From 58f5efa917c82e5384940c13f2527113bd853e44 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Fri, 1 Apr 2022 00:08:25 +0000
Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master

---
 .gitlab/ci/rails.gitlab-ci.yml                |  3 --
 ...Geo Replicate a new Git repository type.md | 13 ++----
 .../Geo Replicate a new blob type.md          | 13 ++----
 CHANGELOG.md                                  |  6 +++
 Gemfile                                       |  2 +-
 Gemfile.lock                                  |  4 +-
 .../shared/wikis/components/wiki_form.vue     | 19 +-------
 ...21201912_remove_user_email_lookup_limit.rb | 13 ++++++
 db/schema_migrations/20220321201912           |  1 +
 db/structure.sql                              |  1 -
 doc/administration/gitaly/praefect.md         | 10 +++++
 .../merge_requests/fast_forward_merge.md      |  7 ++-
 .../project/settings/project_access_tokens.md |  4 +-
 doc/user/search/index.md                      |  4 ++
 lib/gitlab/asciidoc/include_processor.rb      |  2 +-
 locale/gitlab.pot                             |  3 --
 .../shared/wikis/components/wiki_form_spec.js |  4 --
 spec/requests/api/ci/secure_files_spec.rb     | 45 +++++++++++++++++++
 18 files changed, 98 insertions(+), 56 deletions(-)
 create mode 100644 db/post_migrate/20220321201912_remove_user_email_lookup_limit.rb
 create mode 100644 db/schema_migrations/20220321201912

diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml
index 3908de6b5e1..fbf335ac777 100644
--- a/.gitlab/ci/rails.gitlab-ci.yml
+++ b/.gitlab/ci/rails.gitlab-ci.yml
@@ -187,9 +187,6 @@ setup-test-env:
     - .setup-test-env-cache
     - .rails:rules:setup-test-env
   stage: prepare
-  needs:
-    - job: "update-gitaly-binaries-cache"
-      optional: true
   variables:
     SETUP_DB: "false"
   script:
diff --git a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md
index 6d37fc678af..e858f80ffaa 100644
--- a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md	
+++ b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md	
@@ -193,6 +193,8 @@ That's all of the required database changes.
     include ::Geo::ReplicableModel
     include ::Geo::VerifiableModel
 
+    delegate(*::Geo::VerificationState::VERIFICATION_METHODS, to: :cool_widget_state)
+
     with_replicator Geo::CoolWidgetReplicator
 
     mount_uploader :file, CoolWidgetUploader
@@ -201,16 +203,6 @@ That's all of the required database changes.
 
     after_save :save_verification_details
 
-    delegate :verification_retry_at, :verification_retry_at=,
-             :verified_at, :verified_at=,
-             :verification_checksum, :verification_checksum=,
-             :verification_failure, :verification_failure=,
-             :verification_retry_count, :verification_retry_count=,
-             :verification_state=, :verification_state,
-             :verification_started_at=, :verification_started_at,
-             to: :cool_widget_state
-    ...
-
     scope :with_verification_state, ->(state) { joins(:cool_widget_state).where(cool_widget_states: { verification_state: verification_state_value(state) }) }
     scope :checksummed, -> { joins(:cool_widget_state).where.not(cool_widget_states: { verification_checksum: nil } ) }
     scope :not_checksummed, -> { joins(:cool_widget_state).where(cool_widget_states: { verification_checksum: nil } ) }
@@ -487,6 +479,7 @@ That's all of the required database changes.
   module Geo
     class CoolWidgetState < ApplicationRecord
       include EachBatch
+      include ::Geo::VerificationStateDefinition
 
       self.primary_key = :cool_widget_id
 
diff --git a/.gitlab/issue_templates/Geo Replicate a new blob type.md b/.gitlab/issue_templates/Geo Replicate a new blob type.md
index 35bb28ad170..0cbfd79c958 100644
--- a/.gitlab/issue_templates/Geo Replicate a new blob type.md	
+++ b/.gitlab/issue_templates/Geo Replicate a new blob type.md	
@@ -195,6 +195,8 @@ That's all of the required database changes.
     include ::Geo::ReplicableModel
     include ::Geo::VerifiableModel
 
+    delegate(*::Geo::VerificationState::VERIFICATION_METHODS, to: :cool_widget_state)
+
     with_replicator Geo::CoolWidgetReplicator
 
     mount_uploader :file, CoolWidgetUploader
@@ -203,16 +205,6 @@ That's all of the required database changes.
 
     after_save :save_verification_details
 
-    delegate :verification_retry_at, :verification_retry_at=,
-             :verified_at, :verified_at=,
-             :verification_checksum, :verification_checksum=,
-             :verification_failure, :verification_failure=,
-             :verification_retry_count, :verification_retry_count=,
-             :verification_state=, :verification_state,
-             :verification_started_at=, :verification_started_at,
-             to: :cool_widget_state
-    ...
-
     scope :with_verification_state, ->(state) { joins(:cool_widget_state).where(cool_widget_states: { verification_state: verification_state_value(state) }) }
     scope :checksummed, -> { joins(:cool_widget_state).where.not(cool_widget_states: { verification_checksum: nil } ) }
     scope :not_checksummed, -> { joins(:cool_widget_state).where(cool_widget_states: { verification_checksum: nil } ) }
@@ -451,6 +443,7 @@ That's all of the required database changes.
   module Geo
     class CoolWidgetState < ApplicationRecord
       include EachBatch
+      include ::Geo::VerificationStateDefinition
 
       self.primary_key = :cool_widget_id
 
diff --git a/CHANGELOG.md b/CHANGELOG.md
index add5cacce7b..f0a3aca58a1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1905,6 +1905,12 @@ See https://about.gitlab.com/releases/2022/02/03/security-release-gitlab-14-7-1-
 - [Fix Gitlab/DelegatePredicateMethods offenses](gitlab-org/gitlab@518700a11025b0000ff3ce011638417a882612b0) by @edith007 ([merge request](gitlab-org/gitlab!76001))
 - [Fix Rails/SaveBang offenses](gitlab-org/gitlab@513b0e1dbdf95ea595e7548ff26929e0be30ce29) by @edith007 ([merge request](gitlab-org/gitlab!75894)) **GitLab Enterprise Edition**
 
+## 14.6.7 (2022-03-31)
+
+### Changed (1 change)
+
+- [Remove runners token prefix feature flags](gitlab-org/gitlab@70330bc3f8c34c4620d7e5c4a9943ec3574e5ee6) ([merge request](gitlab-org/gitlab!82122))
+
 ## 14.6.6 (2022-03-01)
 
 ### Fixed (3 changes)
diff --git a/Gemfile b/Gemfile
index 87798951691..0e3ab6a5ef1 100644
--- a/Gemfile
+++ b/Gemfile
@@ -163,7 +163,7 @@ gem 'org-ruby', '~> 0.9.12'
 gem 'creole', '~> 0.5.0'
 gem 'wikicloth', '0.8.1'
 gem 'asciidoctor', '~> 2.0.10'
-gem 'asciidoctor-include-ext', '~> 0.3.1', require: false
+gem 'asciidoctor-include-ext', '~> 0.4.0', require: false
 gem 'asciidoctor-plantuml', '~> 0.0.12'
 gem 'asciidoctor-kroki', '~> 0.5.0', require: false
 gem 'rouge', '~> 3.27.0'
diff --git a/Gemfile.lock b/Gemfile.lock
index 344810f92a2..fa4a0fb91b0 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -89,7 +89,7 @@ GEM
       faraday_middleware-multi_json (~> 0.0)
       oauth2 (~> 1.4)
     asciidoctor (2.0.15)
-    asciidoctor-include-ext (0.3.1)
+    asciidoctor-include-ext (0.4.0)
       asciidoctor (>= 1.5.6, < 3.0.0)
     asciidoctor-kroki (0.5.0)
       asciidoctor (~> 2.0)
@@ -1418,7 +1418,7 @@ DEPENDENCIES
   apollo_upload_server (~> 2.1.0)
   asana (~> 0.10.3)
   asciidoctor (~> 2.0.10)
-  asciidoctor-include-ext (~> 0.3.1)
+  asciidoctor-include-ext (~> 0.4.0)
   asciidoctor-kroki (~> 0.5.0)
   asciidoctor-plantuml (~> 0.0.12)
   atlassian-jwt (~> 0.2.0)
diff --git a/app/assets/javascripts/pages/shared/wikis/components/wiki_form.vue b/app/assets/javascripts/pages/shared/wikis/components/wiki_form.vue
index 9f6049b7b6d..024b3bc9595 100644
--- a/app/assets/javascripts/pages/shared/wikis/components/wiki_form.vue
+++ b/app/assets/javascripts/pages/shared/wikis/components/wiki_form.vue
@@ -3,7 +3,7 @@ import { GlForm, GlIcon, GlLink, GlButton, GlSprintf, GlAlert } from '@gitlab/ui
 import axios from '~/lib/utils/axios_utils';
 import csrf from '~/lib/utils/csrf';
 import { setUrlFragment } from '~/lib/utils/url_utility';
-import { __, s__, sprintf } from '~/locale';
+import { s__, sprintf } from '~/locale';
 import Tracking from '~/tracking';
 import MarkdownField from '~/vue_shared/components/markdown/field.vue';
 import {
@@ -54,9 +54,6 @@ export default {
         ),
         primaryAction: s__('WikiPage|Retry'),
       },
-      feedbackTip: __(
-        'Tell us your experiences with the new Markdown editor %{linkStart}in this feedback issue%{linkEnd}.',
-      ),
     },
     linksHelpText: s__(
       'WikiPage|To link to a (new) page, simply type %{linkExample}. More examples are in the %{linkStart}documentation%{linkEnd}.',
@@ -403,20 +400,6 @@ export default {
           </template>
         </markdown-field>
         <div v-if="isContentEditorActive">
-          <gl-alert class="gl-mb-6" variant="tip" :dismissible="false">
-            <gl-sprintf :message="$options.i18n.contentEditor.feedbackTip">
-              <template
-                #link="// eslint-disable-next-line vue/no-template-shadow
-                { content }"
-                ><gl-link
-                  :href="$options.contentEditorFeedbackIssue"
-                  target="_blank"
-                  data-testid="wiki-markdown-help-link"
-                  >{{ content }}</gl-link
-                ></template
-              >
-            </gl-sprintf>
-          </gl-alert>
           <content-editor
             :render-markdown="renderMarkdown"
             :uploads-path="pageInfo.uploadsPath"
diff --git a/db/post_migrate/20220321201912_remove_user_email_lookup_limit.rb b/db/post_migrate/20220321201912_remove_user_email_lookup_limit.rb
new file mode 100644
index 00000000000..a95534b586e
--- /dev/null
+++ b/db/post_migrate/20220321201912_remove_user_email_lookup_limit.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class RemoveUserEmailLookupLimit < Gitlab::Database::Migration[1.0]
+  disable_ddl_transaction!
+
+  def up
+    remove_column :application_settings, :user_email_lookup_limit
+  end
+
+  def down
+    add_column :application_settings, :user_email_lookup_limit, :integer, null: false, default: 60
+  end
+end
diff --git a/db/schema_migrations/20220321201912 b/db/schema_migrations/20220321201912
new file mode 100644
index 00000000000..78d3857dba8
--- /dev/null
+++ b/db/schema_migrations/20220321201912
@@ -0,0 +1 @@
+b9460a2962364ae836237382b84257f30673ffbe682a58776d6aaeab8f28f67d
\ No newline at end of file
diff --git a/db/structure.sql b/db/structure.sql
index 5689a7b4f60..3e811903bca 100644
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -11235,7 +11235,6 @@ CREATE TABLE application_settings (
     max_ssh_key_lifetime integer,
     static_objects_external_storage_auth_token_encrypted text,
     future_subscriptions jsonb DEFAULT '[]'::jsonb NOT NULL,
-    user_email_lookup_limit integer DEFAULT 60 NOT NULL,
     packages_cleanup_package_file_worker_capacity smallint DEFAULT 2 NOT NULL,
     container_registry_import_max_tags_count integer DEFAULT 100 NOT NULL,
     container_registry_import_max_retries integer DEFAULT 3 NOT NULL,
diff --git a/doc/administration/gitaly/praefect.md b/doc/administration/gitaly/praefect.md
index 8e3d0f9fcdd..7dee12a6690 100644
--- a/doc/administration/gitaly/praefect.md
+++ b/doc/administration/gitaly/praefect.md
@@ -231,6 +231,16 @@ instructions only work on Omnibus-provided PostgreSQL:
 
 The database used by Praefect is now configured.
 
+You can now configure Praefect to use the database:
+
+```ruby
+praefect['database_host'] = POSTGRESQL_HOST
+praefect['database_port'] = 5432
+praefect['database_user'] = 'praefect'
+praefect['database_password'] = PRAEFECT_SQL_PASSWORD
+praefect['database_dbname'] = 'praefect_production'
+```
+
 If you see Praefect database errors after configuring PostgreSQL, see
 [troubleshooting steps](troubleshooting.md#relation-does-not-exist-errors).
 
diff --git a/doc/user/project/merge_requests/fast_forward_merge.md b/doc/user/project/merge_requests/fast_forward_merge.md
index dc13b270f17..77162aa0b83 100644
--- a/doc/user/project/merge_requests/fast_forward_merge.md
+++ b/doc/user/project/merge_requests/fast_forward_merge.md
@@ -13,8 +13,6 @@ merge commits. In such cases, the fast-forward merge is the perfect candidate.
 With fast-forward merge requests, you can retain a linear Git history and a way
 to accept merge requests without creating merge commits.
 
-## Overview
-
 When the fast-forward merge
 ([`--ff-only`](https://git-scm.com/docs/git-merge#git-merge---ff-only)) setting
 is enabled, no merge commits are created and all merges are fast-forwarded,
@@ -22,6 +20,11 @@ which means that merging is only allowed if the branch can be fast-forwarded.
 
 When a fast-forward merge is not possible, the user is given the option to rebase.
 
+NOTE:
+Projects using the fast-forward merge strategy can't filter merge requests
+[by deployment date](../../search/index.md#filtering-merge-requests-by-environment-or-deployment-date),
+because no merge commit is created.
+
 ## Enabling fast-forward merges
 
 1. On the top bar, select **Menu > Projects** and find your project.
diff --git a/doc/user/project/settings/project_access_tokens.md b/doc/user/project/settings/project_access_tokens.md
index 6778dc9bcf9..417bc30bf44 100644
--- a/doc/user/project/settings/project_access_tokens.md
+++ b/doc/user/project/settings/project_access_tokens.md
@@ -18,7 +18,9 @@ select a limited role, and provide an expiry date.
 Use a project access token to authenticate:
 
 - With the [GitLab API](../../../api/index.md#personalprojectgroup-access-tokens).
-- With Git, when using HTTP Basic Authentication. You can use any non-blank value for a password.
+- With Git, when using HTTP Basic Authentication, use:
+  - Any non-blank value as a username.
+  - The project access token as the password.
 
 Project access tokens are similar to [group access tokens](../../group/settings/group_access_tokens.md)
 and [personal access tokens](../../profile/personal_access_tokens.md).
diff --git a/doc/user/search/index.md b/doc/user/search/index.md
index dd6b361e8f2..0ae840a75c2 100644
--- a/doc/user/search/index.md
+++ b/doc/user/search/index.md
@@ -152,6 +152,10 @@ you can type (or select from the dropdown list) the following:
 - Deployed-before
 - Deployed-after
 
+NOTE:
+Projects using a [fast-forward merge method](../project/merge_requests/fast_forward_merge.md)
+do not return results, as this method does not create a merge commit.
+
 When filtering by an environment, a dropdown list presents all environments that
 you can choose from:
 
diff --git a/lib/gitlab/asciidoc/include_processor.rb b/lib/gitlab/asciidoc/include_processor.rb
index 53d1135a2d7..6c4ecc04cdc 100644
--- a/lib/gitlab/asciidoc/include_processor.rb
+++ b/lib/gitlab/asciidoc/include_processor.rb
@@ -33,7 +33,7 @@ module Gitlab
         max_include_depth = doc.attributes.fetch('max-include-depth').to_i
 
         return false if max_include_depth < 1
-        return false if target_uri?(target)
+        return false if target_http?(target)
         return false if included.size >= max_includes
 
         true
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index ef0acfb4533..54e01ccc6db 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -36906,9 +36906,6 @@ msgstr ""
 msgid "Telephone number"
 msgstr ""
 
-msgid "Tell us your experiences with the new Markdown editor %{linkStart}in this feedback issue%{linkEnd}."
-msgstr ""
-
 msgid "Template"
 msgstr ""
 
diff --git a/spec/frontend/pages/shared/wikis/components/wiki_form_spec.js b/spec/frontend/pages/shared/wikis/components/wiki_form_spec.js
index e20640da609..d7f8dc3c98e 100644
--- a/spec/frontend/pages/shared/wikis/components/wiki_form_spec.js
+++ b/spec/frontend/pages/shared/wikis/components/wiki_form_spec.js
@@ -411,10 +411,6 @@ describe('WikiForm', () => {
         await waitForPromises();
       });
 
-      it('shows a tip to send feedback', () => {
-        expect(wrapper.text()).toContain('Tell us your experiences with the new Markdown editor');
-      });
-
       it('shows the rich text editor when loading finishes', async () => {
         expect(findContentEditor().exists()).toBe(true);
       });
diff --git a/spec/requests/api/ci/secure_files_spec.rb b/spec/requests/api/ci/secure_files_spec.rb
index d766f045948..7e3060aa081 100644
--- a/spec/requests/api/ci/secure_files_spec.rb
+++ b/spec/requests/api/ci/secure_files_spec.rb
@@ -12,6 +12,7 @@ RSpec.describe API::Ci::SecureFiles do
   let_it_be(:developer) { create(:user) }
   let_it_be(:guest) { create(:user) }
   let_it_be(:anonymous) { create(:user) }
+  let_it_be(:unconfirmed) { create(:user, :unconfirmed) }
   let_it_be(:project) { create(:project, creator_id: maintainer.id) }
   let_it_be(:secure_file) { create(:ci_secure_file, project: project) }
 
@@ -73,6 +74,14 @@ RSpec.describe API::Ci::SecureFiles do
       end
     end
 
+    context 'unconfirmed user' do
+      it 'does not return project secure files' do
+        get api("/projects/#{project.id}/secure_files", unconfirmed)
+
+        expect(response).to have_gitlab_http_status(:not_found)
+      end
+    end
+
     context 'unauthenticated user' do
       it 'does not return project secure files' do
         get api("/projects/#{project.id}/secure_files")
@@ -117,6 +126,14 @@ RSpec.describe API::Ci::SecureFiles do
       end
     end
 
+    context 'unconfirmed user' do
+      it 'does not return project secure file details' do
+        get api("/projects/#{project.id}/secure_files/#{secure_file.id}", unconfirmed)
+
+        expect(response).to have_gitlab_http_status(:not_found)
+      end
+    end
+
     context 'unauthenticated user' do
       it 'does not return project secure file details' do
         get api("/projects/#{project.id}/secure_files/#{secure_file.id}")
@@ -167,6 +184,14 @@ RSpec.describe API::Ci::SecureFiles do
       end
     end
 
+    context 'unconfirmed user' do
+      it 'does not return project secure file details' do
+        get api("/projects/#{project.id}/secure_files/#{secure_file.id}/download", unconfirmed)
+
+        expect(response).to have_gitlab_http_status(:not_found)
+      end
+    end
+
     context 'unauthenticated user' do
       it 'does not return project secure file details' do
         get api("/projects/#{project.id}/secure_files/#{secure_file.id}/download")
@@ -372,6 +397,16 @@ RSpec.describe API::Ci::SecureFiles do
       end
     end
 
+    context 'unconfirmed user' do
+      it 'does not create a secure file' do
+        expect do
+          post api("/projects/#{project.id}/secure_files", unconfirmed)
+        end.not_to change { project.secure_files.count }
+
+        expect(response).to have_gitlab_http_status(:not_found)
+      end
+    end
+
     context 'unauthenticated user' do
       it 'does not create a secure file' do
         expect do
@@ -422,6 +457,16 @@ RSpec.describe API::Ci::SecureFiles do
       end
     end
 
+    context 'unconfirmed user' do
+      it 'does not delete the secure_file' do
+        expect do
+          delete api("/projects/#{project.id}/secure_files#{secure_file.id}", unconfirmed)
+        end.not_to change { project.secure_files.count }
+
+        expect(response).to have_gitlab_http_status(:not_found)
+      end
+    end
+
     context 'unauthenticated user' do
       it 'does not delete the secure_file' do
         expect do