Add latest changes from gitlab-org/gitlab@16-8-stable-eev16.8.0-rc42

14 files changed, 127 insertions, 113 deletions

diff --git a/app/models/concerns/analytics/cycle_analytics/parentable.rb b/app/models/concerns/analytics/cycle_analytics/parentable.rb
index 785f6eea6bf..90a38e3c58c 100644
--- a/app/models/concerns/analytics/cycle_analytics/parentable.rb
+++ b/app/models/concerns/analytics/cycle_analytics/parentable.rb
@@ -6,16 +6,7 @@ module Analytics
       extend ActiveSupport::Concern
 
       included do
-        belongs_to :namespace, class_name: 'Namespace', foreign_key: :group_id, optional: false # rubocop: disable Rails/InverseOf
-
-        validate :ensure_namespace_type
-
-        def ensure_namespace_type
-          return if namespace.nil?
-          return if namespace.is_a?(::Namespaces::ProjectNamespace) || namespace.is_a?(::Group)
-
-          errors.add(:namespace, s_('CycleAnalytics|the assigned object is not supported'))
-        end
+        belongs_to :namespace, class_name: 'Namespace', foreign_key: :group_id, optional: false # rubocop: disable Rails/InverseOf -- this relation is not present on Namespace
       end
     end
   end
diff --git a/app/models/concerns/atomic_internal_id.rb b/app/models/concerns/atomic_internal_id.rb
index ec4ee7985fe..f51b0967968 100644
--- a/app/models/concerns/atomic_internal_id.rb
+++ b/app/models/concerns/atomic_internal_id.rb
@@ -219,8 +219,8 @@ module AtomicInternalId
     ::AtomicInternalId.scope_usage(self.class)
   end
 
-  def self.scope_usage(including_class)
-    including_class.table_name.to_sym
+  def self.scope_usage(klass)
+    klass.respond_to?(:internal_id_scope_usage) ? klass.internal_id_scope_usage : klass.table_name.to_sym
   end
 
   def self.project_init(klass, column_name = :iid)
diff --git a/app/models/concerns/cache_markdown_field.rb b/app/models/concerns/cache_markdown_field.rb
index 6a855198697..7c7fd882228 100644
--- a/app/models/concerns/cache_markdown_field.rb
+++ b/app/models/concerns/cache_markdown_field.rb
@@ -40,8 +40,6 @@ module CacheMarkdownField
     # Banzai is less strict about authors, so don't always have an author key
     context[:author] = self.author if self.respond_to?(:author)
 
-    context[:markdown_engine] = Banzai::Filter::MarkdownFilter::DEFAULT_ENGINE
-
     if Feature.enabled?(:personal_snippet_reference_filters, context[:author])
       context[:user] = self.parent_user
     end
diff --git a/app/models/concerns/ci/has_runner_status.rb b/app/models/concerns/ci/has_runner_status.rb
new file mode 100644
index 00000000000..f6fb9940b44
--- /dev/null
+++ b/app/models/concerns/ci/has_runner_status.rb
@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+module Ci
+  module HasRunnerStatus
+    extend ActiveSupport::Concern
+
+    included do
+      scope :offline, -> { where(arel_table[:contacted_at].lteq(online_contact_time_deadline)) }
+      scope :never_contacted, -> { where(contacted_at: nil) }
+      scope :online, -> { where(arel_table[:contacted_at].gt(online_contact_time_deadline)) }
+
+      scope :with_status, ->(status) do
+        return all if available_statuses.exclude?(status.to_s)
+
+        public_send(status) # rubocop:disable GitlabSecurity/PublicSend -- safe to call
+      end
+    end
+
+    class_methods do
+      def available_statuses
+        self::AVAILABLE_STATUSES
+      end
+
+      def online_contact_time_deadline
+        raise NotImplementedError
+      end
+
+      def stale_deadline
+        raise NotImplementedError
+      end
+    end
+
+    def status
+      return :stale if stale?
+      return :never_contacted unless contacted_at
+
+      online? ? :online : :offline
+    end
+
+    def online?
+      contacted_at && contacted_at > self.class.online_contact_time_deadline
+    end
+
+    def stale?
+      return false unless created_at
+
+      [created_at, contacted_at].compact.max <= self.class.stale_deadline
+    end
+  end
+end
diff --git a/app/models/concerns/ci/partitionable/testing.rb b/app/models/concerns/ci/partitionable/testing.rb
index b961d72db94..9f0d55329ad 100644
--- a/app/models/concerns/ci/partitionable/testing.rb
+++ b/app/models/concerns/ci/partitionable/testing.rb
@@ -21,6 +21,10 @@ module Ci
         Ci::PendingBuild
         Ci::RunningBuild
         Ci::RunnerManagerBuild
+        Ci::PipelineArtifact
+        Ci::PipelineChatData
+        Ci::PipelineConfig
+        Ci::PipelineMetadata
         Ci::PipelineVariable
         Ci::Sources::Pipeline
         Ci::Stage
diff --git a/app/models/concerns/commit_signature.rb b/app/models/concerns/commit_signature.rb
index 201994cb321..12e4a5a0ee0 100644
--- a/app/models/concerns/commit_signature.rb
+++ b/app/models/concerns/commit_signature.rb
@@ -9,17 +9,7 @@ module CommitSignature
 
     sha_attribute :commit_sha
 
-    enum verification_status: {
-      unverified: 0,
-      verified: 1,
-      same_user_different_email: 2,
-      other_user: 3,
-      unverified_key: 4,
-      unknown_key: 5,
-      multiple_signatures: 6,
-      revoked_key: 7,
-      verified_system: 8
-    }
+    enum verification_status: Enums::CommitSignature.verification_statuses
 
     belongs_to :project, class_name: 'Project', foreign_key: 'project_id', optional: false
 
diff --git a/app/models/concerns/database_event_tracking.rb b/app/models/concerns/database_event_tracking.rb
deleted file mode 100644
index 7e2f445189e..00000000000
--- a/app/models/concerns/database_event_tracking.rb
+++ /dev/null
@@ -1,52 +0,0 @@
-# frozen_string_literal: true
-
-module DatabaseEventTracking
-  extend ActiveSupport::Concern
-
-  included do
-    after_create_commit :publish_database_create_event
-    after_destroy_commit :publish_database_destroy_event
-    after_update_commit :publish_database_update_event
-  end
-
-  def publish_database_create_event
-    publish_database_event('create')
-  end
-
-  def publish_database_destroy_event
-    publish_database_event('destroy')
-  end
-
-  def publish_database_update_event
-    publish_database_event('update')
-  end
-
-  def publish_database_event(name)
-    # Gitlab::Tracking#event is triggering Snowplow event
-    # Snowplow events are sent with usage of
-    # https://snowplow.github.io/snowplow-ruby-tracker/SnowplowTracker/AsyncEmitter.html
-    # that reports data asynchronously and does not impact performance nor carries a risk of
-    # rollback in case of error
-
-    Gitlab::Tracking.database_event(
-      self.class.to_s,
-      "database_event_#{name}",
-      label: self.class.table_name,
-      project: try(:project),
-      namespace: (try(:group) || try(:namespace)) || try(:project)&.namespace,
-      property: name,
-      **filtered_record_attributes
-    )
-  rescue StandardError => err
-    # this rescue should be a dead code due to utilization of AsyncEmitter, however
-    # since this concern is expected to be included in every model, it is better to
-    # prevent against any unexpected outcome
-    Gitlab::ErrorTracking.track_and_raise_for_dev_exception(err)
-  end
-
-  def filtered_record_attributes
-    attributes
-      .with_indifferent_access
-      .slice(*self.class::SNOWPLOW_ATTRIBUTES)
-  end
-end
diff --git a/app/models/concerns/enums/commit_signature.rb b/app/models/concerns/enums/commit_signature.rb
new file mode 100644
index 00000000000..92625af58ef
--- /dev/null
+++ b/app/models/concerns/enums/commit_signature.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Enums
+  class CommitSignature
+    VERIFICATION_STATUSES = {
+      unverified: 0,
+      verified: 1,
+      same_user_different_email: 2,
+      other_user: 3,
+      unverified_key: 4,
+      unknown_key: 5,
+      multiple_signatures: 6,
+      revoked_key: 7,
+      verified_system: 8
+      # EE adds more values in ee/app/models/concerns/ee/enums/commit_signature.rb
+    }.freeze
+
+    def self.verification_statuses
+      VERIFICATION_STATUSES
+    end
+  end
+end
+
+Enums::CommitSignature.prepend_mod
diff --git a/app/models/concerns/integrations/enable_ssl_verification.rb b/app/models/concerns/integrations/enable_ssl_verification.rb
index cb20955488a..1dffe183475 100644
--- a/app/models/concerns/integrations/enable_ssl_verification.rb
+++ b/app/models/concerns/integrations/enable_ssl_verification.rb
@@ -9,7 +9,8 @@ module Integrations
         type: :checkbox,
         title: -> { s_('Integrations|SSL verification') },
         checkbox_label: -> { s_('Integrations|Enable SSL verification') },
-        help: -> { s_('Integrations|Clear if using a self-signed certificate.') }
+        help: -> { s_('Integrations|Clear if using a self-signed certificate.') },
+        description: -> { s_('Enable SSL verification. Defaults to `true` (enabled).') }
     end
 
     def initialize_properties
diff --git a/app/models/concerns/integrations/has_issue_tracker_fields.rb b/app/models/concerns/integrations/has_issue_tracker_fields.rb
index 223191fb963..3ce1dd36a5e 100644
--- a/app/models/concerns/integrations/has_issue_tracker_fields.rb
+++ b/app/models/concerns/integrations/has_issue_tracker_fields.rb
@@ -10,16 +10,16 @@ module Integrations
       field :project_url,
         required: true,
         title: -> { _('Project URL') },
-        help: -> do
-          s_('IssueTracker|The URL to the project in the external issue tracker.')
-        end
+        description: -> { s_('URL of the project.') },
+        help: -> { s_('IssueTracker|URL of the project in the external issue tracker.') }
 
       field :issues_url,
         required: true,
         title: -> { s_('IssueTracker|Issue URL') },
+        description: -> { s_('URL of the issue.') },
         help: -> do
           ERB::Util.html_escape(
-            s_('IssueTracker|The URL to view an issue in the external issue tracker. Must contain %{colon_id}.')
+            s_('IssueTracker|URL to view an issue in the external issue tracker. Must contain %{colon_id}.')
           ) % {
             colon_id: '<code>:id</code>'.html_safe
           }
@@ -28,9 +28,8 @@ module Integrations
       field :new_issue_url,
         required: true,
         title: -> { s_('IssueTracker|New issue URL') },
-        help: -> do
-          s_('IssueTracker|The URL to create an issue in the external issue tracker.')
-        end
+        description: -> { s_('URL of the new issue.') },
+        help: -> { s_('IssueTracker|URL to create an issue in the external issue tracker.') }
     end
   end
 end
diff --git a/app/models/concerns/integrations/slack_mattermost_fields.rb b/app/models/concerns/integrations/slack_mattermost_fields.rb
index a8e63c4e405..08f86813cc1 100644
--- a/app/models/concerns/integrations/slack_mattermost_fields.rb
+++ b/app/models/concerns/integrations/slack_mattermost_fields.rb
@@ -7,26 +7,40 @@ module Integrations
     included do
       field :webhook,
         help: -> { webhook_help },
+        description: -> do
+          Kernel.format(_("%{title} webhook (for example, `%{example}`)."), title: title, example: webhook_help)
+        end,
         required: true,
         if: -> { requires_webhook? }
 
       field :username,
         placeholder: 'GitLab-integration',
+        description: -> { Kernel.format(_("%{title} username."), title: title) },
         if: -> { requires_webhook? }
 
+      field :channel,
+        description: -> { _('Default channel to use if no other channel is configured.') },
+        api_only: true
+
       field :notify_only_broken_pipelines,
         type: :checkbox,
         section: Integration::SECTION_TYPE_CONFIGURATION,
+        description: -> { _('Send notifications for broken pipelines.') },
         help: 'Do not send notifications for successful pipelines.'
 
       field :branches_to_be_notified,
         type: :select,
         section: Integration::SECTION_TYPE_CONFIGURATION,
         title: -> { s_('Integration|Branches for which notifications are to be sent') },
+        description: -> {
+                       _('Branches to send notifications for. Valid options are `all`, `default`, `protected`, ' \
+                         'and `default_and_protected`. The default value is `default`.')
+                     },
         choices: -> { branch_choices }
 
       field :labels_to_be_notified,
         section: Integration::SECTION_TYPE_CONFIGURATION,
+        description: -> { _('Labels to send notifications for. Leave blank to receive notifications for all events.') },
         placeholder: '~backend,~frontend',
         help: 'Send notifications for issue, merge request, and comment events with the listed labels only. ' \
               'Leave blank to receive notifications for all events.'
@@ -34,6 +48,10 @@ module Integrations
       field :labels_to_be_notified_behavior,
         type: :select,
         section: Integration::SECTION_TYPE_CONFIGURATION,
+        description: -> {
+          _('Labels to be notified for. Valid options are `match_any` and `match_all`. ' \
+            'The default value is `match_any`.')
+        },
         choices: [
           ['Match any of the labels', Integrations::BaseChatNotification::MATCH_ANY_LABEL],
           ['Match all of the labels', Integrations::BaseChatNotification::MATCH_ALL_LABELS]
diff --git a/app/models/concerns/partitioned_table.rb b/app/models/concerns/partitioned_table.rb
index c322a736e79..8feb162207d 100644
--- a/app/models/concerns/partitioned_table.rb
+++ b/app/models/concerns/partitioned_table.rb
@@ -9,7 +9,8 @@ module PartitionedTable
     PARTITIONING_STRATEGIES = {
       monthly: Gitlab::Database::Partitioning::MonthlyStrategy,
       sliding_list: Gitlab::Database::Partitioning::SlidingListStrategy,
-      ci_sliding_list: Gitlab::Database::Partitioning::CiSlidingListStrategy
+      ci_sliding_list: Gitlab::Database::Partitioning::CiSlidingListStrategy,
+      int_range: Gitlab::Database::Partitioning::IntRangeStrategy
     }.freeze
 
     def partitioned_by(partitioning_key, strategy:, **kwargs)
diff --git a/app/models/concerns/restricted_signup.rb b/app/models/concerns/restricted_signup.rb
index 87b62214529..8fcf0532151 100644
--- a/app/models/concerns/restricted_signup.rb
+++ b/app/models/concerns/restricted_signup.rb
@@ -31,10 +31,10 @@ module RestrictedSignup
   def error_message
     {
       admin: {
-        allowlist: html_escape_once(_("Go to the 'Admin area &gt; Sign-up restrictions', and check 'Allowed domains for sign-ups'.")).html_safe,
-        denylist: html_escape_once(_("Go to the 'Admin area &gt; Sign-up restrictions', and check the 'Domain denylist'.")).html_safe,
-        restricted: html_escape_once(_("Go to the 'Admin area &gt; Sign-up restrictions', and check 'Email restrictions for sign-ups'.")).html_safe,
-        group_setting: html_escape_once(_("Go to the group’s 'Settings &gt; General' page, and check 'Restrict membership by email domain'.")).html_safe
+        allowlist: ERB::Util.html_escape_once(_("Go to the 'Admin area &gt; Sign-up restrictions', and check 'Allowed domains for sign-ups'.")).html_safe,
+        denylist: ERB::Util.html_escape_once(_("Go to the 'Admin area &gt; Sign-up restrictions', and check the 'Domain denylist'.")).html_safe,
+        restricted: ERB::Util.html_escape_once(_("Go to the 'Admin area &gt; Sign-up restrictions', and check 'Email restrictions for sign-ups'.")).html_safe,
+        group_setting: ERB::Util.html_escape_once(_("Go to the group’s 'Settings &gt; General' page, and check 'Restrict membership by email domain'.")).html_safe
       },
       nonadmin: {
         allowlist: error_nonadmin,
diff --git a/app/models/concerns/routable.rb b/app/models/concerns/routable.rb
index 242194be440..43874d0211c 100644
--- a/app/models/concerns/routable.rb
+++ b/app/models/concerns/routable.rb
@@ -87,37 +87,27 @@ module Routable
     #     Klass.where_full_path_in(%w{gitlab-org/gitlab-foss gitlab-org/gitlab})
     #
     # Returns an ActiveRecord::Relation.
-    def where_full_path_in(paths, use_includes: true)
+    def where_full_path_in(paths, preload_routes: true)
       return none if paths.empty?
 
-      wheres = paths.map do |path|
+      path_condition = paths.map do |path|
         "(LOWER(routes.path) = LOWER(#{connection.quote(path)}))"
-      end
+      end.join(' OR ')
 
-      if Feature.enabled?(:optimize_where_full_path_in, Feature.current_request)
-        route_scope = all
-        source_type_condition = { source_type: route_scope.klass.base_class }
+      route_scope = all
+      source_type_condition = { source_type: route_scope.klass.base_class }
 
-        routes_matching_condition = Route.where(source_type_condition).where(wheres.join(' OR '))
+      routes_matching_condition = Route
+        .where(source_type_condition)
+        .where(path_condition)
 
-        result = route_scope.where(id: routes_matching_condition.pluck(:source_id))
+      source_ids = routes_matching_condition.pluck(:source_id)
+      result = route_scope.where(id: source_ids)
 
-        if use_includes
-          result.preload(:route)
-        else
-          result
-        end
+      if preload_routes
+        result.preload(:route)
       else
-        route =
-          if use_includes
-            includes(:route).references(:routes)
-          else
-            joins(:route)
-          end
-
-        route
-          .where(wheres.join(' OR '))
-          .allow_cross_joins_across_databases(url: "https://gitlab.com/gitlab-org/gitlab/-/issues/420046")
+        result
       end
     end
   end