Getting started with GitLab CI/CD
- How to enable or disable GitLab CI/CD
- Using SSH keys with GitLab CI/CD
- Migrating from CircleCI
- Migrating from Jenkins
- Auto DevOps
- Getting started with Auto DevOps
- Requirements for Auto DevOps
- Customizing Auto DevOps
- Stages of Auto DevOps
- Upgrading PostgreSQL for Auto DevOps
- Cache dependencies in GitLab CI/CD
- GitLab ChatOps
- Cloud deployment
- Docker integration
- Building Docker images with GitLab CI/CD
- Using Docker images
- Building images with kaniko and GitLab CI/CD
- GitLab CI/CD environment variables
- Predefined environment variables reference
- Where variables can be used
- Deprecated GitLab CI/CD variables
- Environments and deployments
- Protected Environments
- GitLab CI/CD Examples
- Test a Clojure application with GitLab CI/CD
- Using Dpl as deployment tool
- Testing a Phoenix application with GitLab CI/CD
- End-to-end testing with GitLab CI/CD and WebdriverIO
- DevOps and Game Dev with GitLab CI/CD
- Deploy a Spring Boot application to Cloud Foundry with GitLab CI/CD
- How to deploy Maven projects to Artifactory with GitLab CI/CD
- Testing PHP projects
- Running Composer and NPM scripts with deployment via SCP in GitLab CI/CD
- Test and deploy Laravel applications with GitLab CI/CD and Envoy
- Test and deploy a Python application with GitLab CI/CD
- Test and deploy a Ruby application with GitLab CI/CD
- Test and deploy a Scala application to Heroku
- GitLab CI/CD for external repositories
- Using GitLab CI/CD with a Bitbucket Cloud repository
- Using GitLab CI/CD with a GitHub repository
- GitLab Pages
- GitLab Pages
- GitLab Pages domain names, URLs, and baseurls
- Create a GitLab Pages website from scratch
- Custom domains and SSL/TLS Certificates
- GitLab Pages integration with Let's Encrypt
- GitLab Pages Access Control
- Exploring GitLab Pages
- Incremental Rollouts with GitLab CI/CD
- Interactive Web Terminals
- Optimizing GitLab for large repositories
- Metrics Reports
- CI/CD pipelines
- Pipeline Architecture
- Directed Acyclic Graph
- Multi-project pipelines
- Parent-child pipelines
- Pipelines for Merge Requests
- Pipelines for Merged Results
- Merge Trains
- Job artifacts
- Pipeline schedules
- Pipeline settings
- Triggering pipelines through the API
- Review Apps
- Configuring GitLab Runners
- GitLab CI services examples
- Using MySQL
- Using PostgreSQL
- Using Redis
- Troubleshooting CI/CD
- GitLab Package Registry
- GitLab Container Registry
- Dependency Proxy
- GitLab Composer Repository
- GitLab Conan Repository
- GitLab Maven Repository
- GitLab NPM Registry
- GitLab NuGet Repository
- GitLab PyPi Repository
- API Docs
- API resources
- .gitignore API
- GitLab CI YMLs API
- Group and project access requests API
- Appearance API
- Applications API
- Audit Events API
- Avatar API
- Award Emoji API
- Project badges API
- Group badges API
- Branches API
- Broadcast Messages API
- Project clusters API
- Group clusters API
- Instance clusters API
- Commits API
- Container Registry API
- Custom Attributes API
- Dashboard annotations API
- Dependencies API
- Deploy Keys API
- Deployments API
- Discussions API
- Dockerfiles API
- Environments API
- Epics API
- Events
- Feature Flags API
- Feature flag user lists API
- Freeze Periods API
- Geo Nodes API
- Group Activity Analytics API
- Groups API
- Import API
- Issue Boards API
- Group Issue Boards API
- Issues API
- Epic Issues API
- Issues Statistics API
- Jobs API
- Keys API
- Labels API
- Group Labels API
- License
- Licenses API
- Issue links API
- Epic Links API
- Managed Licenses API
- Markdown API
- Group and project members API
- Merge request approvals API
- Merge requests API
- Project milestones API
- Group milestones API
- Namespaces API
- Notes API
- Notification settings API
- Packages API
- Pages domains API
- Pipeline schedules API
- Pipeline triggers API
- Pipelines API
- Project Aliases API
- Project import/export API
- Project repository storage moves API
- Project statistics API
- Project templates API
- Projects API
- Protected branches API
- Protected tags API
- Releases API
- Release links API
- Repositories API
- Repository files API
- Repository submodules API
- Resource label events API
- Resource milestone events API
- Resource weight events API
- Runners API
- SCIM API
- Search API
- Services API
- Application settings API
- Sidekiq Metrics API
- Snippets API
- Project snippets
- Application statistics API
- Suggest Changes API
- System hooks API
- Tags API
- Todos API
- Users API
- Project-level Variables API
- Group-level Variables API
- Version API
- Vulnerabilities API
- Vulnerability Findings API
- Wikis API
- GraphQL API
- Getting started with GitLab GraphQL API
- GraphQL API Resources
- API V3 to API V4
- Validate the .gitlab-ci.yml (API)
- User Docs
- Abuse reports
- User account
- Active sessions
- Deleting a User account
- Permissions
- Personal access tokens
- Profile preferences
- Threads
- GitLab and SSH keys
- GitLab integrations
- Git
- GitLab.com settings
- Infrastructure as code with Terraform and GitLab
- GitLab keyboard shortcuts
- GitLab Markdown
- AsciiDoc
- GitLab Notification Emails
- GitLab Quick Actions
- Autocomplete characters
- Reserved project and group names
- Search through GitLab
- Advanced Global Search
- Advanced Syntax Search
- Time Tracking
- GitLab To-Do List
- Administrator Docs
- Reference architectures
- Reference architecture: up to 1,000 users
- Reference architecture: up to 2,000 users
- Reference architecture: up to 3,000 users
- Reference architecture: up to 5,000 users
- Reference architecture: up to 10,000 users
- Reference architecture: up to 25,000 users
- Reference architecture: up to 50,000 users
- Troubleshooting a reference architecture set up
- Working with the bundled Consul service
- Configuring PostgreSQL for scaling
- Configuring GitLab application (Rails)
- Load Balancer for multi-node GitLab
- Configuring a Monitoring node for Scaling and High Availability
- NFS
- Working with the bundled PgBouncer service
- Configuring Redis for scaling
- Configuring Sidekiq
- Admin Area settings
- Continuous Integration and Deployment Admin settings
- Custom instance-level project templates
- Diff limits administration
- Enable and disable GitLab features deployed behind feature flags
- Geo nodes Admin Area
- GitLab Pages administration
- Health Check
- Job logs
- Labels administration
- Log system
- PlantUML & GitLab
- Repository checks
- Repository storage paths
- Repository storage types
- Account and limit settings
- Service templates
- System hooks
- Changing your time zone
- Uploads administration
- Abuse reports
- Activating and deactivating users
- Audit Events
- Blocking and unblocking users
- Broadcast Messages
- Elasticsearch integration
- Gitaly
- Gitaly Cluster
- Gitaly reference
- Monitoring GitLab
- Monitoring GitLab with Prometheus
- Performance Bar
- Usage statistics
- Object Storage
- Performing Operations in GitLab
- Cleaning up stale Redis sessions
- Fast lookup of authorized SSH keys in the database
- Filesystem Performance Benchmarking
- Moving repositories managed by GitLab
- Run multiple Sidekiq processes
- Sidekiq MemoryKiller
- Switching to Puma
- Understanding Unicorn and unicorn-worker-killer
- User lookup via OpenSSH's AuthorizedPrincipalsCommand
- GitLab Package Registry administration
- GitLab Container Registry administration
- Replication (Geo)
- Geo database replication
- Geo with external PostgreSQL instances
- Geo configuration
- Using a Geo Server
- Updating the Geo nodes
- Geo with Object storage
- Docker Registry for a secondary node
- Geo for multiple nodes
- Geo security review (Q&A)
- Location-aware Git remote URL with AWS Route53
- Tuning Geo
- Removing secondary Geo nodes
- Geo data types support
- Geo Frequently Asked Questions
- Geo Troubleshooting
- Geo validation tests
- Disaster Recovery (Geo)
- Disaster recovery for planned failover
- Bring a demoted primary node back online
- Automatic background verification
- Rake tasks
- Back up and restore GitLab
- Clean up
- Namespaces
- Maintenance Rake tasks
- Geo Rake Tasks
- GitHub import
- Import bare repositories
- Integrity check Rake task
- LDAP Rake tasks
- Listing repository directories
- Praefect Rake tasks
- Project import/export administration
- Repository storage Rake tasks
- Generate sample Prometheus data
- Uploads migrate Rake tasks
- Uploads sanitize Rake tasks
- User management
- Webhooks administration
- X.509 signatures
- Server hooks
- Static objects external storage
- Updating GitLab
- GitLab release and maintenance policy
- Security
- Password Storage
- Custom password length limits
- Restrict allowed SSH key technologies and minimum length
- Rate limits
- Webhooks and insecure internal web services
- Information exclusivity
- How to reset your root password
- How to unlock a locked user from the command line
- User File Uploads
- How we manage the TLS protocol CRIME vulnerability
- User email confirmation at sign-up
- Security of running jobs
- Proxying assets
- CI/CD Environment Variables
- Contributor and Development Docs
- Contribute to GitLab
- Community members & roles
- Implement design & UI elements
- Issues workflow
- Merge requests workflow
- Code Review Guidelines
- Style guides
- GitLab Architecture Overview
- CI/CD development documentation
- Database guides
- Database Review Guidelines
- Database Review Guidelines
- Migration Style Guide
- What requires downtime?
- Understanding EXPLAIN plans
- Rake tasks for developers
- Mass inserting Rails models
- GitLab Documentation guidelines
- Documentation Style Guide
- Documentation structure and template
- Documentation process
- Documentation site architecture
- Global navigation
- GitLab Docs monthly release process
- Telemetry Guide
- Usage Ping Guide
- Snowplow Guide
- Experiment Guide
- Feature flags in development of GitLab
- Feature flags process
- Developing with feature flags
- Feature flag controls
- Document features deployed behind feature flags
- Frontend Development Guidelines
- Accessibility & Readability
- Ajax
- Architecture
- Axios
- Design Patterns
- Frontend Development Process
- DropLab
- Emojis
- Filter
- Frontend FAQ
- GraphQL
- Icons and SVG Illustrations
- InputSetter
- Performance
- Principles
- Security
- Tooling
- Vuex
- Vue
- Geo (development)
- Geo self-service framework (alpha)
- Gitaly developers guide
- GitLab development style guides
- API style guide
- Go standards and style guidelines
- GraphQL API style guide
- Guidelines for shell commands in the GitLab codebase
- HTML style guide
- JavaScript style guide
- Migration Style Guide
- Newlines style guide
- Python Development Guidelines
- SCSS style guide
- Shell scripting standards and style guidelines
- Sidekiq debugging
- Sidekiq Style Guide
- SQL Query Guidelines
- Vue.js style guide
- Instrumenting Ruby code
- Testing standards and style guidelines
- Flaky tests
- Frontend testing standards and style guidelines
- GitLab tests in the Continuous Integration (CI) context
- Review Apps
- Smoke Tests
- Testing best practices
- Testing levels
- Testing Rails migrations at GitLab
- Testing Rake tasks
- End-to-end Testing
- Beginner's guide to writing end-to-end tests
- End-to-end testing Best Practices
- Dynamic Element Validation
- Flows in GitLab QA
- Page objects in GitLab QA
- Resource class in GitLab QA
- Style guide for writing end-to-end tests
- Testing with feature flags
- Translate GitLab to your language
- Internationalization for GitLab
- Translating GitLab
- Proofread Translations
- Merging translations from CrowdIn
- Value Stream Analytics development guide
- GitLab subscription
- Activate GitLab EE with a license