Automatic merge of gitlab-org/gitlab master

app/assets/javascripts/reports/components/report_section.vue

@@ -190,10 +190,14 @@ export default {
       <status-icon :status="statusIconName" :size="24" class="align-self-center" />
       <div class="media-body d-flex flex-align-self-center align-items-center">
         <div data-testid="report-section-code-text" class="js-code-text code-text">
-          <div>
-            {{ headerText }}
+          <div class="gl-display-flex gl-align-items-center">
+            <p class="gl-line-height-normal gl-m-0">{{ headerText }}</p>
             <slot :name="slotName"></slot>
-            <popover v-if="hasPopover" :options="popoverOptions" class="gl-ml-2" />
+            <popover
+              v-if="hasPopover"
+              :options="popoverOptions"
+              class="gl-ml-2 gl-display-inline-flex"
+            />
           </div>
           <slot name="sub-heading"></slot>
         </div>

app/helpers/nav_helper.rb

@@ -12,6 +12,7 @@ module NavHelper
   def page_with_sidebar_class
     class_name = page_gutter_class
     class_name << 'page-with-contextual-sidebar' if defined?(@left_sidebar) && @left_sidebar
+    class_name << 'sidebar-refactoring' if Feature.enabled?(:sidebar_refactor, current_user)
     class_name << 'page-with-icon-sidebar' if collapsed_sidebar? && @left_sidebar
     class_name -= ['right-sidebar-expanded'] if defined?(@right_sidebar) && !@right_sidebar
 

app/views/profiles/passwords/new.html.haml

@@ -16,16 +16,16 @@
       .col-sm-2.col-form-label
         = f.label :current_password, _('Current password')
       .col-sm-10
-        = f.password_field :current_password, required: true, class: 'form-control gl-form-input'
+        = f.password_field :current_password, required: true, class: 'form-control gl-form-input', data: { qa_selector: 'current_password_field' }
   .form-group.row
     .col-sm-2.col-form-label
       = f.label :password, _('New password')
     .col-sm-10
-      = f.password_field :password, required: true, class: 'form-control gl-form-input'
+      = f.password_field :password, required: true, class: 'form-control gl-form-input', data: { qa_selector: 'new_password_field' }
   .form-group.row
     .col-sm-2.col-form-label
       = f.label :password_confirmation, _('Password confirmation')
     .col-sm-10
-      = f.password_field :password_confirmation, required: true, class: 'form-control gl-form-input'
+      = f.password_field :password_confirmation, required: true, class: 'form-control gl-form-input', data: { qa_selector: 'confirm_password_field' }
   .form-actions
-    = f.submit _('Set new password'), class: 'gl-button btn btn-confirm'
+    = f.submit _('Set new password'), class: 'gl-button btn btn-confirm', data: { qa_selector: 'set_new_password_button' }

changelogs/unreleased/283892-fix-mr-widget-help-icon.yml

+---
+title: Align help icon for code quality merge request widget
+merge_request: 60330
+author:
+type: fixed

doc/administration/geo/replication/usage.md

@@ -25,3 +25,11 @@ remote:   ssh://git@primary.geo/user/repo.git
 remote:
 Everything up-to-date
 ```
+
+NOTE:
+If you're using HTTPS instead of [SSH](../../../ssh/README.md) to push to the secondary,
+you can't store credentials in the URL like `user:password@URL`. Instead, you can use a
+[`.netrc` file](https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html)
+for Unix-like operating systems or `_netrc` for Windows. In that case, the credentials
+will be stored as a plain text. If you're looking for a more secure way to store credentials,
+you can use [Git Credential Storage](https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage).

doc/administration/troubleshooting/log_parsing.md

@@ -201,3 +201,42 @@ grep "fatal: " /var/log/gitlab/gitaly/current | \
     jq '."grpc.request.glProjectPath"' | \
     sort | uniq
 ```
+
+### Parsing `gitlab-shell.log`
+
+For investigating Git calls via SSH, from [GitLab 12.10](https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/367).
+
+Find the top 20 calls by project and user:
+
+```shell
+jq --raw-output --slurp '
+  map(
+    select(
+      .username != null and
+      .gl_project_path !=null
+    )
+  )
+  | group_by(.username+.gl_project_path)
+  | sort_by(-length)
+  | limit(20; .[])
+  | "count: \(length)\tuser: \(.[0].username)\tproject: \(.[0].gl_project_path)" ' \
+  /var/log/gitlab/gitlab-shell/gitlab-shell.log
+```
+
+Find the top 20 calls by project, user, and command:
+
+```shell
+jq --raw-output --slurp '
+  map(
+    select(
+      .command  != null and
+      .username != null and
+      .gl_project_path !=null
+    )
+  )
+  | group_by(.username+.gl_project_path+.command)
+  | sort_by(-length)
+  | limit(20; .[])
+  | "count: \(length)\tcommand: \(.[0].command)\tuser: \(.[0].username)\tproject: \(.[0].gl_project_path)" ' \
+  /var/log/gitlab/gitlab-shell/gitlab-shell.log
+```

doc/api/releases/index.md

@@ -717,6 +717,5 @@ Example response:
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/38105) in GitLab 12.1.
 
-A release with a `released_at` attribute set to a future date is labeled an **Upcoming Release** in the UI:
-
-![Upcoming release](img/upcoming_release_v12_1.png)
+A release with a `released_at` attribute set to a future date is labeled
+as an **Upcoming Release** [in the UI](../../user/project/releases/index.md#upcoming-releases).

doc/ci/variables/predefined_variables.md

@@ -50,7 +50,7 @@ There are also [Kubernetes-specific deployment variables](../../user/project/clu
 | `CI_DEPLOY_USER`                         | 10.8   | all    | The authentication username of the [GitLab Deploy Token](../../user/project/deploy_tokens/index.md#gitlab-deploy-token), if the project has one. |
 | `CI_DISPOSABLE_ENVIRONMENT`              | all    | 10.1   | Only available if the job is executed in a disposable environment (something that is created only for this job and disposed of/destroyed after the execution - all executors except `shell` and `ssh`). `true` when available. |
 | `CI_ENVIRONMENT_NAME`                    | 8.15   | all    | The name of the environment for this job. Available if [`environment:name`](../yaml/README.md#environmentname) is set. |
-| `CI_ENVIRONMENT_SLUG`                    | 8.15   | all    | The simplified version of the environment name, suitable for inclusion in DNS, URLs, Kubernetes labels, and so on. Available if [`environment:name`](../yaml/README.md#environmentname) is set. |
+| `CI_ENVIRONMENT_SLUG`                    | 8.15   | all    | The simplified version of the environment name, suitable for inclusion in DNS, URLs, Kubernetes labels, and so on. Available if [`environment:name`](../yaml/README.md#environmentname) is set. The slug is [truncated to 24 characters](https://gitlab.com/gitlab-org/gitlab/-/issues/20941). |
 | `CI_ENVIRONMENT_URL`                     | 9.3    | all    | The URL of the environment for this job. Available if [`environment:url`](../yaml/README.md#environmenturl) is set. |
 | `CI_HAS_OPEN_REQUIREMENTS`               | 13.1   | all    | Only available if the pipeline's project has an open [requirement](../../user/project/requirements/index.md). `true` when available. |
 | `CI_JOB_ID`                              | 9.0    | all    | The internal ID of the job, unique across all jobs in the GitLab instance. |

doc/install/installation.md

@@ -828,6 +828,8 @@ to use. Read all about the needed configuration at the
 
 If you want to use HTTPS, replace the `gitlab` NGINX configuration with `gitlab-ssl`. See [Using HTTPS](#using-https) for HTTPS configuration details.
 
+For the NGINX to be able to read the GitLab-Workhorse socket, you need to make sure, that the `www-data` user can read the socket, which will be owned by the GitLab user. This is most easily achieved, if it is world-readable, for example that it has permissions `0755`, which is the default. `www-data` also needs to be able to list the parent directories.
+
 ### Test Configuration
 
 Validate your `gitlab` or `gitlab-ssl` NGINX configuration file with the following command:

doc/user/project/releases/index.md

@@ -86,7 +86,7 @@ by using a `release` node in the job definition.
 The release is created only if the job processes without error. If the Rails API returns an error
 during release creation, the release job fails.
 
-### Schedule a future release
+### Upcoming releases
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/38105) in GitLab 12.1.
 

qa/qa/page/main/login.rb

@@ -50,15 +50,17 @@ module QA
           return if Page::Main::Menu.perform(&:signed_in?)
 
           using_wait_time 0 do
-            set_initial_password_if_present
-
-            raise 'If an LDAP user is provided, it must be used for sign-in', QA::Resource::User::InvalidUserError if Runtime::User.ldap_user? && user && user.username != Runtime::User.ldap_username
+            if Runtime::User.ldap_user? && user && user.username != Runtime::User.ldap_username
+              raise 'If an LDAP user is provided, it must be used for sign-in', QA::Resource::User::InvalidUserError
+            end
 
             if Runtime::User.ldap_user?
               sign_in_using_ldap_credentials(user: user || Runtime::User)
             else
               sign_in_using_gitlab_credentials(user: user || Runtime::User, skip_page_validation: skip_page_validation)
             end
+
+            set_initial_password_if_present
           end
         end
 
@@ -69,8 +71,6 @@ module QA
           end
 
           using_wait_time 0 do
-            set_initial_password_if_present
-
             sign_in_using_gitlab_credentials(user: admin)
           end
 
@@ -81,8 +81,6 @@ module QA
           Page::Main::Menu.perform(&:sign_out_if_signed_in)
 
           using_wait_time 0 do
-            set_initial_password_if_present
-
             switch_to_ldap_tab
 
             fill_element :username_field, user.ldap_username
@@ -169,11 +167,11 @@ module QA
         end
 
         def set_initial_password_if_present
-          return unless has_content?('Change your password')
+          return unless has_content?('Set up new password')
 
-          fill_element :password_field, Runtime::User.password
-          fill_element :password_confirmation_field, Runtime::User.password
-          click_element :change_password_button
+          Profile::Password.perform do |new_password_page|
+            new_password_page.set_new_password(Runtime::User.password, Runtime::User.password)
+          end
         end
       end
     end

qa/qa/page/profile/password.rb

@@ -11,12 +11,26 @@ module QA
           element :save_password_button
         end
 
+        view 'app/views/profiles/passwords/new.html.haml' do
+          element :current_password_field
+          element :new_password_field
+          element :confirm_password_field
+          element :set_new_password_button
+        end
+
         def update_password(new_password, current_password)
           find_element(:current_password_field).set current_password
           find_element(:new_password_field).set new_password
           find_element(:confirm_password_field).set new_password
           click_element(:save_password_button)
         end
+
+        def set_new_password(new_password, current_password)
+          fill_element :current_password_field, current_password
+          fill_element :new_password_field, new_password
+          fill_element :confirm_password_field, new_password
+          click_element :set_new_password_button
+        end
       end
     end
   end