Add latest changes from gitlab-org/gitlab@master

5 files changed, 40 insertions, 13 deletions

diff --git a/doc/administration/troubleshooting/log_parsing.md b/doc/administration/troubleshooting/log_parsing.md
index c5b1d302db2..d8f21f1676c 100644
--- a/doc/administration/troubleshooting/log_parsing.md
+++ b/doc/administration/troubleshooting/log_parsing.md
@@ -81,7 +81,7 @@ jq 'select(.status >= 500)' <FILE>
 #### Top 10 slowest requests
 
 ```shell
-jq -s 'sort_by(-.duration) | limit(10; .[])' <FILE>
+jq -s 'sort_by(-.duration_s) | limit(10; .[])' <FILE>
 ```
 
 #### Find and pretty print all requests related to a project
@@ -93,7 +93,7 @@ grep <PROJECT_NAME> <FILE> | jq .
 #### Find all requests with a total duration > 5 seconds
 
 ```shell
-jq 'select(.duration > 5000)' <FILE>
+jq 'select(.duration_s > 5000)' <FILE>
 ```
 
 #### Find all project requests with more than 5 rugged calls
@@ -105,13 +105,13 @@ grep <PROJECT_NAME> <FILE> | jq 'select(.rugged_calls > 5)'
 #### Find all requests with a Gitaly duration > 10 seconds
 
 ```shell
-jq 'select(.gitaly_duration > 10000)' <FILE>
+jq 'select(.gitaly_duration_s > 10000)' <FILE>
 ```
 
 #### Find all requests with a queue duration > 10 seconds
 
 ```shell
-jq 'select(.queue_duration > 10000)' <FILE>
+jq 'select(.queue_duration_s > 10000)' <FILE>
 ```
 
 #### Top 10 requests by # of Gitaly calls
@@ -125,7 +125,7 @@ jq -s 'map(select(.gitaly_calls != null)) | sort_by(-.gitaly_calls) | limit(10;
 #### Print the top three controller methods by request volume and their three longest durations
 
 ```shell
-jq -s -r 'group_by(.controller+.action) | sort_by(-length) | limit(3; .[]) | sort_by(-.duration) | "CT: \(length)\tMETHOD: \(.[0].controller)#\(.[0].action)\tDURS: \(.[0].duration),  \(.[1].duration),  \(.[2].duration)"' production_json.log
+jq -s -r 'group_by(.controller+.action) | sort_by(-length) | limit(3; .[]) | sort_by(-.duration_s) | "CT: \(length)\tMETHOD: \(.[0].controller)#\(.[0].action)\tDURS: \(.[0].duration_s),  \(.[1].duration_s),  \(.[2].duration_s)"' production_json.log
 ```
 
 **Example output**
@@ -141,7 +141,7 @@ CT: 1328   METHOD: Projects::NotesController#index DURS: 403.99,  386.29,  384.3
 #### Print top three routes with request count and their three longest durations
 
 ```shell
-jq -s -r 'group_by(.route) | sort_by(-length) | limit(3; .[]) | sort_by(-.duration) | "CT: \(length)\tROUTE: \(.[0].route)\tDURS: \(.[0].duration),  \(.[1].duration),  \(.[2].duration)"' api_json.log
+jq -s -r 'group_by(.route) | sort_by(-length) | limit(3; .[]) | sort_by(-.duration_s) | "CT: \(length)\tROUTE: \(.[0].route)\tDURS: \(.[0].duration_s),  \(.[1].duration_s),  \(.[2].duration_s)"' api_json.log
 ```
 
 **Example output**
diff --git a/doc/api/job_artifacts.md b/doc/api/job_artifacts.md
index 517ffde0046..ee9f1678b18 100644
--- a/doc/api/job_artifacts.md
+++ b/doc/api/job_artifacts.md
@@ -171,6 +171,9 @@ Download a single artifact file for a specific job of the latest successful
 pipeline for the given reference name from inside the job's artifacts archive.
 The file is extracted from the archive and streamed to the client.
 
+The artifact file provides more detail than what is available in the
+[CSV export](../user/application_security/vulnerability_report/index.md#export-vulnerability-details).
+
 In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/201784) and later, artifacts
 for [parent and child pipelines](../ci/pipelines/parent_child_pipelines.md) are searched in hierarchical
 order from parent to child. For example, if both parent and child pipelines have a
diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md
index 8f006f258b6..05418c0e57f 100644
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -13,12 +13,17 @@ The whitepaper ["A Seismic Shift in Application Security"](https://about.gitlab.
 explains how 4 of the top 6 attacks were application based. Download it to learn how to protect your
 organization.
 
-If you're using [GitLab CI/CD](../../../ci/index.md), you can use Static Application Security
-Testing (SAST) to check your source code for known vulnerabilities.
-If the pipeline is associated with a merge request, the SAST analysis is compared with the results of
-the target branch's analysis (if available). The results of that comparison are shown in the merge
-request. If the pipeline is running from the default branch, the results of the SAST
-analysis are available in the [security dashboards](../security_dashboard/index.md).
+If you’re using [GitLab CI/CD](../../../ci/index.md), you can use Static Application Security
+Testing (SAST) to check your source code for known vulnerabilities. You can run SAST analyzers in
+any GitLab tier. The analyzers output JSON-formatted reports as job artifacts.
+
+With GitLab Ultimate, SAST results are also processed so you can:
+
+- See them in merge requests.
+- Use them in approval workflows.
+- Review them in the security dashboard.
+
+For more details, see the [Summary of features per tier](#summary-of-features-per-tier).
 
 ![SAST results shown in the MR widget](img/sast_results_in_mr_v14_0.png)
 
diff --git a/doc/user/application_security/vulnerability_report/index.md b/doc/user/application_security/vulnerability_report/index.md
index a9cef15e3e8..1e390b1a319 100644
--- a/doc/user/application_security/vulnerability_report/index.md
+++ b/doc/user/application_security/vulnerability_report/index.md
@@ -190,13 +190,19 @@ Fields included are:
 - Scanner name
 - Status
 - Vulnerability
-- Details
+- Basic details
 - Additional information
 - Severity
 - [CVE](https://cve.mitre.org/) (Common Vulnerabilities and Exposures)
 - [CWE](https://cwe.mitre.org/) (Common Weakness Enumeration)
 - Other identifiers
 
+NOTE:
+Full details are available through our
+[Job Artifacts API](../../../api/job_artifacts.md#download-a-single-artifact-file-from-specific-tag-or-branch).
+Use one of the `gl-*-report.json` report filenames in place of `*artifact_path`
+to obtain, for example, the path of files in which vulnerabilities were detected.
+
 ### Export details in CSV format
 
 To export details of all vulnerabilities listed in the Vulnerability Report, select **Export**.
diff --git a/doc/user/usage_quotas.md b/doc/user/usage_quotas.md
index 84a2449f481..21aa93d3f8b 100644
--- a/doc/user/usage_quotas.md
+++ b/doc/user/usage_quotas.md
@@ -48,6 +48,19 @@ The following storage usage statistics are available to a maintainer:
 - Total excess storage used: Total amount of storage used that exceeds their allocated storage.
 - Purchased storage available: Total storage that has been purchased but is not yet used.
 
+## Manage your storage usage
+
+You can use several methods to manage and reduce your usage for some storage types. 
+
+For more information, see the following pages:
+
+- [Reduce package registry storage](packages/package_registry/reduce_package_registry_storage.md)
+- [Reduce dependency proxy storage](packages/dependency_proxy/reduce_dependency_proxy_storage.md)
+- [Reduce repository size](project/repository/reducing_the_repo_size_using_git.md)
+- [Reduce container registry storage](packages/container_registry/reduce_container_registry_storage.md)
+- [Reduce container registry data transfers](packages/container_registry/reduce_container_registry_data_transfer.md)
+- [Reduce wiki repository size](../administration/wikis/index.md#reduce-wiki-repository-size)
+
 ## Excess storage usage
 
 Excess storage usage is the amount that a project's repository exceeds the free storage quota. If no