Automatic merge of gitlab-org/gitlab master

.gitlab/issue_templates/Geo Replicate a new Git repository type.md

@@ -24,7 +24,7 @@ This issue is for implementing Geo replication and verification of Cool Widgets.
 
 For more background, see [Geo self-service framework](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/geo/framework.md).
 
-In order to implement and test this feature, you need to first [set up Geo locally](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/geo.md).
+In order to implement and test this feature, you need to first [set up Geo locally](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/geo.md).
 
 There are three main sections below. It is a good idea to structure your merge requests this way as well:
 

.gitlab/issue_templates/Geo Replicate a new blob type.md

@@ -24,7 +24,7 @@ This issue is for implementing Geo replication and verification of Cool Widgets.
 
 For more background, see [Geo self-service framework](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/geo/framework.md).
 
-In order to implement and test this feature, you need to first [set up Geo locally](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/geo.md).
+In order to implement and test this feature, you need to first [set up Geo locally](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/geo.md).
 
 There are three main sections below. It is a good idea to structure your merge requests this way as well:
 

app/controllers/concerns/renders_commits.rb

@@ -23,6 +23,7 @@ module RendersCommits
 
   def prepare_commits_for_rendering(commits)
     commits.each(&:lazy_author) # preload commits' authors
+    commits.each(&:lazy_latest_pipeline)
 
     Banzai::CommitRenderer.render(commits, @project, current_user) # rubocop:disable Gitlab/ModuleWithInstanceVariables
 

app/models/ci/commit_with_pipeline.rb

@@ -18,9 +18,25 @@ class Ci::CommitWithPipeline < SimpleDelegator
     end
   end
 
+  def lazy_latest_pipeline
+    BatchLoader.for(sha).batch do |shas, loader|
+      preload_pipelines = project.ci_pipelines.latest_pipeline_per_commit(shas.compact)
+
+      shas.each do |sha|
+        pipeline = preload_pipelines[sha]
+
+        loader.call(sha, pipeline)
+      end
+    end
+  end
+
   def latest_pipeline(ref = nil)
     @latest_pipelines.fetch(ref) do |ref|
-      @latest_pipelines[ref] = latest_pipeline_for_project(ref, project)
+      @latest_pipelines[ref] = if ref
+                                 latest_pipeline_for_project(ref, project)
+                               else
+                                 lazy_latest_pipeline&.itself
+                               end
     end
   end
 

app/models/commit.rb

@@ -142,6 +142,7 @@ class Commit
   delegate \
     :pipelines,
     :last_pipeline,
+    :lazy_latest_pipeline,
     :latest_pipeline,
     :latest_pipeline_for_project,
     :set_latest_pipeline_for_ref,

changelogs/unreleased/227383-fix-commits-search-n-plus-1.yml

+---
+title: Fix N+1 for commits with pipelines
+merge_request: 59234
+author:
+type: performance

db/fixtures/development/26_container_images.rb

@@ -57,7 +57,7 @@ Gitlab::Seeder.quiet do
       seeder.seed!
     rescue => e
       puts "\nSeeding container images failed with #{e.message}."
-      puts "Make sure that the registry is running (https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/registry.md) and that Docker CLI (https://www.docker.com/products/docker-desktop) is installed."
+      puts "Make sure that the registry is running (https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/registry.md) and that Docker CLI (https://www.docker.com/products/docker-desktop) is installed."
     end
   else
     puts "Skipped. Use the `#{flag}` environment variable to seed container images to the registry."

doc/administration/packages/container_registry.md

@@ -301,6 +301,16 @@ the Container Registry by themselves, follow the steps below.
 
 ## Configure storage for the Container Registry
 
+NOTE:
+For storage backends that support it, you can use object versioning to preserve, retrieve, and
+restore the non-current versions of every object stored in your buckets. However, this may result in
+higher storage usage and costs. Due to how the registry operates, image uploads are first stored in
+a temporary path and then transferred to a final location. For object storage backends, including S3
+and GCS, this transfer is achieved with a copy followed by a delete. With object versioning enabled,
+these deleted temporary upload artifacts are kept as non-current versions, therefore increasing the
+storage bucket size. To ensure that non-current versions are deleted after a given amount of time,
+you should configure an object lifecycle policy with your storage provider.
+   
 You can configure the Container Registry to use various storage backends by
 configuring a storage driver. By default the GitLab Container Registry
 is configured to use the [file system driver](#use-file-system)

doc/administration/troubleshooting/test_environments.md

@@ -92,7 +92,7 @@ gitlab_rails['omniauth_providers'] = [
 
 #### GroupSAML for GitLab.com
 
-See [the GDK SAML documentation](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/saml.md).
+See [the GDK SAML documentation](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/saml.md).
 
 ### Elasticsearch
 

doc/development/README.md

@@ -26,7 +26,7 @@ GitLab instance, see the [administration documentation](../administration/index.
 ## Get started
 
 - Set up the GitLab development environment with the
-  [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/README.md)
+  [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/README.md)
 - [GitLab contributing guide](contributing/index.md)
   - [Issues workflow](contributing/issue_workflow.md) for more information about:
     - Issue tracker guidelines.
@@ -302,6 +302,6 @@ See [database guidelines](database/index.md).
 
 ## Other GitLab Development Kit (GDK) guides
 
-- [Run full Auto DevOps cycle in a GDK instance](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/auto_devops.md)
-- [Using GitLab Runner with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/runner.md)
-- [Using the Web IDE terminal with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/web_ide_terminal_gdk_setup.md)
+- [Run full Auto DevOps cycle in a GDK instance](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/auto_devops.md)
+- [Using GitLab Runner with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/runner.md)
+- [Using the Web IDE terminal with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/web_ide_terminal_gdk_setup.md)

doc/development/architecture.md

@@ -302,7 +302,7 @@ GitLab can be considered to have two layers from a process perspective:
   - [Omnibus](https://docs.gitlab.com/omnibus/settings/ssl.html)
   - [Charts](https://docs.gitlab.com/charts/installation/tls.html)
   - [Source](../install/installation.md#using-https)
-  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/https.md)
+  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/https.md)
 - Layer: Core Service (Processor)
 - GitLab.com: [Secrets Management](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#secrets-management)
 
@@ -332,7 +332,7 @@ Consul is a tool for service discovery and configuration. Consul is distributed,
   - [Omnibus](../integration/elasticsearch.md)
   - [Charts](../integration/elasticsearch.md)
   - [Source](../integration/elasticsearch.md)
-  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/elasticsearch.md)
+  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/elasticsearch.md)
 - Layer: Core Service (Data)
 - GitLab.com: [Get Advanced Search working on GitLab.com (Closed)](https://gitlab.com/groups/gitlab-org/-/epics/153) epic.
 
@@ -369,7 +369,7 @@ repository updates to secondary nodes.
 - Configuration:
   - [Omnibus](../administration/geo/setup/index.md)
   - [Charts](https://docs.gitlab.com/charts/advanced/geo/)
-  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/geo.md)
+  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/geo.md)
 - Layer: Core Service (Processor)
 
 #### GitLab Exporter
@@ -403,7 +403,7 @@ You can use it to sync deployments onto your Kubernetes cluster.
   - [Omnibus](../administration/pages/index.md)
   - [Charts](https://gitlab.com/gitlab-org/charts/gitlab/-/issues/37)
   - [Source](../install/installation.md#install-gitlab-pages)
-  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/pages.md)
+  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/pages.md)
 - Layer: Core Service (Processor)
 - GitLab.com: [GitLab Pages](../user/gitlab_com/index.md#gitlab-pages)
 
@@ -418,7 +418,7 @@ You can use it either for personal or business websites, such as portfolios, doc
   - [Omnibus](https://docs.gitlab.com/runner/)
   - [Charts](https://docs.gitlab.com/runner/install/kubernetes.html)
   - [Source](https://docs.gitlab.com/runner/)
-  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/runner.md)
+  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/runner.md)
 - Layer: Core Service (Processor)
 - GitLab.com: [Runner](../user/gitlab_com/index.md#shared-runners)
 
@@ -507,7 +507,7 @@ Mattermost is an open source, private cloud, Slack-alternative from <https://mat
 - Configuration:
   - [Omnibus](https://min.io/download)
   - [Charts](https://docs.gitlab.com/charts/charts/minio/)
-  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/object_storage.md)
+  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/object_storage.md)
 - Layer: Core Service (Data)
 - GitLab.com: [Storage Architecture](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#storage-architecture)
 
@@ -646,7 +646,7 @@ See our [Redis guidelines](redis.md) for more information about how GitLab uses
   - [Omnibus](../update/upgrading_from_source.md#10-install-libraries-migrations-etc)
   - [Charts](https://docs.gitlab.com/charts/charts/registry/)
   - [Source](../administration/packages/container_registry.md#enable-the-container-registry)
-  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/registry.md)
+  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/registry.md)
 - Layer: Core Service (Processor)
 - GitLab.com: [GitLab Container Registry](../user/packages/container_registry/index.md#build-and-push-by-using-gitlab-cicd)
 
@@ -731,7 +731,7 @@ disabled by default.
   - [Omnibus](../administration/auth/ldap/index.md)
   - [Charts](https://docs.gitlab.com/charts/charts/globals.html#ldap)
   - [Source](https://gitlab.com/gitlab-org/gitlab/blob/master/config/gitlab.yml.example)
-  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/ldap.md)
+  - [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/ldap.md)
 - Layer: Core Service (Processor)
 - GitLab.com: [Product Tiers](https://about.gitlab.com/pricing/#gitlab-com)
 

doc/development/contributing/index.md

@@ -123,7 +123,7 @@ The general flow of contributing to GitLab is:
 1. [Create a fork](../../user/project/repository/forking_workflow.md#creating-a-fork)
    of GitLab. In some cases, you will want to set up the
    [GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit) to
-   [develop against your fork](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/index.md#develop-in-your-own-gitlab-fork).
+   [develop against your fork](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/index.md#develop-in-your-own-gitlab-fork).
 1. Make your changes in your fork.
 1. When you're ready, [create a new merge request](../../user/project/merge_requests/creating_merge_requests.md).
 1. In the merge request's description:

doc/development/documentation/index.md

@@ -411,7 +411,7 @@ on how the left-side navigation menu is built and updated.
 
 NOTE:
 To preview your changes to documentation locally, follow this
-[development guide](https://gitlab.com/gitlab-org/gitlab-docs/blob/master/README.md#development-when-contributing-to-gitlab-documentation) or [these instructions for GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/gitlab_docs.md).
+[development guide](https://gitlab.com/gitlab-org/gitlab-docs/blob/master/README.md#development-when-contributing-to-gitlab-documentation) or [these instructions for GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/gitlab_docs.md).
 
 The live preview is currently enabled for the following projects:
 
@@ -502,7 +502,7 @@ help of a configuration file known as **screenshot generator**.
 
 To run the tool on an existing screenshot generator, take the following steps:
 
-1. Set up the [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/gitlab_docs.md).
+1. Set up the [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/gitlab_docs.md).
 1. Navigate to the subdirectory with your cloned GitLab repository, typically `gdk/gitlab`.
 1. Make sure that your GDK database is fully migrated: `bin/rake db:migrate RAILS_ENV=development`.
 1. Install `pngquant`, see the tool website for more information: [`pngquant`](https://pngquant.org/)

doc/development/documentation/testing.md

@@ -154,7 +154,7 @@ markdownlint configuration is found in the following projects:
 - [`gitlab-runner`](https://gitlab.com/gitlab-org/gitlab-runner/blob/master/.markdownlint.json)
 - [`omnibus-gitlab`](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/.markdownlint.json)
 - [`charts`](https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/.markdownlint.json)
-- [`gitlab-development-kit`](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/.markdownlint.json)
+- [`gitlab-development-kit`](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/.markdownlint.json)
 
 This configuration is also used in build pipelines.
 

doc/development/elasticsearch.md

@@ -25,7 +25,7 @@ Developers making significant changes to Elasticsearch queries should test their
 
 ## Setting up development environment
 
-See the [Elasticsearch GDK setup instructions](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/elasticsearch.md)
+See the [Elasticsearch GDK setup instructions](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/elasticsearch.md)
 
 ## Helpful Rake tasks
 

doc/development/i18n/externalization.md

@@ -19,7 +19,7 @@ All `rake` commands described on this page must be run on a GitLab instance, usu
 ## Setting up GitLab Development Kit (GDK)
 
 In order to be able to work on the [GitLab Community Edition](https://gitlab.com/gitlab-org/gitlab-foss)
-project you must download and configure it through [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/set-up-gdk.md).
+project you must download and configure it through [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/set-up-gdk.md).
 
 After you have the GitLab project ready, you can start working on the translation.
 

doc/development/integrations/codesandbox.md

@@ -15,7 +15,7 @@ creating upstream contributions like [this one](https://github.com/codesandbox/c
 Before using CodeSandbox with your local GitLab instance, you must:
 
 1. Enable HTTPS on your GDK. CodeSandbox uses Service Workers that require `https`.
-   Follow the GDK [NGINX configuration instructions](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/nginx.md) to enable HTTPS for GDK.
+   Follow the GDK [NGINX configuration instructions](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/nginx.md) to enable HTTPS for GDK.
 1. Clone the [`codesandbox-client` project](https://github.com/codesandbox/codesandbox-client)
    locally. If you plan on contributing upstream, you might want to fork and clone first.
 1. (Optional) Use correct `python` and `nodejs` versions. Otherwise, `yarn` may fail to

doc/development/integrations/jira_connect.md

@@ -16,7 +16,7 @@ The following are required to install and test the app:
 
   - [GDK in Gitpod](https://www.loom.com/share/9c9711d4876a40869b9294eecb24c54d)
     video.
-  - [GDK with Gitpod](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/gitpod.md)
+  - [GDK with Gitpod](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/gitpod.md)
     documentation.
 
   You **must not** use tunneling tools such as
@@ -61,7 +61,7 @@ To install the app in Jira:
 
 If the app install failed, you might need to delete `jira_connect_installations` from your database.
 
-1. Open the [database console](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/postgresql.md#access-postgresql).
+1. Open the [database console](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/postgresql.md#access-postgresql).
 1. Run `TRUNCATE TABLE jira_connect_installations CASCADE;`.
 
 ## Add a namespace

doc/development/interacting_components.md

@@ -20,7 +20,7 @@ change that affects uploads should also be tested against [object storage](https
 which is _not_ enabled by default in [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit).
 
 When working on a related feature, make sure to enable and test it
-against [MinIO](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/object_storage.md).
+against [MinIO](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/object_storage.md).
 
 See also [File Storage in GitLab](file_storage.md).
 

doc/development/packages.md

@@ -224,7 +224,7 @@ of the additional endpoint added for Maven. The `/authorize` endpoint verifies a
 then the normal upload endpoint is implemented below, consuming the metadata that workhorse provides in order to
 create the package record. Workhorse provides a variety of file metadata such as type, size, and different checksum formats.
 
-For testing purposes, you may want to [enable object storage](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/object_storage.md)
+For testing purposes, you may want to [enable object storage](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/object_storage.md)
 in your local development environment.
 
 #### File size limits

doc/development/performance.md

@@ -363,7 +363,7 @@ This patch is available by default for
 [CNG](https://gitlab.com/gitlab-org/build/CNG/-/merge_requests/591),
 [GitLab CI](https://gitlab.com/gitlab-org/gitlab-build-images/-/merge_requests/355),
 [GCK](https://gitlab.com/gitlab-org/gitlab-compose-kit/-/merge_requests/149)
-and can additionally be enabled for [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/advanced.md#apply-custom-patches-for-ruby).
+and can additionally be enabled for [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/advanced.md#apply-custom-patches-for-ruby).
 
 This patch provides a set of 3 metrics that makes it easier to understand efficiency of memory usage for a given codepath:
 

doc/development/profiling.md

@@ -106,7 +106,7 @@ environment variable `ENABLE_SHERLOCK` to a non empty value. For example:
 ENABLE_SHERLOCK=1 bundle exec rails s
 ```
 
-Sherlock is also [available though the GitLab GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/sherlock.md).
+Sherlock is also [available though the GitLab GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/sherlock.md).
 
 Recorded transactions can be found by navigating to `/sherlock/transactions`.
 
@@ -195,7 +195,7 @@ This endpoint is only available for Rails web workers. Sidekiq workers can not b
 
 To disable those features for profiling/benchmarking set the `RAILS_PROFILE` environment variable to `true` before starting GitLab. For example when using GDK:
 
-- create a file [`env.runit`](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/runit.md#modifying-environment-configuration-for-services) in the root GDK directory
+- create a file [`env.runit`](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/runit.md#modifying-environment-configuration-for-services) in the root GDK directory
 - add `export RAILS_PROFILE=true` to your `env.runit` file
 - restart GDK with `gdk restart`
 

doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md

@@ -147,10 +147,10 @@ docker rm gitlab-gitaly-cluster praefect postgres gitaly3 gitaly2 gitaly1
 
 To run the Monitor tests locally, against the GDK, please follow the preparation steps below:
 
-1. Complete the [Prerequisites](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/auto_devops/index.md#prerequisites-for-gitlab-team-members-only), at least through step 5. Note that the monitor tests do not require permissions to work with GKE because they use [k3s as a Kubernetes cluster provider](https://github.com/rancher/k3s).
+1. Complete the [Prerequisites](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/auto_devops/index.md#prerequisites-for-gitlab-team-members-only), at least through step 5. Note that the monitor tests do not require permissions to work with GKE because they use [k3s as a Kubernetes cluster provider](https://github.com/rancher/k3s).
 1. The test setup deploys the app in a Kubernetes cluster, using the Auto DevOps deployment strategy.
-To enable Auto DevOps in GDK, follow the [associated setup](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/auto_devops/index.md#setup) instructions. If you have problems, review the [troubleshooting guide](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/auto_devops/tips_and_troubleshooting.md) or reach out to the `#gdk` channel in the internal GitLab Slack.
-1. Do [secure your GitLab instance](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/auto_devops/index.md#secure-your-gitlab-instance) since it is now publicly accessible on `https://[YOUR-PORT].qa-tunnel.gitlab.info`.
+To enable Auto DevOps in GDK, follow the [associated setup](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/auto_devops/index.md#setup) instructions. If you have problems, review the [troubleshooting guide](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/auto_devops/tips_and_troubleshooting.md) or reach out to the `#gdk` channel in the internal GitLab Slack.
+1. Do [secure your GitLab instance](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/auto_devops/index.md#secure-your-gitlab-instance) since it is now publicly accessible on `https://[YOUR-PORT].qa-tunnel.gitlab.info`.
 1. Install the Kubernetes command line tool known as `kubectl`. Use the [official installation instructions](https://kubernetes.io/docs/tasks/tools/).
 
 You might see NGINX issues when you run `gdk start` or `gdk restart`. In that case, run `sft login` to revalidate your credentials and regain access the QA Tunnel.
@@ -272,7 +272,7 @@ You can free some memory with either of the following commands: `docker prune sy
 
 ## Geo tests
 
-Geo end-to-end tests can run locally against a [Geo GDK setup](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/geo.md) or on Geo spun up in Docker containers.
+Geo end-to-end tests can run locally against a [Geo GDK setup](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/geo.md) or on Geo spun up in Docker containers.
 
 ### Using Geo GDK
 

doc/development/usage_ping/index.md

@@ -973,7 +973,7 @@ build in a [downstream pipeline of the `omnibus-gitlab-mirror` project](https://
 This is the less recommended approach, because it comes with a number of difficulties when emulating a real GitLab deployment.
 
 The [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit) is not set up to run a Prometheus server or `node_exporter` alongside other GitLab components. If you would
-like to do so, [Monitoring the GDK with Prometheus](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/master/doc/howto/prometheus/index.md#monitoring-the-gdk-with-prometheus) is a good start.
+like to do so, [Monitoring the GDK with Prometheus](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/prometheus/index.md#monitoring-the-gdk-with-prometheus) is a good start.
 
 The [GCK](https://gitlab.com/gitlab-org/gitlab-compose-kit) has limited support for testing Prometheus based Usage Ping.
 By default, it already comes with a fully configured Prometheus service that is set up to scrape a number of components,

doc/user/admin_area/analytics/usage_trends.md

@@ -39,4 +39,4 @@ in the categories shown in [Total counts](#total-counts).
 
 These charts help you visualize how rapidly these records are being created on your instance.
 
-![Instance Activity Pipelines chart](img/instance_activity_pipelines_chart_v13_6.png)
+![Instance Activity Pipelines chart](img/instance_activity_pipelines_chart_v13_6_a.png)

doc/user/group/issues_analytics/index.md

@@ -31,7 +31,7 @@ You can change the total number of months displayed by setting a URL parameter.
 For example, `https://gitlab.com/groups/gitlab-org/-/issues_analytics?months_back=15`
 shows a total of 15 months for the chart in the GitLab.org group.
 
-![Issues created per month](img/issues_created_per_month_v12_8.png)
+![Issues created per month](img/issues_created_per_month_v12_8_a.png)
 
 ## Drill into the information
 

doc/user/group/saml_sso/index.md

@@ -322,11 +322,9 @@ Ensure your SAML identity provider sends an attribute statement named `Groups` o
 ```
 
 When SAML SSO is enabled for the top-level group, `Maintainer` and `Owner` level users
-see a new menu item in group **Settings -> SAML Group Links**. Each group (parent or subgroup) can specify
+see a new menu item in group **Settings > SAML Group Links**. Each group (parent or subgroup) can specify
 one or more group links to map a SAML identity provider group name to a GitLab access level.
 
-![SAML Group Links navigation](img/saml_group_links_nav_v13_6.png)
-
 To link the SAML `Freelancers` group in the attribute statement example above:
 
 1. Enter `Freelancers` in the `SAML Group Name` field.

doc/user/group/value_stream_analytics/index.md

@@ -343,8 +343,6 @@ To create a value stream with stages:
      ![Custom stage actions](img/vsa_custom_stage_v13_10.png "Custom stage actions")
 1. Select the **Create Value Stream** button to save the value stream.
 
-![Extended create value stream form](img/extended_value_stream_form_v13_10.png "Extended create value stream form")
-
 ### Deleting a value stream
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/221205) in GitLab 13.4.

ee/app/assets/javascripts/security_dashboard/components/group_security_charts.vue

 <script>
 import { GlLoadingIcon } from '@gitlab/ui';
 import createFlash from '~/flash';
+import groupProjectsQuery from '../graphql/queries/group_projects.query.graphql';
 import vulnerabilityGradesQuery from '../graphql/queries/group_vulnerability_grades.query.graphql';
 import vulnerabilityHistoryQuery from '../graphql/queries/group_vulnerability_history.query.graphql';
-import groupProjectsQuery from '../graphql/queries/vulnerable_projects_group.query.graphql';
 import { PROJECT_LOADING_ERROR_MESSAGE } from '../helpers';
 import DashboardNotConfigured from './empty_states/group_dashboard_not_configured.vue';
 import VulnerabilityChart from './first_class_vulnerability_chart.vue';

ee/app/assets/javascripts/security_dashboard/components/vulnerability_report.vue

@@ -6,8 +6,8 @@ import SecurityDashboardLayout from 'ee/security_dashboard/components/security_d
 import { DASHBOARD_TYPES } from 'ee/security_dashboard/store/constants';
 import { s__ } from '~/locale';
 import glFeatureFlagsMixin from '~/vue_shared/mixins/gl_feature_flags_mixin';
-import vulnerableProjectsGroupQuery from '../graphql/queries/vulnerable_projects_group.query.graphql';
-import vulnerableProjectsInstanceQuery from '../graphql/queries/vulnerable_projects_instance.query.graphql';
+import groupProjectsQuery from '../graphql/queries/group_projects.query.graphql';
+import instanceProjectsQuery from '../graphql/queries/instance_projects.query.graphql';
 import AutoFixUserCallout from './auto_fix_user_callout.vue';
 import CsvExportButton from './csv_export_button.vue';
 import DashboardNotConfiguredGroup from './empty_states/group_dashboard_not_configured.vue';
@@ -46,8 +46,8 @@ export default {
     'pipeline',
   ],
   queries: {
-    [DASHBOARD_TYPES.GROUP]: vulnerableProjectsGroupQuery,
-    [DASHBOARD_TYPES.INSTANCE]: vulnerableProjectsInstanceQuery,
+    [DASHBOARD_TYPES.GROUP]: groupProjectsQuery,
+    [DASHBOARD_TYPES.INSTANCE]: instanceProjectsQuery,
   },
   apollo: {
     projects: {

ee/app/assets/javascripts/security_dashboard/graphql/queries/vulnerable_projects_group.query.graphql → ee/app/assets/javascripts/security_dashboard/graphql/queries/group_projects.query.graphql

-query vulnerableProjects($fullPath: ID!) {
+query groupProjects($fullPath: ID!) {
   group(fullPath: $fullPath) {
     projects(includeSubgroups: true) {
       nodes {

ee/app/assets/javascripts/security_dashboard/graphql/queries/instance_vulnerabilities.query.graphql

 #import "~/graphql_shared/fragments/pageInfoCursorsOnly.fragment.graphql"
 #import "../fragments/vulnerability.fragment.graphql"
 
-query instance(
+query instanceVulnerabilities(
   $after: String
   $first: Int
   $projectId: [ID!]

ee/app/assets/javascripts/security_dashboard/graphql/queries/project_vulnerabilities.query.graphql

 #import "~/graphql_shared/fragments/pageInfoCursorsOnly.fragment.graphql"
 #import "../fragments/vulnerability.fragment.graphql"
 
-query project(
+query projectVulnerabilities(
   $fullPath: ID!
   $after: String
   $first: Int

ee/app/assets/javascripts/security_dashboard/graphql/queries/project_vulnerabilities_by_day_and_count.query.graphql

-query project($fullPath: ID!, $startDate: ISO8601Date!, $endDate: ISO8601Date!) {
+query projectVulnerabilitiesCount(
+  $fullPath: ID!
+  $startDate: ISO8601Date!
+  $endDate: ISO8601Date!
+) {
   project(fullPath: $fullPath) {
     vulnerabilitiesCountByDay(startDate: $startDate, endDate: $endDate) {
       nodes {

ee/app/assets/javascripts/security_dashboard/graphql/queries/vulnerable_projects_instance.query.graphql

-query vulnerableProjects {
-  instanceSecurityDashboard {
-    projects {
-      nodes {
-        id
-        name
-      }
-    }
-  }
-}

ee/spec/features/search/elastic/global_search_spec.rb

@@ -102,6 +102,23 @@ RSpec.describe 'Global elastic search', :elastic, :sidekiq_inline do
         expect(page).to have_css('.search-results') # Confirm there are search results to prevent false positives
       end
     end
+
+    context 'searching commits' do
+      let(:path_for_one) { search_path(search: '*', scope: 'commits', per_page: 1) }
+      let(:path_for_multiple) { search_path(search: '*', scope: 'commits', per_page: 5) }
+
+      it 'avoids N+1 database queries' do
+        project.repository.index_commits_and_blobs
+
+        ensure_elasticsearch_index!
+
+        control = ActiveRecord::QueryRecorder.new { visit path_for_one }
+        expect(page).to have_css('.results') # Confirm there are search results to prevent false positives
+
+        expect { visit path_for_multiple }.not_to exceed_query_limit(control.count).with_threshold(2) # We still have users N+1 here
+        expect(page).to have_css('.results') # Confirm there are search results to prevent false positives
+      end
+    end
   end
 
   describe 'I search through the issues and I see pagination' do

ee/spec/frontend/security_dashboard/components/vulnerability_report_spec.js

@@ -17,8 +17,8 @@ import SecurityDashboardLayout from 'ee/security_dashboard/components/security_d
 import SurveyRequestBanner from 'ee/security_dashboard/components/survey_request_banner.vue';
 import VulnerabilitiesCountList from 'ee/security_dashboard/components/vulnerability_count_list.vue';
 import VulnerabilityReport from 'ee/security_dashboard/components/vulnerability_report.vue';
-import vulnerableProjectsGroupQuery from 'ee/security_dashboard/graphql/queries/vulnerable_projects_group.query.graphql';
-import vulnerableProjectsInstanceQuery from 'ee/security_dashboard/graphql/queries/vulnerable_projects_instance.query.graphql';
+import groupProjectsQuery from 'ee/security_dashboard/graphql/queries/group_projects.query.graphql';
+import instanceProjectsQuery from 'ee/security_dashboard/graphql/queries/instance_projects.query.graphql';
 import { DASHBOARD_TYPES } from 'ee/security_dashboard/store/constants';
 import createApolloProvider from 'helpers/mock_apollo_helper';
 import { mockVulnerableProjectsInstance, mockVulnerableProjectsGroup } from '../mock_data';
@@ -79,10 +79,7 @@ describe('Vulnerability Report', () => {
           dashboardType: DASHBOARD_TYPES.INSTANCE,
         },
         apolloProvider: createApolloProvider([
-          [
-            vulnerableProjectsInstanceQuery,
-            jest.fn().mockResolvedValue(mockVulnerableProjectsInstance()),
-          ],
+          [instanceProjectsQuery, jest.fn().mockResolvedValue(mockVulnerableProjectsInstance())],
         ]),
       });
     });
@@ -122,10 +119,7 @@ describe('Vulnerability Report', () => {
         },
         data: { filters },
         apolloProvider: createApolloProvider([
-          [
-            vulnerableProjectsInstanceQuery,
-            jest.fn().mockResolvedValue(mockVulnerableProjectsInstance()),
-          ],
+          [instanceProjectsQuery, jest.fn().mockResolvedValue(mockVulnerableProjectsInstance())],
         ]),
       });
     });
@@ -151,10 +145,7 @@ describe('Vulnerability Report', () => {
           dashboardType: DASHBOARD_TYPES.GROUP,
         },
         apolloProvider: createApolloProvider([
-          [
-            vulnerableProjectsGroupQuery,
-            jest.fn().mockResolvedValue(mockVulnerableProjectsGroup()),
-          ],
+          [groupProjectsQuery, jest.fn().mockResolvedValue(mockVulnerableProjectsGroup())],
         ]),
       });
     });
@@ -179,7 +170,7 @@ describe('Vulnerability Report', () => {
         },
         apolloProvider: createApolloProvider([
           [
-            vulnerableProjectsGroupQuery,
+            groupProjectsQuery,
             jest.fn().mockResolvedValue({ data: { group: { projects: { nodes: [] } } } }),
           ],
         ]),

ee/spec/frontend/security_dashboard/mock_data/index.js

@@ -202,6 +202,7 @@ export const mockVulnerableProjectsInstance = () => ({
           {
             id: 'gid://gitlab/Project/2',
             name: 'Gitlab Shell',
+            nameWithNamespace: 'Group / Gitlab Shell',
           },
         ],
       },

qa/README.md

@@ -54,8 +54,8 @@ the browser to use. You will need to have Chrome (or Chromium) and
 
 ### Run the end-to-end tests in a local development environment
 
-Follow the GDK instructions to [prepare](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/prepare.md)
-and [install](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/set-up-gdk.md)
+Follow the GDK instructions to [prepare](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/prepare.md)
+and [install](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/set-up-gdk.md)
 your local GitLab development environment.
 
 Once you have GDK running, switch to the `qa` directory. E.g., if you setup

spec/controllers/concerns/renders_commits_spec.rb

@@ -66,6 +66,7 @@ RSpec.describe RendersCommits do
 
       expect do
         subject.prepare_commits_for_rendering(merge_request.commits)
+        merge_request.commits.each(&:latest_pipeline)
       end.not_to exceed_all_query_limit(control.count)
     end
   end

spec/models/ci/commit_with_pipeline_spec.rb

@@ -26,15 +26,47 @@ RSpec.describe Ci::CommitWithPipeline do
     end
   end
 
+  describe '#lazy_latest_pipeline' do
+    let(:commit_1) do
+      described_class.new(Commit.new(RepoHelpers.sample_commit, project))
+    end
+
+    let(:commit_2) do
+      described_class.new(Commit.new(RepoHelpers.another_sample_commit, project))
+    end
+
+    let!(:commits) { [commit_1, commit_2] }
+
+    it 'executes only 1 SQL query' do
+      recorder = ActiveRecord::QueryRecorder.new do
+        # Running this first ensures we don't run one query for every
+        # commit.
+        commits.each(&:lazy_latest_pipeline)
+
+        # This forces the execution of the SQL queries necessary to load the
+        # data.
+        commits.each { |c| c.latest_pipeline.try(:id) }
+      end
+
+      expect(recorder.count).to eq(1)
+    end
+  end
+
   describe '#latest_pipeline' do
     let(:pipeline) { double }
 
     shared_examples_for 'fetching latest pipeline' do |ref|
       it 'returns the latest pipeline for the project' do
-        expect(commit)
-          .to receive(:latest_pipeline_for_project)
-          .with(ref, project)
-          .and_return(pipeline)
+        if ref
+          expect(commit)
+            .to receive(:latest_pipeline_for_project)
+            .with(ref, project)
+            .and_return(pipeline)
+        else
+          expect(commit)
+            .to receive(:lazy_latest_pipeline)
+            .and_return(pipeline)
+        end
 
         expect(result).to eq(pipeline)
       end

spec/services/ci/destroy_pipeline_service_spec.rb

@@ -24,6 +24,9 @@ RSpec.describe ::Ci::DestroyPipelineService do
 
       subject
 
+      # We need to reset lazy_latest_pipeline cache to simulate a new request
+      BatchLoader::Executor.clear_current
+
       # Need to use find to avoid memoization
       expect(Project.find(project.id).pipeline_status.has_status?).to be_falsey
     end

spec/services/ci/expire_pipeline_cache_service_spec.rb

@@ -60,6 +60,9 @@ RSpec.describe Ci::ExpirePipelineCacheService do
 
         pipeline_with_commit.destroy!
 
+        # We need to reset lazy_latest_pipeline cache to simulate a new request
+        BatchLoader::Executor.clear_current
+
         # Need to use find to avoid memoization
         expect(Project.find(project_with_repo.id).pipeline_status.has_status?).to be_falsey
       end