Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-04-14 18:08:59 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-04-14 18:08:59 +0300
commit: 9b762f50fee09b50b97b5ab208a9a62522447c8c (patch)
tree: 4dbd16c66f6aeacc1b88c1e3350df09ce4f91183 /doc/user
parent: 9769ccf613ec45634ee32efaf1c39763a759a917 (diff)
6 files changed, 64 insertions, 49 deletions
diff --git a/doc/user/application_security/policies/img/association_diagram.png b/doc/user/application_security/policies/img/association_diagram.png
new file mode 100644
index 00000000000..d082e297c68
--- /dev/null
+++ b/doc/user/application_security/policies/img/association_diagram.png
diff --git a/doc/user/application_security/policies/index.md b/doc/user/application_security/policies/index.md
index 8a39220da35..f14a5c20d07 100644
--- a/doc/user/application_security/policies/index.md
+++ b/doc/user/application_security/policies/index.md
@@ -21,6 +21,56 @@ GitLab supports the following security policies:
 - [Scan Result Policy](scan-result-policies.md)
 - [Container Network Policy](#container-network-policy) (DEPRECATED)
 
+## Security policy project
+
+All security policies are stored as YAML in a separate security policy project that gets linked to
+the development project. This association can be a one-to-many relationship, allowing one security
+policy project to apply to multiple development projects. Linked projects are not required to be in
+the same group as the development projects to which they are linked.
+
+![Security Policy Project Linking Diagram](img/association_diagram.png)
+
+Although it is possible to have one project linked to itself and to serve as both the development
+project and the security policy project, this is not recommended. Keeping the security policy
+project separate from the development project allows for complete separation of duties between
+security/compliance teams and development teams.
+
+All security policies are stored in the `.gitlab/security-policies/policy.yml` YAML file inside the
+linked security policy project. The format for this YAML is specific to the type of policy that is
+stored there. Examples and schema information are available for the following policy types:
+
+- [Scan execution policy](scan-execution-policies.md#example-security-policies-project)
+- [Scan result policy](scan-result-policies.md#example-security-scan-result-policies-project)
+
+Policies created in this project are applied through a background job that runs once every 10
+minutes. Allow up to 10 minutes for any policy changes committed to this project to take effect.
+
+### Managing the linked security policy project
+
+NOTE:
+Only project Owners have the [permissions](../../permissions.md#project-members-permissions)
+to select, edit, and unlink a security policy project.
+
+As a project owner, take the following steps to create or edit an association between your current
+project and a project that you would like to designate as the security policy project:
+
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Security & Compliance > Policies**.
+1. Select **Edit Policy Project**, and search for and select the
+   project you would like to link from the dropdown menu.
+1. Select **Save**.
+
+To unlink a security policy project, follow the same steps but instead select the trash can icon in
+the modal.
+
+![Security Policy Project](img/security_policy_project_v14_6.png)
+
+### Viewing the linked security policy project
+
+All users who have access to the project policy page and are not project owners will instead view a
+button linking out to the associated security policy project. If no security policy project has been
+associated then the linking button does not appear.
+
 ## Policy management
 
 The Policies page displays deployed
@@ -57,6 +107,7 @@ You can use the policy editor to create, edit, and delete policies:
 1. On the top bar, select **Menu > Projects** and find your group.
 1. On the left sidebar, select **Security & Compliance > Policies**.
    - To create a new policy, select **New policy** which is located in the **Policies** page's header.
+     You can then select which type of policy to create.
    - To edit an existing policy, select **Edit policy** in the selected policy drawer.
 
 The policy editor has two modes:
@@ -78,44 +129,12 @@ by the Rule mode, Rule mode is automatically
 disabled. If the YAML is incorrect, you must use YAML
 mode to fix your policy before Rule mode is available again.
 
-## Security Policies project
-
-NOTE:
-We recommend using the [Security Policies project](#security-policies-project)
-exclusively for managing policies for the project. Do not add your application's source code to such
-projects.
-
-The Security Policies feature is a repository to store policies. All security policies are stored in
-the `.gitlab/security-policies/policy.yml` YAML file. The format for this YAML is specific to the type of policy that is being stored there. Examples and schema information are available for the following policy types:
-
-- [Scan execution policy](scan-execution-policies.md#example-security-policies-project)
-- [Scan result policy](scan-result-policies.md#example-security-scan-result-policies-project)
-
-Policies created in this project are applied through a background job that runs once every 10
-minutes. Allow up to 10 minutes for any policy changes committed to this project to take effect.
-
-## Security Policy project selection
-
-NOTE:
-Only project Owners have the [permissions](../../permissions.md#project-members-permissions)
-to select Security Policy Project.
-
-When the Security Policy project is created and policies are created within that repository, you
-must create an association between that project and the project you want to apply policies to:
-
-1. On the top bar, select **Menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Policies**.
-1. Select **Edit Policy Project**, and search for and select the
-   project you would like to link from the dropdown menu.
-1. Select **Save**.
-
-   ![Security Policy Project](img/security_policy_project_v14_6.png)
-
-### Unlink Security Policy projects
-
-Project owners can unlink Security Policy projects from development projects. To do this, follow
-the steps described in [Security Policy project selection](#security-policy-project-selection),
-but select the trash can icon in the modal.
+When you finish creating or editing your policy, save and apply it by selecting the
+**Configure with a merge request** button and then merging the resulting merge request. When you
+press this button, the policy YAML is validated and any resulting errors are displayed.
+Additionally, if you are a project owner and a security policy project has not been previously
+associated with this project, then a new project is created and associated automatically at the same
+time that the first policy merge request is created.
 
 ## Scan execution policies
 
diff --git a/doc/user/application_security/policies/scan-execution-policies.md b/doc/user/application_security/policies/scan-execution-policies.md
index c3778ac97de..7e8e60768b9 100644
--- a/doc/user/application_security/policies/scan-execution-policies.md
+++ b/doc/user/application_security/policies/scan-execution-policies.md
@@ -132,8 +132,8 @@ Note the following:
 
 ## Example security policies project
 
-You can use this example in a `.gitlab/security-policies/policy.yml`, as described in
-[Security policies project](index.md#security-policies-project).
+You can use this example in a `.gitlab/security-policies/policy.yml` file stored in a
+[security policy project](index.md#security-policy-project):
 
 ```yaml
 ---
diff --git a/doc/user/application_security/policies/scan-result-policies.md b/doc/user/application_security/policies/scan-result-policies.md
index 06344a3b785..d2cce207bfd 100644
--- a/doc/user/application_security/policies/scan-result-policies.md
+++ b/doc/user/application_security/policies/scan-result-policies.md
@@ -90,8 +90,8 @@ Requirements and limitations:
 
 ## Example security scan result policies project
 
-You can use this example in a `.gitlab/security-policies/policy.yml`, as described in
-[Security policies project](index.md#security-policies-project):
+You can use this example in a `.gitlab/security-policies/policy.yml` file stored in a
+[security policy project](index.md#security-policy-project):
 
 ```yaml
 ---
diff --git a/doc/user/search/advanced_search.md b/doc/user/search/advanced_search.md
index a65e5d1ab03..5435a9d027c 100644
--- a/doc/user/search/advanced_search.md
+++ b/doc/user/search/advanced_search.md
@@ -26,8 +26,8 @@ when searching in:
 - Comments
 - Code
 - Commits
-- Wiki (except [group wikis](../project/wiki/group.md))
 - Users
+- Wiki (except [group wikis](../project/wiki/group.md))
 
 The Advanced Search can be useful in various scenarios:
 
@@ -76,6 +76,7 @@ its performance:
 | Commits | `global_search_commits_tab` | When enabled, the global search includes commits as part of the search. |
 | Issues | `global_search_issues_tab` | When enabled, the global search includes issues as part of the search. |
 | Merge Requests | `global_search_merge_requests_tab` | When enabled, the global search includes merge requests as part of the search. |
+| Users | `global_search_users_tab` | When enabled, the global search includes users as part of the search. |
 | Wiki | `global_search_wiki_tab` | When enabled, the global search includes wiki as part of the search. [Group wikis](../project/wiki/group.md) are not included. |
 
 ## Global Search validation
diff --git a/doc/user/search/index.md b/doc/user/search/index.md
index e4bab8d7e73..de5f469498e 100644
--- a/doc/user/search/index.md
+++ b/doc/user/search/index.md
@@ -41,6 +41,7 @@ in the search field in the upper right corner:
 > - Filtering by iterations was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6.
 > - Filtering by iterations was moved from GitLab Ultimate to GitLab Premium in 13.9.
 > - Filtering by type was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322755) in GitLab 13.10 [with a flag](../../administration/feature_flags.md) named `vue_issues_list`. Disabled by default.
+> - Filtering by type was [enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/322755) in GitLab 14.10.
 > - Filtering by attention request was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/343528) in GitLab 14.10 [with a flag](../../administration/feature_flags.md) named `mr_attention_requests`. Disabled by default.
 
 Follow these steps to filter the **Issues** and **Merge requests** list pages in projects and
@@ -59,12 +60,6 @@ groups:
    - My-reaction
    - Release
    - Type
-
-     FLAG:
-     On self-managed GitLab, by default filtering by type is not available.
-     To make it available per group, ask an administrator to [enable the feature flag](../../administration/feature_flags.md) named `vue_issues_list`.
-     On GitLab.com, this feature is not available.
-
    - Weight
    - Search for this text
 1. Select or type the operator to use for filtering the attribute. The following operators are
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-04-14 18:08:59 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-04-14 18:08:59 +0300
commit	9b762f50fee09b50b97b5ab208a9a62522447c8c (patch)
tree	4dbd16c66f6aeacc1b88c1e3350df09ce4f91183 /doc/user
parent	9769ccf613ec45634ee32efaf1c39763a759a917 (diff)