Add latest changes from gitlab-org/gitlab@master

9 files changed, 156 insertions, 139 deletions

diff --git a/doc/administration/monitoring/prometheus/index.md b/doc/administration/monitoring/prometheus/index.md
index 013c4515268..3c8b9bf187f 100644
--- a/doc/administration/monitoring/prometheus/index.md
+++ b/doc/administration/monitoring/prometheus/index.md
@@ -190,6 +190,7 @@ To use an external Prometheus server:
    # Rails nodes
    gitlab_exporter['listen_address'] = '0.0.0.0'
    gitlab_exporter['listen_port'] = '9168'
+   registry['debug_addr'] = '0.0.0.0:5001'
 
    # Sidekiq nodes
    sidekiq['listen_address'] = '0.0.0.0'
@@ -205,14 +206,12 @@ To use an external Prometheus server:
       # ...
       prometheus_listen_addr: '0.0.0.0:9236',
    }
+
+   # Pgbouncer nodes
+   pgbouncer_exporter['listen_address'] = '0.0.0.0:9188'
    ```
 
 1. Install and set up a dedicated Prometheus instance, if necessary, using the [official installation instructions](https://prometheus.io/docs/prometheus/latest/installation/).
-1. Add the Prometheus server IP address to the [monitoring IP allowlist](../ip_allowlist.md). For example:
-
-   ```ruby
-   gitlab_rails['monitoring_whitelist'] = ['127.0.0.0/8', '192.168.0.1']
-   ```
 
 1. On **all** GitLab Rails(Puma, Sidekiq) servers, set the Prometheus server IP address and listen port. For example:
 
@@ -232,6 +231,15 @@ To use an external Prometheus server:
    }
    ```
 
+1. To allow the Prometheus server to fetch from the [GitLab metrics](#gitlab-metrics) endpoint, add the Prometheus
+server IP address to the [monitoring IP allowlist](../ip_allowlist.md):
+
+   ```ruby
+   gitlab_rails['monitoring_whitelist'] = ['127.0.0.0/8', '192.168.0.1']
+   ```
+
+1. As we are setting each bundled service's [exporter](#bundled-software-metrics) to listen on a network address,
+update the firewall on the instance to only allow traffic from your Prometheus IP for the exporters enabled. A full reference list of exporter services and their respective ports can be found [here](../../package_information/defaults.md#ports).
 1. [Reconfigure GitLab](../../restart_gitlab.md#omnibus-gitlab-reconfigure) to apply the changes.
 1. Edit the Prometheus server's configuration file.
 1. Add each node's exporters to the Prometheus server's
diff --git a/doc/administration/package_information/defaults.md b/doc/administration/package_information/defaults.md
index 96b56388ea9..ac183afdc2f 100644
--- a/doc/administration/package_information/defaults.md
+++ b/doc/administration/package_information/defaults.md
@@ -53,6 +53,8 @@ by default:
 |        Gitaly        |      Yes      |      Socket      | Port (8075) |                8075 or 9999 (TLS)          |
 |   Gitaly exporter    |      Yes      |       Port       |      X      |                    9236                    |
 |       Praefect       |      No       |       Port       |      X      |                2305 or 3305 (TLS)          |
+| GitLab Workhorse exporter |      Yes      |       Port       |      X      |                     9229                   |
+|  Registry exporter   |      No       |       Port       |      X      |                     5001                   |
 
 Legend:
 
diff --git a/doc/ci/environments/index.md b/doc/ci/environments/index.md
index f4d155369e9..137bc883072 100644
--- a/doc/ci/environments/index.md
+++ b/doc/ci/environments/index.md
@@ -61,6 +61,12 @@ To search environments by name:
      - For example when the name is `review/test-app`, search term `test` matches `review/test-app`.
      - Also searching with the folder name prefixed like `review/test` matches `review/test-app`.
 
+## CI/CD variables
+
+To customize your environments and deployments, you can use any of the
+[predefined CI/CD variables](../../ci/variables/predefined_variables.md),
+and define custom CI/CD variables.
+
 ## Types of environments
 
 An environment is either static or dynamic:
@@ -123,7 +129,8 @@ deploy_staging:
 
 ### Create a dynamic environment
 
-To create a dynamic environment, you use [CI/CD variables](../variables/index.md) that are unique to each pipeline.
+To create a dynamic environment, you use [CI/CD variables](#cicd-variables) that are
+unique to each pipeline.
 
 Prerequisites:
 
@@ -158,6 +165,79 @@ deploy_review_app:
     - main
 ```
 
+#### Set a dynamic environment URL
+
+Some external hosting platforms generate a random URL for each deployment, for example:
+`https://94dd65b.amazonaws.com/qa-lambda-1234567`. That makes it difficult to reference the URL in
+the `.gitlab-ci.yml` file.
+
+To address this problem, you can configure a deployment job to report back a set of
+variables. These variables include the URL that was dynamically generated by the external service.
+GitLab supports the [dotenv (`.env`)](https://github.com/bkeepers/dotenv) file format,
+and expands the `environment:url` value with variables defined in the `.env` file.
+
+To use this feature, specify the
+[`artifacts:reports:dotenv`](../yaml/artifacts_reports.md#artifactsreportsdotenv) keyword in `.gitlab-ci.yml`.
+
+You can also specify a static part of the URL at `environment:url`, such as
+`https://$DYNAMIC_ENVIRONMENT_URL`. If the value of `DYNAMIC_ENVIRONMENT_URL` is `example.com`, the
+final result is `https://example.com`.
+
+The assigned URL for the `review/your-branch-name` environment is visible in the UI.
+
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+For an overview, see [Set dynamic URLs after a job finished](https://youtu.be/70jDXtOf4Ig).
+
+In the following example a review app creates a new environment for each merge request:
+
+- The `review` job is triggered by every push, and creates or updates an environment named
+  `review/your-branch-name`. The environment URL is set to `$DYNAMIC_ENVIRONMENT_URL`.
+- When the `review` job finishes, GitLab updates the `review/your-branch-name` environment's URL.
+  It parses the `deploy.env` report artifact, registers a list of variables as runtime-created,
+  expands the `environment:url: $DYNAMIC_ENVIRONMENT_URL` and sets it to the environment
+  URL.
+
+```yaml
+review:
+  script:
+    - DYNAMIC_ENVIRONMENT_URL=$(deploy-script)                                 # In script, get the environment URL.
+    - echo "DYNAMIC_ENVIRONMENT_URL=$DYNAMIC_ENVIRONMENT_URL" >> deploy.env    # Add the value to a dotenv file.
+  artifacts:
+    reports:
+      dotenv: deploy.env                                                       # Report back dotenv file to rails.
+  environment:
+    name: review/$CI_COMMIT_REF_SLUG
+    url: $DYNAMIC_ENVIRONMENT_URL                                              # and set the variable produced in script to `environment:url`
+    on_stop: stop_review
+
+stop_review:
+  script:
+    - ./teardown-environment
+  when: manual
+  environment:
+    name: review/$CI_COMMIT_REF_SLUG
+    action: stop
+```
+
+Note the following:
+
+- `stop_review` doesn't generate a dotenv report artifact, so it doesn't recognize the
+  `DYNAMIC_ENVIRONMENT_URL` environment variable. Therefore you shouldn't set `environment:url` in the
+  `stop_review` job.
+- If the environment URL isn't valid (for example, the URL is malformed), the system doesn't update
+  the environment URL.
+- If the script that runs in `stop_review` exists only in your repository and therefore can't use
+  `GIT_STRATEGY: none`, configure [merge request pipelines](../../ci/pipelines/merge_request_pipelines.md)
+  for these jobs. This ensures that runners can fetch the repository even after a feature branch is
+  deleted. For more information, see [Ref Specs for Runners](../pipelines/index.md#ref-specs-for-runners).
+
+NOTE:
+For Windows runners, you should use the PowerShell `Add-Content` command to write to `.env` files.
+
+```powershell
+Add-Content -Path deploy.env -Value "DYNAMIC_ENVIRONMENT_URL=$DYNAMIC_ENVIRONMENT_URL"
+```
+
 ### Rename an environment
 
 > - Renaming an environment by using the UI was [removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68550) in GitLab 14.3.
@@ -268,105 +348,6 @@ job page, it's displayed above the job trace:
 Learn how to release production changes to only a portion of your Kubernetes pods with
 [incremental rollouts](../environments/incremental_rollouts.md).
 
-## CI/CD variables for environments and deployments
-
-When you create an environment, you specify the name and URL.
-
-If you want to use the name or URL in another job, you can use:
-
-- `$CI_ENVIRONMENT_NAME`. The name defined in the `.gitlab-ci.yml` file.
-- `$CI_ENVIRONMENT_SLUG`. A "cleaned-up" version of the name, suitable for use in URL and DNS, for example.
-  This variable is guaranteed to be unique.
-- `$CI_ENVIRONMENT_URL`. The environment's URL, which was specified in the
-  `.gitlab-ci.yml` file or automatically assigned.
-
-If you change the name of an existing environment, the:
-
-- `$CI_ENVIRONMENT_NAME` variable is updated with the new environment name.
-- `$CI_ENVIRONMENT_SLUG` variable remains unchanged to prevent unintended side
-  effects.
-
-## Set dynamic environment URLs after a job finishes
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/17066) in GitLab 12.9.
-
-In a job script, you can specify a static environment URL.
-However, there may be times when you want a dynamic URL. For example,
-if you deploy a Review App to an external hosting
-service that generates a random URL per deployment, like `https://94dd65b.amazonaws.com/qa-lambda-1234567`.
-In this case, you don't know the URL before the deployment script finishes.
-If you want to use the environment URL in GitLab, you would have to update it manually.
-
-To address this problem, you can configure a deployment job to report back a set of
-variables. These variables include the URL that was dynamically-generated by the external service.
-GitLab supports the [dotenv (`.env`)](https://github.com/bkeepers/dotenv) file format,
-and expands the `environment:url` value with variables defined in the `.env` file.
-
-To use this feature, specify the
-[`artifacts:reports:dotenv`](../yaml/artifacts_reports.md#artifactsreportsdotenv) keyword in `.gitlab-ci.yml`.
-
-<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
-For an overview, see [Set dynamic URLs after a job finished](https://youtu.be/70jDXtOf4Ig).
-
-### Example of setting dynamic environment URLs
-
-The following example shows a Review App that creates a new environment
-for each merge request. The `review` job is triggered by every push, and
-creates or updates an environment named `review/your-branch-name`.
-The environment URL is set to `$DYNAMIC_ENVIRONMENT_URL`:
-
-```yaml
-review:
-  script:
-    - DYNAMIC_ENVIRONMENT_URL=$(deploy-script)                                 # In script, get the environment URL.
-    - echo "DYNAMIC_ENVIRONMENT_URL=$DYNAMIC_ENVIRONMENT_URL" >> deploy.env    # Add the value to a dotenv file.
-  artifacts:
-    reports:
-      dotenv: deploy.env                                                       # Report back dotenv file to rails.
-  environment:
-    name: review/$CI_COMMIT_REF_SLUG
-    url: $DYNAMIC_ENVIRONMENT_URL                                              # and set the variable produced in script to `environment:url`
-    on_stop: stop_review
-
-stop_review:
-  script:
-    - ./teardown-environment
-  when: manual
-  environment:
-    name: review/$CI_COMMIT_REF_SLUG
-    action: stop
-```
-
-As soon as the `review` job finishes, GitLab updates the `review/your-branch-name`
-environment's URL.
-It parses the `deploy.env` report artifact, registers a list of variables as runtime-created,
-uses it for expanding `environment:url: $DYNAMIC_ENVIRONMENT_URL` and sets it to the environment URL.
-You can also specify a static part of the URL at `environment:url`, such as
-`https://$DYNAMIC_ENVIRONMENT_URL`. If the value of `DYNAMIC_ENVIRONMENT_URL` is
-`example.com`, the final result is `https://example.com`.
-
-The assigned URL for the `review/your-branch-name` environment is visible in the UI.
-
-Note the following:
-
-- `stop_review` doesn't generate a dotenv report artifact, so it doesn't recognize the
-  `DYNAMIC_ENVIRONMENT_URL` environment variable. Therefore you shouldn't set `environment:url` in the
-  `stop_review` job.
-- If the environment URL isn't valid (for example, the URL is malformed), the system doesn't update
-  the environment URL.
-- If the script that runs in `stop_review` exists only in your repository and therefore can't use
-  `GIT_STRATEGY: none`, configure [merge request pipelines](../../ci/pipelines/merge_request_pipelines.md)
-  for these jobs. This ensures that runners can fetch the repository even after a feature branch is
-  deleted. For more information, see [Ref Specs for Runners](../pipelines/index.md#ref-specs-for-runners).
-
-NOTE:
-For Windows runners, using `echo` to write to `.env` files may fail. Using the PowerShell `Add-Content`command
-helps in such cases. For example:
-
-```powershell
-Add-Content -Path deploy.env -Value "DYNAMIC_ENVIRONMENT_URL=$DYNAMIC_ENVIRONMENT_URL"
-```
-
 ## Track newly included merge requests per deployment
 
 GitLab can track newly included merge requests per deployment.
diff --git a/doc/ci/yaml/artifacts_reports.md b/doc/ci/yaml/artifacts_reports.md
index 78c9e98c33f..37cb7efdf94 100644
--- a/doc/ci/yaml/artifacts_reports.md
+++ b/doc/ci/yaml/artifacts_reports.md
@@ -189,7 +189,7 @@ GitLab can display the results of one or more reports in:
 The `dotenv` report collects a set of environment variables as artifacts.
 
 The collected variables are registered as runtime-created variables of the job,
-which you can use to [set dynamic environment URLs after a job finishes](../environments/index.md#set-dynamic-environment-urls-after-a-job-finishes).
+which you can use to [set dynamic environment URLs after a job finishes](../environments/index.md#set-a-dynamic-environment-url).
 
 If duplicate environment variables are present in a `dotenv` report:
 
diff --git a/doc/development/vs_code_debugging.md b/doc/development/vs_code_debugging.md
index 08aa4688bfd..129eddf853b 100644
--- a/doc/development/vs_code_debugging.md
+++ b/doc/development/vs_code_debugging.md
@@ -6,12 +6,13 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # VS Code debugging
 
-This document describes how to set up Rails debugging in [VS Code](https://code.visualstudio.com/).
+This document describes how to set up Rails debugging in [Visual Studio Code (VSCode)](https://code.visualstudio.com/) using the [GitLab Development Kit (GDK)](contributing/first_contribution.md#step-1-configure-the-gitlab-development-kit).
 
 ## Setup
 
 1. Install the `debug` gem by running `gem install debug` inside your `gitlab` folder.
-1. Add the following configuration to your `.vscode/tasks.json` file:
+1. Install the [VSCode Ruby rdbg Debugger](https://marketplace.visualstudio.com/items?itemName=KoichiSasada.vscode-rdbg) extension to add support for the `rdbg` debugger type to VSCode.
+1. In case you want to automatically stop and start GitLab and its associated Ruby Rails server, you may add the following VSCode task to your configuration under the `.vscode/tasks.json` file:
 
     ```json
     {
@@ -20,7 +21,7 @@ This document describes how to set up Rails debugging in [VS Code](https://code.
           {
             "label": "start rdbg",
             "type": "shell",
-            "command": "gdk stop rails-web && GITLAB_RAILS_RACK_TIMEOUT_ENABLE_LOGGING=false PUMA_SINGLE_MODE=true rdbg --open -c -- bin/rails s",
+            "command": "gdk stop rails-web && GITLAB_RAILS_RACK_TIMEOUT_ENABLE_LOGGING=false PUMA_SINGLE_MODE=true rdbg --open -c bin/rails server",
             "isBackground": true,
             "problemMatcher": {
               "owner": "rails",
@@ -42,26 +43,29 @@ This document describes how to set up Rails debugging in [VS Code](https://code.
 
     ```json
     {
-        // Use IntelliSense to learn about possible attributes.
-        // Hover to view descriptions of existing attributes.
-        // For more information, see https://go.microsoft.com/fwlink/?linkid=830387.
         "version": "0.2.0",
         "configurations": [
           {
             "type": "rdbg",
             "name": "Attach with rdbg",
             "request": "attach",
+
+            // remove the following "preLaunchTask" if you do not wish to stop and start
+            // GitLab via VS Code but manually on a separate terminal.
             "preLaunchTask": "start rdbg"
           }
         ]
     }
     ```
 
+WARNING:
+The VSCode Ruby extension might have issues finding the correct Ruby installation and the appropriate `rdbg` command. In this case, add `"rdbgPath": "/home/user/.asdf/shims/` (in the case of asdf) to the launch configuration above.
+
 ## Debugging
 
-Prerequisite:
+### Prerequisites
 
-- You must have a running GDK instance.
+- You must have a running [GDK](contributing/first_contribution.md#step-1-configure-the-gitlab-development-kit) instance.
 
 To start debugging, do one of the following:
 
diff --git a/doc/user/project/merge_requests/widgets.md b/doc/user/project/merge_requests/widgets.md
index 2c87aa4e1dd..639552ca75a 100644
--- a/doc/user/project/merge_requests/widgets.md
+++ b/doc/user/project/merge_requests/widgets.md
@@ -65,7 +65,7 @@ faster to preview proposed modifications.
 
 ## License compliance **(ULTIMATE)**
 
-If you have configured [License Compliance](../../compliance/license_compliance/index.md) for your project, then you can view a list of licenses that are detected for your project's dependencies.
+If you have configured [License Compliance](../../compliance/license_scanning_of_cyclonedx_files/index.md) for your project, then you can view a list of licenses that are detected for your project's dependencies.
 
 ![Merge request pipeline](img/license_compliance_widget_v15_3.png)
 
diff --git a/doc/user/project/protected_branches.md b/doc/user/project/protected_branches.md
index c7c41ee8558..8c2bcb250a9 100644
--- a/doc/user/project/protected_branches.md
+++ b/doc/user/project/protected_branches.md
@@ -81,6 +81,31 @@ Administrators can set a default branch protection level in the
 
 Configure protected branches for all projects in a group, or just for a project.
 
+### For a project
+
+Prerequisites:
+
+- You must have at least the Maintainer role.
+- When granting a group **Allowed to merge** or **Allowed to push and merge** permissions
+  on a protected branch, the group must be added to the project.
+
+To protect a branch:
+
+1. On the top bar, select **Main menu > Projects** and find your project.
+1. On the left sidebar, select **Settings > Repository**.
+1. Expand **Protected branches**.
+1. From the **Branch** dropdown list, select the branch you want to protect.
+1. From the **Allowed to merge** list, select a role that can merge into this branch.
+1. From the **Allowed to push and merge** list, select a role that can push to this branch.
+
+   NOTE:
+   In GitLab Premium and Ultimate, you can also add groups or individual users
+   to **Allowed to merge** and **Allowed to push and merge**.
+
+1. Select **Protect**.
+
+The protected branch displays in the list of protected branches.
+
 ### For all projects in a group **(PREMIUM)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106532) in GitLab 15.9 behind a feature flag, disabled by default.
@@ -108,28 +133,6 @@ To protect a branch for all the projects in a group:
 
 The protected branch is added to the list of protected branches.
 
-### For a project
-
-Prerequisite:
-
-- You must have at least the Maintainer role.
-- When granting a group **Allowed to merge** or **Allowed to push and merge** permissions
-  on a protected branch, the group must be added to the project.
-
-To protect a branch:
-
-1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Settings > Repository**.
-1. Expand **Protected branches**.
-1. From the **Branch** dropdown list, select the branch you want to protect.
-1. From the **Allowed to merge** list, select a role that can merge into this branch.
-   In GitLab Premium and Ultimate, you can also add groups or individual users.
-1. From the **Allowed to push and merge** list, select a role that can push to this branch.
-   In GitLab Premium and Ultimate, you can also add groups or individual users.
-1. Select **Protect**.
-
-The protected branch displays in the list of protected branches.
-
 ## Configure multiple protected branches by using a wildcard
 
 If both a specific rule and a wildcard rule apply to the same branch, the most
diff --git a/doc/user/project/protected_tags.md b/doc/user/project/protected_tags.md
index ac9f990a598..c8a02366e19 100644
--- a/doc/user/project/protected_tags.md
+++ b/doc/user/project/protected_tags.md
@@ -40,7 +40,11 @@ Prerequisites:
    1. Enter the string to use for tag matching. Wildcards (`*`) are supported.
    1. Select **Create wildcard**.
 1. In **Allowed to create** , select roles that may create protected tags.
-   In GitLab Premium and Ultimate, you can also select groups or individual users.
+
+   NOTE:
+   In GitLab Premium and Ultimate, you can also add groups or individual users
+   to **Allowed to create**.
+
 1. Select **Protect**.
 
 The protected tag (or wildcard) displays in the **Protected tags** list.
diff --git a/doc/user/project/repository/code_suggestions.md b/doc/user/project/repository/code_suggestions.md
index c3d29261f07..2c20ebbe08b 100644
--- a/doc/user/project/repository/code_suggestions.md
+++ b/doc/user/project/repository/code_suggestions.md
@@ -64,7 +64,7 @@ Each user can enable Code Suggestions for themselves:
 
 1. On the top bar, in the upper-right corner, select your avatar.
 1. On the left sidebar, select **Preferences**.
-1. In the **Code Suggestions** section, enable the setting.
+1. In the **Code Suggestions** section, select **Enable Code Suggestions**.
 
 NOTE:
 If Code Suggestions is [enabled for the group](../../group/manage.md#group-code-suggestions), the group setting overrides the user setting.
@@ -111,6 +111,21 @@ Start typing and receive suggestions for your GitLab projects.
   <iframe src="https://www.youtube-nocookie.com/embed/WnxBYxN2-p4" frameborder="0" allowfullscreen> </iframe>
 </figure>
 
+## Why can't I see any code suggestions?
+
+If Code Suggestions are not displayed, try the following troubleshooting steps.
+
+In GitLab, ensure Code Suggestions is enabled:
+
+- [For your user account](#enable-code-suggestions-for-an-individual-user).
+- [For *all* top-level groups your account belongs to](../../group/manage.md#group-code-suggestions). If you don't have a role that lets you view the top-level group's settings, contact a group owner.
+
+In VS Code:
+
+- Ensure [your IDE is configured properly](#enable-code-suggestions-in-vs-code).
+
+To confirm that your account is enabled, go to [https://gitlab.com/api/v4/ml/ai-assist](https://gitlab.com/api/v4/ml/ai-assist). A response of `user_is_allowed` should return `true`.
+
 ## Stability and performance
 
 This feature is currently in [Beta](/ee/policy/alpha-beta-support.md#beta).