Add latest changes from gitlab-org/gitlab@master

2 files changed, 74 insertions, 14 deletions

diff --git a/doc/user/application_security/license_compliance/index.md b/doc/user/application_security/license_compliance/index.md
index ee8c4b8774c..95eec0db7fa 100644
--- a/doc/user/application_security/license_compliance/index.md
+++ b/doc/user/application_security/license_compliance/index.md
@@ -26,7 +26,7 @@ licenses in your project's settings.
 NOTE: **Note:**
 If the license compliance report doesn't have anything to compare to, no information
 will be displayed in the merge request area. That is the case when you add the
-`license_management` job in your `.gitlab-ci.yml` for the first time.
+`license_scanning` job in your `.gitlab-ci.yml` for the first time.
 Consecutive merge requests will have something to compare to and the license
 compliance report will be shown properly.
 
@@ -70,25 +70,38 @@ To run a License Compliance scanning job, you need GitLab Runner with the
 
 ## Configuration
 
-For GitLab 11.9 and later, to enable License Compliance, you must
+For GitLab 12.8 and later, to enable License Compliance, you must
 [include](../../../ci/yaml/README.md#includetemplate) the
-[`License-Management.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/License-Management.gitlab-ci.yml)
+[`License-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml)
 that's provided as a part of your GitLab installation.
+For older versions of GitLab from 11.9 to 12.7, you must
+[include](../../../ci/yaml/README.md#includetemplate) the
+[`License-Management.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/License-Management.gitlab-ci.yml).
 For GitLab versions earlier than 11.9, you can copy and use the job as defined
 that template.
 
+NOTE: **Note:**
+In GitLab 13.0, the `License-Management.gitlab-ci.yml` template is scheduled to be removed.
+Use `License-Scanning.gitlab-ci.yml` instead.
+
 Add the following to your `.gitlab-ci.yml` file:
 
 ```yaml
 include:
-  template: License-Management.gitlab-ci.yml
+  template: License-Scanning.gitlab-ci.yml
 ```
 
-The included template will create a `license_management` job in your CI/CD pipeline
+The included template will create a `license_scanning` job in your CI/CD pipeline
 and scan your dependencies to find their licenses.
 
+NOTE: **Note:**
+Before GitLab 12.8, the `license_scanning` job was named `license_management`.
+In GitLab 13.0, the `license_management` job is scheduled to be removed completely,
+so you're advised to migrate to the `license_scanning` job and used the new
+`License-Scanning.gitlab-ci.yml` template.
+
 The results will be saved as a
-[License Compliance report artifact](../../../ci/yaml/README.md#artifactsreportslicense_management-ultimate)
+[License Compliance report artifact](../../../ci/yaml/README.md#artifactsreportslicense_scanning-ultimate)
 that you can later download and analyze. Due to implementation limitations, we
 always take the latest License Compliance artifact available. Behind the scenes, the
 [GitLab License Compliance Docker image](https://gitlab.com/gitlab-org/security-products/license-management)
@@ -128,7 +141,7 @@ For example:
 
 ```yaml
 include:
-  template: License-Management.gitlab-ci.yml
+  template: License-Scanning.gitlab-ci.yml
 
 variables:
   LICENSE_MANAGEMENT_SETUP_CMD: sh my-custom-install-script.sh
@@ -140,14 +153,14 @@ directory of your project.
 ### Overriding the template
 
 If you want to override the job definition (for example, change properties like
-`variables` or `dependencies`), you need to declare a `license_management` job
+`variables` or `dependencies`), you need to declare a `license_scanning` job
 after the template inclusion and specify any additional keys under it. For example:
 
 ```yaml
 include:
-  template: License-Management.gitlab-ci.yml
+  template: License-Scanning.gitlab-ci.yml
 
-license_management:
+license_scanning:
   variables:
     CI_DEBUG_TRACE: "true"
 ```
@@ -160,9 +173,9 @@ Feel free to use it for the customization of Maven execution. For example:
 
 ```yaml
 include:
-  template: License-Management.gitlab-ci.yml
+  template: License-Scanning.gitlab-ci.yml
 
-license_management:
+license_scanning:
   variables:
     MAVEN_CLI_OPTS: --debug
 ```
@@ -188,13 +201,48 @@ by setting the `LM_PYTHON_VERSION` environment variable to `2`.
 
 ```yaml
 include:
-  template: License-Management.gitlab-ci.yml
+  template: License-Scanning.gitlab-ci.yml
 
-license_management:
+license_scanning:
   variables:
     LM_PYTHON_VERSION: 2
 ```
 
+### Migration from `license_management` to `license_scanning`
+
+In GitLab 12.8 a new name for `license_management` job was introduced. This change was made to improve clarity around the purpose of the scan, which is to scan and collect the types of licenses present in a projects dependencies.
+The support of `license_management` is scheduled to be dropped in GitLab 13.0.
+If you're using a custom setup for License Compliance, you're required
+to update your CI config accordingly:
+
+1. Change the CI template to `License-Scanning.gitlab-ci.yml`.
+1. Change the job name to `license_management` (if you mention it in `.gitlab-ci.yml`).
+1. Change the artifact name to `gl-license-scanning-report.json` (if you mention it in `.gitlab-ci.yml`).
+
+For example, the following `.gitlab-ci.yml`:
+
+```yaml
+include:
+  template: License-Management.gitlab-ci.yml
+
+license_management:
+  artifacts:
+    reports:
+      license_management: gl-license-management-report.json
+```
+
+Should be changed to:
+
+```yaml
+include:
+  template: License-Scanning.gitlab-ci.yml
+
+license_scanning:
+  artifacts:
+    reports:
+      license_scanning: gl-license-scanning-report.json
+```
+
 ## Project policies for License Compliance
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/5940) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.4.
diff --git a/doc/user/packages/container_registry/index.md b/doc/user/packages/container_registry/index.md
index 0238121f977..d072cb982c6 100644
--- a/doc/user/packages/container_registry/index.md
+++ b/doc/user/packages/container_registry/index.md
@@ -336,6 +336,18 @@ error during connect: Get http://docker:2376/v1.39/info: dial tcp: lookup docker
 It is possible to create a per-project expiration policy, so that you can make sure that
 older tags and images are regularly removed from the Container Registry.
 
+The expiration policy algorithm starts by collecting all the tags for a given repository in a list,
+then goes through a process of excluding tags from it until only the ones to be deleted remain:
+
+1. Collect all the tags for a given repository in a list.
+1. Excludes the tag named `latest` from the list.
+1. Evaluates the `name_regex`, excluding non-matching names from the list.
+1. Excludes any tags that do not have a manifest (not part of the options).
+1. Orders the remaining tags by `created_date`.
+1. Excludes from the list the N tags based on the `keep_n` value (Expiration latest).
+1. Excludes from the list the tags older than the `older_than` value (Expiration interval).
+1. Finally, the remaining tags in the list are deleted from the Container Registry.
+
 ### Managing project expiration policy through the API
 
 You can set, update, and disable the expiration policies using the GitLab API.