Add latest changes from gitlab-org/gitlab@master

app/helpers/sorting_helper.rb

@@ -157,7 +157,9 @@ module SortingHelper
     {
       sort_value_name => sort_title_name,
       sort_value_oldest_updated => sort_title_oldest_updated,
-      sort_value_recently_updated => sort_title_recently_updated
+      sort_value_recently_updated => sort_title_recently_updated,
+      sort_value_version_desc => sort_title_version_desc,
+      sort_value_version_asc => sort_title_version_asc
     }
   end
 

app/helpers/sorting_titles_values_helper.rb

@@ -86,6 +86,14 @@ module SortingTitlesValuesHelper
     s_('SortOptions|Name, descending')
   end
 
+  def sort_title_version_desc
+    s_('SortOptions|Latest version')
+  end
+
+  def sort_title_version_asc
+    s_('SortOptions|Oldest version')
+  end
+
   def sort_title_oldest_activity
     s_('SortOptions|Oldest updated')
   end
@@ -275,6 +283,14 @@ module SortingTitlesValuesHelper
     'updated_asc'
   end
 
+  def sort_value_version_asc
+    'version_asc'
+  end
+
+  def sort_value_version_desc
+    'version_desc'
+  end
+
   def sort_value_popularity
     'popularity'
   end

app/models/concerns/merge_request_reviewer_state.rb

@@ -7,7 +7,6 @@ module MergeRequestReviewerState
     enum state: {
       unreviewed: 0,
       reviewed: 1
-      # 2 was removed with https://gitlab.com/gitlab-org/gitlab/-/merge_requests/95446
     }
 
     validates :state,

app/models/pages_domain.rb

@@ -58,6 +58,7 @@ class PagesDomain < ApplicationRecord
 
     where(verified_at.eq(nil).or(enabled_until.eq(nil).or(enabled_until.lt(threshold))))
   end
+  scope :verified, -> { where.not(verified_at: nil) }
 
   scope :need_auto_ssl_renewal, -> do
     enabled_and_not_failed = where(auto_ssl_enabled: true, auto_ssl_failed: false)

app/services/users/authorized_build_service.rb

@@ -16,3 +16,5 @@ module Users
     end
   end
 end
+
+Users::AuthorizedBuildService.prepend_mod_with('Users::AuthorizedBuildService')

data/deprecations/15-4-confidence-field-in-graphql.yml

@@ -0,0 +1,14 @@
+- name: "Vulnerability confidence field"
+  announcement_milestone: "15.4"
+  announcement_date: "2022-09-22"
+  removal_milestone: "16.0"
+  removal_date: "2023-05-22"
+  breaking_change: true
+  reporter: matt_wilson
+  stage: govern
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/372332
+  body: |
+   In GitLab 15.3, [security report schemas below version 15 were deprecated](https://docs.gitlab.com/ee/update/deprecations.html#security-report-schemas-version-14xx).
+   The `confidence` attribute on vulnerability findings exists only in schema versions before `15-0-0`, and therefore is effectively deprecated since GitLab 15.4 supports schema version `15-0-0`. To maintain consistency
+   between the reports and our public APIs, the `confidence` attribute on any vulnerability-related components of our GraphQL API is now deprecated and will be
+   removed in 16.0.

data/deprecations/15-4-create-deprecation-draft-quick-action-toggle.yml

@@ -0,0 +1,12 @@
+- name: "Toggle behavior of `/draft` quick action in merge requests"  # (required) The name of the feature to be deprecated
+  announcement_milestone: "15.4"  # (required) The milestone when this feature was first announced as deprecated.
+  announcement_date: "2022-09-22"  # (required) The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
+  removal_milestone: "16.0"  # (required) The milestone when this feature is planned to be removed
+  removal_date: "2022-05-22"# (required) The date of the milestone release when this feature is planned to be removed. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
+  breaking_change: true  # (required) If this deprecation is a breaking change, set this value to true
+  reporter: phikai  # (required) GitLab username of the person reporting the deprecation
+  stage: create  # (required) String value of the stage that the feature was created in. e.g., Growth
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/365365 # (required) Link to the deprecation issue in GitLab
+  body: |  # (required) Do not modify this line, instead modify the lines below.
+    In order to make the behavior of toggling the draft status of a merge request more clear via a quick action, we're deprecating and removing the toggle behavior of the `/draft` quick action. Beginning with the 16.0 release of GitLab, `/draft` will only set a merge request to Draft and a new `/ready` quick action will be used to remove the draft status.
+  documentation_url: # (optional) This is a link to the current documentation page

db/fixtures/development/044_add_security_training_providers.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+Gitlab::Seeder.quiet do
+  ::Gitlab::DatabaseImporters::Security::TrainingProviders::Importer.upsert_providers
+end

db/fixtures/production/004_add_security_training_providers.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+Gitlab::Seeder.quiet do
+  ::Gitlab::DatabaseImporters::Security::TrainingProviders::Importer.upsert_providers
+end

db/post_migrate/20220905090300_add_tmp_index_merge_request_reviewers_attention_request_state.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class AddTmpIndexMergeRequestReviewersAttentionRequestState < Gitlab::Database::Migration[2.0]
+  INDEX_NAME = "tmp_index_merge_request_reviewers_on_attention_requested_state"
+  ATTENTION_REQUESTED_STATE = 2
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index :merge_request_reviewers, [:id],
+      where: "state = #{ATTENTION_REQUESTED_STATE}",
+      name: INDEX_NAME
+  end
+
+  def down
+    remove_concurrent_index_by_name :merge_request_reviewers, INDEX_NAME
+  end
+end

db/post_migrate/20220905090339_reset_attention_requested_merge_requests_reviewers_state_to_unreviewed.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+class ResetAttentionRequestedMergeRequestsReviewersStateToUnreviewed < Gitlab::Database::Migration[2.0]
+  disable_ddl_transaction!
+  restrict_gitlab_migration gitlab_schema: :gitlab_main
+
+  BATCH_SIZE = 500
+
+  class MergeRequestReviewer < MigrationRecord
+    self.table_name = 'merge_request_reviewers'
+
+    enum state: {
+      unreviewed: 0,
+      reviewed: 1,
+      attention_requested: 2
+    }
+
+    include ::EachBatch
+  end
+
+  def up
+    MergeRequestReviewer
+      .where(state: MergeRequestReviewer.states['attention_requested'])
+      .each_batch(of: BATCH_SIZE) { |batch| batch.update_all(state: MergeRequestReviewer.states['unreviewed']) }
+  end
+
+  def down
+    # no op
+  end
+end

db/schema_migrations/20220905090300

@@ -0,0 +1 @@
+e15a37d20202e204fcf02ab68d3b616eec0501c2c323db69ed2fb39df0d017f6

db/schema_migrations/20220905090339

@@ -0,0 +1 @@
+f3a7e9c501498b22786960694a8c1f35d2db69c8c48319f99dfb81c41aa5c6ca

db/structure.sql

@@ -30847,6 +30847,8 @@ CREATE INDEX tmp_index_issues_on_issue_type_and_id ON issues USING btree (issue_
 
 CREATE INDEX tmp_index_members_on_state ON members USING btree (state) WHERE (state = 2);
 
+CREATE INDEX tmp_index_merge_request_reviewers_on_attention_requested_state ON merge_request_reviewers USING btree (id) WHERE (state = 2);
+
 CREATE INDEX tmp_index_migrated_container_registries ON container_repositories USING btree (project_id) WHERE ((migration_state = 'import_done'::text) OR (created_at >= '2022-01-23 00:00:00'::timestamp without time zone));
 
 CREATE UNIQUE INDEX tmp_index_on_tmp_project_id_on_namespaces ON namespaces USING btree (tmp_project_id);

doc/update/deprecations.md

@@ -100,6 +100,37 @@ Review the details carefully before upgrading.
 
 GitLab's operational container scanning capabilities no longer require starboard to be installed. Consequently, use of the `starboard:` directive in the configuration file for the GitLab Agent for Kubernetes is now deprecated and is scheduled for removal in GitLab 16.0. Update your configuration file to use the `container_scanning:` directive.
 
+</div>
+
+<div class="deprecation removal-160 breaking-change">
+
+### Toggle behavior of `/draft` quick action in merge requests
+
+Planned removal: GitLab <span class="removal-milestone">16.0</span> (2022-05-22)
+
+WARNING:
+This is a [breaking change](https://docs.gitlab.com/ee/development/deprecation_guidelines/).
+Review the details carefully before upgrading.
+
+In order to make the behavior of toggling the draft status of a merge request more clear via a quick action, we're deprecating and removing the toggle behavior of the `/draft` quick action. Beginning with the 16.0 release of GitLab, `/draft` will only set a merge request to Draft and a new `/ready` quick action will be used to remove the draft status.
+
+</div>
+
+<div class="deprecation removal-160 breaking-change">
+
+### Vulnerability confidence field
+
+Planned removal: GitLab <span class="removal-milestone">16.0</span> (2023-05-22)
+
+WARNING:
+This is a [breaking change](https://docs.gitlab.com/ee/development/deprecation_guidelines/).
+Review the details carefully before upgrading.
+
+In GitLab 15.3, [security report schemas below version 15 were deprecated](https://docs.gitlab.com/ee/update/deprecations.html#security-report-schemas-version-14xx).
+The `confidence` attribute on vulnerability findings exists only in schema versions before `15-0-0`, and therefore is effectively deprecated since GitLab 15.4 supports schema version `15-0-0`. To maintain consistency
+between the reports and our public APIs, the `confidence` attribute on any vulnerability-related components of our GraphQL API is now deprecated and will be
+removed in 16.0.
+
 </div>
 </div>
 

doc/user/clusters/agent/work_with_agent.md

@@ -59,7 +59,6 @@ To debug the cluster-side component (`agentk`) of the agent, set the log
 level according to the available options:
 
 - `error`
-- `warning`
 - `info`
 - `debug`
 

lib/gitlab/database_importers/security/training_providers/importer.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module DatabaseImporters
+    module Security
+      module TrainingProviders
+        module Importer
+          KONTRA_DATA = {
+            name: 'Kontra',
+            description: "Kontra Application Security provides interactive developer security education that
+                          enables engineers to quickly learn security best practices
+                          and fix issues in their code by analysing real-world software security vulnerabilities.",
+            url: "https://application.security/api/webhook/gitlab/exercises/search"
+          }.freeze
+
+          SCW_DATA = {
+            name: 'Secure Code Warrior',
+            description: "Resolve vulnerabilities faster and confidently with
+                          highly relevant and bite-sized secure coding learning.",
+            url: "https://integration-api.securecodewarrior.com/api/v1/trial"
+          }.freeze
+
+          module Security
+            class TrainingProvider < ApplicationRecord
+              self.table_name = 'security_training_providers'
+            end
+          end
+
+          def self.upsert_providers
+            current_time = Time.current
+            timestamps = { created_at: current_time, updated_at: current_time }
+
+            Security::TrainingProvider.upsert_all(
+              [KONTRA_DATA.merge(timestamps), SCW_DATA.merge(timestamps)],
+              unique_by: :index_security_training_providers_on_unique_name
+            )
+          end
+        end
+      end
+    end
+  end
+end

locale/gitlab.pot

@@ -13980,6 +13980,18 @@ msgstr ""
 msgid "Domain Name"
 msgstr ""
 
+msgid "Domain Verification"
+msgstr ""
+
+msgid "DomainVerification|How do I configure a domain?"
+msgstr ""
+
+msgid "DomainVerification|No domains configured. Create a domain in a project in this group hierarchy."
+msgstr ""
+
+msgid "DomainVerification|The following domains are configured for projects in this group. Users with email addresses that match a verified domain do not need to confirm their account."
+msgstr ""
+
 msgid "Don't have a group?"
 msgstr ""
 
@@ -37394,6 +37406,9 @@ msgstr ""
 msgid "SortOptions|Last created"
 msgstr ""
 
+msgid "SortOptions|Latest version"
+msgstr ""
+
 msgid "SortOptions|Least popular"
 msgstr ""
 
@@ -37454,6 +37469,9 @@ msgstr ""
 msgid "SortOptions|Oldest updated"
 msgstr ""
 
+msgid "SortOptions|Oldest version"
+msgstr ""
+
 msgid "SortOptions|Popularity"
 msgstr ""
 

spec/db/development/add_security_training_providers_spec.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'Create security training providers in development' do
+  subject { load Rails.root.join('db', 'fixtures', 'development', '044_add_security_training_providers.rb') }
+
+  it_behaves_like 'security training providers importer'
+end

spec/db/production/add_security_training_providers_spec.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe 'Create security training providers in production' do
+  subject { load Rails.root.join('db', 'fixtures', 'production', '004_add_security_training_providers.rb') }
+
+  it_behaves_like 'security training providers importer'
+end

spec/helpers/sorting_helper_spec.rb

@@ -210,6 +210,18 @@ RSpec.describe SortingHelper do
     end
   end
 
+  describe '#tags_sort_options_hash' do
+    it 'returns a hash of available sorting options' do
+      expect(tags_sort_options_hash).to include({
+        sort_value_name => sort_title_name,
+        sort_value_oldest_updated => sort_title_oldest_updated,
+        sort_value_recently_updated => sort_title_recently_updated,
+        sort_value_version_desc => sort_title_version_desc,
+        sort_value_version_asc => sort_title_version_asc
+      })
+    end
+  end
+
   describe 'with `forks` controller' do
     before do
       stub_controller_path 'forks'

spec/models/pages_domain_spec.rb

@@ -21,6 +21,15 @@ RSpec.describe PagesDomain do
     end
   end
 
+  describe '.verified' do
+    let!(:verified) { create(:pages_domain) }
+    let!(:unverified) { create(:pages_domain, :unverified) }
+
+    it 'finds verified' do
+      expect(described_class.verified).to match_array(verified)
+    end
+  end
+
   describe 'validate domain' do
     subject(:pages_domain) { build(:pages_domain, domain: domain) }
 

spec/support/shared_contexts/navbar_structure_context.rb

@@ -140,7 +140,8 @@ RSpec.shared_context 'group navbar structure' do
         _('Repository'),
         _('CI/CD'),
         _('Applications'),
-        _('Packages and registries')
+        _('Packages and registries'),
+        _('Domain Verification')
       ]
     }
   end

spec/support/shared_examples/security_training_providers_importer.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+RSpec.shared_examples 'security training providers importer' do
+  let(:security_training_providers) do
+    Class.new(ApplicationRecord) do
+      self.table_name = 'security_training_providers'
+    end
+  end
+
+  it 'upserts security training providers' do
+    expect { 2.times { subject } }.to change(security_training_providers, :count).from(0).to(2)
+    expect(security_training_providers.all.map(&:name)).to match_array(['Kontra', 'Secure Code Warrior'])
+  end
+end