Add latest changes from gitlab-org/gitlab@master

92077e0f · GitLab Bot · 83a3209c · 92077e0f · 92077e0f · 92077e0f
Commit 92077e0f authored Mar 31, 2020 by GitLab Bot
30 changed files
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -402,7 +402,6 @@ RSpec/RepeatedExample:
    - 'spec/models/ability_spec.rb'
    - 'spec/models/ci/build_spec.rb'
    - 'spec/models/concerns/issuable_spec.rb'
-    - 'spec/models/concerns/prometheus_adapter_spec.rb'
    - 'spec/models/member_spec.rb'
    - 'spec/models/project_services/chat_message/pipeline_message_spec.rb'
    - 'spec/models/user_spec.rb'

--- a/app/assets/javascripts/dirty_submit/dirty_submit_form.js
+++ b/app/assets/javascripts/dirty_submit/dirty_submit_form.js
-import _ from 'underscore';
+import { memoize, throttle } from 'lodash';
 import $ from 'jquery';
 class DirtySubmitForm {
@@ -21,8 +21,8 @@ class DirtySubmitForm {
  }
  registerListeners() {
-    const getThrottledHandlerForInput = _.memoize(() =>
+    const getThrottledHandlerForInput = memoize(() =>
-      _.throttle(event => this.updateDirtyInput(event), DirtySubmitForm.THROTTLE_DURATION),
+      throttle(event => this.updateDirtyInput(event), DirtySubmitForm.THROTTLE_DURATION),
    );
    const throttledUpdateDirtyInput = event => {

--- a/app/controllers/repositories/git_http_controller.rb
+++ b/app/controllers/repositories/git_http_controller.rb
@@ -4,6 +4,7 @@ module Repositories
  class GitHttpController < Repositories::GitHttpClientController
    include WorkhorseRequest
+    before_action :snippet_request_allowed?
    before_action :access_check
    prepend_before_action :deny_head_requests, only: [:info_refs]
@@ -12,8 +13,6 @@ module Repositories
    rescue_from Gitlab::GitAccess::ProjectCreationError, with: :render_422_with_exception
    rescue_from Gitlab::GitAccess::TimeoutError, with: :render_503_with_exception
-    before_action :snippet_request_allowed?
    # GET /foo/bar.git/info/refs?service=git-upload-pack (git pull)
    # GET /foo/bar.git/info/refs?service=git-receive-pack (git push)
    def info_refs
@@ -121,6 +120,7 @@ module Repositories
    def snippet_request_allowed?
      if repo_type.snippet? && Feature.disabled?(:version_snippets, user)
+        Gitlab::AppLogger.info('Snippet access attempt with feature disabled')
        render plain: 'The project you were looking for could not be found.', status: :not_found
      end
    end

--- a/changelogs/unreleased/211950-impossible-to-remove-orphan-artifact-files.yml
+++ b/changelogs/unreleased/211950-impossible-to-remove-orphan-artifact-files.yml
+---
+title: Fix invalid class option for ionice
+merge_request: 28023
+author:
+type: fixed
--- a/changelogs/unreleased/fj-reorder-snippet-before-actions.yml
+++ b/changelogs/unreleased/fj-reorder-snippet-before-actions.yml
+---
+title: Check first if feature flag version_snippet is enabled
+merge_request: 28352
+author:
+type: fixed
--- a/doc/administration/repository_storage_paths.md
+++ b/doc/administration/repository_storage_paths.md
@@ -117,8 +117,6 @@ randomly placed on one of the selected paths.
 [ce-4578]: https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/4578
 [restart-gitlab]: restart_gitlab.md#installations-from-source
-[reconfigure-gitlab]: restart_gitlab.md#omnibus-gitlab-reconfigure
 [backups]: ../raketasks/backup_restore.md
 [raketask]: https://gitlab.com/gitlab-org/gitlab/blob/033e5423a2594e08a7ebcd2379bd2331f4c39032/lib/backup/repository.rb#L54-56
 [repospath]: https://gitlab.com/gitlab-org/gitlab-foss/-/blob/8-9-stable/config/gitlab.yml.example#L457
-[ce-11449]: https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/11449
--- a/doc/api/services.md
+++ b/doc/api/services.md
@@ -67,7 +67,7 @@ Asana - Teamwork without email
 Set Asana service for a project.
-> This service adds commit messages as comments to Asana tasks. Once enabled, commit messages are checked for Asana task URLs (for example, `https://app.asana.com/0/123456/987654`) or task IDs starting with # (for example, `#987654`). Every task ID found will get the commit comment added to it. You can also close a task with a message containing: `fix #123456`. You can find your API Keys here: <https://asana.com/developers/documentation/getting-started/auth#api-key>.
+> This service adds commit messages as comments to Asana tasks. Once enabled, commit messages are checked for Asana task URLs (for example, `https://app.asana.com/0/123456/987654`) or task IDs starting with # (for example, `#987654`). Every task ID found will get the commit comment added to it. You can also close a task with a message containing: `fix #123456`. You can find your API Keys here: <https://developers.asana.com/docs/#authentication-basics>.
 ```plaintext
 PUT /projects/:id/services/asana

--- a/doc/ci/examples/end_to_end_testing_webdriverio/index.md
+++ b/doc/ci/examples/end_to_end_testing_webdriverio/index.md
@@ -44,7 +44,7 @@ infrastructure is up and running, and that your units of code work well together
 ## Selenium and WebdriverIO
-[Selenium](https://selenium.dev/) is a piece of software that can control web browsers, e.g., to make them
+[Selenium](https://www.selenium.dev/) is a piece of software that can control web browsers, e.g., to make them
 visit a specific URL or interact with elements on the page. It can be programmatically controlled
 from a variety of programming languages. In this article we're going to be using the
 [WebdriverIO](https://webdriver.io/) JavaScript bindings, but the general concept should carry over

--- a/doc/development/api_graphql_styleguide.md
+++ b/doc/development/api_graphql_styleguide.md
@@ -811,7 +811,7 @@ module Gitlab
 end
 ```
-A [Query Analyzer](https://graphql-ruby.org/queries/analysis.html#analyzer-api) contains a series
+A [Query Analyzer](https://graphql-ruby.org/queries/ast_analysis.html#analyzer-api) contains a series
 of callbacks to validate queries before they are executed. Each field can pass through
 the analyzer, and the final value is also available to you.

--- a/doc/development/architecture.md
+++ b/doc/development/architecture.md
@@ -160,7 +160,7 @@ Component statuses are linked to configuration documentation for each component.
 | [Elasticsearch](#elasticsearch) | Improved search within GitLab | [⤓][elasticsearch-omnibus] | [⤓][elasticsearch-charts] | [⤓][elasticsearch-charts] | [❌](https://gitlab.com/groups/gitlab-org/-/epics/153) | [⤓][elasticsearch-source] | [⤓][elasticsearch-gdk] | EE Only |
 | [Sentry integration](#sentry) | Error tracking for deployed apps | [⤓][sentry-integration] | [⤓][sentry-integration] | [⤓][sentry-integration] | [⤓][sentry-integration] | [⤓][sentry-integration] | [⤓][sentry-integration] | CE & EE |
 | [Jaeger integration](#jaeger) | Distributed tracing for deployed apps | [⤓][jaeger-integration] | [⤓][jaeger-integration] | [⤓][jaeger-integration] | [⤓][jaeger-integration] | [⤓][jaeger-integration] | [⤓][jaeger-integration] | EE Only |
-| [GitLab Managed Apps](#gitlab-managed-apps) | Deploy [Helm](https://helm.sh/docs/), [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/), [Cert-Manager](https://docs.cert-manager.io/en/latest/), [Prometheus](https://prometheus.io/docs/introduction/overview/), a [Runner](https://docs.gitlab.com/runner/), [JupyterHub](https://jupyter.org), [Knative](https://cloud.google.com/knative/) to a cluster | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | CE & EE |
+| [GitLab Managed Apps](#gitlab-managed-apps) | Deploy [Helm](https://helm.sh/docs/), [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/), [Cert-Manager](https://cert-manager.io/docs/), [Prometheus](https://prometheus.io/docs/introduction/overview/), a [Runner](https://docs.gitlab.com/runner/), [JupyterHub](https://jupyter.org), [Knative](https://cloud.google.com/knative/) to a cluster | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | [⤓][managed-k8s-apps] | CE & EE |
 ### Component details
@@ -207,7 +207,7 @@ Consul is a tool for service discovery and configuration. Consul is distributed,
 #### Elasticsearch
- [Project page](https://github.com/elastic/elasticsearch/blob/master/README.asciidoc)
+- [Project page](https://github.com/elastic/elasticsearch/)
 - Configuration: [Omnibus][elasticsearch-omnibus], [Charts][elasticsearch-charts], [Source][elasticsearch-source], [GDK][elasticsearch-gdk]
 - Layer: Core Service (Data)
@@ -424,7 +424,7 @@ An external registry can also be configured to use GitLab as an auth endpoint.
 #### Sentry
- [Project page](https://github.com/getsentry/sentry/blob/master/README.rst)
+- [Project page](https://github.com/getsentry/sentry/)
 - Configuration: [Omnibus][sentry-omnibus], [Charts][sentry-charts], [Source][gitlab-yml], [GDK][gitlab-yml]
 - Layer: Monitoring

--- a/doc/development/documentation/site_architecture/index.md
+++ b/doc/development/documentation/site_architecture/index.md
@@ -6,7 +6,7 @@ description: "Learn how GitLab's documentation website is architectured."
 The [`gitlab-docs`](https://gitlab.com/gitlab-org/gitlab-docs) project hosts
 the repository which is used to generate the GitLab documentation website and
-is deployed to <https://docs.gitlab.com>. It uses the [Nanoc](http://nanoc.ws)
+is deployed to <https://docs.gitlab.com>. It uses the [Nanoc](https://nanoc.ws/)
 static site generator.
 ## Architecture

--- a/doc/development/documentation/styleguide.md
+++ b/doc/development/documentation/styleguide.md
@@ -424,7 +424,7 @@ This is a list of available features:
 - Do not add commas (`,`) or semicolons (`;`) to the end of list items.
 - Only add periods to the end of a list item if the item consists of a complete sentence.
-  The [definition of full sentence](https://www2.le.ac.uk/offices/ld/resources/writing/grammar/grammar-guides/sentence)
+  The [definition of full sentence](https://www2.le.ac.uk/offices/ld/all-resources/writing/grammar/grammar-guides/sentence)
  is: _"a complete sentence always contains a verb, expresses a complete idea, and makes sense standing alone"_.
 - Be consistent throughout the list: if the majority of the items do not end in a period,
  do not end any of the items in a period, even if they consist of a complete sentence.

--- a/doc/development/fe_guide/graphql.md
+++ b/doc/development/fe_guide/graphql.md
@@ -23,7 +23,7 @@ Default client accepts two parameters: `resolvers` and `config`.
 - `resolvers` parameter is created to accept an object of resolvers for [local state management](#local-state-with-apollo) queries and mutations
 - `config` parameter takes an object of configuration settings:
-  - `cacheConfig` field accepts an optional object of settings to [customize Apollo cache](https://github.com/apollographql/apollo-client/tree/master/packages/apollo-cache-inmemory#configuration)
+  - `cacheConfig` field accepts an optional object of settings to [customize Apollo cache](https://www.apollographql.com/docs/react/caching/cache-configuration/#configuring-the-cache)
  - `baseUrl` allows us to pass a URL for GraphQL endpoint different from our main endpoint (i.e.`${gon.relative_url_root}/api/graphql`)
  - `assumeImmutableResults` (set to `false` by default) - this setting, when set to `true`, will assume that every single operation on updating Apollo Cache is immutable. It also sets `freezeResults` to `true`, so any attempt on mutating Apollo Cache will throw a console warning in development environment. Please ensure you're following the immutability pattern on cache update operations before setting this option to `true`.
@@ -601,7 +601,7 @@ defaultClient.query({ query })
 Read more about the [Apollo] client in the [Apollo documentation](https://www.apollographql.com/docs/tutorial/client/).
 [Apollo]: https://www.apollographql.com/
-[vue-apollo]: https://github.com/Akryum/vue-apollo/
+[vue-apollo]: https://github.com/vuejs/vue-apollo
 [feature-flags]: ../feature_flags.md
 [default-client]: https://gitlab.com/gitlab-org/gitlab/blob/master/app/assets/javascripts/lib/graphql.js
 [vue-test-utils]: https://vue-test-utils.vuejs.org/

--- a/doc/development/import_project.md
+++ b/doc/development/import_project.md
@@ -13,7 +13,7 @@ There are several ways to import a project.
 The first option is to simply [import the Project tarball file via the GitLab UI](../user/project/settings/import_export.md#importing-the-project):
 1. Create the group `qa-perf-testing`
-1. Import the [GitLab FOSS project tarball](https://gitlab.com/gitlab-org/quality/performance-data/raw/master/gitlabhq_export.tar.gz) into the Group.
+1. Import the [GitLab FOSS project tarball](https://gitlab.com/gitlab-org/quality/performance-data/-/blob/master/projects_export/gitlabhq_export.tar.gz) into the Group.
 It should take up to 15 minutes for the project to fully import. You can head to the project's main page for the current status.
@@ -132,7 +132,7 @@ For Performance testing, we should:
 - Count the number of executed SQL queries during the restore.
 - Observe the number of GC cycles happening.
-You can use this [snippet](https://gitlab.com/gitlab-org/gitlab/snippets/1924954), which will restore the project, and measure the execution time of `Project::TreeRestorer`, number of SQL queries and number of GC cycles happening.
+You can use this snippet: `https://gitlab.com/gitlab-org/gitlab/snippets/1924954` (must be logged in), which will restore the project, and measure the execution time of `Project::TreeRestorer`, number of SQL queries and number of GC cycles happening.
 You can execute the script from the `gdk/gitlab` directory like this:

--- a/doc/development/integrations/secure.md
+++ b/doc/development/integrations/secure.md
@@ -307,7 +307,7 @@ It is recommended to reuse the identifiers the GitLab scanners already define:
 | [OSVD](https://cve.mitre.org/data/refs/refmap/source-OSVDB.html) | `osvdb` | OSVDB-113928 |
 | [USN](https://usn.ubuntu.com/) | `usn` | USN-4234-1 |
 | [WASC](http://projects.webappsec.org/Threat-Classification-Reference-Grid)  | `wasc` | WASC-19 |
-| [RHSA](https://access.redhat.com/errata) | `rhsa` | RHSA-2020:0111 |
+| [RHSA](https://access.redhat.com/errata/#/) | `rhsa` | RHSA-2020:0111 |
 | [ELSA](https://linux.oracle.com/security/) | `elsa` | ELSA-2020-0085 |
 The generic identifiers listed above are defined in the [common library](https://gitlab.com/gitlab-org/security-products/analyzers/common);

--- a/doc/development/testing_guide/flaky_tests.md
+++ b/doc/development/testing_guide/flaky_tests.md
@@ -107,9 +107,9 @@ For instance `RETRIES=1 bin/rspec ...` would retry the failing examples once.
 ## Resources
- [Flaky Tests: Are You Sure You Want to Rerun Them?](http://semaphoreci.com/blog/2017/04/20/flaky-tests.html)
+- [Flaky Tests: Are You Sure You Want to Rerun Them?](https://semaphoreci.com/blog/2017/04/20/flaky-tests.html)
 - [How to Deal With and Eliminate Flaky Tests](https://semaphoreci.com/community/tutorials/how-to-deal-with-and-eliminate-flaky-tests)
- [Tips on Treating Flakiness in your Rails Test Suite](http://semaphoreci.com/blog/2017/08/03/tips-on-treating-flakiness-in-your-test-suite.html)
+- [Tips on Treating Flakiness in your Rails Test Suite](https://semaphoreci.com/blog/2017/08/03/tips-on-treating-flakiness-in-your-test-suite.html)
 - ['Flaky' tests: a short story](https://www.ombulabs.com/blog/rspec/continuous-integration/how-to-track-down-a-flaky-test.html)
 - [Using Insights to Discover Flaky, Slow, and Failed Tests](https://circleci.com/blog/using-insights-to-discover-flaky-slow-and-failed-tests/)

--- a/doc/install/azure/index.md
+++ b/doc/install/azure/index.md
@@ -108,7 +108,7 @@ ahead and select this one, but please choose the size which best meets your own
 > **Note:** be aware that while your VM is active (known as "allocated"), it will incur
 "compute charges" which, ultimately, you will be billed for. So, even if you're using the
 free trial credits, you'll likely want to learn
-[how to properly shutdown an Azure VM to save money](https://buildazure.com/properly-shutdown-azure-vm-to-save-money/).
+[how to properly shutdown an Azure VM to save money](https://build5nines.com/properly-shutdown-azure-vm-to-save-money/).
 Go ahead and click your chosen size, then click **"Select"** when you're ready to proceed to the
 next step.
@@ -420,7 +420,7 @@ Check out our other [Technical Articles](../../articles/index.md) or browse the
  - [Azure Portal][Azure-Portal]
  - [Azure - Pricing Calculator][Azure-Pricing-Calculator]
  - [Azure - Troubleshoot SSH Connections to an Azure Linux VM](https://docs.microsoft.com/en-us/azure/virtual-machines/troubleshooting/troubleshoot-ssh-connection)
-  - [Azure - Properly Shutdown an Azure VM](https://buildazure.com/properly-shutdown-azure-vm-to-save-money/)
+  - [Azure - Properly Shutdown an Azure VM](https://build5nines.com/properly-shutdown-azure-vm-to-save-money/)
 - [SSH], [PuTTY](https://www.putty.org) and [Using SSH in PuTTY][Using-SSH-In-Putty]
 [Original-Blog-Post]: https://about.gitlab.com/blog/2016/07/13/how-to-setup-a-gitlab-instance-on-microsoft-azure/ "How to Set up a GitLab Instance on Microsoft Azure"

--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -281,7 +281,7 @@ sudo apt-get update
 sudo apt-get install yarn
 ```
-Visit the official websites for [node](https://nodejs.org/en/download/package-manager/) and [yarn](https://yarnpkg.com/en/docs/install/) if you have any trouble with these steps.
+Visit the official websites for [node](https://nodejs.org/en/download/package-manager/) and [yarn](https://classic.yarnpkg.com/en/docs/install/) if you have any trouble with these steps.
 ## 5. System users
@@ -533,7 +533,7 @@ As of Bundler 1.5.2, you can invoke `bundle install -jN` (where `N` is the numbe
 Make sure you have `bundle` (run `bundle -v`):
- `>= 1.5.2`, because some [issues](https://devcenter.heroku.com/changelog-items/411) were [fixed](https://github.com/bundler/bundler/pull/2817) in 1.5.2.
+- `>= 1.5.2`, because some [issues](https://devcenter.heroku.com/changelog-items/411) were [fixed](https://github.com/rubygems/bundler/pull/2817) in 1.5.2.
 - `< 2.x`.
 ```shell

--- a/doc/install/requirements.md
+++ b/doc/install/requirements.md
@@ -70,7 +70,7 @@ version of Node.js 10.13.0.
 You can check which version you are running with `node -v`. If you are running
 a version older than `v10.13.0`, you need to update to a newer version. You
 can find instructions to install from community maintained packages or compile
-from source at the [Node.js website](https://nodejs.org/en/download).
+from source at the [Node.js website](https://nodejs.org/en/download/).
 ## Hardware requirements

--- a/doc/integration/elasticsearch.md
+++ b/doc/integration/elasticsearch.md
@@ -31,8 +31,8 @@ of this document.
 NOTE: **Note:**
 Elasticsearch should be installed on a separate server, whether you install
-it yourself or use a cloud hosted offering like Elastic's [Elasticsearch Service](https://www.elastic.co/products/elasticsearch/service) (available on AWS, GCP, or Azure) or the
+it yourself or use a cloud hosted offering like Elastic's [Elasticsearch Service](https://www.elastic.co/elasticsearch/service) (available on AWS, GCP, or Azure) or the
-[Amazon Elasticsearch](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html) service. Running Elasticsearch on the same server as GitLab is not recommended
+[Amazon Elasticsearch](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html) service. Running Elasticsearch on the same server as GitLab is not recommended
 and will likely cause a degradation in GitLab instance performance.
 NOTE: **Note:**

--- a/doc/integration/ultra_auth.md
+++ b/doc/integration/ultra_auth.md
 # UltraAuth OmniAuth Provider
-You can integrate your GitLab instance with [UltraAuth](https://ultraauth.com) to enable users to perform secure biometric authentication to your GitLab instance with your UltraAuth account. Users have to perform the biometric authentication using their mobile device with fingerprint sensor.
+You can integrate your GitLab instance with [UltraAuth](https://github.com/ultraauth) to enable users to perform secure biometric authentication to your GitLab instance with your UltraAuth account. Users have to perform the biometric authentication using their mobile device with fingerprint sensor.
 ## Create UltraAuth Application
 To enable UltraAuth OmniAuth provider, you must use UltraAuth's credentials for your GitLab instance.
 To get the credentials (a pair of Client ID and Client Secret), you must register an application on UltraAuth.
-1. Sign in to [UltraAuth](https://ultraauth.com).
+1. Sign in to [UltraAuth](https://app.ultraauth.com).
 1. Navigate to **Create an App** and click on **Ruby on Rails**.
 1. Scroll down the page that is displayed to locate the **Client ID** and **Client Secret**.
   Keep this page open as you continue configuration.

--- a/doc/integration/vault.md
+++ b/doc/integration/vault.md
@@ -18,7 +18,7 @@ The following assumes you already have Vault installed and running.
   First you'll need to create a GitLab application to obtain an application ID and secret for authenticating into Vault. To do this, sign in to GitLab and follow these steps:
   1. On GitLab, click your avatar on the top-right corner, and select your user **Settings > Applications**.
-   1. Fill out the application **Name** and [**Redirect URI**](https://www.vaultproject.io/docs/auth/jwt.html#redirect-uris),
+   1. Fill out the application **Name** and [**Redirect URI**](https://www.vaultproject.io/docs/auth/jwt/#redirect-uris),
      making sure to select the **OpenID** scope.
   1. Save application.
   1. Copy client ID and secret, or keep the page open for reference.
@@ -66,7 +66,7 @@ The following assumes you already have Vault installed and running.
 1. **Write the OIDC Role Config:**
-   Now that Vault has a GitLab application ID and secret, it needs to know the [**Redirect URIs**](https://www.vaultproject.io/docs/auth/jwt.html#redirect-uris) and scopes given to GitLab during the application creation process. The redirect URIs need to match where your Vault instance is running. The `oidc_scopes` field needs to include the `openid`. Similarly to the previous step, replace `your_application_id` with the generated application ID from GitLab:
+   Now that Vault has a GitLab application ID and secret, it needs to know the [**Redirect URIs**](https://www.vaultproject.io/docs/auth/jwt/#redirect-uris) and scopes given to GitLab during the application creation process. The redirect URIs need to match where your Vault instance is running. The `oidc_scopes` field needs to include the `openid`. Similarly to the previous step, replace `your_application_id` with the generated application ID from GitLab:
   This configuration is saved under the name of the role you are creating. In this case, we are creating a `demo` role. Later, we'll show how you can access this role through the Vault CLI.
@@ -107,7 +107,7 @@ The following assumes you already have Vault installed and running.
   1. In the **Write the OIDC Role Config** (step 4), we created a role called `demo`. We set `role=demo` so Vault knows which configuration we'd like to login in with.
   1. To set Vault to use the `OIDC` sign-in method, we set `-method=oidc`.
-   1. To set the port that GitLab should redirect to, we set `port=8250` or another port number that matches the port given to GitLab when listing [Redirect URIs](https://www.vaultproject.io/docs/auth/jwt.html#redirect-uris).
+   1. To set the port that GitLab should redirect to, we set `port=8250` or another port number that matches the port given to GitLab when listing [Redirect URIs](https://www.vaultproject.io/docs/auth/jwt/#redirect-uris).
   Once you run the command above, it will present a link in the terminal.
   Click the link in the terminal and a tab will open in the browser confirming you're signed into Vault via OIDC:

--- a/doc/raketasks/README.md
+++ b/doc/raketasks/README.md
@@ -2,18 +2,35 @@
 comments: false
 ---
-# Rake tasks
+# Rake tasks **(CORE ONLY)**
- [Backup restore](backup_restore.md)
+GitLab provides [Rake](https://ruby.github.io/rake/) tasks for common administration and operational processes.
- [Check](check.md)
- [Cleanup](cleanup.md)
+GitLab Rake tasks are performed using:
- [Features](features.md)
- [LDAP Maintenance](../administration/raketasks/ldap.md)
+- `gitlab-rake <raketask>` for [Omnibus GitLab](https://docs.gitlab.com/omnibus/README.html) installations.
- [General Maintenance](../administration/raketasks/maintenance.md) and self-checks
+- `bundle exec rake <raketask>` for [source](../install/installation.md) installations.
- [User management](user_management.md)
- [Webhooks](web_hooks.md)
+## Available Rake tasks
- [Import](import.md) of Git repositories in bulk
- [Rebuild authorized_keys file](../administration/raketasks/maintenance.md#rebuild-authorized_keys-file) task for administrators
+The following are available Rake tasks:
- [Uploads Migrate](../administration/raketasks/uploads/migrate.md)
- [Uploads Sanitize](../administration/raketasks/uploads/sanitize.md)
+| Tasks                                                                                      | Description                                                                               |
- [Importing large GitLab project exports](../development/import_project.md#importing-via-a-rake-task)
+|:-------------------------------------------------------------------------------------------|:------------------------------------------------------------------------------------------|
+| [Back up and restore](backup_restore.md)                                                   | Back up, restore, and migrate GitLab instances between servers.                           |
+| [Clean up](cleanup.md)                                                                     | Clean up unneeded items GitLab instances.                                                 |
+| [Enable namespaces](features.md)                                                           | Enable usernames and namespaces for user projects.                                        |
+| [General maintenance](../administration/raketasks/maintenance.md)                          | General maintenance and self-check tasks.                                                 |
+| [Geo maintenance](../administration/raketasks/geo.md) **(PREMIUM ONLY)**                   | [Geo](../administration/geo/replication/index.md)-related maintenance.                    |
+| [GitHub import](../administration/raketasks/github_import.md)                              | Retrieve and import repositories from GitHub.                                             |
+| [Import repositories](import.md)                                                           | Import bare repositories into your GitLab instance.                                       |
+| [Import large project exports](../development/import_project.md#importing-via-a-rake-task) | Import large GitLab [project exports](../user/project/settings/import_export.md).         |
+| [Integrity checks](../administration/raketasks/check.md)                                   | Check the integrity of repositories, files, and LDAP.                                     |
+| [LDAP maintenance](../administration/raketasks/ldap.md)                                    | [LDAP](../administration/auth/ldap.md)-related tasks.                                     |
+| [List repositories](list_repos.md)                                                         | List of all GitLab-managed Git repositories on disk.                                      |
+| [Project import/export](../administration/raketasks/project_import_export.md)              | Prepare for [project exports and imports](../user/project/settings/import_export.md).     |
+| [Repository storage](../administration/raketasks/storage.md)                               | List and migrate existing projects and attachments from legacy storage to hashed storage. |
+| [Uploads migrate](../administration/raketasks/uploads/migrate.md)                          | Migrate uploads between storage local and object storage.                                 |
+| [Uploads sanitize](../administration/raketasks/uploads/sanitize.md)                        | Remove EXIF data from images uploaded to earlier versions of GitLab.                      |
+| [User management](user_management.md)                                                      | Perform user management tasks.                                                            |
+| [Webhooks administration](web_hooks.md)                                                    | Maintain project Webhooks.                                                                |
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -79,7 +79,7 @@ is available.
 > Introduced in GitLab 11.6 for project- and group-level clusters.
-[cert-manager](https://docs.cert-manager.io/en/latest/) is a native
+[cert-manager](https://cert-manager.io/docs/) is a native
 Kubernetes certificate management controller that helps with issuing
 certificates. Installing cert-manager on your cluster will issue a
 certificate by [Let's Encrypt](https://letsencrypt.org/) and ensure that
@@ -98,7 +98,7 @@ If you have installed cert-manager prior to GitLab 12.3, Let's Encrypt will
 To resolve this:
-1. Uninstall cert-manager (consider [backing up any additional configuration](https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html)).
+1. Uninstall cert-manager (consider [backing up any additional configuration](https://cert-manager.io/docs/tutorials/backup/)).
 1. Install cert-manager again.
 ### GitLab Runner
@@ -1047,7 +1047,7 @@ The applications below can be uninstalled.
 | Application | GitLab version | Notes |
 | ----------- | -------------- | ----- |
-| cert-manager | 12.2+         | The associated private key will be deleted and cannot be restored. Deployed applications will continue to use HTTPS, but certificates will not be renewed. Before uninstalling, you may wish to [back up your configuration](https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html) or [revoke your certificates](https://letsencrypt.org/docs/revoking/). |
+| cert-manager | 12.2+         | The associated private key will be deleted and cannot be restored. Deployed applications will continue to use HTTPS, but certificates will not be renewed. Before uninstalling, you may wish to [back up your configuration](https://cert-manager.io/docs/tutorials/backup/) or [revoke your certificates](https://letsencrypt.org/docs/revoking/). |
 | GitLab Runner  | 12.2+         | Any running pipelines will be canceled. |
 | Helm  | 12.2+         | The associated Tiller pod, the `gitlab-managed-apps` namespace, and all of its resources will be deleted and cannot be restored. |
 | Ingress  | 12.1+         | The associated load balancer and IP will be deleted and cannot be restored. Furthermore, it can only be uninstalled if JupyterHub is not installed. |

--- a/lib/gitlab/cleanup/orphan_job_artifact_files.rb
+++ b/lib/gitlab/cleanup/orphan_job_artifact_files.rb
@@ -102,7 +102,7 @@ module Gitlab
          if ionice
            raise ArgumentError, 'Invalid niceness' unless VALID_NICENESS_LEVELS.include?(niceness)
-            cmd.unshift(*%W[#{ionice} --class #{niceness}])
+            cmd.unshift(*%W[#{ionice} -c #{niceness}])
          end
          log_info("find command: '#{cmd.join(' ')}'")

--- a/spec/controllers/repositories/git_http_controller_spec.rb
+++ b/spec/controllers/repositories/git_http_controller_spec.rb
@@ -146,9 +146,12 @@ describe Repositories::GitHttpController do
      let(:params) { container_params.merge(service: 'git-upload-pack') }
      it 'returns 404' do
+        expect(controller).not_to receive(:access_check)
        get :info_refs, params: params
        expect(response).to have_gitlab_http_status(:not_found)
+        expect(response.body).to eq "The project you were looking for could not be found."
      end
    end
@@ -160,9 +163,12 @@ describe Repositories::GitHttpController do
      end
      it 'returns 404' do
+        expect(controller).not_to receive(:access_check)
        post :git_upload_pack, params: params
        expect(response).to have_gitlab_http_status(:not_found)
+        expect(response.body).to eq "The project you were looking for could not be found."
      end
    end
  end

--- a/spec/javascripts/dirty_submit/dirty_submit_form_spec.js
+++ b/spec/javascripts/dirty_submit/dirty_submit_form_spec.js
@@ -70,6 +70,7 @@ describe('DirtySubmitForm', () => {
  describe('throttling tests', () => {
    beforeEach(() => {
      jasmine.clock().install();
+      jasmine.clock().mockDate();
      DirtySubmitForm.THROTTLE_DURATION = 100;
    });

--- a/spec/lib/gitlab/cleanup/orphan_job_artifact_files_spec.rb
+++ b/spec/lib/gitlab/cleanup/orphan_job_artifact_files_spec.rb
@@ -28,6 +28,12 @@ describe Gitlab::Cleanup::OrphanJobArtifactFiles do
    expect { cleanup.run! }.to raise_error('Invalid niceness')
  end
+  it 'passes correct arguments to ionice' do
+    allow(Gitlab::Utils).to receive(:which).with('ionice').and_return('/fake/ionice')
+    expect(Open3).to receive(:popen3).with('/fake/ionice', '-c', any_args)
+    cleanup.run!
+  end
  it 'finds artifacts on disk' do
    artifact = create(:ci_job_artifact, :archive)

--- a/spec/models/concerns/prometheus_adapter_spec.rb
+++ b/spec/models/concerns/prometheus_adapter_spec.rb
@@ -131,7 +131,6 @@ describe PrometheusAdapter, :use_clean_rails_memory_store_caching do
      end
      it { expect(subject.to_json).to eq(prometheus_data.to_json) }
-      it { expect(subject.to_json).to eq(prometheus_data.to_json) }
    end
    [404, 500].each do |status|

--- a/spec/services/spam/spam_check_service_spec.rb
+++ b/spec/services/spam/spam_check_service_spec.rb
@@ -49,7 +49,7 @@ describe Spam::SpamCheckService do
    end
  end
-  shared_examples 'akismet spam' do
+  shared_examples 'only checks for spam if a request is provided' do
    context 'when request is missing' do
      let(:request) { nil }
@@ -132,7 +132,7 @@ describe Spam::SpamCheckService do
              stub_feature_flags(allow_possible_spam: false)
            end
-            it_behaves_like 'akismet spam'
+            it_behaves_like 'only checks for spam if a request is provided'
            it 'marks as spam' do
              subject
@@ -142,7 +142,7 @@ describe Spam::SpamCheckService do
          end
          context 'when allow_possible_spam feature flag is true' do
-            it_behaves_like 'akismet spam'
+            it_behaves_like 'only checks for spam if a request is provided'
            it 'does not mark as spam' do
              subject