GitLab Silent Mode
- Introduced in GitLab 15.11. This feature was an Experiment.
- Enabling and disabling Silent Mode through the web UI was introduced in GitLab 16.4.
- Silent Mode was updated to Generally Available (GA) in GitLab 16.6.
Silent Mode allows you to silence outbound communication, such as emails, from GitLab. Silent Mode is not intended to be used on environments which are in-use. Two use-cases are:
- Validating Geo site promotion. You have a secondary Geo site as part of your disaster recovery solution. You want to regularly test promoting it to become a primary Geo site, as a best practice to ensure your disaster recovery plan actually works. But you don’t want to actually perform an entire failover, since the primary site lives in a region which provides the lowest latency to your users. And you don’t want to take downtime during every regular test. So, you let the primary site remain up, while you promote the secondary site. You start smoke testing the promoted site. But, the promoted site starts emailing users, the push mirrors push changes to external Git repositories, etc. This is where Silent Mode comes in. You can enable it as part of site promotion, to avoid this issue.
- Validating GitLab backups. You set up a testing instance to test that your backups restore successfully. As part of the restore, you enable Silent Mode, for example to avoid sending invalid emails to users.
Enable Silent Mode
Prerequisites:
- You must have administrator access.
There are multiple ways to enable Silent Mode:
-
Web UI
- On the left sidebar, at the bottom, select Admin Area..
- On the left sidebar, select Settings > General.
- Expand Silent Mode, and toggle Enable Silent Mode.
- Changes are saved immediately.
-
API:
curl --request PUT --header "PRIVATE-TOKEN:$ADMIN_TOKEN" "<gitlab-url>/api/v4/application/settings?silent_mode_enabled=true" -
::Gitlab::CurrentSettings.update!(silent_mode_enabled: true)
It may take up to a minute to take effect. Issue 405433 proposes removing this delay.
Disable Silent Mode
Prerequisites:
- You must have administrator access.
There are multiple ways to disable Silent Mode:
-
Web UI
- On the left sidebar, at the bottom, select Admin Area.
- On the left sidebar, select Settings > General.
- Expand Silent Mode, and toggle Enable Silent Mode.
- Changes are saved immediately.
-
API:
curl --request PUT --header "PRIVATE-TOKEN:$ADMIN_TOKEN" "<gitlab-url>/api/v4/application/settings?silent_mode_enabled=false" -
::Gitlab::CurrentSettings.update!(silent_mode_enabled: false)
It may take up to a minute to take effect. Issue 405433 proposes removing this delay.
Behavior of GitLab features in Silent Mode
This section documents the current behavior of GitLab when Silent Mode is enabled. The work for the first iteration of Silent Mode is tracked by Epic 9826.
When Silent Mode is enabled, a banner is displayed at the top of the page for all users stating the setting is enabled and All outbound communications are blocked..
Outbound communications that are silenced
Outbound communications from the following features are silenced by Silent Mode.
| Feature | Notes |
|---|---|
| Project and group webhooks | Triggering webhook tests via the UI results in HTTP status 500 responses. |
| System hooks | |
| Remote mirrors | Pushes to remote mirrors are skipped. Pulls from remote mirrors is skipped. |
| Executable integrations | The integrations are not executed. |
| Service Desk | Incoming emails still raise issues, but the users who sent the emails to Service Desk are not notified of issue creation or comments on their issues. |
| Outbound emails | |
| Outbound HTTP requests | Many HTTP requests are blocked where features are not blocked or skipped explicitly. These may produce errors. If a particular error is problematic for testing during Silent Mode, consult GitLab Support. |
Outbound communications that are not silenced
Outbound communications from the following features are not silenced by Silent Mode.
| Feature | Notes |
|---|---|
| Dependency proxy | Pulling images that are not cached will fetch from the source as usual. Consider pull rate limits. |
| File hooks | |
| Server hooks | |
| Advanced search | If two GitLab instances are using the same Advanced Search instance, then they can both modify Search data. This is a split-brain scenario which can occur for example after promoting a secondary Geo site while the primary Geo site is live. |
| Snowplow | There is a proposal to silence these requests. |
| Deprecated Kubernetes Connections | There is a proposal to silence these requests. |
| Container registry webhooks | There is a proposal to silence these requests. |