Add latest changes from gitlab-org/gitlab@master

23 files changed, 237 insertions, 156 deletions

diff --git a/app/assets/javascripts/pipelines/components/pipelines_list/pipelines.vue b/app/assets/javascripts/pipelines/components/pipelines_list/pipelines.vue
index c5537b7ad54..bcbf655a737 100644
--- a/app/assets/javascripts/pipelines/components/pipelines_list/pipelines.vue
+++ b/app/assets/javascripts/pipelines/components/pipelines_list/pipelines.vue
@@ -189,6 +189,10 @@ export default {
       );
     },
 
+    shouldRenderPagination() {
+      return !this.isLoading && !this.hasError;
+    },
+
     emptyTabMessage() {
       if (this.scope === this.$options.scopes.finished) {
         return s__('Pipelines|There are currently no finished pipelines.');
@@ -381,10 +385,8 @@ export default {
       <gl-empty-state
         v-else-if="stateToRender === $options.stateMap.error"
         :svg-path="errorStateSvgPath"
-        :title="
-          s__(`Pipelines|There was an error fetching the pipelines.
-        Try again in a few moments or contact your support team.`)
-        "
+        :title="s__('Pipelines|There was an error fetching the pipelines.')"
+        :description="s__('Pipelines|Try again in a few moments or contact your support team.')"
       />
 
       <gl-empty-state
diff --git a/app/assets/javascripts/vue_shared/components/entity_select/entity_select.vue b/app/assets/javascripts/vue_shared/components/entity_select/entity_select.vue
index 9b45e969c90..1a3220d8db9 100644
--- a/app/assets/javascripts/vue_shared/components/entity_select/entity_select.vue
+++ b/app/assets/javascripts/vue_shared/components/entity_select/entity_select.vue
@@ -75,6 +75,7 @@ export default {
   computed: {
     selected: {
       set(value) {
+        this.$emit('input', value);
         this.selectedValue = value;
         this.selectedText =
           value === null ? null : this.items.find((item) => item.value === value).text;
@@ -160,6 +161,7 @@ export default {
     },
     onReset() {
       this.selected = null;
+      this.$emit('input', null);
     },
     onBottomReached() {
       this.fetchEntities(this.page + 1);
diff --git a/db/docs/clusters_applications_cilium.yml b/db/docs/deleted_tables/clusters_applications_cilium.yml
index 12e5753f12e..0dd4be4f94f 100644
--- a/db/docs/clusters_applications_cilium.yml
+++ b/db/docs/deleted_tables/clusters_applications_cilium.yml
@@ -6,3 +6,5 @@ description: Information about installed instance of Cilium in the cluster
 introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/34601
 milestone: '13.2'
 gitlab_schema: gitlab_main
+removed_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/119332
+removed_in_milestone: '16.0'
diff --git a/db/docs/clusters_applications_ingress.yml b/db/docs/deleted_tables/clusters_applications_ingress.yml
index b03d63f1cc6..d06486f37a4 100644
--- a/db/docs/clusters_applications_ingress.yml
+++ b/db/docs/deleted_tables/clusters_applications_ingress.yml
@@ -6,3 +6,5 @@ description: "(Deprecated) A GitLab managed Ingress installation in a Kubernetes
 introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/commit/d8223468ae2ae061020cc26336c51dc93cc75571
 milestone: '10.2'
 gitlab_schema: gitlab_main
+removed_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/119386
+removed_in_milestone: '16.0'
diff --git a/db/docs/clusters_applications_prometheus.yml b/db/docs/deleted_tables/clusters_applications_prometheus.yml
index f80b676ae4a..eb33a41e181 100644
--- a/db/docs/clusters_applications_prometheus.yml
+++ b/db/docs/deleted_tables/clusters_applications_prometheus.yml
@@ -6,3 +6,5 @@ description: Information about installed instance of Prometheus in the cluster
 introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/commit/0d4548026f3060ca0a8f7aa8d8fc89838bc66130
 milestone: '10.4'
 gitlab_schema: gitlab_main
+removed_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/119533
+removed_in_milestone: '16.0'
diff --git a/db/post_migrate/20230502134532_drop_clusters_applications_cilium.rb b/db/post_migrate/20230502134532_drop_clusters_applications_cilium.rb
new file mode 100644
index 00000000000..8d80bae0a52
--- /dev/null
+++ b/db/post_migrate/20230502134532_drop_clusters_applications_cilium.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+# See https://docs.gitlab.com/ee/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class DropClustersApplicationsCilium < Gitlab::Database::Migration[2.1]
+  def up
+    drop_table :clusters_applications_cilium
+  end
+
+  # Based on original migration:
+  # https://gitlab.com/gitlab-org/gitlab/-/blob/b237f836df215a4ada92b9406733e6cd2483ca2d/db/migrate/20200615234047_create_clusters_applications_cilium.rb
+  # rubocop:disable Migration/SchemaAdditionMethodsNoPost
+  def down
+    create_table :clusters_applications_cilium do |t|
+      t.references :cluster, null: false, index: { unique: true }
+      t.timestamps_with_timezone null: false
+      t.integer :status, null: false
+      t.text :status_reason # rubocop:disable Migration/AddLimitToTextColumns
+    end
+  end
+  # rubocop:enable Migration/SchemaAdditionMethodsNoPost
+end
diff --git a/db/post_migrate/20230502201251_drop_clusters_applications_ingress.rb b/db/post_migrate/20230502201251_drop_clusters_applications_ingress.rb
new file mode 100644
index 00000000000..a349346f91b
--- /dev/null
+++ b/db/post_migrate/20230502201251_drop_clusters_applications_ingress.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+# See https://docs.gitlab.com/ee/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class DropClustersApplicationsIngress < Gitlab::Database::Migration[2.1]
+  def up
+    drop_table :clusters_applications_ingress
+  end
+
+  # Based on init schema:
+  # https://gitlab.com/gitlab-org/gitlab/-/blob/b237f836df215a4ada92b9406733e6cd2483ca2d/db/migrate/20181228175414_init_schema.rb#L704-L715
+  # rubocop:disable Migration/SchemaAdditionMethodsNoPost
+  # rubocop:disable Migration/Datetime
+  def down
+    create_table "clusters_applications_ingress", id: :serial, force: :cascade do |t|
+      t.integer "cluster_id", null: false
+      t.datetime "created_at", null: false
+      t.datetime "updated_at", null: false
+      t.integer "status", null: false
+      t.integer "ingress_type", null: false
+      t.string "version", null: false
+      t.string "cluster_ip"
+      t.text "status_reason"
+      t.string "external_ip"
+      t.string "external_hostname"
+      t.index ["cluster_id"], name: "index_clusters_applications_ingress_on_cluster_id", unique: true
+    end
+  end
+  # rubocop:enable Migration/SchemaAdditionMethodsNoPost
+  # rubocop:enable Migration/Datetime
+end
diff --git a/db/post_migrate/20230503173101_drop_clusters_applications_prometheus.rb b/db/post_migrate/20230503173101_drop_clusters_applications_prometheus.rb
new file mode 100644
index 00000000000..6391c1ee5ae
--- /dev/null
+++ b/db/post_migrate/20230503173101_drop_clusters_applications_prometheus.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+# See https://docs.gitlab.com/ee/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class DropClustersApplicationsPrometheus < Gitlab::Database::Migration[2.1]
+  def up
+    drop_table :clusters_applications_prometheus
+  end
+
+  # Based on init schema:
+  # https://gitlab.com/gitlab-org/gitlab/-/blob/b237f836df215a4ada92b9406733e6cd2483ca2d/db/migrate/20181228175414_init_schema.rb#L742-L750
+  # rubocop:disable Migration/SchemaAdditionMethodsNoPost
+  def down
+    create_table "clusters_applications_prometheus", id: :serial, force: :cascade do |t|
+      t.integer "cluster_id", null: false
+      t.integer "status", null: false
+      t.string "version", null: false
+      t.text "status_reason"
+      t.datetime_with_timezone "created_at", null: false
+      t.datetime_with_timezone "updated_at", null: false
+      t.index ["cluster_id"], name: "index_clusters_applications_prometheus_on_cluster_id", unique: true
+      t.datetime_with_timezone "last_update_started_at"
+      t.string "encrypted_alert_manager_token"
+      t.string "encrypted_alert_manager_token_iv"
+      t.boolean "healthy"
+    end
+  end
+  # rubocop:enable Migration/SchemaAdditionMethodsNoPost
+end
diff --git a/db/schema_migrations/20230502134532 b/db/schema_migrations/20230502134532
new file mode 100644
index 00000000000..3fddcce3f7f
--- /dev/null
+++ b/db/schema_migrations/20230502134532
@@ -0,0 +1 @@
+6ba72f7fa8d90e6cf5f880b950c52e3643eb6d72672e66df71d0879957704a07
\ No newline at end of file
diff --git a/db/schema_migrations/20230502201251 b/db/schema_migrations/20230502201251
new file mode 100644
index 00000000000..7acaa004549
--- /dev/null
+++ b/db/schema_migrations/20230502201251
@@ -0,0 +1 @@
+55c34b57a1cfdc706c7e8ab53cb964011b81fce313404d0da91a9d0495ee1fd8
\ No newline at end of file
diff --git a/db/schema_migrations/20230503173101 b/db/schema_migrations/20230503173101
new file mode 100644
index 00000000000..9f327e25050
--- /dev/null
+++ b/db/schema_migrations/20230503173101
@@ -0,0 +1 @@
+d30a71027d3b43e5545772d42bd68b9f7b8699787aaab7f35cd1a58603288cda
\ No newline at end of file
diff --git a/db/structure.sql b/db/structure.sql
index 2fd0a3e40b3..a84efd98fb4 100644
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -14335,24 +14335,6 @@ CREATE TABLE clusters (
     helm_major_version integer DEFAULT 3 NOT NULL
 );
 
-CREATE TABLE clusters_applications_cilium (
-    id bigint NOT NULL,
-    cluster_id bigint NOT NULL,
-    created_at timestamp with time zone NOT NULL,
-    updated_at timestamp with time zone NOT NULL,
-    status integer NOT NULL,
-    status_reason text
-);
-
-CREATE SEQUENCE clusters_applications_cilium_id_seq
-    START WITH 1
-    INCREMENT BY 1
-    NO MINVALUE
-    NO MAXVALUE
-    CACHE 1;
-
-ALTER SEQUENCE clusters_applications_cilium_id_seq OWNED BY clusters_applications_cilium.id;
-
 CREATE TABLE clusters_applications_helm (
     id integer NOT NULL,
     cluster_id integer NOT NULL,
@@ -14375,29 +14357,6 @@ CREATE SEQUENCE clusters_applications_helm_id_seq
 
 ALTER SEQUENCE clusters_applications_helm_id_seq OWNED BY clusters_applications_helm.id;
 
-CREATE TABLE clusters_applications_ingress (
-    id integer NOT NULL,
-    cluster_id integer NOT NULL,
-    created_at timestamp without time zone NOT NULL,
-    updated_at timestamp without time zone NOT NULL,
-    status integer NOT NULL,
-    ingress_type integer NOT NULL,
-    version character varying NOT NULL,
-    cluster_ip character varying,
-    status_reason text,
-    external_ip character varying,
-    external_hostname character varying
-);
-
-CREATE SEQUENCE clusters_applications_ingress_id_seq
-    START WITH 1
-    INCREMENT BY 1
-    NO MINVALUE
-    NO MAXVALUE
-    CACHE 1;
-
-ALTER SEQUENCE clusters_applications_ingress_id_seq OWNED BY clusters_applications_ingress.id;
-
 CREATE TABLE clusters_applications_knative (
     id integer NOT NULL,
     cluster_id integer NOT NULL,
@@ -14420,29 +14379,6 @@ CREATE SEQUENCE clusters_applications_knative_id_seq
 
 ALTER SEQUENCE clusters_applications_knative_id_seq OWNED BY clusters_applications_knative.id;
 
-CREATE TABLE clusters_applications_prometheus (
-    id integer NOT NULL,
-    cluster_id integer NOT NULL,
-    status integer NOT NULL,
-    version character varying NOT NULL,
-    status_reason text,
-    created_at timestamp with time zone NOT NULL,
-    updated_at timestamp with time zone NOT NULL,
-    last_update_started_at timestamp with time zone,
-    encrypted_alert_manager_token character varying,
-    encrypted_alert_manager_token_iv character varying,
-    healthy boolean
-);
-
-CREATE SEQUENCE clusters_applications_prometheus_id_seq
-    START WITH 1
-    INCREMENT BY 1
-    NO MINVALUE
-    NO MAXVALUE
-    CACHE 1;
-
-ALTER SEQUENCE clusters_applications_prometheus_id_seq OWNED BY clusters_applications_prometheus.id;
-
 CREATE TABLE clusters_applications_runners (
     id integer NOT NULL,
     cluster_id integer NOT NULL,
@@ -25010,16 +24946,10 @@ ALTER TABLE ONLY cluster_providers_gcp ALTER COLUMN id SET DEFAULT nextval('clus
 
 ALTER TABLE ONLY clusters ALTER COLUMN id SET DEFAULT nextval('clusters_id_seq'::regclass);
 
-ALTER TABLE ONLY clusters_applications_cilium ALTER COLUMN id SET DEFAULT nextval('clusters_applications_cilium_id_seq'::regclass);
-
 ALTER TABLE ONLY clusters_applications_helm ALTER COLUMN id SET DEFAULT nextval('clusters_applications_helm_id_seq'::regclass);
 
-ALTER TABLE ONLY clusters_applications_ingress ALTER COLUMN id SET DEFAULT nextval('clusters_applications_ingress_id_seq'::regclass);
-
 ALTER TABLE ONLY clusters_applications_knative ALTER COLUMN id SET DEFAULT nextval('clusters_applications_knative_id_seq'::regclass);
 
-ALTER TABLE ONLY clusters_applications_prometheus ALTER COLUMN id SET DEFAULT nextval('clusters_applications_prometheus_id_seq'::regclass);
-
 ALTER TABLE ONLY clusters_applications_runners ALTER COLUMN id SET DEFAULT nextval('clusters_applications_runners_id_seq'::regclass);
 
 ALTER TABLE ONLY clusters_kubernetes_namespaces ALTER COLUMN id SET DEFAULT nextval('clusters_kubernetes_namespaces_id_seq'::regclass);
@@ -26915,21 +26845,12 @@ ALTER TABLE ONLY cluster_providers_aws
 ALTER TABLE ONLY cluster_providers_gcp
     ADD CONSTRAINT cluster_providers_gcp_pkey PRIMARY KEY (id);
 
-ALTER TABLE ONLY clusters_applications_cilium
-    ADD CONSTRAINT clusters_applications_cilium_pkey PRIMARY KEY (id);
-
 ALTER TABLE ONLY clusters_applications_helm
     ADD CONSTRAINT clusters_applications_helm_pkey PRIMARY KEY (id);
 
-ALTER TABLE ONLY clusters_applications_ingress
-    ADD CONSTRAINT clusters_applications_ingress_pkey PRIMARY KEY (id);
-
 ALTER TABLE ONLY clusters_applications_knative
     ADD CONSTRAINT clusters_applications_knative_pkey PRIMARY KEY (id);
 
-ALTER TABLE ONLY clusters_applications_prometheus
-    ADD CONSTRAINT clusters_applications_prometheus_pkey PRIMARY KEY (id);
-
 ALTER TABLE ONLY clusters_applications_runners
     ADD CONSTRAINT clusters_applications_runners_pkey PRIMARY KEY (id);
 
@@ -30346,16 +30267,10 @@ CREATE INDEX index_cluster_providers_gcp_on_cloud_run ON cluster_providers_gcp U
 
 CREATE UNIQUE INDEX index_cluster_providers_gcp_on_cluster_id ON cluster_providers_gcp USING btree (cluster_id);
 
-CREATE UNIQUE INDEX index_clusters_applications_cilium_on_cluster_id ON clusters_applications_cilium USING btree (cluster_id);
-
 CREATE UNIQUE INDEX index_clusters_applications_helm_on_cluster_id ON clusters_applications_helm USING btree (cluster_id);
 
-CREATE UNIQUE INDEX index_clusters_applications_ingress_on_cluster_id ON clusters_applications_ingress USING btree (cluster_id);
-
 CREATE UNIQUE INDEX index_clusters_applications_knative_on_cluster_id ON clusters_applications_knative USING btree (cluster_id);
 
-CREATE UNIQUE INDEX index_clusters_applications_prometheus_on_cluster_id ON clusters_applications_prometheus USING btree (cluster_id);
-
 CREATE UNIQUE INDEX index_clusters_applications_runners_on_cluster_id ON clusters_applications_runners USING btree (cluster_id);
 
 CREATE INDEX index_clusters_applications_runners_on_runner_id ON clusters_applications_runners USING btree (runner_id);
diff --git a/doc/administration/packages/container_registry.md b/doc/administration/packages/container_registry.md
index dd89db63833..f1f41e9b8b7 100644
--- a/doc/administration/packages/container_registry.md
+++ b/doc/administration/packages/container_registry.md
@@ -21,10 +21,8 @@ Registry, see the [user documentation](../../user/packages/container_registry/in
 If you installed GitLab by using the Omnibus installation package, the Container Registry
 may or may not be available by default.
 
-The Container Registry is automatically enabled and available on your GitLab domain, port 5050 if:
-
-- You're using the built-in [Let's Encrypt integration](https://docs.gitlab.com/omnibus/settings/ssl/index.html#enable-the-lets-encrypt-integration), and
-- You're using GitLab 12.5 or later.
+The Container Registry is automatically enabled and available on your GitLab domain, port 5050 if
+you're using the built-in [Let's Encrypt integration](https://docs.gitlab.com/omnibus/settings/ssl/index.html#enable-the-lets-encrypt-integration).
 
 Otherwise, the Container Registry is not enabled. To enable it:
 
@@ -96,7 +94,7 @@ If `auth` is not set up, users can pull Docker images without authentication.
 
 ## Container Registry domain configuration
 
-There are two ways you can configure the Registry's external domain. Either:
+You can configure the Registry's external domain in either of these ways:
 
 - [Use the existing GitLab domain](#configure-container-registry-under-an-existing-gitlab-domain).
   The Registry listens on a port and reuses the TLS certificate from GitLab.
@@ -114,9 +112,10 @@ If the Registry is configured to use the existing GitLab domain, you can
 expose the Registry on a port. This way you can reuse the existing GitLab TLS
 certificate.
 
-If the GitLab domain is `https://gitlab.example.com` and the port to the outside world is `5050`, here is what you need to set
-in `gitlab.rb` or `gitlab.yml` if you are using Omnibus GitLab or installed
-GitLab from source respectively.
+If the GitLab domain is `https://gitlab.example.com` and the port to the outside world is `5050` you need to configure the Registry:
+
+- Edit `gitlab.rb` if you are using Omnibus GitLab.
+- Edit `gitlab.yml` if you installed GitLab from source.
 
 Ensure you choose a port different than the one that Registry listens to (`5000` by default),
 otherwise conflicts occur.
@@ -261,7 +260,7 @@ docker login registry.gitlab.example.com
 ## Disable Container Registry site-wide
 
 When you disable the Registry by following these steps, you do not
-remove any existing Docker images. This is handled by the
+remove any existing Docker images. Docker image removal is handled by the
 Registry application itself.
 
 **Omnibus GitLab**
@@ -557,7 +556,7 @@ you can pull from the Container Registry, but you cannot push.
 1. To perform the final data sync,
    [put the Container Registry in `read-only` mode](#performing-garbage-collection-without-downtime) and
    [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
-1. Sync any changes since the initial data load to your S3 bucket and delete files that exist in the destination bucket but not in the source:
+1. Sync any changes dating from after the initial data load to your S3 bucket, and delete files that exist in the destination bucket but not in the source:
 
    ```shell
    sudo aws --endpoint-url https://your-object-storage-backend.com s3 sync registry s3://mybucket --delete --dryrun
@@ -590,15 +589,15 @@ you can pull from the Container Registry, but you cannot push.
 
 #### Moving to Azure Object Storage
 
-> The default configuration for the storage driver will be [changed](https://gitlab.com/gitlab-org/container-registry/-/issues/854) in GitLab 16.0.
+> The default configuration for the storage driver is scheduled to be [changed](https://gitlab.com/gitlab-org/container-registry/-/issues/854) in GitLab 16.0.
 
 <!--- start_remove The following content will be removed on remove_date: '2023-10-22' -->
 WARNING:
-The default configuration for the storage driver will be [changed](https://gitlab.com/gitlab-org/container-registry/-/issues/854) in GitLab 16.0. The storage driver will use `/` as the default root directory. You can add `trimlegacyrootprefix: false` to your current configuration now to avoid any disruptions. For more information, see the [Container Registry configuration](https://gitlab.com/gitlab-org/container-registry/-/tree/master/docs-gitlab#azure-storage-driver) documentation.
+The default configuration for the storage driver is scheduled to be [changed](https://gitlab.com/gitlab-org/container-registry/-/issues/854) in GitLab 16.0. The storage driver will use `/` as the default root directory. You can add `trimlegacyrootprefix: false` to your current configuration now to avoid any disruptions. For more information, see the [Container Registry configuration](https://gitlab.com/gitlab-org/container-registry/-/tree/master/docs-gitlab#azure-storage-driver) documentation.
 <!--- end_remove -->
 
 When moving from an existing file system or another object storage provider to Azure Object Storage, you must configure the registry to use the standard root directory.
-This configuration is done by setting [`trimlegacyrootprefix: true]`](https://gitlab.com/gitlab-org/container-registry/-/blob/a3f64464c3ec1c5a599c0a2daa99ebcbc0100b9a/docs-gitlab/README.md#azure-storage-driver) in the Azure storage driver section of the registry configuration.
+Configure it by setting [`trimlegacyrootprefix: true]`](https://gitlab.com/gitlab-org/container-registry/-/blob/a3f64464c3ec1c5a599c0a2daa99ebcbc0100b9a/docs-gitlab/README.md#azure-storage-driver) in the Azure storage driver section of the registry configuration.
 Without this configuration, the Azure storage driver uses `//` instead of `/` as the first section of the root path, rendering the migrated images inaccessible.
 
 **Omnibus GitLab installations**
@@ -682,7 +681,7 @@ However, this behavior is undesirable for registries used by internal hosts that
 
 You can use server-side encryption with AWS KMS for S3 buckets that have
 [SSE-S3 or SSE-KMS encryption enabled by default](https://docs.aws.amazon.com/kms/latest/developerguide/services-s3.html).
-Customer master keys (CMKs) and SSE-C encryption aren't supported since this requires sending the
+Customer master keys (CMKs) and SSE-C encryption aren't supported because this requires sending the
 encryption keys in every request.
 
 For SSE-S3, you must enable the `encrypt` option in the registry settings. How you do this depends
@@ -728,7 +727,7 @@ For installations from source:
 
 ### Storage limitations
 
-Currently, there is no storage limitation, which means a user can upload an
+There is no storage limitation, which means a user can upload an
 infinite amount of Docker images with arbitrary sizes. This setting should be
 configurable in future releases.
 
@@ -770,8 +769,8 @@ project, you can [disable it from your project's settings](../../user/project/se
 WARNING:
 Using external container registries in GitLab is [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/376217)
 in GitLab 15.8 and the end of support is scheduled for GitLab 16.0.
-If you need to use external container registries instead of the GitLab Container Registry, 
-please tell us about your use cases in [the feedback issue](https://gitlab.com/gitlab-org/container-registry/-/issues/958).
+If you need to use external container registries instead of the GitLab Container Registry,
+tell us about your use cases in [feedback issue 958](https://gitlab.com/gitlab-org/container-registry/-/issues/958).
 
 If you use an external container registry, some features associated with the
 container registry may be unavailable or have [inherent risks](../../user/packages/container_registry/reduce_container_registry_storage.md#use-with-external-container-registries).
@@ -877,7 +876,7 @@ You can use GitLab as an auth endpoint with an external container registry.
 ## Configure Container Registry notifications
 
 You can configure the Container Registry to send webhook notifications in
-response to events happening within the registry.
+response to events happening in the registry.
 
 Read more about the Container Registry notifications configuration options in the
 [Docker Registry notifications documentation](https://docs.docker.com/registry/notifications/).
@@ -930,9 +929,13 @@ notifications:
 
 WARNING:
 If you're using a distributed architecture and Sidekiq is running on a different node, the cleanup
-policies don't work. To fix this, you must configure the `gitlab.rb` file on the Sidekiq nodes to
-point to the correct registry URL and copy the `registry.key` file to each Sidekiq node. For more
-information, see the [Sidekiq configuration](../sidekiq/index.md)
+policies don't work. To fix this:
+
+1. Configure the `gitlab.rb` file on the Sidekiq nodes to
+   point to the correct registry URL.
+1. Copy the `registry.key` file to each Sidekiq node.
+
+For more information, see the [Sidekiq configuration](../sidekiq/index.md)
 page.
 
 To reduce the amount of [Container Registry disk space used by a given project](#registry-disk-space-usage-by-project),
@@ -999,7 +1002,7 @@ You can also [run cleanup on a schedule](../../user/packages/container_registry/
 ## Container Registry garbage collection
 
 NOTE:
-Retention policies within your object storage provider, such as Amazon S3 Lifecycle, may prevent
+Retention policies in your object storage provider, such as Amazon S3 Lifecycle, may prevent
 objects from being properly deleted.
 
 Container Registry can use considerable amounts of disk space. To clear up
@@ -1043,9 +1046,9 @@ docker build -t my.registry.com/my.group/my.project:latest .
 docker push my.registry.com/my.group/my.project:latest
 ```
 
-Now, the `:latest` tag points to manifest of `sha256:222222`. However, due to
-the architecture of registry, this data is still accessible when pulling the
-image `my.registry.com/my.group/my.project@sha256:111111`, even though it is
+Now, the `:latest` tag points to manifest of `sha256:222222`.
+Due to the architecture of registry, this data is still accessible when pulling the
+image `my.registry.com/my.group/my.project@sha256:111111`, though it is
 no longer directly accessible via the `:latest` tag.
 
 ### Recycling unused tags
diff --git a/doc/api/deploy_tokens.md b/doc/api/deploy_tokens.md
index 33b59d7c87f..eaee86ea418 100644
--- a/doc/api/deploy_tokens.md
+++ b/doc/api/deploy_tokens.md
@@ -150,9 +150,9 @@ Parameters:
 | ------------ | ---------------- | ---------------------- | ----------- |
 | `id`         | integer/string   | **{check-circle}** Yes | ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
 | `name`       | string           | **{check-circle}** Yes | New deploy token's name |
+| `scopes`     | array of strings | **{check-circle}** Yes | Indicates the deploy token scopes. Must be at least one of `read_repository`, `read_registry`, `write_registry`, `read_package_registry`, or `write_package_registry`. |
 | `expires_at` | datetime         | **{dotted-circle}** No | Expiration date for the deploy token. Does not expire if no value is provided. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) |
 | `username`   | string           | **{dotted-circle}** No | Username for deploy token. Default is `gitlab+deploy-token-{n}` |
-| `scopes`     | array of strings | **{check-circle}** Yes | Indicates the deploy token scopes. Must be at least one of `read_repository`, `read_registry`, `write_registry`, `read_package_registry`, or `write_package_registry`. |
 
 Example request:
 
@@ -306,9 +306,9 @@ Parameters:
 | ------------ | ---- | --------- | ----------- |
 | `id`         | integer/string   | **{check-circle}** Yes | ID or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
 | `name`       | string           | **{check-circle}** Yes | New deploy token's name |
+| `scopes`     | array of strings | **{check-circle}** Yes | Indicates the deploy token scopes. Must be at least one of `read_repository`, `read_registry`, `write_registry`, `read_package_registry`, or `write_package_registry`. |
 | `expires_at` | datetime         | **{dotted-circle}** No | Expiration date for the deploy token. Does not expire if no value is provided. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) |
 | `username`   | string           | **{dotted-circle}** No | Username for deploy token. Default is `gitlab+deploy-token-{n}` |
-| `scopes`     | array of strings | **{check-circle}** Yes | Indicates the deploy token scopes. Must be at least one of `read_repository`, `read_registry`, `write_registry`, `read_package_registry`, or `write_package_registry`. |
 
 Example request:
 
diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md
index bf373120701..9babc0dfcbd 100644
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -251,6 +251,16 @@ four standard [pagination arguments](#connection-pagination-arguments):
 | ---- | ---- | ----------- |
 | <a id="querygroupssearch"></a>`search` | [`String`](#string) | Search query for group name or group full path. |
 
+### `Query.instanceExternalAuditEventDestinations`
+
+Instance level external audit event destinations.
+
+Returns [`InstanceExternalAuditEventDestinationConnection`](#instanceexternalauditeventdestinationconnection).
+
+This field returns a [connection](#connections). It accepts the
+four standard [pagination arguments](#connection-pagination-arguments):
+`before: String`, `after: String`, `first: Int`, `last: Int`.
+
 ### `Query.instanceSecurityDashboard`
 
 Fields related to Instance Security Dashboard.
@@ -8804,6 +8814,29 @@ The edge type for [`IncidentManagementOncallShift`](#incidentmanagementoncallshi
 | <a id="incidentmanagementoncallshiftedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. |
 | <a id="incidentmanagementoncallshiftedgenode"></a>`node` | [`IncidentManagementOncallShift`](#incidentmanagementoncallshift) | The item at the end of the edge. |
 
+#### `InstanceExternalAuditEventDestinationConnection`
+
+The connection type for [`InstanceExternalAuditEventDestination`](#instanceexternalauditeventdestination).
+
+##### Fields
+
+| Name | Type | Description |
+| ---- | ---- | ----------- |
+| <a id="instanceexternalauditeventdestinationconnectionedges"></a>`edges` | [`[InstanceExternalAuditEventDestinationEdge]`](#instanceexternalauditeventdestinationedge) | A list of edges. |
+| <a id="instanceexternalauditeventdestinationconnectionnodes"></a>`nodes` | [`[InstanceExternalAuditEventDestination]`](#instanceexternalauditeventdestination) | A list of nodes. |
+| <a id="instanceexternalauditeventdestinationconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. |
+
+#### `InstanceExternalAuditEventDestinationEdge`
+
+The edge type for [`InstanceExternalAuditEventDestination`](#instanceexternalauditeventdestination).
+
+##### Fields
+
+| Name | Type | Description |
+| ---- | ---- | ----------- |
+| <a id="instanceexternalauditeventdestinationedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. |
+| <a id="instanceexternalauditeventdestinationedgenode"></a>`node` | [`InstanceExternalAuditEventDestination`](#instanceexternalauditeventdestination) | The item at the end of the edge. |
+
 #### `IssuableResourceLinkConnection`
 
 The connection type for [`IssuableResourceLink`](#issuableresourcelink).
diff --git a/doc/topics/gitlab_flow.md b/doc/topics/gitlab_flow.md
index d03caab19c4..d875f841eec 100644
--- a/doc/topics/gitlab_flow.md
+++ b/doc/topics/gitlab_flow.md
@@ -36,9 +36,12 @@ crucial for several reasons:
 A structured workflow promotes organization, efficiency, and code
 quality, leading to a more successful and streamlined development process.
 
-Because the default workflow is not specifically defined, many organizations
-end up with workflows that are too complicated, not clearly defined, or
-not integrated with their issue tracking systems.
+If the default workflow is not specifically defined, many organizations
+end up with workflows that are:
+
+- Too complicated.
+- Not clearly defined.
+- Not integrated with their issue tracking systems.
 
 Your organization can use GitLab with any workflow you choose.
 
@@ -57,16 +60,16 @@ repository.
 
 Developers create separate branches for each feature or bugfix,
 keeping the 'main' branch stable. When a feature is complete, the
-developer submits a pull request or merge request to integrate the
-changes back into the `main` branch after a code review.
+developer submits a merge request to integrate the
+changes back into `main` after a code review.
 
 ### Forking workflow
 
 Commonly used in open-source projects, this workflow allows external
 contributors to work without direct access to the main repository.
-Developers create a fork (a personal copy) of the main repository,
-make changes in their fork, and then submit a pull request or merge
-request to have their changes integrated into the main repository.
+Developers create a fork (personal copy) of the main repository and
+make changes in it. They then submit a merge request to have those changes
+integrated into the main repository.
 
 ### Git flow workflow
 
@@ -247,7 +250,7 @@ In this case, deploy the `staging` branch to your staging environment.
 To deploy to pre-production, create a merge request from the `staging` branch to the `pre-prod` branch.
 Go live by merging the `pre-prod` branch into the `production` branch.
 This workflow, where commits only flow downstream, ensures that everything is tested in all environments.
-If you need to cherry-pick a commit with a hotfix, it is common to develop it on a feature branch and merge it into `production` with a merge request.
+To cherry-pick a commit with a hotfix, develop it on a feature branch and merge it into `production` with a merge request.
 In this case, do not delete the feature branch yet.
 If `production` passes automatic testing, you then merge the feature branch into the other branches.
 If this is not possible because more manual testing is required, you can send merge requests from the feature branch to the downstream branches.
@@ -279,7 +282,7 @@ Create stable branches using `main` as a starting point, and branch as late as p
 By doing this, you minimize the length of time during which you have to apply bug fixes to multiple branches.
 After announcing a release branch, only add serious bug fixes to the branch.
 If possible, first merge these bug fixes into `main`, and then cherry-pick them into the release branch.
-If you start by merging into the release branch, you might forget to cherry-pick them into `main`, and then you'd encounter the same bug in subsequent releases.
+If you initially merged into the release branch and then forgot to cherry-pick to `main`, you'd encounter the same bug in subsequent releases.
 Merging into `main` and then cherry-picking into release is called an "upstream first" policy, which is also practiced by [Google](https://www.chromium.org/chromium-os/chromiumos-design-docs/upstream-first/) and [Red Hat](https://www.redhat.com/en/blog/a-community-for-using-openstack-with-red-hat-rdo).
 Every time you include a bug fix in a release branch, increase the patch version (to comply with [Semantic Versioning](https://semver.org/)) by setting a new tag.
 Some projects also have a stable branch that points to the same commit as the latest released branch.
@@ -304,7 +307,7 @@ If the review reveals shortcomings, anyone can commit and push a fix.
 Usually, the person to do this is the creator of the merge request.
 The diff in the merge request automatically updates when new commits are pushed to the branch.
 
-When you are ready for your feature branch to be merged, assign the merge request to the person who knows most about the codebase you are changing.
+When you are ready to merge your feature branch, assign the merge request to a maintainer for the project.
 Also, mention any other people from whom you would like feedback.
 After the assigned person feels comfortable with the result, they can merge the branch.
 If the assigned person does not feel comfortable, they can request more changes or close the merge request without merging.
@@ -441,7 +444,7 @@ Three reasons to merge in `main`:
 1. Resolving merge conflicts.
 1. Updating long-running branches.
 
-If you need to use some code that was introduced in `main` after you created the feature branch, you can often solve this by just cherry-picking a commit.
+To use some code that was introduced in `main` after you created the feature branch, cherry-pick a commit.
 
 If your feature branch has a merge conflict, creating a merge commit is a standard way of solving this.
 
@@ -469,7 +472,7 @@ In conclusion, you should try to prevent merge commits, but not eliminate them.
 Your codebase should be clean, but your history should represent what actually happened.
 Developing software happens in small, messy steps, and it is OK to have your history reflect this.
 You can use tools to view the network graphs of commits and understand the messy history that created your code.
-If you rebase code, the history is incorrect, and there is no way for tools to remedy this because they can't deal with changing commit identifiers.
+If you rebase code, the commit history changes. Because of changed commit identifiers, tools can't restore the commit history.
 
 ## Commit often and push frequently
 
@@ -501,8 +504,8 @@ The words "change," "improve," "fix," and "refactor" don't add much information
 For more information, see Tim Pope's excellent [note about formatting commit messages](https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).
 
 To add more context to a commit message, consider adding information regarding the
-origin of the change. For example, the URL of a GitLab issue, or a Jira issue number,
-containing more information for users who need in-depth context about the change.
+origin of the change, such the GitLab issue URL or Jira issue number. That way, you provide 
+more information for users who need in-depth context about the change.
 
 For example:
 
diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index 0ef87adfb89..ba70a77d8c0 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -266,13 +266,13 @@ table.supported-languages ul {
       <td>
         <ul>
             <li><a href="https://pipenv.pypa.io/en/latest/pipfile/#example-pipfile"><code>Pipfile</code></a></li>
-            <li><a href="https://pipenv.pypa.io/en/latest/pipfile/#example-pipfile-lock"><code>Pipfile.lock</code></a><sup><b><a href="#notes-regarding-supported-languages-and-package-managers-6">6</a></b></sup></li>
+            <li><a href="https://pipenv.pypa.io/en/latest/pipfile/#example-pipfile-lock"><code>Pipfile.lock</code></a></li>
         </ul>
       </td>
       <td>N</td>
     </tr>
     <tr>
-      <td><a href="https://python-poetry.org/">Poetry</a><sup><b><a href="#notes-regarding-supported-languages-and-package-managers-7">7</a></b></sup></td>
+      <td><a href="https://python-poetry.org/">Poetry</a><sup><b><a href="#notes-regarding-supported-languages-and-package-managers-6">6</a></b></sup></td>
       <td><code>poetry.lock</code></td>
       <td>N</td>
     </tr>
@@ -291,7 +291,7 @@ table.supported-languages ul {
     <tr>
       <td>Scala</td>
       <td>All versions</td>
-      <td><a href="https://www.scala-sbt.org/">sbt</a><sup><b><a href="#notes-regarding-supported-languages-and-package-managers-8">8</a></b></sup></td>
+      <td><a href="https://www.scala-sbt.org/">sbt</a><sup><b><a href="#notes-regarding-supported-languages-and-package-managers-7">7</a></b></sup></td>
       <td><code>build.sbt</code></td>
       <td>N</td>
     </tr>
@@ -337,26 +337,13 @@ table.supported-languages ul {
   <li>
     <a id="notes-regarding-supported-languages-and-package-managers-6"></a>
     <p>
-      The presence of a <code>Pipfile.lock</code> file alone will <i>not</i> trigger the analyzer; the presence of a <code>Pipfile</code> is
-      still required in order for the analyzer to be executed. However, if a <code>Pipfile.lock</code> file is found, it is used by
-      <code>Gemnasium</code> to scan the exact package versions listed in this file.
-    </p>
-    <p>
-      Support for <code>Pipfile.lock</code> files without requiring the presence of a <code>Pipfile</code> is tracked in
-      issue: <a href="https://gitlab.com/gitlab-org/gitlab/-/issues/299294">Dependency Scanning of Pipfile.lock without
-      installing project dependencies</a>.
-    </p>
-  </li>
-  <li>
-    <a id="notes-regarding-supported-languages-and-package-managers-7"></a>
-    <p>
       Support for <a href="https://python-poetry.org/">Poetry</a> projects with a <code>poetry.lock</code> file was <a href="https://gitlab.com/gitlab-org/gitlab/-/issues/7006">added in GitLab 15.0</a>.
       Support for projects without a <code>poetry.lock</code> file is tracked in issue:
       <a href="https://gitlab.com/gitlab-org/gitlab/-/issues/32774">Poetry's pyproject.toml support for dependency scanning.</a>
     </p>
   </li>
   <li>
-    <a id="notes-regarding-supported-languages-and-package-managers-8"></a>
+    <a id="notes-regarding-supported-languages-and-package-managers-7"></a>
     <p>
       Support for <a href="https://www.scala-sbt.org/">sbt</a> 1.3 and above was added in GitLab 13.9.
     </p>
@@ -699,9 +686,10 @@ The following variables are used for configuring specific analyzers (used for a
 | `PIP_INDEX_URL`                      | `gemnasium-python` | `https://pypi.org/simple`    | Base URL of Python Package Index. |
 | `PIP_EXTRA_INDEX_URL`                | `gemnasium-python` |                              | Array of [extra URLs](https://pip.pypa.io/en/stable/reference/pip_install/#cmdoption-extra-index-url) of package indexes to use in addition to `PIP_INDEX_URL`. Comma-separated. **Warning:** Read [the following security consideration](#python-projects) when using this environment variable. |
 | `PIP_REQUIREMENTS_FILE`              | `gemnasium-python` |                              | Pip requirements file to be scanned. |
+| `PIPENV_PYPI_MIRROR`                 | `gemnasium-python` |                              | If set, overrides the PyPi index used by Pipenv with a [mirror](https://github.com/pypa/pipenv/blob/v2022.1.8/pipenv/environments.py#L263). |
 | `DS_PIP_VERSION`                     | `gemnasium-python` |                              | Force the install of a specific pip version (example: `"19.3"`), otherwise the pip installed in the Docker image is used. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12811) in GitLab 12.7) |
 | `DS_PIP_DEPENDENCY_PATH`             | `gemnasium-python` |                              | Path to load Python pip dependencies from. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12412) in GitLab 12.2) |
-| `DS_INCLUDE_DEV_DEPENDENCIES`        | `gemnasium`        | `"true"`                     | When set to `"false"`, development dependencies and their vulnerabilities are not reported. Only NPM and Poetry projects are supported. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/227861) in GitLab 15.1. |
+| `DS_INCLUDE_DEV_DEPENDENCIES`        | `gemnasium`        | `"true"`                     | When set to `"false"`, development dependencies and their vulnerabilities are not reported. Only Composer, NPM, and Poetry projects are supported. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/227861) in GitLab 15.1. |
 | `GOOS`                               | `gemnasium`        | `"linux"`                    | The operating system for which to compile Go code. |
 | `GOARCH`                             | `gemnasium`        | `"amd64"`                    | The architecture of the processor for which to compile Go code. |
 | `GOFLAGS`                            | `gemnasium`        |                              | The flags passed to the `go build` tool. |
@@ -1120,6 +1108,24 @@ ensure that it can reach your private repository. Here is an example configurati
    setuptools.ssl_support.cert_paths = ['internal.crt']
    ```
 
+#### Python (Pipenv)
+
+If running in a limited network connectivity environment, you must configure the `PIPENV_PYPI_MIRROR`
+variable to use a private PyPi mirror. This mirror must contain both default and development dependencies.
+
+```yaml
+variables:
+  PIPENV_PYPI_MIRROR: https://pypi.example.com/simple
+```
+
+<!-- markdownlint-disable MD044 -->
+Alternatively, if it's not possible to use a private registry, you can load the required packages
+into the Pipenv virtual environment cache. For this option, the project must check in the
+`Pipfile.lock` into the repository, and load both default and development packages into the cache.
+See the example [python-pipenv](https://gitlab.com/gitlab-org/security-products/tests/python-pipenv/-/blob/41cc017bd1ed302f6edebcfa3bc2922f428e07b6/.gitlab-ci.yml#L20-42)
+project for an example of how this can be done.
+<!-- markdownlint-enable MD044 -->
+
 ## Hosting a copy of the `gemnasium_db` advisory database
 
 The [`gemnasium_db`](https://gitlab.com/gitlab-org/security-products/gemnasium-db) Git repository is
diff --git a/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml
index 2196630296b..c4ba49de931 100644
--- a/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml
@@ -123,6 +123,7 @@ gemnasium-maven-dependency_scanning:
     - '**/requirements.txt'
     - '**/requirements.pip'
     - '**/Pipfile'
+    - '**/Pipfile.lock'
     - '**/requires.txt'
     - '**/setup.py'
     - '**/poetry.lock'
diff --git a/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.latest.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.latest.gitlab-ci.yml
index 46161dce74c..1bc465c69f9 100644
--- a/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.latest.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.latest.gitlab-ci.yml
@@ -159,6 +159,7 @@ gemnasium-maven-dependency_scanning:
     - '**/requirements.txt'
     - '**/requirements.pip'
     - '**/Pipfile'
+    - '**/Pipfile.lock'
     - '**/requires.txt'
     - '**/setup.py'
     - '**/poetry.lock'
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 355f0b490b9..88a9d2422bb 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -32989,6 +32989,9 @@ msgstr ""
 msgid "Pipelines|There was a problem with loading the pipeline data."
 msgstr ""
 
+msgid "Pipelines|There was an error fetching the pipelines."
+msgstr ""
+
 msgid "Pipelines|There was an error fetching the pipelines. Try again in a few moments or contact your support team."
 msgstr ""
 
@@ -33025,6 +33028,9 @@ msgstr ""
 msgid "Pipelines|Trigger user has insufficient permissions to project"
 msgstr ""
 
+msgid "Pipelines|Try again in a few moments or contact your support team."
+msgstr ""
+
 msgid "Pipelines|Try test template"
 msgstr ""
 
diff --git a/spec/db/schema_spec.rb b/spec/db/schema_spec.rb
index 605ba78da09..e4ea60762ac 100644
--- a/spec/db/schema_spec.rb
+++ b/spec/db/schema_spec.rb
@@ -22,11 +22,8 @@ RSpec.describe 'Database schema', feature_category: :database do
   # In the subsequent table removal MR, remove the entries.
   # See: https://docs.gitlab.com/ee/development/migration_style_guide.html#dropping-a-database-table
   REMOVED_FKS = {
-    clusters_applications_cilium: %w[cluster_id],
     clusters_applications_helm: %w[cluster_id],
-    clusters_applications_ingress: %w[cluster_id],
     clusters_applications_knative: %w[cluster_id],
-    clusters_applications_prometheus: %w[cluster_id],
     clusters_applications_runners: %w[cluster_id],
     serverless_domain_cluster: %w[clusters_applications_knative_id creator_id pages_domain_id]
   }.with_indifferent_access.freeze
diff --git a/spec/frontend/pipelines/pipelines_spec.js b/spec/frontend/pipelines/pipelines_spec.js
index 44f345fdf4e..68a430b0403 100644
--- a/spec/frontend/pipelines/pipelines_spec.js
+++ b/spec/frontend/pipelines/pipelines_spec.js
@@ -750,8 +750,9 @@ describe('Pipelines', () => {
       });
 
       it('shows error state', () => {
-        expect(findEmptyState().text()).toBe(
-          'There was an error fetching the pipelines. Try again in a few moments or contact your support team.',
+        expect(findEmptyState().props('title')).toBe('There was an error fetching the pipelines.');
+        expect(findEmptyState().props('description')).toBe(
+          'Try again in a few moments or contact your support team.',
         );
       });
     });
@@ -775,8 +776,9 @@ describe('Pipelines', () => {
       });
 
       it('shows error state', () => {
-        expect(findEmptyState().text()).toBe(
-          'There was an error fetching the pipelines. Try again in a few moments or contact your support team.',
+        expect(findEmptyState().props('title')).toBe('There was an error fetching the pipelines.');
+        expect(findEmptyState().props('description')).toBe(
+          'Try again in a few moments or contact your support team.',
         );
       });
     });
diff --git a/spec/frontend/vue_shared/components/entity_select/entity_select_spec.js b/spec/frontend/vue_shared/components/entity_select/entity_select_spec.js
index fa2e09b6b9f..6e2e854adae 100644
--- a/spec/frontend/vue_shared/components/entity_select/entity_select_spec.js
+++ b/spec/frontend/vue_shared/components/entity_select/entity_select_spec.js
@@ -122,6 +122,12 @@ describe('EntitySelect', () => {
     });
 
     describe('once a group is selected', () => {
+      it('emits `input` event with the select value', async () => {
+        createComponent();
+        await selectGroup();
+        expect(wrapper.emitted('input')[0]).toEqual(['1']);
+      });
+
       it(`uses the selected group's name as the toggle text`, async () => {
         createComponent();
         await selectGroup();
@@ -146,6 +152,16 @@ describe('EntitySelect', () => {
 
         expect(findListbox().props('toggleText')).toBe(defaultToggleText);
       });
+
+      it('emits `input` event with `null` on reset', async () => {
+        createComponent();
+        await selectGroup();
+
+        findListbox().vm.$emit('reset');
+        await nextTick();
+
+        expect(wrapper.emitted('input')[2]).toEqual([null]);
+      });
     });
   });