1 files changed, 73 insertions, 0 deletions

diff --git a/doc/user/project/merge_requests/confidential.md b/doc/user/project/merge_requests/confidential.md
new file mode 100644
index 00000000000..b50c5ee0ea9
--- /dev/null
+++ b/doc/user/project/merge_requests/confidential.md
@@ -0,0 +1,73 @@
+---
+stage: Create
+group: Code Review
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Merge requests for confidential issues
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/58583) in GitLab 12.1.
+
+Merge requests in a public repository are also public, even when the merge
+request is created for a [confidential issue](../issues/confidential_issues.md).
+To avoid leaking confidential information when working on a confidential issue,
+create your merge request from a private fork.
+
+Roles are inherited from parent groups. If you create your private fork in the
+same group or subgroup as the original (public) repository, developers receive
+the same permissions in your fork. This inheritance ensures:
+
+- Developer users have the needed permissions to view confidential issues and resolve them.
+- You do not need grant individual users access to your fork.
+
+The [security practices for confidential merge requests](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#security-releases-critical-non-critical-as-a-developer) at GitLab are available to read.
+
+## Create a confidential merge request
+
+WARNING:
+To create a confidential merge request, you must create a private fork. This fork
+may expose confidential information, if you create your fork in another namespace
+that may have other members.
+
+Branches are public by default. To protect the confidentiality of your work, you
+must create your changes in a private fork.
+
+Prerequisites:
+
+- You have the Owner or Maintainer role in the public repository, as you need one
+  of these roles to [create a subgroup](../../group/subgroups/index.md).
+- You have [forked](../repository/forking_workflow.md) the public repository.
+- Your fork has a **Visibility level** of _Private_.
+
+To create a confidential merge request:
+
+1. Go to the confidential issue's page. Scroll below the issue description and
+   select **Create confidential merge request**.
+1. Select the item that meets your needs:
+   - *To create both a branch and a merge request,* select
+     **Create confidential merge request and branch**. Your merge request will
+     target the default branch of your fork, *not* the default branch of the
+     public upstream project.
+   - *To create only a branch,* select **Create branch**.
+1. Select a **Project** to use. These projects have merge requests enabled, and
+   you have the Developer role (or greater) in them.
+1. Provide a **Branch name**, and select a **Source (branch or tag)**. GitLab
+   checks whether these branches are available in your private fork, because both
+   branches must be available in your selected fork.
+1. Select **Create**.
+
+If you created a branch in your private fork, users with the Developer role in the
+public repository can push code to that branch in your private fork to fix the
+confidential issue.
+
+As your merge request targets your private fork, not the public upstream project,
+your branch, merge request, and commits do not enter the public repository. This
+prevents prematurely revealing confidential information.
+
+To make a confidential commit public, open a merge request from the private fork
+to the public upstream project.
+
+## Related links
+
+- [Confidential issues](../issues/confidential_issues.md)
+- [Security practices for confidential merge requests](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#security-releases-critical-non-critical-as-a-developer) at GitLab