Add latest changes from gitlab-org/gitlab@master

doc/user/application_security/security_dashboard/index.md

@@ -26,7 +26,7 @@ The Security Dashboard supports the following reports:
 ## Requirements
-To use the group, project or pipeline security dashboard:
+To use the instance, group, project or pipeline security dashboard:
 1. At least one project inside a group must be configured with at least one of
    the [supported reports](#supported-reports).
@@ -110,6 +110,31 @@ vulnerabilities are not included either.
 Read more on how to [interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
+## Instance Security Dashboard
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/6953) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.7.
+
+At the instance level, the Security Dashboard displays the vulnerabilities
+present in all of the projects that you have added to it.
+
+You can access the Instance Security Dashboard from the menu
+bar at the top of the page. Under **More**, select **Security**.
+
+![Instance Security Dashboard navigation link](img/instance_security_dashboard_link_v12_4.png)
+
+### Adding projects to the dashboard
+
+To add projects to the dashboard:
+
+1. Click the **Edit dashboard** button on the Instance Security Dashboard page.
+1. Search for and add one or more projects using the **Search your projects** field.
+1. Click the **Add projects** button.
+
+Once added, the dashboard will display the vulnerabilities found in your chosen
+projects.
+
+![Instance Security Dashboard with projects](img/instance_security_dashboard_with_projects_v12_7.png)
+
 ## Keeping the dashboards up to date
 The Security Dashboard displays information from the results of the most recent

doc/user/discussions/index.md

@@ -4,12 +4,12 @@ The ability to contribute conversationally is offered throughout GitLab.
 You can leave a comment in the following places:
-- issues
-- epics **(ULTIMATE)**
-- merge requests
-- snippets
-- commits
-- commit diffs
+- Issues
+- Epics **(ULTIMATE)**
+- Merge requests
+- Snippets
+- Commits
+- Commit diffs
 There are standard comments, and you also have the option to create a comment
 in the form of a thread. A comment can also be [turned into a thread](#start-a-thread-by-replying-to-a-standard-comment)
@@ -29,9 +29,7 @@ There is a limit of 5,000 comments for every object, for example: issue, epic, a
 ## Resolvable comments and threads
-> **Notes:**
->
-> - The main feature was [introduced][ce-5022] in GitLab 8.11.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/5022) in GitLab 8.11.
 > - Resolvable threads can be added only to merge request diffs.
 Thread resolution helps keep track of progress during planning or code review.
@@ -398,18 +396,21 @@ the Merge Request authored by the user that applied them.
 1. Choose a line of code to be changed, add a new comment, then click
    on the **Insert suggestion** icon in the toolbar:
-   ![Add a new comment](img/insert_suggestion.png)
+   ![Add a new comment](img/suggestion_button_v12_7.png)
 1. In the comment, add your suggestion to the pre-populated code block:
-   ![Add a suggestion into a code block tagged properly](img/make_suggestion.png)
+   ![Add a suggestion into a code block tagged properly](img/make_suggestion_v12_7.png)
 1. Click **Comment**.
+   NOTE: **Note:**
+   If you're using GitLab Premium, GitLab.com Silver, and higher tiers, the thread will display [Review](#merge-request-reviews-premium) options. Click either **Start a review**, **Add comment now**, or **Add to review** to obtain the same result.
+
    The suggestions in the comment can be applied by the merge request author
    directly from the merge request:
-   ![Apply suggestions](img/suggestion.png)
+   ![Apply suggestions](img/apply_suggestion_v12_7.png)
 Once the author applies a suggestion, it will be marked with the **Applied** label,
 the thread will be automatically resolved, and GitLab will create a new commit
@@ -464,7 +465,6 @@ to the original comment, so a note about when it was last edited will appear und
 This feature only exists for Issues, Merge requests, and Epics. Commits, Snippets and Merge request diff threads are
 not supported yet.
-[ce-5022]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/5022
 [ce-7125]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/7125
 [ce-7527]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/7527
 [ce-7180]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/7180

doc/user/project/releases/index.md

@@ -16,8 +16,12 @@ GitLab's **Releases** are a way to track deliverables in your project. Consider
 a snapshot in time of the source, build output, and other metadata or artifacts
 associated with a released version of your code.
-At the moment, you can create Release entries via the [Releases API](../../../api/releases/index.md);
-we recommend doing this as one of the last steps in your CI/CD release pipeline.
+There are several ways to create a Release:
+
+- In the interface, when you create a new Git tag.
+- In the interface, by adding a release note to an existing Git tag.
+- Using the [Releases API](../../../api/releases/index.md): we recommend doing this as one of the last
+  steps in your CI/CD release pipeline.
 ## Getting started with Releases
@@ -135,8 +139,9 @@ drag and drop files to it. Release notes are stored in GitLab's database.
 There are several ways to add release notes:
 - In the interface, when you create a new Git tag.
-- In the interface, by adding a note to an existing Git tag.
-- Using the GitLab API.
+- In the interface, by adding a release note to an existing Git tag.
+- Using the [Releases API](../../../api/releases/index.md): (we recommend doing this as one of the last
+  steps in your CI/CD release pipeline).
 To create a new tag, navigate to your project's **Repository > Tags** and
 click **New tag**. From there, you can fill the form with all the information

lib/api/releases.rb

@@ -66,6 +66,8 @@ module API
           .execute
         if result[:status] == :success
+          log_release_created_audit_event(result[:release])
+
           present result[:release], with: Entities::Release, current_user: current_user
         else
           render_api_error!(result[:message], result[:http_status])
@@ -91,6 +93,9 @@ module API
           .execute
         if result[:status] == :success
+          log_release_updated_audit_event
+          log_release_milestones_updated_audit_event if result[:milestones_updated]
+
           present result[:release], with: Entities::Release, current_user: current_user
         else
           render_api_error!(result[:message], result[:http_status])
@@ -147,6 +152,20 @@ module API
       def release
         @release ||= user_project.releases.find_by_tag(params[:tag])
       end
+
+      def log_release_created_audit_event(release)
+        # This is a separate method so that EE can extend its behaviour
+      end
+
+      def log_release_updated_audit_event
+        # This is a separate method so that EE can extend its behaviour
+      end
+
+      def log_release_milestones_updated_audit_event
+        # This is a separate method so that EE can extend its behaviour
+      end
     end
   end
 end
+
+API::Releases.prepend_if_ee('EE::API::Releases')

lib/gitlab/background_migration/activate_prometheus_services_for_shared_cluster_applications.rb

+# frozen_string_literal: true
+
+module Gitlab
+  module BackgroundMigration
+    # Create missing PrometheusServices records or sets active attribute to true
+    # for all projects which belongs to cluster with Prometheus Application installed.
+    class ActivatePrometheusServicesForSharedClusterApplications
+      module Migratable
+        # Migration model namespace isolated from application code.
+        class PrometheusService < ActiveRecord::Base
+          self.inheritance_column = :_type_disabled
+          self.table_name = 'services'
+
+          default_scope { where("services.type = 'PrometheusService'") }
+
+          def self.for_project(project_id)
+            new(
+              project_id: project_id,
+              active: true,
+              properties: '{}',
+              type: 'PrometheusService',
+              template: false,
+              push_events: true,
+              issues_events: true,
+              merge_requests_events: true,
+              tag_push_events: true,
+              note_events: true,
+              category: 'monitoring',
+              default: false,
+              wiki_page_events: true,
+              pipeline_events: true,
+              confidential_issues_events: true,
+              commit_events: true,
+              job_events: true,
+              confidential_note_events: true,
+              deployment_events: false
+            )
+          end
+
+          def managed?
+            properties == '{}'
+          end
+        end
+      end
+
+      def perform(project_id)
+        service = Migratable::PrometheusService.find_by(project_id: project_id) || Migratable::PrometheusService.for_project(project_id)
+        service.update!(active: true) if service.managed?
+      end
+    end
+  end
+end

lib/gitlab/error_tracking/detailed_error.rb

@@ -12,10 +12,12 @@ module Gitlab
                     :external_url,
                     :first_release_last_commit,
                     :first_release_short_version,
+                    :first_release_version,
                     :first_seen,
                     :frequency,
-                    :gitlab_project,
+                    :gitlab_commit,
                     :gitlab_issue,
+                    :gitlab_project,
                     :id,
                     :last_release_last_commit,
                     :last_release_short_version,

lib/gitlab/import_export/import_export.yml

@@ -16,6 +16,7 @@ tree:
       - :timelogs
       - notes:
         - :author
+        - :award_emoji
         - events:
           - :push_event_payload
       - label_links:
@@ -32,18 +33,22 @@ tree:
       - :issue_assignees
       - :zoom_meetings
       - :sentry_issue
+      - :award_emoji
     - snippets:
       - :award_emoji
       - notes:
         - :author
+        - :award_emoji
     - releases:
       - :links
     - project_members:
       - :user
     - merge_requests:
       - :metrics
+      - :award_emoji
       - notes:
         - :author
+        - :award_emoji
         - events:
           - :push_event_payload
         - :suggestions

lib/sentry/client/issue.rb

@@ -143,7 +143,7 @@ module Sentry
       end
       def map_to_detailed_error(issue)
-        Gitlab::ErrorTracking::DetailedError.new(
+        Gitlab::ErrorTracking::DetailedError.new({
           id: issue.fetch('id'),
           first_seen: issue.fetch('firstSeen', nil),
           last_seen: issue.fetch('lastSeen', nil),
@@ -159,15 +159,16 @@ module Sentry
           short_id: issue.fetch('shortId', nil),
           status: issue.fetch('status', nil),
           frequency: issue.dig('stats', '24h'),
+          gitlab_issue: parse_gitlab_issue(issue.fetch('pluginIssues', nil)),
           project_id: issue.dig('project', 'id'),
           project_name: issue.dig('project', 'name'),
           project_slug: issue.dig('project', 'slug'),
-          gitlab_issue: parse_gitlab_issue(issue.fetch('pluginIssues', nil)),
           first_release_last_commit: issue.dig('firstRelease', 'lastCommit'),
-          last_release_last_commit: issue.dig('lastRelease', 'lastCommit'),
           first_release_short_version: issue.dig('firstRelease', 'shortVersion'),
+          first_release_version: issue.dig('firstRelease', 'version'),
+          last_release_last_commit: issue.dig('lastRelease', 'lastCommit'),
           last_release_short_version: issue.dig('lastRelease', 'shortVersion')
-        )
+        })
       end
       def extract_tags(issue)

locale/gitlab.pot

@@ -6156,9 +6156,15 @@ msgstr ""
 msgid "DesignManagement|Adding a design with the same filename replaces the file in a new version."
 msgstr ""
+msgid "DesignManagement|Are you sure you want to cancel creating this comment?"
+msgstr ""
+
 msgid "DesignManagement|Are you sure you want to delete the selected designs?"
 msgstr ""
+msgid "DesignManagement|Cancel comment confirmation"
+msgstr ""
+
 msgid "DesignManagement|Could not add a new comment. Please try again."
 msgstr ""
@@ -6177,6 +6183,9 @@ msgstr ""
 msgid "DesignManagement|Deselect all"
 msgstr ""
+msgid "DesignManagement|Discard comment"
+msgstr ""
+
 msgid "DesignManagement|Error uploading a new design. Please try again."
 msgstr ""
@@ -6189,6 +6198,9 @@ msgstr ""
 msgid "DesignManagement|Go to previous design"
 msgstr ""
+msgid "DesignManagement|Keep comment"
+msgstr ""
+
 msgid "DesignManagement|Requested design version does not exist. Showing latest version instead"
 msgstr ""
@@ -15016,10 +15028,10 @@ msgstr ""
 msgid "Releases"
 msgstr ""
-msgid "Releases are based on Git tags. We recommend naming tags that fit within semantic versioning, for example %{codeStart}v1.0%{codeEnd}, %{codeStart}v2.0-pre%{codeEnd}."
+msgid "Releases are based on Git tags and mark specific points in a project's development history. They can contain information about the type of changes and can also deliver binaries, like compiled versions of your software."
 msgstr ""
-msgid "Releases mark specific points in a project's development history, communicate information about the type of change, and deliver on prepared, often compiled, versions of the software to be reused elsewhere. Currently, releases can only be created through the API."
+msgid "Releases are based on Git tags. We recommend naming tags that fit within semantic versioning, for example %{codeStart}v1.0%{codeEnd}, %{codeStart}v2.0-pre%{codeEnd}."
 msgstr ""
 msgid "Release|Something went wrong while getting the release details"
@@ -18809,6 +18821,9 @@ msgstr ""
 msgid "ThreatMonitoring|Environment"
 msgstr ""
+msgid "ThreatMonitoring|No traffic to display"
+msgstr ""
+
 msgid "ThreatMonitoring|Requests"
 msgstr ""
@@ -18839,6 +18854,9 @@ msgstr ""
 msgid "ThreatMonitoring|Web Application Firewall not enabled"
 msgstr ""
+msgid "ThreatMonitoring|While it's rare to have no traffic coming to your application, it can happen. In any event, we ask that you double check your settings to make sure you've set up the WAF correctly."
+msgstr ""
+
 msgid "Thursday"
 msgstr ""

scripts/lint-changelog-filenames

+#!/bin/sh
+
+lint_paths="changelogs/unreleased"
+[ -d "ee/" ] && lint_paths="$lint_paths ee/changelogs/unreleased"
+
+invalid_files=$(find $lint_paths -type f -not -name "*.yml" -not -name ".gitkeep")
+
+if [ -n "$invalid_files" ]; then
+    echo "Changelog files must end in .yml, but these did not:"
+    echo "$invalid_files" | sed -e "s/^/* /"
+  exit 1
+fi

scripts/static-analysis

@@ -48,7 +48,8 @@ def jobs_to_run(node_index, node_total)
     %w[bundle exec rubocop --parallel],
     %w[scripts/lint-conflicts.sh],
     %w[scripts/lint-rugged],
-    %w[scripts/frontend/check_no_partial_karma_jest.sh]
+    %w[scripts/frontend/check_no_partial_karma_jest.sh],
+    %w[scripts/lint-changelog-filenames]
   ]
   case node_total

spec/controllers/projects/error_tracking_controller_spec.rb

@@ -224,9 +224,11 @@ describe Projects::ErrorTrackingController do
         let(:error) { build(:detailed_error_tracking_error) }
         it 'returns an error' do
+          expected_error = error.as_json.except('first_release_version').merge({ 'gitlab_commit' => nil })
+
           expect(response).to have_gitlab_http_status(:ok)
           expect(response).to match_response_schema('error_tracking/issue_detailed')
-          expect(json_response['error']).to eq(error.as_json)
+          expect(json_response['error']).to eq(expected_error)
         end
         it_behaves_like 'sets the polling header'