Add latest changes from gitlab-org/gitlab@14-10-stable-eev14.10.0-rc42

8 files changed, 158 insertions, 39 deletions

diff --git a/.gitlab/issue_templates/Default.md b/.gitlab/issue_templates/Default.md
new file mode 100644
index 00000000000..f87b82e341b
--- /dev/null
+++ b/.gitlab/issue_templates/Default.md
@@ -0,0 +1,11 @@
+Before raising an issue to the GitLab issue tracker, please read through our guide for finding help to determine the best place to post:
+
+* https://about.gitlab.com/getting-help/
+
+If you are experiencing an issue when using GitLab.com, your first port of call should be the Community Forum. Your issue may have already been reported there by another user. Please check:
+
+* https://forum.gitlab.com/
+
+If you feel that your issue can be categorized as a reproducible bug or a feature proposal, please use one of the issue templates provided and include as much information as possible.
+
+Thank you for helping to make GitLab a better product.
diff --git a/.gitlab/issue_templates/Doc_cleanup.md b/.gitlab/issue_templates/Doc_cleanup.md
index 69caea1ae1e..58a51e15803 100644
--- a/.gitlab/issue_templates/Doc_cleanup.md
+++ b/.gitlab/issue_templates/Doc_cleanup.md
@@ -7,6 +7,26 @@
 * feature development should use the Feature Request template.
 -->
 
+If you are a community contributor:
+
+1. To work on an issue, type `@gl-docsteam I would like to work on this issue.`
+   in a comment. A technical writer
+   will assign the issue to you. Do not work on the issue before it is assigned to you.
+   If someone has already chosen the issue, pick another or view docs [in the docs directory](https://gitlab.com/gitlab-org/gitlab/-/tree/master/doc)
+   and open a merge request for any page you feel can be improved.
+1. Create a merge request for the issue. If this is for a Hackathon, do not create the merge request
+   before the Hackathon has started or it will not be counted towards the Hackathon. If you were not
+   assigned the issue, do not create a merge request. It will not be accepted.
+1. Copy the link to this issue and add it to the merge request's description, which will link
+   the merge request and the issue together.
+1. After your merge request is accepted and merged, close this issue.
+
+If you notice things you'd like to fix that are not part of the issue, open separate merge requests for those issues.
+
+We're sorry for all the rules but we want everyone to have a good experience, and it can be hard when we get an influx of contributions.
+
+Thank you again for contributing to the GitLab documentation!
+
 ## Identified documentation issue
 
 <!--
@@ -19,19 +39,6 @@
 * the opportunities for contributors.
 -->
 
-## Process
-
-If you, as a contributor, decide to take this work on, assign this issue to yourself, and create one or more linked
-merge requests that resolve this issue. Be sure to close this issue after all linked merge requests are completed.
-
-The work for this issue should involve only what's listed in the previous section. If you identify other work that
-needs to be done, create separate, unlinked MRs as needed to address those items.
-
-When using automated test results for identified work, use this issue to work only on the listed lines. For
-example, if the tests list several lines that show the word "admin" as needing to possibly be "administrator,"
-do not modify other parts of the page that may also include "admin," as the testing may have excluded those lines
-(for example, they may be part of the **Admin Area** of GitLab).
-
 ## Additional information
 
 <!--
diff --git a/.gitlab/issue_templates/Feature Flag Roll Out.md b/.gitlab/issue_templates/Feature Flag Roll Out.md
index 0d150bcb56c..0462742513c 100644
--- a/.gitlab/issue_templates/Feature Flag Roll Out.md
+++ b/.gitlab/issue_templates/Feature Flag Roll Out.md
@@ -65,6 +65,9 @@ _Consider adding links to check for Sentry errors, Production logs for 5xx, 302s
     - [ ] `/chatops run feature set <feature-flag-name> true --dev`
     - [ ] `/chatops run feature set <feature-flag-name> true --staging`
 - [ ] Verify that the feature works as expected. Posting the QA result in this issue is preferable.
+      The best environment to validate the feature in is [staging-canary](https://about.gitlab.com/handbook/engineering/infrastructure/environments/#staging-canary)
+      as this is the first environment deployed to. Note you will need to make sure you are configured to use canary as outlined [here](https://about.gitlab.com/handbook/engineering/infrastructure/environments/canary-stage/)
+      when accessing the staging environment in order to make sure you are testing appropriately.
 
 ### Specific rollout on production
 
@@ -116,10 +119,10 @@ To do so, follow these steps:
 - [ ] Create a merge request with the following changes. Ask for review and merge it.
     - [ ] Set the `default_enabled` attribute in [the feature flag definition](https://docs.gitlab.com/ee/development/feature_flags/#feature-flag-definition-and-validation) to `true`.
     - [ ] Create [a changelog entry](https://docs.gitlab.com/ee/development/feature_flags/#changelog).
-- [ ] Ensure that the default-enabling MR has been deployed to both production and canary.
-      If the merge request was deployed before [the code cutoff](https://about.gitlab.com/handbook/engineering/releases/#self-managed-releases-1),
+- [ ] Ensure that the default-enabling MR has been included in the release package.
+      If the merge request was deployed before [the monthly release was tagged](https://about.gitlab.com/handbook/engineering/releases/#self-managed-releases-1),
       the feature can be officially announced in a release blog post.
-    - [ ] `/chatops run auto_deploy status <merge-commit-of-default-enabling-mr>`
+    - [ ] `/chatops run release check <merge-request-url> <milestone>`
 - [ ] Close [the feature issue](ISSUE LINK) to indicate the feature will be released in the current milestone.
 - [ ] Set the next milestone to this rollout issue for scheduling [the flag removal](#release-the-feature).
 - [ ] (Optional) You can [create a separate issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new?issuable_template=Feature%20Flag%20Cleanup) for scheduling the steps below to [Release the feature](#release-the-feature).
@@ -149,10 +152,10 @@ You can either [create a follow-up issue for Feature Flag Cleanup](https://gitla
     - [ ] Remove all references to the feature flag from the codebase.
     - [ ] Remove the YAML definitions for the feature from the repository.
     - [ ] Create [a changelog entry](https://docs.gitlab.com/ee/development/feature_flags/#changelog).
-- [ ] Ensure that the cleanup MR has been deployed to both production and canary.
-      If the merge request was deployed before [the code cutoff](https://about.gitlab.com/handbook/engineering/releases/#self-managed-releases-1),
+- [ ] Ensure that the cleanup MR has been included in the release package.
+      If the merge request was deployed before [the monthly release was tagged](https://about.gitlab.com/handbook/engineering/releases/#self-managed-releases-1),
       the feature can be officially announced in a release blog post.
-    - [ ] `/chatops run auto_deploy status <merge-commit-of-cleanup-mr>`
+    - [ ] `/chatops run release check <merge-request-url> <milestone>`
 - [ ] Close [the feature issue](ISSUE LINK) to indicate the feature will be released in the current milestone.
 - [ ] Clean up the feature flag from all environments by running these chatops command in `#production` channel:
     - [ ] `/chatops run feature delete <feature-flag-name> --dev`
diff --git a/.gitlab/issue_templates/Feature proposal - detailed.md b/.gitlab/issue_templates/Feature proposal - detailed.md
index d60b5f24dee..9f8a0a92a58 100644
--- a/.gitlab/issue_templates/Feature proposal - detailed.md
+++ b/.gitlab/issue_templates/Feature proposal - detailed.md
@@ -117,6 +117,8 @@ In which enterprise tier should this feature go? See https://about.gitlab.com/ha
 
 <!-- Communicate if this change will affect multiple Stage Groups or product areas. We recommend always start with the assumption that a feature request will have an impact into another Group. Loop in the most relevant PM and Product Designer from that Group to provide strategic support to help align the Group's broader plan and vision, as well as to avoid UX and technical debt. https://about.gitlab.com/handbook/product/#cross-stage-features -->
 
+### What is the competitive advantage or differentiation for this feature?
+
 ### Links / references
 
 <!-- Label reminders - you should have one of each of the following labels.
diff --git a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md
index 6d37fc678af..e858f80ffaa 100644
--- a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md
+++ b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md
@@ -193,6 +193,8 @@ That's all of the required database changes.
     include ::Geo::ReplicableModel
     include ::Geo::VerifiableModel
 
+    delegate(*::Geo::VerificationState::VERIFICATION_METHODS, to: :cool_widget_state)
+
     with_replicator Geo::CoolWidgetReplicator
 
     mount_uploader :file, CoolWidgetUploader
@@ -201,16 +203,6 @@ That's all of the required database changes.
 
     after_save :save_verification_details
 
-    delegate :verification_retry_at, :verification_retry_at=,
-             :verified_at, :verified_at=,
-             :verification_checksum, :verification_checksum=,
-             :verification_failure, :verification_failure=,
-             :verification_retry_count, :verification_retry_count=,
-             :verification_state=, :verification_state,
-             :verification_started_at=, :verification_started_at,
-             to: :cool_widget_state
-    ...
-
     scope :with_verification_state, ->(state) { joins(:cool_widget_state).where(cool_widget_states: { verification_state: verification_state_value(state) }) }
     scope :checksummed, -> { joins(:cool_widget_state).where.not(cool_widget_states: { verification_checksum: nil } ) }
     scope :not_checksummed, -> { joins(:cool_widget_state).where(cool_widget_states: { verification_checksum: nil } ) }
@@ -487,6 +479,7 @@ That's all of the required database changes.
   module Geo
     class CoolWidgetState < ApplicationRecord
       include EachBatch
+      include ::Geo::VerificationStateDefinition
 
       self.primary_key = :cool_widget_id
 
diff --git a/.gitlab/issue_templates/Geo Replicate a new blob type.md b/.gitlab/issue_templates/Geo Replicate a new blob type.md
index 35bb28ad170..0cbfd79c958 100644
--- a/.gitlab/issue_templates/Geo Replicate a new blob type.md
+++ b/.gitlab/issue_templates/Geo Replicate a new blob type.md
@@ -195,6 +195,8 @@ That's all of the required database changes.
     include ::Geo::ReplicableModel
     include ::Geo::VerifiableModel
 
+    delegate(*::Geo::VerificationState::VERIFICATION_METHODS, to: :cool_widget_state)
+
     with_replicator Geo::CoolWidgetReplicator
 
     mount_uploader :file, CoolWidgetUploader
@@ -203,16 +205,6 @@ That's all of the required database changes.
 
     after_save :save_verification_details
 
-    delegate :verification_retry_at, :verification_retry_at=,
-             :verified_at, :verified_at=,
-             :verification_checksum, :verification_checksum=,
-             :verification_failure, :verification_failure=,
-             :verification_retry_count, :verification_retry_count=,
-             :verification_state=, :verification_state,
-             :verification_started_at=, :verification_started_at,
-             to: :cool_widget_state
-    ...
-
     scope :with_verification_state, ->(state) { joins(:cool_widget_state).where(cool_widget_states: { verification_state: verification_state_value(state) }) }
     scope :checksummed, -> { joins(:cool_widget_state).where.not(cool_widget_states: { verification_checksum: nil } ) }
     scope :not_checksummed, -> { joins(:cool_widget_state).where(cool_widget_states: { verification_checksum: nil } ) }
@@ -451,6 +443,7 @@ That's all of the required database changes.
   module Geo
     class CoolWidgetState < ApplicationRecord
       include EachBatch
+      include ::Geo::VerificationStateDefinition
 
       self.primary_key = :cool_widget_id
 
diff --git a/.gitlab/issue_templates/Implementation.md b/.gitlab/issue_templates/Implementation.md
index 058834264b0..f57bfae4da3 100644
--- a/.gitlab/issue_templates/Implementation.md
+++ b/.gitlab/issue_templates/Implementation.md
@@ -59,5 +59,17 @@ Other settings you might want to include when creating the issue.
 # /epic &
 -->
 
+## Verification steps
+<!--
+Add verification steps to help GitLab team members test the implementation. This is particularly useful
+during the MR review and the ~"workflow::verification" step. You may not know exactly what the
+verification steps should be during issue refinement, so you can always come back later to add
+them.
+
+1. Check-out the corresponding branch
+1. ...
+1. Profit!
+-->
+
 /label ~"workflow::refinement"
 /milestone %Backlog
diff --git a/.gitlab/issue_templates/Vulnerability Disclosure.md b/.gitlab/issue_templates/Vulnerability Disclosure.md
new file mode 100644
index 00000000000..9f143a76e0e
--- /dev/null
+++ b/.gitlab/issue_templates/Vulnerability Disclosure.md
@@ -0,0 +1,98 @@
+<!---
+Please read this!
+
+This template is for reporting a security vulnerability about GitLab or 
+GitLab.com
+
+Strongly consider reporting via https://hackerone.com/gitlab, as 
+HackerOne is our preferred disclosure platform.
+
+See also:
+
+- https://about.gitlab.com/security/disclosure/
+- https://about.gitlab.com/handbook/engineering/security/#creating-new-security-issues
+- https://about.gitlab.com/handbook/engineering/security/#engaging-the-security-on-call
+
+--->
+
+### Summary
+
+<!-- Summarize the bug encountered concisely. -->
+
+### Steps to reproduce
+
+<!-- Describe how one can reproduce the issue - this is very important. Please use an ordered list. -->
+
+### Example Project
+
+<!-- If possible, please create an example project here on GitLab.com that exhibits the problematic 
+behavior, and link to it here in the bug report. If you are using an older version of GitLab, this 
+will also determine whether the bug is fixed in a more recent version. -->
+
+### What is the current *bug* behavior?
+
+<!-- Describe what actually happens. -->
+
+### What is the expected *correct* behavior?
+
+<!-- Describe what you should see instead. -->
+
+### Relevant logs and/or screenshots
+
+<!-- Paste any relevant logs - please use code blocks (```) to format console output, logs, and code
+ as it's tough to read otherwise. -->
+
+### Output of checks
+
+<!-- If you are reporting a bug on GitLab.com, write: This bug happens on GitLab.com -->
+
+#### Results of GitLab environment info
+
+<!--  Input any relevant GitLab environment information if needed. -->
+
+<details>
+<summary>Expand for output related to GitLab environment info</summary>
+
+<pre>
+
+(For installations with omnibus-gitlab package run and paste the output of:
+`sudo gitlab-rake gitlab:env:info`)
+
+(For installations from source run and paste the output of:
+`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
+
+</pre>
+</details>
+
+#### Results of GitLab application Check
+
+<!--  Input any relevant GitLab application check information if needed. -->
+
+<details>
+<summary>Expand for output related to the GitLab application check</summary>
+<pre>
+
+(For installations with omnibus-gitlab package run and paste the output of:
+`sudo gitlab-rake gitlab:check SANITIZE=true`)
+
+(For installations from source run and paste the output of:
+`sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`)
+
+(we will only investigate if the tests are passing)
+
+</pre>
+</details>
+
+### Possible fixes
+
+<!-- If you can, link to the line of code that might be responsible for the problem. -->
+
+
+---
+
+<!-- Do not edit past here unless you are certain of the impact -->
+
+cc @gitlab-com/gl-security/appsec
+
+/label ~"type::bug" ~"bug::vulnerability"
+/confidential