Clean up yaml code block formatting

Fix spacing, indentation, comments, etc

doc/administration/redis/replication_and_failover_external.md

@@ -228,13 +228,13 @@ which ideally should not have Redis or Sentinels in the same machine:
      sentinels:
        -
          host: 10.0.0.1
-         port: 26379 # point to sentinel, not to redis port
+         port: 26379  # point to sentinel, not to redis port
        -
          host: 10.0.0.2
-         port: 26379 # point to sentinel, not to redis port
+         port: 26379  # point to sentinel, not to redis port
        -
          host: 10.0.0.3
-         port: 26379 # point to sentinel, not to redis port
+         port: 26379  # point to sentinel, not to redis port
    ```
 1. [Restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect.
@@ -353,13 +353,13 @@ or a failover promotes a different **Primary** node.
      sentinels:
        -
          host: 10.0.0.1
-         port: 26379 # point to sentinel, not to redis port
+         port: 26379  # point to sentinel, not to redis port
        -
          host: 10.0.0.2
-         port: 26379 # point to sentinel, not to redis port
+         port: 26379  # point to sentinel, not to redis port
        -
          host: 10.0.0.3
-         port: 26379 # point to sentinel, not to redis port
+         port: 26379  # point to sentinel, not to redis port
    ```
 1. [Restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect.

doc/administration/redis/troubleshooting.md

@@ -146,13 +146,13 @@ production:
   sentinels:
     -
       host: 10.0.0.1
-      port: 26379 # point to sentinel, not to redis port
+      port: 26379  # point to sentinel, not to redis port
     -
       host: 10.0.0.2
-      port: 26379 # point to sentinel, not to redis port
+      port: 26379  # point to sentinel, not to redis port
     -
       host: 10.0.0.3
-      port: 26379 # point to sentinel, not to redis port
+      port: 26379  # point to sentinel, not to redis port
 ```
 When in doubt, read the [Redis Sentinel documentation](https://redis.io/topics/sentinel).

doc/integration/cas.md

@@ -45,10 +45,10 @@ To enable the CAS OmniAuth provider you must register your application with your
    - { name: 'cas3',
        label: 'cas',
        args: {
-               url: 'CAS_SERVER',
-               login_url: '/CAS_PATH/login',
-               service_validate_url: '/CAS_PATH/p3/serviceValidate',
-               logout_url: '/CAS_PATH/logout'} }
+         url: 'CAS_SERVER',
+         login_url: '/CAS_PATH/login',
+         service_validate_url: '/CAS_PATH/p3/serviceValidate',
+         logout_url: '/CAS_PATH/logout' } }
    ```
 1. Change 'CAS_PATH' to the root of your CAS instance (ie. `cas`).

doc/integration/facebook.md

@@ -83,7 +83,7 @@ To enable the Facebook OmniAuth provider you must register your application with
    ```yaml
    - { name: 'facebook', app_id: 'YOUR_APP_ID',
-     app_secret: 'YOUR_APP_SECRET' }
+       app_secret: 'YOUR_APP_SECRET' }
    ```
 1. Change 'YOUR_APP_ID' to the API key from Facebook page in step 10.

doc/integration/github.md

@@ -71,17 +71,18 @@ Follow these steps to incorporate the GitHub OAuth 2 app in your GitLab server:
    ```yaml
    - { name: 'github', app_id: 'YOUR_APP_ID',
-     app_secret: 'YOUR_APP_SECRET',
-     args: { scope: 'user:email' } }
+       app_secret: 'YOUR_APP_SECRET',
+       args: { scope: 'user:email' } }
    ```
    For GitHub Enterprise:
    ```yaml
-   - { name: 'github', app_id: 'YOUR_APP_ID',
-     app_secret: 'YOUR_APP_SECRET',
-     url: "https://github.example.com/",
-     args: { scope: 'user:email' } }
+   - { name: 'github',
+       app_id: 'YOUR_APP_ID',
+       app_secret: 'YOUR_APP_SECRET',
+       url: "https://github.example.com/",
+       args: { scope: 'user:email' } }
    ```
    **Replace `https://github.example.com/` with your GitHub URL.**
@@ -125,11 +126,12 @@ omnibus_gitconfig['system'] = { "http" => ["sslVerify = false"] }
 For installation from source:
 ```yaml
-- { name: 'github', app_id: 'YOUR_APP_ID',
-  app_secret: 'YOUR_APP_SECRET',
-  url: "https://github.example.com/",
-  verify_ssl: false,
-  args: { scope: 'user:email' } }
+- { name: 'github',
+    app_id: 'YOUR_APP_ID',
+    app_secret: 'YOUR_APP_SECRET',
+    url: "https://github.example.com/",
+    verify_ssl: false,
+    args: { scope: 'user:email' } }
 ```
 You will also need to disable Git SSL verification on the server hosting GitLab.

doc/integration/gitlab.md

@@ -63,9 +63,10 @@ GitLab.com will generate an application ID and secret key for you to use.
    For installations from source:
    ```yaml
-   - { name: 'gitlab', app_id: 'YOUR_APP_ID',
-     app_secret: 'YOUR_APP_SECRET',
-     args: { scope: 'api' } }
+   - { name: 'gitlab',
+       app_id: 'YOUR_APP_ID',
+       app_secret: 'YOUR_APP_SECRET',
+       args: { scope: 'api' } }
    ```
 1. Change 'YOUR_APP_ID' to the Application ID from the GitLab.com application page.

doc/integration/google.md

@@ -84,9 +84,10 @@ On your GitLab server:
    For installations from source:
    ```yaml
-   - { name: 'google_oauth2', app_id: 'YOUR_APP_ID',
-     app_secret: 'YOUR_APP_SECRET',
-     args: { access_type: 'offline', approval_prompt: '' } }
+   - { name: 'google_oauth2',
+       app_id: 'YOUR_APP_ID',
+       app_secret: 'YOUR_APP_SECRET',
+       args: { access_type: 'offline', approval_prompt: '' } }
    ```
 1. Change `YOUR_APP_ID` to the client ID from the Google Developer page

doc/integration/kerberos.md

@@ -207,9 +207,10 @@ remove the OmniAuth provider named `kerberos` from your `gitlab.yml` /
    ```yaml
    omniauth:
+     # Rest of configuration omitted
      # ...
      providers:
-       - { name: 'kerberos' } # <-- remove this line
+       - { name: 'kerberos' }  # <-- remove this line
    ```
 1. [Restart GitLab](../administration/restart_gitlab.md#installations-from-source) for the changes to take effect.

doc/integration/omniauth.md

@@ -104,21 +104,21 @@ To change these settings:
   ```yaml
   ## OmniAuth settings
-   omniauth:
-     # Allow login via Twitter, Google, etc. using OmniAuth providers
-     # Versions prior to 11.4 require this to be set to true
-     # enabled: true
-     # CAUTION!
-     # This allows users to login without having a user account first. Define the allowed providers
-     # using an array, e.g. ["saml", "twitter"], or as true/false to allow all providers or none.
-     # User accounts will be created automatically when authentication was successful.
-     allow_single_sign_on: ["saml", "twitter"]
-     auto_link_ldap_user: true
-     # Locks down those users until they have been cleared by the admin (default: true).
-     block_auto_created_users: true
+  omniauth:
+    # Allow login via Twitter, Google, etc. using OmniAuth providers
+    # Versions prior to 11.4 require this to be set to true
+    # enabled: true
+    # CAUTION!
+    # This allows users to login without having a user account first. Define the allowed providers
+    # using an array, e.g. ["saml", "twitter"], or as true/false to allow all providers or none.
+    # User accounts will be created automatically when authentication was successful.
+    allow_single_sign_on: ["saml", "twitter"]
+    auto_link_ldap_user: true
+    # Locks down those users until they have been cleared by the admin (default: true).
+    block_auto_created_users: true
   ```
 Now we can choose one or more of the [Supported Providers](#supported-providers)
@@ -142,7 +142,7 @@ The chosen OmniAuth provider is now active and can be used to sign in to GitLab
 ## Automatically Link Existing Users to OmniAuth Users
-> [Introduced in GitLab 13.4.](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36664)
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36664) in GitLab 13.4.
 You can automatically link OmniAuth users with existing GitLab users if their email addresses match.
 For example, the following setting is used to enable the auto link feature for both a SAML provider and the Twitter OAuth provider:

doc/integration/salesforce.md

@@ -64,7 +64,7 @@ To get the credentials (a pair of Client ID and Client Secret), you must [create
    - { name: 'salesforce',
        app_id: 'SALESFORCE_CLIENT_ID',
        app_secret: 'SALESFORCE_CLIENT_SECRET'
-     }
+   }
    ```
 1. Change `SALESFORCE_CLIENT_ID` to the Consumer Key from the Salesforce connected application page.

doc/integration/saml.md

@@ -113,16 +113,16 @@ in your SAML IdP:
    omniauth:
      providers:
        - {
-           name: 'saml',
-           args: {
-                  assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback',
-                  idp_cert_fingerprint: '43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8',
-                  idp_sso_target_url: 'https://login.example.com/idp',
-                  issuer: 'https://gitlab.example.com',
-                  name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
-                },
-           label: 'Company Login' # optional label for SAML login button, defaults to "Saml"
-         }
+         name: 'saml',
+         args: {
+           assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback',
+           idp_cert_fingerprint: '43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8',
+           idp_sso_target_url: 'https://login.example.com/idp',
+           issuer: 'https://gitlab.example.com',
+           name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
+         },
+         label: 'Company Login'  # optional label for SAML login button, defaults to "Saml"
+       }
    ```
 1. Change the value for `assertion_consumer_service_url` to match the HTTPS endpoint
@@ -210,7 +210,7 @@ Example:
           idp_sso_target_url: 'https://login.example.com/idp',
           issuer: 'https://gitlab.example.com',
           name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
-        } }
+  } }
 ```
 ### External Groups **(STARTER ONLY)**
@@ -228,7 +228,7 @@ SAML login supports automatic identification on whether a user should be conside
           idp_sso_target_url: 'https://login.example.com/idp',
           issuer: 'https://gitlab.example.com',
           name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
-        } }
+  } }
 ```
 ### Admin Groups **(STARTER ONLY)**
@@ -248,7 +248,7 @@ considered admin users.
           idp_sso_target_url: 'https://login.example.com/idp',
           issuer: 'https://gitlab.example.com',
           name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
-        } }
+  } }
 ```
 ### Auditor Groups **(STARTER ONLY)**
@@ -270,7 +270,7 @@ considered auditor users.
           idp_sso_target_url: 'https://login.example.com/idp',
           issuer: 'https://gitlab.example.com',
           name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
-        } }
+  } }
 ```
 ## Bypass two factor authentication
@@ -328,22 +328,22 @@ In addition to the changes in GitLab, make sure that your IdP is returning the
    omniauth:
      providers:
        - {
-           name: 'saml',
-           args: {
-                   assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback',
-                   idp_cert_fingerprint: '43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8',
-                   idp_sso_target_url: 'https://login.example.com/idp',
-                   issuer: 'https://gitlab.example.com',
-                   name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
-                   upstream_two_factor_authn_contexts:
-                     [
-                       'urn:oasis:names:tc:SAML:2.0:ac:classes:CertificateProtectedTransport',
-                       'urn:oasis:names:tc:SAML:2.0:ac:classes:SecondFactorOTPSMS',
-                       'urn:oasis:names:tc:SAML:2.0:ac:classes:SecondFactorIGTOKEN'
-                     ]
-                 },
-           label: 'Company Login' # optional label for SAML login button, defaults to "Saml"
-         }
+         name: 'saml',
+         args: {
+           assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback',
+           idp_cert_fingerprint: '43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8',
+           idp_sso_target_url: 'https://login.example.com/idp',
+           issuer: 'https://gitlab.example.com',
+           name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
+           upstream_two_factor_authn_contexts:
+             [
+               'urn:oasis:names:tc:SAML:2.0:ac:classes:CertificateProtectedTransport',
+               'urn:oasis:names:tc:SAML:2.0:ac:classes:SecondFactorOTPSMS',
+               'urn:oasis:names:tc:SAML:2.0:ac:classes:SecondFactorIGTOKEN'
+             ]
+         },
+         label: 'Company Login'  # optional label for SAML login button, defaults to "Saml"
+       }
    ```
 1. Save the file and [restart GitLab](../administration/restart_gitlab.md#installations-from-source) for the changes to take effect
@@ -436,7 +436,7 @@ args: {
         issuer: 'https://gitlab.example.com',
         name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
         attribute_statements: { email: ['EmailAddress'] },
-        allowed_clock_drift: 1 # for one second clock drift
+        allowed_clock_drift: 1  # for one second clock drift
 }
 ```
@@ -561,10 +561,10 @@ args: {
     <redacted>
     -----END PRIVATE KEY-----',
   security: {
-    authn_requests_signed: true, # enable signature on AuthNRequest
-    want_assertions_signed: true, # enable the requirement of signed assertion
-    embed_sign: true, # embedded signature or HTTP GET parameter signature
-    metadata_signed: false, # enable signature on Metadata
+    authn_requests_signed: true,  # enable signature on AuthNRequest
+    want_assertions_signed: true,  # enable the requirement of signed assertion
+    embed_sign: true,  # embedded signature or HTTP GET parameter signature
+    metadata_signed: false,  # enable signature on Metadata
     signature_method: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
     digest_method: 'http://www.w3.org/2001/04/xmlenc#sha256',
   }
@@ -629,9 +629,9 @@ Group SAML on a self-managed instance is limited when compared to the recommende
     ```yaml
     omniauth:
-        enabled: true
-        providers:
-          - { name: 'group_saml' }
+      enabled: true
+      providers:
+        - { name: 'group_saml' }
     ```
 ## Troubleshooting

doc/integration/twitter.md

@@ -65,7 +65,8 @@ To enable the Twitter OmniAuth provider you must register your application with
    For installations from source:
    ```yaml
-     - { name: 'twitter', app_id: 'YOUR_APP_ID',
+   - { name: 'twitter',
+       app_id: 'YOUR_APP_ID',
        app_secret: 'YOUR_APP_SECRET' }
    ```

doc/operations/metrics/alerts.md

@@ -70,7 +70,8 @@ receivers:
         bearer_token: 9e1cbfcd546896a9ea8be557caf13a76
       send_resolved: true
       url: http://192.168.178.31:3001/root/manual_prometheus/prometheus/alerts/notify.json
-  ...
+      # Rest of configuration omitted
+      # ...
 ```
 For GitLab to associate your alerts with an [environment](../../ci/environments/index.md),

doc/operations/metrics/dashboards/panel_types.md

@@ -17,7 +17,7 @@ dashboard: 'Dashboard Title'
 panel_groups:
   - group: 'Group Title'
     panels:
-      - type: area-chart # or line-chart
+      - type: area-chart  # or line-chart
         title: 'Area Chart Title'
         y_label: 'Y-Axis'
         y_axis:

doc/topics/autodevops/index.md

@@ -317,7 +317,7 @@ metadata:
   name: gitlab-managed-apps-default-proxy
   namespace: gitlab-managed-apps
 spec:
-   env:
+  env:
     - name: http_proxy
       value: "PUT_YOUR_HTTP_PROXY_HERE"
     - name: https_proxy

doc/user/clusters/agent/index.md

@@ -125,27 +125,27 @@ the Agent in subsequent steps. You can create an Agent record either:
 - Through GraphQL: **(PREMIUM ONLY)**
-  ```json
-    mutation createAgent {
-      createClusterAgent(input: { projectPath: "path-to/your-awesome-project", name: "<agent-name>" }) {
-        clusterAgent {
-          id
-          name
-        }
-        errors
+  ```graphql
+  mutation createAgent {
+    createClusterAgent(input: { projectPath: "path-to/your-awesome-project", name: "<agent-name>" }) {
+      clusterAgent {
+        id
+        name
       }
+      errors
     }
-
-    mutation createToken {
-      clusterAgentTokenCreate(input: { clusterAgentId: <cluster-agent-id-taken-from-the-previous-mutation> }) {
-        secret # This is the value you need to use on the next step
-        token {
-          createdAt
-          id
-        }
-        errors
+  }
+
+  mutation createToken {
+    clusterAgentTokenCreate(input: { clusterAgentId: <cluster-agent-id-taken-from-the-previous-mutation> }) {
+      secret # This is the value you need to use on the next step
+      token {
+        createdAt
+        id
       }
+      errors
     }
+  }
   ```
   NOTE: **Note:**
@@ -245,7 +245,7 @@ spec:
         args:
         - --token-file=/config/token
         - --kas-address
-        - grpc://host.docker.internal:5005 # {"$openapi":"kas-address"}
+        - grpc://host.docker.internal:5005  # {"$openapi":"kas-address"}
         volumeMounts:
         - name: token-volume
           mountPath: /config

doc/user/project/clusters/add_remove_clusters.md

@@ -269,7 +269,7 @@ To add a Kubernetes cluster to your project, group, or instance:
          Copy the `<authentication_token>` value from the output:
-         ```yaml
+         ```plaintext
          Name:         gitlab-token-b5zv4
          Namespace:    kube-system
          Labels:       <none>

doc/user/project/clusters/serverless/aws.md

@@ -222,7 +222,8 @@ the environment of the deployed function:
 ```yaml
 provider:
-  ...
+  # Other configuration omitted
+  # ...
   environment:
     A_VARIABLE: ${env:A_VARIABLE}
 ```
@@ -245,10 +246,10 @@ functions:
   hello:
     handler: src/handler.hello
     events:
-      - http: # Rewrite this part to enable CORS
+      - http:  # Rewrite this part to enable CORS
           path: hello
           method: get
-          cors: true # <-- CORS here
+          cors: true  # <-- CORS here
 ```
 You also need to return CORS specific headers in your function response: