Add latest changes from gitlab-org/gitlab@master

8 files changed, 142 insertions, 114 deletions

diff --git a/doc/development/fe_guide/widgets.md b/doc/development/fe_guide/widgets.md
index edb8559da48..6cd8e6c091c 100644
--- a/doc/development/fe_guide/widgets.md
+++ b/doc/development/fe_guide/widgets.md
@@ -62,11 +62,11 @@ Because we need different GraphQL queries and mutations for different sidebars,
 
 ```javascript
 export const assigneesQueries = {
-  [IssuableType.Issue]: {
+  [TYPE_ISSUE]: {
     query: getIssueParticipants,
     mutation: updateAssigneesMutation,
   },
-  [IssuableType.MergeRequest]: {
+  [TYPE_MERGE_REQUEST]: {
     query: getMergeRequestParticipants,
     mutation: updateMergeRequestParticipantsMutation,
   },
diff --git a/doc/development/fips_compliance.md b/doc/development/fips_compliance.md
index 1f9abef1f44..04500a7534a 100644
--- a/doc/development/fips_compliance.md
+++ b/doc/development/fips_compliance.md
@@ -274,104 +274,55 @@ all:
     gitlab_charts_custom_config_file: '/path/to/gitlab-environment-toolkit/ansible/environments/gitlab-10k/inventory/charts.yml'
 ```
 
-Now create `charts.yml` in the location specified above and specify tags with a `-fips` suffix. For example:
+Now create `charts.yml` in the location specified above and specify tags with a `-fips` suffix.
 
-```yaml
-global:
-  image:
-    pullPolicy: Always
-  certificates:
-    image:
-      tag: master-fips
-  kubectl:
-    image:
-      tag: master-fips
-
-gitlab:
-  gitaly:
-    image:
-      tag: master-fips
-  gitlab-exporter:
-    image:
-      tag: master-fips
-  gitlab-shell:
-    image:
-      tag: main-fips # The default branch is main, not master
-  gitlab-mailroom:
-    image:
-      tag: master-fips
-  gitlab-pages:
-    image:
-      tag: master-fips
-  migrations:
-    image:
-      tag: master-fips
-  sidekiq:
-    image:
-      tag: master-fips
-  toolbox:
-    image:
-      tag: master-fips
-  webservice:
-    image:
-      tag: master-fips
-    workhorse:
-      tag: master-fips
-
-nginx-ingress:
-  controller:
-    image:
-      repository: registry.gitlab.com/gitlab-org/cloud-native/charts/gitlab-ingress-nginx/controller
-      tag: v1.2.1-fips
-      pullPolicy: Always
-      digest: sha256:c4222b7ab3836b9be2a7649cff4b2e6ead34286dfdf3a7b04eb34fdd3abb0334
-```
-
-The above example shows a FIPS-enabled [`nginx-ingress`](https://github.com/kubernetes/ingress-nginx) image.
-See our [Charts documentation on FIPS](https://docs.gitlab.com/charts/advanced/fips/index.html) for more details.
+See our [Charts documentation on FIPS](https://docs.gitlab.com/charts/advanced/fips/index.html) for more details, including
+an [example values file](https://gitlab.com/gitlab-org/charts/gitlab/blob/master/examples/fips/values.yaml) as a reference.
 
 You can also use release tags, but the versioning is tricky because each
 component may use its own versioning scheme. For example, for GitLab v15.2:
 
 ```yaml
 global:
+  image:
+    tagSuffix: -fips
   certificates:
     image:
-      tag: 20211220-r0-fips
+      tag: 20211220-r0
   kubectl:
     image:
-      tag: 1.18.20-fips
+      tag: 1.18.20
 
 gitlab:
   gitaly:
     image:
-      tag: v15.2.0-fips
+      tag: v15.2.0
   gitlab-exporter:
     image:
-      tag: 11.17.1-fips
+      tag: 11.17.1
   gitlab-shell:
     image:
-      tag: v14.9.0-fips
+      tag: v14.9.0
   gitlab-mailroom:
     image:
-      tag: v15.2.0-fips
+      tag: v15.2.0
   gitlab-pages:
     image:
-      tag: v1.61.0-fips
+      tag: v1.61.0
   migrations:
     image:
-      tag: v15.2.0-fips
+      tag: v15.2.0
   sidekiq:
     image:
-      tag: v15.2.0-fips
+      tag: v15.2.0
   toolbox:
     image:
-      tag: v15.2.0-fips
+      tag: v15.2.0
   webservice:
     image:
-      tag: v15.2.0-fips
+      tag: v15.2.0
     workhorse:
-      tag: v15.2.0-fips
+      tag: v15.2.0
 ```
 
 ## FIPS Performance Benchmarking
diff --git a/doc/integration/jira/configure.md b/doc/integration/jira/configure.md
index dc00deec7a6..3ef4dfac3f4 100644
--- a/doc/integration/jira/configure.md
+++ b/doc/integration/jira/configure.md
@@ -13,10 +13,10 @@ and for self-managed GitLab, at an [instance level](../../user/admin_area/settin
 
 Prerequisites:
 
-- Ensure your GitLab installation does not use a [relative URL](development_panel.md#limitations).
+- Ensure your GitLab installation does not use a [relative URL](https://docs.gitlab.com/omnibus/settings/configuration.html#configure-a-relative-url-for-gitlab).
 - For **Jira Server**, ensure you have a Jira username and password.
   See [authentication in Jira](index.md#authentication-in-jira).
-- For **Jira on Atlassian cloud**, ensure you have an API token
+- For **Jira Cloud**, ensure you have an API token
   and the email address you used to create the token.
   See [authentication in Jira](index.md#authentication-in-jira).
 
diff --git a/doc/integration/jira/development_panel.md b/doc/integration/jira/development_panel.md
index 49f2664893d..e358c66eeee 100644
--- a/doc/integration/jira/development_panel.md
+++ b/doc/integration/jira/development_panel.md
@@ -10,22 +10,24 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 You can view GitLab activity from the Jira development panel.
 
-When you are in GitLab, you refer to a Jira issue by ID. Then
-[the activity](https://support.atlassian.com/jira-software-cloud/docs/view-development-information-for-an-issue/)
-for that issue is displayed in the Jira development panel.
+When you're in GitLab, you can refer to a Jira issue by ID.
+The [activity for that issue](https://support.atlassian.com/jira-software-cloud/docs/view-development-information-for-an-issue/)
+is displayed in the Jira development panel.
 
 In the Jira development panel, you can create a GitLab merge request from a branch.
-You can also create a GitLab branch from a Jira Cloud issue
+You can also create a GitLab branch from a Jira issue in the GitLab for Jira Cloud app
 ([introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/66032) in GitLab 14.2).
 
 ## Connected projects in GitLab
 
-The Jira development panel connects to the Jira instance all GitLab projects in:
+The Jira development panel connects to the entire Jira instance all GitLab projects in:
 
 - A top-level group, including all projects in its subgroups.
 - A personal namespace.
 
-## Where the Jira ID displayed
+These GitLab projects can interact with all Jira projects in that instance.
+
+## Information displayed in the panel
 
 The information displayed in the Jira development panel depends on where you mention the Jira issue ID in GitLab.
 
@@ -44,48 +46,52 @@ Jira Smart Commits are special commands to process a Jira issue. With these comm
 - Log time against a Jira issue.
 - Transition a Jira issue to any status defined in the project workflow.
 
-For more information, see [Using Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html)
-in the Atlassian documentation.
+For more information, see the
+[Atlassian documentation](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html).
 
-## Configure the integration
+## Configure the panel
 
 <i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
-For an overview of how to configure the Jira development panel integration, see
-[Agile Management - GitLab Jira development panel integration](https://www.youtube.com/watch?v=VjVTOmMl85M).
+For an overview, see [Jira development panel integration](https://www.youtube.com/watch?v=VjVTOmMl85M).
+
+### For GitLab.com
 
-To simplify administration, we recommend that a GitLab group maintainer or group owner
-(or, if possible, instance administrator in the case of self-managed GitLab) set up the integration.
+Prerequisite:
 
-| Jira usage | GitLab.com customers need | GitLab self-managed customers need |
-|------------|---------------------------|------------------------------------|
-| [Atlassian cloud](https://www.atlassian.com/migration/assess/why-cloud) | The [GitLab for Jira Cloud app](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview) from the [Atlassian Marketplace](https://marketplace.atlassian.com). This method offers real-time sync between GitLab.com and Jira. The method requires inbound connections for the setup and then pushes data to Jira through outbound connections. For more information, see [GitLab for Jira Cloud app](connect-app.md). | The GitLab for Jira Cloud app [installed manually](connect-app.md#install-the-gitlab-for-jira-cloud-app-manually). By default, you can install the app from the [Atlassian Marketplace](https://marketplace.atlassian.com/). The method requires inbound connections for the setup and then pushes data to Jira through outbound connections. For more information, see [Connect the GitLab for Jira Cloud app for self-managed instances](connect-app.md#connect-the-gitlab-for-jira-cloud-app-for-self-managed-instances). |
-| Your own server | The [Jira DVCS connector](dvcs/index.md). This method syncs data every hour and works only with inbound connections. The method tries to set up webhooks in GitLab to implement real-time data sync, which does not work without outbound connections. | The [Jira DVCS connector](dvcs/index.md). This method syncs data every hour and works only with inbound connections. The method tries to set up webhooks in GitLab to implement real-time data sync, which does not work without outbound connections. |
+- You must have at least the Maintainer role for the group.
 
-Each GitLab project can be configured to connect to an entire Jira instance. That means after
-configuration, one GitLab project can interact with all Jira projects in that instance. For:
+To configure the Jira development panel on GitLab.com:
 
-- The [view Jira issues](issues.md#view-jira-issues) feature, you must associate a GitLab project with a
-  specific Jira project.
-- Other features, you do not have to explicitly associate a GitLab project with any single Jira
-  project.
+- **For [Jira Cloud](https://www.atlassian.com/migration/assess/why-cloud)**:
+  - [From the Atlassian Marketplace, install the GitLab for Jira Cloud app](https://marketplace.atlassian.com/apps/1221011/gitlab-for-jira-cloud?hosting=cloud&tab=overview).
+  - This method syncs data between GitLab.com and Jira in real time.
+  - This method requires inbound connections for the setup and outbound connections to push data to Jira.
+  - For more information, see [GitLab for Jira Cloud app](connect-app.md).
+- **For Jira Server**:
+  - Use the [Jira DVCS connector](dvcs/index.md).
+  - This method syncs data every hour and works only with inbound connections.
+  - This method attempts to set up webhooks in GitLab to sync data in real time, which requires outbound connections.
 
-If you have a single Jira instance, you can pre-fill the settings. For more information, read the
-documentation for [central administration of project integrations](../../user/admin_area/settings/project_integration_management.md).
+### For self-managed GitLab
 
-## Limitations
+Prerequisites:
 
-- This integration is not supported on GitLab instances under a
-[relative URL](https://docs.gitlab.com/omnibus/settings/configuration.html#configure-a-relative-url-for-gitlab)
-(for example, `http://example.com/gitlab`).
-- [Creating a branch](https://gitlab.com/gitlab-org/gitlab/-/issues/2647) is only supported by the GitLab for Jira app and is not available within the DVCS integration. See [officially supported DVCS features](https://confluence.atlassian.com/adminjiraserver/integrating-with-development-tools-938846890.html) for more information.
+- You must have administrator access for the instance.
+- Your GitLab installation must not use a [relative URL](https://docs.gitlab.com/omnibus/settings/configuration.html#configure-a-relative-url-for-gitlab)
+  (for example, `https://example.com/gitlab`).
 
-## Troubleshoot the development panel
+To configure the Jira development panel on self-managed GitLab:
 
-If you use Jira on your own server, go to the [Atlassian documentation](https://confluence.atlassian.com/jirakb/troubleshoot-the-development-panel-in-jira-server-574685212.html)
-for general troubleshooting information.
+- **For [Jira Cloud](https://www.atlassian.com/migration/assess/why-cloud)**:
+  - [Install the GitLab for Jira Cloud app manually](connect-app.md#install-the-gitlab-for-jira-cloud-app-manually).
+  - This method requires inbound connections for the setup and outbound connection to push data to Jira.
+  - For more information, see [Connect the GitLab for Jira Cloud app for self-managed instances](connect-app.md#connect-the-gitlab-for-jira-cloud-app-for-self-managed-instances).
+- **For Jira Server**:
+  - Use the [Jira DVCS connector](dvcs/index.md).
+  - This method syncs data every hour and works only with inbound connections.
+  - This method attempts to set up webhooks in GitLab to sync data in real time, which requires outbound connections.
 
-### Cookies for Oracle's Access Manager
+## Troubleshooting
 
-To support Oracle's Access Manager, GitLab sends additional cookies
-to enable Basic Auth. The cookie being added to each request is `OBBasicAuth` with
-a value of `fromDialog`.
+To troubleshoot the Jira development panel on your own server, see the
+[Atlassian documentation](https://confluence.atlassian.com/jirakb/troubleshoot-the-development-panel-in-jira-server-574685212.html).
diff --git a/doc/integration/jira/index.md b/doc/integration/jira/index.md
index 5e83a69997e..3ec4c7aee87 100644
--- a/doc/integration/jira/index.md
+++ b/doc/integration/jira/index.md
@@ -37,7 +37,7 @@ displays in the [development panel](https://support.atlassian.com/jira-software-
 
 To set up the Jira development panel integration, use the GitLab for Jira Cloud app
 or the Jira DVCS (distributed version control system) connector,
-[depending on your installation](development_panel.md#configure-the-integration).
+[depending on your installation](development_panel.md#configure-the-panel).
 
 ### Direct feature comparison
 
diff --git a/doc/topics/awesome_co.md b/doc/topics/awesome_co.md
index ff3c81a1b90..ffda564cd91 100644
--- a/doc/topics/awesome_co.md
+++ b/doc/topics/awesome_co.md
@@ -141,3 +141,73 @@ create(:project, name: 'Throws Error', namespace: create(:group, name: 'Some Gro
 create(:project, name: 'No longer throws error', owner: @owner, namespace: create(:group, name: 'Some Group'))
 create(:epic, group: create(:group), author: @owner)
 ```
+
+## YAML Factories
+
+### Generator to generate _n_ amount of records
+
+### [Group Labels](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/factories/labels.rb)
+
+```yaml
+group_labels:
+  # Group Label with Name and a Color
+  - name: Group Label 1
+    group_id: <%= @group.id %>
+    color: "#FF0000"
+```
+
+### [Group Milestones](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/factories/milestones.rb)
+
+```yaml
+group_milestones:
+  # Past Milestone
+  - name: Past Milestone
+    group_id: <%= @group.id %>
+    group:
+    start_date: <%= 1.month.ago %>
+    due_date: <%= 1.day.ago %>
+
+  # Ongoing Milestone
+  - name: Ongoing Milestone
+    group_id: <%= @group.id %>
+    group:
+    start_date: <%= 1.day.ago %>
+    due_date: <%= 1.month.from_now %>
+
+  # Future Milestone
+  - name: Ongoing Milestone
+    group_id: <%= @group.id %>
+    group:
+    start_date: <%= 1.month.from_now %>
+    due_date: <%= 2.months.from_now %>
+```
+
+#### Quirks
+
+- You _must_ specify `group:` and have it be empty. This is because the Milestones factory will manipulate the factory in an `after(:build)`. If this is not present, the Milestone will not be associated properly with the Group.
+
+### [Epics](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/spec/factories/epics.rb)
+
+```yaml
+epics:
+  # Simple Epic
+  - title: Simple Epic
+    group_id: <%= @group.id %>
+    author_id: <%= @owner.id %>
+
+  # Epic with detailed Markdown description
+  - title: Detailed Epic
+    group_id: <%= @group.id %>
+    author_id: <%= @owner.id %>
+    description: |
+      # Markdown
+
+      **Description**
+
+  # Epic with dates
+  - title: Epic with dates
+    group_id: <%= @group.id %>
+    author_id: <%= @owner.id %>
+    start_date: <%= 1.day.ago %>
+    due_date: <%= 1.month.from_now %>
+```
diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md
index 3155114d98a..bb4fa7f914c 100644
--- a/doc/user/application_security/secret_detection/index.md
+++ b/doc/user/application_security/secret_detection/index.md
@@ -195,12 +195,13 @@ Pipelines now include a Secret Detection job.
 
 ## Responding to a leaked secret
 
-Secrets detected by the analyzer should be immediately rotated.
-[Purging a file from the repository's history](../../project/repository/reducing_the_repo_size_using_git.md#purge-files-from-repository-history)
-may not be effective in removing all references to the file. Additionally, the secret will remain in any existing
-forks or clones of the repository.
+When a secret is detected, you should rotate it immediately. GitLab attempts to
+[automatically revoke](post_processing.md) some types of leaked secrets. For those that are not
+automatically revoked, you must do so manually.
 
-GitLab will attempt to [automatically revoke](post_processing.md) some types of leaked secrets.
+[Purging a secret from the repository's history](../../project/repository/reducing_the_repo_size_using_git.md#purge-files-from-repository-history)
+does not fully address the leak. The original secret remains in any existing forks or
+clones of the repository.
 
 ## Pinning to specific analyzer version
 
diff --git a/doc/user/group/reporting/git_abuse_rate_limit.md b/doc/user/group/reporting/git_abuse_rate_limit.md
index f8f721b2fad..64a8d6947ef 100644
--- a/doc/user/group/reporting/git_abuse_rate_limit.md
+++ b/doc/user/group/reporting/git_abuse_rate_limit.md
@@ -13,7 +13,7 @@ On self-managed GitLab, by default this feature is not available. To make it ava
 
 This is the group-level documentation. For self-managed instances, see the [administration documentation](../../admin_area/reporting/git_abuse_rate_limit.md).
 
-Git abuse rate limiting is a feature to automatically [ban users](#unban-a-user) who download or clone more than a specified number of repositories of a group in a given time frame. Banned users cannot access the top-level group or any of its non-public subgroups via HTTP or SSH. Access to unrelated groups is unaffected. The rate limit also applies to users who authenticate with a [personal](../../../user/profile/personal_access_tokens.md) or [group access token](../../../user/group/settings/group_access_tokens.md). Access to unrelated groups is unaffected.
+Git abuse rate limiting is a feature to automatically [ban users](#unban-a-user) who download or clone more than a specified number of repositories of a group in a given time frame. Banned users cannot access the top-level group or any of its non-public subgroups via HTTP or SSH. The rate limit also applies to users who authenticate with a [personal](../../../user/profile/personal_access_tokens.md) or [group access token](../../../user/group/settings/group_access_tokens.md). Access to unrelated groups is unaffected.
 
 Git abuse rate limiting does not apply to top-level group owners, [deploy tokens](../../../user/project/deploy_tokens/index.md), or [deploy keys](../../../user/project/deploy_keys/index.md).