Add latest changes from gitlab-org/gitlab@master

6 files changed, 152 insertions, 115 deletions

diff --git a/doc/ci/pipelines/job_artifacts.md b/doc/ci/pipelines/job_artifacts.md
index 0e18b6e8423..d4774016d9c 100644
--- a/doc/ci/pipelines/job_artifacts.md
+++ b/doc/ci/pipelines/job_artifacts.md
@@ -110,7 +110,6 @@ The `dotenv` report collects a set of environment variables as artifacts.
 
 The collected variables are registered as runtime-created variables of the job,
 which is useful to [set dynamic environment URLs after a job finishes](../environments/index.md#set-dynamic-environment-urls-after-a-job-finishes).
-It's not available for download through the web interface.
 
 There are a couple of limitations on top of the [original dotenv rules](https://github.com/motdotla/dotenv#rules).
 
@@ -151,7 +150,7 @@ The `codequality` report collects [CodeQuality issues](../../user/project/merge_
 as artifacts.
 
 The collected Code Quality report will be uploaded to GitLab as an artifact and will
-be summarized in merge requests. It's not available for download through the web interface.
+be summarized in merge requests.
 
 #### `artifacts:reports:sast` **(ULTIMATE)**
 
@@ -163,7 +162,7 @@ as artifacts.
 
 The collected SAST report will be uploaded to GitLab as an artifact and will be summarized
 in the merge requests and pipeline view. It's also used to provide data for security
-dashboards. It's not available for download through the web interface.
+dashboards.
 
 #### `artifacts:reports:dependency_scanning` **(ULTIMATE)**
 
@@ -175,7 +174,7 @@ as artifacts.
 
 The collected Dependency Scanning report will be uploaded to GitLab as an artifact and will
 be summarized in the merge requests and pipeline view. It's also used to provide data for security
-dashboards. It's not available for download through the web interface.
+dashboards.
 
 #### `artifacts:reports:container_scanning` **(ULTIMATE)**
 
@@ -187,7 +186,7 @@ as artifacts.
 
 The collected Container Scanning report will be uploaded to GitLab as an artifact and will
 be summarized in the merge requests and pipeline view. It's also used to provide data for security
-dashboards. It's not available for download through the web interface.
+dashboards.
 
 #### `artifacts:reports:dast` **(ULTIMATE)**
 
@@ -199,7 +198,7 @@ as artifacts.
 
 The collected DAST report will be uploaded to GitLab as an artifact and will
 be summarized in the merge requests and pipeline view. It's also used to provide data for security
-dashboards. It's not available for download through the web interface.
+dashboards.
 
 #### `artifacts:reports:license_management` **(ULTIMATE)**
 
@@ -216,7 +215,7 @@ as artifacts.
 
 The collected License Compliance report will be uploaded to GitLab as an artifact and will
 be summarized in the merge requests and pipeline view. It's also used to provide data for security
-dashboards. It's not available for download through the web interface.
+dashboards.
 
 #### `artifacts:reports:license_scanning` **(ULTIMATE)**
 
@@ -239,7 +238,7 @@ The `performance` report collects [Performance metrics](../../user/project/merge
 as artifacts.
 
 The collected Performance report will be uploaded to GitLab as an artifact and will
-be automatically shown in merge requests. It's not available for download through the web interface.
+be automatically shown in merge requests.
 
 #### `artifacts:reports:metrics` **(PREMIUM)**
 
@@ -249,7 +248,7 @@ The `metrics` report collects [Metrics](../metrics_reports.md)
 as artifacts.
 
 The collected Metrics report will be uploaded to GitLab as an artifact and will
-be automatically shown in merge requests. It's not available for download through the web interface.
+be automatically shown in merge requests.
 
 ## Browsing artifacts
 
@@ -277,16 +276,16 @@ one HTML file that you can view directly online when
 
 ## Downloading artifacts
 
-If you need to download the whole archive, there are buttons in various places
+If you need to download an artifact or the whole archive, there are buttons in various places
 in the GitLab UI to do this:
 
 1. While on the pipelines page, you can see the download icon for each job's
-   artifacts archive in the right corner:
+   artifacts and archive in the right corner:
 
    ![Job artifacts in Pipelines page](img/job_artifacts_pipelines_page.png)
 
 1. While on the **Jobs** page, you can see the download icon for each job's
-   artifacts archive in the right corner:
+   artifacts and archive in the right corner:
 
    ![Job artifacts in Builds page](img/job_artifacts_builds_page.png)
 
diff --git a/doc/development/documentation/index.md b/doc/development/documentation/index.md
index cdfa4b2fe43..ca393fbb63c 100644
--- a/doc/development/documentation/index.md
+++ b/doc/development/documentation/index.md
@@ -550,6 +550,24 @@ You can also
 [configure the text editor of your choice](https://errata-ai.github.io/vale/#local-use-by-a-single-writer)
 to display the results.
 
+Vale's test results are not currently displayed in CI, but may be displayed in the future.
+
+##### Disable a Vale test
+
+You can disable a specific Vale linting rule or all Vale linting rules for any portion of a document:
+
+- To disable a specific rule, add a `<!-- vale gitlab.rulename = NO -->` tag
+  before the text, and a `<!-- vale gitlab.rulename = YES -->` tag after the text,
+  replacing `rulename` with the filename of a test in the [GitLab styles](https://gitlab.com/gitlab-org/gitlab/-/tree/master/doc/.linting/vale/styles/gitlab) directory.
+- To disable all Vale linting rules, add a `<!-- vale off -->` tag before the text,
+  and a `<!-- vale on -->` tag after the text.
+
+Whenever possible, exclude only the problematic rule and line(s).
+In some cases, such as list items, you may need to disable linting for the entire
+list until ["Ignore comments are not honored in a Markdown file"](https://github.com/errata-ai/vale/issues/175) is resolved.
+
+For more information, see [Vale's documentation](https://errata-ai.gitbook.io/vale/getting-started/markup#markup-based-configuration).
+
 ## Danger Bot
 
 GitLab uses [Danger](https://github.com/danger/danger) for some elements in
diff --git a/doc/development/documentation/styleguide.md b/doc/development/documentation/styleguide.md
index 44f3a83bbcb..c75eccd71c1 100644
--- a/doc/development/documentation/styleguide.md
+++ b/doc/development/documentation/styleguide.md
@@ -308,12 +308,14 @@ tenses, words, and phrases:
     appropriate way.
   - Exceptions to this rule include commonly accepted technical terms, such as
     CI/CD and TCP/IP.
-- We discourage use of Latin abbreviations, such as "e.g.," "i.e.," or "etc.,"
+- <!-- vale gitlab.LatinTerms = NO -->
+  We discourage use of Latin abbreviations, such as "e.g.," "i.e.," or "etc.,"
   as even native users of English might misunderstand them.
   - Instead of "i.e.," use "that is."
   - Instead of "e.g.," use "for example," "such as," "for instance," or "like."
   - Instead of "etc.," either use "and so on" or consider editing it out, since
     it can be vague.
+    <!-- vale gitlab.rulename = NO -->
 - Avoid using the word *currently* when talking about the product or its
   features. The documentation describes the product as it is, and not as it
   will be at some indeterminate point in the future.
@@ -379,6 +381,8 @@ tenses, words, and phrases:
 | Requests to localhost are not allowed    | Requests to localhost aren't allowed |
 | Specified URL cannot be used             | Specified URL can't be used          |
 
+<!-- vale on -->
+
 ## Text
 
 - [Write in Markdown](#markdown).
@@ -1308,7 +1312,7 @@ a helpful link back to how the feature was developed.
   ```
 
 NOTE: **Note:**
-Version text must be on its own line and surounded by blank lines to render correctly.
+Version text must be on its own line and surrounded by blank lines to render correctly.
 
 ### Versions in the past or future
 
diff --git a/doc/development/testing_guide/end_to_end/page_objects.md b/doc/development/testing_guide/end_to_end/page_objects.md
index 22e7375be1f..9d4fa5316c4 100644
--- a/doc/development/testing_guide/end_to_end/page_objects.md
+++ b/doc/development/testing_guide/end_to_end/page_objects.md
@@ -238,6 +238,53 @@ the view for code in a library.
 In such rare cases it's reasonable to use CSS selectors in page object methods,
 with a comment explaining why an `element` can't be added.
 
+### Define Page concerns
+
+Some pages share common behaviors, and/or are prepended with EE-specific modules that adds EE-specific methods.
+
+These modules must:
+
+1. Extend from the `QA::Page::PageConcern` module, with `extend QA::Page::PageConcern`.
+1. Override the `self.prepended` method if they need to `include`/`prepend` other modules themselves, and/or define
+  `view` or `elements`.
+1. Call `super` as the first thing in `self.prepended`.
+1. Include/prepend other modules and define their `view`/`elements` in a `base.class_eval` block to ensure they're
+   defined in the class that prepends the module.
+
+These steps ensure the sanity selectors check will detect problems properly.
+
+For example, `qa/qa/ee/page/merge_request/show.rb` adds EE-specific methods to `qa/qa/page/merge_request/show.rb` (with
+`QA::Page::MergeRequest::Show.prepend_if_ee('QA::EE::Page::MergeRequest::Show')`) and following is how it's implemented
+(only showing the relevant part and refering to the 4 steps described above with inline comments):
+
+```ruby
+module QA
+  module EE
+    module Page
+      module MergeRequest
+        module Show
+          extend QA::Page::PageConcern # 1.
+
+          def self.prepended(base) # 2.
+            super # 3.
+
+            base.class_eval do # 4.
+              prepend Page::Component::LicenseManagement
+
+              view 'app/assets/javascripts/vue_merge_request_widget/components/states/sha_mismatch.vue' do
+                element :head_mismatch, "The source branch HEAD has recently changed."
+              end
+
+              [...]
+            end
+          end
+        end
+      end
+    end
+  end
+end
+```
+
 ## Running the test locally
 
 During development, you can run the `qa:selectors` test by running
diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md
index c932f434684..2c980752dc4 100644
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -469,7 +469,12 @@ vulnerabilities in your groups, projects and pipelines. Read more about the
 Once a vulnerability is found, you can interact with it. Read more on how to
 [interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
 
-## Vulnerabilities database update
+## Vulnerabilities database
+
+Vulnerabilities contained within the vulnerability database can be searched
+and viewed at the [GitLab vulnerability advisory database](https://advisories.gitlab.com).
+
+### Vulnerabilities database update
 
 For more information about the vulnerabilities database update, check the
 [maintenance table](../index.md#maintenance-and-update-of-the-vulnerabilities-database).
diff --git a/doc/user/incident_management/index.md b/doc/user/incident_management/index.md
index d8294d35d2a..73d6e0e055d 100644
--- a/doc/user/incident_management/index.md
+++ b/doc/user/incident_management/index.md
@@ -1,5 +1,4 @@
 ---
-description: "GitLab - Incident Management. GitLab offers solutions for handling incidents in your applications and services"
 stage: Monitor
 group: Health
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
@@ -8,141 +7,106 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 # Incident Management
 
 GitLab offers solutions for handling incidents in your applications and services,
-from setting up an alert with Prometheus, to receiving a notification via a
-monitoring tool like Slack, and automatically setting up Zoom calls with your
-support team.
+from setting up an alert with Prometheus, to receiving a notification through a
+monitoring tool like Slack, and [setting up Zoom calls](#zoom-integration-in-issues) with your
+support team. Incidents can display [metrics](#embed-metrics-in-incidents-and-issues)
+and [logs](#view-logs-from-metrics-panel).
 
-## Configuring incidents **(ULTIMATE)**
+## Configure incidents **(ULTIMATE)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/4925) in GitLab Ultimate 11.11.
 
-The Incident Management features can be enabled and disabled via your project's
-**Settings > Operations > Incidents**.
+You can enable or disable Incident Management features in your project's
+**{settings}** **Settings > Operations > Incidents**. Issues can be created for
+each alert triggered, and separate email notifications can be sent to users with
+[Developer permissions](../permissions.md). Appropriately configured alerts include an
+[embedded chart](../project/integrations/prometheus.md#embedding-metrics-based-on-alerts-in-incident-issues)
+for the query corresponding to the alert. You can also configure GitLab to
+[close issues](../project/integrations/prometheus.md#taking-action-on-incidents-ultimate)
+when you receive notification that the alert is resolved.
 
 ![Incident Management Settings](img/incident_management_settings.png)
 
-### Automatically create issues from alerts
+### Create issues from alerts
 
-GitLab issues can automatically be created as a result of an alert notification.
-An issue created this way will contain the error information to help you further
-debug it.
+You can create GitLab issues from an alert notification. These issues contain
+information about the alerts to help you diagnose the source of the alerts.
 
-### Issue templates
-
-You can create your own [issue templates](../project/description_templates.md#creating-issue-templates)
-that can be [used within Incident Management](../project/integrations/prometheus.md#taking-action-on-incidents-ultimate).
-
-To select your issue template for use within Incident Management:
-
-1. Visit your project's **Settings > Operations > Incidents**.
+1. Visit your project's **{settings}** **Settings > Operations > Incidents**.
+1. Select the **Create an issue** checkbox for GitLab to create an issue from
+   the incident.
 1. Select the template from the **Issue Template** dropdown.
+   You can create your own [issue templates](../project/description_templates.md#creating-issue-templates)
+   to [use within Incident Management](../project/integrations/prometheus.md#taking-action-on-incidents-ultimate).
+1. Click **Save changes**.
 
-## Alerting
+## Notify developers of alerts
 
-GitLab can react to the alerts that your applications and services may be
-triggering by automatically creating issues, and alerting developers via email.
+GitLab can react to the alerts triggered from your applications and services
+by creating issues and alerting developers through email. GitLab sends these emails
+to [owners and maintainers](../permissions.md) of the project. They contain details
+of the alert, and a link for more information.
 
-The emails will be sent to [owners and maintainers](../permissions.md) of the project and will contain details on the alert as well as a link to see more information.
+### Configure Prometheus alerts
 
-### Prometheus alerts
+You can set up Prometheus alerts in:
 
-Prometheus alerts can be set up in both:
-
-- [GitLab-managed Prometheus](../project/integrations/prometheus.md#setting-up-alerts-for-prometheus-metrics) and
+- [GitLab-managed Prometheus](../project/integrations/prometheus.md#setting-up-alerts-for-prometheus-metrics) installations.
 - [Self-managed Prometheus](../project/integrations/prometheus.md#external-prometheus-instances) installations.
 
-#### Alert Bot user
-
-Behind the scenes, Prometheus alerts are created by the special Alert Bot user creating issues. This user cannot be removed but does not count toward the license limit count.
-
-### Alert endpoint
+Prometheus alerts are created by the special Alert Bot user. You can't remove this
+user, but it does not count toward your license limit.
 
-GitLab can accept alerts from any source via a generic webhook receiver. When
-you set up the generic alerts integration, a unique endpoint will
-be created which can receive a payload in JSON format.
+### Configure external generic alerts
 
-[Read more on setting this up, including how to customize the payload](../project/integrations/generic_alerts.md).
+GitLab can accept alerts from any source through a generic webhook receiver. When
+[configuring the generic alerts integration](../project/integrations/generic_alerts.md),
+GitLab creates a unique endpoint which receives a JSON-formatted, customizable payload.
 
-### Recovery alerts
+## Embed metrics in incidents and issues
 
-GitLab can [automatically close issues](../project/integrations/prometheus.md#taking-action-on-incidents-ultimate)
-that have been automatically created when you receive notification that the
-alert is resolved.
-
-## Embedded metrics
-
-Metrics can be embedded anywhere where GitLab Markdown is used, for example,
-descriptions and comments on issues and merge requests.
-
-This can be useful for when you're sharing metrics, such as for discussing
-an incident or performance issues, so you can output the dashboard directly
+You can embed metrics anywhere GitLab Markdown is used, such as descriptions,
+comments on issues, and merge requests. Embedding metrics helps you share them
+when discussing incidents or performance issues. You can output the dashboard directly
 into any issue, merge request, epic, or any other Markdown text field in GitLab
-by simply [copying and pasting the link to the metrics dashboard](../project/integrations/prometheus.md#embedding-gitlab-managed-kubernetes-metrics).
+by [copying and pasting the link to the metrics dashboard](../project/integrations/prometheus.md#embedding-gitlab-managed-kubernetes-metrics).
 
-TIP: **Tip:**
-Both GitLab-hosted and Grafana metrics can also be
-[embedded in issue templates](../project/integrations/prometheus.md#embedding-metrics-in-issue-templates).
+You can embed both
+[GitLab-hosted metrics](../project/integrations/prometheus.md#embedding-metric-charts-within-gitlab-flavored-markdown) and
+[Grafana metrics](../project/integrations/prometheus.md#embedding-grafana-charts)
+in incidents and issue templates.
 
-### GitLab-hosted metrics
-
-Learn how to embed [GitLab hosted metric charts](../project/integrations/prometheus.md#embedding-metric-charts-within-gitlab-flavored-markdown).
-
-#### Context menu
+### Context menu
 
 From each of the embedded metrics panels, you can access more details
-about the data you are viewing from a context menu.
-
-You can access the context menu by clicking the **{ellipsis_v}** **More actions**
-dropdown box above the upper right corner of the panel:
+about the data you're viewing from a context menu. You can access the context menu
+by clicking the **{ellipsis_v}** **More actions** dropdown box above the
+upper right corner of the panel. The options are:
 
-The options are:
+- [View logs](#view-logs-from-metrics-panel).
+- **Download CSV** - Data from embedded charts can be
+  [downloaded as CSV](../project/integrations/prometheus.md#downloading-data-as-csv).
 
-- [View logs](#view-logs)
-- [Download CSV](#download-csv)
-
-##### View logs
+#### View logs from metrics panel
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/201846) in GitLab Ultimate 12.8.
 > - [Moved](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25455) to [GitLab Core](https://about.gitlab.com/pricing/) 12.9.
 
-This can be useful if you are triaging an application incident and need to
-[explore logs](../project/integrations/prometheus.md#view-logs-ultimate)
-from across your application. It also helps you to understand
-what is affecting your application's performance and quickly resolve any problems.
-
-##### Download CSV
-
-Data from embedded charts can be [downloaded as CSV](../project/integrations/prometheus.md#downloading-data-as-csv).
-
-### Grafana metrics
-
-Learn how to embed [Grafana hosted metric charts](../project/integrations/prometheus.md#embedding-grafana-charts).
+Viewing logs from a metrics panel can be useful if you're triaging an application
+incident and need to [explore logs](../project/integrations/prometheus.md#view-logs-ultimate)
+from across your application. These logs help you understand what is affecting
+your application's performance and resolve any problems.
 
 ## Slack integration
 
-Slack slash commands allow you to control GitLab and view content right inside
-Slack, without having to leave it.
+Slack slash commands allow you to control GitLab and view GitLab content without leaving Slack.
 
 Learn how to [set up Slack slash commands](../project/integrations/slack_slash_commands.md)
-and how to [use them](../../integration/slash_commands.md).
-
-### Slash commands
-
-Please refer to a list of [available slash commands](../../integration/slash_commands.md) and associated descriptions.
-
-## Zoom in issues
-
-In order to communicate synchronously for incidents management, GitLab allows you to
-associate a Zoom meeting with an issue. Once you start a Zoom call for a fire-fight,
-you need a way to associate the conference call with an issue, so that your team
-members can join swiftly without requesting a link.
-
-Read more how to [add or remove a zoom meeting](../project/issues/associate_zoom_meeting.md).
-
-### Configuring Incidents
-
-Incident Management features can be easily enabled & disabled via the Project settings page. Head to Project -> Settings -> Operations -> Incidents.
+and how to [use the available slash commands](../../integration/slash_commands.md).
 
-#### Auto-creation
+## Zoom integration in issues
 
-You can automatically create GitLab issues from an Alert notification. Issues created this way contain error information to help you debug the error. Appropriately configured alerts include an [embedded chart](../project/integrations/prometheus.md#embedding-metrics-based-on-alerts-in-incident-issues) for the query corresponding to the alert.
+GitLab enables you to [associate a Zoom meeting with an issue](../project/issues/associate_zoom_meeting.md)
+for synchronous communication during incident management. After starting a Zoom
+call for an incident, you can associate the conference call with an issue, so your
+team members can join without requesting a link.