Add latest changes from gitlab-org/gitlab@master

2022-06-10 21:09:35 +00:00 · 2022-06-10 21:09:35 +00:00 · 6ae4485274
commit 6ae4485274
parent 2f7719abdf
33 changed files with 224 additions and 88 deletions
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -13,6 +13,8 @@ inherit_from:
    <% end %>
  - '.rubocop_todo.yml'
  <% end %>
  <%# See https://gitlab.com/gitlab-org/gitlab/-/issues/321982#rubymine-note for context on why namespaced_class has special handling here %>
  - ./.rubocop_todo/gitlab/namespaced_class.yml
  - ./rubocop/rubocop-migrations.yml
  - ./rubocop/rubocop-usage-data.yml
  - ./rubocop/rubocop-code_reuse.yml
--- a/app/controllers/projects/usage_quotas_controller.rb
+++ b/app/controllers/projects/usage_quotas_controller.rb
@ -3,10 +3,6 @@
 class Projects::UsageQuotasController < Projects::ApplicationController
  before_action :authorize_read_usage_quotas!
  before_action do
    push_frontend_feature_flag(:container_registry_project_statistics, project)
  end
  layout "project_settings"
  feature_category :utilization
--- a/app/models/container_registry/event.rb
+++ b/app/models/container_registry/event.rb
@ -76,7 +76,6 @@ module ContainerRegistry
      return unless supported?
      return unless target_tag?
      return unless project
      return unless Feature.enabled?(:container_registry_project_statistics, project)
      Rails.cache.delete(project.root_ancestor.container_repositories_size_cache_key)
      ProjectCacheWorker.perform_async(project.id, [], [:container_registry_size])
--- a/app/models/hooks/web_hook.rb
+++ b/app/models/hooks/web_hook.rb
@ -19,6 +19,15 @@ class WebHook < ApplicationRecord
                 algorithm: 'aes-256-gcm',
                 key:       Settings.attr_encrypted_db_key_base_32
  attr_encrypted :url_variables,
                 mode: :per_attribute_iv,
                 key: Settings.attr_encrypted_db_key_base_32,
                 algorithm: 'aes-256-gcm',
                 marshal: true,
                 marshaler: ::Gitlab::Json,
                 encode: false,
                 encode_iv: false
  has_many :web_hook_logs
  validates :url, presence: true
@ -26,6 +35,9 @@ class WebHook < ApplicationRecord
  validates :token, format: { without: /\n/ }
  validates :push_events_branch_filter, branch_filter: true
  validates :url_variables, json_schema: { filename: 'web_hooks_url_variables' }
  after_initialize :initialize_url_variables
  scope :executable, -> do
    next all unless Feature.enabled?(:web_hooks_disable_failed)
@ -150,9 +162,22 @@ class WebHook < ApplicationRecord
    end
  end
  # Exclude binary columns by default - they have no sensible JSON encoding
  def serializable_hash(options = nil)
    options = options.try(:dup) || {}
    options[:except] = Array(options[:except]).dup
    options[:except].concat [:encrypted_url_variables, :encrypted_url_variables_iv]
    super(options)
  end
  private
  def web_hooks_disable_failed?
    Feature.enabled?(:web_hooks_disable_failed)
  end
  def initialize_url_variables
    self.url_variables = {} if encrypted_url_variables.nil?
  end
 end
--- a/app/models/project_statistics.rb
+++ b/app/models/project_statistics.rb
@ -77,8 +77,6 @@ class ProjectStatistics < ApplicationRecord
  end
  def update_container_registry_size
    return unless Feature.enabled?(:container_registry_project_statistics, project)
    self.container_registry_size = project.container_repositories_size || 0
  end
--- a/app/validators/json_schemas/web_hooks_url_variables.json
+++ b/app/validators/json_schemas/web_hooks_url_variables.json
@ -0,0 +1,14 @@
 {
  "$schema": "http://json-schema.org/draft-07/schema#",
  "description": "WebHook#url_variables",
  "type": "object",
  "additionalProperties": false,
  "maxProperties": 20,
  "patternProperties": {
    "^[A-Za-z_][A-Za-z0-9_]*$": {
      "type": "string",
      "minLength": 1,
      "maxLength": 100
    }
  }
 }
--- a/app/views/admin/application_settings/_usage.html.haml
+++ b/app/views/admin/application_settings/_usage.html.haml
@ -21,7 +21,7 @@
        checkbox_options: { disabled: !can_be_configured, data: { qa_selector: 'enable_usage_data_checkbox' } }
      .form-text.gl-pl-6
        - if can_be_configured
-          %button.gl-button.btn.btn-default.js-payload-preview-trigger{ type: 'button', data: { payload_selector: ".#{payload_class}" } }
+          = render Pajamas::ButtonComponent.new(button_options: { class: 'js-payload-preview-trigger', data: { payload_selector: ".#{payload_class}" } }) do
            = gl_loading_icon(css_class: 'js-spinner gl-display-none gl-mr-2')
            .js-text.gl-display-inline= s_('AdminSettings|Preview payload')
          %pre.service-data-payload-container.js-syntax-highlight.code.highlight.gl-mt-2.gl-display-none{ class: payload_class, data: { endpoint: usage_data_admin_application_settings_path(format: :html) } }
--- a/app/views/ci/variables/_header.html.haml
+++ b/app/views/ci/variables/_header.html.haml
@ -3,7 +3,7 @@
 %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
  = _('Variables')
-%button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+= render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
  = expanded ? _('Collapse') : _('Expand')
 %p
--- a/app/views/projects/cleanup/_show.html.haml
+++ b/app/views/projects/cleanup/_show.html.haml
@ -3,7 +3,7 @@
 %section.settings.no-animate#cleanup{ class: ('expanded' if expanded) }
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only= _('Repository cleanup')
-    %button.btn.gl-button.btn-default.js-settings-toggle
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p
      - link_url = 'https://github.com/newren/git-filter-repo'
--- a/app/views/projects/default_branch/_show.html.haml
+++ b/app/views/projects/default_branch/_show.html.haml
@ -3,7 +3,7 @@
 %section.settings.no-animate#default-branch-settings{ class: ('expanded' if expanded) }
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only= _('Default branch')
-    %button.btn.gl-button.btn-default.js-settings-toggle
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p
      = _('Set the default branch for this project. All merge requests and commits are made against this branch unless you specify a different one.')
--- a/app/views/projects/edit.html.haml
+++ b/app/views/projects/edit.html.haml
@ -10,14 +10,16 @@
 %section.settings.general-settings.no-animate.expanded#js-general-settings
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only= _('Naming, topics, avatar')
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }= _('Collapse')
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = _('Collapse')
    %p= _('Update your project name, topics, description, and avatar.')
  .settings-content= render 'projects/settings/general'
 %section.settings.sharing-permissions.no-animate#js-shared-permissions{ class: ('expanded' if expanded), data: { qa_selector: 'visibility_features_permissions_content' } }
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only= _('Visibility, project features, permissions')
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }= expanded ? _('Collapse') : _('Expand')
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p= _('Choose visibility level, enable/disable project features and their permissions, disable email notifications, and show default award emoji.')
  .settings-content
@ -29,7 +31,8 @@
 %section.rspec-merge-request-settings.settings.merge-requests-feature.no-animate#js-merge-request-settings{ class: [('expanded' if expanded), ('hidden' if @project.project_feature.send(:merge_requests_access_level) == 0)], data: { qa_selector: 'merge_request_settings_content' } }
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only= _('Merge requests')
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }= expanded ? _('Collapse') : _('Expand')
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    = render_if_exists 'projects/merge_request_settings_description_text'
  .settings-content
@ -47,7 +50,7 @@
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = s_('ProjectSettings|Badges')
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p
      = s_('ProjectSettings|Customize this project\'s badges.')
@ -64,7 +67,8 @@
 %section.settings.advanced-settings.no-animate#js-project-advanced-settings{ class: ('expanded' if expanded), data: { qa_selector: 'advanced_settings_content' } }
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only= _('Advanced')
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }= expanded ? _('Collapse') : _('Expand')
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p= s_('ProjectSettings|Housekeeping, export, archive, change path, transfer, and delete.')
  .settings-content
--- a/app/views/projects/mirrors/_mirror_repos.html.haml
+++ b/app/views/projects/mirrors/_mirror_repos.html.haml
@ -6,7 +6,7 @@
 %section.settings.project-mirror-settings.no-animate#js-push-remote-settings{ class: mirror_settings_class, data: { qa_selector: 'mirroring_repositories_settings_content' } }
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only= _('Mirroring repositories')
-    %button.btn.gl-button.btn-default.js-settings-toggle
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p
      = _('Set up your project to automatically push and/or pull changes to/from another repository. Branches, tags, and commits will be synced automatically.')
--- a/app/views/projects/protected_branches/shared/_index.html.haml
+++ b/app/views/projects/protected_branches/shared/_index.html.haml
@ -4,8 +4,8 @@
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = s_("ProtectedBranch|Protected branches")
-    %button.btn.gl-button.btn-default.js-settings-toggle.qa-expand-protected-branches{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle qa-expand-protected-branches' }) do
-      = expanded ? 'Collapse' : 'Expand'
+      = expanded ? _('Collapse') : _('Expand')
    %p
      = s_("ProtectedBranch|Keep stable branches secure and force developers to use merge requests.")
      = link_to s_("ProtectedBranch|What are protected branches?"), help_page_path("user/project/protected_branches")
--- a/app/views/projects/protected_tags/shared/_index.html.haml
+++ b/app/views/projects/protected_tags/shared/_index.html.haml
@ -4,8 +4,8 @@
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = s_("ProtectedTag|Protected tags")
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
-      = expanded ? 'Collapse' : 'Expand'
+      = expanded ? _('Collapse') : _('Expand')
    %p
      = s_("ProtectedTag|Limit access to creating and updating tags.")
      =  link_to s_("ProtectedTag|What are protected tags?"), help_page_path("user/project/protected_tags")
--- a/app/views/projects/settings/ci_cd/show.html.haml
+++ b/app/views/projects/settings/ci_cd/show.html.haml
@ -9,7 +9,7 @@
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = _("General pipelines")
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p
      = _("Customize your pipeline configuration.")
@ -20,7 +20,7 @@
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = s_('CICD|Auto DevOps')
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p
      - auto_devops_url = help_page_path('topics/autodevops/index')
@ -37,7 +37,7 @@
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = _("Runners")
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p
      = _("Runners are processes that pick up and execute CI/CD jobs for GitLab.")
@ -50,7 +50,7 @@
    .settings-header
      %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
        = _("Artifacts")
-      %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+      = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
        = expanded ? _('Collapse') : _('Expand')
      %p
        = _("A job artifact is an archive of files and directories saved by a job when it finishes.")
@ -67,7 +67,7 @@
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = _("Pipeline triggers")
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p
      = _("Trigger a pipeline for a branch or tag by generating a trigger token and using it with an API call. The token impersonates a user's project access and permissions.")
@ -82,7 +82,7 @@
    .settings-header
      %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
        = _("Deploy freezes")
-      %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+      = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
        = expanded ? _('Collapse') : _('Expand')
      %p
        - freeze_period_docs = help_page_path('user/project/releases/index', anchor: 'prevent-unintentional-releases-by-setting-a-deploy-freeze')
@ -100,7 +100,7 @@
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = _("Token Access")
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = expanded ? _('Collapse') : _('Expand')
    %p
      = _("Control which projects can be accessed by API requests authenticated with this project's CI_JOB_TOKEN CI/CD variable. It is a security risk to disable this feature, because unauthorized projects might attempt to retrieve an active token and access the API.")
--- a/app/views/projects/settings/operations/_alert_management.html.haml
+++ b/app/views/projects/settings/operations/_alert_management.html.haml
@ -7,7 +7,7 @@
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = _('Alerts')
-    %button.gl-button.btn.btn-default.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = _('Expand')
    %p
      = _('Display alerts from all configured monitoring tools.')
--- a/app/views/projects/settings/operations/_error_tracking.html.haml
+++ b/app/views/projects/settings/operations/_error_tracking.html.haml
@ -6,7 +6,7 @@
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = _('Error tracking')
-    %button.gl-button.btn.btn-default.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = _('Expand')
    %p
      = _('Link Sentry to GitLab to discover and view the errors your application generates.')
--- a/app/views/projects/settings/operations/_tracing.html.haml
+++ b/app/views/projects/settings/operations/_tracing.html.haml
@ -4,7 +4,7 @@
  .settings-header{ :class => 'border-top' }
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only
      = _('Tracing')
-    %button.btn.btn-default.gl-button.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
      = _('Expand')
    %p
      = _('Embed an image of your existing Jaeger server in GitLab.')
--- a/app/views/shared/deploy_keys/_index.html.haml
+++ b/app/views/shared/deploy_keys/_index.html.haml
@ -2,8 +2,8 @@
 %section.rspec-deploy-keys-settings.settings.no-animate#js-deploy-keys-settings{ class: ('expanded' if expanded), data: { qa_selector: 'deploy_keys_settings_content' } }
  .settings-header
    %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only= _('Deploy keys')
-    %button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
-      = expanded ? 'Collapse' : 'Expand'
+      = expanded ? _('Collapse') : _('Expand')
    %p
      - link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: help_page_path('user/project/deploy_keys/index') }
      = _("Add deploy keys to grant read/write access to this repository. %{link_start}What are deploy keys?%{link_end}").html_safe % { link_start: link_start, link_end: '</a>'.html_safe }
--- a/app/views/shared/notes/_edit_form.html.haml
+++ b/app/views/shared/notes/_edit_form.html.haml
@ -10,5 +10,5 @@
      .settings-message.note-edit-warning.js-finish-edit-warning
        = _("Finish editing this message first!")
      = submit_tag _('Save comment'), class: 'gl-button btn btn-confirm js-comment-save-button', data: { qa_selector: 'save_comment_button' }
-      %button.btn.gl-button.btn-cancel.note-edit-cancel{ type: 'button' }
+      = render Pajamas::ButtonComponent.new(button_options: { class: 'note-edit-cancel' }) do
        = _("Cancel")
--- a/config/feature_flags/development/container_registry_project_statistics.yml
+++ b/config/feature_flags/development/container_registry_project_statistics.yml
@ -1,8 +0,0 @@
 ---
 name: container_registry_project_statistics
 introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/84923
 rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/359852
 milestone: '15.0'
 type: development
 group: group::utilization
 default_enabled: false
--- a/data/deprecations/15-1-pipelinesecurityreportfinding-name.yml
+++ b/data/deprecations/15-1-pipelinesecurityreportfinding-name.yml
@ -0,0 +1,16 @@
 - name: "PipelineSecurityReportFinding name GraphQL field"  # (required) The name of the feature to be deprecated
  announcement_milestone: "15.1"  # (required) The milestone when this feature was first announced as deprecated.
  announcement_date: "2022-06-22"  # (required) The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
  removal_milestone: "16.0"  # (required) The milestone when this feature is planned to be removed
  removal_date: "2023-05-22"  # (required) The date of the milestone release when this feature is planned to be removed. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
  breaking_change: true  # (required) If this deprecation is a breaking change, set this value to true
  reporter: matt_wilson  # (required) GitLab username of the person reporting the deprecation
  stage: Secure  # (required) String value of the stage that the feature was created in. e.g., Growth
  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/346335  # (required) Link to the deprecation issue in GitLab
  body: |  # (required) Do not modify this line, instead modify the lines below.
    Previously, the [PipelineSecurityReportFinding GraphQL type was updated](https://gitlab.com/gitlab-org/gitlab/-/issues/335372) to include a new `title` field. This field is an alias for the current `name` field, making the less specific `name` field redundant. The `name` field will be removed from the PipelineSecurityReportFinding type in GitLab 16.0.
 # The following items are not published on the docs page, but may be used in the future.
  tiers: Ultimate  # (optional - may be required in the future) An array of tiers that the feature is available in currently.  e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
  documentation_url:  # (optional) This is a link to the current documentation page
  image_url:  # (optional) This is a link to a thumbnail image depicting the feature
  video_url:  # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
--- a/data/deprecations/15-1-pipelinesecurityreportfinding-projectfingerprint.yml
+++ b/data/deprecations/15-1-pipelinesecurityreportfinding-projectfingerprint.yml
@ -0,0 +1,16 @@
 - name: "PipelineSecurityReportFinding projectFingerprint GraphQL field"  # (required) The name of the feature to be deprecated
  announcement_milestone: "15.1"  # (required) The milestone when this feature was first announced as deprecated.
  announcement_date: "2022-06-22"  # (required) The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
  removal_milestone: "16.0"  # (required) The milestone when this feature is planned to be removed
  removal_date: "2023-05-22"  # (required) The date of the milestone release when this feature is planned to be removed. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
  breaking_change: true  # (required) If this deprecation is a breaking change, set this value to true
  reporter: matt_wilson  # (required) GitLab username of the person reporting the deprecation
  stage: Secure  # (required) String value of the stage that the feature was created in. e.g., Growth
  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/343475  # (required) Link to the deprecation issue in GitLab
  body: |  # (required) Do not modify this line, instead modify the lines below.
    The [`project_fingerprint`](https://gitlab.com/groups/gitlab-org/-/epics/2791) attribute of vulnerability findings is being deprecated in favor of a `uuid` attribute. By using UUIDv5 values to identify findings, we can easily associate any related entity with a finding. The `project_fingerprint` attribute is no longer being used to track findings, and will be removed in GitLab 16.0.
 # The following items are not published on the docs page, but may be used in the future.
  tiers: Ultimate  # (optional - may be required in the future) An array of tiers that the feature is available in currently.  e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
  documentation_url:  # (optional) This is a link to the current documentation page
  image_url:  # (optional) This is a link to a thumbnail image depicting the feature
  video_url:  # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
--- a/data/deprecations/15-1-project-pipeline-securityReportFindings.yml
+++ b/data/deprecations/15-1-project-pipeline-securityReportFindings.yml
@ -0,0 +1,16 @@
 - name: "project.pipeline.securityReportFindings GraphQL query"  # (required) The name of the feature to be deprecated
  announcement_milestone: "15.1"  # (required) The milestone when this feature was first announced as deprecated.
  announcement_date: "2022-06-22"  # (required) The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
  removal_milestone: "16.0"  # (required) The milestone when this feature is planned to be removed
  removal_date: "2023-05-22"  # (required) The date of the milestone release when this feature is planned to be removed. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
  breaking_change: true  # (required) If this deprecation is a breaking change, set this value to true
  reporter: matt_wilson  # (required) GitLab username of the person reporting the deprecation
  stage: Secure  # (required) String value of the stage that the feature was created in. e.g., Growth
  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/343475  # (required) Link to the deprecation issue in GitLab
  body: |  # (required) Do not modify this line, instead modify the lines below.
    Previous work helped [align the vulnerabilities calls for pipeline security tabs](https://gitlab.com/gitlab-org/gitlab/-/issues/343469) to match the vulnerabilities calls for project-level and group-level vulnerability reports. This helped the frontend have a more consistent interface. The old `project.pipeline.securityReportFindings` query was formatted differently than other vulnerability data calls. Now that it has been replaced with the new `project.pipeline.vulnerabilities` field, the old `project.pipeline.securityReportFindings` is being deprecated and will be removed in GitLab 16.0.
 # The following items are not published on the docs page, but may be used in the future.
  tiers: Ultimate  # (optional - may be required in the future) An array of tiers that the feature is available in currently.  e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
  documentation_url:  # (optional) This is a link to the current documentation page
  image_url:  # (optional) This is a link to a thumbnail image depicting the feature
  video_url:  # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
--- a/db/migrate/20220605170009_add_url_vars_to_web_hook.rb
+++ b/db/migrate/20220605170009_add_url_vars_to_web_hook.rb
@ -0,0 +1,8 @@
 # frozen_string_literal: true
 class AddUrlVarsToWebHook < Gitlab::Database::Migration[2.0]
  def change
    add_column :web_hooks, :encrypted_url_variables, :binary
    add_column :web_hooks, :encrypted_url_variables_iv, :binary
  end
 end
--- a/db/schema_migrations/20220605170009
+++ b/db/schema_migrations/20220605170009
@ -0,0 +1 @@
 b3661dbf8254ed37356a1164718c372cf5828fe7aa0218fd02feb1c00370e86f
--- a/db/structure.sql
+++ b/db/structure.sql
@ -22260,7 +22260,9 @@ CREATE TABLE web_hooks (
    subgroup_events boolean DEFAULT false NOT NULL,
    recent_failures smallint DEFAULT 0 NOT NULL,
    backoff_count smallint DEFAULT 0 NOT NULL,
-    disabled_until timestamp with time zone
+    disabled_until timestamp with time zone,
    encrypted_url_variables bytea,
    encrypted_url_variables_iv bytea
 );
 CREATE SEQUENCE web_hooks_id_seq
--- a/doc/update/deprecations.md
+++ b/doc/update/deprecations.md
@ -64,6 +64,34 @@ Any Jira Server and Jira Data Center users will need to confirm they are not usi
 <div class="deprecation removal-160 breaking-change">
 ### PipelineSecurityReportFinding name GraphQL field
 Planned removal: GitLab <span class="removal-milestone">16.0</span> (2023-05-22)
 WARNING:
 This is a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
 Review the details carefully before upgrading.
 Previously, the [PipelineSecurityReportFinding GraphQL type was updated](https://gitlab.com/gitlab-org/gitlab/-/issues/335372) to include a new `title` field. This field is an alias for the current `name` field, making the less specific `name` field redundant. The `name` field will be removed from the PipelineSecurityReportFinding type in GitLab 16.0.
 </div>
 <div class="deprecation removal-160 breaking-change">
 ### PipelineSecurityReportFinding projectFingerprint GraphQL field
 Planned removal: GitLab <span class="removal-milestone">16.0</span> (2023-05-22)
 WARNING:
 This is a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
 Review the details carefully before upgrading.
 The [`project_fingerprint`](https://gitlab.com/groups/gitlab-org/-/epics/2791) attribute of vulnerability findings is being deprecated in favor of a `uuid` attribute. By using UUIDv5 values to identify findings, we can easily associate any related entity with a finding. The `project_fingerprint` attribute is no longer being used to track findings, and will be removed in GitLab 16.0.
 </div>
 <div class="deprecation removal-160 breaking-change">
 ### REST API Runner maintainer_note
 Planned removal: GitLab <span class="removal-milestone">16.0</span> (2023-05-22)
@ -88,6 +116,20 @@ of the underlying data model. The feature flag has remained off by default as fu
 by this value remains performant. Due to very low usage of the `Tool` column for sorting, the feature flag will instead be removed in
 GitLab 15.3 to simplify the codebase and prevent any unwanted performance degradation.
 </div>
 <div class="deprecation removal-160 breaking-change">
 ### project.pipeline.securityReportFindings GraphQL query
 Planned removal: GitLab <span class="removal-milestone">16.0</span> (2023-05-22)
 WARNING:
 This is a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
 Review the details carefully before upgrading.
 Previous work helped [align the vulnerabilities calls for pipeline security tabs](https://gitlab.com/gitlab-org/gitlab/-/issues/343469) to match the vulnerabilities calls for project-level and group-level vulnerability reports. This helped the frontend have a more consistent interface. The old `project.pipeline.securityReportFindings` query was formatted differently than other vulnerability data calls. Now that it has been replaced with the new `project.pipeline.vulnerabilities` field, the old `project.pipeline.securityReportFindings` is being deprecated and will be removed in GitLab 16.0.
 </div>
 </div>
--- a/spec/models/concerns/sensitive_serializable_hash_spec.rb
+++ b/spec/models/concerns/sensitive_serializable_hash_spec.rb
@ -56,6 +56,9 @@ RSpec.describe SensitiveSerializableHash do
            attributes.each do |attribute|
              expect(model.attributes).to include(attribute) # double-check the attribute does exist
              # Do not expect binary columns to appear in JSON
              next if klass.columns_hash[attribute]&.type == :binary
              expect(model.serializable_hash(unsafe_serialization_hash: true)).to include(attribute)
              expect(model.to_json(unsafe_serialization_hash: true)).to include(attribute)
              expect(model.as_json(unsafe_serialization_hash: true)).to include(attribute)
@ -65,8 +68,12 @@ RSpec.describe SensitiveSerializableHash do
      end
    end
-    it_behaves_like 'attr_encrypted attribute', WebHook, 'token' do
+    context 'for a web hook' do
      let_it_be(:model) { create(:system_hook) }
      it_behaves_like 'attr_encrypted attribute', WebHook, 'token'
      it_behaves_like 'attr_encrypted attribute', WebHook, 'url'
      it_behaves_like 'attr_encrypted attribute', WebHook, 'url_variables'
    end
    it_behaves_like 'attr_encrypted attribute', Ci::InstanceVariable, 'value' do
--- a/spec/models/container_registry/event_spec.rb
+++ b/spec/models/container_registry/event_spec.rb
@ -60,14 +60,6 @@ RSpec.describe ContainerRegistry::Event do
      end
    end
    context 'with :container_registry_project_statistics feature flag disabled' do
      before do
        stub_feature_flags(container_registry_project_statistics: false)
      end
      it_behaves_like 'event without project statistics update'
    end
    context 'with no target tag' do
      let(:target) { super().without('tag') }
--- a/spec/models/hooks/web_hook_spec.rb
+++ b/spec/models/hooks/web_hook_spec.rb
@ -24,6 +24,29 @@ RSpec.describe WebHook do
  describe 'validations' do
    it { is_expected.to validate_presence_of(:url) }
    describe 'url_variables' do
      it { is_expected.to allow_value({}).for(:url_variables) }
      it { is_expected.to allow_value({ 'foo' => 'bar' }).for(:url_variables) }
      it { is_expected.to allow_value({ 'FOO' => 'bar' }).for(:url_variables) }
      it { is_expected.to allow_value({ 'MY_TOKEN' => 'bar' }).for(:url_variables) }
      it { is_expected.to allow_value({ 'foo2' => 'bar' }).for(:url_variables) }
      it { is_expected.to allow_value({ 'x' => 'y' }).for(:url_variables) }
      it { is_expected.to allow_value({ 'x' => ('a' * 100) }).for(:url_variables) }
      it { is_expected.to allow_value({ 'foo' => 'bar', 'bar' => 'baz' }).for(:url_variables) }
      it { is_expected.to allow_value((1..20).to_h { ["k#{_1}", 'value'] }).for(:url_variables) }
      it { is_expected.not_to allow_value([]).for(:url_variables) }
      it { is_expected.not_to allow_value({ 'foo' => 1 }).for(:url_variables) }
      it { is_expected.not_to allow_value({ 'bar' => :baz }).for(:url_variables) }
      it { is_expected.not_to allow_value({ 'bar' => nil }).for(:url_variables) }
      it { is_expected.not_to allow_value({ 'foo' => '' }).for(:url_variables) }
      it { is_expected.not_to allow_value({ 'foo' => ('a' * 101) }).for(:url_variables) }
      it { is_expected.not_to allow_value({ 'has spaces' => 'foo' }).for(:url_variables) }
      it { is_expected.not_to allow_value({ '' => 'foo' }).for(:url_variables) }
      it { is_expected.not_to allow_value({ '1foo' => 'foo' }).for(:url_variables) }
      it { is_expected.not_to allow_value((1..21).to_h { ["k#{_1}", 'value'] }).for(:url_variables) }
    end
    describe 'url' do
      it { is_expected.to allow_value('http://example.com').for(:url) }
      it { is_expected.to allow_value('https://example.com').for(:url) }
@ -87,7 +110,7 @@ RSpec.describe WebHook do
  describe 'encrypted attributes' do
    subject { described_class.encrypted_attributes.keys }
-    it { is_expected.to contain_exactly(:token, :url) }
+    it { is_expected.to contain_exactly(:token, :url, :url_variables) }
  end
  describe 'execute' do
@ -519,4 +542,22 @@ RSpec.describe WebHook do
      it { is_expected.to eq :temporarily_disabled }
    end
  end
  describe '#to_json' do
    it 'does not error' do
      expect { hook.to_json }.not_to raise_error
    end
    it 'does not error, when serializing unsafe attributes' do
      expect { hook.to_json(unsafe_serialization_hash: true) }.not_to raise_error
    end
    it 'does not contain binary attributes' do
      expect(hook.to_json).not_to include('encrypted_url_variables')
    end
    it 'does not contain binary attributes, even when serializing unsafe attributes' do
      expect(hook.to_json(unsafe_serialization_hash: true)).not_to include('encrypted_url_variables')
    end
  end
 end
--- a/spec/models/project_statistics_spec.rb
+++ b/spec/models/project_statistics_spec.rb
@ -358,20 +358,6 @@ RSpec.describe ProjectStatistics do
      expect(statistics.container_registry_size).to eq(0)
    end
    context 'with container_registry_project_statistics FF disabled' do
      before do
        stub_feature_flags(container_registry_project_statistics: false)
      end
      it 'does not update the container_registry_size' do
        expect(project).not_to receive(:container_repositories_size)
        update_container_registry_size
        expect(statistics.container_registry_size).to eq(0)
      end
    end
  end
  describe '#update_storage_size' do
--- a/spec/requests/projects/usage_quotas_spec.rb
+++ b/spec/requests/projects/usage_quotas_spec.rb
@ -35,26 +35,5 @@ RSpec.describe 'Project Usage Quotas' do
      it_behaves_like 'response with 404 status'
    end
    context 'container_registry_project_statistics feature flag' do
      subject(:body) { response.body }
      before do
        stub_feature_flags(container_registry_project_statistics: container_registry_project_statistics_enabled)
        get project_usage_quotas_path(project)
      end
      context 'when disabled' do
        let(:container_registry_project_statistics_enabled) { false }
        it { is_expected.to have_pushed_frontend_feature_flags(containerRegistryProjectStatistics: false)}
      end
      context 'when enabled' do
        let(:container_registry_project_statistics_enabled) { true }
        it { is_expected.to have_pushed_frontend_feature_flags(containerRegistryProjectStatistics: true)}
      end
    end
  end
 end
		`@ -0,0 +1 @@`
							`b3661dbf8254ed37356a1164718c372cf5828fe7aa0218fd02feb1c00370e86f`