Add latest changes from gitlab-org/gitlab@master

4 files changed, 220 insertions, 0 deletions

diff --git a/doc/administration/terraform_state.md b/doc/administration/terraform_state.md
new file mode 100644
index 00000000000..c684178f13e
--- /dev/null
+++ b/doc/administration/terraform_state.md
@@ -0,0 +1,135 @@
+# Terraform state administration (alpha)
+
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2673) in GitLab 12.10.
+
+GitLab can be used as a backend for [Terraform](../user/infrastructure/index.md) state
+files. The files are encrypted before being stored. This feature is enabled by default.
+
+The storage location of these files defaults to:
+
+- `/var/opt/gitlab/gitlab-rails/shared/terraform_state` for Omnibus GitLab installations.
+- `/home/git/gitlab/shared/terraform_state` for source installations.
+
+These locations can be configured using the options described below.
+
+## Using local storage
+
+NOTE: **Note:**
+This is the default configuration
+
+To change the location where Terraform state files are stored locally, follow the steps
+below.
+
+**In Omnibus installations:**
+
+1. To change the storage path for example to `/mnt/storage/terraform_state`, edit
+   `/etc/gitlab/gitlab.rb` and add the following line:
+
+   ```ruby
+   gitlab_rails['terraform_state_enabled'] = true
+   gitlab_rails['terraform_state_storage_path'] = "/mnt/storage/terraform_state"
+   ```
+
+1. Save the file and [reconfigure GitLab][] for the changes to take effect.
+
+**In installations from source:**
+
+1. To change the storage path for example to `/mnt/storage/terraform_state`, edit
+   `/home/git/gitlab/config/gitlab.yml` and add or amend the following lines:
+
+   ```yaml
+   terraform_state:
+     enabled: true
+     storage_path: /mnt/storage/terraform_state
+   ```
+
+1. Save the file and [restart GitLab][] for the changes to take effect.
+
+## Using object storage **(CORE ONLY)**
+
+Instead of storing Terraform state files on disk, we recommend the use of an object
+store that is S3-compatible instead. This configuration relies on valid credentials to
+be configured already.
+
+### Object storage settings
+
+The following settings are:
+
+- Nested under `terraform_state:` and then `object_store:` on source installations.
+- Prefixed by `terraform_state_object_store_` on Omnibus GitLab installations.
+
+| Setting | Description | Default |
+|---------|-------------|---------|
+| `enabled` | Enable/disable object storage | `true` |
+| `remote_directory` | The bucket name where Terraform state files will be stored | |
+| `connection` | Various connection options described below | |
+
+### S3-compatible connection settings
+
+The connection settings match those provided by [Fog](https://github.com/fog), and are as follows:
+
+| Setting | Description | Default |
+|---------|-------------|---------|
+| `provider` | Always `AWS` for compatible hosts | `AWS` |
+| `aws_access_key_id` | Credentials for AWS or compatible provider | |
+| `aws_secret_access_key` | Credentials for AWS or compatible provider | |
+| `aws_signature_version` | AWS signature version to use. 2 or 4 are valid options. Digital Ocean Spaces and other providers may need 2. | 4 |
+| `enable_signature_v4_streaming` | Set to true to enable HTTP chunked transfers with [AWS v4 signatures](https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html). Oracle Cloud S3 needs this to be false | `true` |
+| `region` | AWS region | us-east-1 |
+| `host` | S3-compatible host when not using AWS. For example, `localhost` or `storage.example.com` | `s3.amazonaws.com` |
+| `endpoint` | Can be used when configuring an S3-compatible service such as [MinIO](https://min.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
+| `path_style` | Set to true to use `host/bucket_name/object` style paths instead of `bucket_name.host/object`. Leave as false for AWS S3 | `false` |
+| `use_iam_profile` | For AWS S3, set to true to use an IAM profile instead of access keys | `false` |
+
+**In Omnibus installations:**
+
+1. Edit `/etc/gitlab/gitlab.rb` and add the following lines; replacing with
+   the values you want:
+
+   ```ruby
+   gitlab_rails['terraform_state_enabled'] = true
+   gitlab_rails['terraform_state_object_store_enabled'] = true
+   gitlab_rails['terraform_state_object_store_remote_directory'] = "terraform_state"
+   gitlab_rails['terraform_state_object_store_connection'] = {
+     'provider' => 'AWS',
+     'region' => 'eu-central-1',
+     'aws_access_key_id' => 'AWS_ACCESS_KEY_ID',
+     'aws_secret_access_key' => 'AWS_SECRET_ACCESS_KEY'
+   }
+   ```
+
+   NOTE: **Note:**
+   If you are using AWS IAM profiles, be sure to omit the AWS access key and secret access key/value pairs.
+
+   ```ruby
+   gitlab_rails['terraform_state_object_store_connection'] = {
+     'provider' => 'AWS',
+     'region' => 'eu-central-1',
+     'use_iam_profile' => true
+   }
+   ```
+
+1. Save the file and [reconfigure GitLab][] for the changes to take effect.
+
+**In installations from source:**
+
+1. Edit `/home/git/gitlab/config/gitlab.yml` and add or amend the following
+   lines:
+
+   ```yaml
+   terraform_state:
+     enabled: true
+     object_store:
+       enabled: true
+       remote_directory: "terraform_state" # The bucket name
+       connection:
+         provider: AWS # Only AWS supported at the moment
+         aws_access_key_id: AWS_ACESS_KEY_ID
+         aws_secret_access_key: AWS_SECRET_ACCESS_KEY
+         region: eu-central-1
+   ```
+
+1. Save the file and [restart GitLab][] for the changes to take effect.
+
+[reconfigure gitlab]: restart_gitlab.md#omnibus-gitlab-reconfigure "How to reconfigure Omnibus GitLab"
+[restart gitlab]: restart_gitlab.md#installations-from-source "How to restart GitLab"
diff --git a/doc/api/graphql/reference/gitlab_schema.graphql b/doc/api/graphql/reference/gitlab_schema.graphql
index 6c5de925fe9..f6a1cb79a1f 100644
--- a/doc/api/graphql/reference/gitlab_schema.graphql
+++ b/doc/api/graphql/reference/gitlab_schema.graphql
@@ -6229,6 +6229,11 @@ type Project {
   ): Requirement
 
   """
+  Number of requirements for the project by their state
+  """
+  requirementStatesCount: RequirementStatesCount
+
+  """
   Find requirements. Available only when feature flag `requirements_management` is enabled.
   """
   requirements(
@@ -7030,6 +7035,21 @@ enum RequirementState {
   OPENED
 }
 
+"""
+Counts of requirements by their state.
+"""
+type RequirementStatesCount {
+  """
+  Number of archived requirements
+  """
+  archived: Int
+
+  """
+  Number of opened requirements
+  """
+  opened: Int
+}
+
 type RootStorageStatistics {
   """
   The CI artifacts size in bytes
diff --git a/doc/api/graphql/reference/gitlab_schema.json b/doc/api/graphql/reference/gitlab_schema.json
index 14d4f798f6e..a8f6923927b 100644
--- a/doc/api/graphql/reference/gitlab_schema.json
+++ b/doc/api/graphql/reference/gitlab_schema.json
@@ -18630,6 +18630,20 @@
               "deprecationReason": null
             },
             {
+              "name": "requirementStatesCount",
+              "description": "Number of requirements for the project by their state",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "OBJECT",
+                "name": "RequirementStatesCount",
+                "ofType": null
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
+            {
               "name": "requirements",
               "description": "Find requirements. Available only when feature flag `requirements_management` is enabled.",
               "args": [
@@ -21116,6 +21130,47 @@
         },
         {
           "kind": "OBJECT",
+          "name": "RequirementStatesCount",
+          "description": "Counts of requirements by their state.",
+          "fields": [
+            {
+              "name": "archived",
+              "description": "Number of archived requirements",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "SCALAR",
+                "name": "Int",
+                "ofType": null
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
+            {
+              "name": "opened",
+              "description": "Number of opened requirements",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "SCALAR",
+                "name": "Int",
+                "ofType": null
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            }
+          ],
+          "inputFields": null,
+          "interfaces": [
+
+          ],
+          "enumValues": null,
+          "possibleTypes": null
+        },
+        {
+          "kind": "OBJECT",
           "name": "RootStorageStatistics",
           "description": null,
           "fields": [
diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md
index 2aee7d484d0..fb13c674347 100644
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -910,6 +910,7 @@ Information about pagination in a connection.
 | `repository` | Repository | Git repository of the project |
 | `requestAccessEnabled` | Boolean | Indicates if users can request member access to the project |
 | `requirement` | Requirement | Find a single requirement. Available only when feature flag `requirements_management` is enabled. |
+| `requirementStatesCount` | RequirementStatesCount | Number of requirements for the project by their state |
 | `sentryDetailedError` | SentryDetailedError | Detailed version of a Sentry error on the project |
 | `sentryErrors` | SentryErrorCollection | Paginated collection of Sentry errors on the project |
 | `serviceDeskAddress` | String | E-mail address of the service desk. |
@@ -1032,6 +1033,15 @@ Check permissions for the current user on a requirement
 | `readRequirement` | Boolean! | Indicates the user can perform `read_requirement` on this resource |
 | `updateRequirement` | Boolean! | Indicates the user can perform `update_requirement` on this resource |
 
+## RequirementStatesCount
+
+Counts of requirements by their state.
+
+| Name  | Type  | Description |
+| ---   |  ---- | ----------  |
+| `archived` | Int | Number of archived requirements |
+| `opened` | Int | Number of opened requirements |
+
 ## RootStorageStatistics
 
 | Name  | Type  | Description |