From 64a1b78ca7229d4a2805e21cb63bf5c68bd9d81f Mon Sep 17 00:00:00 2001
From: Xu Wang <xuwang@gmail.com>
Date: Fri, 11 May 2018 11:41:19 -0700
Subject: [PATCH] updated README.md, add more FAQs about search, secrets, phi,
 and usage limits

---
 README.md | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/README.md b/README.md
index d5c16f8..9715818 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,11 @@
 - [How many personal GitLab projects I can create?](#project-limit)
 - [What is the default project visibility?](#project-visibility)
 - [What is a GitLab group?](#GitLab-group)
+- [Why my search turnout nothing?](#serach-scope)
+- [Can I safeguard secrets in a private repo?](#no-secrets)
+- [What are GitLab usage limits?](#usage-limits)
 - [Is GitLab intergated with Stanford workgroup?](#workgroup)
+- [Can I use GitLab for PHI data?](#no-phi)
 
 ## <a name="minimum-setup" ></a> What is the minimum setup before I start using GitLab?
 
@@ -58,7 +62,39 @@ Project visibility level in GitLab can be either private, internal or public. Th
 
 Gitlab group allows you group projects together into one namespace (directory), so you can give other users permission to all projects in one place. You are allowed to create groups or transfer personal projects to a group that you own. Here is more information about [GitLab groups](http://doc.GitLab.com/ee/workflow/groups.html#GitLab-groups).
 
+## <a name="search-scope"></a>Why my search turnout nothing?
+Gitlab search scopes for CE version are limited to projects, issues, merge request. *Code* search is not supported. See [Search through GitLab](https://docs.gitlab.com/ce/user/search/)
+
+## <a name="no-secrets"></a>Can I safeguard secrets in private repo?
+Private repos will limit the visibility to it's members but it **IS NOT** a place to keep your secrets.
+
+All git repo contents are stored **UNENCRYPTED** on the storage backend and accessiable by whoever has the access privileges to the backend. 
+
+Clone a repo will also distribute all secrets it contains and it is impossible to control the usage of the secrets after they are cloned.
+
+**WARNING:** Do not store any secrets or config files that may contain secrets to a GitLab project regardless of its visibility.
+
+You should use a secret/key management system for all secrets, e.g. [SoM Vault](https://vault.med.stanford.edu), [LastPass](https://lastpass.com), etc.
+
+If you do want to use GitLab repo for secrets:
+ * Use [git-crypt](https://github.com/AGWA/git-crypt) to protect the secrets.
+ * You are on your own.
+
+## <a name="usage-limits"></a>What are GitLab usage limits?
+ 
+ * Gitlab is NOT for PHI data
+ * Personal projects limit: 30
+ * Group projects limit: unlimited
+ * Maximum attachment size: 10MB
+
+ **WARNING:** Please don't use GitLab to store large binary data file, e.g. compiled code, images, and vedios, etc.. Use a cloud storage bucket, i.e. S3, Box, or GCS.
+
 ## <a name="workgroup"></a>Is GitLab intergated with Stanford's workgroup?
 
 No. You can freely assemble your project team from members in different groups.
 
+
+## <a name="no-phi"></a>Can I use GitLab for PHI data?
+
+**NO** You can not.
+**WARNING** Do not store PHI data in any GitLab projects!
\ No newline at end of file
-- 
GitLab