Merge branch 'master' into 11-10-stable

app/assets/stylesheets/framework/variables.scss

@@ -289,7 +289,6 @@ $gl-line-height: 16px;
 $gl-line-height-24: 24px;
 $gl-line-height-14: 14px;
-$system-header-height: 35px;
 $issue-box-upcoming-bg: #8f8f8f;
 $pages-group-name-color: #4c4e54;

app/assets/stylesheets/page_bundles/ide.scss

@@ -179,6 +179,14 @@ $ide-commit-header-height: 48px;
     display: none;
   }
+  .monaco-editor .selected-text {
+    z-index: 1;
+  }
+
+  .monaco-editor .view-lines {
+    z-index: 2;
+  }
+
   .is-readonly,
   .editor.original {
     .view-lines {

app/assets/stylesheets/pages/boards.scss

@@ -234,7 +234,7 @@
 }
 .board-title-text {
-  margin-right: auto;
+  margin: $gl-vert-padding auto $gl-vert-padding 0;
 }
 .board-delete {

app/assets/stylesheets/pages/diff.scss

@@ -154,11 +154,17 @@
       .swipe-wrap {
         overflow: hidden;
-        border-left: 1px solid $gl-gray-400;
+        border-right: 1px solid $gl-gray-400;
         position: absolute;
         display: block;
         top: 13px;
         right: 7px;
+
+        &.left-oriented {
+          /* only for commit view (different swipe viewer) */
+          border-right: 0;
+          border-left: 1px solid $gl-gray-400;
+        }
       }
       .swipe-bar {

app/assets/stylesheets/pages/projects.scss

@@ -209,8 +209,7 @@
       }
     }
-    .access-request-link,
-    .home-panel-topic-list {
+    .access-request-link {
       padding-left: $gl-padding-8;
       border-left: 1px solid $gl-text-color-secondary;
     }

app/controllers/concerns/issuable_actions.rb

@@ -7,9 +7,6 @@ module IssuableActions
   included do
     before_action :authorize_destroy_issuable!, only: :destroy
     before_action :authorize_admin_issuable!, only: :bulk_update
-    before_action only: :show do
-      push_frontend_feature_flag(:reply_to_individual_notes, default_enabled: true)
-    end
   end
   def permitted_keys

app/controllers/groups/variables_controller.rb

@@ -41,7 +41,7 @@ module Groups
     end
     def variable_params_attributes
-      %i[id key secret_value protected _destroy]
+      %i[id key secret_value protected masked _destroy]
     end
     def authorize_admin_build!

app/controllers/projects/environments_controller.rb

@@ -10,6 +10,9 @@ class Projects::EnvironmentsController < Projects::ApplicationController
   before_action :environment, only: [:show, :edit, :update, :stop, :terminal, :terminal_websocket_authorize, :metrics]
   before_action :verify_api_request!, only: :terminal_websocket_authorize
   before_action :expire_etag_cache, only: [:index]
+  before_action only: [:metrics, :additional_metrics] do
+    push_frontend_feature_flag(:metrics_time_window)
+  end
   def index
     @environments = project.environments
@@ -146,7 +149,7 @@ class Projects::EnvironmentsController < Projects::ApplicationController
   def additional_metrics
     respond_to do |format|
       format.json do
-        additional_metrics = environment.additional_metrics || {}
+        additional_metrics = environment.additional_metrics(*metrics_params) || {}
         render json: additional_metrics, status: additional_metrics.any? ? :ok : :no_content
       end
@@ -186,6 +189,13 @@ class Projects::EnvironmentsController < Projects::ApplicationController
     @environment ||= project.environments.find(params[:id])
   end
+  def metrics_params
+    return unless Feature.enabled?(:metrics_time_window, project)
+    return unless params[:start].present? || params[:end].present?
+
+    params.require([:start, :end]).values_at(:start, :end)
+  end
+
   def search_environment_names
     return [] unless params[:query]

app/controllers/projects/pipelines_controller.rb

@@ -31,10 +31,7 @@ class Projects::PipelinesController < Projects::ApplicationController
         Gitlab::PollingInterval.set_header(response, interval: POLLING_INTERVAL)
         render json: {
-          pipelines: PipelineSerializer
-            .new(project: @project, current_user: @current_user)
-            .with_pagination(request, response)
-            .represent(@pipelines, disable_coverage: true, preload: true),
+          pipelines: serialize_pipelines,
           count: {
             all: @pipelines_count,
             running: @running_count,
@@ -150,6 +147,15 @@ class Projects::PipelinesController < Projects::ApplicationController
   private
+  def serialize_pipelines
+    ::Gitlab::GitalyClient.allow_ref_name_caching do
+      PipelineSerializer
+        .new(project: @project, current_user: @current_user)
+        .with_pagination(request, response)
+        .represent(@pipelines, disable_coverage: true, preload: true)
+    end
+  end
+
   def render_show
     respond_to do |format|
       format.html do

app/controllers/projects/variables_controller.rb

@@ -38,6 +38,6 @@ class Projects::VariablesController < Projects::ApplicationController
   end
   def variable_params_attributes
-    %i[id key secret_value protected _destroy]
+    %i[id key secret_value protected masked _destroy]
   end
 end

app/graphql/gitlab_schema.rb

@@ -5,7 +5,6 @@ class GitlabSchema < GraphQL::Schema
   use Gitlab::Graphql::Authorize
   use Gitlab::Graphql::Present
   use Gitlab::Graphql::Connections
-  use Gitlab::Graphql::Tracing
   query(Types::QueryType)

app/helpers/blob_helper.rb

@@ -19,10 +19,14 @@ module BlobHelper
   def ide_edit_path(project = @project, ref = @ref, path = @path, options = {})
     segments = [ide_path, 'project', project.full_path, 'edit', ref]
-    segments.concat(['-', path]) if path.present?
+    segments.concat(['-', encode_ide_path(path)]) if path.present?
     File.join(segments)
   end
+  def encode_ide_path(path)
+    url_encode(path).gsub('%2F', '/')
+  end
+
   def edit_blob_button(project = @project, ref = @ref, path = @path, options = {})
     return unless blob = readable_blob(options, path, project, ref)

app/helpers/ci_variables_helper.rb

@@ -12,4 +12,12 @@ module CiVariablesHelper
       ci_variable_protected_by_default?
     end
   end
+
+  def ci_variable_masked?(variable, only_key_value)
+    if variable && !only_key_value
+      variable.masked
+    else
+      true
+    end
+  end
 end

app/models/concerns/prometheus_adapter.rb

@@ -51,7 +51,7 @@ module PrometheusAdapter
     end
     def build_query_args(*args)
-      args.map(&:id)
+      args.map { |arg| arg.respond_to?(:id) ? arg.id : arg }
     end
   end
 end

app/models/environment.rb

@@ -170,8 +170,10 @@ class Environment < ApplicationRecord
     prometheus_adapter.query(:environment, self) if has_metrics?
   end
-  def additional_metrics
-    prometheus_adapter.query(:additional_metrics_environment, self) if has_metrics?
+  def additional_metrics(*args)
+    return unless has_metrics?
+
+    prometheus_adapter.query(:additional_metrics_environment, self, *args.map(&:to_f))
   end
   # rubocop: disable CodeReuse/ServiceClass

app/models/individual_note_discussion.rb

@@ -14,7 +14,7 @@ class IndividualNoteDiscussion < Discussion
   end
   def can_convert_to_discussion?
-    noteable.supports_replying_to_individual_notes? && Feature.enabled?(:reply_to_individual_notes, default_enabled: true)
+    noteable.supports_replying_to_individual_notes?
   end
   def convert_to_discussion!(save: false)

app/models/merge_request.rb

@@ -858,15 +858,6 @@ class MergeRequest < ApplicationRecord
   end
   def related_notes
-    # Fetch comments only from last 100 commits
-    commits_for_notes_limit = 100
-    commit_ids = commit_shas.take(commits_for_notes_limit)
-
-    commit_notes = Note
-      .except(:order)
-      .where(project_id: [source_project_id, target_project_id])
-      .for_commit_id(commit_ids)
-
     # We're using a UNION ALL here since this results in better performance
     # compared to using OR statements. We're using UNION ALL since the queries
     # used won't produce any duplicates (e.g. a note for a commit can't also be
@@ -878,6 +869,16 @@ class MergeRequest < ApplicationRecord
   alias_method :discussion_notes, :related_notes
+  def commit_notes
+    # Fetch comments only from last 100 commits
+    commit_ids = commit_shas.take(100)
+
+    Note
+      .user
+      .where(project_id: [source_project_id, target_project_id])
+      .for_commit_id(commit_ids)
+  end
+
   def mergeable_discussions_state?
     return true unless project.only_allow_merge_if_all_discussions_are_resolved?

app/models/personal_access_token.rb

@@ -2,11 +2,9 @@
 class PersonalAccessToken < ApplicationRecord
   include Expirable
-  include IgnorableColumn
   include TokenAuthenticatable
   add_authentication_token_field :token, digest: true
-  ignore_column :token
   REDIS_EXPIRY_TIME = 3.minutes

app/models/user.rb

@@ -276,6 +276,7 @@ class User < ApplicationRecord
   scope :by_username, -> (usernames) { iwhere(username: Array(usernames).map(&:to_s)) }
   scope :for_todos, -> (todos) { where(id: todos.select(:user_id)) }
   scope :with_emails, -> { preload(:emails) }
+  scope :with_dashboard, -> (dashboard) { where(dashboard: dashboard) }
   # Limits the users to those that have TODOs, optionally in the given state.
   #

app/serializers/group_variable_entity.rb

@@ -6,4 +6,5 @@ class GroupVariableEntity < Grape::Entity
   expose :value
   expose :protected?, as: :protected
+  expose :masked?, as: :masked
 end