Add latest changes from gitlab-org/gitlab@master

11 files changed, 64 insertions, 34 deletions

diff --git a/.rubocop.yml b/.rubocop.yml
index e0a2f736000..5aca299eedc 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -53,6 +53,15 @@ AllCops:
   NewCops: disable
   SuggestExtensions: false
 
+RSpec:
+  Language:
+    Includes:
+      Examples:
+        - run_permission_checks
+        - run_group_permission_checks
+        - it_should_email!
+        - it_should_not_email!
+
 Metrics/ParameterLists:
   Exclude:
     # See https://gitlab.com/gitlab-org/gitlab/-/issues/356771
diff --git a/app/models/project_statistics.rb b/app/models/project_statistics.rb
index e13f8d28c92..f108e43015e 100644
--- a/app/models/project_statistics.rb
+++ b/app/models/project_statistics.rb
@@ -37,7 +37,6 @@ class ProjectStatistics < ApplicationRecord
     :pipeline_artifacts_size,
     :uploads_size
   ].freeze
-  STORAGE_SIZE_SUM = STORAGE_SIZE_COMPONENTS.map { |component| "COALESCE (#{component}, 0)" }.join(' + ').freeze
 
   scope :for_project_ids, ->(project_ids) { where(project_id: project_ids) }
 
@@ -109,12 +108,12 @@ class ProjectStatistics < ApplicationRecord
   end
 
   def update_storage_size
-    self.storage_size = STORAGE_SIZE_COMPONENTS.sum { |component| method(component).call }
+    self.storage_size = storage_size_components.sum { |component| method(component).call }
   end
 
   def refresh_storage_size!
     detect_race_on_record(log_fields: { caller: __method__, attributes: :storage_size }) do
-      update!(storage_size: STORAGE_SIZE_SUM)
+      update!(storage_size: storage_size_sum)
     end
   end
 
@@ -151,6 +150,14 @@ class ProjectStatistics < ApplicationRecord
 
   private
 
+  def storage_size_components
+    STORAGE_SIZE_COMPONENTS
+  end
+
+  def storage_size_sum
+    storage_size_components.map { |component| "COALESCE (#{component}, 0)" }.join(' + ').freeze
+  end
+
   def increment_columns!(key, amount)
     increments = { key => amount }
     additional = INCREMENTABLE_COLUMNS.fetch(key, [])
diff --git a/db/migrate/20220126191624_add_scan_file_path_to_dast_site_profile.rb b/db/migrate/20220126191624_add_scan_file_path_to_dast_site_profile.rb
new file mode 100644
index 00000000000..eab02663e26
--- /dev/null
+++ b/db/migrate/20220126191624_add_scan_file_path_to_dast_site_profile.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class AddScanFilePathToDastSiteProfile < Gitlab::Database::Migration[2.0]
+  # rubocop:disable Migration/AddLimitToTextColumns
+  # limit is added in 20221012135524_add_scan_file_path_limit_for_dast_site_profile
+  def up
+    add_column :dast_site_profiles, :scan_file_path, :text
+  end
+  # rubocop:enable Migration/AddLimitToTextColumns
+
+  def down
+    remove_column :dast_site_profiles, :scan_file_path, :text
+  end
+end
diff --git a/db/migrate/20221012135524_add_scan_file_path_limit_for_dast_site_profile.rb b/db/migrate/20221012135524_add_scan_file_path_limit_for_dast_site_profile.rb
new file mode 100644
index 00000000000..ab8846c8043
--- /dev/null
+++ b/db/migrate/20221012135524_add_scan_file_path_limit_for_dast_site_profile.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class AddScanFilePathLimitForDastSiteProfile < Gitlab::Database::Migration[2.0]
+  disable_ddl_transaction!
+
+  def up
+    add_text_limit :dast_site_profiles, :scan_file_path, 1024
+  end
+
+  def down
+    remove_text_limit :dast_site_profiles, :scan_file_path
+  end
+end
diff --git a/db/schema_migrations/20220126191624 b/db/schema_migrations/20220126191624
new file mode 100644
index 00000000000..f8cbab24379
--- /dev/null
+++ b/db/schema_migrations/20220126191624
@@ -0,0 +1 @@
+33170856a78b469c63d4821692929a1df0c41e4b9d98093e771b122b462c9c03
\ No newline at end of file
diff --git a/db/schema_migrations/20221012135524 b/db/schema_migrations/20221012135524
new file mode 100644
index 00000000000..7a4503dde08
--- /dev/null
+++ b/db/schema_migrations/20221012135524
@@ -0,0 +1 @@
+e5fc4ce0fdba01b55de0a1d5a968ab9b1ad3bc930ab61c6187a223e62252c8bc
\ No newline at end of file
diff --git a/db/structure.sql b/db/structure.sql
index 45f8187c2ca..e95f93982fa 100644
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -14406,8 +14406,10 @@ CREATE TABLE dast_site_profiles (
     target_type smallint DEFAULT 0 NOT NULL,
     scan_method smallint DEFAULT 0 NOT NULL,
     auth_submit_field text,
+    scan_file_path text,
     CONSTRAINT check_5203110fee CHECK ((char_length(auth_username_field) <= 255)),
     CONSTRAINT check_6cfab17b48 CHECK ((char_length(name) <= 255)),
+    CONSTRAINT check_8d2aa0f66d CHECK ((char_length(scan_file_path) <= 1024)),
     CONSTRAINT check_af44f54c96 CHECK ((char_length(auth_submit_field) <= 255)),
     CONSTRAINT check_c329dffdba CHECK ((char_length(auth_password_field) <= 255)),
     CONSTRAINT check_d446f7047b CHECK ((char_length(auth_url) <= 1024)),
diff --git a/doc/api/branches.md b/doc/api/branches.md
index ddefed60616..0c9df88cf85 100644
--- a/doc/api/branches.md
+++ b/doc/api/branches.md
@@ -84,7 +84,7 @@ Parameters:
 | Attribute | Type           | Required | Description                                                                                                  |
 |:----------|:---------------|:---------|:-------------------------------------------------------------------------------------------------------------|
 | `id`      | integer/string | yes      | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. |
-| `branch`  | string         | yes      | Name of the branch.                                                                                          |
+| `branch`  | string         | yes      | [URL-encoded name](index.md#namespaced-path-encoding) of the branch.                                                                                          |
 
 Example request:
 
diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md
index 7aae413b54b..3f89ff08110 100644
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -2007,6 +2007,7 @@ Input type: `DastSiteProfileCreateInput`
 | <a id="mutationdastsiteprofilecreatefullpath"></a>`fullPath` | [`ID!`](#id) | Project the site profile belongs to. |
 | <a id="mutationdastsiteprofilecreateprofilename"></a>`profileName` | [`String!`](#string) | Name of the site profile. |
 | <a id="mutationdastsiteprofilecreaterequestheaders"></a>`requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. |
+| <a id="mutationdastsiteprofilecreatescanfilepath"></a>`scanFilePath` | [`String`](#string) | File Path or URL used as input for the scan method. Will not be saved or updated if `dast_api_scanner` feature flag is disabled. |
 | <a id="mutationdastsiteprofilecreatescanmethod"></a>`scanMethod` | [`DastScanMethodType`](#dastscanmethodtype) | Scan method by the scanner. Is not saved or updated if `dast_api_scanner` feature flag is disabled. |
 | <a id="mutationdastsiteprofilecreatetargettype"></a>`targetType` | [`DastTargetTypeEnum`](#dasttargettypeenum) | Type of target to be scanned. |
 | <a id="mutationdastsiteprofilecreatetargeturl"></a>`targetUrl` | [`String`](#string) | URL of the target to be scanned. |
@@ -2054,6 +2055,7 @@ Input type: `DastSiteProfileUpdateInput`
 | <a id="mutationdastsiteprofileupdateid"></a>`id` | [`DastSiteProfileID!`](#dastsiteprofileid) | ID of the site profile to be updated. |
 | <a id="mutationdastsiteprofileupdateprofilename"></a>`profileName` | [`String!`](#string) | Name of the site profile. |
 | <a id="mutationdastsiteprofileupdaterequestheaders"></a>`requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. |
+| <a id="mutationdastsiteprofileupdatescanfilepath"></a>`scanFilePath` | [`String`](#string) | File Path or URL used as input for the scan method. Will not be saved or updated if `dast_api_scanner` feature flag is disabled. |
 | <a id="mutationdastsiteprofileupdatescanmethod"></a>`scanMethod` | [`DastScanMethodType`](#dastscanmethodtype) | Scan method by the scanner. Is not saved or updated if `dast_api_scanner` feature flag is disabled. |
 | <a id="mutationdastsiteprofileupdatetargettype"></a>`targetType` | [`DastTargetTypeEnum`](#dasttargettypeenum) | Type of target to be scanned. |
 | <a id="mutationdastsiteprofileupdatetargeturl"></a>`targetUrl` | [`String`](#string) | URL of the target to be scanned. |
@@ -11246,6 +11248,7 @@ Represents a DAST Site Profile.
 | <a id="dastsiteprofileprofilename"></a>`profileName` | [`String`](#string) | Name of the site profile. |
 | <a id="dastsiteprofilereferencedinsecuritypolicies"></a>`referencedInSecurityPolicies` | [`[String!]`](#string) | List of security policy names that are referencing given project. |
 | <a id="dastsiteprofilerequestheaders"></a>`requestHeaders` | [`String`](#string) | Comma-separated list of request header names and values to be added to every request made by DAST. |
+| <a id="dastsiteprofilescanfilepath"></a>`scanFilePath` | [`String`](#string) | Scan File Path used as input for the scanner. Will always return `null` if `dast_api_scanner` feature flag is disabled. |
 | <a id="dastsiteprofilescanmethod"></a>`scanMethod` | [`DastScanMethodType`](#dastscanmethodtype) | Scan method used by the scanner. Always returns `null` if `dast_api_scanner` feature flag is disabled. |
 | <a id="dastsiteprofiletargettype"></a>`targetType` | [`DastTargetTypeEnum`](#dasttargettypeenum) | Type of target to be scanned. |
 | <a id="dastsiteprofiletargeturl"></a>`targetUrl` | [`String`](#string) | URL of the target to be scanned. |
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 5140658c217..9ab545b7ad6 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -47831,6 +47831,9 @@ msgstr ""
 msgid "is not a descendant of the Group owning the template"
 msgstr ""
 
+msgid "is not a valid URL."
+msgstr ""
+
 msgid "is not a valid X509 certificate."
 msgstr ""
 
diff --git a/qa/qa/page/project/settings/services/jira.rb b/qa/qa/page/project/settings/services/jira.rb
index b8a65da2a2e..41034bbd897 100644
--- a/qa/qa/page/project/settings/services/jira.rb
+++ b/qa/qa/page/project/settings/services/jira.rb
@@ -28,12 +28,6 @@ module QA
               element :service_jira_project_key_field
             end
 
-            view 'ee/app/assets/javascripts/integrations/edit/components/jira_issue_creation_vulnerabilities.vue' do
-              element :service_jira_enable_vulnerabilities_checkbox
-              element :service_jira_issue_types_fetch_retry_button
-              element :service_jira_select_issue_type_dropdown
-            end
-
             def setup_service_with(url:)
               QA::Runtime::Logger.info "Setting up JIRA"
 
@@ -58,14 +52,11 @@ module QA
               fill_element(:service_jira_project_key_field, key)
             end
 
-            def enable_jira_vulnerabilities
-              check_element(:service_jira_enable_vulnerabilities_checkbox, true)
-            end
-
-            def select_vulnerability_bug_type(bug_type)
-              click_retry_vulnerabilities
-              select_jira_bug_type(bug_type)
-              click_save_changes_and_wait
+            def click_save_changes_and_wait
+              click_save_changes_button
+              wait_until(reload: false) do
+                has_element?(:save_changes_button, wait: 1) ? !find_element(:save_changes_button).disabled? : true
+              end
             end
 
             private
@@ -74,15 +65,6 @@ module QA
               fill_element(:service_url_field, url)
             end
 
-            def click_retry_vulnerabilities
-              click_element(:service_jira_issue_types_fetch_retry_button)
-            end
-
-            def select_jira_bug_type(option)
-              click_element(:service_jira_select_issue_type_dropdown)
-              click_element(:service_jira_type, service_type: option)
-            end
-
             def set_username(username)
               fill_element(:service_username_field, username)
             end
@@ -107,13 +89,6 @@ module QA
               fill_element(:service_jira_issue_transition_id_field, transition_ids)
             end
 
-            def click_save_changes_and_wait
-              click_save_changes_button
-              wait_until(reload: false) do
-                has_element?(:save_changes_button, wait: 1) ? !find_element(:save_changes_button).disabled? : true
-              end
-            end
-
             def click_save_changes_button
               click_element(:save_changes_button)
             end
@@ -123,3 +98,5 @@ module QA
     end
   end
 end
+
+QA::Page::Project::Settings::Services::Jira.prepend_mod_with('Page::Project::Settings::Services::Jira', namespace: QA)