Add latest changes from gitlab-org/gitlab@master

10 files changed, 73 insertions, 75 deletions

diff --git a/doc/administration/geo/replication/troubleshooting.md b/doc/administration/geo/replication/troubleshooting.md
index e2f88f3dfb8..3c2d43d196a 100644
--- a/doc/administration/geo/replication/troubleshooting.md
+++ b/doc/administration/geo/replication/troubleshooting.md
@@ -503,6 +503,46 @@ This check is also required when using a mixture of GitLab deployments. The loca
 
 ## Fixing PostgreSQL database replication errors
 
+The following sections outline troubleshooting steps for fixing replication error messages (indicated by `Database replication working? ... no` in the
+[`geo:check` output](#health-check-rake-task).
+The instructions present here mostly assume a single-node Geo Linux package deployment, and might need to be adapted to different environments.
+
+### Removing an inactive replication slot
+
+Replication slots are marked as 'inactive' when the replication client (a secondary site) connected to the slot disconnects.
+Inactive replication slots cause WAL files to be retained, because they are sent to the client when it reconnects and the slot becomes active once more.
+If the secondary site is not able to reconnect, use the following steps to remove its corresponding inactive replication slot:
+
+1. [Start a PostgreSQL console session](https://docs.gitlab.com/omnibus/settings/database.html#connecting-to-the-postgresql-database) on the Geo primary site's database node:
+
+   ```shell
+   sudo gitlab-psql -d gitlabhq_production
+   ```
+
+   NOTE:
+   Using `gitlab-rails dbconsole` does not work, because managing replication slots requires superuser permissions.
+
+1. View the replication slots and remove them if they are inactive:
+
+   ```sql
+   SELECT * FROM pg_replication_slots;
+   ```
+
+   Slots where `active` is `f` are inactive.
+
+   - When this slot should be active, because you have a **secondary** site configured using that slot,
+     look for the [PostgreSQL logs](../../logs/index.md#postgresql-logs) for the **secondary** site,
+     to view why the replication is not running.
+   - If you are no longer using the slot (for example, you no longer have Geo enabled), or the secondary site is no longer able to reconnect,
+     you should remove it using the PostgreSQL console session:
+
+     ```sql
+     SELECT pg_drop_replication_slot('<name_of_inactive_slot>');
+     ```
+
+1. Follow either the steps [to remove that Geo site](remove_geo_site.md) if it's no longer required,
+   or [re-initiate the replication process](../setup/database.md#step-3-initiate-the-replication-process), which recreates the replication slot correctly.
+
 ### Message: `WARNING: oldest xmin is far in the past` and `pg_wal` size growing
 
 If a replication slot is inactive,
@@ -517,18 +557,7 @@ HINT: Close open transactions soon to avoid wraparound problems.
 You might also need to commit or roll back old prepared transactions, or drop stale replication slots.
 ```
 
-To fix this:
-
-1. [Connect to the primary database](https://docs.gitlab.com/omnibus/settings/database.html#connecting-to-the-bundled-postgresql-database).
-
-1. Run `SELECT * FROM pg_replication_slots;`.
-   Note the `slot_name` that reports `active` as `f` (false).
-
-1. Follow [the steps to remove that Geo site](remove_geo_site.md).
-
-The following sections outline troubleshooting steps for fixing replication
-error messages (indicated by `Database replication working? ... no` in the
-[`geo:check` output](#health-check-rake-task).
+To fix this, you should [remove the inactive replication slot](#removing-an-inactive-replication-slot) and re-initiate the replication.
 
 ### Message: `ERROR:  replication slots can only be used if max_replication_slots > 0`?
 
@@ -568,35 +597,9 @@ the default 30 minutes. Adjust as required for your installation.
 ### Message: "PANIC: could not write to file `pg_xlog/xlogtemp.123`: No space left on device"
 
 Determine if you have any unused replication slots in the **primary** database. This can cause large amounts of
-log data to build up in `pg_xlog`. Removing the unused slots can reduce the amount of space used in the `pg_xlog`.
-
-1. Start a PostgreSQL console session:
+log data to build up in `pg_xlog`.
 
-   ```shell
-   sudo gitlab-psql
-   ```
-
-   NOTE:
-   Using `gitlab-rails dbconsole` does not work, because managing replication slots requires superuser permissions.
-
-1. View your replication slots:
-
-   ```sql
-   SELECT * FROM pg_replication_slots;
-   ```
-
-Slots where `active` is `f` are not active.
-
-- When this slot should be active, because you have a **secondary** site configured using that slot,
-  sign in on the web interface for the **secondary** site and check the [PostgreSQL logs](../../logs/index.md#postgresql-logs)
-  to view why the replication is not running.
-
-- If you are no longer using the slot (for example, you no longer have Geo enabled), you can remove it with in the
-  PostgreSQL console session:
-
-  ```sql
-  SELECT pg_drop_replication_slot('<name_of_extra_slot>');
-  ```
+[Removing the inactive slots](#removing-an-inactive-replication-slot) can reduce the amount of space used in the `pg_xlog`.
 
 ### Message: "ERROR: canceling statement due to conflict with recovery"
 
diff --git a/doc/administration/job_artifacts.md b/doc/administration/job_artifacts.md
index b3778e89b19..442e9638d86 100644
--- a/doc/administration/job_artifacts.md
+++ b/doc/administration/job_artifacts.md
@@ -284,10 +284,10 @@ If [`artifacts:expire_in`](../ci/yaml/index.md#artifactsexpire_in) is used to se
 an expiry for the artifacts, they are marked for deletion right after that date passes.
 Otherwise, they expire per the [default artifacts expiration setting](../administration/settings/continuous_integration.md).
 
-Artifacts are cleaned up by the `expire_build_artifacts_worker` cron job which Sidekiq
+Artifacts are deleted by the `expire_build_artifacts_worker` cron job which Sidekiq
 runs every 7 minutes (`*/7 * * * *` in [Cron](../topics/cron/index.md) syntax).
 
-To change the default schedule on which the artifacts are expired:
+To change the default schedule on which expired artifacts are deleted:
 
 ::Tabs
 
diff --git a/doc/administration/raketasks/maintenance.md b/doc/administration/raketasks/maintenance.md
index cdb70ca715b..724dcc2046a 100644
--- a/doc/administration/raketasks/maintenance.md
+++ b/doc/administration/raketasks/maintenance.md
@@ -454,3 +454,15 @@ main: == [advisory_lock_connection] object_id: 173580, pg_backend_pid: 5532
 ```
 
 The messages returned are informational and can be ignored.
+
+### PostgreSQL socket errors when executing the `gitlab:env:info` Rake task
+
+After running `sudo gitlab-rake gitlab:env:info` on Gitaly or other non-Rails nodes , you might see the following error:
+
+```plaintext
+PG::ConnectionBad: could not connect to server: No such file or directory
+Is the server running locally and accepting
+connections on Unix domain socket "/var/opt/gitlab/postgresql/.s.PGSQL.5432"?
+```
+
+This is because, in a multi-node environment, the `gitlab:env:info` Rake task should only be executed on the nodes running **GitLab Rails**.
diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md
index 7ab3415f756..6858d8f0b84 100644
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -1425,6 +1425,7 @@ Input type: `AuditEventsStreamingHeadersCreateInput`
 
 | Name | Type | Description |
 | ---- | ---- | ----------- |
+| <a id="mutationauditeventsstreamingheaderscreateactive"></a>`active` | [`Boolean`](#boolean) | Boolean option determining whether header is active or not. |
 | <a id="mutationauditeventsstreamingheaderscreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
 | <a id="mutationauditeventsstreamingheaderscreatedestinationid"></a>`destinationId` | [`AuditEventsExternalAuditEventDestinationID!`](#auditeventsexternalauditeventdestinationid) | Destination to associate header with. |
 | <a id="mutationauditeventsstreamingheaderscreatekey"></a>`key` | [`String!`](#string) | Header key. |
@@ -1486,6 +1487,7 @@ Input type: `AuditEventsStreamingInstanceHeadersCreateInput`
 
 | Name | Type | Description |
 | ---- | ---- | ----------- |
+| <a id="mutationauditeventsstreaminginstanceheaderscreateactive"></a>`active` | [`Boolean`](#boolean) | Boolean option determining whether header is active or not. |
 | <a id="mutationauditeventsstreaminginstanceheaderscreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
 | <a id="mutationauditeventsstreaminginstanceheaderscreatedestinationid"></a>`destinationId` | [`AuditEventsInstanceExternalAuditEventDestinationID!`](#auditeventsinstanceexternalauditeventdestinationid) | Instance level external destination to associate header with. |
 | <a id="mutationauditeventsstreaminginstanceheaderscreatekey"></a>`key` | [`String!`](#string) | Header key. |
@@ -24730,7 +24732,7 @@ Represents the scan result policy.
 | <a id="scanresultpolicydescription"></a>`description` | [`String!`](#string) | Description of the policy. |
 | <a id="scanresultpolicyeditpath"></a>`editPath` | [`String!`](#string) | URL of policy edit page. |
 | <a id="scanresultpolicyenabled"></a>`enabled` | [`Boolean!`](#boolean) | Indicates whether this policy is enabled. |
-| <a id="scanresultpolicygroupapprovers"></a>`groupApprovers` | [`[Group!]`](#group) | Approvers of the group type. |
+| <a id="scanresultpolicygroupapprovers"></a>`groupApprovers` **{warning-solid}** | [`[Group!]`](#group) | **Deprecated** in 16.5. Use `allGroupApprovers`. |
 | <a id="scanresultpolicyname"></a>`name` | [`String!`](#string) | Name of the policy. |
 | <a id="scanresultpolicyroleapprovers"></a>`roleApprovers` | [`[MemberAccessLevelName!]`](#memberaccesslevelname) | Approvers of the role type. Users belonging to these role(s) alone will be approvers. |
 | <a id="scanresultpolicysource"></a>`source` | [`SecurityPolicySource!`](#securitypolicysource) | Source of the policy. Its fields depend on the source type. |
diff --git a/doc/api/integrations.md b/doc/api/integrations.md
index 202513482ef..47ab7ab805c 100644
--- a/doc/api/integrations.md
+++ b/doc/api/integrations.md
@@ -483,6 +483,8 @@ Parameters:
 | `confidential_issue_channel` | string | false | The webhook override to receive notifications for confidential issue events. |
 | `confidential_note_events` | boolean | false | Enable notifications for confidential note events. |
 | `confidential_note_channel` | string | false | The webhook override to receive notifications for confidential note events. |
+| `deployment_events` | boolean | false | Enable notifications for deployment events. |
+| `deployment_channel` | string | false | The webhook override to receive notifications for deployment events. |
 | `issues_events` | boolean | false | Enable notifications for issue events. |
 | `issue_channel` | string | false | The webhook override to receive notifications for issue events. |
 | `merge_requests_events` | boolean | false | Enable notifications for merge request events. |
diff --git a/doc/ci/components/index.md b/doc/ci/components/index.md
index e0379bf783d..aeee871612f 100644
--- a/doc/ci/components/index.md
+++ b/doc/ci/components/index.md
@@ -34,7 +34,8 @@ If a component requires different versioning from other components, the componen
 To create a components repository, you must:
 
 1. [Create a new project](../../user/project/index.md#create-a-blank-project) with a `README.md` file.
-1. Create a `template.yml` file inside the project's root directory that contains the configuration you want to provide as a component.
+1. Create either a single file or a templates directory according to the [directory structure](#directory-structure).
+
    For example:
 
    ```yaml
@@ -106,8 +107,8 @@ For example, the following component could be referenced with `gitlab.com/my-use
 
 #### Component configurations saved in any directory (deprecated)
 
-NOTE:
-Saving component configurations through this directory structure is [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/415855).
+WARNING:
+Saving component configurations through this directory structure is [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/415855) and should be avoided.
 
 Components configurations can be saved through the following directory structure, containing:
 
diff --git a/doc/development/ai_features/index.md b/doc/development/ai_features/index.md
index 723a7716327..4401a7e3fb1 100644
--- a/doc/development/ai_features/index.md
+++ b/doc/development/ai_features/index.md
@@ -61,6 +61,7 @@ Use [this snippet](https://gitlab.com/gitlab-org/gitlab/-/snippets/2554994) for
    Feature.enable(:openai_experimentation)
    ```
 
+1. Ensure you have followed [the process to obtain an EE license](https://about.gitlab.com/handbook/developer-onboarding/#working-on-gitlab-ee-developer-licenses) for your local instance
 1. Simulate the GDK to [simulate SaaS](../ee_features.md#simulate-a-saas-instance) and ensure the group you want to test has an Ultimate license
 1. Enable `Experimental features` and `Third-party AI services`
    1. Go to the group with the Ultimate license
@@ -101,24 +102,18 @@ To populate the embedding database for GitLab chat:
 In order to obtain a GCP service key for local development, please follow the steps below:
 
 - Create a sandbox GCP project by visiting [this page](https://about.gitlab.com/handbook/infrastructure-standards/#individual-environment) and following the instructions, or by requesting access to our existing group GCP project by using [this template](https://gitlab.com/gitlab-com/it/infra/issue-tracker/-/issues/new?issuable_template=gcp_group_account_iam_update_request).
-- Once you have access to an individual or shared GCP project, navigate to
-  the project by visiting
-  [https://gitlabsandbox.cloud](https://gitlabsandbox.cloud) and selecting the
-  project name. On the project page, select `Open GCP Console`
-- In the GCP console, type `IAM & Admin` into the search box. Then go to `IAM & Admin` > `Service Accounts` and select `Create service account`.
-- Name the service account something specific to what you're using it for. Select `Create and Continue`. Under `Grant this service account access to project`, select the role `Vertex AI User`. Select `Continue` then `Done`
-- Select your new service account and `Keys` > `Add Key` > `Create new key`. Use default Key type of `JSON`. This will download the **private** JSON credentials for your service account.
 - If you are using an individual GCP project, you may also need to enable the Vertex AI API:
     1. Go to **APIs & Services > Enabled APIs & services**.
     1. Select **+ Enable APIs and Services**.
     1. Search for `Vertex AI API`.
     1. Select **Vertex AI API**, then select **Enable**.
+- Install the [`gcloud` CLI](https://cloud.google.com/sdk/docs/install)
+- Authenticate locally with GCP using the [`gcloud auth application-default login`](https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login) command.
 - Open the Rails console. Update the settings to:
 
 ```ruby
 # PROJECT_ID = "your-gcp-project-name"
 
-Gitlab::CurrentSettings.update(vertex_ai_credentials: File.read('/YOUR_FILE.json'))
 Gitlab::CurrentSettings.update(vertex_ai_project: PROJECT_ID)
 ```
 
diff --git a/doc/user/project/issues/design_management.md b/doc/user/project/issues/design_management.md
index 0ea49ff387f..0a314bccc8f 100644
--- a/doc/user/project/issues/design_management.md
+++ b/doc/user/project/issues/design_management.md
@@ -190,17 +190,11 @@ To archive multiple designs at once:
 
 ## Markdown and rich text editors for descriptions
 
-<!-- When content_editor_on_issues flag is removed, move version notes
-     to "Add a design to an issue", update that topic, and delete this one. -->
-
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/388449) in GitLab 16.1 [with a flag](../../../administration/feature_flags.md) named `content_editor_on_issues`. Disabled by default.
 > - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/375172) in GitLab 16.2.
+> - Feature flag `content_editor_on_issues` removed in GitLab 16.5.
 
-FLAG:
-On self-managed GitLab, by default the rich text editor is available. To hide it, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `content_editor_on_issues`.
-On GitLab.com, this feature is available.
-
-When this feature is enabled, you can use the Markdown and rich text editor in design descriptions.
+You can use the Markdown and rich text editor in design descriptions.
 It's the same editor you use for comments across GitLab.
 
 ## Reorder designs
diff --git a/doc/user/project/merge_requests/reviews/suggestions.md b/doc/user/project/merge_requests/reviews/suggestions.md
index 2b046399c4e..90a276dc303 100644
--- a/doc/user/project/merge_requests/reviews/suggestions.md
+++ b/doc/user/project/merge_requests/reviews/suggestions.md
@@ -71,10 +71,7 @@ suggestion.
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/388449) in GitLab 16.1 [with a flag](../../../../administration/feature_flags.md) named `content_editor_on_issues`. Disabled by default.
 > - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/375172) in GitLab 16.2.
-
-FLAG:
-On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../../../administration/feature_flags.md) named `content_editor_on_issues`.
-On GitLab.com, this feature is available.
+> - Feature flag `content_editor_on_issues` removed in GitLab 16.5.
 
 When you insert suggestions, you can use the WYSIWYG
 [rich text editor](https://about.gitlab.com/direction/plan/knowledge/content_editor/) to move
diff --git a/doc/user/rich_text_editor.md b/doc/user/rich_text_editor.md
index c60c89eb0de..fe3ac56b79c 100644
--- a/doc/user/rich_text_editor.md
+++ b/doc/user/rich_text_editor.md
@@ -12,15 +12,7 @@ type: index, reference
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/382636) for [discussions](discussions/index.md), and creating and editing issues and merge requests in GitLab 15.11 with the same flag.
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/407507) for epics in GitLab 16.1 with the same flag.
 > - Feature flag `content_editor_on_issues` enabled by default in GitLab 16.2.
-
-FLAG:
-On self-managed GitLab, by default this feature is available. To hide the feature, an administrator
-can [disable the feature flag](../administration/feature_flags.md) named `content_editor_on_issues`.
-On GitLab.com, this feature is available.
-
-The rich text editor is a "what you see is what you get" (WYSIWYG) editor so you can use
-[GitLab Flavored Markdown](markdown.md) in descriptions and comments, even if you can't remember all
-of its syntax.
+> - Feature flag `content_editor_on_issues` removed in GitLab 16.5.
 
 ![Rich text editor in GitLab](img/rich_text_editor_01_v16_2.png)