Add latest changes from gitlab-org/gitlab@master

db/post_migrate/20220502015011_clean_up_fix_merge_request_diff_commit_users.rb

@@ -1,10 +1,8 @@
 # frozen_string_literal: true
 
-class CleanUpFixMergeRequestDiffCommitUsers < Gitlab::Database::Migration[2.0]
+class CleanUpFixMergeRequestDiffCommitUsers < Gitlab::Database::Migration[1.0]
   disable_ddl_transaction!
 
-  restrict_gitlab_migration gitlab_schema: :gitlab_main
-
   MIGRATION_CLASS = 'FixMergeRequestDiffCommitUsers'
 
   def up

doc/ci/environments/index.md

@@ -560,11 +560,8 @@ GitLab automatically triggers the `stop_review_app` job to stop the environment.
 
 #### Multiple stop actions for an environment
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22456) in GitLab 14.10 [with a flag](../../administration/feature_flags.md) named `environment_multiple_stop_actions`. Disabled by default.
-
-FLAG:
-On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the feature flag](../../administration/feature_flags.md) named `environment_multiple_stop_actions`.
-On GitLab.com, this feature is not available. We are enabling in phases and the status can be tracked in [issue 358911](https://gitlab.com/gitlab-org/gitlab/-/issues/358911).
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22456) in GitLab 14.10 [with a flag](../../administration/feature_flags.md) named `environment_multiple_stop_actions`. Disabled by default.
+> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/358911) in GitLab 15.0. [Feature flag `environment_multiple_stop_actions`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/86685) removed.
 
 This feature is useful when you need to perform multiple **parallel** stop actions on an environment.
 

doc/user/application_security/dependency_scanning/index.md

@@ -441,6 +441,9 @@ Please note, we support the following types of Java project structures:
 - [multi-project Gradle builds](https://docs.gradle.org/current/userguide/intro_multi_project_builds.html)
 - [multi-module maven projects](https://maven.apache.org/pom.html#Aggregation)
 
+We do not support multiple lockfiles for Java and Scala. When multiple lockfiles exist, `gemnasium-maven`
+analyzes the first file in the list of package managers detected.
+
 #### JavaScript
 
 The following analyzers are executed, each of which have different behavior when processing multiple files:

doc/user/gitlab_com/index.md

@@ -9,6 +9,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 This page contains information about the settings that are used on GitLab.com, available to
 [GitLab SaaS](https://about.gitlab.com/pricing/) customers.
 
+See some of these settings on the [instance configuration page](https://gitlab.com/help/instance_configuration) of GitLab.com.
+
 ## Password requirements
 
 GitLab.com has the following requirements for passwords on new accounts and password changes:

doc/user/ssh.md

@@ -1,8 +1,7 @@
 ---
 stage: Manage
 group: Authentication and Authorization
-info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments"
-type: howto, reference
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---
 
 # Use SSH keys to communicate with GitLab **(FREE)**
@@ -41,7 +40,7 @@ Administrators can [restrict which keys are permitted and their minimum lengths]
 The book [Practical Cryptography With Go](https://leanpub.com/gocrypto/read#leanpub-auto-chapter-5-digital-signatures)
 suggests that [ED25519](https://ed25519.cr.yp.to/) keys are more secure and performant than RSA keys.
 
-OpenSSH 6.5 introduced ED25519 SSH keys in 2014 and they should be available on most
+OpenSSH 6.5 introduced ED25519 SSH keys in 2014, and they should be available on most
 operating systems.
 
 ### ED25519_SK SSH keys
@@ -60,7 +59,7 @@ must have [OpenSSH 8.2](https://www.openssh.com/releasenotes.html#8.2) or later
 
 ### RSA SSH keys
 
-Available documentation suggests that ED25519 is more secure than RSA.
+Available documentation suggests ED25519 is more secure than RSA.
 
 If you use an RSA key, the US National Institute of Science and Technology in
 [Publication 800-57 Part 3 (PDF)](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf)
@@ -71,27 +70,27 @@ Review the `man` page for your installed `ssh-keygen` command for details.
 
 Before you create a key pair, see if a key pair already exists.
 
-1. On Windows, Linux, or macOS, go to your home directory.
+1. Go to your home directory.
 1. Go to the `.ssh/` subdirectory. If the `.ssh/` subdirectory doesn't exist,
    you are either not in the home directory, or you haven't used `ssh` before.
    In the latter case, you need to [generate an SSH key pair](#generate-an-ssh-key-pair).
 1. See if a file with one of the following formats exists:
 
-   | Algorithm | Public key | Private key |
-   | --------- | ---------- | ----------- |
+   | Algorithm             | Public key | Private key |
+   |-----------------------|------------|-------------|
    |  ED25519 (preferred)  | `id_ed25519.pub` | `id_ed25519` |
-   |  ED25519_SK | `id_ed25519_sk.pub` | `id_ed25519_sk` |
-   |  ECDSA_SK | `id_ecdsa_sk.pub` | `id_ecdsa_sk` |
-   |  RSA (at least 2048-bit key size)     | `id_rsa.pub` | `id_rsa` |
-   |  DSA (deprecated)      | `id_dsa.pub` | `id_dsa` |
-   |  ECDSA    | `id_ecdsa.pub` | `id_ecdsa` |
+   |  ED25519_SK           | `id_ed25519_sk.pub` | `id_ed25519_sk` |
+   |  ECDSA_SK             | `id_ecdsa_sk.pub` | `id_ecdsa_sk` |
+   |  RSA (at least 2048-bit key size) | `id_rsa.pub` | `id_rsa` |
+   |  DSA (deprecated)     | `id_dsa.pub` | `id_dsa` |
+   |  ECDSA                | `id_ecdsa.pub` | `id_ecdsa` |
 
 ## Generate an SSH key pair
 
-If you do not have an existing SSH key pair, generate a new one.
+If you do not have an existing SSH key pair, generate a new one:
 
 1. Open a terminal.
-1. Type `ssh-keygen -t` followed by the key type and an optional comment.
+1. Run `ssh-keygen -t` followed by the key type and an optional comment.
    This comment is included in the `.pub` file that's created.
    You may want to use an email address for the comment.
 
@@ -126,11 +125,10 @@ If you do not have an existing SSH key pair, generate a new one.
    Enter same passphrase again:
    ```
 
-1. A confirmation is displayed, including information about where your files are stored.
+   A confirmation is displayed, including information about where your files are stored.
 
-A public and private key are generated.
-[Add the public SSH key to your GitLab account](#add-an-ssh-key-to-your-gitlab-account) and keep
-the private key secure.
+A public and private key are generated. [Add the public SSH key to your GitLab account](#add-an-ssh-key-to-your-gitlab-account)
+and keep the private key secure.
 
 ### Configure SSH to point to a different directory
 
@@ -158,7 +156,7 @@ configure your SSH client to point to the directory where the private key is sto
      IdentityFile ~/.ssh/example_com_rsa
    ```
 
-   For more information on these settings, see the [`man ssh_config`](https://man.openbsd.org/ssh_config) page in the SSH configuration manual.
+For more information on these settings, see the [`man ssh_config`](https://man.openbsd.org/ssh_config) page in the SSH configuration manual.
 
 Public SSH keys must be unique to GitLab because they bind to your account.
 Your SSH key is the only identifier you have when you push code with SSH.
@@ -166,7 +164,7 @@ It must uniquely map to a single user.
 
 ### Update your SSH key passphrase
 
-You can update the passphrase for your SSH key.
+You can update the passphrase for your SSH key:
 
 1. Open a terminal and run this command:
 
@@ -174,34 +172,32 @@ You can update the passphrase for your SSH key.
    ssh-keygen -p -f /path/to/ssh_key
    ```
 
-1. At the prompts, type the passphrase and press Enter.
+1. At the prompts, enter the passphrase and then press Enter.
 
 ### Upgrade your RSA key pair to a more secure format
 
-If your version of OpenSSH is between 6.5 and 7.8,
-you can save your private RSA SSH keys in a more secure
-OpenSSH format.
+If your version of OpenSSH is between 6.5 and 7.8, you can save your private
+RSA SSH keys in a more secure OpenSSH format by opening a terminal and running
+this command:
 
-1. Open a terminal and run this command:
+```shell
+ssh-keygen -o -f ~/.ssh/id_rsa
+```
 
-   ```shell
-   ssh-keygen -o -f ~/.ssh/id_rsa
-   ```
+Alternatively, you can generate a new RSA key with the more secure encryption format with
+the following command:
 
-   Alternatively, you can generate a new RSA key with the more secure encryption format with
-   the following command:
-
-   ```shell
-   ssh-keygen -o -t rsa -b 4096 -C "<comment>"
-   ```
+```shell
+ssh-keygen -o -t rsa -b 4096 -C "<comment>"
+```
 
 ## Generate an SSH key pair for a FIDO/U2F hardware security key
 
-To generate ED25519_SK or ECDSA_SK SSH keys, you must use OpenSSH 8.2 or later.
+To generate ED25519_SK or ECDSA_SK SSH keys, you must use OpenSSH 8.2 or later:
 
 1. Insert a hardware security key into your computer.
 1. Open a terminal.
-1. Type `ssh-keygen -t` followed by the key type and an optional comment.
+1. Run `ssh-keygen -t` followed by the key type and an optional comment.
    This comment is included in the `.pub` file that's created.
    You may want to use an email address for the comment.
 
@@ -229,7 +225,7 @@ To generate ED25519_SK or ECDSA_SK SSH keys, you must use OpenSSH 8.2 or later.
    from the security key by [`ssh-add -K`](https://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ssh-add.1#K)
    or  [`ssh-keygen -K`](https://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ssh-keygen#K).
 
-1. Select Enter. Output similar to the following is displayed:
+1. Press Enter. Output similar to the following is displayed:
 
    ```plaintext
    Generating public/private ed25519-sk key pair.
@@ -251,31 +247,31 @@ To generate ED25519_SK or ECDSA_SK SSH keys, you must use OpenSSH 8.2 or later.
    Enter same passphrase again:
    ```
 
-1. A confirmation is displayed, including information about where your files are stored.
+   A confirmation is displayed, including information about where your files are stored.
 
 A public and private key are generated.
 [Add the public SSH key to your GitLab account](#add-an-ssh-key-to-your-gitlab-account).
 
 ## Add an SSH key to your GitLab account
 
-To use SSH with GitLab, copy your public key to your GitLab account.
+To use SSH with GitLab, copy your public key to your GitLab account:
 
 1. Copy the contents of your public key file. You can do this manually or use a script.
    For example, to copy an ED25519 key to the clipboard:
 
-   **macOS:**
+   **macOS**
 
    ```shell
    tr -d '\n' < ~/.ssh/id_ed25519.pub | pbcopy
    ```
 
-   **Linux** (requires the `xclip` package):
+   **Linux** (requires the `xclip` package)
 
    ```shell
    xclip -sel clip < ~/.ssh/id_ed25519.pub
    ```
 
-   **Git Bash on Windows:**
+   **Git Bash on Windows**
 
    ```shell
    cat ~/.ssh/id_ed25519.pub | clip
@@ -312,7 +308,8 @@ The following commands use the example hostname `gitlab.example.com`. Replace th
 
 1. For GitLab.com, to ensure you're connecting to the correct server, confirm the
    [SSH host keys fingerprints](gitlab_com/index.md#ssh-host-keys-fingerprints).
-1. Open a terminal and run this command, replacing `gitlab.example.com` with your GitLab instance URL:
+1. Open a terminal and run this command, replacing `gitlab.example.com` with your
+   GitLab instance URL:
 
    ```shell
    ssh -T git@gitlab.example.com
@@ -354,10 +351,10 @@ on `ssh` command options, see the `man` pages for both `ssh` and `ssh_config`.
 
 ## Use different accounts on a single GitLab instance
 
-You can use multiple accounts to connect to a single instance of GitLab.
-You can do this by using the command in the [previous topic](#use-different-keys-for-different-repositories).
-However, even if you set `IdentitiesOnly` to `yes`, you cannot sign in if an `IdentityFile` exists
-outside of a `Host` block.
+You can use multiple accounts to connect to a single instance of GitLab. You
+can do this by using the command in the [previous topic](#use-different-keys-for-different-repositories).
+However, even if you set `IdentitiesOnly` to `yes`, you cannot sign in if an
+`IdentityFile` exists outside of a `Host` block.
 
 Instead, you can assign aliases to hosts in the `~.ssh/config` file.
 

lib/gitlab/database/migrations/background_migration_helpers.rb

@@ -133,6 +133,11 @@ module Gitlab
         # This method does not garauntee that all jobs completed successfully.
         # It can only be used if the previous background migration used the queue_background_migration_jobs_by_range_at_intervals helper.
         def finalize_background_migration(class_name, delete_tracking_jobs: ['succeeded'])
+          if self.is_a?(::Gitlab::Database::MigrationHelpers::RestrictGitlabSchema)
+            raise 'The `#finalize_background_migration` is currently not supported with `Migration[2.0]`. Use `Migration[1.0]`. ' \
+              'For more information visit: https://docs.gitlab.com/ee/development/database/migrations_for_multiple_databases.html'
+          end
+
           job_coordinator = coordinator_for_tracking_database
 
           # Empty the sidekiq queue.

spec/lib/gitlab/database/migrations/background_migration_helpers_spec.rb

@@ -3,8 +3,10 @@
 require 'spec_helper'
 
 RSpec.describe Gitlab::Database::Migrations::BackgroundMigrationHelpers do
+  let(:base_class) { ActiveRecord::Migration }
+
   let(:model) do
-    ActiveRecord::Migration.new.extend(described_class)
+    base_class.new.extend(described_class)
   end
 
   shared_examples_for 'helpers that enqueue background migrations' do |worker_class, tracking_database|
@@ -290,7 +292,7 @@ RSpec.describe Gitlab::Database::Migrations::BackgroundMigrationHelpers do
       end
     end
 
-    describe '#finalized_background_migration' do
+    describe '#finalize_background_migration' do
       let(:coordinator) { Gitlab::BackgroundMigration::JobCoordinator.new(worker_class) }
 
       let!(:tracked_pending_job) { create(:background_migration_job, class_name: job_class_name, status: :pending, arguments: [1]) }
@@ -309,8 +311,8 @@ RSpec.describe Gitlab::Database::Migrations::BackgroundMigrationHelpers do
         allow(Gitlab::BackgroundMigration).to receive(:coordinator_for_database)
           .with(tracking_database).and_return(coordinator)
 
-        expect(coordinator).to receive(:migration_class_for)
-          .with(job_class_name).at_least(:once) { job_class }
+        allow(coordinator).to receive(:migration_class_for)
+          .with(job_class_name) { job_class }
 
         Sidekiq::Testing.disable! do
           worker_class.perform_async(job_class_name, [1, 2])
@@ -326,6 +328,22 @@ RSpec.describe Gitlab::Database::Migrations::BackgroundMigrationHelpers do
         end
       end
 
+      context 'when using Migration[2.0]' do
+        let(:base_class) { ::Gitlab::Database::Migration[2.0] }
+
+        let!(:job_class) do
+          Class.new do
+            def perform(*arguments)
+            end
+          end
+        end
+
+        it 'does raise an exception' do
+          expect { model.finalize_background_migration(job_class_name, delete_tracking_jobs: %w[pending succeeded]) }
+            .to raise_error /is currently not supported with/
+        end
+      end
+
       context 'when removing all tracked job records' do
         let!(:job_class) do
           Class.new do