Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-02-21 06:08:58 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-02-21 06:08:58 +0000
commit: 18b8435318887d3fc6e9f9d305967a953cdd7d3f (patch)
tree: 28cb71f255eb364c224ff24dd085f8cd836951b1
parent: 4359b9650ecf0960f04f0fd38fc25bec7b478a11 (diff)
download: gitlab-ce-18b8435318887d3fc6e9f9d305967a953cdd7d3f.tar.gz
32 files changed, 142 insertions, 63 deletions
diff --git a/Gemfile b/Gemfile
index 4c5c885cfc2..4f543d5938d 100644
--- a/Gemfile
+++ b/Gemfile
@@ -58,7 +58,7 @@ gem 'akismet', '~> 3.0'
 gem 'invisible_captcha', '~> 0.12.1'
 
 # Two-factor authentication
-gem 'devise-two-factor', '~> 3.0.0'
+gem 'devise-two-factor', '~> 3.1.0'
 gem 'rqrcode-rails3', '~> 0.1.7'
 gem 'attr_encrypted', '~> 3.1.0'
 gem 'u2f', '~> 0.2.1'
diff --git a/Gemfile.lock b/Gemfile.lock
index 19b107f41f0..724021ced7c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -229,11 +229,11 @@ GEM
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
-    devise-two-factor (3.0.0)
-      activesupport
+    devise-two-factor (3.1.0)
+      activesupport (< 6.1)
       attr_encrypted (>= 1.3, < 4, != 2)
       devise (~> 4.0)
-      railties
+      railties (< 6.1)
       rotp (~> 2.0)
     diff-lcs (1.3)
     diff_match_patch (0.1.0)
@@ -1193,7 +1193,7 @@ DEPENDENCIES
   derailed_benchmarks
   device_detector
   devise (~> 4.6)
-  devise-two-factor (~> 3.0.0)
+  devise-two-factor (~> 3.1.0)
   diff_match_patch (~> 0.1.0)
   diffy (~> 3.1.0)
   discordrb-webhooks-blackst0ne (~> 3.3)
diff --git a/app/assets/javascripts/clusters/components/applications.vue b/app/assets/javascripts/clusters/components/applications.vue
index 9429e10e6ed..685fc939c9a 100644
--- a/app/assets/javascripts/clusters/components/applications.vue
+++ b/app/assets/javascripts/clusters/components/applications.vue
@@ -638,13 +638,8 @@ Crossplane runs inside your Kubernetes cluster and supports secure connectivity
         :status-reason="applications.elastic_stack.statusReason"
         :request-status="applications.elastic_stack.requestStatus"
         :request-reason="applications.elastic_stack.requestReason"
-        :version="applications.elastic_stack.version"
-        :chart-repo="applications.elastic_stack.chartRepo"
-        :update-available="applications.elastic_stack.updateAvailable"
         :installed="applications.elastic_stack.installed"
         :install-failed="applications.elastic_stack.installFailed"
-        :update-successful="applications.elastic_stack.updateSuccessful"
-        :update-failed="applications.elastic_stack.updateFailed"
         :uninstallable="applications.elastic_stack.uninstallable"
         :uninstall-successful="applications.elastic_stack.uninstallSuccessful"
         :uninstall-failed="applications.elastic_stack.uninstallFailed"
diff --git a/app/assets/javascripts/repository/components/preview/index.vue b/app/assets/javascripts/repository/components/preview/index.vue
index 78ae719ba0d..99f100eaa60 100644
--- a/app/assets/javascripts/repository/components/preview/index.vue
+++ b/app/assets/javascripts/repository/components/preview/index.vue
@@ -2,6 +2,7 @@
 import $ from 'jquery';
 import '~/behaviors/markdown/render_gfm';
 import { GlLink, GlLoadingIcon } from '@gitlab/ui';
+import { handleLocationHash } from '~/lib/utils/common_utils';
 import getReadmeQuery from '../../queries/getReadme.query.graphql';
 
 export default {
@@ -36,6 +37,7 @@ export default {
     readme(newVal) {
       if (newVal) {
         this.$nextTick(() => {
+          handleLocationHash();
           $(this.$refs.readme).renderGFM();
         });
       }
diff --git a/app/controllers/groups/settings/ci_cd_controller.rb b/app/controllers/groups/settings/ci_cd_controller.rb
index 0e83d057484..3555528b2ef 100644
--- a/app/controllers/groups/settings/ci_cd_controller.rb
+++ b/app/controllers/groups/settings/ci_cd_controller.rb
@@ -6,6 +6,9 @@ module Groups
       skip_cross_project_access_check :show
       before_action :authorize_admin_group!
       before_action :authorize_update_max_artifacts_size!, only: [:update]
+      before_action do
+        push_frontend_feature_flag(:new_variables_ui, @group)
+      end
 
       def show
         define_ci_variables
diff --git a/app/controllers/projects/settings/ci_cd_controller.rb b/app/controllers/projects/settings/ci_cd_controller.rb
index bf0c2d885f8..37f97785778 100644
--- a/app/controllers/projects/settings/ci_cd_controller.rb
+++ b/app/controllers/projects/settings/ci_cd_controller.rb
@@ -5,6 +5,9 @@ module Projects
     class CiCdController < Projects::ApplicationController
       before_action :authorize_admin_pipeline!
       before_action :define_variables
+      before_action do
+        push_frontend_feature_flag(:new_variables_ui, @project)
+      end
 
       def show
       end
diff --git a/app/views/ci/variables/_index.html.haml b/app/views/ci/variables/_index.html.haml
index 7ae5c48b93c..f11c730eba6 100644
--- a/app/views/ci/variables/_index.html.haml
+++ b/app/views/ci/variables/_index.html.haml
@@ -5,27 +5,34 @@
     - link_start = '<a href="%{url}">'.html_safe % { url: help_page_path('ci/variables/README', anchor: 'protected-variables') }
     = s_('Environment variables are configured by your administrator to be %{link_start}protected%{link_end} by default').html_safe % { link_start: link_start, link_end: '</a>'.html_safe }
 
-.row
-  .col-lg-12.js-ci-variable-list-section{ data: { save_endpoint: save_endpoint, maskable_regex: ci_variable_maskable_regex } }
-    .hide.alert.alert-danger.js-ci-variable-error-box
+- if Feature.enabled?(:new_variables_ui, @project || @group)
+  - is_group = !@group.nil?
 
-    %ul.ci-variable-list
-      = render 'ci/variables/variable_header'
-      - @variables.each.each do |variable|
-        = render 'ci/variables/variable_row', form_field: 'variables', variable: variable
-      = render 'ci/variables/variable_row', form_field: 'variables'
-    .prepend-top-20
-      %button.btn.btn-success.js-ci-variables-save-button{ type: 'button' }
-        %span.hide.js-ci-variables-save-loading-icon
-          = icon('spinner spin')
-        = _('Save variables')
-      %button.btn.btn-info.btn-inverted.prepend-left-10.js-secret-value-reveal-button{ type: 'button', data: { secret_reveal_status: "#{@variables.size == 0}" } }
-        - if @variables.size == 0
-          = n_('Hide value', 'Hide values', @variables.size)
-        - else
-          = n_('Reveal value', 'Reveal values', @variables.size)
-    - if !@group && @project.group
-      .settings-header.border-top.prepend-top-20
-        = render 'ci/group_variables/header'
-      .settings-content.pr-0
-        = render 'ci/group_variables/index'
+  #js-ci-project-variables{ data: { endpoint: save_endpoint, project_id: @project&.id || '', group: is_group.to_s, maskable_regex: ci_variable_maskable_regex} }
+
+- else
+  .row
+    .col-lg-12.js-ci-variable-list-section{ data: { save_endpoint: save_endpoint, maskable_regex: ci_variable_maskable_regex } }
+      .hide.alert.alert-danger.js-ci-variable-error-box
+
+      %ul.ci-variable-list
+        = render 'ci/variables/variable_header'
+        - @variables.each.each do |variable|
+          = render 'ci/variables/variable_row', form_field: 'variables', variable: variable
+        = render 'ci/variables/variable_row', form_field: 'variables'
+      .prepend-top-20
+        %button.btn.btn-success.js-ci-variables-save-button{ type: 'button' }
+          %span.hide.js-ci-variables-save-loading-icon
+            = icon('spinner spin')
+          = _('Save variables')
+        %button.btn.btn-info.btn-inverted.prepend-left-10.js-secret-value-reveal-button{ type: 'button', data: { secret_reveal_status: "#{@variables.size == 0}" } }
+          - if @variables.size == 0
+            = n_('Hide value', 'Hide values', @variables.size)
+          - else
+            = n_('Reveal value', 'Reveal values', @variables.size)
+
+- if !@group && @project.group
+  .settings-header.border-top.prepend-top-20
+    = render 'ci/group_variables/header'
+  .settings-content.pr-0
+    = render 'ci/group_variables/index'
diff --git a/changelogs/unreleased/10429_set_dast_default_git_strategy_to_none.yml b/changelogs/unreleased/10429_set_dast_default_git_strategy_to_none.yml
new file mode 100644
index 00000000000..35ef99383fc
--- /dev/null
+++ b/changelogs/unreleased/10429_set_dast_default_git_strategy_to_none.yml
@@ -0,0 +1,5 @@
+---
+title: Project repositories are no longer cloned by default when running DAST
+merge_request: 25320
+author:
+type: performance
diff --git a/doc/.linting/vale/styles/gitlab/OxfordComma.yml b/doc/.linting/vale/styles/gitlab/OxfordComma.yml
index 76a8d5c3f3e..c9f4d2895d1 100644
--- a/doc/.linting/vale/styles/gitlab/OxfordComma.yml
+++ b/doc/.linting/vale/styles/gitlab/OxfordComma.yml
@@ -1,6 +1,11 @@
+---
+# Checks for the lack of an Oxford comma. In some cases, will catch overly
+# complex sentence structures with lots of commas.
+#
+# For a list of all options, see https://errata-ai.github.io/vale/styles/
 extends: existence
-message: Use a comma before the last "and" in a list of three or more items.
+message: Use a comma before the last "and" or "or" in a list of four or more items.
 link: https://docs.gitlab.com/ee/development/documentation/styleguide.html#punctuation
 level: warning
-tokens:
-  - '(?:[^,]+,){1,}\s\w+\sand'
+raw:
+  - '(?:[\w-_` ]+,){2,}(?:[\w-_` ]+) (and|or)'
diff --git a/doc/administration/auth/authentiq.md b/doc/administration/auth/authentiq.md
index d15beb4f6fc..e9b32b64160 100644
--- a/doc/administration/auth/authentiq.md
+++ b/doc/administration/auth/authentiq.md
@@ -66,7 +66,10 @@ Authentiq will generate a Client ID and the accompanying Client Secret for you t
 
 On the sign in page there should now be an Authentiq icon below the regular sign in form. Click the icon to begin the authentication process.
 
-- If the user has the Authentiq ID app installed in their iOS or Android device, they can scan the QR code, decide what personal details to share and sign in to your GitLab installation.
+- If the user has the Authentiq ID app installed in their iOS or Android device, they can:
+  1. Scan the QR code.
+  1. Decide what personal details to share.
+  1. Sign in to your GitLab installation.
 - If not they will be prompted to download the app and then follow the procedure above.
 
 If everything goes right, the user will be returned to GitLab and will be signed in.
diff --git a/doc/administration/auth/ldap-ee.md b/doc/administration/auth/ldap-ee.md
index 5217cd5114a..cbe24ca9e22 100644
--- a/doc/administration/auth/ldap-ee.md
+++ b/doc/administration/auth/ldap-ee.md
@@ -392,7 +392,7 @@ Group sync was written to be as performant as possible. Data is cached, database
 queries are optimized, and LDAP queries are minimized. The last benchmark run
 revealed the following metrics:
 
-For 20,000 LDAP users, 11,000 LDAP groups and 1,000 GitLab groups with 10
+For 20000 LDAP users, 11000 LDAP groups and 1000 GitLab groups with 10
 LDAP group links each:
 
 - Initial sync (no existing members assigned in GitLab) took 1.8 hours
diff --git a/doc/administration/auth/ldap.md b/doc/administration/auth/ldap.md
index 339710624fa..db7c11ada10 100644
--- a/doc/administration/auth/ldap.md
+++ b/doc/administration/auth/ldap.md
@@ -461,7 +461,8 @@ LDAP email address, and then sign into GitLab via their LDAP credentials.
 
 ## Enabling LDAP username lowercase
 
-Some LDAP servers, depending on their configurations, can return uppercase usernames. This can lead to several confusing issues like, for example, creating links or namespaces with uppercase names.
+Some LDAP servers, depending on their configurations, can return uppercase usernames.
+This can lead to several confusing issues such as creating links or namespaces with uppercase names.
 
 GitLab can automatically lowercase usernames provided by the LDAP server by enabling
 the configuration option `lowercase_usernames`. By default, this configuration option is `false`.
diff --git a/doc/administration/compliance.md b/doc/administration/compliance.md
index 44e1cc8059a..447b69e14b4 100644
--- a/doc/administration/compliance.md
+++ b/doc/administration/compliance.md
@@ -14,6 +14,6 @@ GitLab’s [security features](../security/README.md) may also help you meet rel
 |**[Lock project membership to group](../user/group/index.md#member-lock-starter)**<br>Group owners can prevent new members from being added to projects within a group.|Starter+|✓|
 |**[LDAP group sync](auth/ldap-ee.md#group-sync)**<br>GitLab Enterprise Edition gives admins the ability to automatically sync groups and manage SSH keys, permissions, and authentication, so you can focus on building your product, not configuring your tools.|Starter+||
 |**[LDAP group sync filters](auth/ldap-ee.md#group-sync)**<br>GitLab Enterprise Edition Premium gives more flexibility to synchronize with LDAP based on filters, meaning you can leverage LDAP attributes to map GitLab permissions.|Premium+||
-|**[Audit logs](audit_events.md)**<br>To maintain the integrity of your code, GitLab Enterprise Edition Premium gives admins the ability to view any modifications made within the GitLab server in an advanced audit log system, so you can control, analyze and track every change.|Premium+||
+|**[Audit logs](audit_events.md)**<br>To maintain the integrity of your code, GitLab Enterprise Edition Premium gives admins the ability to view any modifications made within the GitLab server in an advanced audit log system, so you can control, analyze, and track every change.|Premium+||
 |**[Auditor users](auditor_users.md)**<br>Auditor users are users who are given read-only access to all projects, groups, and other resources on the GitLab instance.|Premium+||
 |**[Credentials inventory](../user/admin_area/credentials_inventory.md)**<br>With a credentials inventory, GitLab administrators can keep track of the credentials used by all of the users in their GitLab instance. |Ultimate||
diff --git a/doc/administration/geo/disaster_recovery/background_verification.md b/doc/administration/geo/disaster_recovery/background_verification.md
index c042e3e9872..322b3b3fe4d 100644
--- a/doc/administration/geo/disaster_recovery/background_verification.md
+++ b/doc/administration/geo/disaster_recovery/background_verification.md
@@ -176,7 +176,7 @@ progress to include them in [ee-1430]. For now, you can verify their integrity
 manually by following [these instructions][foreground-verification] on both
 nodes, and comparing the output between them.
 
-In GitLab EE 12.1, Geo calculates checksums for attachments, LFS objects and
+In GitLab EE 12.1, Geo calculates checksums for attachments, LFS objects, and
 archived traces on secondary nodes after the transfer, compares it with the
 stored checksums, and rejects transfers if mismatched. Please note that Geo
 currently does not support an automatic way to verify these data if they have
diff --git a/doc/administration/geo/disaster_recovery/planned_failover.md b/doc/administration/geo/disaster_recovery/planned_failover.md
index cd3d5a88de7..25050e4b13e 100644
--- a/doc/administration/geo/disaster_recovery/planned_failover.md
+++ b/doc/administration/geo/disaster_recovery/planned_failover.md
@@ -187,7 +187,7 @@ access to the **primary** node during the maintenance window.
 1. On the **secondary** node, navigate to **Admin Area > Monitoring > Background Jobs > Queues**
    and wait for all the `geo` queues to drop to 0 queued and 0 running jobs.
 1. On the **secondary** node, use [these instructions][foreground-verification]
-   to verify the integrity of CI artifacts, LFS objects and uploads in file
+   to verify the integrity of CI artifacts, LFS objects, and uploads in file
    storage.
 
 At this point, your **secondary** node will contain an up-to-date copy of everything the
diff --git a/doc/administration/geo/replication/datatypes.md b/doc/administration/geo/replication/datatypes.md
index 75ce7503c34..6b1b3131a96 100644
--- a/doc/administration/geo/replication/datatypes.md
+++ b/doc/administration/geo/replication/datatypes.md
@@ -13,7 +13,7 @@ We currently distinguish between three different data types:
 - [Blobs](#blobs)
 - [Database](#database)
 
-See the list below of each feature or component we replicate, its corresponding data type, replication and
+See the list below of each feature or component we replicate, its corresponding data type, replication, and
 verification methods:
 
 | Type     | Feature / component                           | Replication method                          | Verification method  |
diff --git a/doc/administration/geo/replication/index.md b/doc/administration/geo/replication/index.md
index 4eaf6a88575..ccc8b9ecd2d 100644
--- a/doc/administration/geo/replication/index.md
+++ b/doc/administration/geo/replication/index.md
@@ -12,7 +12,8 @@ Replication with Geo is the solution for widely distributed development teams.
 
 Fetching large repositories can take a long time for teams located far from a single GitLab instance.
 
-Geo provides local, read-only instances of your GitLab instances, reducing the time it takes to clone and fetch large repositories and speeding up development.
+Geo provides local, read-only instances of your GitLab instances. This can reduce the time it takes
+to clone and fetch large repositories, speeding up development.
 
 NOTE: **Note:**
 Check the [requirements](#requirements-for-running-geo) carefully before setting up Geo.
@@ -269,7 +270,7 @@ For answers to common questions, see the [Geo FAQ](faq.md).
 
 Since GitLab 9.5, Geo stores structured log messages in a `geo.log` file. For Omnibus installations, this file is at `/var/log/gitlab/gitlab-rails/geo.log`.
 
-This file contains information about when Geo attempts to sync repositories and files. Each line in the file contains a separate JSON entry that can be ingested into Elasticsearch, Splunk, etc.
+This file contains information about when Geo attempts to sync repositories and files. Each line in the file contains a separate JSON entry that can be ingested into, for example, Elasticsearch or Splunk.
 
 For example:
 
diff --git a/doc/administration/git_annex.md b/doc/administration/git_annex.md
index 87e1d3b1e8e..49a22dc6a52 100644
--- a/doc/administration/git_annex.md
+++ b/doc/administration/git_annex.md
@@ -18,7 +18,7 @@ you can.
 
 Not being able to version control large binaries is a big problem for many
 larger organizations.
-Videos, photos, audio, compiled binaries and many other types of files are too
+Videos, photos, audio, compiled binaries, and many other types of files are too
 large. As a workaround, people keep artwork-in-progress in a Dropbox folder and
 only check in the final result. This results in using outdated files, not
 having a complete history and increases the risk of losing work.
@@ -41,13 +41,13 @@ configuration options required to enable it.
 
 `git-annex` needs to be installed both on the server and the client side.
 
-For Debian-like systems (e.g., Debian, Ubuntu) this can be achieved by running:
+For Debian-like systems (for example, Debian and Ubuntu) this can be achieved by running:
 
 ```
 sudo apt-get update && sudo apt-get install git-annex
 ```
 
-For RedHat-like systems (e.g., CentOS, RHEL) this can be achieved by running:
+For RedHat-like systems (for example, CentOS and RHEL) this can be achieved by running:
 
 ```
 sudo yum install epel-release && sudo yum install git-annex
diff --git a/doc/administration/incoming_email.md b/doc/administration/incoming_email.md
index 07b6f79a0fa..6a0249d85d8 100644
--- a/doc/administration/incoming_email.md
+++ b/doc/administration/incoming_email.md
@@ -81,7 +81,7 @@ incoming email domain to `hooli.com`, an attacker could abuse the "Create new
 issue by email" or
 "[Create new merge request by email](../user/project/merge_requests/creating_merge_requests.md#new-merge-request-by-email-core-only)"
 features by using a project's unique address as the email when signing up for
-Slack, which would send a confirmation email, which would create a new issue or
+Slack. This would send a confirmation email, which would create a new issue or
 merge request on the project owned by the attacker, allowing them to click the
 confirmation link and validate their account on your company's private Slack
 instance.
diff --git a/doc/administration/index.md b/doc/administration/index.md
index fcfdcfdf6c8..0028f7d8a1d 100644
--- a/doc/administration/index.md
+++ b/doc/administration/index.md
@@ -76,7 +76,7 @@ Learn how to install, configure, update, and maintain your GitLab instance.
 
 ### Maintaining GitLab
 
-- [Raketasks](../raketasks/README.md): Perform various tasks for maintenance, backups, automatic webhooks setup, etc.
+- [Raketasks](../raketasks/README.md): Perform various tasks for maintenance, backups, automatic webhooks setup, and more.
   - [Backup and restore](../raketasks/backup_restore.md): Backup and restore your GitLab instance.
 - [Operations](operations/index.md): Keeping GitLab up and running (clean up Redis sessions, moving repositories, Sidekiq MemoryKiller, Unicorn).
 - [Restart GitLab](restart_gitlab.md): Learn how to restart GitLab and its components.
@@ -107,7 +107,7 @@ Learn how to install, configure, update, and maintain your GitLab instance.
 - [Libravatar](libravatar.md): Use Libravatar instead of Gravatar for user avatars.
 - [Sign-up restrictions](../user/admin_area/settings/sign_up_restrictions.md): block email addresses of specific domains, or whitelist only specific domains.
 - [Access restrictions](../user/admin_area/settings/visibility_and_access_controls.md#enabled-git-access-protocols): Define which Git access protocols can be used to talk to GitLab (SSH, HTTP, HTTPS).
-- [Authentication and Authorization](auth/README.md): Configure external authentication with LDAP, SAML, CAS and additional providers.
+- [Authentication and Authorization](auth/README.md): Configure external authentication with LDAP, SAML, CAS, and additional providers.
   - [Sync LDAP](auth/ldap-ee.md) **(STARTER ONLY)**
   - [Kerberos authentication](../integration/kerberos.md) **(STARTER ONLY)**
   - See also other [authentication](../topics/authentication/index.md#gitlab-administrators) topics (for example, enforcing 2FA).
@@ -230,4 +230,3 @@ who are aware of the risks.
   - [Strace zine](https://wizardzines.com/zines/strace/)
 - GitLab.com-specific resources:
   - [Group SAML/SCIM setup](troubleshooting/group_saml_scim.md)
-  
-\ No newline at end of file
diff --git a/doc/administration/monitoring/performance/grafana_configuration.md b/doc/administration/monitoring/performance/grafana_configuration.md
index 2fdeeae302b..12b69d10179 100644
--- a/doc/administration/monitoring/performance/grafana_configuration.md
+++ b/doc/administration/monitoring/performance/grafana_configuration.md
@@ -148,7 +148,14 @@ However, you should **not** reinstate your old data _except_ under one of the fo
 1. If you are certain that you changed your default admin password when you enabled Grafana
 1. If you run GitLab in a private network, accessed only by trusted users, and your Grafana login page has not been exposed to the internet
 
-If you require access to your old Grafana data but do not meet one of these criteria, you may consider reinstating it temporarily, [exporting the dashboards](https://grafana.com/docs/reference/export_import/#exporting-a-dashboard) you need, then refreshing the data and [re-importing your dashboards](https://grafana.com/docs/reference/export_import/#importing-a-dashboard). Note that this poses a temporary vulnerability while your old Grafana data is in use, and the decision to do so should be weighed carefully with your need to access existing data and dashboards.
+If you require access to your old Grafana data but do not meet one of these criteria, you may consider:
+
+1. Reinstating it temporarily.
+1. [Exporting the dashboards](https://grafana.com/docs/reference/export_import/#exporting-a-dashboard) you need.
+1. Refreshing the data and [re-importing your dashboards](https://grafana.com/docs/reference/export_import/#importing-a-dashboard).
+
+DANGER: **Danger:**
+This poses a temporary vulnerability while your old Grafana data is in use and the decision to do so should be weighed carefully with your need to access existing data and dashboards.
 
 For more information and further mitigation details, please refer to our [blog post on the security release](https://about.gitlab.com/blog/2019/08/12/critical-security-release-gitlab-12-dot-1-dot-6-released/).
 
diff --git a/doc/administration/restart_gitlab.md b/doc/administration/restart_gitlab.md
index bd3a52d487a..176ff5c1b1b 100644
--- a/doc/administration/restart_gitlab.md
+++ b/doc/administration/restart_gitlab.md
@@ -87,8 +87,8 @@ Reconfiguring GitLab should occur in the event that something in its
 configuration (`/etc/gitlab/gitlab.rb`) has changed.
 
 When you run this command, [Chef], the underlying configuration management
-application that powers Omnibus GitLab, will make sure that all directories,
-permissions, services, etc., are in place and in the same shape that they were
+application that powers Omnibus GitLab, will make sure that all things like directories,
+permissions, and services are in place and in the same shape that they were
 initially shipped.
 
 It will also restart GitLab components where needed, if any of their
@@ -128,7 +128,7 @@ The GitLab MailRoom email processor with pid 28114 is running.
 GitLab and all its components are up and running.
 ```
 
-This should restart Unicorn, Sidekiq, GitLab Workhorse and [Mailroom][]
+This should restart Unicorn, Sidekiq, GitLab Workhorse, and [Mailroom][]
 (if enabled). The init service file that does all the magic can be found on
 your server in `/etc/init.d/gitlab`.
 
@@ -149,8 +149,8 @@ If you are using other init systems, like systemd, you can check the
 
 There is no single command to restart the entire GitLab application installed via
 the [cloud native Helm Chart](https://docs.gitlab.com/charts/). Usually, it should be
-enough to restart a specific component separately (`gitaly`, `unicorn`,
-`workhorse`, `gitlab-shell`, etc.) by deleting all the pods related to it:
+enough to restart a specific component separately (for example, `gitaly`, `unicorn`,
+`workhorse`, or `gitlab-shell`) by deleting all the pods related to it:
 
 ```shell
 kubectl delete pods -l release=<helm release name>,app=<component name>
diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md
index 5a3b23e0d3a..7ef16ef88f0 100644
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -351,6 +351,11 @@ dast:
     - /analyze -z"-config replacer.full_list\(0\).description=auth -config replacer.full_list\(0\).enabled=true -config replacer.full_list\(0\).matchtype=REQ_HEADER -config replacer.full_list\(0\).matchstr=Authorization -config replacer.full_list\(0\).regex=false -config replacer.full_list\(0\).replacement=TOKEN" -t $DAST_WEBSITE
 ```
 
+### Cloning the project's repository
+
+The DAST job does not require the project's repository to be present when running, so by default
+[`GIT_STRATEGY`](../../../ci/yaml/README.md#git-strategy) is set to `none`.
+
 ## Reports
 
 The DAST job can emit various reports.
diff --git a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml
index 94b9d94fd39..020d1f323ee 100644
--- a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml
@@ -18,6 +18,7 @@ dast:
   image:
     name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION"
   variables:
+    GIT_STRATEGY: none
   # URL to scan:
   # DAST_WEBSITE: https://example.com/
   #
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index fd1661f227b..51e6ea76323 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -111,6 +111,11 @@ msgid_plural "%d fixed test results"
 msgstr[0] ""
 msgstr[1] ""
 
+msgid "%d group selected"
+msgid_plural "%d groups selected"
+msgstr[0] ""
+msgstr[1] ""
+
 msgid "%d inaccessible merge request"
 msgid_plural "%d inaccessible merge requests"
 msgstr[0] ""
@@ -171,6 +176,11 @@ msgid_plural "%d seconds"
 msgstr[0] ""
 msgstr[1] ""
 
+msgid "%d shard selected"
+msgid_plural "%d shards selected"
+msgstr[0] ""
+msgstr[1] ""
+
 msgid "%d staged change"
 msgid_plural "%d staged changes"
 msgstr[0] ""
@@ -3599,6 +3609,9 @@ msgstr ""
 msgid "Choose what content you want to see on a group’s overview page"
 msgstr ""
 
+msgid "Choose which groups you wish to synchronize to this secondary node"
+msgstr ""
+
 msgid "Choose which repositories you want to connect and run CI/CD pipelines."
 msgstr ""
 
@@ -9921,6 +9934,9 @@ msgstr ""
 msgid "Groups can also be nested by creating %{subgroup_docs_link_start}subgroups%{subgroup_docs_link_end}."
 msgstr ""
 
+msgid "Groups to synchronize"
+msgstr ""
+
 msgid "Groups with access to %{strong_start}%{group_name}%{strong_end}"
 msgstr ""
 
@@ -17145,6 +17161,9 @@ msgstr ""
 msgid "Select group or project"
 msgstr ""
 
+msgid "Select groups to replicate"
+msgstr ""
+
 msgid "Select labels"
 msgstr ""
 
@@ -17544,9 +17563,6 @@ msgstr ""
 msgid "Severity: %{severity}"
 msgstr ""
 
-msgid "Shards selected: %{count}"
-msgstr ""
-
 msgid "Shards to synchronize"
 msgstr ""
 
@@ -19461,6 +19477,9 @@ msgstr ""
 msgid "There was an error fetching the Designs"
 msgstr ""
 
+msgid "There was an error fetching the Node's Groups"
+msgstr ""
+
 msgid "There was an error fetching the environments information."
 msgstr ""
 
diff --git a/spec/features/group_variables_spec.rb b/spec/features/group_variables_spec.rb
index 2b8d37bd629..524ae837b5e 100644
--- a/spec/features/group_variables_spec.rb
+++ b/spec/features/group_variables_spec.rb
@@ -11,7 +11,7 @@ describe 'Group variables', :js do
   before do
     group.add_owner(user)
     gitlab_sign_in(user)
-
+    stub_feature_flags(new_variables_ui: false)
     visit page_path
   end
 
diff --git a/spec/features/project_group_variables_spec.rb b/spec/features/project_group_variables_spec.rb
index c1f1c442937..242fc993718 100644
--- a/spec/features/project_group_variables_spec.rb
+++ b/spec/features/project_group_variables_spec.rb
@@ -24,6 +24,7 @@ describe 'Project group variables', :js do
     sign_in(user)
     project.add_maintainer(user)
     group.add_owner(user)
+    stub_feature_flags(new_variables_ui: false)
   end
 
   it 'project in group shows inherited vars from ancestor group' do
diff --git a/spec/features/project_variables_spec.rb b/spec/features/project_variables_spec.rb
index 9e3f8a843a1..1452317c22b 100644
--- a/spec/features/project_variables_spec.rb
+++ b/spec/features/project_variables_spec.rb
@@ -12,7 +12,7 @@ describe 'Project variables', :js do
     sign_in(user)
     project.add_maintainer(user)
     project.variables << variable
-
+    stub_feature_flags(new_variables_ui: false)
     visit page_path
   end
 
diff --git a/spec/features/projects/settings/registry_settings_spec.rb b/spec/features/projects/settings/registry_settings_spec.rb
index fc1a85c3efe..0613148172f 100644
--- a/spec/features/projects/settings/registry_settings_spec.rb
+++ b/spec/features/projects/settings/registry_settings_spec.rb
@@ -10,6 +10,7 @@ describe 'Project > Settings > CI/CD > Container registry tag expiration policy'
   before do
     sign_in(user)
     stub_container_registry_config(enabled: true)
+    stub_feature_flags(new_variables_ui: false)
   end
 
   context 'as owner' do
diff --git a/spec/frontend/fixtures/groups.rb b/spec/frontend/fixtures/groups.rb
index 237fc711594..2421b67a130 100644
--- a/spec/frontend/fixtures/groups.rb
+++ b/spec/frontend/fixtures/groups.rb
@@ -15,6 +15,7 @@ describe 'Groups (JavaScript fixtures)', type: :controller do
   end
 
   before do
+    stub_feature_flags(new_variables_ui: false)
     group.add_maintainer(admin)
     sign_in(admin)
   end
diff --git a/spec/frontend/fixtures/projects.rb b/spec/frontend/fixtures/projects.rb
index af5b70fbbeb..ff21dbaebe8 100644
--- a/spec/frontend/fixtures/projects.rb
+++ b/spec/frontend/fixtures/projects.rb
@@ -20,6 +20,7 @@ describe 'Projects (JavaScript fixtures)', type: :controller do
   end
 
   before do
+    stub_feature_flags(new_variables_ui: false)
     project.add_maintainer(admin)
     sign_in(admin)
     allow(SecureRandom).to receive(:hex).and_return('securerandomhex:thereisnospoon')
diff --git a/spec/frontend/repository/components/preview/index_spec.js b/spec/frontend/repository/components/preview/index_spec.js
index 7587ca4186c..6ae323f5c3f 100644
--- a/spec/frontend/repository/components/preview/index_spec.js
+++ b/spec/frontend/repository/components/preview/index_spec.js
@@ -1,7 +1,10 @@
 import { shallowMount } from '@vue/test-utils';
 import { GlLoadingIcon } from '@gitlab/ui';
+import { handleLocationHash } from '~/lib/utils/common_utils';
 import Preview from '~/repository/components/preview/index.vue';
 
+jest.mock('~/lib/utils/common_utils');
+
 let vm;
 let $apollo;
 
@@ -38,6 +41,22 @@ describe('Repository file preview component', () => {
     });
   });
 
+  it('handles hash after render', () => {
+    factory({
+      webUrl: 'http://test.com',
+      name: 'README.md',
+    });
+
+    vm.setData({ readme: { html: '<div class="blob">test</div>' } });
+
+    return vm.vm
+      .$nextTick()
+      .then(vm.vm.$nextTick())
+      .then(() => {
+        expect(handleLocationHash).toHaveBeenCalled();
+      });
+  });
+
   it('renders loading icon', () => {
     factory({
       webUrl: 'http://test.com',
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-02-21 06:08:58 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-02-21 06:08:58 +0000
commit	18b8435318887d3fc6e9f9d305967a953cdd7d3f (patch)
tree	28cb71f255eb364c224ff24dd085f8cd836951b1
parent	4359b9650ecf0960f04f0fd38fc25bec7b478a11 (diff)
download	gitlab-ce-18b8435318887d3fc6e9f9d305967a953cdd7d3f.tar.gz