diff options
| author | Igor Drozdov <idrozdov@gitlab.com> | 2022-02-15 12:22:52 +0300 |
|---|---|---|
| committer | Igor Drozdov <idrozdov@gitlab.com> | 2022-02-15 12:22:54 +0300 |
| commit | 0e0b6ccd990257286497837e201ea7e70f9c023e (patch) | |
| tree | eb0a3486fef7c06ebb7e66372406cf78fc8903dc | |
| parent | 49e8423f04b5395b7401b0a295a5eaf19ca932e4 (diff) | |
| download | gitlab-shell-0e0b6ccd990257286497837e201ea7e70f9c023e.tar.gz | |
Add docs for full feature list
Describe what Gitlab Shell is capable of
| -rw-r--r-- | README.md | 6 | ||||
| -rw-r--r-- | doc/features.md | 69 |
2 files changed, 71 insertions, 4 deletions
@@ -18,6 +18,8 @@ An overview of the four cases described above: 1. git pull over SSH -> gitlab-shell -> API call to gitlab-rails (Authorization) -> accept or decline -> establish Gitaly session 1. git push over SSH -> gitlab-shell (git command is not executed yet) -> establish Gitaly session -> (in Gitaly) gitlab-shell pre-receive hook -> API call to gitlab-rails (authorization) -> accept or decline push +[Full feature list](/doc/features.md) + ## Code status [](https://gitlab.com/gitlab-org/gitlab-shell/-/pipelines?ref=main) @@ -94,10 +96,6 @@ If no `GITALY_CONNECTION_INFO` is set, the test suite will still run, but any tests requiring Gitaly will be skipped. They will always run in the CI environment. -## Git LFS - -Starting with GitLab 8.12, GitLab supports Git LFS authentication through SSH. - ## Logging Guidelines In general, it should be possible to determine the structure, but not content, diff --git a/doc/features.md b/doc/features.md new file mode 100644 index 0000000..bbd6b7d --- /dev/null +++ b/doc/features.md @@ -0,0 +1,69 @@ +### Discover + +Allows users to identify themselves on an instance via SSH. The command is useful for checking out quickly whether a user has SSH access to the instance: + +```bash +ssh git@<hostname> + +PTY allocation request failed on channel 0 +Welcome to GitLab, @username! +Connection to staging.gitlab.com closed. +``` + +When permission is denied: + +```bash +ssh git@<hostname> +git@<hostname>: Permission denied (publickey). +``` + +### Git operations + +Gitlab Shell provides support for Git operations over SSH via processing `git-upload-pack`, `git-receive-pack` and `git-upload-archive` SSH commands. It limit the set of commands to predefined git commands (git push, git clone/pull, git archive). + +### Generate new 2FA recovery codes + +Allows users to [generate new 2FA recovery codes](https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html#generate-new-recovery-codes-using-ssh). + +```bash +ssh git@<hostname> 2fa_recovery_codes +Are you sure you want to generate new two-factor recovery codes? +Any existing recovery codes you saved will be invalidated. (yes/no) +yes + +Your two-factor authentication recovery codes are: +... +``` + +### Verify 2FA OTP + +Allows users to [verify their 2FA OTP](https://docs.gitlab.com/ee/security/two_factor_authentication.html#2fa-for-git-over-ssh-operations). + +```bash +ssh git@<hostname> 2fa_verify +OTP: 347419 + +OTP validation failed. +``` + +### LFS authentication + +Allows users to generate credentials for LFS authentication. + +```bash +ssh git@<hostname> git-lfs-authenticate <project-path> <upload/download> + +{"header":{"Authorization":"Basic ..."},"href":"https://gitlab.com/user/project.git/info/lfs","expires_in":7200} +``` + +### Personal access token + +Allows users to personal access tokens via SSH + +```bash +ssh git@<hostname> personal_access_token <name> <scope1[,scope2,...]> [ttl_days] + +Token: glpat-... +Scopes: api +Expires: 2022-02-05 +``` |