Add latest changes from gitlab-org/gitlab@master

11 files changed, 75 insertions, 36 deletions

diff --git a/doc/administration/auth/ldap/ldap-troubleshooting.md b/doc/administration/auth/ldap/ldap-troubleshooting.md
index 1e6684751ed..a90c6e6d4b7 100644
--- a/doc/administration/auth/ldap/ldap-troubleshooting.md
+++ b/doc/administration/auth/ldap/ldap-troubleshooting.md
@@ -192,6 +192,22 @@ This shows you which user has this email address. One of two steps must be taken
 The user can do either of these steps [in their
 profile](../../../user/profile/index.md#access-your-user-profile) or an administrator can do it.
 
+#### Projects limit errors
+
+The following errors indicate that a limit or restriction is activated, but an associated data
+field contains no data:
+
+- `Projects limit can't be blank`.
+- `Projects limit is not a number`.
+
+To resolve this:
+
+1. Go to both of the following in the Admin Area (**{admin}**):
+    - **Settings > General > Account and limit**
+    - **Settings > General > Sign-up restrictions**.
+1. Check, for example, the **Default projects limit** or **Allowed domains for sign-ups**
+   fields and ensure that a relevant value is configured.
+
 #### Debug LDAP user filter
 
 [`ldapsearch`](#ldapsearch) allows you to test your configured
diff --git a/doc/administration/raketasks/check.md b/doc/administration/raketasks/check.md
index d5b04cedd4c..7f344a00f72 100644
--- a/doc/administration/raketasks/check.md
+++ b/doc/administration/raketasks/check.md
@@ -34,10 +34,11 @@ exactly which repositories are causing the trouble.
 - Receiving an error when trying to push code - `remote: error: cannot lock ref`
 - A 500 error when viewing the GitLab dashboard or when accessing a specific project.
 
-### Check all GitLab repositories
+### Check project code repositories
 
-This task loops through all repositories on the GitLab server and runs the
-integrity check described previously.
+This task loops through the project code repositories and runs the integrity check
+described previously. If a project uses a pool repository, that will also be checked.
+Other types of Git repositories [are not checked](https://gitlab.com/gitlab-org/gitaly/-/issues/3643).
 
 **Omnibus Installation**
 
diff --git a/doc/api/projects.md b/doc/api/projects.md
index 3e32b6f0aa3..57c6ea9be93 100644
--- a/doc/api/projects.md
+++ b/doc/api/projects.md
@@ -2083,7 +2083,8 @@ the format in `markdown` is used.
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57250) in GitLab 13.11.
 
-GitLab 13.11 added enforcement of the [maximum attachment size limit](../user/admin_area/settings/account_and_limit_settings.md#max-attachment-size) behind the `enforce_max_attachment_size_upload_api` feature flag. GitLab 14.0 will enable this by default.
+GitLab 13.11 added enforcement of the [maximum attachment size limit](../user/admin_area/settings/account_and_limit_settings.md#max-attachment-size) behind the `enforce_max_attachment_size_upload_api` feature flag. GitLab 14.0 enables this by default.
+To disable this enforcement:
 
 **In Omnibus installations:**
 
@@ -2093,10 +2094,10 @@ GitLab 13.11 added enforcement of the [maximum attachment size limit](../user/ad
    sudo gitlab-rails console
    ```
 
-1. Enable the feature flag:
+1. Disable the feature flag:
 
    ```ruby
-   Feature.enable(:enforce_max_attachment_size_upload_api)
+   Feature.disable(:enforce_max_attachment_size_upload_api)
    ```
 
 **In installations from source:**
@@ -2108,10 +2109,10 @@ GitLab 13.11 added enforcement of the [maximum attachment size limit](../user/ad
    sudo -u git -H bundle exec rails console -e production
    ```
 
-1. Enable the feature flag to disable the validation:
+1. Disable the feature flag:
 
    ```ruby
-   Feature.enable(:enforce_max_attachment_size_upload_api)
+   Feature.disable(:enforce_max_attachment_size_upload_api)
    ```
 
 ## Upload a project avatar
diff --git a/doc/api/resource_label_events.md b/doc/api/resource_label_events.md
index 0c1735c0664..5fc7a0a52bd 100644
--- a/doc/api/resource_label_events.md
+++ b/doc/api/resource_label_events.md
@@ -1,12 +1,13 @@
 ---
 stage: Manage
-group: Compilance
+group: Compliance
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---
 
-# Resource label events API
+# Resource label events API **(FREE)**
 
-Resource label events keep track about who, when, and which label was added to, or removed from, an issuable.
+Resource label events keep track about who, when, and which label was added to (or removed from)
+an issue, merge request, or epic.
 
 ## Issues
 
diff --git a/doc/ci/variables/predefined_variables.md b/doc/ci/variables/predefined_variables.md
index f4fd93f8d4a..595f843907c 100644
--- a/doc/ci/variables/predefined_variables.md
+++ b/doc/ci/variables/predefined_variables.md
@@ -52,6 +52,7 @@ There are also [Kubernetes-specific deployment variables](../../user/project/clu
 | `CI_ENVIRONMENT_NAME`                    | 8.15   | all    | The name of the environment for this job. Available if [`environment:name`](../yaml/README.md#environmentname) is set. |
 | `CI_ENVIRONMENT_SLUG`                    | 8.15   | all    | The simplified version of the environment name, suitable for inclusion in DNS, URLs, Kubernetes labels, and so on. Available if [`environment:name`](../yaml/README.md#environmentname) is set. The slug is [truncated to 24 characters](https://gitlab.com/gitlab-org/gitlab/-/issues/20941). |
 | `CI_ENVIRONMENT_URL`                     | 9.3    | all    | The URL of the environment for this job. Available if [`environment:url`](../yaml/README.md#environmenturl) is set. |
+| `CI_ENVIRONMENT_ACTION`                  | 13.11  | all    | The action annotation specified for this job's environment. Available if [`environment:action`](../yaml/README.md#environmentaction) is set. Can be `start`, `prepare`, or `stop`. |
 | `CI_HAS_OPEN_REQUIREMENTS`               | 13.1   | all    | Only available if the pipeline's project has an open [requirement](../../user/project/requirements/index.md). `true` when available. |
 | `CI_JOB_ID`                              | 9.0    | all    | The internal ID of the job, unique across all jobs in the GitLab instance. |
 | `CI_JOB_IMAGE`                           | 12.9   | 12.9   | The name of the Docker image running the job. |
diff --git a/doc/operations/metrics/alerts.md b/doc/operations/metrics/alerts.md
index ae3f9c71fde..d3d5ec0cc8f 100644
--- a/doc/operations/metrics/alerts.md
+++ b/doc/operations/metrics/alerts.md
@@ -39,7 +39,15 @@ To remove the alert, click back on the alert icon for the desired metric, and cl
 
 ### Link runbooks to alerts
 
-> Runbook URLs [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39315) in GitLab 13.3.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39315) in GitLab 13.3.
+> - [Deprecated](https://gitlab.com/groups/gitlab-org/-/epics/5877) in GitLab 13.11.
+> - [Removed](https://gitlab.com/groups/gitlab-org/-/epics/4280) in GitLab 14.0.
+
+WARNING:
+Linking runbooks to alerts through the alerts UI is [deprecated](https://gitlab.com/groups/gitlab-org/-/epics/5877)
+and scheduled for [removal in GitLab 14.0](https://gitlab.com/groups/gitlab-org/-/epics/4280).
+However, you can still add runbooks to your alert payload. They show up in the alert UI when the
+alert is triggered.
 
 When creating alerts from the metrics dashboard for [managed Prometheus instances](#managed-prometheus-instances),
 you can also link a runbook. When the alert triggers, the
diff --git a/doc/security/password_storage.md b/doc/security/password_storage.md
index 260b60a4ad3..7d8ac3bad39 100644
--- a/doc/security/password_storage.md
+++ b/doc/security/password_storage.md
@@ -7,10 +7,19 @@ type: reference
 
 # Password storage **(FREE)**
 
-GitLab stores user passwords in a hashed format, to prevent passwords from being visible.
+GitLab stores user passwords in a hashed format to prevent passwords from being
+stored as plain text.
 
-GitLab uses the [Devise](https://github.com/heartcombo/devise) authentication library, which handles the hashing of user passwords. Password hashes are created with the following attributes:
+GitLab uses the [Devise](https://github.com/heartcombo/devise) authentication
+library to hash user passwords. Created password hashes have these attributes:
 
-- **Hashing**: the [`bcrypt`](https://en.wikipedia.org/wiki/Bcrypt) hashing function is used to generate the hash of the provided password. This is a strong, industry-standard cryptographic hashing function.
-- **Stretching**: Password hashes are [stretched](https://en.wikipedia.org/wiki/Key_stretching) to harden against brute-force attacks. GitLab uses a stretching factor of 10 by default.
-- **Salting**: A [cryptographic salt](https://en.wikipedia.org/wiki/Salt_(cryptography)) is added to each password to harden against pre-computed hash and dictionary attacks. Each salt is randomly generated for each password, so that no two passwords share a salt, to further increase security.
+- **Hashing**: The [`bcrypt`](https://en.wikipedia.org/wiki/Bcrypt) hashing
+  function is used to generate the hash of the provided password. This is a
+  strong, industry-standard cryptographic hashing function.
+- **Stretching**: Password hashes are [stretched](https://en.wikipedia.org/wiki/Key_stretching)
+  to harden against brute-force attacks. By default, GitLab uses a stretching
+  factor of 10.
+- **Salting**: A [cryptographic salt](https://en.wikipedia.org/wiki/Salt_(cryptography))
+  is added to each password to harden against pre-computed hash and dictionary
+  attacks. To increase security, each salt is randomly generated for each
+  password, with no two passwords sharing a salt.
diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md
index fc54e5caea6..1bb772889a6 100644
--- a/doc/user/admin_area/settings/continuous_integration.md
+++ b/doc/user/admin_area/settings/continuous_integration.md
@@ -192,30 +192,32 @@ This feature is being re-evaluated in favor of a different
 We recommend that users who haven't yet implemented this feature wait for
 the new solution.
 
-GitLab administrators can force a pipeline configuration to run on every
-pipeline.
+You can set a [CI/CD template](../../../ci/examples/README.md#cicd-templates)
+as a required pipeline configuration for all projects on a GitLab instance. You can
+use a template from:
 
-The configuration applies to all pipelines for a GitLab instance and is
-sourced from:
+- The default CI/CD templates.
+- A custom template stored in an [instance template repository](instance_template_repository.md).
 
-- The [instance template repository](instance_template_repository.md).
-- GitLab-supplied configuration.
+  NOTE:
+  When you use a configuration defined in an instance template repository,
+  nested [`include:`](../../../ci/yaml/README.md#include) keywords
+  (including `include:file`, `include:local`, `include:remote`, and `include:template`)
+  [do not work](https://gitlab.com/gitlab-org/gitlab/-/issues/35345).
 
-NOTE:
-When you use a configuration defined in an instance template repository,
-nested [`include:`](../../../ci/yaml/README.md#include) keywords
-(including `include:file`, `include:local`, `include:remote`, and `include:template`)
-[do not work](https://gitlab.com/gitlab-org/gitlab/-/issues/35345).
+The project CI/CD configuration merges into the required pipeline configuration when
+a pipeline runs. The merged configuration is the same as if the required pipeline configuration
+added the project configuration with the [`include` keyword](../../../ci/yaml/README.md#include).
+To view a project's full merged configuration, [View the merged YAML](../../../ci/pipeline_editor/index.md#view-expanded-configuration)
+in the pipeline editor.
 
-To set required pipeline configuration:
+To select a CI/CD template for the required pipeline configuration:
 
 1. Go to **Admin Area > Settings > CI/CD**.
 1. Expand the **Required pipeline configuration** section.
-1. Select the required configuration from the provided dropdown.
+1. Select a CI/CD template from the dropdown.
 1. Click **Save changes**.
 
-![Required pipeline](img/admin_required_pipeline.png)
-
 ## Package Registry configuration
 
 ### npm Forwarding **(PREMIUM SELF)**
diff --git a/doc/user/admin_area/settings/img/admin_required_pipeline.png b/doc/user/admin_area/settings/img/admin_required_pipeline.png
deleted file mode 100644
index 501b1e3ba0a..00000000000
--- a/doc/user/admin_area/settings/img/admin_required_pipeline.png
+++ /dev/null
diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md
index b2e26a6e097..4f698ffb4f3 100644
--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@@ -1,6 +1,6 @@
 ---
-stage: secure
-group: secure
+stage: Secure
+group: Static Analysis
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 type: reference, howto
 ---
diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 79b3b2692d2..cf22c24e244 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -68,7 +68,7 @@ The following table lists project permissions available for each role:
 | View requirements **(ULTIMATE)**                  | ✓       | ✓          | ✓           | ✓        | ✓      |
 | View Insights **(ULTIMATE)**                      | ✓       | ✓          | ✓           | ✓        | ✓      |
 | View Issue analytics **(PREMIUM)**                | ✓       | ✓          | ✓           | ✓        | ✓      |
-| View Merge Request analytics **(STARTER)**        | ✓       | ✓          | ✓           | ✓        | ✓      |
+| View Merge Request analytics **(PREMIUM)**        | ✓       | ✓          | ✓           | ✓        | ✓      |
 | View Value Stream analytics                       | ✓       | ✓          | ✓           | ✓        | ✓      |
 | Manage user-starred metrics dashboards (*7*)      | ✓       | ✓          | ✓           | ✓        | ✓      |
 | View confidential issues                          | (*2*)   | ✓          | ✓           | ✓        | ✓      |
@@ -89,7 +89,7 @@ The following table lists project permissions available for each role:
 | See [DORA metrics](analytics/ci_cd_analytics.md)  |         | ✓          | ✓           | ✓        | ✓      |
 | See a list of merge requests                      |         | ✓          | ✓           | ✓        | ✓      |
 | View CI/CD analytics                              |         | ✓          | ✓           | ✓        | ✓      |
-| View Code Review analytics **(STARTER)**          |         | ✓          | ✓           | ✓        | ✓      |
+| View Code Review analytics **(PREMIUM)**          |         | ✓          | ✓           | ✓        | ✓      |
 | View Repository analytics                         |         | ✓          | ✓           | ✓        | ✓      |
 | View Error Tracking list                          |         | ✓          | ✓           | ✓        | ✓      |
 | View metrics dashboard annotations                |         | ✓          | ✓           | ✓        | ✓      |