Add latest changes from gitlab-org/gitlab@master

17 files changed, 157 insertions, 29 deletions

diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml
index a544ac410dd..b9f81f2eb0f 100644
--- a/.gitlab/ci/reports.gitlab-ci.yml
+++ b/.gitlab/ci/reports.gitlab-ci.yml
@@ -15,7 +15,7 @@ code_quality:
   stage: test
   needs: []
   variables:
-    CODE_QUALITY_IMAGE: "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.10"
+    CODE_QUALITY_IMAGE: "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.10-gitlab.1"
   script:
     - |
       if ! docker info &>/dev/null; then
diff --git a/app/assets/javascripts/batch_comments/components/review_bar.vue b/app/assets/javascripts/batch_comments/components/review_bar.vue
index b0e8b806701..2d7b86d2431 100644
--- a/app/assets/javascripts/batch_comments/components/review_bar.vue
+++ b/app/assets/javascripts/batch_comments/components/review_bar.vue
@@ -1,13 +1,12 @@
 <script>
 import { mapActions, mapState, mapGetters } from 'vuex';
-import { GlModal, GlModalDirective } from '@gitlab/ui';
+import { GlModal, GlModalDirective, GlButton } from '@gitlab/ui';
 import { sprintf, s__ } from '~/locale';
-import LoadingButton from '~/vue_shared/components/loading_button.vue';
 import PreviewDropdown from './preview_dropdown.vue';
 
 export default {
   components: {
-    LoadingButton,
+    GlButton,
     GlModal,
     PreviewDropdown,
   },
@@ -48,12 +47,13 @@ export default {
     <nav class="review-bar-component">
       <div class="review-bar-content qa-review-bar">
         <preview-dropdown />
-        <loading-button
+        <gl-button
           v-gl-modal="$options.modalId"
           :loading="isDiscarding"
-          :label="__('Discard review')"
           class="qa-discard-review float-right"
-        />
+        >
+          {{ __('Discard review') }}
+        </gl-button>
       </div>
     </nav>
     <gl-modal
diff --git a/app/assets/javascripts/clusters/components/remove_cluster_confirmation.vue b/app/assets/javascripts/clusters/components/remove_cluster_confirmation.vue
index 7fa57fb2a86..4c4a728591b 100644
--- a/app/assets/javascripts/clusters/components/remove_cluster_confirmation.vue
+++ b/app/assets/javascripts/clusters/components/remove_cluster_confirmation.vue
@@ -146,7 +146,7 @@ export default {
         <p>{{ warningMessage }}</p>
         <div v-if="confirmCleanup" v-html="warningToBeRemoved"></div>
         <strong v-html="confirmationTextLabel"></strong>
-        <form ref="form" :action="clusterPath" method="post" class="append-bottom-20">
+        <form ref="form" :action="clusterPath" method="post" class="gl-mb-5">
           <input ref="method" type="hidden" name="_method" value="delete" />
           <input :value="csrfToken" type="hidden" name="authenticity_token" />
           <input ref="cleanup" type="hidden" name="cleanup" value="true" />
diff --git a/app/assets/javascripts/vue_shared/components/user_avatar/user_avatar_list.vue b/app/assets/javascripts/vue_shared/components/user_avatar/user_avatar_list.vue
index db378d6f977..e19d659c179 100644
--- a/app/assets/javascripts/vue_shared/components/user_avatar/user_avatar_list.vue
+++ b/app/assets/javascripts/vue_shared/components/user_avatar/user_avatar_list.vue
@@ -1,12 +1,12 @@
 <script>
-import { GlDeprecatedButton } from '@gitlab/ui';
+import { GlButton } from '@gitlab/ui';
 import { sprintf, __ } from '~/locale';
 import UserAvatarLink from './user_avatar_link.vue';
 
 export default {
   components: {
     UserAvatarLink,
-    GlDeprecatedButton,
+    GlButton,
   },
   props: {
     items: {
@@ -82,12 +82,12 @@ export default {
       :img-size="imgSize"
     />
     <template v-if="hasBreakpoint">
-      <gl-deprecated-button v-if="hasHiddenItems" variant="link" @click="expand">
+      <gl-button v-if="hasHiddenItems" variant="link" @click="expand">
         {{ expandText }}
-      </gl-deprecated-button>
-      <gl-deprecated-button v-else variant="link" @click="collapse">
+      </gl-button>
+      <gl-button v-else variant="link" @click="collapse">
         {{ __('show less') }}
-      </gl-deprecated-button>
+      </gl-button>
     </template>
   </div>
 </template>
diff --git a/app/services/metrics/dashboard/base_service.rb b/app/services/metrics/dashboard/base_service.rb
index 311c7f23f16..5be8ae62548 100644
--- a/app/services/metrics/dashboard/base_service.rb
+++ b/app/services/metrics/dashboard/base_service.rb
@@ -13,6 +13,7 @@ module Metrics
         STAGES::MetricEndpointInserter,
         STAGES::VariableEndpointInserter,
         STAGES::PanelIdsInserter,
+        STAGES::TrackPanelType,
         STAGES::AlertsInserter,
         STAGES::UrlValidator
       ].freeze
diff --git a/changelogs/unreleased/add-secret-detection-exclude.yml b/changelogs/unreleased/add-secret-detection-exclude.yml
new file mode 100644
index 00000000000..b6e57cd0ff2
--- /dev/null
+++ b/changelogs/unreleased/add-secret-detection-exclude.yml
@@ -0,0 +1,5 @@
+---
+title: Add SECRET_DETECTION_EXCLUDED_PATHS env var
+merge_request: 39523
+author:
+type: added
diff --git a/changelogs/unreleased/bump-cq-template-version.yml b/changelogs/unreleased/bump-cq-template-version.yml
new file mode 100644
index 00000000000..7ab221d30ae
--- /dev/null
+++ b/changelogs/unreleased/bump-cq-template-version.yml
@@ -0,0 +1,5 @@
+---
+title: Bump CodeQuality templates to version 0.85.10-gitlab.1
+merge_request: 39502
+author:
+type: changed
diff --git a/doc/administration/gitaly/praefect.md b/doc/administration/gitaly/praefect.md
index 2565c406f1e..485dddfce9d 100644
--- a/doc/administration/gitaly/praefect.md
+++ b/doc/administration/gitaly/praefect.md
@@ -940,19 +940,14 @@ cluster.
 
 ## Distributed reads
 
-> Introduced in GitLab 13.1 in [beta](https://about.gitlab.com/handbook/product/gitlab-the-product/#alpha-beta-ga) with feature flag `gitaly_distributed_reads` set to disabled.
-
 Praefect supports distribution of read operations across Gitaly nodes that are
 configured for the virtual node.
 
-To allow for [performance testing](https://gitlab.com/gitlab-org/quality/performance/-/issues/231),
-distributed reads are currently in
-[beta](https://about.gitlab.com/handbook/product/gitlab-the-product/#alpha-beta-ga) and disabled by
-default. To enable distributed reads, the `gitaly_distributed_reads`
-[feature flag](../feature_flags.md) must be enabled in a Ruby console:
+The feature is enabled by default. To disable distributed reads, the `gitaly_distributed_reads`
+[feature flag](../feature_flags.md) must be disabled in a Ruby console:
 
 ```ruby
-Feature.enable(:gitaly_distributed_reads)
+Feature.disable(:gitaly_distributed_reads)
 ```
 
 If enabled, all RPCs marked with `ACCESSOR` option like
diff --git a/doc/user/admin_area/settings/project_integration_management.md b/doc/user/admin_area/settings/project_integration_management.md
new file mode 100644
index 00000000000..e4fe7e36139
--- /dev/null
+++ b/doc/user/admin_area/settings/project_integration_management.md
@@ -0,0 +1,54 @@
+---
+stage: Create
+group: Ecosystem
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
+# Project integration management **(CORE ONLY)**
+
+> [Introduced in](https://gitlab.com/groups/gitlab-org/-/epics/2137) GitLab 13.3.
+
+Project integrations can be configured and enabled by project administrators. As a GitLab instance administrator, you can set default configuration parameters for a given integration that all projects can inherit and use, enabling the integration for all projects that are not already using custom settings.
+
+You can update these default settings at any time, changing the settings in use for all projects that are set to use instance-level defaults. This also enables the integration for all projects on which it was not already enabled.
+
+It is only possible to inherit the complete settings for an integration. Per-field inheritance is [planned](https://gitlab.com/groups/gitlab-org/-/epics/2137), as well as [group-level management](https://gitlab.com/groups/gitlab-org/-/epics/2543) of integration settings.
+
+## Manage default settings for a project integration
+
+1. Navigate to **Admin Area > Settings > Integrations**.
+1. Select a project integration.
+1. Enter configuration details and click **Save changes**.
+
+CAUTION: **Caution:**
+This may affect all or most of the projects on your GitLab instance. Please review the details below.
+
+If this is the first time you are setting up instance-level settings for an integration:
+
+- The integration is enabled for all projects that do not already have this integration configured if you have the **Enable integration** toggle turned on in the instance-level settings.
+- Projects that already have the integration configured are not affected, but can choose to use the inherited settings at any time.
+
+When you make further changes to the instance defaults:
+
+- They are immediately applied to all projects that have the integration set to use instance-level default settings.
+- They are immediately applied to newer projects, created since you last saved defaults for the integration.
+  - If your instance-level default setting has the **Enable integration** toggle turned on, the integration is automatically enabled for all such projects.
+- Projects with custom settings selected for the integration are not immediately affected and may choose to use the latest instance-level defaults at any time.
+
+It is only possible to inherit the complete settings for an integration. Per-field inheritance is [planned](https://gitlab.com/groups/gitlab-org/-/epics/2137). This would allow instance administrators to update settings inherited by projects without enabling the integration on all non-configured projects by default.
+
+## Use instance-level default settings for a project integration
+
+1. Navigate to **Project > Settings > Integrations**.
+1. Choose the integration you want to enable or update.
+1. From the drop-down, select **Use default settings**.
+1. Ensure the toggle is set to **Enable integration**.
+1. Click **Save changes**.
+
+## Use custom settings for a project integration
+
+1. Navigate to **Project > Settings > Integrations**.
+1. Choose the integration you want to enable or update.
+1. From the drop-down, select **Use custom settings**.
+1. Ensure the toggle is set to **Enable integration** and enter all required settings.
+1. Click **Save changes**.
diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md
index c036845e16e..7daf2f3308b 100644
--- a/doc/user/application_security/secret_detection/index.md
+++ b/doc/user/application_security/secret_detection/index.md
@@ -164,7 +164,7 @@ Secret Detection can be customized by defining available variables:
 |-------------------------|---------------|-------------|
 | `SECRET_DETECTION_COMMIT_FROM` | -     | The commit a Gitleaks scan starts at. |
 | `SECRET_DETECTION_COMMIT_TO` | -       | The commit a Gitleaks scan ends at. |
-| `SECRET_DETECTION_EXCLUDED_PATHS`         | `spec, test, tests, tmp` | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs, or file or folder paths (for example, `doc,spec` ). Parent directories will also match patterns. |
+| `SECRET_DETECTION_EXCLUDED_PATHS` | "" | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs, or file or folder paths (for example, `doc,spec` ). Parent directories will also match patterns. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/225273) in GitLab 13.3. |
 | `SECRET_DETECTION_HISTORIC_SCAN` | false | Flag to enable a historic Gitleaks scan. |
 
 ### Logging level
diff --git a/doc/user/project/integrations/overview.md b/doc/user/project/integrations/overview.md
index 3b54b3c9696..752c6a6d897 100644
--- a/doc/user/project/integrations/overview.md
+++ b/doc/user/project/integrations/overview.md
@@ -75,10 +75,18 @@ The number of branches or tags supported can be changed via
 
 ## Service templates
 
-Service templates are a way to set predefined values for an integration across
+Service templates are a way to set predefined values for a project integration across
 all new projects on the instance.
 
-Read more about [Service templates in this document](services_templates.md).
+Read more about [Service templates](services_templates.md).
+
+## Project integration management
+
+Project integraton management lets you control integration settings across all projects
+of an instance. On the project level, administrators you can choose whether to inherit the
+instance configuraton or provide custom settings.
+
+Read more about [Project integration management](../../admin_area/settings/project_integration_management.md).
 
 ## Troubleshooting integrations
 
diff --git a/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml
index 6b76d7e0c9b..cf851c875ee 100644
--- a/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml
@@ -7,7 +7,7 @@ code_quality:
   variables:
     DOCKER_DRIVER: overlay2
     DOCKER_TLS_CERTDIR: ""
-    CODE_QUALITY_IMAGE: "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.10"
+    CODE_QUALITY_IMAGE: "registry.gitlab.com/gitlab-org/ci-cd/codequality:0.85.10-gitlab.1"
   needs: []
   script:
     - |
diff --git a/lib/gitlab/ci/templates/Security/Secret-Detection.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Secret-Detection.gitlab-ci.yml
index 48bbf21dfc3..b897c7b482f 100644
--- a/lib/gitlab/ci/templates/Security/Secret-Detection.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/Secret-Detection.gitlab-ci.yml
@@ -7,6 +7,8 @@
 variables:
   SECURE_ANALYZERS_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers"
   SECRETS_ANALYZER_VERSION: "3"
+  SECRET_DETECTION_EXCLUDED_PATHS: ""
+
 
 .secret-analyzer:
   stage: test
diff --git a/lib/gitlab/metrics/dashboard/stages/track_panel_type.rb b/lib/gitlab/metrics/dashboard/stages/track_panel_type.rb
new file mode 100644
index 00000000000..6e4ce770fa3
--- /dev/null
+++ b/lib/gitlab/metrics/dashboard/stages/track_panel_type.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Metrics
+    module Dashboard
+      module Stages
+        class TrackPanelType < BaseStage
+          def transform!
+            for_panel_groups do |panel_group|
+              for_panels_in(panel_group) do |panel|
+                track_panel_type(panel)
+              end
+            end
+          end
+
+          private
+
+          def track_panel_type(panel)
+            panel_type = panel[:type]
+
+            Gitlab::Tracking.event('MetricsDashboard::Chart', 'chart_rendered', label: 'Chart Type', value: panel_type)
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/spec/frontend/vue_shared/components/user_avatar/user_avatar_list_spec.js b/spec/frontend/vue_shared/components/user_avatar/user_avatar_list_spec.js
index 1db1114f9ba..6f66d1cafb9 100644
--- a/spec/frontend/vue_shared/components/user_avatar/user_avatar_list_spec.js
+++ b/spec/frontend/vue_shared/components/user_avatar/user_avatar_list_spec.js
@@ -1,5 +1,5 @@
 import { shallowMount } from '@vue/test-utils';
-import { GlDeprecatedButton } from '@gitlab/ui';
+import { GlButton } from '@gitlab/ui';
 import { TEST_HOST } from 'spec/test_constants';
 import UserAvatarList from '~/vue_shared/components/user_avatar/user_avatar_list.vue';
 import UserAvatarLink from '~/vue_shared/components/user_avatar/user_avatar_link.vue';
@@ -37,7 +37,7 @@ describe('UserAvatarList', () => {
   };
 
   const clickButton = () => {
-    const button = wrapper.find(GlDeprecatedButton);
+    const button = wrapper.find(GlButton);
     button.vm.$emit('click');
   };
 
@@ -112,7 +112,7 @@ describe('UserAvatarList', () => {
     it('does not show button', () => {
       factory();
 
-      expect(wrapper.find(GlDeprecatedButton).exists()).toBe(false);
+      expect(wrapper.find(GlButton).exists()).toBe(false);
     });
   });
 
diff --git a/spec/lib/gitlab/metrics/dashboard/stages/track_panel_type_spec.rb b/spec/lib/gitlab/metrics/dashboard/stages/track_panel_type_spec.rb
new file mode 100644
index 00000000000..53f1d9a74db
--- /dev/null
+++ b/spec/lib/gitlab/metrics/dashboard/stages/track_panel_type_spec.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Gitlab::Metrics::Dashboard::Stages::TrackPanelType do
+  include MetricsDashboardHelpers
+
+  let(:project) { build_stubbed(:project) }
+  let(:environment) { build_stubbed(:environment, project: project) }
+
+  describe '#transform!' do
+    subject { described_class.new(project, dashboard, environment: environment) }
+
+    let(:dashboard) { load_sample_dashboard.deep_symbolize_keys }
+
+    it 'creates tracking event' do
+      expect(Gitlab::Tracking).to receive(:event).with('MetricsDashboard::Chart', 'chart_rendered',
+        { label: 'Chart Type', value: 'area-chart' }).at_least(:once)
+
+      subject.transform!
+    end
+  end
+end
diff --git a/spec/services/metrics/dashboard/custom_dashboard_service_spec.rb b/spec/services/metrics/dashboard/custom_dashboard_service_spec.rb
index 33643a2fbb2..6bfbbf9b076 100644
--- a/spec/services/metrics/dashboard/custom_dashboard_service_spec.rb
+++ b/spec/services/metrics/dashboard/custom_dashboard_service_spec.rb
@@ -57,6 +57,14 @@ RSpec.describe Metrics::Dashboard::CustomDashboardService, :use_clean_rails_memo
         described_class.new(*service_params).get_dashboard
       end
 
+      it 'tracks panel type' do
+        expect(::Gitlab::Tracking).to receive(:event).with(
+          'MetricsDashboard::Chart', 'chart_rendered', { label: 'Chart Type', value: 'area-chart' }
+        ).at_least(:once)
+
+        described_class.new(*service_params).get_dashboard
+      end
+
       context 'and the dashboard is then deleted' do
         it 'does not return the previously cached dashboard' do
           described_class.new(*service_params).get_dashboard