Add latest changes from gitlab-org/gitlab@master

13 files changed, 32 insertions, 19 deletions

diff --git a/doc/development/iterating_tables_in_batches.md b/doc/development/iterating_tables_in_batches.md
index 3f2b467fec9..fba6f2f616d 100644
--- a/doc/development/iterating_tables_in_batches.md
+++ b/doc/development/iterating_tables_in_batches.md
@@ -334,8 +334,8 @@ end
 The iteration uses the `id` column of the `projects` table. The batching does not affect the
 subquery. This means for each iteration, the subquery is executed by the database. This adds a
 constant "load" on the query which often ends up in statement timeouts. We have an unknown number
-of confidential issues, the execution time and the accessed database rows depend on the data
-distribution in the `issues` table.
+of [confidential issues](../user/project/issues/confidential_issues.md), the execution time
+and the accessed database rows depend on the data distribution in the `issues` table.
 
 NOTE:
 Using subqueries works only when the subquery returns a small number of rows.
diff --git a/doc/development/permissions.md b/doc/development/permissions.md
index 177fedcf454..b7079e9fb8e 100644
--- a/doc/development/permissions.md
+++ b/doc/development/permissions.md
@@ -86,7 +86,8 @@ is calculated properly.
 
 ### Confidential issues
 
-Confidential issues can be accessed only by project members who are at least
+[Confidential issues](../user/project/issues/confidential_issues.md) can be accessed
+only by project members who are at least
 reporters (they can't be accessed by guests). Additionally they can be accessed
 by their authors and assignees.
 
diff --git a/doc/development/reference_processing.md b/doc/development/reference_processing.md
index 2fd0ce51b39..ad6552e88fe 100644
--- a/doc/development/reference_processing.md
+++ b/doc/development/reference_processing.md
@@ -152,7 +152,8 @@ a resource that some subsequent readers should not be able to see.
 
 For example, you might create an issue, and refer to a confidential issue `#1234`,
 which you have access to. This is rendered in the cached HTML as a link to
-that confidential issue, with data attributes containing its ID, the ID of the
+that [confidential issue](../user/project/issues/confidential_issues.md),
+with data attributes containing its ID, the ID of the
 project and other confidential data. A later reader, who has access to your issue
 might not have permission to read issue `#1234`, and so we need to redact
 these sensitive pieces of data. This is what `ReferenceParser` classes do.
diff --git a/doc/operations/incident_management/status_page.md b/doc/operations/incident_management/status_page.md
index d63d42e07c1..d14e4120511 100644
--- a/doc/operations/incident_management/status_page.md
+++ b/doc/operations/incident_management/status_page.md
@@ -124,7 +124,7 @@ To publish an incident:
 1. Create an issue in the project you enabled the GitLab Status Page settings in.
 1. A [project or group owner](../../user/permissions.md) must use the
    `/publish` [quick action](../../user/project/quick_actions.md) to publish the
-   issue to the GitLab Status Page. Confidential issues can't be published.
+   issue to the GitLab Status Page. [Confidential issues](../../user/project/issues/confidential_issues.md) can't be published.
 
 A background worker publishes the issue onto the Status Page using the credentials
 you provided during setup. As part of publication, GitLab:
@@ -168,5 +168,6 @@ To change the incident status from `open` to `closed`, close the incident issue
 within GitLab. Closing the issue triggers a background worker to update the
 GitLab Status Page website.
 
-If you make a published issue confidential, GitLab unpublishes it from your
-GitLab Status Page website.
+If you
+[make a published issue confidential](../../user/project/issues/confidential_issues.md#making-an-issue-confidential),
+GitLab unpublishes it from your GitLab Status Page website.
diff --git a/doc/user/application_security/cve_id_request.md b/doc/user/application_security/cve_id_request.md
index aaf701c91dc..009f8d828f7 100644
--- a/doc/user/application_security/cve_id_request.md
+++ b/doc/user/application_security/cve_id_request.md
@@ -28,7 +28,7 @@ If the following conditions are met, a **Request CVE ID** button appears in your
 - The project is hosted in GitLab.com.
 - The project is public.
 - You are a maintainer of the project.
-- The issue is confidential.
+- The issue is [confidential](../project/issues/confidential_issues.md).
 
 ## Submitting a CVE ID Request
 
@@ -37,7 +37,7 @@ the [GitLab CVE project](https://gitlab.com/gitlab-org/cves).
 
 ![CVE ID request button](img/cve_id_request_button.png)
 
-Creating the confidential issue starts the CVE request process.
+Creating the [confidential issue](../project/issues/confidential_issues.md) starts the CVE request process.
 
 ![New CVE ID request issue](img/new_cve_request_issue.png)
 
diff --git a/doc/user/discussions/index.md b/doc/user/discussions/index.md
index 825f9be6ba6..a1d8863710c 100644
--- a/doc/user/discussions/index.md
+++ b/doc/user/discussions/index.md
@@ -138,6 +138,8 @@ who have at least the Reporter role.
 
 ![Confidential comments](img/confidential_comments_v13_9.png)
 
+You can also make an [entire issue confidential](../project/issues/confidential_issues.md).
+
 ## Show only comments
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/26723) in GitLab 11.5.
diff --git a/doc/user/group/epics/manage_epics.md b/doc/user/group/epics/manage_epics.md
index b063ba9a75c..1b36d6f03df 100644
--- a/doc/user/group/epics/manage_epics.md
+++ b/doc/user/group/epics/manage_epics.md
@@ -193,7 +193,10 @@ or newest items to be shown first.
 If you're working on items that contain private information, you can make an epic confidential.
 
 NOTE:
-A confidential epic can only contain confidential issues and confidential child epics.
+A confidential epic can only contain [confidential issues](../../project/issues/confidential_issues.md)
+and confidential child epics. However, merge requests are public, if created in a public project.
+Read [Merge requests for confidential issues](../../project/merge_requests/confidential.md)
+to learn how to create a confidential merge request.
 
 To make an epic confidential:
 
diff --git a/doc/user/group/roadmap/index.md b/doc/user/group/roadmap/index.md
index 88d43715c58..811297c6eda 100644
--- a/doc/user/group/roadmap/index.md
+++ b/doc/user/group/roadmap/index.md
@@ -69,7 +69,7 @@ You can also filter epics in the Roadmap view by the epics':
 - Author
 - Label
 - Milestone
-- Confidentiality
+- [Confidentiality](../epics/manage_epics.md#make-an-epic-confidential)
 - Epic
 - Your Reaction
 
diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index d3b33f79f27..16509565525 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -46,7 +46,7 @@ The following table lists project permissions available for each role:
 | Action                                            | Guest   | Reporter   | Developer   |Maintainer| Owner  |
 |---------------------------------------------------|---------|------------|-------------|----------|--------|
 | Assign issues                                     | ✓ (*16*)| ✓          | ✓           | ✓        | ✓      |
-| Create confidential issue                         | ✓       | ✓          | ✓           | ✓        | ✓      |
+| Create [confidential issue](project/issues/confidential_issues.md) | ✓   | ✓  | ✓      | ✓        | ✓      |
 | Create new issue                                  | ✓       | ✓          | ✓           | ✓        | ✓      |
 | Download and browse job artifacts                 | ✓ (*3*) | ✓          | ✓           | ✓        | ✓      |
 | Download project                                  | ✓ (*1*) | ✓          | ✓           | ✓        | ✓      |
@@ -97,7 +97,7 @@ The following table lists project permissions available for each role:
 | [Set issue estimate and record time spent](project/time_tracking.md) | | ✓ | ✓         | ✓        | ✓      |
 | View CI/CD analytics                              |         | ✓          | ✓           | ✓        | ✓      |
 | View Code Review analytics **(PREMIUM)**          |         | ✓          | ✓           | ✓        | ✓      |
-| View confidential issues                          | (*2*)   | ✓          | ✓           | ✓        | ✓      |
+| View [confidential issues](project/issues/confidential_issues.md) | (*2*) |  ✓  | ✓    | ✓        | ✓      |
 | View Error Tracking list                          |         | ✓          | ✓           | ✓        | ✓      |
 | View License list **(ULTIMATE)**                  |         | ✓          | ✓           | ✓        | ✓      |
 | View metrics dashboard annotations                |         | ✓          | ✓           | ✓        | ✓      |
@@ -198,7 +198,7 @@ The following table lists project permissions available for each role:
 | Remove protected branches (*4*)                   |         |            |             |          |        |
 
 1. Guest users are able to perform this action on public and internal projects, but not private projects. This doesn't apply to [external users](#external-users) where explicit access must be given even if the project is internal.
-1. Guest users can only view the confidential issues they created themselves.
+1. Guest users can only view the [confidential issues](project/issues/confidential_issues.md) they created themselves.
 1. If **Public pipelines** is enabled in **Project Settings > CI/CD**.
 1. Not allowed for Guest, Reporter, Developer, Maintainer, or Owner. See [protected branches](project/protected_branches.md).
 1. If the [branch is protected](project/protected_branches.md), this depends on the access Developers and Maintainers are given.
@@ -256,7 +256,7 @@ Read through the documentation on [permissions for File Locking](project/file_lo
 
 ### Confidential Issues permissions
 
-Confidential issues can be accessed by users with reporter and higher permission levels,
+[Confidential issues](project/issues/confidential_issues.md) can be accessed by users with reporter and higher permission levels,
 as well as by guest users that create a confidential issue. To learn more,
 read through the documentation on [permissions and access to confidential issues](project/issues/confidential_issues.md#permissions-and-access-to-confidential-issues).
 
diff --git a/doc/user/project/issues/confidential_issues.md b/doc/user/project/issues/confidential_issues.md
index e6705933ae9..136e8ee2ebb 100644
--- a/doc/user/project/issues/confidential_issues.md
+++ b/doc/user/project/issues/confidential_issues.md
@@ -45,8 +45,8 @@ system note in the issue's comments.
 ## Indications of a confidential issue
 
 There are a few things that visually separate a confidential issue from a
-regular one. In the issues index page view, you can see the eye-slash icon
-next to the issues that are marked as confidential.
+regular one. In the issues index page view, you can see the eye-slash (**(eye-slash)**) icon
+next to the issues that are marked as confidential:
 
 ![Confidential issues index page](img/confidential_issues_index_page.png)
 
@@ -91,3 +91,6 @@ sees in the project's search results respectively.
 ## Related links
 
 - [Merge requests for confidential issues](../merge_requests/confidential.md)
+- [Make an epic confidential](../../group/epics/manage_epics.md#make-an-epic-confidential)
+- [Mark a comment as confidential](../../discussions/index.md#mark-a-comment-as-confidential)
+- [Security practices for confidential merge requests](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#security-releases-critical-non-critical-as-a-developer) at GitLab
diff --git a/doc/user/project/issues/managing_issues.md b/doc/user/project/issues/managing_issues.md
index c570bc9612a..a2185c83f4d 100644
--- a/doc/user/project/issues/managing_issues.md
+++ b/doc/user/project/issues/managing_issues.md
@@ -59,7 +59,7 @@ When you're creating a new issue, these are the fields you can fill in:
 
 - Title
 - Description
-- Checkbox to make the issue confidential
+- Checkbox to make the issue [confidential](confidential_issues.md)
 - Assignee
 - Weight
 - [Epic](../../group/epics/index.md)
diff --git a/doc/user/project/merge_requests/confidential.md b/doc/user/project/merge_requests/confidential.md
index b50c5ee0ea9..6df84dd1dd1 100644
--- a/doc/user/project/merge_requests/confidential.md
+++ b/doc/user/project/merge_requests/confidential.md
@@ -70,4 +70,6 @@ to the public upstream project.
 ## Related links
 
 - [Confidential issues](../issues/confidential_issues.md)
+- [Make an epic confidential](../../group/epics/manage_epics.md#make-an-epic-confidential)
+- [Mark a comment as confidential](../../discussions/index.md#mark-a-comment-as-confidential)
 - [Security practices for confidential merge requests](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#security-releases-critical-non-critical-as-a-developer) at GitLab
diff --git a/doc/user/project/merge_requests/getting_started.md b/doc/user/project/merge_requests/getting_started.md
index ce39f39f0a1..1c8ee587838 100644
--- a/doc/user/project/merge_requests/getting_started.md
+++ b/doc/user/project/merge_requests/getting_started.md
@@ -140,7 +140,7 @@ when merged.
 
 If the issue is [confidential](../issues/confidential_issues.md),
 you may want to use a different workflow for
-[merge requests for confidential issues](../issues/confidential_issues.md#merge-requests-for-confidential-issues)
+[merge requests for confidential issues](confidential.md)
 to prevent confidential information from being exposed.
 
 ### Deleting the source branch