Add latest changes from gitlab-org/gitlab@master

20 files changed, 152 insertions, 72 deletions

diff --git a/doc/administration/index.md b/doc/administration/index.md
index dbe4a351dce..fcfdcfdf6c8 100644
--- a/doc/administration/index.md
+++ b/doc/administration/index.md
@@ -228,3 +228,6 @@ who are aware of the risks.
   - [Repairing and recovering broken Git repositories](https://git.seveas.net/repairing-and-recovering-broken-git-repositories.html)
   - [Testing with OpenSSL](https://www.feistyduck.com/library/openssl-cookbook/online/ch-testing-with-openssl.html)
   - [Strace zine](https://wizardzines.com/zines/strace/)
+- GitLab.com-specific resources:
+  - [Group SAML/SCIM setup](troubleshooting/group_saml_scim.md)
+  
\ No newline at end of file
diff --git a/doc/administration/troubleshooting/group_saml_scim.md b/doc/administration/troubleshooting/group_saml_scim.md
new file mode 100644
index 00000000000..109379f98ca
--- /dev/null
+++ b/doc/administration/troubleshooting/group_saml_scim.md
@@ -0,0 +1,57 @@
+---
+type: reference
+---
+
+# Group SAML and SCIM troubleshooting **(SILVER ONLY)**
+
+These are notes and screenshots regarding Group SAML and SCIM that the GitLab Support Team sometimes uses while troubleshooting, but which do not fit into the official documentation. GitLab is making this public, so that anyone can make use of the Support team’s collected knowledge.
+
+Please refer to GitLab's [Group SAML](../../user/group/saml_sso/index.md) docs for information on the feature and how to set it up.
+
+When troubleshooting a SAML configuration, GitLab team members will frequently start with the [SAML troubleshooting section](../../user/group/saml_sso/index.md#troubleshooting).
+
+They may then set up a test configuration of the desired identity provider. We include example screenshots in this section.
+
+## SAML and SCIM screenshots
+
+This section includes relevant screenshots of the following example configurations of [Group SAML](../../user/group/saml_sso/index.md) and [Group SCIM](../../user/group/saml_sso/scim_setup.md):
+
+- [Azure Active Directory](#azure-active-directory)
+- [OneLogin](#onelogin)
+
+CAUTION: **Caution:**
+These screenshots are updated only as needed by GitLab Support. They are **not** official documentation.
+
+If you are currently having an issue with GitLab, you may want to check your [support options](https://about.gitlab.com/support/).
+
+## Azure Active Directory
+
+Basic SAML app configuration:
+
+![Azure AD basic SAML](img/AzureAD-basic_SAML.png)
+
+User claims and attributes:
+
+![Azure AD user claims](img/AzureAD-claims.png)
+
+SCIM mapping:
+
+![Azure AD SCIM](img/AzureAD-scim_attribute_mapping.png)
+
+## OneLogin
+
+Application details:
+
+![OneLogin application details](img/OneLogin-app_details.png)
+
+Parameters:
+
+![OneLogin application details](img/OneLogin-parameters.png)
+
+Adding a user:
+
+![OneLogin user add](img/OneLogin-userAdd.png)
+
+SSO settings:
+
+![OneLogin SSO settings](img/OneLogin-SSOsettings.png)
diff --git a/doc/administration/troubleshooting/img/AzureAD-basic_SAML.png b/doc/administration/troubleshooting/img/AzureAD-basic_SAML.png
new file mode 100644
index 00000000000..be420b1a3de
--- /dev/null
+++ b/doc/administration/troubleshooting/img/AzureAD-basic_SAML.png
diff --git a/doc/administration/troubleshooting/img/AzureAD-claims.png b/doc/administration/troubleshooting/img/AzureAD-claims.png
new file mode 100644
index 00000000000..ef594390ce0
--- /dev/null
+++ b/doc/administration/troubleshooting/img/AzureAD-claims.png
diff --git a/doc/administration/troubleshooting/img/AzureAD-scim_attribute_mapping.png b/doc/administration/troubleshooting/img/AzureAD-scim_attribute_mapping.png
new file mode 100644
index 00000000000..933d8fb6f36
--- /dev/null
+++ b/doc/administration/troubleshooting/img/AzureAD-scim_attribute_mapping.png
diff --git a/doc/administration/troubleshooting/img/OneLogin-SSOsettings.png b/doc/administration/troubleshooting/img/OneLogin-SSOsettings.png
new file mode 100644
index 00000000000..72737b9a017
--- /dev/null
+++ b/doc/administration/troubleshooting/img/OneLogin-SSOsettings.png
diff --git a/doc/administration/troubleshooting/img/OneLogin-app_details.png b/doc/administration/troubleshooting/img/OneLogin-app_details.png
new file mode 100644
index 00000000000..3e36a001d1b
--- /dev/null
+++ b/doc/administration/troubleshooting/img/OneLogin-app_details.png
diff --git a/doc/administration/troubleshooting/img/OneLogin-encryption.png b/doc/administration/troubleshooting/img/OneLogin-encryption.png
new file mode 100644
index 00000000000..a1b90873a5a
--- /dev/null
+++ b/doc/administration/troubleshooting/img/OneLogin-encryption.png
diff --git a/doc/administration/troubleshooting/img/OneLogin-parameters.png b/doc/administration/troubleshooting/img/OneLogin-parameters.png
new file mode 100644
index 00000000000..c9ff4f8f018
--- /dev/null
+++ b/doc/administration/troubleshooting/img/OneLogin-parameters.png
diff --git a/doc/administration/troubleshooting/img/OneLogin-userAdd.png b/doc/administration/troubleshooting/img/OneLogin-userAdd.png
new file mode 100644
index 00000000000..c7187fe5dd6
--- /dev/null
+++ b/doc/administration/troubleshooting/img/OneLogin-userAdd.png
diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md
index cd6ee05f873..6b1a0e4ffe6 100644
--- a/doc/ci/yaml/README.md
+++ b/doc/ci/yaml/README.md
@@ -172,6 +172,8 @@ job:
   script: "bundle exec rspec"
 ```
 
+[YAML anchors for scripts](#yaml-anchors-for-script) are available.
+
 This parameter can also contain several commands using an array:
 
 ```yaml
@@ -199,25 +201,6 @@ job:
     - if [ $exit_code -ne 0 ]; then echo "Previous command failed"; fi;
 ```
 
-#### YAML anchors for `script`
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/23005) in GitLab 12.5.
-
-You can use [YAML anchors](#anchors) with scripts, which makes it possible to
-include a predefined list of commands in multiple jobs.
-
-For example:
-
-```yaml
-.something: &something
-- echo 'something'
-
-job_name:
-  script:
-    - *something
-    - echo 'this is the script'
-```
-
 ### `image`
 
 Used to specify [a Docker image](../docker/using_docker_images.md#what-is-an-image) to use for the job.
@@ -317,32 +300,7 @@ job:
     - execute this after my script
 ```
 
-#### YAML anchors for `before_script` and `after_script`
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/23005) in GitLab 12.5.
-
-You can use [YAML anchors](#anchors) with `before_script` and `after_script`,
-which makes it possible to include a predefined list of commands in multiple
-jobs.
-
-Example:
-
-```yaml
-.something_before: &something_before
-- echo 'something before'
-
-.something_after: &something_after
-- echo 'something after'
-
-
-job_name:
-  before_script:
-    - *something_before
-  script:
-    - echo 'this is the script'
-  after_script:
-    - *something_after
-```
+[YAML anchors for `before_script` and `after_script`](#yaml-anchors-for-before_script-and-after_script) are available.
 
 ### `stages`
 
@@ -3378,30 +3336,9 @@ you can set in `.gitlab-ci.yml`, there are also the so called
 [Variables](../variables/README.md#gitlab-cicd-environment-variables)
 which can be set in GitLab's UI.
 
-Learn more about [variables and their priority][variables].
-
-#### YAML anchors for variables
-
-[YAML anchors](#anchors) can be used with `variables`, to easily repeat assignment
-of variables across multiple jobs. It can also enable more flexibility when a job
-requires a specific `variables` block that would otherwise override the global variables.
+[YAML anchors for variables](#yaml-anchors-for-variables) are available.
 
-In the example below, we will override the `GIT_STRATEGY` variable without affecting
-the use of the `SAMPLE_VARIABLE` variable:
-
-```yaml
-# global variables
-variables: &global-variables
-  SAMPLE_VARIABLE: sample_variable_value
-
-# a job that needs to set the GIT_STRATEGY variable, yet depend on global variables
-job_no_git_strategy:
-  stage: cleanup
-  variables:
-    <<: *global-variables
-    GIT_STRATEGY: none
-  script: echo $SAMPLE_VARIABLE
-```
+Learn more about [variables and their priority][variables].
 
 #### Git strategy
 
@@ -3880,6 +3817,75 @@ NOTE: **Note:**
 You can't use YAML anchors across multiple files when leveraging the [`include`](#include)
 feature. Anchors are only valid within the file they were defined in.
 
+#### YAML anchors for `before_script` and `after_script`
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/23005) in GitLab 12.5.
+
+You can use [YAML anchors](#anchors) with `before_script` and `after_script`,
+which makes it possible to include a predefined list of commands in multiple
+jobs.
+
+Example:
+
+```yaml
+.something_before: &something_before
+- echo 'something before'
+
+.something_after: &something_after
+- echo 'something after'
+
+
+job_name:
+  before_script:
+    - *something_before
+  script:
+    - echo 'this is the script'
+  after_script:
+    - *something_after
+```
+
+#### YAML anchors for `script`
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/23005) in GitLab 12.5.
+
+You can use [YAML anchors](#anchors) with scripts, which makes it possible to
+include a predefined list of commands in multiple jobs.
+
+For example:
+
+```yaml
+.something: &something
+- echo 'something'
+
+job_name:
+  script:
+    - *something
+    - echo 'this is the script'
+```
+
+#### YAML anchors for variables
+
+[YAML anchors](#anchors) can be used with `variables`, to easily repeat assignment
+of variables across multiple jobs. It can also enable more flexibility when a job
+requires a specific `variables` block that would otherwise override the global variables.
+
+In the example below, we will override the `GIT_STRATEGY` variable without affecting
+the use of the `SAMPLE_VARIABLE` variable:
+
+```yaml
+# global variables
+variables: &global-variables
+  SAMPLE_VARIABLE: sample_variable_value
+
+# a job that needs to set the GIT_STRATEGY variable, yet depend on global variables
+job_no_git_strategy:
+  stage: cleanup
+  variables:
+    <<: *global-variables
+    GIT_STRATEGY: none
+  script: echo $SAMPLE_VARIABLE
+```
+
 ## Triggers
 
 Triggers can be used to force a rebuild of a specific branch, tag or commit,
diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 1c8162a49e7..4268e386425 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -171,6 +171,16 @@ To make full use of Auto DevOps, you will need:
   To get response metrics (in addition to system metrics), you need to
   [configure Prometheus to monitor NGINX](../../user/project/integrations/prometheus_library/nginx_ingress.md#configuring-nginx-ingress-monitoring).
 
+- **cert-manager** (optional, for TLS/HTTPS)
+
+  To enable HTTPS endpoints for your application, you need to install cert-manager,
+  a native Kubernetes certificate management controller that helps with issuing certificates.
+  Installing cert-manager on your cluster will issue a certificate by
+  [Let’s Encrypt](https://letsencrypt.org/) and ensure that certificates are valid and up-to-date.
+  If you have configured GitLab's Kubernetes integration, you can deploy it to
+  your cluster by installing the
+  [GitLab-managed app for cert-manager](../../user/clusters/applications.md#cert-manager).
+  
 If you do not have Kubernetes or Prometheus installed, then Auto Review Apps,
 Auto Deploy, and Auto Monitoring will be silently skipped.
 
diff --git a/doc/user/analytics/cycle_analytics.md b/doc/user/analytics/cycle_analytics.md
index 8d3eaade759..04897f0fc8a 100644
--- a/doc/user/analytics/cycle_analytics.md
+++ b/doc/user/analytics/cycle_analytics.md
@@ -183,7 +183,7 @@ Feature.disable(:cycle_analytics_scatterplot_enabled)
 
 ### Disabling chart median line
 
-This chart median line is enabled by default. If you have a self-managed instance, an
+This chart's median line is enabled by default. If you have a self-managed instance, an
 administrator can open a Rails console and disable it with the following command:
 
 ```ruby
diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md
index e0028e7124d..99749ccf2ae 100644
--- a/doc/user/group/saml_sso/index.md
+++ b/doc/user/group/saml_sso/index.md
@@ -265,6 +265,10 @@ Specific attention should be paid to:
 - The presence of a `X509Certificate`, which we require to verify the response signature.
 - The `SubjectConfirmation` and `Conditions`, which can cause errors if misconfigured.
 
+### Verifying configuration
+
+For convenience, we've included some [example resources](../../../administration/troubleshooting/group_saml_scim.md) used by our Support Team. While they may help you verify the SAML app configuration, they are not guaranteed to reflect the current state of third-party products.
+
 ### Verifying NameID
 
 In troubleshooting the Group SAML setup, any authenticated user can use the API to verify the NameID GitLab already has linked to the user by visiting [https://gitlab.com/api/v4/user](https://gitlab.com/api/v4/user) and checking the `extern_uid` under identities.
diff --git a/doc/user/profile/img/notification_group_settings.png b/doc/user/profile/img/notification_group_settings.png
deleted file mode 100644
index ed5e9459216..00000000000
--- a/doc/user/profile/img/notification_group_settings.png
+++ /dev/null
diff --git a/doc/user/profile/img/notification_group_settings_v12_8.png b/doc/user/profile/img/notification_group_settings_v12_8.png
new file mode 100644
index 00000000000..4aa4c32a260
--- /dev/null
+++ b/doc/user/profile/img/notification_group_settings_v12_8.png
diff --git a/doc/user/profile/img/notification_project_settings.png b/doc/user/profile/img/notification_project_settings.png
deleted file mode 100644
index e2db2037d94..00000000000
--- a/doc/user/profile/img/notification_project_settings.png
+++ /dev/null
diff --git a/doc/user/profile/img/notification_project_settings_v12_8.png b/doc/user/profile/img/notification_project_settings_v12_8.png
new file mode 100644
index 00000000000..9b8837a4ef4
--- /dev/null
+++ b/doc/user/profile/img/notification_project_settings_v12_8.png
diff --git a/doc/user/profile/notifications.md b/doc/user/profile/notifications.md
index 42ed3fb36a2..d3444b9aa13 100644
--- a/doc/user/profile/notifications.md
+++ b/doc/user/profile/notifications.md
@@ -68,7 +68,7 @@ Notification scope is applied in order of precedence (highest to lowest):
 
 You can select a notification level for each project. This can be useful if you need to closely monitor activity in select projects.
 
-![notification settings](img/notification_project_settings.png)
+![notification settings](img/notification_project_settings_v12_8.png)
 
 To select a notification level for a project, use either of these methods:
 
@@ -87,7 +87,7 @@ Or:
 
 You can select a notification level and email address for each group.
 
-![notification settings](img/notification_group_settings.png)
+![notification settings](img/notification_group_settings_v12_8.png)
 
 ##### Group notification level
 
diff --git a/doc/user/project/import/github.md b/doc/user/project/import/github.md
index b8e774c57a1..175110cd535 100644
--- a/doc/user/project/import/github.md
+++ b/doc/user/project/import/github.md
@@ -42,7 +42,7 @@ assignees in the database of the GitLab instance (note that pull requests are ca
 
 For this association to succeed, prior to the import, each GitHub author and assignee in the repository must
 have either previously logged in to a GitLab account using the GitHub icon **or** have a GitHub account with
-a [public email address](https://help.github.com/en/github/setting-up-and-managing-your-github-user-account/setting-your-commit-email-address) that
+a [primary email address](https://help.github.com/en/github/setting-up-and-managing-your-github-user-account/setting-your-commit-email-address) that
 matches their GitLab account's email address.
 
 If a user referenced in the project is not found in GitLab's database, the project creator (typically the user