Add latest changes from gitlab-org/gitlab@15-2-stable-ee

11 files changed, 129 insertions, 35 deletions

diff --git a/Gemfile b/Gemfile
index 71cd2609b3a..df9b68c5495 100644
--- a/Gemfile
+++ b/Gemfile
@@ -536,7 +536,7 @@ gem 'valid_email', '~> 0.1'
 # JSON
 gem 'json', '~> 2.5.1'
 gem 'json_schemer', '~> 0.2.18'
-gem 'oj', '~> 3.13.16'
+gem 'oj', '~> 3.13.19'
 gem 'multi_json', '~> 1.14.1'
 gem 'yajl-ruby', '~> 1.4.1', require: 'yajl'
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 6ccdd090ee9..718bcfcac9a 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -869,7 +869,7 @@ GEM
       plist (~> 3.1)
       train-core
       wmi-lite (~> 1.0)
-    oj (3.13.16)
+    oj (3.13.19)
     omniauth (1.9.1)
       hashie (>= 3.4.6)
       rack (>= 1.6.2, < 3)
@@ -1637,7 +1637,7 @@ DEPENDENCIES
   oauth2 (~> 2.0)
   octokit (~> 4.15)
   ohai (~> 16.10)
-  oj (~> 3.13.16)
+  oj (~> 3.13.19)
   omniauth (~> 1.8)
   omniauth-alicloud (~> 1.0.1)
   omniauth-atlassian-oauth2 (~> 0.2.0)
diff --git a/app/assets/javascripts/ci_secure_files/index.js b/app/assets/javascripts/ci_secure_files/index.js
index 3944286dc60..3a28e7f8e33 100644
--- a/app/assets/javascripts/ci_secure_files/index.js
+++ b/app/assets/javascripts/ci_secure_files/index.js
@@ -4,6 +4,11 @@ import SecureFilesList from './components/secure_files_list.vue';
 
 export const initCiSecureFiles = (selector = '#js-ci-secure-files') => {
   const containerEl = document.querySelector(selector);
+
+  if (!containerEl) {
+    return false;
+  }
+
   const { projectId } = containerEl.dataset;
   const { admin } = containerEl.dataset;
   const { fileSizeLimit } = containerEl.dataset;
diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index 78b55680b5e..95c6da4a7af 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -1314,6 +1314,8 @@ module Ci
         raise ArgumentError, 'pipeline not fully loaded'
       end
 
+      return 0 unless created_at
+
       (Time.current - created_at).ceil / 60
     end
 
diff --git a/db/migrate/20220712031923_create_vulnerability_reads_for_an_existing_vulnerability_record.rb b/db/migrate/20220712031923_create_vulnerability_reads_for_an_existing_vulnerability_record.rb
index 68769f9e4e3..f3c57692a0d 100644
--- a/db/migrate/20220712031923_create_vulnerability_reads_for_an_existing_vulnerability_record.rb
+++ b/db/migrate/20220712031923_create_vulnerability_reads_for_an_existing_vulnerability_record.rb
@@ -10,7 +10,7 @@ class CreateVulnerabilityReadsForAnExistingVulnerabilityRecord < Gitlab::Databas
 
   def up
     execute(<<~SQL)
-      CREATE FUNCTION #{FUNCTION_NAME}() RETURNS trigger
+      CREATE OR REPLACE FUNCTION #{FUNCTION_NAME}() RETURNS trigger
           LANGUAGE plpgsql
           AS $$
       DECLARE
@@ -39,6 +39,10 @@ class CreateVulnerabilityReadsForAnExistingVulnerabilityRecord < Gitlab::Databas
     SQL
 
     execute(<<~SQL)
+      DROP TRIGGER IF EXISTS #{TRIGGER_NAME} ON vulnerabilities;
+    SQL
+
+    execute(<<~SQL)
       CREATE TRIGGER #{TRIGGER_NAME}
       AFTER UPDATE ON vulnerabilities
       FOR EACH ROW
diff --git a/db/post_migrate/20220707075300_reschedule_backfill_imported_issue_search_data.rb b/db/post_migrate/20220707075300_reschedule_backfill_imported_issue_search_data.rb
index b5124ce667c..912578d6b7c 100644
--- a/db/post_migrate/20220707075300_reschedule_backfill_imported_issue_search_data.rb
+++ b/db/post_migrate/20220707075300_reschedule_backfill_imported_issue_search_data.rb
@@ -14,10 +14,6 @@ class RescheduleBackfillImportedIssueSearchData < Gitlab::Database::Migration[2.
     delete_batched_background_migration(MIGRATION, :issues, :id, [])
 
     # reschedule the migration
-    min_value = Gitlab::Database::BackgroundMigration::BatchedMigration.find_by(
-      job_class_name: "BackfillIssueSearchData"
-    )&.max_value || BATCH_MIN_VALUE
-
     queue_batched_background_migration(
       MIGRATION,
       :issues,
@@ -32,4 +28,21 @@ class RescheduleBackfillImportedIssueSearchData < Gitlab::Database::Migration[2.
   def down
     delete_batched_background_migration(MIGRATION, :issues, :id, [])
   end
+
+  private
+
+  def min_value
+    start_value = Gitlab::Database::BackgroundMigration::BatchedMigration.find_by(
+      job_class_name: "BackfillIssueSearchData"
+    )&.max_value
+
+    return BATCH_MIN_VALUE unless start_value
+
+    max_value = Issue.maximum(:id)
+
+    return BATCH_MIN_VALUE unless max_value
+
+    # Just in case the issue's max ID is now lower than the history in the table
+    [start_value, max_value].min
+  end
 end
diff --git a/doc/user/admin_area/settings/sign_up_restrictions.md b/doc/user/admin_area/settings/sign_up_restrictions.md
index 534450c1871..56abb3d4701 100644
--- a/doc/user/admin_area/settings/sign_up_restrictions.md
+++ b/doc/user/admin_area/settings/sign_up_restrictions.md
@@ -118,6 +118,25 @@ create or update pipelines until their email address is confirmed.
 You can [change](../../../security/password_length_limits.md#modify-minimum-password-length-using-gitlab-ui)
 the minimum number of characters a user must have in their password using the GitLab UI.
 
+### Password complexity requirements **(PREMIUM SELF)**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/354965) in GitLab 15.2.
+
+By default, the only requirement for user passwords is [minimum password length](#minimum-password-length-limit).
+You can add additional complexity requirements. Changes to password complexity requirements apply to new passwords:
+
+- For new users that sign up.
+- For existing users that reset their password.
+
+Existing passwords are unaffected. To change password complexity requirements:
+
+1. On the top bar, select **Menu > Admin**.
+1. On the left sidebar, select **Settings > General**.
+1. Expand **Sign-up restrictions**.
+1. Under **Minimum password length (number of characters)**, select additional password complexity requirements. You can require numbers, uppercase letters, lowercase letters,
+   and symbols.
+1. Select **Save changes**.
+
 ## Allow or deny sign ups using specific email domains
 
 You can specify an inclusive or exclusive list of email domains which can be used for user sign up.
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index e462ca19ba6..fdb0fbf820d 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -574,12 +574,12 @@ module API
       end
     end
 
-    def log_artifact_size(file)
+    def log_artifact_file_size(file)
       Gitlab::ApplicationContext.push(artifact: file.model)
     end
 
     def present_artifacts_file!(file, **args)
-      log_artifact_size(file) if file
+      log_artifact_file_size(file) if file
 
       present_carrierwave_file!(file, **args)
     end
diff --git a/spec/migrations/reschedule_backfill_imported_issue_search_data_spec.rb b/spec/migrations/reschedule_backfill_imported_issue_search_data_spec.rb
index 7d1377bbeba..7581c201a59 100644
--- a/spec/migrations/reschedule_backfill_imported_issue_search_data_spec.rb
+++ b/spec/migrations/reschedule_backfill_imported_issue_search_data_spec.rb
@@ -6,8 +6,22 @@ require_migration!
 RSpec.describe RescheduleBackfillImportedIssueSearchData do
   let_it_be(:reschedule_migration) { described_class::MIGRATION }
 
-  context 'when BackfillIssueSearchData.max_value is nil' do
-    it 'schedules a new batched migration with a default value' do
+  def create_batched_migration(max_value:)
+    Gitlab::Database::BackgroundMigration::BatchedMigration
+      .create!(
+        max_value: max_value,
+        batch_size: 200,
+        sub_batch_size: 20,
+        interval: 120,
+        job_class_name: 'BackfillIssueSearchData',
+        table_name: 'issues',
+        column_name: 'id',
+        gitlab_schema: 'glschema'
+      )
+  end
+
+  shared_examples 'backfill rescheduler' do
+    it 'schedules a new batched migration' do
       reversible_migration do |migration|
         migration.before -> {
           expect(reschedule_migration).not_to have_scheduled_batched_migration
@@ -17,39 +31,60 @@ RSpec.describe RescheduleBackfillImportedIssueSearchData do
             table_name: :issues,
             column_name: :id,
             interval: described_class::DELAY_INTERVAL,
-            batch_min_value: described_class::BATCH_MIN_VALUE
+            batch_min_value: batch_min_value
           )
         }
       end
     end
   end
 
+  context 'when BackfillIssueSearchData.max_value is nil' do
+    let(:batch_min_value) { described_class::BATCH_MIN_VALUE }
+
+    it_behaves_like 'backfill rescheduler'
+  end
+
   context 'when BackfillIssueSearchData.max_value exists' do
+    let(:batch_min_value) { described_class::BATCH_MIN_VALUE }
+
     before do
-      Gitlab::Database::BackgroundMigration::BatchedMigration
-        .create!(
-          max_value: 200,
-          batch_size: 200,
-          sub_batch_size: 20,
-          interval: 120,
-          job_class_name: 'BackfillIssueSearchData',
-          table_name: 'issues',
-          column_name: 'id',
-          gitlab_schema: 'glschema'
-        )
+      create_batched_migration(max_value: 200)
     end
 
-    it 'schedules a new batched migration with a custom max_value' do
-      reversible_migration do |migration|
-        migration.after -> {
-          expect(reschedule_migration).to have_scheduled_batched_migration(
-            table_name: :issues,
-            column_name: :id,
-            interval: described_class::DELAY_INTERVAL,
-            batch_min_value: 200
-          )
-        }
-      end
+    it_behaves_like 'backfill rescheduler'
+  end
+
+  context 'when an issue is available' do
+    let_it_be(:namespaces_table) { table(:namespaces) }
+    let_it_be(:projects_table) { table(:projects) }
+
+    let(:namespace) { namespaces_table.create!(name: 'gitlab-org', path: 'gitlab-org') }
+    let(:project) { projects_table.create!(name: 'gitlab', path: 'gitlab-org/gitlab-ce', namespace_id: namespace.id, project_namespace_id: namespace.id) } # rubocop:disable Layout/LineLength
+    let(:issue) { table(:issues).create!(project_id: project.id, title: 'test title', description: 'test description') }
+
+    before do
+      create_batched_migration(max_value: max_value)
+    end
+
+    context 'when BackfillIssueSearchData.max_value = Issue.maximum(:id)' do
+      let(:max_value) { issue.id }
+      let(:batch_min_value) { max_value }
+
+      it_behaves_like 'backfill rescheduler'
+    end
+
+    context 'when BackfillIssueSearchData.max_value > Issue.maximum(:id)' do
+      let(:max_value) { issue.id + 1 }
+      let(:batch_min_value) { issue.id }
+
+      it_behaves_like 'backfill rescheduler'
+    end
+
+    context 'when BackfillIssueSearchData.max_value < Issue.maximum(:id)' do
+      let(:max_value) { issue.id - 1 }
+      let(:batch_min_value) { max_value }
+
+      it_behaves_like 'backfill rescheduler'
     end
   end
 end
diff --git a/spec/models/ci/pipeline_spec.rb b/spec/models/ci/pipeline_spec.rb
index 081fa6cbbae..6a71b2cfbed 100644
--- a/spec/models/ci/pipeline_spec.rb
+++ b/spec/models/ci/pipeline_spec.rb
@@ -5039,6 +5039,16 @@ RSpec.describe Ci::Pipeline, :mailer, factory_default: :keep do
           expect(pipeline.age_in_minutes).to eq 120
         end
       end
+
+      context 'when pipeline has no created_at' do
+        before do
+          pipeline.update!(created_at: nil)
+        end
+
+        it 'returns zero' do
+          expect(pipeline.age_in_minutes).to eq 0
+        end
+      end
     end
 
     context 'when pipeline has been loaded without all attributes' do
diff --git a/spec/requests/api/ci/runner/jobs_artifacts_spec.rb b/spec/requests/api/ci/runner/jobs_artifacts_spec.rb
index 5767fa4326e..cd8c3dd2806 100644
--- a/spec/requests/api/ci/runner/jobs_artifacts_spec.rb
+++ b/spec/requests/api/ci/runner/jobs_artifacts_spec.rb
@@ -844,7 +844,13 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do
                   'Content-Disposition' => %q(attachment; filename="ci_build_artifacts.zip"; filename*=UTF-8''ci_build_artifacts.zip) }
               end
 
+              before do
+                allow(Gitlab::ApplicationContext).to receive(:push).and_call_original
+              end
+
               it 'downloads artifacts' do
+                expect(Gitlab::ApplicationContext).to receive(:push).with(artifact: an_instance_of(Ci::JobArtifact)).once.and_call_original
+
                 download_artifact
 
                 expect(response).to have_gitlab_http_status(:ok)