Merge branch 'github-import-docs' into 'master'

Update GitHub import instructions

See merge request gitlab-org/gitlab-ce!19373

doc/integration/github.md

@@ -110,7 +110,7 @@ On the sign in page there should now be a GitHub icon below the regular sign in
 Click the icon to begin the authentication process. GitHub will ask the user to sign in and authorize the GitLab application.
 If everything goes well the user will be returned to GitLab and will be signed in.
 
-### GitHub Enterprise with Self-Signed Certificate
+## GitHub Enterprise with self-signed Certificate
 
 If you are attempting to import projects from GitHub Enterprise with a self-signed
 certificate and the imports are failing, you will need to disable SSL verification.

doc/user/project/import/github.md

 # Import your project from GitHub to GitLab
 
-Import your projects from GitHub to GitLab with minimal effort.
+Using the importer, you can import your GitHub repositories to GitLab.com or to
+your self-hosted GitLab instance.
 
 ## Overview
 
->**Note:**
-If you are an administrator you can enable the [GitHub integration][gh-import]
-in your GitLab instance sitewide. This configuration is optional, users will
-still be able to import their GitHub repositories with a
-[personal access token][gh-token].
-
->**Note:**
-Administrators of a GitLab instance (Community or Enterprise Edition) can also
-use the [GitHub rake task][gh-rake] to import projects from GitHub without the
-constrains of a Sidekiq worker.
-
-- At its current state, GitHub importer can import:
-  - the repository description (GitLab 7.7+)
-  - the Git repository data (GitLab 7.7+)
-  - the issues (GitLab 7.7+)
-  - the pull requests (GitLab 8.4+)
-  - the wiki pages (GitLab 8.4+)
-  - the milestones (GitLab 8.7+)
-  - the labels (GitLab 8.7+)
-  - the release note descriptions (GitLab 8.12+)
-  - the pull request review comments (GitLab 10.2+)
-  - the regular issue and pull request comments
-- References to pull requests and issues are preserved (GitLab 8.7+)
-- Repository public access is retained. If a repository is private in GitHub
-  it will be created as private in GitLab as well.
+NOTE: **Note:**
+While these instructions will always work for users on GitLab.com, if you are an
+administrator of a self-hosted GitLab instance, you will need to enable the
+[GitHub integration][gh-import] in order for users to follow the preferred
+import method described on this page. If this is not enabled, users can alternatively import their
+GitHub repositories using a [personal access token](#using-a-github-token) from GitHub,
+but this method will not be able to associate all user activity (such as issues and pull requests)
+with matching GitLab users. As an administrator of a self-hosted GitLab instance, you can also use
+the [GitHub rake task](../../../administration/raketasks/github_import.md) to import projects from
+GitHub without the constraints of a Sidekiq worker.
+
+The following aspects of a project are imported:
+  * Repository description (GitLab.com & 7.7+)
+  * Git repository data (GitLab.com & 7.7+)
+  * Issues (GitLab.com & 7.7+)
+  * Pull requests (GitLab.com & 8.4+)
+  * Wiki pages (GitLab.com & 8.4+)
+  * Milestones (GitLab.com & 8.7+)
+  * Labels (GitLab.com & 8.7+)
+  * Release note descriptions (GitLab.com & 8.12+)
+  * Pull request review comments (GitLab.com & 10.2+)
+  * Regular issue and pull request comments
+
+References to pull requests and issues are preserved (GitLab.com & 8.7+), and
+each imported repository defaults to `private` but [can be made public](../settings/index.md#sharing-and-permissions), as needed.
 
 ## How it works
 
-When issues/pull requests are being imported, the GitHub importer tries to find
-the GitHub author/assignee in GitLab's database using the GitHub ID. For this
-to work, the GitHub author/assignee should have signed in beforehand in GitLab
-and **associated their GitHub account**. If the user is not
-found in GitLab's database, the project creator (most of the times the current
-user that started the import process) is set as the author, but a reference on
-the issue about the original GitHub author is kept.
+When issues and pull requests are being imported, the importer attempts to find their GitHub authors and
+assignees in the database of the GitLab instance (note that pull requests are called "merge requests" in GitLab).
 
-The importer will create any new namespaces (groups) if they don't exist or in
-the case the namespace is taken, the repository will be imported under the user's
-namespace that started the import process.
+For this association to succeed, prior to the import, each GitHub author and assignee in the repository must
+have either previously logged in to a GitLab account using the GitHub icon **or** have a GitHub account with
+a [public email address](https://help.github.com/articles/setting-your-commit-email-address-on-github/) that
+matches their GitLab account's email address.
 
-The importer will also import branches on forks of projects related to open pull
-requests. These branches will be imported with a naming scheme similar to
-GH-SHA-Username/Pull-Request-number/fork-name/branch. This may lead to a discrepancy
-in branches compared to the GitHub Repository.
+If a user referenced in the project is not found in GitLab's database, the project creator (typically the user
+that initiated the import process) is set as the author/assignee, but a note on the issue mentioning the original
+GitHub author is added.
 
-For a more technical description and an overview of the architecture you can
-refer to [Working with the GitHub importer][gh-import-dev-docs].
+The importer creates any new namespaces (groups) if they do not exist, or, if the namespace is taken, the
+repository is imported under the namespace of the user who initiated the import process. The namespace/repository
+name can also be edited, with the proper permissions.
 
-## Importing your GitHub repositories
+The importer will also import branches on forks of projects related to open pull requests. These branches will be
+imported with a naming scheme similar to `GH-SHA-username/pull-request-number/fork-name/branch`. This may lead to
+a discrepancy in branches compared to those of the GitHub repository.
 
-The importer page is visible when you create a new project.
+For additional technical details, you can refer to the
+[GitHub Importer](../../../development/github_importer.md "Working with the GitHub importer")
+developer documentation.
 
-![New project page on GitLab](img/import_projects_from_new_project_page.png)
+## Import your GitHub repository into GitLab
 
-Click on the **GitHub** link and the import authorization process will start.
-There are two ways to authorize access to your GitHub repositories:
+### Using the GitHub integration
 
-1. [Using the GitHub integration][gh-integration] (if it's enabled by your
-   GitLab administrator). This is the preferred way as it's possible to
-   preserve the GitHub authors/assignees. Read more in the [How it works](#how-it-works)
-   section.
-1. [Using a personal access token][gh-token] provided by GitHub.
+Before you begin, ensure that any GitHub users who you want to map to GitLab users have either:
 
-![Select authentication method](img/import_projects_from_github_select_auth_method.png)
+1. A GitLab account that has logged in using the GitHub icon
+\- or -
+2. A GitLab account with an email address that matches the [public email address](https://help.github.com/articles/setting-your-commit-email-address-on-github/) of the GitHub user
 
-### Authorize access to your repositories using the GitHub integration
+User-matching attempts occur in that order, and if a user is not identified either way, the activity is associated with
+the user account that is performing the import.
 
-If the [GitHub integration][gh-import] is enabled by your GitLab administrator,
-you can use it instead of the personal access token.
+NOTE: **Note:**
+If you are using a self-hosted GitLab instance, this process requires that you have configured the
+[GitHub integration][gh-import].
 
-1. First you may want to connect your GitHub account to GitLab in order for
-   the username mapping to be correct.
-1. Once you connect GitHub, click the **List your GitHub repositories** button
-   and you will be redirected to GitHub for permission to access your projects.
-1. After accepting, you'll be automatically redirected to the importer.
+1. From the top navigation bar, click **+** and select **New project**.
+2. Select the **Import project** tab and then select **GitHub**.
+3. Select the first button to **List your GitHub repositories**. You are redirected to a page on github.com to authorize the GitLab application.
+4. Click **Authorize gitlabhq**. You are redirected back to GitLab's Import page and all of your GitHub repositories are listed.
+5. Continue on to [selecting which repositories to import](#selecting-which-repositories-to-import).
 
-You can now go on and [select which repositories to import](#select-which-repositories-to-import).
+### Using a GitHub token
 
-### Authorize access to your repositories using a personal access token
+NOTE: **Note:**
+For a proper author/assignee mapping for issues and pull requests, the [GitHub integration method (above)](#using-the-github-integration)
+should be used instead of the personal access token. If you are using GitLab.com or a self-hosted GitLab instance with the GitHub
+integration enabled, that should be the preferred method to import your repositories. Read more in the [How it works](#how-it-works) section.
 
->**Note:**
-For a proper author/assignee mapping for issues and pull requests, the
-[GitHub integration][gh-integration] should be used instead of the
-[personal access token][gh-token]. If the GitHub integration is enabled by your
-GitLab administrator, it should be the preferred method to import your repositories.
-Read more in the [How it works](#how-it-works) section.
+If you are not using the GitHub integration, you can still perform an authorization with GitHub to grant GitLab access your repositories:
 
-If you are not using the GitHub integration, you can still perform a one-off
-authorization with GitHub to grant GitLab access your repositories:
+1. Go to https://github.com/settings/tokens/new
+2. Enter a token description.
+3. Select the repo scope.
+4. Click **Generate token**.
+5. Copy the token hash.
+6. Go back to GitLab and provide the token to the GitHub importer.
+7. Hit the **List Your GitHub Repositories** button and wait while GitLab reads your repositories' information.
+   Once done, you'll be taken to the importer page to select the repositories to import.
 
-1. Go to <https://github.com/settings/tokens/new>.
-1. Enter a token description.
-1. Check the `repo` scope.
-1. Click **Generate token**.
-1. Copy the token hash.
-1. Go back to GitLab and provide the token to the GitHub importer.
-1. Hit the **List Your GitHub Repositories** button and wait while GitLab reads
-   your repositories' information. Once done, you'll be taken to the importer
-   page to select the repositories to import.
+### Selecting which repositories to import
 
-### Select which repositories to import
+After you have authorized access to your GitHub repositories, you are redirected to the GitHub importer page and
+your GitHub repositories are listed.
 
-After you've authorized access to your GitHub repositories, you will be
-redirected to the GitHub importer page.
+1. By default, the proposed repository namespaces match the names as they exist in GitHub, but based on your permissions,
+   you can choose to edit these names before you proceed to import any of them.
+2. Select the **Import** button next to any number of repositories, or select **Import all repositories**.
+3. The **Status** column shows the import status of each repository. You can choose to leave the page open and it will
+   update in realtime or you can return to it later.
+4. Once a repository has been imported, click its GitLab path to open its GitLab URL.
 
-From there, you can see the import statuses of your GitHub repositories.
+## Mirroring and pipeline status sharing
 
-- Those that are being imported will show a _started_ status,
-- those already successfully imported will be green with a _done_ status,
-- whereas those that are not yet imported will have an **Import** button on the
-  right side of the table.
+Depending your GitLab tier, [project mirroring](../../../workflow/repository_mirroring.md) can be set up to keep
+your imported project in sync with its GitHub copy.
 
-If you want, you can import all your GitHub projects in one go by hitting
-**Import all projects** in the upper left corner.
+Additionally, you can configure GitLab to send pipeline status updates back GitHub with the
+[GitHub Project Integration](https://docs.gitlab.com/ee/user/project/integrations/github.html). **[PREMIUM]**
 
-![GitHub importer page](img/import_projects_from_github_importer.png)
+If you import your project using [CI/CD for external repo](https://docs.gitlab.com/ee/ci/ci_cd_for_external_repos/), then both
+of the above are automatically configured. **[PREMIUM]**
 
----
+## Improving the speed of imports on self-hosted instances
 
-You can also choose a different name for the project and a different namespace,
-if you have the privileges to do so.
+NOTE: **Note:**
+Admin access to the GitLab server is required.
 
-## Making the import process go faster
-
-For large projects it may take a while to import all data. To reduce the time
-necessary you can increase the number of Sidekiq workers that process the
-following queues:
+For large projects it may take a while to import all data. To reduce the time necessary, you can increase the number of
+Sidekiq workers that process the following queues:
 
 * `github_importer`
 * `github_importer_advance_stage`
 
-For an optimal experience we recommend having at least 4 Sidekiq processes (each
-running a number of threads equal to the number of CPU cores) that _only_
-process these queues. We also recommend that these processes run on separate
-servers. For 4 servers with 8 cores this means you can import up to 32 objects
-(e.g. issues) in parallel.
+For an optimal experience, it's recommended having at least 4 Sidekiq processes (each running a number of threads equal
+to the number of CPU cores) that *only* process these queues. It's also recommended that these processes run on separate
+servers. For 4 servers with 8 cores this means you can import up to 32 objects (e.g., issues) in parallel.
 
-Reducing the time spent in cloning a repository can be done by increasing
-network throughput, CPU capacity, and disk performance (e.g.  by using high
-performance SSDs) of the disks that store the Git repositories (for your GitLab
-instance). Increasing the number of Sidekiq workers will _not_ reduce the time
-spent cloning repositories.
+Reducing the time spent in cloning a repository can be done by increasing network throughput, CPU capacity, and disk
+performance (e.g., by using high performance SSDs) of the disks that store the Git repositories (for your GitLab instance).
+Increasing the number of Sidekiq workers will *not* reduce the time spent cloning repositories.
 
 [gh-import]: ../../../integration/github.md "GitHub integration"
-[gh-rake]: ../../../administration/raketasks/github_import.md "GitHub rake task"
-[gh-integration]: #authorize-access-to-your-repositories-using-the-github-integration
-[gh-token]: #authorize-access-to-your-repositories-using-a-personal-access-token
-[gh-import-dev-docs]: ../../../development/github_importer.md "Working with the GitHub importer"

doc/workflow/repository_mirroring.md

 # Repository mirroring
 
-Repository Mirroring is a way to mirror repositories from external sources.
+Repository mirroring is a way to mirror repositories from external sources.
 It can be used to mirror all branches, tags, and commits that you have
 in your repository.
 
@@ -34,13 +34,200 @@ A few things/limitations to consider:
 - The Git LFS objects will not be synced. You'll need to push/pull them
   manually.
 
-## Use-case
+## Use cases
 
+- You migrated to GitLab but still need to keep your project in another source.
+  In that case, you can simply set it up to mirror to GitLab (pull) and all the
+  essential history of commits, tags and branches will be available in your
+  GitLab instance.
 - You have old projects in another source that you don't use actively anymore,
   but don't want to remove for archiving purposes. In that case, you can create
   a push mirror so that your active GitLab repository can push its changes to the
   old location.
 
+## Pulling from a remote repository **[STARTER]**
+
+>[Introduced][ee-51] in GitLab Enterprise Edition 8.2.
+
+You can set up a repository to automatically have its branches, tags, and commits
+updated from an upstream repository. This is useful when a repository you're
+interested in is located on a different server, and you want to be able to
+browse its content and its activity using the familiar GitLab interface.
+
+When creating a new project, you can enable repository mirroring when you choose
+to import the repository from "Any repo by URL". Enter the full URL of the Git
+repository to pull from and click on the **Mirror repository** checkbox.
+
+![New project](repository_mirroring/repository_mirroring_new_project.png)
+
+For an existing project, you can set up mirror pulling by visiting your project's
+**Settings ➔ Repository** and searching for the "Pull from a remote repository"
+section. Check the "Mirror repository" box and hit **Save changes** at the bottom.
+You have a few options to choose from one being the user who will be the author
+of all events in the activity feed that are the result of an update. This user
+needs to have at least [master access][perms] to the project. Another option is
+whether you want to trigger builds for mirror updates.
+
+![Pull settings](repository_mirroring/repository_mirroring_pull_settings.png)
+
+Since the repository on GitLab functions as a mirror of the upstream repository,
+you are advised not to push commits directly to the repository on GitLab.
+Instead, any commits should be pushed to the upstream repository, and will end
+up in the GitLab repository automatically within a certain period of time
+or when a [forced update](#forcing-an-update) is initiated.
+
+If you do manually update a branch in the GitLab repository, the branch will
+become diverged from upstream, and GitLab will no longer automatically update
+this branch to prevent any changes from being lost.
+
+![Diverged branch](repository_mirroring/repository_mirroring_diverged_branch.png)
+
+### Trigger update using API **[STARTER]**
+
+>[Introduced][ee-3453] in GitLab Enterprise Edition 10.3.
+
+Pull mirroring uses polling to detect new branches and commits added upstream,
+often many minutes afterwards. If you notify GitLab by [API][pull-api], updates
+will be pulled immediately.
+
+Read the [Pull Mirror Trigger API docs][pull-api].
+
+### Pull only protected branches **[STARTER]**
+
+>[Introduced][ee-3326] in GitLab Enterprise Edition 10.3.
+
+You can choose to only pull the protected branches from your remote repository to GitLab.
+
+To use this option go to your project's repository settings page under pull mirror.
+
+### Overwrite diverged branches **[STARTER]**
+
+>[Introduced][ee-4559] in GitLab Enterprise Edition 10.6.
+
+You can choose to always update your local branch with the remote version even
+if your local version has diverged from the remote.
+
+To use this option go to your project's repository settings page under pull mirror.
+
+### Hard failure **[STARTER]**
+
+>[Introduced][ee-3117] in GitLab Enterprise Edition 10.2.
+
+Once a mirror gets retried 14 times in a row, it will get marked as hard failed,
+this will become visible in either the project main dashboard or in the
+pull mirror settings page.
+
+![Hard failed mirror main notice](repository_mirroring/repository_mirroring_hard_failed_main.png)
+
+![Hard failed mirror settings notice](repository_mirroring/repository_mirroring_hard_failed_settings.png)
+
+When a project is hard failed, it will no longer get picked up for mirroring.
+A user can resume the project mirroring again by either [forcing an update](#forcing-an-update)
+or by changing the import URL in repository settings.
+
+### SSH authentication **[STARTER]**
+
+> [Introduced][ee-2551] in GitLab Starter 9.5
+
+If you're mirroring over SSH (i.e., an `ssh://` URL), you can authenticate using
+password-based authentication, just as over HTTPS, but you can also use public
+key authentication. This is often more secure than password authentication,
+especially when the source repository supports [Deploy Keys][deploy-key].
+
+To get started, navigate to **Settings ➔ Repository ➔ Pull from a remote repository**,
+enable mirroring (if not already enabled) and enter an `ssh://` URL.
+
+> **NOTE**: SCP-style URLs, e.g., `git@example.com:group/project.git`, are not
+supported at this time.
+
+Entering the URL adds two features to the page - `Fingerprints` and
+`SSH public key authentication`:
+
+![Pull settings for SSH](repository_mirroring/repository_mirroring_pull_settings_for_ssh.png)
+
+SSH authentication is mutual. You have to prove to the server that you're
+allowed to access the repository, but the server also has to prove to *you* that
+it's who it claims to be. You provide your credentials as a password or public
+key. The server that the source repository resides on provides its credentials
+as a "host key", the fingerprint of which needs to be verified manually.
+
+Press the `Detect host keys` button. GitLab will fetch the host keys from the
+server, and display the fingerprints to you:
+
+![Detect SSH host keys](repository_mirroring/repository_mirroring_detect_host_keys.png)
+
+You now need to verify that the fingerprints are those you expect. GitLab.com
+and other code hosting sites publish their fingerprints in the open for you
+to check:
+
+* [AWS CodeCommit](http://docs.aws.amazon.com/codecommit/latest/userguide/regions.html#regions-fingerprints)
+* [Bitbucket](https://confluence.atlassian.com/bitbucket/use-the-ssh-protocol-with-bitbucket-cloud-221449711.html#UsetheSSHprotocolwithBitbucketCloud-KnownhostorBitbucket%27spublickeyfingerprints)
+* [GitHub](https://help.github.com/articles/github-s-ssh-key-fingerprints/)
+* [GitLab.com](https://about.gitlab.com/gitlab-com/settings/#ssh-host-keys-fingerprints)
+* [Launchpad](https://help.launchpad.net/SSHFingerprints)
+* [Savannah](http://savannah.gnu.org/maintenance/SshAccess/)
+* [SourceForge](https://sourceforge.net/p/forge/documentation/SSH%20Key%20Fingerprints/)
+
+Other providers will vary. If you're running on-premises GitLab, or otherwise
+have access to the source server, you can securely gather the key fingerprints:
+
+```
+$ cat /etc/ssh/ssh_host*pub | ssh-keygen -E md5 -l -f -
+256 MD5:f4:28:9f:23:99:15:21:1b:bf:ed:1f:8e:a0:76:b2:9d root@example.com (ECDSA)
+256 MD5:e6:eb:45:8a:3c:59:35:5f:e9:5b:80:12:be:7e:22:73 root@example.com (ED25519)
+2048 MD5:3f:72:be:3d:62:03:5c:62:83:e8:6e:14:34:3a:85:1d root@example.com (RSA)
+```
+
+(You may need to exclude `-E md5` for some older versions of SSH).
+
+If you're an SSH expert and already have a `known_hosts` file you'd like to use
+unaltered, then you can skip these steps. Just press the "Show advanced" button
+and paste in the file contents:
+
+![Advanced SSH host key management](repository_mirroring/repository_mirroring_pull_advanced_host_keys.png)
+
+Once you've **carefully verified** that all the fingerprints match your trusted
+source, you can press `Save changes`. This will record the host keys, along with
+the person who verified them (you!) and the date:
+
+![SSH host keys submitted](repository_mirroring/repository_mirroring_ssh_host_keys_verified.png)
+
+When pulling changes from the source repository, GitLab will now check that at
+least one of the stored host keys matches before connecting. This can prevent
+malicious code from being injected into your mirror, or your password being
+stolen!
+
+To use SSH public key authentication, you'll also need to choose that option
+from the authentication methods dropdown. GitLab will generate a 4096-bit RSA
+key and display the public component of that key to you:
+
+![SSH public key authentication](repository_mirroring/repository_mirroring_ssh_public_key_authentication.png)
+
+You then need to add the public SSH key to the source repository configuration.
+If the source is hosted on GitLab, you should add it as a [Deploy Key][deploy-key].
+Other sources may require you to add the key to your user's `authorized_keys`
+file - just paste the entire `ssh-rsa AAA.... user@host` block into the file on
+its own line and save it.
+
+Once the public key is set up on the source repository, press `Save changes` and your
+mirror will begin working.
+
+If you need to change the key at any time, you can press the `Regenerate key`
+button to do so. You'll have to update the source repository with the new key
+to keep the mirror running.
+
+### How it works
+
+Once you activate the pull mirroring feature, the mirror will be inserted into
+a queue. A scheduler will start every minute and schedule a fixed amount of
+mirrors for update, based on the configured maximum capacity.
+
+If the mirror successfully updates it will be enqueued once again with a small
+backoff period.
+
+If the mirror fails (eg: branch diverged from upstream), the project's backoff
+period will be penalized each time it fails up to a maximum amount of time.
+
 ## Pushing to a remote repository **[STARTER]**
 
 >[Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/249) in
@@ -83,7 +270,7 @@ To use this option go to your project's repository settings page under push mirr
 To set up a mirror from GitLab to GitHub, you need to follow these steps:
 
 1. Create a [GitHub personal access token](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/) with the "public_repo" box checked:
-    
+
     ![edit personal access token GitHub](repository_mirroring/repository_mirroring_github_edit_personal_access_token.png)
 
 1. Fill in the "Git repository URL" with the personal access token replacing the password `https://GitHubUsername:GitHubPersonalAccessToken@github.com/group/project.git`:
@@ -94,7 +281,7 @@ To set up a mirror from GitLab to GitHub, you need to follow these steps:
 1. And either wait or trigger the "Update Now" button:
 
     ![update now](repository_mirroring/repository_mirroring_gitlab_push_to_a_remote_repository_update_now.png)
-    
+
 ## Forcing an update
 
 While mirrors are scheduled to update automatically, you can always force an update
@@ -105,7 +292,60 @@ by using the **Update now** button which is exposed in various places:
 - in the tags page
 - in the **Mirror repository** settings page
 
+## Bidirectional mirroring
+
+CAUTION: **Warning:**
+There is no bidirectional support without conflicts. If you
+configure a repository to pull and push to a second remote, there is no
+guarantee that it will update correctly on both remotes. If you configure
+a repository for bidirectional mirroring, you should consider when conflicts
+occur who and how they will be resolved.
+
+Rewriting any mirrored commit on either remote will cause conflicts and
+mirroring to fail. This can be prevented by [only pulling protected branches](
+#pull-only-protected-branches) and [only pushing protected branches](
+#push-only-protected-branches). You should protect the branches you wish to
+mirror on both remotes to prevent conflicts caused by rewriting history.
+
+Bidirectional mirroring also creates a race condition where commits to the same
+branch in close proximity will cause conflicts. The race condition can be
+mitigated by reducing the mirroring delay by using a Push event webhook to
+trigger an immediate pull to GitLab. Push mirroring from GitLab is rate limited
+to once per minute when only push mirroring protected branches.
+
+It may be possible to implement a locking mechanism using the server-side
+`pre-receive` hook to prevent the race condition. Read about [configuring
+custom Git hooks][hooks] on the GitLab server.
+
+### Mirroring with Perforce via GitFusion
+
+CAUTION: **Warning:**
+Bidirectional mirroring should not be used as a permanent
+configuration. There is no bidirectional mirroring without conflicts.
+Refer to [Migrating from Perforce Helix][perforce] for alternative migration
+approaches.
+
+GitFusion provides a Git interface to Perforce which can be used by GitLab to
+bidirectionally mirror projects with GitLab. This may be useful in some
+situations when migrating from Perforce to GitLab where overlapping Perforce
+workspaces cannot be migrated simultaneously to GitLab.
+
+If using mirroring with Perforce you should only mirror protected branches.
+Perforce will reject any pushes that rewrite history. It is recommended that
+only the fewest number of branches are mirrored due to the performance
+limitations of GitFusion.
+
+[ee-51]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/51
+[ee-2551]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2551
+[ee-3117]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3117
+[ee-3326]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3326
 [ee-3350]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3350
+[ee-3453]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3453
+[ee-4559]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/4559
 [ce-18715]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18715
 [perms]: ../user/permissions.md
-
+[hooks]: ../administration/custom_hooks.md
+[deploy-key]: ../ssh/README.md#deploy-keys
+[webhook]: ../user/project/integrations/webhooks.md#push-events
+[pull-api]: ../api/projects.md#start-the-pull-mirroring-process-for-a-project
+[perforce]: ../user/project/import/perforce.md