Add latest changes from gitlab-org/gitlab@master

16 files changed, 215 insertions, 11 deletions

diff --git a/doc/administration/logs/index.md b/doc/administration/logs/index.md
index 9893c6935a3..eab4c9b7d83 100644
--- a/doc/administration/logs/index.md
+++ b/doc/administration/logs/index.md
@@ -866,6 +866,19 @@ Depending on your installation method, this file is located at:
 - Omnibus GitLab: `/var/log/gitlab/gitlab-rails/database_load_balancing.log`
 - Installations from source: `/home/git/gitlab/log/database_load_balancing.log`
 
+## `zoekt.log` **(PREMIUM SELF)**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110980) in GitLab 15.9.
+
+This file logs information related to the
+[Exact code search](../../user/search/exact_code_search.md) feature which is
+powered by Zoekt.
+
+Depending on your installation method, this file is located at:
+
+- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/zoekt.log`
+- Installations from source: `/home/git/gitlab/log/zoekt.log`
+
 ## `elasticsearch.log` **(PREMIUM SELF)**
 
 > Introduced in GitLab 12.6.
diff --git a/doc/api/api_resources.md b/doc/api/api_resources.md
index 0b39e30885e..b7c1def0ba4 100644
--- a/doc/api/api_resources.md
+++ b/doc/api/api_resources.md
@@ -135,6 +135,7 @@ The following API resources are available in the group context:
 | [Issues](issues.md)                                              | `/groups/:id/issues` (also available for projects and standalone) |
 | [Issues Statistics](issues_statistics.md)                        | `/groups/:id/issues_statistics` (also available for projects and standalone) |
 | [Linked epics](linked_epics.md)                  | `/groups/:id/epics/.../related_epics` |
+| [Member Roles](member_roles.md)                                  | `/groups/:id/member_roles` |
 | [Members](members.md)                                            | `/groups/:id/members` (also available for projects) |
 | [Merge requests](merge_requests.md)                              | `/groups/:id/merge_requests` (also available for projects and standalone) |
 | [Notes](notes.md) (comments)                                     | `/groups/:id/epics/.../notes` (also available for projects) |
diff --git a/doc/api/draft_notes.md b/doc/api/draft_notes.md
index f1749346dc2..e8047d737dd 100644
--- a/doc/api/draft_notes.md
+++ b/doc/api/draft_notes.md
@@ -50,3 +50,46 @@ GET /projects/:id/merge_requests/:merge_request_iid/draft_notes
 curl --header "PRIVATE-TOKEN: <your_access_token>" \
      "https://gitlab.example.com/api/v4/projects/14/merge_requests/11/draft_notes"
 ```
+
+## Get a single draft note
+
+Returns a single draft note for a given merge request.
+
+```plaintext
+GET /projects/:id/merge_requests/:merge_request_iid/draft_notes/:draft_note_id
+```
+
+| Attribute           | Type             | Required   | Description                                                                                                                                         |
+| ------------------- | ---------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `id`                | integer or string   | yes        | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding).
+| `draft_note_id`     | integer             | yes        | The ID of a draft note.
+| `merge_request_iid` | integer             | yes        | The IID of a project merge request.
+
+```json
+{
+  id: 5,
+  author_id: 23,
+  merge_request_id: 11,
+  resolve_discussion: false,
+  discussion_id: nil,
+  note: "Example title",
+  commit_id: nil,
+  line_code: nil,
+  position:
+  {
+    base_sha: nil,
+    start_sha: nil,
+    head_sha: nil,
+    old_path: nil,
+    new_path: nil,
+    position_type: "text",
+    old_line: nil,
+    new_line: nil,
+    line_range: nil
+  }
+}
+```
+
+```shell
+curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/14/merge_requests/11/draft_notes/5"
+```
diff --git a/doc/api/member_roles.md b/doc/api/member_roles.md
new file mode 100644
index 00000000000..693dfb49c82
--- /dev/null
+++ b/doc/api/member_roles.md
@@ -0,0 +1,116 @@
+---
+stage: Manage
+group: Authentication and Authorization
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# Member roles API **(ULTIMATE)**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/96996) in GitLab 15.4. [Deployed behind the `customizable_roles` flag](../administration/feature_flags.md), disabled by default.
+
+## List all member roles of a group
+
+Gets a list of group member roles viewable by the authenticated user.
+
+```plaintext
+GET /groups/:id/member_roles
+```
+
+| Attribute | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `id`      | integer/string | yes | The ID or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
+
+If successful, returns [`200`](rest/index.md#status-codes) and the following response attributes:
+
+| Attribute                | Type     | Description           |
+|:-------------------------|:---------|:----------------------|
+| `[].id`                  | integer | The ID of the member role. |
+| `[].group_id`            | integer | The ID of the group that the member role belongs to. |
+| `[].base_access_level`   | integer | Base access level for member role. |
+| `[].read_code`           | boolean | Permission to read code. |
+
+Example request:
+
+```shell
+curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/:id/member_roles"
+```
+
+Example response:
+
+```json
+[
+  {
+    "id": 2,
+    "group_id": 84,
+    "base_access_level": 10,
+    "read_code": true
+  },
+  {
+    "id": 3,
+    "group_id": 84,
+    "base_access_level": 10,
+    "read_code": false
+  }
+]
+```
+
+## Add a member role to a group
+
+Adds a member role to a group.
+
+```plaintext
+POST /groups/:id/member_roles
+```
+
+| Attribute | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `id`      | integer/string | yes | The ID or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
+| `base_access-level` | integer | yes   | Base access level for configured role. |
+| `read_code` | boolean | no | Permission to read code.  |
+
+If successful, returns [`201`](rest/index.md#status-codes) and the following attributes:
+
+| Attribute                | Type     | Description           |
+|:-------------------------|:---------|:----------------------|
+| `id`                     | integer | The ID of the member role. |
+| `group_id`               | integer | The ID of the group that the member role belongs to. |
+| `base_access_level`      | integer | Base access level for member role. |
+| `read_code`              | boolean | Permission to read code. |
+
+Example request:
+
+```shell
+ curl --request POST --header "Content-Type: application/json" --header "Authorization: Bearer $YOUR_ACCESS_TOKEN" --data '{"base_access_level" : 10, "read_code" : true}' "https://example.gitlab.com/api/v4/groups/:id/member_roles"
+```
+
+Example response:
+
+```json
+{
+  "id": 3,
+  "group_id": 84,
+  "base_access_level": 10,
+  "read_code": true
+}
+```
+
+### Remove member role of a group
+
+Deletes a member role of a group.
+
+```plaintext
+DELETE /groups/:id/member_roles/:member_role_id
+```
+
+| Attribute | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `id`      | integer/string | yes | The ID or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
+| `member_role_id` | integer | yes   | The ID of the member role. |
+
+If successful, returns [`204`](rest/index.md#status-codes) and an empty response.
+
+Example request:
+
+```shell
+curl --request DELETE --header "Content-Type: application/json" --header "Authorization: Bearer $YOUR_ACCESS_TOKEN" "https://example.gitlab.com/api/v4/groups/:group_id/member_roles/:member_role_id"
+```
diff --git a/doc/architecture/blueprints/_template.md b/doc/architecture/blueprints/_template.md
index 11a312b3334..f7dea60e9b7 100644
--- a/doc/architecture/blueprints/_template.md
+++ b/doc/architecture/blueprints/_template.md
@@ -47,13 +47,11 @@ of this file) is [here](/doc/architecture/blueprints/_template.md).
 Blueprint statuses you can use:
 
 - "proposed"
-- "ongoing"
 - "accepted"
+- "ongoing"
 - "implemented"
 - "rejected"
 
-Any other one-word status should be fine, see which ones have colors defined:
-https://gitlab.com/gitlab-org/gitlab-docs/-/blob/main/content/assets/stylesheets/labels.scss#L22
 -->
 
 # {+ Title of Blueprint +}
diff --git a/doc/architecture/blueprints/object_storage/index.md b/doc/architecture/blueprints/object_storage/index.md
index 950a5f13c38..4a8eeaf86a9 100644
--- a/doc/architecture/blueprints/object_storage/index.md
+++ b/doc/architecture/blueprints/object_storage/index.md
@@ -1,5 +1,5 @@
 ---
-status: ready
+status: accepted
 creation-date: "2021-11-18"
 authors: [ "@nolith" ]
 coach: "@glopezfernandez"
diff --git a/doc/architecture/blueprints/rate_limiting/index.md b/doc/architecture/blueprints/rate_limiting/index.md
index 26114fce7f2..b466a54e922 100644
--- a/doc/architecture/blueprints/rate_limiting/index.md
+++ b/doc/architecture/blueprints/rate_limiting/index.md
@@ -1,5 +1,5 @@
 ---
-status: ready
+status: accepted
 creation-date: "2022-09-08"
 authors: [ "@grzesiek", "@marshall007", "@fabiopitino", "@hswimelar" ]
 coach: "@andrewn"
diff --git a/doc/architecture/blueprints/runner_tokens/index.md b/doc/architecture/blueprints/runner_tokens/index.md
index f63e453bfae..f676ac5dc81 100644
--- a/doc/architecture/blueprints/runner_tokens/index.md
+++ b/doc/architecture/blueprints/runner_tokens/index.md
@@ -1,5 +1,5 @@
 ---
-status: ready
+status: ongoing
 creation-date: "2022-10-27"
 authors: [ "@pedropombeiro", "@tmaczukin" ]
 coach: "@ayufan"
diff --git a/doc/development/gitlab_shell/index.md b/doc/development/gitlab_shell/index.md
index 7f2c113fa0c..7097fd48cea 100644
--- a/doc/development/gitlab_shell/index.md
+++ b/doc/development/gitlab_shell/index.md
@@ -21,7 +21,7 @@ Ruby to build and test, but not to run.
 GitLab Shell runs on `port 22` on an Omnibus installation. To use a regular SSH
 service, configure it on an alternative port.
 
-Download and install the current version of Go from [golang.org](https://golang.org/dl/).
+Download and install the current version of Go from [golang.org](https://go.dev/dl/).
 We follow the [Golang Release Policy](https://golang.org/doc/devel/release.html#policy)
 and support:
 
diff --git a/doc/development/secure_coding_guidelines.md b/doc/development/secure_coding_guidelines.md
index 3791cd4861e..876def53b2d 100644
--- a/doc/development/secure_coding_guidelines.md
+++ b/doc/development/secure_coding_guidelines.md
@@ -1270,7 +1270,7 @@ This sensitive data must be handled carefully to avoid leaks which could lead to
   - The [Gitleaks Git hook](https://gitlab.com/gitlab-com/gl-security/security-research/gitleaks-endpoint-installer) is recommended for preventing credentials from being committed.
 - Never log credentials under any circumstance. Issue [#353857](https://gitlab.com/gitlab-org/gitlab/-/issues/353857) is an example of credential leaks through log file.
 - When credentials are required in a CI/CD job, use [masked variables](../ci/variables/index.md#mask-a-cicd-variable) to help prevent accidental exposure in the job logs. Be aware that when [debug logging](../ci/variables/index.md#enable-debug-logging) is enabled, all masked CI/CD variables are visible in job logs. Also consider using [protected variables](../ci/variables/index.md#protect-a-cicd-variable) when possible so that sensitive CI/CD variables are only available to pipelines running on protected branches or protected tags.
-- Proper scanners must be enabled depending on what data those credentials are protecting. See the [Application Security Inventory Policy](https://about.gitlab.com/handbook/security/security-engineering-and-research/application-security/inventory.html#policies) and our [Data Classification Standards](https://about.gitlab.com/handbook/security/data-classification-standard.html#data-classification-standards).
+- Proper scanners must be enabled depending on what data those credentials are protecting. See the [Application Security Inventory Policy](https://about.gitlab.com/handbook/security/security-engineering/application-security/inventory.html#policies) and our [Data Classification Standards](https://about.gitlab.com/handbook/security/data-classification-standard.html#data-classification-standards).
 - To store and/or share credentials between teams, refer to [1Password for Teams](https://about.gitlab.com/handbook/security/#1password-for-teams) and follow [the 1Password Guidelines](https://about.gitlab.com/handbook/security/#1password-guidelines).
 - If you need to share a secret with a team member, use 1Password. Do not share a secret over email, Slack, or other service on the Internet.
 
diff --git a/doc/development/value_stream_analytics.md b/doc/development/value_stream_analytics.md
index 33a6744d5cd..77a32b62e32 100644
--- a/doc/development/value_stream_analytics.md
+++ b/doc/development/value_stream_analytics.md
@@ -261,7 +261,7 @@ considered legacy, which will be phased out at some point.
 
 - Rails Controller (`Analytics::CycleAnalytics` module): Value stream analytics exposes its data via JSON endpoints, implemented within the `analytics` workspace. Configuring the stages are also implements JSON endpoints (CRUD).
 - Services (`Analytics::CycleAnalytics` module): All `Stage` related actions are delegated to respective service objects.
-- Models (`Analytics::CycleAnalytics` module): Models are used to persist the `Stage` objects `ProjectStage` and `Stage`.
+- Models (`Analytics::CycleAnalytics` module): Models are used to persist the `Stage` objects.
 - Feature classes (`Gitlab::Analytics::CycleAnalytics` module):
   - Responsible for composing queries and define feature specific business logic.
   - `DataCollector`, `Event`, `StageEvents`, etc.
diff --git a/doc/operations/metrics/embed_grafana.md b/doc/operations/metrics/embed_grafana.md
index 9b2a381fcf6..7bc88165b95 100644
--- a/doc/operations/metrics/embed_grafana.md
+++ b/doc/operations/metrics/embed_grafana.md
@@ -3,8 +3,13 @@ stage: Monitor
 group: Respond
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
 ---
+<!--- start_remove The following content will be removed on remove_date: '2023-08-22' -->
+# Embed Grafana panels in Markdown (deprecated) **(FREE)**
 
-# Embed Grafana panels in Markdown **(FREE)**
+WARNING:
+This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110290) in GitLab 15.9
+and is planned for removal in 16.0. We intend to replace this feature with the ability to [embed charts](https://gitlab.com/groups/gitlab-org/opstrace/-/epics/33) with the [GitLab Observability UI](https://gitlab.com/gitlab-org/opstrace/opstrace-ui).
+This change is a breaking change.
 
 Grafana panels can be embedded in [GitLab Flavored Markdown](../../user/markdown.md). You can
 embed Grafana panels using either:
@@ -83,3 +88,4 @@ To generate a link to a panel:
 See the following example of a rendered panel.
 
 ![GitLab Rendered Grafana Panel](img/rendered_grafana_embed_v12_5.png)
+<!--- end_remove -->
diff --git a/doc/topics/plan_and_track.md b/doc/topics/plan_and_track.md
index d79a8ad066b..67d5e996837 100644
--- a/doc/topics/plan_and_track.md
+++ b/doc/topics/plan_and_track.md
@@ -54,6 +54,7 @@ Align your work across teams.
 
 Use these day-to-day planning features.
 
+- [Your work sidebar](../topics/your_work.md)
 - [Keyboard shortcuts](../user/shortcuts.md)
 - [Quick actions](../user/project/quick_actions.md)
 - [Markdown](../user/markdown.md)
diff --git a/doc/topics/your_work.md b/doc/topics/your_work.md
new file mode 100644
index 00000000000..862f9ae8430
--- /dev/null
+++ b/doc/topics/your_work.md
@@ -0,0 +1,18 @@
+---
+stage: Manage
+group: Foundations
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# Your work sidebar
+
+- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384342) in GitLab 15.9.
+
+The **Your work** left sidebar provides access to your:
+
+- [Projects](../user/project/working_with_projects.md#view-projects)
+- [Groups](../user/group/index.md)
+- [Issues](../user/project/issues/index.md)
+- [Merge requests](../user/project/merge_requests/index.md)
+- [To-do List](../user/todos.md)
+- [Milestones](../user/project/milestones/index.md)
diff --git a/doc/user/project/issues/crosslinking_issues.md b/doc/user/project/issues/crosslinking_issues.md
index 0b5605bb767..52da1acd32a 100644
--- a/doc/user/project/issues/crosslinking_issues.md
+++ b/doc/user/project/issues/crosslinking_issues.md
@@ -24,6 +24,13 @@ add `#xxx` to the commit message, where `xxx` is the issue number.
 git commit -m "this is my commit message. Ref #xxx"
 ```
 
+Since commit messages cannot usually begin with a `#` character, you may use
+the alternative `GL-xxx` notation as well:
+
+```shell
+git commit -m "GL-xxx: this is my commit message"
+```
+
 If they are in different projects, but in the same group,
 add `projectname#xxx` to the commit message.
 
diff --git a/doc/user/project/repository/vscode.md b/doc/user/project/repository/vscode.md
index 257f98155d8..9260d59bc3a 100644
--- a/doc/user/project/repository/vscode.md
+++ b/doc/user/project/repository/vscode.md
@@ -15,8 +15,9 @@ do more day-to-day tasks in Visual Studio Code, such as:
   from the Visual Studio Code [command palette](https://code.visualstudio.com/docs/getstarted/userinterface#_command-palette).
 - Create and [review](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow#merge-request-reviews)
   merge requests directly from Visual Studio Code.
-- [Validate your GitLab CI configuration](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow#validate-gitlab-ci-configuration).
+- [Validate your GitLab CI/CD configuration](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow#validate-gitlab-cicd-configuration).
 - [View the status of your pipeline](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow#information-about-your-branch-pipelines-mr-closing-issue).
+- [View the output of CI/CD jobs](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow#view-the-job-output).
 - [Create](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow#create-snippet)
   and paste snippets to, and from, your editor.
 - [Browse repositories](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow#browse-a-repository-without-cloning)