6 files changed, 95 insertions, 8 deletions

diff --git a/app/graphql/types/color_type.rb b/app/graphql/types/color_type.rb
new file mode 100644
index 00000000000..ee5c0c8737b
--- /dev/null
+++ b/app/graphql/types/color_type.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Types
+  class ColorType < BaseScalar
+    graphql_name 'Color'
+    description <<~DESC
+      Color represented as a hex code or named color.
+
+      For example: "#fefefe".
+    DESC
+
+    def self.coerce_input(value, ctx)
+      color = Gitlab::Color.of(value)
+      raise GraphQL::CoercionError, 'Not a color' unless color.valid?
+
+      color
+    rescue ArgumentError => e
+      raise GraphQL::CoercionError, e.message
+    end
+
+    def self.coerce_result(value, ctx)
+      value.to_s
+    end
+  end
+end
diff --git a/doc/administration/auth/ldap/index.md b/doc/administration/auth/ldap/index.md
index a7e070b755a..adc4b7ab80f 100644
--- a/doc/administration/auth/ldap/index.md
+++ b/doc/administration/auth/ldap/index.md
@@ -531,16 +531,19 @@ However, these users can continue to use Git with SSH until the next time the
 To delete the account immediately, you can manually
 [block the user](../../../user/admin_area/moderate_users.md#block-a-user).
 
-## Updating user email addresses
+## Update user email addresses
 
-Email addresses on the LDAP server are considered the source of truth for users when LDAP is used to sign in. Updating user email
-addresses must be done on the LDAP server that manages the user. The email address for GitLab is updated either:
+Email addresses on the LDAP server are considered the source of truth for users when LDAP is used to sign in. 
+
+Updating user email addresses must be done on the LDAP server that manages the user. The email address for GitLab is updated either:
 
 - When the user next signs in.
 - When the next [user sync](ldap_synchronization.md#user-sync) is run.
 
 The updated user's previous email address becomes the secondary email address to preserve that user's commit history.
 
+You can find more details on the expected behavior of user updates in our [LDAP troubleshooting section](ldap-troubleshooting.md#user-dn-orand-email-have-changed).
+
 ## Google Secure LDAP
 
 > Introduced in GitLab 11.9.
diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md
index 7ef9897a170..1a5265d3d8b 100644
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -1372,7 +1372,7 @@ Input type: `CreateEpicInput`
 | ---- | ---- | ----------- |
 | <a id="mutationcreateepicaddlabelids"></a>`addLabelIds` | [`[ID!]`](#id) | IDs of labels to be added to the epic. |
 | <a id="mutationcreateepicclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
-| <a id="mutationcreateepiccolor"></a>`color` | [`String`](#string) | Color of the epic. Available only when feature flag `epic_color_highlight` is enabled. This flag is disabled by default, because the feature is experimental and is subject to change without notice. |
+| <a id="mutationcreateepiccolor"></a>`color` | [`Color`](#color) | Color of the epic. Available only when feature flag `epic_color_highlight` is enabled. This flag is disabled by default, because the feature is experimental and is subject to change without notice. |
 | <a id="mutationcreateepicconfidential"></a>`confidential` | [`Boolean`](#boolean) | Indicates if the epic is confidential. |
 | <a id="mutationcreateepicdescription"></a>`description` | [`String`](#string) | Description of the epic. |
 | <a id="mutationcreateepicduedatefixed"></a>`dueDateFixed` | [`String`](#string) | End date of the epic. |
@@ -4850,7 +4850,7 @@ Input type: `UpdateEpicInput`
 | ---- | ---- | ----------- |
 | <a id="mutationupdateepicaddlabelids"></a>`addLabelIds` | [`[ID!]`](#id) | IDs of labels to be added to the epic. |
 | <a id="mutationupdateepicclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
-| <a id="mutationupdateepiccolor"></a>`color` | [`String`](#string) | Color of the epic. Available only when feature flag `epic_color_highlight` is enabled. This flag is disabled by default, because the feature is experimental and is subject to change without notice. |
+| <a id="mutationupdateepiccolor"></a>`color` | [`Color`](#color) | Color of the epic. Available only when feature flag `epic_color_highlight` is enabled. This flag is disabled by default, because the feature is experimental and is subject to change without notice. |
 | <a id="mutationupdateepicconfidential"></a>`confidential` | [`Boolean`](#boolean) | Indicates if the epic is confidential. |
 | <a id="mutationupdateepicdescription"></a>`description` | [`String`](#string) | Description of the epic. |
 | <a id="mutationupdateepicduedatefixed"></a>`dueDateFixed` | [`String`](#string) | End date of the epic. |
@@ -19422,6 +19422,12 @@ A `ClustersClusterID` is a global ID. It is encoded as a string.
 
 An example `ClustersClusterID` is: `"gid://gitlab/Clusters::Cluster/1"`.
 
+### `Color`
+
+Color represented as a hex code or named color.
+
+For example: "#fefefe".
+
 ### `ComplianceManagementFrameworkID`
 
 A `ComplianceManagementFrameworkID` is a global ID. It is encoded as a string.
diff --git a/lib/tasks/dev.rake b/lib/tasks/dev.rake
index 42b12cd0ae3..08a11100431 100644
--- a/lib/tasks/dev.rake
+++ b/lib/tasks/dev.rake
@@ -58,9 +58,13 @@ namespace :dev do
   namespace :copy_db do
     ALLOWED_DATABASES = %w[ci].freeze
 
+    defined_copy_db_tasks = []
+
     ActiveRecord::Tasks::DatabaseTasks.for_each(databases) do |name|
       next unless ALLOWED_DATABASES.include?(name)
 
+      defined_copy_db_tasks << name
+
       desc "Copies the #{name} database from the main database"
       task name => :environment do
         Rake::Task["dev:terminate_all_connections"].invoke
@@ -72,5 +76,16 @@ namespace :dev do
         warn "Database '#{db_config.database}' already exists"
       end
     end
+
+    ALLOWED_DATABASES.each do |name|
+      next if defined_copy_db_tasks.include?(name)
+
+      # :nocov: we cannot mock ActiveRecord::Tasks::DatabaseTasks in time
+      # Workaround for GDK issue, see
+      # https://gitlab.com/gitlab-org/gitlab-development-kit/-/issues/1464
+      desc "No-op task"
+      task name
+      # :nocov:
+    end
   end
 end
diff --git a/spec/graphql/types/color_type_spec.rb b/spec/graphql/types/color_type_spec.rb
new file mode 100644
index 00000000000..57c26e12b51
--- /dev/null
+++ b/spec/graphql/types/color_type_spec.rb
@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe Types::ColorType do
+  let(:hex) { '#663399' }
+  let(:color_name) { 'rebeccapurple' }
+  let(:color) { ::Gitlab::Color.of(hex) }
+  let(:named_color) { ::Gitlab::Color.of(color_name) }
+
+  specify { expect(described_class.graphql_name).to eq('Color') }
+
+  it 'coerces Color object into hex string' do
+    expect(described_class.coerce_isolated_result(color)).to eq(hex)
+  end
+
+  it 'coerces an hex string into Color object' do
+    expect(described_class.coerce_isolated_input(hex)).to eq(color)
+  end
+
+  it 'coerces an named Color into hex string' do
+    expect(described_class.coerce_isolated_result(named_color)).to eq(hex)
+  end
+
+  it 'coerces an named color into Color object' do
+    expect(described_class.coerce_isolated_input(color_name)).to eq(named_color)
+  end
+
+  it 'rejects invalid input' do
+    expect { described_class.coerce_isolated_input('not valid') }
+      .to raise_error(GraphQL::CoercionError)
+  end
+
+  it 'rejects nil' do
+    expect { described_class.coerce_isolated_input(nil) }
+      .to raise_error(GraphQL::CoercionError)
+  end
+end
diff --git a/spec/tasks/dev_rake_spec.rb b/spec/tasks/dev_rake_spec.rb
index 73b1604aa10..fa093db414f 100644
--- a/spec/tasks/dev_rake_spec.rb
+++ b/spec/tasks/dev_rake_spec.rb
@@ -116,7 +116,7 @@ RSpec.describe 'dev rake tasks' do
           allow(configurations).to receive(:configs_for).with(env_name: Rails.env, name: 'ci').and_return(ci_configuration)
         end
 
-        subject(:load_task) { run_rake_task('dev:setup_ci_db') }
+        subject(:load_task) { run_rake_task('dev:copy_db:ci') }
 
         let(:ci_configuration) { instance_double(ActiveRecord::DatabaseConfigurations::HashConfig, name: 'ci', database: '__test_db_ci') }
 
@@ -128,14 +128,14 @@ RSpec.describe 'dev rake tasks' do
 
           expect(Rake::Task['dev:terminate_all_connections']).to receive(:invoke)
 
-          run_rake_task('dev:copy_db:ci')
+          load_task
         end
 
         context 'when the database already exists' do
           it 'prints out a warning' do
             expect(ApplicationRecord.connection).to receive(:create_database).and_raise(ActiveRecord::DatabaseAlreadyExists)
 
-            expect { run_rake_task('dev:copy_db:ci') }.to output(/Database '#{ci_configuration.database}' already exists/).to_stderr
+            expect { load_task }.to output(/Database '#{ci_configuration.database}' already exists/).to_stderr
           end
         end
       end