Add latest changes from gitlab-org/gitlab@master

17 files changed, 139 insertions, 55 deletions

diff --git a/app/controllers/concerns/verifies_with_email.rb b/app/controllers/concerns/verifies_with_email.rb
index 782cae53c3f..49475c74590 100644
--- a/app/controllers/concerns/verifies_with_email.rb
+++ b/app/controllers/concerns/verifies_with_email.rb
@@ -84,10 +84,7 @@ module VerifiesWithEmail
   def send_verification_instructions_email(user, token)
     return unless user.can?(:receive_notifications)
 
-    Notify.verification_instructions_email(
-      user.id,
-      token: token,
-      expires_in: Users::EmailVerification::ValidateTokenService::TOKEN_VALID_FOR_MINUTES).deliver_later
+    Notify.verification_instructions_email(user.email, token: token).deliver_later
 
     log_verification(user, :instructions_sent)
   end
diff --git a/app/mailers/emails/identity_verification.rb b/app/mailers/emails/identity_verification.rb
index e3089fdef9b..f3fe609e7d1 100644
--- a/app/mailers/emails/identity_verification.rb
+++ b/app/mailers/emails/identity_verification.rb
@@ -2,14 +2,22 @@
 
 module Emails
   module IdentityVerification
-    def verification_instructions_email(user_id, token:, expires_in:)
+    def verification_instructions_email(email, token:)
       @token = token
-      @expires_in_minutes = expires_in
+      @expires_in_minutes = Users::EmailVerification::ValidateTokenService::TOKEN_VALID_FOR_MINUTES
       @password_link = edit_profile_password_url
       @two_fa_link = help_page_url('user/profile/account/two_factor_authentication')
 
-      user = User.find(user_id)
-      email_with_layout(to: user.email, subject: s_('IdentityVerification|Verify your identity'))
+      headers = {
+        to: email,
+        subject: s_('IdentityVerification|Verify your identity'),
+        'X-Mailgun-Suppressions-Bypass' => 'true'
+      }
+
+      mail_with_locale(headers) do |format|
+        format.html { render layout: 'mailer' }
+        format.text
+      end
     end
   end
 end
diff --git a/app/mailers/previews/notify_preview.rb b/app/mailers/previews/notify_preview.rb
index 206518e582b..7d7e01950c8 100644
--- a/app/mailers/previews/notify_preview.rb
+++ b/app/mailers/previews/notify_preview.rb
@@ -210,7 +210,7 @@ class NotifyPreview < ActionMailer::Preview
   end
 
   def verification_instructions_email
-    Notify.verification_instructions_email(user.id, token: '123456', expires_in: 60).message
+    Notify.verification_instructions_email(user.email, token: '123456').message
   end
 
   def project_was_exported_email
diff --git a/doc/security/password_length_limits.md b/doc/security/password_length_limits.md
index 55d6e8642bd..698fb0efe55 100644
--- a/doc/security/password_length_limits.md
+++ b/doc/security/password_length_limits.md
@@ -12,9 +12,11 @@ By default, GitLab supports passwords with the following lengths:
 - Minimum: 8 characters
 - Maximum: 128 characters
 
-You can only change the minimum password length. Changing the minimum length does not affect existing user passwords. Existing users are not asked to reset their password to adhere to the new limits. The new limit restriction applies only during new user sign-ups and when an existing user performs a password reset.
+You can only change the minimum password length. Changing the minimum length does not affect existing user passwords.
+Existing users are not asked to reset their password to adhere to the new limits. The new limit restriction applies only
+during new user sign-ups and when an existing user performs a password reset.
 
-## Modify minimum password length using GitLab UI
+## Modify minimum password length
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20661) in GitLab 12.6
 
@@ -24,9 +26,6 @@ To change the minimum password length using GitLab UI:
 
 1. On the top bar, select **Main menu > Admin**.
 1. On the left sidebar, select **Settings > General** and expand **Sign-up restrictions**.
-
-   ![Minimum password length settings](../user/admin_area/img/minimum_password_length_settings_v12_6.png)
-
 1. Enter a **Minimum password length** value greater than or equal to `8`.
 1. Select **Save changes**.
 
diff --git a/doc/user/admin_area/img/minimum_password_length_settings_v12_6.png b/doc/user/admin_area/img/minimum_password_length_settings_v12_6.png
deleted file mode 100644
index 27634a02a8a..00000000000
--- a/doc/user/admin_area/img/minimum_password_length_settings_v12_6.png
+++ /dev/null
diff --git a/doc/user/admin_area/settings/sign_up_restrictions.md b/doc/user/admin_area/settings/sign_up_restrictions.md
index 28fb188731b..f2139583cc2 100644
--- a/doc/user/admin_area/settings/sign_up_restrictions.md
+++ b/doc/user/admin_area/settings/sign_up_restrictions.md
@@ -115,7 +115,7 @@ create or update pipelines until their email address is confirmed.
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20661) in GitLab 12.6
 
-You can [change](../../../security/password_length_limits.md#modify-minimum-password-length-using-gitlab-ui)
+You can [change](../../../security/password_length_limits.md#modify-minimum-password-length)
 the minimum number of characters a user must have in their password using the GitLab UI.
 
 ### Password complexity requirements **(PREMIUM SELF)**
diff --git a/doc/user/analytics/dora_metrics.md b/doc/user/analytics/dora_metrics.md
index 605985cd779..07b6d06f73e 100644
--- a/doc/user/analytics/dora_metrics.md
+++ b/doc/user/analytics/dora_metrics.md
@@ -20,6 +20,13 @@ DORA includes four key metrics, divided into two core areas of DevOps:
 
 For software leaders, tracking velocity alongside quality metrics ensures they're not sacrificing quality for speed.
 
+<div class="video-fallback">
+  For an overview, see <a href="https://www.youtube.com/watch?v=1BrcMV6rCDw">GitLab Speed Run: DORA metrics in GitLab One DevOps Platform</a>.
+</div>
+<figure class="video-container">
+  <iframe src="https://www.youtube.com/embed/1BrcMV6rCDw" frameborder="0" allowfullscreen="true"> </iframe>
+</figure>
+
 ## DORA Metrics dashboard in Value Stream Analytics
 
 The four DORA metrics are available out-of-the-box in the [Value Stream Analytics (VSA) overview dashboard](../group/value_stream_analytics/index.md#view-dora-metrics-and-key-metrics-for-a-group).
diff --git a/lib/api/api.rb b/lib/api/api.rb
index c21437cf948..3400e15394d 100644
--- a/lib/api/api.rb
+++ b/lib/api/api.rb
@@ -193,6 +193,7 @@ module API
         mount ::API::SnippetRepositoryStorageMoves
         mount ::API::ProtectedBranches
         mount ::API::Statistics
+        mount ::API::Submodules
         mount ::API::Suggestions
         mount ::API::Tags
         mount ::API::UserCounts
@@ -312,7 +313,6 @@ module API
       mount ::API::Settings
       mount ::API::SidekiqMetrics
       mount ::API::Snippets
-      mount ::API::Submodules
       mount ::API::Subscriptions
       mount ::API::SystemHooks
       mount ::API::Tags
diff --git a/lib/api/entities/ci/pipeline_basic.rb b/lib/api/entities/ci/pipeline_basic.rb
index a2a5a98920a..6d82cca1bf1 100644
--- a/lib/api/entities/ci/pipeline_basic.rb
+++ b/lib/api/entities/ci/pipeline_basic.rb
@@ -4,10 +4,21 @@ module API
   module Entities
     module Ci
       class PipelineBasic < Grape::Entity
-        expose :id, :iid, :project_id, :sha, :ref, :status, :source
-        expose :created_at, :updated_at
+        expose :id, documentation: { type: 'integer', example: 1 }
+        expose :iid, documentation: { type: 'integer', example: 2 }
+        expose :project_id, documentation: { type: 'integer', example: 3 }
+        expose :sha, documentation: { type: 'string', example: '0ec9e58fdfca6cdd6652c083c9edb53abc0bad52' }
+        expose :ref, documentation: { type: 'string', example: 'feature-branch' }
+        expose :status, documentation: { type: 'string', example: 'success' }
+        expose :source, documentation: { type: 'string', example: 'push' }
+        expose :created_at, documentation: { type: 'dateTime', example: '2022-10-21T16:49:48.000+02:00' }
+        expose :updated_at, documentation: { type: 'dateTime', example: '2022-10-21T16:49:48.000+02:00' }
 
-        expose :web_url do |pipeline, _options|
+        expose :web_url,
+               documentation: {
+                 type: 'string',
+                 example: 'https://gitlab.example.com/gitlab-org/gitlab-foss/-/pipelines/61'
+               } do |pipeline, _options|
           Gitlab::Routing.url_helpers.project_pipeline_url(pipeline.project, pipeline)
         end
       end
diff --git a/lib/api/entities/commit.rb b/lib/api/entities/commit.rb
index 5996c0966fb..a247ea2110e 100644
--- a/lib/api/entities/commit.rb
+++ b/lib/api/entities/commit.rb
@@ -16,7 +16,7 @@ module API
       expose :committer_name, documentation: { type: 'string', example: 'Jack Smith' }
       expose :committer_email, documentation: { type: 'string', example: 'jack@example.com' }
       expose :committed_date, documentation: { type: 'dateTime', example: '2012-05-28T04:42:42-07:00' }
-      expose :trailers, documentation: { type: 'object', example: '{}' }
+      expose :trailers, documentation: { type: 'object', example: '{ "Merged-By": "Jane Doe janedoe@gitlab.com" }' }
 
       expose :web_url,
              documentation: {
diff --git a/lib/api/entities/commit_detail.rb b/lib/api/entities/commit_detail.rb
index cc529639359..428c53f7fe3 100644
--- a/lib/api/entities/commit_detail.rb
+++ b/lib/api/entities/commit_detail.rb
@@ -6,10 +6,10 @@ module API
       include ::API::Helpers::Presentable
 
       expose :stats, using: Entities::CommitStats, if: :include_stats
-      expose :status_for, as: :status
-      expose :project_id
+      expose :status_for, as: :status, documentation: { type: 'string', example: 'success' }
+      expose :project_id, documentation: { type: 'integer', example: 1 }
 
-      expose :last_pipeline do |commit, options|
+      expose :last_pipeline, documentation: { type: ::API::Entities::Ci::PipelineBasic.to_s } do |commit, options|
         pipeline = commit.last_pipeline if can_read_pipeline?
         ::API::Entities::Ci::PipelineBasic.represent(pipeline, options)
       end
diff --git a/lib/api/entities/commit_stats.rb b/lib/api/entities/commit_stats.rb
index d9ba99c8eb0..e07483e5d97 100644
--- a/lib/api/entities/commit_stats.rb
+++ b/lib/api/entities/commit_stats.rb
@@ -3,7 +3,9 @@
 module API
   module Entities
     class CommitStats < Grape::Entity
-      expose :additions, :deletions, :total
+      expose :additions, documentation: { type: 'integer', example: 1 }
+      expose :deletions, documentation: { type: 'integer', example: 0 }
+      expose :total, documentation: { type: 'integer', example: 1 }
     end
   end
 end
diff --git a/lib/api/submodules.rb b/lib/api/submodules.rb
index 2b51ab91c40..6638ac57f69 100644
--- a/lib/api/submodules.rb
+++ b/lib/api/submodules.rb
@@ -18,17 +18,34 @@ module API
     end
 
     params do
-      requires :id, type: String, desc: 'The project ID'
+      requires :id,
+        type: String,
+        desc: 'The ID or URL-encoded path of a project',
+        documentation: { example: 'gitlab-org/gitlab' }
     end
-    resource :projects, requirements: Files::FILE_ENDPOINT_REQUIREMENTS do
+    resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
       desc 'Update existing submodule reference in repository' do
-        success Entities::Commit
+        success code: 200, model: Entities::CommitDetail
+        failure [
+          { code: 404, message: '404 Project Not Found' },
+          { code: 401, message: '401 Unauthorized' },
+          { code: 400, message: 'The repository is empty' }
+        ]
       end
       params do
-        requires :submodule, type: String, desc: 'Url encoded full path to submodule.'
-        requires :commit_sha, type: String, desc: 'Commit sha to update the submodule to.'
-        requires :branch, type: String, desc: 'Name of the branch to commit into.'
-        optional :commit_message, type: String, desc: 'Commit message. If no message is provided a default one will be set.'
+        requires :submodule,
+          type: String,
+          desc: 'Url encoded full path to submodule.',
+          documentation: { example: 'gitlab-org/gitlab-shell' }
+        requires :commit_sha,
+          type: String,
+          desc: 'Commit sha to update the submodule to.',
+          documentation: { example: 'ed899a2f4b50b4370feeea94676502b42383c746' }
+        requires :branch, type: String, desc: 'Name of the branch to commit into.', documentation: { example: 'main' }
+        optional :commit_message,
+          type: String,
+          desc: 'Commit message. If no message is provided a default one will be set.',
+          documentation: { example: 'Commit message' }
       end
       put ":id/repository/submodules/:submodule", requirements: Files::FILE_ENDPOINT_REQUIREMENTS do
         authorize! :push_code, user_project
diff --git a/lib/api/terraform/state.rb b/lib/api/terraform/state.rb
index a19919b5e76..61583ece82e 100644
--- a/lib/api/terraform/state.rb
+++ b/lib/api/terraform/state.rb
@@ -27,8 +27,16 @@ module API
         increment_unique_values('p_terraform_state_api_unique_users', current_user.id)
 
         if Feature.enabled?(:route_hll_to_snowplow_phase2, user_project&.namespace)
-          Gitlab::Tracking.event('API::Terraform::State', 'p_terraform_state_api_unique_users',
-            namespace: user_project&.namespace, user: current_user)
+          Gitlab::Tracking.event(
+            'API::Terraform::State',
+            'terraform_state_api_request',
+            namespace: user_project&.namespace,
+            user: current_user,
+            project: user_project,
+            label: 'redis_hll_counters.terraform.p_terraform_state_api_unique_users_monthly',
+            context: [Gitlab::Tracking::ServicePingContext.new(data_source: :redis_hll,
+                                                               event: 'p_terraform_state_api_unique_users').to_context]
+          )
         end
       end
 
diff --git a/qa/qa/specs/features/browser_ui/5_package/container_registry/container_registry_omnibus_spec.rb b/qa/qa/specs/features/browser_ui/5_package/container_registry/container_registry_omnibus_spec.rb
index 5947b61c9c8..c57a5c27dd2 100644
--- a/qa/qa/specs/features/browser_ui/5_package/container_registry/container_registry_omnibus_spec.rb
+++ b/qa/qa/specs/features/browser_ui/5_package/container_registry/container_registry_omnibus_spec.rb
@@ -174,7 +174,7 @@ module QA
             Page::Project::Registry::Show.perform do |registry|
               expect(registry).to have_registry_repository(project.name)
 
-              registry.click_on_image(project.path_with_namespace)
+              registry.click_on_image(project.name)
               expect(registry).to have_tag('master')
             end
           end
@@ -232,7 +232,7 @@ module QA
           Page::Project::Registry::Show.perform do |registry|
             expect(registry).to have_registry_repository(project.name)
 
-            registry.click_on_image(project.path_with_namespace)
+            registry.click_on_image(project.name)
 
             expect(registry).to have_tag('master')
 
diff --git a/spec/mailers/emails/identity_verification_spec.rb b/spec/mailers/emails/identity_verification_spec.rb
new file mode 100644
index 00000000000..57ae95cc1ee
--- /dev/null
+++ b/spec/mailers/emails/identity_verification_spec.rb
@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Emails::IdentityVerification do
+  include EmailSpec::Matchers
+  include_context 'gitlab email notification'
+
+  describe 'verification_instructions_email' do
+    let_it_be(:user) { build_stubbed(:user) }
+    let_it_be(:token) { '123456' }
+
+    subject do
+      Notify.verification_instructions_email(user.email, token: token)
+    end
+
+    it_behaves_like 'an email sent from GitLab'
+
+    it 'is sent to the user' do
+      is_expected.to deliver_to user.email
+    end
+
+    it 'has the correct subject' do
+      is_expected.to have_subject s_('IdentityVerification|Verify your identity')
+    end
+
+    it 'has the mailgun suppression bypass header' do
+      is_expected.to have_header 'X-Mailgun-Suppressions-Bypass', 'true'
+    end
+
+    it 'includes the token' do
+      is_expected.to have_body_text token
+    end
+
+    it 'includes the expiration time' do
+      expires_in_minutes = Users::EmailVerification::ValidateTokenService::TOKEN_VALID_FOR_MINUTES
+
+      is_expected.to have_body_text format(s_('IdentityVerification|Your verification code expires after '\
+        '%{expires_in_minutes} minutes.'), expires_in_minutes: expires_in_minutes)
+    end
+  end
+end
diff --git a/spec/requests/api/terraform/state_spec.rb b/spec/requests/api/terraform/state_spec.rb
index 959d28f52c9..38b08b4e214 100644
--- a/spec/requests/api/terraform/state_spec.rb
+++ b/spec/requests/api/terraform/state_spec.rb
@@ -46,26 +46,19 @@ RSpec.describe API::Terraform::State, :snowplow do
         let(:expected_value) { instance_of(Integer) }
       end
 
-      it 'tracks Snowplow event' do
-        request
-
-        expect_snowplow_event(
-          category: described_class.to_s,
-          action: 'p_terraform_state_api_unique_users',
-          namespace: project.namespace.reload,
-          user: current_user
-        )
-      end
-
-      context 'when route_hll_to_snowplow_phase2 FF is disabled' do
-        before do
-          stub_feature_flags(route_hll_to_snowplow_phase2: false)
-        end
-
-        it 'does not track Snowplow event' do
-          request
-
-          expect_no_snowplow_event
+      it_behaves_like 'Snowplow event tracking with RedisHLL context' do
+        subject(:api_request) { request }
+
+        let(:feature_flag_name) { :route_hll_to_snowplow_phase2 }
+        let(:category) { described_class.name }
+        let(:action) { 'terraform_state_api_request' }
+        let(:label) { 'redis_hll_counters.terraform.p_terraform_state_api_unique_users_monthly' }
+        let(:namespace) { project.namespace.reload }
+        let(:user) { current_user }
+        let(:context) do
+          payload = Gitlab::Tracking::ServicePingContext.new(data_source: :redis_hll,
+                                                             event: 'p_terraform_state_api_unique_users').to_context
+          [Gitlab::Json.dump(payload)]
         end
       end
     end