Add latest changes from gitlab-org/gitlab@master

15 files changed, 161 insertions, 44 deletions

diff --git a/.gitignore b/.gitignore
index 7310c04d117..65befc20963 100644
--- a/.gitignore
+++ b/.gitignore
@@ -81,3 +81,4 @@ package-lock.json
 jsdoc/
 **/tmp/rubocop_cache/**
 .overcommit.yml
+.projections.json
diff --git a/.projections.json.example b/.projections.json.example
new file mode 100644
index 00000000000..7ea0862f56a
--- /dev/null
+++ b/.projections.json.example
@@ -0,0 +1,36 @@
+{
+  "app/*.rb": {
+    "alternate": "spec/{}_spec.rb",
+    "type": "source"
+  },
+  "spec/*_spec.rb": {
+    "alternate": "app/{}.rb",
+    "type": "test"
+  },
+  "lib/*.rb": {
+    "alternate": "spec/lib/{}_spec.rb",
+    "type": "source"
+  },
+  "spec/lib/*_spec.rb": {
+    "alternate": "lib/{}.rb",
+    "type": "test"
+  },
+  "ee/app/*.rb": {
+    "alternate": "ee/spec/{}_spec.rb",
+    "type": "source"
+  },
+  "ee/spec/*_spec.rb": {
+    "alternate": "ee/app/{}.rb",
+    "type": "test"
+  },
+  "ee/lib/*.rb": {
+    "alternate": "ee/spec/lib/{}_spec.rb",
+    "type": "source"
+  },
+  "ee/spec/lib/*_spec.rb": {
+    "alternate": "ee/lib/{}.rb",
+    "type": "test"
+  },
+  "*.rb": {"dispatch": "bundle exec rubocop {file}"},
+  "*_spec.rb": {"dispatch": "bundle exec rspec {file}"}
+}
diff --git a/app/views/ci/variables/_variable_row.html.haml b/app/views/ci/variables/_variable_row.html.haml
index ed4bd5ae19e..ed9b3ab1940 100644
--- a/app/views/ci/variables/_variable_row.html.haml
+++ b/app/views/ci/variables/_variable_row.html.haml
@@ -30,7 +30,7 @@
       value: key,
       placeholder: s_('CiVariables|Input variable key') }
     .ci-variable-body-item.gl-show-field-errors.table-section.section-15.border-top-0.p-0
-      .form-control.js-secret-value-placeholder.qa-ci-variable-input-value{ class: ('hide' unless id) }
+      .form-control.js-secret-value-placeholder.qa-ci-variable-input-value.overflow-hidden{ class: ('hide' unless id) }
         = '*' * 17
       %textarea.js-ci-variable-input-value.js-secret-value.qa-ci-variable-input-value.form-control{ class: ('hide' if id),
         rows: 1,
diff --git a/app/views/layouts/nav/_dashboard.html.haml b/app/views/layouts/nav/_dashboard.html.haml
index 7b0824ae2af..4b83239dfbd 100644
--- a/app/views/layouts/nav/_dashboard.html.haml
+++ b/app/views/layouts/nav/_dashboard.html.haml
@@ -59,7 +59,7 @@
           = render_if_exists 'layouts/nav/sidebar/analytics_more_link'
 
           %li.dropdown.d-lg-none
-            = render_if_exists 'dashboard/operations/nav_link_list'
+            = render_if_exists 'dashboard/nav_link_list'
           - if can?(current_user, :read_instance_statistics)
             = nav_link(controller: [:conversational_development_index, :cohorts], html_options: { class: 'd-lg-none' }) do
               = link_to instance_statistics_root_path do
@@ -86,7 +86,7 @@
           = _('Web IDE')
 
   %li.dropdown{ class: 'd-none d-lg-block' }
-    = render_if_exists 'dashboard/operations/nav_link'
+    = render_if_exists 'dashboard/nav_link'
   - if can?(current_user, :read_instance_statistics)
     = nav_link(controller: [:conversational_development_index, :cohorts], html_options: { class: "d-none d-lg-block d-xl-block"}) do
       = link_to instance_statistics_root_path, title: _('Instance Statistics'), aria: { label: _('Instance Statistics') }, data: {toggle: 'tooltip', placement: 'bottom', container: 'body'} do
diff --git a/changelogs/unreleased/30392-variables.yml b/changelogs/unreleased/30392-variables.yml
new file mode 100644
index 00000000000..2a35ffd3215
--- /dev/null
+++ b/changelogs/unreleased/30392-variables.yml
@@ -0,0 +1,5 @@
+---
+title: Fixes variables overflowing in sm screens
+merge_request:
+author:
+type: fixed
diff --git a/doc/administration/monitoring/prometheus/gitlab_metrics.md b/doc/administration/monitoring/prometheus/gitlab_metrics.md
index 302d74dd96a..f78a3da2107 100644
--- a/doc/administration/monitoring/prometheus/gitlab_metrics.md
+++ b/doc/administration/monitoring/prometheus/gitlab_metrics.md
@@ -140,8 +140,7 @@ The following metrics are available:
 
 | Metric                            | Type      | Since                                                         | Description                            |
 |:--------------------------------- |:--------- |:------------------------------------------------------------- |:-------------------------------------- |
-| `db_load_balancing_hosts`         | Gauge     | [12.3](https://gitlab.com/gitlab-org/gitlab/issues/13630)  | Current number of load balancing hosts |
-| `db_load_balancing_index`         | Gauge     | [12.3](https://gitlab.com/gitlab-org/gitlab/issues/13630)  | Current load balancing host index      |
+| `db_load_balancing_hosts`         | Gauge     | [12.3](https://gitlab.com/gitlab-org/gitlab/issues/13630)     | Current number of load balancing hosts |
 
 ## Ruby metrics
 
diff --git a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md
index 5a414cc7e32..4539407d1c1 100644
--- a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md
+++ b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md
@@ -556,6 +556,14 @@ parent.members_with_descendants.count
 GroupDestroyWorker.perform_async(group_id, user_id)
 ```
 
+### Modify group project creation
+
+```ruby
+# Project creation levels: 0 - No one, 1 - Maintainers, 2 - Developers + Maintainers
+group = Group.find_by_path_or_name('group-name')
+group.project_creation_level=0
+```
+
 ## LDAP
 
 ### LDAP commands in the rails console
diff --git a/doc/development/README.md b/doc/development/README.md
index 4c9e111bc99..bdc92236716 100644
--- a/doc/development/README.md
+++ b/doc/development/README.md
@@ -165,6 +165,10 @@ description: 'Learn how to contribute to GitLab.'
 
 - [Shell scripting standards and style guidelines](shell_scripting_guide/index.md)
 
+## Other Development guides
+
+- [Defining relations between files using projections](projections.md)
+
 ## Other GitLab Development Kit (GDK) guides
 
 - [Run full Auto DevOps cycle in a GDK instance](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/auto_devops.md)
diff --git a/doc/development/projections.md b/doc/development/projections.md
new file mode 100644
index 00000000000..9d5702da530
--- /dev/null
+++ b/doc/development/projections.md
@@ -0,0 +1,34 @@
+# Projections
+
+Projections are a way to define relations between files. Every file can have a
+"related" or "alternate" file. It's common to consider spec files to be
+"alternate" files to source files.
+
+## How to use it
+
+- Install an editor plugin that consumes projections
+- Copy `.projections.json.example` to `.projections.json`
+
+## How to customize it
+
+You can find a basic list of projection options in
+[projectionist.txt](https://github.com/tpope/vim-projectionist/blob/master/doc/projectionist.txt)
+
+## Which plugins can I use
+
+- vim
+  - [vim-projectionist](https://github.com/tpope/vim-projectionist)
+- VSCode
+  - [Alternate File](https://marketplace.visualstudio.com/items?itemName=will-wow.vscode-alternate-file)
+  - [projectionist](https://github.com/jarsen/projectionist)
+  - [jumpto](https://github.com/gmdayley/jumpto)
+- Atom
+  - [projectionist-atom](https://atom.io/packages/projectionist-atom)
+- Command-line
+  - [projectionist](https://github.com/glittershark/projectionist)
+
+## History
+
+This started as a
+[plugin for vim by tpope](https://github.com/tpope/vim-projectionist)
+It has since become editor-agnostic and ported to most modern editors.
diff --git a/doc/user/project/integrations/img/prometheus_add_metric.png b/doc/user/project/integrations/img/prometheus_add_metric.png
index e85670e1a13..9afeb535123 100644
--- a/doc/user/project/integrations/img/prometheus_add_metric.png
+++ b/doc/user/project/integrations/img/prometheus_add_metric.png
diff --git a/doc/user/project/integrations/img/prometheus_alert.png b/doc/user/project/integrations/img/prometheus_alert.png
index a37f0477fd9..ffa1008ff51 100644
--- a/doc/user/project/integrations/img/prometheus_alert.png
+++ b/doc/user/project/integrations/img/prometheus_alert.png
diff --git a/doc/user/project/integrations/img/prometheus_dashboard.png b/doc/user/project/integrations/img/prometheus_dashboard.png
index 1fa36ca2675..24d855eb50c 100644
--- a/doc/user/project/integrations/img/prometheus_dashboard.png
+++ b/doc/user/project/integrations/img/prometheus_dashboard.png
diff --git a/doc/user/project/integrations/prometheus.md b/doc/user/project/integrations/prometheus.md
index 1ecefa210a0..e00923c3b9b 100644
--- a/doc/user/project/integrations/prometheus.md
+++ b/doc/user/project/integrations/prometheus.md
@@ -115,7 +115,7 @@ You can view the performance dashboard for an environment by [clicking on the mo
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/3799) in [GitLab Premium](https://about.gitlab.com/pricing/) 10.6.
 
-Custom metrics can be monitored by adding them on the Prometheus integration page. Once saved, they will be displayed on the environment performance dashboard provided that either:
+Custom metrics can be monitored by adding them on the monitoring dashboard page. Once saved, they will be displayed on the environment performance dashboard provided that either:
 
 - A [connected Kubernetes cluster](../clusters/index.md#adding-and-removing-clusters) with the environment scope of `*` is used and [Prometheus installed on the cluster](#enabling-prometheus-integration), or
 - Prometheus is [manually configured](#manual-configuration-of-prometheus).
@@ -300,8 +300,12 @@ Data from Prometheus charts on the metrics dashboard can be downloaded as CSV.
 
 For managed Prometheus instances using auto configuration, alerts for metrics [can be configured](#adding-additional-metrics-premium) directly in the performance dashboard.
 
-To set an alert, click on the alarm icon in the top right corner of the metric you want to create the alert for. A dropdown
-will appear, with options to set the threshold and operator. Click **Add** to save and activate the alert.
+To set an alert:
+
+1. Click on the ellipsis icon in the top right corner of the metric you want to create the alert for.
+1. Choose **Alerts**
+1. Set threshold and operator.
+1. Click **Add** to save and activate the alert.
 
 ![Adding an alert](img/prometheus_alert.png)
 
diff --git a/lib/api/helpers/services_helpers.rb b/lib/api/helpers/services_helpers.rb
index 2475e384a50..eba4ebb4b6e 100644
--- a/lib/api/helpers/services_helpers.rb
+++ b/lib/api/helpers/services_helpers.rb
@@ -155,7 +155,6 @@ module API
 
       def self.services
         {
-          'alerts' => [],
           'asana' => [
             {
               required: true,
@@ -697,7 +696,6 @@ module API
 
       def self.service_classes
         [
-          ::AlertsService,
           ::AsanaService,
           ::AssemblaService,
           ::BambooService,
diff --git a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
index 88f4b72044c..a0c2ab3aa26 100644
--- a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
@@ -4,7 +4,13 @@
 # List of the variables: https://gitlab.com/gitlab-org/security-products/sast#settings
 # How to set: https://docs.gitlab.com/ee/ci/yaml/#variables
 
-.sast:
+variables:
+  SAST_ANALYZER_IMAGE_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers"
+  SAST_DEFAULT_ANALYZERS: "bandit, brakeman, gosec, spotbugs, flawfinder, phpcs-security-audit, security-code-scan, nodejs-scan, eslint, tslint, secrets, sobelow, pmd-apex"
+  SAST_MAJOR_VERSION: 2
+  SAST_DISABLE_DIND: "false"
+
+sast:
   stage: test
   allow_failure: true
   artifacts:
@@ -15,13 +21,6 @@
       - branches
     variables:
       - $GITLAB_FEATURES =~ /\bsast\b/
-
-variables:
-  SAST_ANALYZER_IMAGE_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers"
-  SAST_DISABLE_DIND: "false"
-
-sast:
-  extends: .sast
   image: docker:stable
   variables:
     DOCKER_DRIVER: overlay2
@@ -84,7 +83,8 @@ sast:
       - $SAST_DISABLE_DIND == 'true'
 
 .analyzer:
-  extends: .sast
+  extends: sast
+  services: []
   except:
     variables:
       - $SAST_DISABLE_DIND == 'false'
@@ -94,100 +94,128 @@ sast:
 bandit-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/bandit"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/bandit:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /python/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /bandit/&&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /python/
 
 brakeman-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/brakeman"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/brakeman:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /ruby/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /brakeman/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /ruby/
 
 eslint-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/eslint"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/eslint:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /javascript/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /eslint/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /javascript/
 
 flawfinder-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/flawfinder"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/flawfinder:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /\b(c\+\+|c\b)/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /flawfinder/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /\b(c\+\+|c)\b/
 
 gosec-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/gosec"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/gosec:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /go/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /gosec/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /\bgo\b/
 
 nodejs-scan-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/nodejs-scan"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/nodejs-scan:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /javascript/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /nodejs-scan/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /javascript/
 
 phpcs-security-audit-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/phpcs-security-audit"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/phpcs-security-audit:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /php/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /phpcs-security-audit/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /php/
 
 pmd-apex-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/pmd-apex"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/pmd-apex:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /apex/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /pmd-apex/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /apex/
 
 secrets-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/secrets"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/secrets:$SAST_MAJOR_VERSION"
+  only:
+    variables:
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /secrets/
 
 security-code-scan-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/security-code-scan"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/security-code-scan:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /c\#/ || $CI_PROJECT_REPOSITORY_LANGUAGES =~ /visual basic/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /security-code-scan/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /\b(c\#|visual basic\b)/
 
 sobelow-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/sobelow"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/sobelow:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /elixir/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /sobelow/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /elixir/
 
 spotbugs-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/spotbugs"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/spotbugs:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /java\b/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /spotbugs/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /java\b/
 
 tslint-sast:
   extends: .analyzer
   image:
-    name: "$SAST_ANALYZER_IMAGE_PREFIX/tslint"
+    name: "$SAST_ANALYZER_IMAGE_PREFIX/tslint:$SAST_MAJOR_VERSION"
   only:
     variables:
-      - '$CI_PROJECT_REPOSITORY_LANGUAGES =~ /typescript/'
+      - $GITLAB_FEATURES =~ /\bsast\b/ &&
+          $SAST_DEFAULT_ANALYZERS =~ /tslint/ &&
+          $CI_PROJECT_REPOSITORY_LANGUAGES =~ /typescript/