Add latest changes from gitlab-org/gitlab@master

app/assets/javascripts/boards/components/issue_board_filtered_search.vue

@@ -6,6 +6,7 @@ import issueBoardFilters from '~/boards/issue_board_filters';
 import { TYPE_USER } from '~/graphql_shared/constants';
 import { convertToGraphQLId } from '~/graphql_shared/utils';
 import { __ } from '~/locale';
+import { DEFAULT_MILESTONES_GRAPHQL } from '~/vue_shared/components/filtered_search_bar/constants';
 import AuthorToken from '~/vue_shared/components/filtered_search_bar/tokens/author_token.vue';
 import LabelToken from '~/vue_shared/components/filtered_search_bar/tokens/label_token.vue';
 import MilestoneToken from '~/vue_shared/components/filtered_search_bar/tokens/milestone_token.vue';
@@ -63,17 +64,17 @@ export default {
 
       return [
         {
-          icon: 'labels',
-          title: label,
-          type: 'label_name',
+          icon: 'user',
+          title: assignee,
+          type: 'assignee_username',
           operators: [
             { value: '=', description: is },
             { value: '!=', description: isNot },
           ],
-          token: LabelToken,
-          unique: false,
-          symbol: '~',
-          fetchLabels,
+          token: AuthorToken,
+          unique: true,
+          fetchAuthors,
+          preloadedAuthors: this.preloadedAuthors(),
         },
         {
           icon: 'pencil',
@@ -90,17 +91,27 @@ export default {
           preloadedAuthors: this.preloadedAuthors(),
         },
         {
-          icon: 'user',
-          title: assignee,
-          type: 'assignee_username',
+          icon: 'labels',
+          title: label,
+          type: 'label_name',
           operators: [
             { value: '=', description: is },
             { value: '!=', description: isNot },
           ],
-          token: AuthorToken,
+          token: LabelToken,
+          unique: false,
+          symbol: '~',
+          fetchLabels,
+        },
+        {
+          type: 'milestone_title',
+          title: milestone,
+          icon: 'clock',
+          symbol: '%',
+          token: MilestoneToken,
           unique: true,
-          fetchAuthors,
-          preloadedAuthors: this.preloadedAuthors(),
+          defaultMilestones: DEFAULT_MILESTONES_GRAPHQL,
+          fetchMilestones: this.fetchMilestones,
         },
         {
           icon: 'issues',
@@ -114,16 +125,6 @@ export default {
             { icon: 'issue-type-incident', value: types.INCIDENT, title: incident },
           ],
         },
-        {
-          type: 'milestone_title',
-          title: milestone,
-          icon: 'clock',
-          symbol: '%',
-          token: MilestoneToken,
-          unique: true,
-          defaultMilestones: [], // todo: https://gitlab.com/gitlab-org/gitlab/-/issues/337044#note_640010094
-          fetchMilestones: this.fetchMilestones,
-        },
         {
           type: 'weight',
           title: weight,

app/assets/javascripts/groups/components/app.vue

@@ -136,7 +136,7 @@ export default {
         this.updateGroups(res, Boolean(filterGroupsBy));
       });
     },
-    fetchPage(page, filterGroupsBy, sortBy, archived) {
+    fetchPage({ page, filterGroupsBy, sortBy, archived }) {
       this.isLoading = true;
 
       return this.fetchGroups({

app/assets/javascripts/groups/components/groups.vue

@@ -32,10 +32,10 @@ export default {
   },
   methods: {
     change(page) {
-      const filterGroupsParam = getParameterByName('filter');
-      const sortParam = getParameterByName('sort');
-      const archivedParam = getParameterByName('archived');
-      eventHub.$emit(`${this.action}fetchPage`, page, filterGroupsParam, sortParam, archivedParam);
+      const filterGroupsBy = getParameterByName('filter');
+      const sortBy = getParameterByName('sort');
+      const archived = getParameterByName('archived');
+      eventHub.$emit(`${this.action}fetchPage`, { page, filterGroupsBy, sortBy, archived });
     },
   },
 };

app/assets/javascripts/vue_shared/components/filtered_search_bar/constants.js

@@ -20,8 +20,12 @@ export const OPERATOR_IS_ONLY = [{ value: OPERATOR_IS, description: OPERATOR_IS_
 export const OPERATOR_IS_NOT_ONLY = [{ value: OPERATOR_IS_NOT, description: OPERATOR_IS_NOT_TEXT }];
 export const OPERATOR_IS_AND_IS_NOT = [...OPERATOR_IS_ONLY, ...OPERATOR_IS_NOT_ONLY];
 
-export const DEFAULT_LABEL_NONE = { value: FILTER_NONE, text: __(FILTER_NONE) };
-export const DEFAULT_LABEL_ANY = { value: FILTER_ANY, text: __(FILTER_ANY) };
+export const DEFAULT_LABEL_NONE = {
+  value: FILTER_NONE,
+  text: __(FILTER_NONE),
+  title: __(FILTER_NONE),
+};
+export const DEFAULT_LABEL_ANY = { value: FILTER_ANY, text: __(FILTER_ANY), title: __(FILTER_ANY) };
 export const DEFAULT_NONE_ANY = [DEFAULT_LABEL_NONE, DEFAULT_LABEL_ANY];
 
 export const DEFAULT_ITERATIONS = DEFAULT_NONE_ANY.concat([
@@ -29,10 +33,17 @@ export const DEFAULT_ITERATIONS = DEFAULT_NONE_ANY.concat([
 ]);
 
 export const DEFAULT_MILESTONES = DEFAULT_NONE_ANY.concat([
-  { value: FILTER_UPCOMING, text: __(FILTER_UPCOMING) },
-  { value: FILTER_STARTED, text: __(FILTER_STARTED) },
+  { value: FILTER_UPCOMING, text: __(FILTER_UPCOMING), title: __(FILTER_UPCOMING) },
+  { value: FILTER_STARTED, text: __(FILTER_STARTED), title: __(FILTER_STARTED) },
 ]);
 
+export const DEFAULT_MILESTONES_GRAPHQL = [
+  { value: 'any', text: __(FILTER_ANY), title: __(FILTER_ANY) },
+  { value: 'none', text: __(FILTER_NONE), title: __(FILTER_NONE) },
+  { value: '#upcoming', text: __(FILTER_UPCOMING), title: __(FILTER_UPCOMING) },
+  { value: '#started', text: __(FILTER_STARTED), title: __(FILTER_STARTED) },
+];
+
 export const SortDirection = {
   descending: 'descending',
   ascending: 'ascending',

app/assets/javascripts/vue_shared/components/filtered_search_bar/tokens/milestone_token.vue

@@ -39,8 +39,16 @@ export default {
   },
   methods: {
     getActiveMilestone(milestones, data) {
-      return milestones.find(
-        (milestone) => milestone.title.toLowerCase() === stripQuotes(data).toLowerCase(),
+      /* We need to check default milestones against the value not the
+       * title because there is a discrepancy between the value graphql
+       * accepts and the title.
+       * https://gitlab.com/gitlab-org/gitlab/-/issues/337687#note_648058797
+       */
+
+      return (
+        milestones.find(
+          (milestone) => milestone.title.toLowerCase() === stripQuotes(data).toLowerCase(),
+        ) || this.defaultMilestones.find(({ value }) => value === data)
       );
     },
     fetchMilestones(searchTerm) {

app/assets/javascripts/vue_shared/components/runner_aws_deployments/runner_aws_deployments_modal.vue

@@ -1,5 +1,6 @@
 <script>
 import { GlModal, GlSprintf, GlLink } from '@gitlab/ui';
+import awsCloudFormationImageUrl from 'images/aws-cloud-formation.png';
 import ExperimentTracking from '~/experimentation/experiment_tracking';
 import { getBaseURL, objectToQuery } from '~/lib/utils/url_utility';
 import { __, s__ } from '~/locale';
@@ -22,6 +23,11 @@ export default {
       type: String,
       required: true,
     },
+    imgSrc: {
+      type: String,
+      required: false,
+      default: awsCloudFormationImageUrl,
+    },
   },
   methods: {
     easyButtonUrl(easyButton) {
@@ -76,7 +82,7 @@ export default {
           <img
             :title="easyButton.stackName"
             :alt="easyButton.stackName"
-            src="/assets/aws-cloud-formation.png"
+            :src="imgSrc"
             width="46"
             height="46"
             class="gl-mt-2 gl-mr-5 gl-mb-6"

doc/administration/auth/ldap/index.md

@@ -74,7 +74,7 @@ See [Google Secure LDAP](google_secure_ldap.md) for detailed configuration instr
 
 ## Configuration
 
-To enable LDAP integration you need to add your LDAP server settings in
+To enable LDAP integration you must add your LDAP server settings in
 `/etc/gitlab/gitlab.rb` or `/home/git/gitlab/config/gitlab.yml` for Omnibus
 GitLab and installations from source respectively.
 
@@ -169,7 +169,7 @@ production:
 | `verify_certificates` | Enables SSL certificate verification if encryption method is `start_tls` or `simple_tls`. Defaults to true. | **{dotted-circle}** No | boolean |
 | `timeout`          | Set a timeout, in seconds, for LDAP queries. This helps avoid blocking a request if the LDAP server becomes unresponsive. A value of `0` means there is no timeout. (default: `10`) | **{dotted-circle}** No | `10` or `30` |
 | `active_directory` | This setting specifies if LDAP server is Active Directory LDAP server. For non-AD servers it skips the AD specific queries. If your LDAP server is not AD, set this to false. | **{dotted-circle}** No | boolean |
-| `allow_username_or_email_login` | If enabled, GitLab ignores everything after the first `@` in the LDAP username submitted by the user on sign-in. If you are using `uid: 'userPrincipalName'` on ActiveDirectory you need to disable this setting, because the userPrincipalName contains an `@`. | **{dotted-circle}** No | boolean |
+| `allow_username_or_email_login` | If enabled, GitLab ignores everything after the first `@` in the LDAP username submitted by the user on sign-in. If you are using `uid: 'userPrincipalName'` on ActiveDirectory you must disable this setting, because the userPrincipalName contains an `@`. | **{dotted-circle}** No | boolean |
 | `block_auto_created_users` | To maintain tight control over the number of billable users on your GitLab installation, enable this setting to keep new users blocked until they have been cleared by an administrator (default: false). | **{dotted-circle}** No | boolean |
 | `base` | Base where we can search for users. | **{check-circle}** Yes | `'ou=people,dc=gitlab,dc=example'` or `'DC=mydomain,DC=com'` |
 | `user_filter`      | Filter LDAP users. Format: [RFC 4515](https://tools.ietf.org/search/rfc4515) Note: GitLab does not support `omniauth-ldap`'s custom filter syntax. | **{dotted-circle}** No | For examples, read [Examples of user filters](#examples-of-user-filters). |
@@ -187,7 +187,7 @@ Some examples of the `user_filter` field syntax:
 
 | Setting       | Description | Required | Examples |
 |---------------|-------------|----------|----------|
-| `ca_file`     | Specifies the path to a file containing a PEM-format CA certificate, for example, if you need to use an internal CA. | **{dotted-circle}** No | `'/etc/ca.pem'` |
+| `ca_file`     | Specifies the path to a file containing a PEM-format CA certificate, for example, if you need an internal CA. | **{dotted-circle}** No | `'/etc/ca.pem'` |
 | `ssl_version` | Specifies the SSL version for OpenSSL to use, if the OpenSSL default is not appropriate. | **{dotted-circle}** No | `'TLSv1_1'` |
 | `ciphers`     | Specific SSL ciphers to use in communication with LDAP servers. | **{dotted-circle}** No | `'ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2'` |
 | `cert`        | Client certificate. | **{dotted-circle}** No | `'-----BEGIN CERTIFICATE----- <REDACTED> -----END CERTIFICATE -----'` |
@@ -365,7 +365,7 @@ This does not disable [using LDAP credentials for Git access](#git-password-auth
 ### Using encrypted credentials
 
 Instead of having the LDAP integration credentials stored in plaintext in the configuration files, you can optionally
-use an encrypted file for the LDAP credentials. To use this feature, you first need to enable
+use an encrypted file for the LDAP credentials. To use this feature, first you must enable
 [GitLab encrypted configuration](../../encrypted_configuration.md).
 
 The encrypted configuration for LDAP exists in an encrypted YAML file. By default the file is created at
@@ -635,7 +635,7 @@ following.
 
 1. [Restart GitLab](../../restart_gitlab.md#installations-from-source) for the changes to take effect.
 
-To take advantage of group sync, group owners or maintainers need to [create one
+To take advantage of group sync, group owners or maintainers must [create one
 or more LDAP group links](#adding-group-links).
 
 ### Adding group links **(PREMIUM SELF)**
@@ -702,7 +702,7 @@ When enabled, the following applies:
 - Users are not allowed to share project with other groups or invite members to
   a project created in a group.
 
-To enable it you need to:
+To enable it, you must:
 
 1. [Enable LDAP](#configuration)
 1. On the top bar, select **Menu > Admin**.

doc/api/container_registry.md

@@ -32,6 +32,8 @@ Feature.disable(:ci_job_token_scope)
 
 ## Change the visibility of the Container Registry
 
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18792) in GitLab 14.2.
+
 This controls who can view the Container Registry.
 
 ```plaintext

doc/api/metrics_dashboard_annotations.md

@@ -7,7 +7,7 @@ type: concepts, howto
 
 # Dashboard annotations API **(FREE)**
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/29089) in GitLab 12.10 behind a disabled feature flag.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/29089) in GitLab 12.10 behind a disabled feature flag.
 
 Metrics dashboard annotations allow you to indicate events on your graphs at a single point in time or over a time span.
 

doc/api/metrics_user_starred_dashboards.md

@@ -43,7 +43,7 @@ Example Response:
 
 ## Remove a star from a dashboard
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/31892) in GitLab 13.0.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/31892) in GitLab 13.0.
 
 ```plaintext
 DELETE /projects/:id/metrics/user_starred_dashboards

doc/api/runners.md

@@ -41,7 +41,6 @@ GET /runners?scope=active
 GET /runners?type=project_type
 GET /runners?status=active
 GET /runners?tag_list=tag1,tag2
-GET /runners?search=gitlab
 ```
 
 | Attribute   | Type           | Required | Description         |
@@ -50,7 +49,6 @@ GET /runners?search=gitlab
 | `type`      | string         | no       | The type of runners to show, one of: `instance_type`, `group_type`, `project_type` |
 | `status`    | string         | no       | The status of runners to show, one of: `active`, `paused`, `online`, `offline` |
 | `tag_list`  | string array   | no       | List of the runner's tags |
-| `search`    | string         | no       | The full token or partial description text to match |
 
 ```shell
 curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/runners"

doc/api/services.md

@@ -503,7 +503,7 @@ GET /projects/:id/services/emails-on-push
 
 ## Confluence service
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/220934) in GitLab 13.2.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/220934) in GitLab 13.2.
 
 Replaces the link to the internal wiki with a link to a Confluence Cloud Workspace.
 

doc/api/usage_data.md

@@ -11,7 +11,7 @@ The Service Data API is associated with [Service Ping](../development/service_pi
 
 ## Export metric definitions as a single YAML file
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57270) in GitLab 13.11.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57270) in GitLab 13.11.
 
 Export all metric definitions as a single YAML file, similar to the [Metrics Dictionary](https://gitlab-org.gitlab.io/growth/product-intelligence/metric-dictionary), for easier importing.
 

doc/ci/secrets/index.md

@@ -95,7 +95,7 @@ To configure your Vault server:
 
 ## Use Vault secrets in a CI job **(PREMIUM)**
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/28321) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.4 and GitLab Runner 13.4.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/28321) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.4 and GitLab Runner 13.4.
 
 After [configuring your Vault server](#configure-your-vault-server), you can use
 the secrets stored in Vault by defining them with the `vault` keyword:

doc/ci/yaml/index.md

@@ -3194,10 +3194,10 @@ dashboards.
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207528) in GitLab 13.0.
 > - Requires [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 and above.
 
-The `terraform` report obtains a Terraform `tfplan.json` file. [JQ processing required to remove credentials](../../user/infrastructure/mr_integration.md#configure-terraform-report-artifacts). The collected Terraform
+The `terraform` report obtains a Terraform `tfplan.json` file. [JQ processing required to remove credentials](../../user/infrastructure/iac/mr_integration.md#configure-terraform-report-artifacts). The collected Terraform
 plan report uploads to GitLab as an artifact and displays
 in merge requests. For more information, see
-[Output `terraform plan` information into a merge request](../../user/infrastructure/mr_integration.md).
+[Output `terraform plan` information into a merge request](../../user/infrastructure/iac/mr_integration.md).
 
 #### `artifacts:untracked`
 

doc/development/database/multiple_databases.md

@@ -249,18 +249,88 @@ logic to delete these rows if or whenever necessary in your domain.
 Finally, this de-normalization and new query also improves performance because
 it does less joins and needs less filtering.
 
-#### Summary of cross-join removal patterns
+#### Use `disable_joins` for `has_one` or `has_many` `through:` relations
 
-A quick checklist for fixing a specific join query would be:
+Sometimes a join query is caused by using `has_one ... through:` or `has_many
+... through:` across tables that span the different databases. These joins
+sometimes can be solved by adding
+[`disable_joins:true`](https://edgeguides.rubyonrails.org/active_record_multiple_databases.html#handling-associations-with-joins-across-databases).
+This is a Rails feature which we
+[backported](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/66400). We
+also extended the feature to allow a lambda syntax for enabling `disable_joins`
+with a feature flag. If you use this feature we encourage using a feature flag
+as it mitigates risk if there is some serious performance regression.
 
-1. Is the code even used? If not just remove it
-1. If the code is used, then is this feature even used or can we implement the
-   feature in a simpler way and still meet the requirements. Always prefer the
-   simplest option.
-1. Can we remove the join if we de-normalize the data you are joining to by
-   adding a new column
-1. Can we remove the join by adding a new table in the correct database that
-   replicates the minimum data needed to do the join
+You can see an example where this was used in
+<https://gitlab.com/gitlab-org/gitlab/-/merge_requests/66709/diffs>.
+
+With any change to DB queries it is important to analyze and compare the SQL
+before and after the change. `disable_joins` can introduce very poorly performing
+code depending on the actual logic of the `has_many` or `has_one` relationship.
+The key thing to look for is whether any of the intermediate result sets
+used to construct the final result set have an unbounded amount of data loaded.
+The best way to tell is by looking at the SQL generated and confirming that
+each one is limited in some way. You can tell by either a `LIMIT 1` clause or
+by `WHERE` clause that is limiting based on a unique column. Any unbounded
+intermediate dataset could lead to loading too many IDs into memory.
+
+An example where you may see very poor performance is the following
+hypothetical code:
+
+```ruby
+class Project
+  has_many :pipelines
+  has_many :builds, through: :pipelines
+end
+
+class Pipeline
+  has_many :builds
+end
+
+class Build
+  belongs_to :pipeline
+end
+
+def some_action
+  @builds = Project.find(5).builds.order(created_at: :desc).limit(10)
+end
+```
+
+In the above case `some_action` will generate a query like:
+
+```sql
+select * from builds
+inner join pipelines on builds.pipeline_id = pipelines.id
+where pipelines.project_id = 5
+order by builds.created_at desc
+limit 10
+```
+
+However, if you changed the relation to be:
+
+```ruby
+class Project
+  has_many :pipelines
+  has_many :builds, through: :pipelines, disable_joins: true
+end
+```
+
+Then you would get the following 2 queries:
+
+```sql
+select id from pipelines where project_id = 5;
+
+select * from builds where pipeline_id in (...)
+order by created_at desc
+limit 10;
+```
+
+Because the first query does not limit by any unique column or
+have a `LIMIT` clause, it can load an unlimited number of
+pipeline IDs into memory, which are then sent in the following query.
+This can lead to very poor performance in the Rails application and the
+database. In cases like this, you might need to re-write the
+query or look at other patterns described above for removing cross-joins.
 
 #### How to validate you have correctly removed a cross-join
 

doc/development/documentation/feature_flags.md

@@ -67,9 +67,9 @@ When the state of a flag changes (for example, disabled by default to enabled by
 Possible version history entries are:
 
 ```markdown
-> - [Enabled on GitLab.com](issue-link) in GitLab X.X and is ready for production use.
-> - [Enabled on GitLab.com](issue-link) in GitLab X.X and is ready for production use. Available to GitLab.com administrators only.
-> - [Enabled with <flag name> flag](issue-link) for self-managed GitLab in GitLab X.X and is ready for production use.
+> - [Enabled on GitLab.com](issue-link) in GitLab X.X.
+> - [Enabled on GitLab.com](issue-link) in GitLab X.X. Available to GitLab.com administrators only.
+> - [Enabled on self-managed](issue-link) in GitLab X.X.
 > - [Feature flag <flag name> removed](issue-line) in GitLab X.X.
 ```
 
@@ -86,11 +86,11 @@ ask an administrator to [enable the `forti_token_cloud` flag](../administration/
 The feature is not ready for production use.
 ```
 
-If it were to be updated in the future to enable its use in production, you can update the version history:
+When the feature is enabled in production, you can update the version history:
 
 ```markdown
 > - Introduced in GitLab 13.7.
-> - [Enabled with `forti_token_cloud` flag](https://gitlab.com/issue/etc) for self-managed GitLab in GitLab X.X and ready for production use.
+> - [Enabled on self-managed](https://gitlab.com/issue/etc) GitLab 13.8.
 
 FLAG:
 On self-managed GitLab, by default this feature is available. To hide the feature per user,
@@ -101,7 +101,7 @@ And, when the feature is done and fully available to all users:
 
 ```markdown
 > - Introduced in GitLab 13.7.
-> - [Enabled on GitLab.com](https://gitlab.com/issue/etc) in GitLab X.X and is ready for production use.
-> - [Enabled with `forti_token_cloud` flag](https://gitlab.com/issue/etc) for self-managed GitLab in GitLab X.X and is ready for production use.
-> - [Feature flag `forti_token_cloud`](https://gitlab.com/issue/etc) removed in GitLab X.X.
+> - [Enabled on self-managed](https://gitlab.com/issue/etc) GitLab 13.8.
+> - [Enabled on GitLab.com](https://gitlab.com/issue/etc) in GitLab 13.9.
+> - [Feature flag `forti_token_cloud`](https://gitlab.com/issue/etc) removed in GitLab 14.0.
 ```

doc/development/service_ping/implement.md

@@ -190,7 +190,7 @@ bulk_imports = distinct_count(::BulkImport, :user_id)
 
 #### Estimated batch counters
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/48233) in GitLab 13.7.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/48233) in GitLab 13.7.
 
 Estimated batch counter functionality handles `ActiveRecord::StatementInvalid` errors
 when used through the provided `estimate_batch_distinct_count` method.
@@ -972,7 +972,7 @@ Becomes:
 
 ### Redis sourced aggregated metrics
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45979) in GitLab 13.6.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45979) in GitLab 13.6.
 
 To declare the aggregate of events collected with [Redis HLL Counters](#redis-hll-counters),
 you must fulfill the following requirements:

doc/development/sidekiq_style_guide.md

@@ -713,7 +713,7 @@ default weight, which is 1.
 
 ## Worker context
 
-> - [Introduced](https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/9) in GitLab 12.8.
+> [Introduced](https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/9) in GitLab 12.8.
 
 To have some more information about workers in the logs, we add
 [metadata to the jobs in the form of an

doc/operations/metrics/alerts.md

@@ -61,7 +61,7 @@ Prometheus server to use the
 
 ## Trigger actions from alerts **(ULTIMATE)**
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/4925) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.11.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/4925) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.11.
 
 Alerts can be used to trigger actions, like opening an issue automatically
 (disabled by default since `13.1`). To configure the actions:

doc/topics/autodevops/prepare_deployment.md

@@ -12,7 +12,7 @@ recommend that you prepare them before enabling Auto DevOps.
 
 ## Deployment strategy
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/38542) in GitLab 11.0.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/38542) in GitLab 11.0.
 
 When using Auto DevOps to deploy your applications, choose the
 [continuous deployment strategy](../../ci/introduction/index.md)

doc/user/admin_area/analytics/dev_ops_report.md

@@ -15,7 +15,7 @@ from planning to monitoring.
 To see DevOps Report:
 
 1. On the top bar, select **Menu > Admin**.
-1. In the left sidebar, select **Analytics > DevOps Report**.
+1. On the left sidebar, select **Analytics > DevOps Report**.
 
 ## DevOps Score
 

doc/user/admin_area/analytics/index.md

@@ -11,7 +11,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 Administrators have access to instance-wide analytics:
 
 1. On the top bar, select **Menu > Admin**.
-1. In the left sidebar, select **Analytics**.
+1. On the left sidebar, select **Analytics**.
 
 There are several kinds of statistics:
 

doc/user/admin_area/moderate_users.md

@@ -194,7 +194,7 @@ Users can also be activated using the [GitLab API](../../api/users.md#activate-u
 
 ## Ban and unban users
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327353) in GitLab 14.2.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327353) in GitLab 14.2.
 
 GitLab administrators can ban and unban users. Banned users are blocked, and their issues are hidden. 
 The banned user's comments are still displayed. Hiding a banned user's comments is [tracked in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/327356).

doc/user/admin_area/settings/instance_template_repository.md

@@ -7,7 +7,7 @@ type: reference
 
 # Instance template repository **(PREMIUM SELF)**
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5986) in GitLab Premium 11.3.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5986) in GitLab Premium 11.3.
 
 In hosted systems, enterprises often have a need to share their own templates
 across teams. This feature allows an administrator to pick a project to be the

doc/user/admin_area/settings/sign_in_restrictions.md

@@ -26,7 +26,7 @@ You can restrict the password authentication for web interface and Git over HTTP
 
 ## Admin Mode
 
-> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2158) in GitLab 13.10.
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2158) in GitLab 13.10.
 
 When this feature is enabled, instance administrators are limited as regular users. During that period,
 they do not have access to all projects, groups, or the **Admin Area** menu.

doc/user/admin_area/settings/usage_statistics.md

@@ -74,8 +74,9 @@ If your GitLab instance is behind a proxy, set the appropriate
 To enable or disable Service Ping and version check:
 
 1. On the top bar, select **Menu > Admin**.
-1. In the left sidebar, select **Settings > Metrics and profiling**, and expand **Usage statistics**.
-1. Select or clear the **Version check** and **Service ping** checkboxes.
+1. On the left sidebar, select **Settings > Metrics and profiling**.
+1. Expand **Usage statistics**.
+1. Select or clear the **Enable version check** and **Enable service ping** checkboxes.
 1. Select **Save changes**.
 
 <!-- ## Troubleshooting

doc/user/analytics/issue_analytics.md

@@ -7,13 +7,16 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Issue Analytics **(PREMIUM)**
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/196561) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.9.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/196561) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.9.
 
 Issue Analytics is a bar graph which illustrates the number of issues created each month.
 The default time span is 13 months, which includes the current month, and the 12 months
 prior.
 
-To access the chart, navigate to your project sidebar and select **Analytics > Issue**.
+To access the chart:
+
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Analytics > Issue**.
 
 Hover over each bar to see the total number of issues.
 

doc/user/analytics/merge_request_analytics.md

@@ -20,7 +20,10 @@ The Throughput chart shows the number of merge requests merged, by month. Merge
 a common measure of productivity in software engineering. Although imperfect, the average throughput can
 be a meaningful benchmark of your team's overall productivity.
 
-To access Merge Request Analytics, from your project's menu, go to **Analytics > Merge Request**.
+To access Merge Request Analytics:
+
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Analytics > Merge request**.
 
 ## Use cases
 
@@ -93,10 +96,10 @@ You can filter the data that is presented on the page based on the following par
 
 To filter results:
 
-1. Click on the filter bar.
+1. Select the filter bar.
 1. Select a parameter to filter by.
 1. Select a value from the autocompleted results, or enter search text to refine the results.
-1. Hit the "Return" key.
+1. Press Enter.
 
 ## Date range
 

doc/user/application_security/api_fuzzing/index.md

@@ -85,7 +85,7 @@ In GitLab 14.0 and later, API fuzzing configuration files must be in your reposi
 
 ### Web API fuzzing configuration form
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299234) in GitLab 13.10.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299234) in GitLab 13.10.
 
 WARNING:
 This feature might not be available to you. Check the **version history** note above for details.

doc/user/application_security/dast_api/index.md

@@ -897,7 +897,7 @@ variables:
 
 ### Exclude Paths
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211892) in GitLab 14.0.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211892) in GitLab 14.0.
 
 When testing an API it can be useful to exclude certain paths. For example, you might exclude testing of an authentication service or an older version of the API. To exclude paths, use the `FUZZAPI_EXCLUDE_PATHS` CI/CD variable . This variable is specified in your `.gitlab-ci.yml` file. To exclude multiple paths, separate entries using the `;` character. In the provided paths you can use a single character wildcard `?` and `*` for a multiple character wildcard.
 

doc/user/clusters/applications.md

@@ -285,10 +285,10 @@ postgresql:
 ```
 
 Support for installing the Sentry managed application is provided by the
-GitLab Health group. If you run into unknown issues,
+GitLab Monitor group. If you run into unknown issues,
 [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new), and ping at
 least 2 people from the
-[Health group](https://about.gitlab.com/handbook/product/categories/#health-group).
+[Monitor group](https://about.gitlab.com/handbook/product/categories/#monitor-group).
 
 ### Install PostHog using GitLab CI/CD
 
@@ -366,9 +366,9 @@ project. Refer to the
 of the Prometheus chart's README for the available configuration options.
 
 Support for installing the Prometheus managed application is provided by the
-GitLab APM group. If you run into unknown issues,
+GitLab Monitor group. If you run into unknown issues,
 [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new), and ping at
-least 2 people from the [APM group](https://about.gitlab.com/handbook/product/categories/#apm-group).
+least 2 people from the [Monitor group](https://about.gitlab.com/handbook/product/categories/#monitor-group).
 
 ### Install GitLab Runner using GitLab CI/CD
 
@@ -819,9 +819,9 @@ management project. Refer to the
 available configuration options.
 
 Support for installing the Elastic Stack managed application is provided by the
-GitLab APM group. If you run into unknown issues,
+GitLab Monitor group. If you run into unknown issues,
 [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new), and ping at
-least 2 people from the [APM group](https://about.gitlab.com/handbook/product/categories/#apm-group).
+least 2 people from the [Monitor group](https://about.gitlab.com/handbook/product/categories/#monitor-group).
 
 ### Install Crossplane using GitLab CI/CD
 

doc/user/group/issues_analytics/index.md

@@ -7,7 +7,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Issue Analytics **(PREMIUM)**
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7478) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.5.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7478) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.5.
 
 Issue Analytics is a bar graph which illustrates the number of issues created each month.
 The default time span is 13 months, which includes the current month, and the 12 months

doc/user/group/repositories_analytics/index.md

@@ -16,7 +16,7 @@ This feature might not be available to you. Check the **version history** note a
 
 ## Current group code coverage
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/263478) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.7.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/263478) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.7.
 
 The **Analytics > Repositories** group page displays the overall test coverage of all your projects in your group.
 In the **Overall activity** section, you can see:
@@ -27,13 +27,13 @@ In the **Overall activity** section, you can see:
 
 ## Average group test coverage from the last 30 days
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/215140) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.9.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/215140) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.9.
 
 The **Analytics > Repositories** group page displays the average test coverage of all your projects in your group in a graph for the last 30 days.
 
 ## Latest project test coverage list
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267624) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.6.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267624) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.6.
 
 To see the latest code coverage for each project in your group:
 

doc/user/group/settings/import_export.md

@@ -6,7 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 ---
 # Group import/export **(FREE)**
 
-> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2888) in GitLab 13.0 as an experimental feature. May change in future releases.
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2888) in GitLab 13.0 as an experimental feature. May change in future releases.
 
 Existing groups running on any GitLab instance or GitLab.com can be exported with all their related data and moved to a
 new GitLab instance.

doc/user/infrastructure/clusters/manage/management_project_applications/elasticstack.md

@@ -29,6 +29,6 @@ management project. Refer to the
 available configuration options.
 
 Support for installing the Elastic Stack managed application is provided by the
-GitLab APM group. If you run into unknown issues,
+GitLab Monitor group. If you run into unknown issues,
 [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new), and ping at
-least 2 people from the [APM group](https://about.gitlab.com/handbook/product/categories/#apm-group).
+least 2 people from the [Monitor group](https://about.gitlab.com/handbook/product/categories/#monitor-group).

doc/user/infrastructure/clusters/manage/management_project_applications/prometheus.md

@@ -27,6 +27,6 @@ management project. Refer to the
 of the Prometheus chart's README for the available configuration options.
 
 Support for installing the Prometheus managed application is provided by the
-GitLab APM group. If you run into unknown issues,
+GitLab Monitor group. If you run into unknown issues,
 [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new), and ping at
-least 2 people from the [APM group](https://about.gitlab.com/handbook/product/categories/#apm-group).
+least 2 people from the [Monitor group](https://about.gitlab.com/handbook/product/categories/#monitor-group).

doc/user/infrastructure/clusters/manage/management_project_applications/sentry.md

@@ -70,7 +70,7 @@ postgresql:
 ```
 
 Support for installing the Sentry managed application is provided by the
-GitLab Health group. If you run into unknown issues,
+GitLab Monitor group. If you run into unknown issues,
 [open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new), and ping at
 least 2 people from the
-[Health group](https://about.gitlab.com/handbook/product/categories/#health-group).
+[Monitor group](https://about.gitlab.com/handbook/product/categories/#monitor-group).

doc/user/infrastructure/iac/index.md

@@ -65,7 +65,7 @@ Amazon S3 or Google Cloud Storage. Its features include:
 - Locking and unlocking state.
 - Remote Terraform plan and apply execution.
 
-Read more on setting up and [using GitLab Managed Terraform states](../terraform_state.md)
+Read more on setting up and [using GitLab Managed Terraform states](terraform_state.md).
 
 ## Terraform module registry
 
@@ -81,7 +81,7 @@ solution to help collaboration around Terraform code changes and their expected
 effects using the Merge Request pages. This way users don't have to build custom
 tools or rely on 3rd party solutions to streamline their IaC workflows.
 
-Read more on setting up and [using the merge request integrations](../mr_integration.md).
+Read more on setting up and [using the merge request integrations](mr_integration.md).
 
 ## The GitLab Terraform provider
 

doc/user/infrastructure/iac/mr_integration.md

@@ -0,0 +1,210 @@
+---
+stage: Configure
+group: Configure
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Terraform integration in Merge Requests **(FREE)**
+
+Collaborating around Infrastructure as Code (IaC) changes requires both code changes and expected infrastructure changes to be checked and approved. GitLab provides a solution to help collaboration around Terraform code changes and their expected effects using the Merge Request pages. This way users don't have to build custom tools or rely on 3rd party solutions to streamline their IaC workflows.
+
+## Output Terraform Plan information into a merge request
+
+Using the [GitLab Terraform Report artifact](../../../ci/yaml/index.md#artifactsreportsterraform),
+you can expose details from `terraform plan` runs directly into a merge request widget,
+enabling you to see statistics about the resources that Terraform creates,
+modifies, or destroys.
+
+WARNING:
+Like any other job artifact, Terraform Plan data is [viewable by anyone with Guest access](../../permissions.md) to the repository.
+Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform Plan
+includes sensitive data such as passwords, access tokens, or certificates, we strongly
+recommend encrypting plan output or modifying the project visibility settings.
+
+## Configure Terraform report artifacts
+
+GitLab ships with a [pre-built CI template](index.md#quick-start) that uses GitLab Managed Terraform state and integrates Terraform changes into merge requests. We recommend customizing the pre-built image and relying on the `gitlab-terraform` helper provided within for a quick setup.
+
+To manually configure a GitLab Terraform Report artifact:
+
+1. For simplicity, let's define a few reusable variables to allow us to
+   refer to these files multiple times:
+
+   ```yaml
+   variables:
+     PLAN: plan.cache
+     PLAN_JSON: plan.json
+   ```
+
+1. Install `jq`, a
+   [lightweight and flexible command-line JSON processor](https://stedolan.github.io/jq/).
+1. Create an alias for a specific `jq` command that parses out the information we
+   want to extract from the `terraform plan` output:
+
+   ```yaml
+   before_script:
+     - apk --no-cache add jq
+     - alias convert_report="jq -r '([.resource_changes[]?.change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}'"
+   ```
+
+   NOTE:
+   In distributions that use Bash (for example, Ubuntu), `alias` statements are not
+   expanded in non-interactive mode. If your pipelines fail with the error
+   `convert_report: command not found`, alias expansion can be activated explicitly
+   by adding a `shopt` command to your script:
+
+   ```yaml
+   before_script:
+     - shopt -s expand_aliases
+     - alias convert_report="jq -r '([.resource_changes[]?.change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}'"
+   ```
+
+1. Define a `script` that runs `terraform plan` and `terraform show`. These commands
+   pipe the output and convert the relevant bits into a store variable `PLAN_JSON`.
+   This JSON is used to create a
+   [GitLab Terraform Report artifact](../../../ci/yaml/index.md#artifactsreportsterraform).
+   The Terraform report obtains a Terraform `tfplan.json` file. The collected
+   Terraform plan report is uploaded to GitLab as an artifact, and is shown in merge requests.
+
+   ```yaml
+   plan:
+     stage: build
+     script:
+       - terraform plan -out=$PLAN
+       - terraform show --json $PLAN | convert_report > $PLAN_JSON
+     artifacts:
+       reports:
+         terraform: $PLAN_JSON
+   ```
+
+   For a full example using the pre-built image, see [Example `.gitlab-ci.yml`
+   file](#example-gitlab-ciyml-file).
+
+   For an example displaying multiple reports, see [`.gitlab-ci.yml` multiple reports file](#multiple-terraform-plan-reports).
+
+1. Running the pipeline displays the widget in the merge request, like this:
+
+   ![Merge Request Terraform widget](img/terraform_plan_widget_v13_2.png)
+
+1. Clicking the **View Full Log** button in the widget takes you directly to the
+   plan output present in the pipeline logs:
+
+   ![Terraform plan logs](img/terraform_plan_log_v13_0.png)
+
+### Example `.gitlab-ci.yml` file
+
+```yaml
+default:
+  image: registry.gitlab.com/gitlab-org/terraform-images/stable:latest
+
+  cache:
+    key: example-production
+    paths:
+      - ${TF_ROOT}/.terraform
+
+variables:
+  TF_ROOT: ${CI_PROJECT_DIR}/environments/example/production
+  TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/example-production
+
+before_script:
+  - cd ${TF_ROOT}
+
+stages:
+  - prepare
+  - validate
+  - build
+  - deploy
+
+init:
+  stage: prepare
+  script:
+    - gitlab-terraform init
+
+validate:
+  stage: validate
+  script:
+    - gitlab-terraform validate
+
+plan:
+  stage: build
+  script:
+    - gitlab-terraform plan
+    - gitlab-terraform plan-json
+  artifacts:
+    name: plan
+    paths:
+      - ${TF_ROOT}/plan.cache
+    reports:
+      terraform: ${TF_ROOT}/plan.json
+
+apply:
+  stage: deploy
+  environment:
+    name: production
+  script:
+    - gitlab-terraform apply
+  dependencies:
+    - plan
+  when: manual
+  only:
+    - master
+```
+
+### Multiple Terraform Plan reports
+
+Starting with GitLab version 13.2, you can display multiple reports on the Merge Request
+page. The reports also display the `artifacts: name:`. See example below for a suggested setup.
+
+```yaml
+default:
+  image:
+    name: registry.gitlab.com/gitlab-org/gitlab-build-images:terraform
+    entrypoint:
+      - '/usr/bin/env'
+      - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
+
+  cache:
+    paths:
+      - .terraform
+
+stages:
+  - build
+
+.terraform-plan-generation:
+  stage: build
+  variables:
+    PLAN: plan.tfplan
+    JSON_PLAN_FILE: tfplan.json
+  before_script:
+    - cd ${TERRAFORM_DIRECTORY}
+    - terraform --version
+    - terraform init
+    - apk --no-cache add jq
+  script:
+    - terraform validate
+    - terraform plan -out=${PLAN}
+    - terraform show --json ${PLAN} | jq -r '([.resource_changes[]?.change.actions?]|flatten)|{"create":(map(select(.=="create"))|length),"update":(map(select(.=="update"))|length),"delete":(map(select(.=="delete"))|length)}' > ${JSON_PLAN_FILE}
+  artifacts:
+    reports:
+      terraform: ${TERRAFORM_DIRECTORY}/${JSON_PLAN_FILE}
+
+review_plan:
+  extends: .terraform-plan-generation
+  variables:
+    TERRAFORM_DIRECTORY: "review/"
+  # Review will not include an artifact name
+
+staging_plan:
+  extends: .terraform-plan-generation
+  variables:
+    TERRAFORM_DIRECTORY: "staging/"
+  artifacts:
+    name: Staging
+
+production_plan:
+  extends: .terraform-plan-generation
+  variables:
+    TERRAFORM_DIRECTORY: "production/"
+  artifacts:
+    name: Production
+```

doc/user/infrastructure/iac/terraform_state.md

@@ -0,0 +1,431 @@
+---
+stage: Configure
+group: Configure
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# GitLab managed Terraform State **(FREE)**
+
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2673) in GitLab 13.0.
+
+[Terraform remote backends](https://www.terraform.io/docs/language/settings/backends/index.html)
+enable you to store the state file in a remote, shared store. GitLab uses the
+[Terraform HTTP backend](https://www.terraform.io/docs/language/settings/backends/http.html)
+to securely store the state files in local storage (the default) or
+[the remote store of your choice](../../../administration/terraform_state.md).
+
+WARNING:
+Using local storage (the default) on clustered deployments of GitLab will result in
+a split state across nodes, making subsequent executions of Terraform inconsistent.
+You are highly advised to use a remote storage in that case.
+
+The GitLab managed Terraform state backend can store your Terraform state easily and
+securely, and spares you from setting up additional remote resources like
+Amazon S3 or Google Cloud Storage. Its features include:
+
+- Versioning of Terraform state files.
+- Supporting encryption of the state file both in transit and at rest.
+- Locking and unlocking state.
+- Remote Terraform plan and apply execution.
+
+A GitLab **administrator** must [setup the Terraform state storage configuration](../../../administration/terraform_state.md)
+before using this feature.
+
+## Permissions for using Terraform
+
+In GitLab version 13.1, the [Maintainer role](../../permissions.md) was required to use a
+GitLab managed Terraform state backend. In GitLab versions 13.2 and greater, the
+[Maintainer role](../../permissions.md) is required to lock, unlock, and write to the state
+(using `terraform apply`), while the [Developer role](../../permissions.md) is required to read
+the state (using `terraform plan -lock=false`).
+
+## Set up GitLab-managed Terraform state
+
+To get started with a GitLab-managed Terraform state, there are two different options:
+
+- [Use a local machine](#get-started-using-local-development).
+- [Use GitLab CI](#get-started-using-gitlab-ci).
+
+Terraform States can be found by navigating to a Project's
+**{cloud-gear}** **Infrastructure > Terraform** page.
+
+### Get started using local development
+
+If you plan to only run `terraform plan` and `terraform apply` commands from your
+local machine, this is a simple way to get started:
+
+1. Create your project on your GitLab instance.
+1. Navigate to **Settings > General** and note your **Project name**
+   and **Project ID**.
+1. Define the Terraform backend in your Terraform project to be:
+
+   ```hcl
+   terraform {
+     backend "http" {
+     }
+   }
+   ```
+
+1. Create a [Personal Access Token](../../profile/personal_access_tokens.md) with
+   the `api` scope.
+
+1. On your local machine, run `terraform init`, passing in the following options,
+   replacing `<YOUR-STATE-NAME>`, `<YOUR-PROJECT-ID>`,  `<YOUR-USERNAME>` and
+   `<YOUR-ACCESS-TOKEN>` with the relevant values. This command initializes your
+   Terraform state, and stores that state in your GitLab project. The name of
+   your state can contain only uppercase and lowercase letters, decimal digits,
+   hyphens, and underscores. This example uses `gitlab.com`:
+
+   ```shell
+   terraform init \
+       -backend-config="address=https://gitlab.com/api/v4/projects/<YOUR-PROJECT-ID>/terraform/state/<YOUR-STATE-NAME>" \
+       -backend-config="lock_address=https://gitlab.com/api/v4/projects/<YOUR-PROJECT-ID>/terraform/state/<YOUR-STATE-NAME>/lock" \
+       -backend-config="unlock_address=https://gitlab.com/api/v4/projects/<YOUR-PROJECT-ID>/terraform/state/<YOUR-STATE-NAME>/lock" \
+       -backend-config="username=<YOUR-USERNAME>" \
+       -backend-config="password=<YOUR-ACCESS-TOKEN>" \
+       -backend-config="lock_method=POST" \
+       -backend-config="unlock_method=DELETE" \
+       -backend-config="retry_wait_min=5"
+   ```
+
+If you already have a GitLab-managed Terraform state, you can use the `terraform init` command
+with the prepopulated parameters values:
+
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Infrastructure > Terraform**.
+1. Next to the environment you want to use, select the [Actions menu](#managing-state-files)
+   **{ellipsis_v}** and select **Copy Terraform init command**.
+
+You can now run `terraform plan` and `terraform apply` as you normally would.
+
+### Get started using GitLab CI
+
+If you don't want to start with local development, you can also use GitLab CI to
+run your `terraform plan` and `terraform apply` commands.
+
+Next, [configure the backend](#configure-the-backend).
+
+#### Configure the backend
+
+After executing the `terraform init` command, you must configure the Terraform backend
+and the CI YAML file:
+
+1. In your Terraform project, define the [HTTP backend](https://www.terraform.io/docs/language/settings/backends/http.html)
+   by adding the following code block in a `.tf` file (such as `backend.tf`) to
+   define the remote backend:
+
+   ```hcl
+   terraform {
+     backend "http" {
+     }
+   }
+   ```
+
+1. In the root directory of your project repository, configure a
+   `.gitlab-ci.yml` file. This example uses a pre-built image which includes a
+   `gitlab-terraform` helper. For supported Terraform versions, see the [GitLab
+   Terraform Images project](https://gitlab.com/gitlab-org/terraform-images).
+
+   ```yaml
+   image: registry.gitlab.com/gitlab-org/terraform-images/stable:latest
+   ```
+
+1. In the `.gitlab-ci.yml` file, define some CI/CD variables to ease
+   development. In this example, `TF_ROOT` is the directory where the Terraform
+   commands must be executed, `TF_ADDRESS` is the URL to the state on the GitLab
+   instance where this pipeline runs, and the final path segment in `TF_ADDRESS`
+   is the name of the Terraform state. Projects may have multiple states, and
+   this name is arbitrary, so in this example we set it to `example-production`
+   which corresponds with the directory we're using as our `TF_ROOT`, and we
+   ensure that the `.terraform` directory is cached between jobs in the pipeline
+   using a cache key based on the state name (`example-production`):
+
+   ```yaml
+   variables:
+     TF_ROOT: ${CI_PROJECT_DIR}/environments/example/production
+     TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/example-production
+
+   cache:
+     key: example-production
+     paths:
+       - ${TF_ROOT}/.terraform
+   ```
+
+1. In a `before_script`, change to your `TF_ROOT`:
+
+   ```yaml
+   before_script:
+     - cd ${TF_ROOT}
+
+   stages:
+     - prepare
+     - validate
+     - build
+     - deploy
+
+   init:
+     stage: prepare
+     script:
+       - gitlab-terraform init
+
+   validate:
+     stage: validate
+     script:
+       - gitlab-terraform validate
+
+   plan:
+     stage: build
+     script:
+       - gitlab-terraform plan
+       - gitlab-terraform plan-json
+     artifacts:
+       name: plan
+       paths:
+         - ${TF_ROOT}/plan.cache
+       reports:
+         terraform: ${TF_ROOT}/plan.json
+
+   apply:
+     stage: deploy
+     environment:
+       name: production
+     script:
+       - gitlab-terraform apply
+     dependencies:
+       - plan
+     when: manual
+     only:
+       - master
+   ```
+
+1. Push your project to GitLab, which triggers a CI job pipeline. This pipeline
+   runs the `gitlab-terraform init`, `gitlab-terraform validate`, and
+   `gitlab-terraform plan` commands.
+
+The output from the above `terraform` commands should be viewable in the job logs.
+
+WARNING:
+Like any other job artifact, Terraform plan data is [viewable by anyone with Guest access](../../permissions.md) to the repository.
+Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform plan
+includes sensitive data such as passwords, access tokens, or certificates, GitLab strongly
+recommends encrypting plan output or modifying the project visibility settings.
+
+### Example project
+
+See [this reference project](https://gitlab.com/gitlab-org/configure/examples/gitlab-terraform-aws) using GitLab and Terraform to deploy a basic AWS EC2 in a custom VPC.
+
+## Using a GitLab managed Terraform state backend as a remote data source
+
+You can use a GitLab-managed Terraform state as a
+[Terraform data source](https://www.terraform.io/docs/language/state/remote-state-data.html).
+To use your existing Terraform state backend as a data source, provide the following details
+as [Terraform input variables](https://www.terraform.io/docs/language/values/variables.html):
+
+- **address**: The URL of the remote state backend you want to use as a data source.
+  For example, `https://gitlab.com/api/v4/projects/<TARGET-PROJECT-ID>/terraform/state/<TARGET-STATE-NAME>`.
+- **username**: The username to authenticate with the data source. If you are using a [Personal Access Token](../../profile/personal_access_tokens.md) for
+  authentication, this is your GitLab username. If you are using GitLab CI, this is `'gitlab-ci-token'`.
+- **password**: The password to authenticate with the data source. If you are using a Personal Access Token for
+  authentication, this is the token value. If you are using GitLab CI, it is the contents of the `${CI_JOB_TOKEN}` CI/CD variable.
+
+An example setup is shown below:
+
+1. Create a file named `example.auto.tfvars` with the following contents:
+
+   ```plaintext
+   example_remote_state_address=https://gitlab.com/api/v4/projects/<TARGET-PROJECT-ID>/terraform/state/<TARGET-STATE-NAME>
+   example_username=<GitLab username>
+   example_access_token=<GitLab Personal Access Token>
+   ```
+
+1. Define the data source by adding the following code block in a `.tf` file (such as `data.tf`):
+
+   ```hcl
+   data "terraform_remote_state" "example" {
+     backend = "http"
+
+     config = {
+       address = var.example_remote_state_address
+       username = var.example_username
+       password = var.example_access_token
+     }
+   }
+   ```
+
+Outputs from the data source can now be referenced in your Terraform resources
+using `data.terraform_remote_state.example.outputs.<OUTPUT-NAME>`.
+
+You need at least the [Developer role](../../permissions.md) in the target project
+to read the Terraform state.
+
+## Migrating to GitLab Managed Terraform state
+
+Terraform supports copying the state when the backend is changed or
+reconfigured. This can be useful if you need to migrate from another backend to
+GitLab managed Terraform state. Using a local terminal is recommended to run the commands needed for migrating to GitLab Managed Terraform state.
+
+The following example demonstrates how to change the state name, the same workflow is needed to migrate to GitLab Managed Terraform state from a different state storage backend.
+
+### Setting up the initial backend
+
+```shell
+PROJECT_ID="<gitlab-project-id>"
+TF_USERNAME="<gitlab-username>"
+TF_PASSWORD="<gitlab-personal-access-token>"
+TF_ADDRESS="https://gitlab.com/api/v4/projects/${PROJECT_ID}/terraform/state/old-state-name"
+
+terraform init \
+  -backend-config=address=${TF_ADDRESS} \
+  -backend-config=lock_address=${TF_ADDRESS}/lock \
+  -backend-config=unlock_address=${TF_ADDRESS}/lock \
+  -backend-config=username=${TF_USERNAME} \
+  -backend-config=password=${TF_PASSWORD} \
+  -backend-config=lock_method=POST \
+  -backend-config=unlock_method=DELETE \
+  -backend-config=retry_wait_min=5
+```
+
+```plaintext
+Initializing the backend...
+
+Successfully configured the backend "http"! Terraform will automatically
+use this backend unless the backend configuration changes.
+
+Initializing provider plugins...
+
+Terraform has been successfully initialized!
+
+You may now begin working with Terraform. Try running "terraform plan" to see
+any changes that are required for your infrastructure. All Terraform commands
+should now work.
+
+If you ever set or change modules or backend configuration for Terraform,
+rerun this command to reinitialize your working directory. If you forget, other
+commands will detect it and remind you to do so if necessary.
+```
+
+### Changing the backend
+
+Now that `terraform init` has created a `.terraform/` directory that knows where
+the old state is, you can tell it about the new location:
+
+```shell
+TF_ADDRESS="https://gitlab.com/api/v4/projects/${PROJECT_ID}/terraform/state/new-state-name"
+
+terraform init \
+  -backend-config=address=${TF_ADDRESS} \
+  -backend-config=lock_address=${TF_ADDRESS}/lock \
+  -backend-config=unlock_address=${TF_ADDRESS}/lock \
+  -backend-config=username=${TF_USERNAME} \
+  -backend-config=password=${TF_PASSWORD} \
+  -backend-config=lock_method=POST \
+  -backend-config=unlock_method=DELETE \
+  -backend-config=retry_wait_min=5
+```
+
+```plaintext
+Initializing the backend...
+Backend configuration changed!
+
+Terraform has detected that the configuration specified for the backend
+has changed. Terraform will now check for existing state in the backends.
+
+
+Acquiring state lock. This may take a few moments...
+Do you want to copy existing state to the new backend?
+  Pre-existing state was found while migrating the previous "http" backend to the
+  newly configured "http" backend. No existing state was found in the newly
+  configured "http" backend. Do you want to copy this state to the new "http"
+  backend? Enter "yes" to copy and "no" to start with an empty state.
+
+  Enter a value: yes
+
+
+Successfully configured the backend "http"! Terraform will automatically
+use this backend unless the backend configuration changes.
+
+Initializing provider plugins...
+
+Terraform has been successfully initialized!
+
+You may now begin working with Terraform. Try running "terraform plan" to see
+any changes that are required for your infrastructure. All Terraform commands
+should now work.
+
+If you ever set or change modules or backend configuration for Terraform,
+rerun this command to reinitialize your working directory. If you forget, other
+commands will detect it and remind you to do so if necessary.
+```
+
+If you type `yes`, it copies your state from the old location to the new
+location. You can then go back to running it in GitLab CI/CD.
+
+## Managing state files
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/273592) in GitLab 13.8.
+
+Users with Developer and greater [permissions](../../permissions.md) can view the
+state files attached to a project at **Infrastructure > Terraform**. Users with the
+Maintainer role can perform commands on the state files. The user interface
+contains these fields:
+
+![Terraform state list](img/terraform_list_view_v13_8.png)
+
+- **Name**: The name of the environment, with a locked (**{lock}**) icon if the
+  state file is locked.
+- **Pipeline**: A link to the most recent pipeline and its status.
+- **Details**: Information about when the state file was created or changed.
+- **Actions**: Actions you can take on the state file, including copying the `terraform init` command,
+  downloading, locking, unlocking, or [removing](#remove-a-state-file) the state file and versions.
+
+NOTE:
+Additional improvements to the
+[graphical interface for managing state files](https://gitlab.com/groups/gitlab-org/-/epics/4563)
+are planned.
+
+## Remove a state file
+
+Users with Maintainer and greater [permissions](../../permissions.md) can use the
+following options to remove a state file:
+
+- **GitLab UI**: Go to **Infrastructure > Terraform**. In the **Actions** column,
+  click the vertical ellipsis (**{ellipsis_v}**) button and select
+  **Remove state file and versions**.
+- **GitLab REST API**: You can remove a state file by making a request to the
+  REST API. For example:
+
+  ```shell
+  curl --header "Private-Token: <your_access_token>" --request DELETE "https://gitlab.example.com/api/v4/projects/<your_project_id>/terraform/state/<your_state_name>"
+  ```
+
+- [GitLab GraphQL API](#remove-a-state-file-with-the-gitlab-graphql-api).
+
+### Remove a state file with the GitLab GraphQL API
+
+You can remove a state file by making a GraphQL API request. For example:
+
+```shell
+mutation deleteState {
+  terraformStateDelete(input: { id: "<global_id_for_the_state>" }) {
+    errors
+  }
+}
+```
+
+You can obtain the `<global_id_for_the_state>` by querying the list of states:
+
+```shell
+query ProjectTerraformStates {
+  project(fullPath: "<your_project_path>") {
+    terraformStates {
+      nodes {
+        id
+        name
+      }
+    }
+  }
+}
+```
+
+For those new to the GitLab GraphQL API, read
+[Getting started with GitLab GraphQL API](../../../api/graphql/getting_started.md).

doc/user/infrastructure/index.md

@@ -27,8 +27,8 @@ The various GitLab integrations help you:
 
 Read more about the [Infrastructure as Code features](iac/index.md), including:
 
-- [The GitLab Managed Terraform State](terraform_state.md).
-- [The Terraform MR widget](mr_integration.md).
+- [The GitLab Managed Terraform State](iac/terraform_state.md).
+- [The Terraform MR widget](iac/mr_integration.md).
 - [The Terraform module registry](../packages/terraform_module_registry/index.md).
 
 ## Integrated Kubernetes management

doc/user/infrastructure/mr_integration.md

@@ -1,210 +1,9 @@
 ---
-stage: Configure
-group: Configure
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+redirect_to: 'iac/mr_integration.md'
+remove_date: '2021-11-26'
 ---
 
-# Terraform integration in Merge Requests **(FREE)**
+This document was moved to [another location](iac/mr_integration.md).
 
-Collaborating around Infrastructure as Code (IaC) changes requires both code changes and expected infrastructure changes to be checked and approved. GitLab provides a solution to help collaboration around Terraform code changes and their expected effects using the Merge Request pages. This way users don't have to build custom tools or rely on 3rd party solutions to streamline their IaC workflows.
-
-## Output Terraform Plan information into a merge request
-
-Using the [GitLab Terraform Report artifact](../../ci/yaml/index.md#artifactsreportsterraform),
-you can expose details from `terraform plan` runs directly into a merge request widget,
-enabling you to see statistics about the resources that Terraform creates,
-modifies, or destroys.
-
-WARNING:
-Like any other job artifact, Terraform Plan data is [viewable by anyone with Guest access](../permissions.md) to the repository.
-Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform Plan
-includes sensitive data such as passwords, access tokens, or certificates, we strongly
-recommend encrypting plan output or modifying the project visibility settings.
-
-## Configure Terraform report artifacts
-
-GitLab ships with a [pre-built CI template](iac/index.md#quick-start) that uses GitLab Managed Terraform state and integrates Terraform changes into merge requests. We recommend customizing the pre-built image and relying on the `gitlab-terraform` helper provided within for a quick setup.
-
-To manually configure a GitLab Terraform Report artifact:
-
-1. For simplicity, let's define a few reusable variables to allow us to
-   refer to these files multiple times:
-
-   ```yaml
-   variables:
-     PLAN: plan.cache
-     PLAN_JSON: plan.json
-   ```
-
-1. Install `jq`, a
-   [lightweight and flexible command-line JSON processor](https://stedolan.github.io/jq/).
-1. Create an alias for a specific `jq` command that parses out the information we
-   want to extract from the `terraform plan` output:
-
-   ```yaml
-   before_script:
-     - apk --no-cache add jq
-     - alias convert_report="jq -r '([.resource_changes[]?.change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}'"
-   ```
-
-   NOTE:
-   In distributions that use Bash (for example, Ubuntu), `alias` statements are not
-   expanded in non-interactive mode. If your pipelines fail with the error
-   `convert_report: command not found`, alias expansion can be activated explicitly
-   by adding a `shopt` command to your script:
-
-   ```yaml
-   before_script:
-     - shopt -s expand_aliases
-     - alias convert_report="jq -r '([.resource_changes[]?.change.actions?]|flatten)|{\"create\":(map(select(.==\"create\"))|length),\"update\":(map(select(.==\"update\"))|length),\"delete\":(map(select(.==\"delete\"))|length)}'"
-   ```
-
-1. Define a `script` that runs `terraform plan` and `terraform show`. These commands
-   pipe the output and convert the relevant bits into a store variable `PLAN_JSON`.
-   This JSON is used to create a
-   [GitLab Terraform Report artifact](../../ci/yaml/index.md#artifactsreportsterraform).
-   The Terraform report obtains a Terraform `tfplan.json` file. The collected
-   Terraform plan report is uploaded to GitLab as an artifact, and is shown in merge requests.
-
-   ```yaml
-   plan:
-     stage: build
-     script:
-       - terraform plan -out=$PLAN
-       - terraform show --json $PLAN | convert_report > $PLAN_JSON
-     artifacts:
-       reports:
-         terraform: $PLAN_JSON
-   ```
-
-   For a full example using the pre-built image, see [Example `.gitlab-ci.yml`
-   file](#example-gitlab-ciyml-file).
-
-   For an example displaying multiple reports, see [`.gitlab-ci.yml` multiple reports file](#multiple-terraform-plan-reports).
-
-1. Running the pipeline displays the widget in the merge request, like this:
-
-   ![Merge Request Terraform widget](img/terraform_plan_widget_v13_2.png)
-
-1. Clicking the **View Full Log** button in the widget takes you directly to the
-   plan output present in the pipeline logs:
-
-   ![Terraform plan logs](img/terraform_plan_log_v13_0.png)
-
-### Example `.gitlab-ci.yml` file
-
-```yaml
-default:
-  image: registry.gitlab.com/gitlab-org/terraform-images/stable:latest
-
-  cache:
-    key: example-production
-    paths:
-      - ${TF_ROOT}/.terraform
-
-variables:
-  TF_ROOT: ${CI_PROJECT_DIR}/environments/example/production
-  TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/example-production
-
-before_script:
-  - cd ${TF_ROOT}
-
-stages:
-  - prepare
-  - validate
-  - build
-  - deploy
-
-init:
-  stage: prepare
-  script:
-    - gitlab-terraform init
-
-validate:
-  stage: validate
-  script:
-    - gitlab-terraform validate
-
-plan:
-  stage: build
-  script:
-    - gitlab-terraform plan
-    - gitlab-terraform plan-json
-  artifacts:
-    name: plan
-    paths:
-      - ${TF_ROOT}/plan.cache
-    reports:
-      terraform: ${TF_ROOT}/plan.json
-
-apply:
-  stage: deploy
-  environment:
-    name: production
-  script:
-    - gitlab-terraform apply
-  dependencies:
-    - plan
-  when: manual
-  only:
-    - master
-```
-
-### Multiple Terraform Plan reports
-
-Starting with GitLab version 13.2, you can display multiple reports on the Merge Request
-page. The reports also display the `artifacts: name:`. See example below for a suggested setup.
-
-```yaml
-default:
-  image:
-    name: registry.gitlab.com/gitlab-org/gitlab-build-images:terraform
-    entrypoint:
-      - '/usr/bin/env'
-      - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
-
-  cache:
-    paths:
-      - .terraform
-
-stages:
-  - build
-
-.terraform-plan-generation:
-  stage: build
-  variables:
-    PLAN: plan.tfplan
-    JSON_PLAN_FILE: tfplan.json
-  before_script:
-    - cd ${TERRAFORM_DIRECTORY}
-    - terraform --version
-    - terraform init
-    - apk --no-cache add jq
-  script:
-    - terraform validate
-    - terraform plan -out=${PLAN}
-    - terraform show --json ${PLAN} | jq -r '([.resource_changes[]?.change.actions?]|flatten)|{"create":(map(select(.=="create"))|length),"update":(map(select(.=="update"))|length),"delete":(map(select(.=="delete"))|length)}' > ${JSON_PLAN_FILE}
-  artifacts:
-    reports:
-      terraform: ${TERRAFORM_DIRECTORY}/${JSON_PLAN_FILE}
-
-review_plan:
-  extends: .terraform-plan-generation
-  variables:
-    TERRAFORM_DIRECTORY: "review/"
-  # Review will not include an artifact name
-
-staging_plan:
-  extends: .terraform-plan-generation
-  variables:
-    TERRAFORM_DIRECTORY: "staging/"
-  artifacts:
-    name: Staging
-
-production_plan:
-  extends: .terraform-plan-generation
-  variables:
-    TERRAFORM_DIRECTORY: "production/"
-  artifacts:
-    name: Production
-```
+<!-- This redirect file can be deleted after <2021-11-26>. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->

doc/user/infrastructure/terraform_state.md

@@ -1,431 +1,9 @@
 ---
-stage: Configure
-group: Configure
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+redirect_to: 'iac/terraform_state.md'
+remove_date: '2021-11-26'
 ---
 
-# GitLab managed Terraform State **(FREE)**
+This document was moved to [another location](iac/terraform_state.md).
 
-> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2673) in GitLab 13.0.
-
-[Terraform remote backends](https://www.terraform.io/docs/language/settings/backends/index.html)
-enable you to store the state file in a remote, shared store. GitLab uses the
-[Terraform HTTP backend](https://www.terraform.io/docs/language/settings/backends/http.html)
-to securely store the state files in local storage (the default) or
-[the remote store of your choice](../../administration/terraform_state.md).
-
-WARNING:
-Using local storage (the default) on clustered deployments of GitLab will result in
-a split state across nodes, making subsequent executions of Terraform inconsistent.
-You are highly advised to use a remote storage in that case.
-
-The GitLab managed Terraform state backend can store your Terraform state easily and
-securely, and spares you from setting up additional remote resources like
-Amazon S3 or Google Cloud Storage. Its features include:
-
-- Versioning of Terraform state files.
-- Supporting encryption of the state file both in transit and at rest.
-- Locking and unlocking state.
-- Remote Terraform plan and apply execution.
-
-A GitLab **administrator** must [setup the Terraform state storage configuration](../../administration/terraform_state.md)
-before using this feature.
-
-## Permissions for using Terraform
-
-In GitLab version 13.1, the [Maintainer role](../permissions.md) was required to use a
-GitLab managed Terraform state backend. In GitLab versions 13.2 and greater, the
-[Maintainer role](../permissions.md) is required to lock, unlock, and write to the state
-(using `terraform apply`), while the [Developer role](../permissions.md) is required to read
-the state (using `terraform plan -lock=false`).
-
-## Set up GitLab-managed Terraform state
-
-To get started with a GitLab-managed Terraform state, there are two different options:
-
-- [Use a local machine](#get-started-using-local-development).
-- [Use GitLab CI](#get-started-using-gitlab-ci).
-
-Terraform States can be found by navigating to a Project's
-**{cloud-gear}** **Infrastructure > Terraform** page.
-
-### Get started using local development
-
-If you plan to only run `terraform plan` and `terraform apply` commands from your
-local machine, this is a simple way to get started:
-
-1. Create your project on your GitLab instance.
-1. Navigate to **Settings > General** and note your **Project name**
-   and **Project ID**.
-1. Define the Terraform backend in your Terraform project to be:
-
-   ```hcl
-   terraform {
-     backend "http" {
-     }
-   }
-   ```
-
-1. Create a [Personal Access Token](../profile/personal_access_tokens.md) with
-   the `api` scope.
-
-1. On your local machine, run `terraform init`, passing in the following options,
-   replacing `<YOUR-STATE-NAME>`, `<YOUR-PROJECT-ID>`,  `<YOUR-USERNAME>` and
-   `<YOUR-ACCESS-TOKEN>` with the relevant values. This command initializes your
-   Terraform state, and stores that state in your GitLab project. The name of
-   your state can contain only uppercase and lowercase letters, decimal digits,
-   hyphens, and underscores. This example uses `gitlab.com`:
-
-   ```shell
-   terraform init \
-       -backend-config="address=https://gitlab.com/api/v4/projects/<YOUR-PROJECT-ID>/terraform/state/<YOUR-STATE-NAME>" \
-       -backend-config="lock_address=https://gitlab.com/api/v4/projects/<YOUR-PROJECT-ID>/terraform/state/<YOUR-STATE-NAME>/lock" \
-       -backend-config="unlock_address=https://gitlab.com/api/v4/projects/<YOUR-PROJECT-ID>/terraform/state/<YOUR-STATE-NAME>/lock" \
-       -backend-config="username=<YOUR-USERNAME>" \
-       -backend-config="password=<YOUR-ACCESS-TOKEN>" \
-       -backend-config="lock_method=POST" \
-       -backend-config="unlock_method=DELETE" \
-       -backend-config="retry_wait_min=5"
-   ```
-
-If you already have a GitLab-managed Terraform state, you can use the `terraform init` command
-with the prepopulated parameters values:
-
-1. On the top bar, select **Menu > Projects** and find your project.
-1. On the left sidebar, select **Infrastructure > Terraform**.
-1. Next to the environment you want to use, select the [Actions menu](#managing-state-files)
-   **{ellipsis_v}** and select **Copy Terraform init command**.
-
-You can now run `terraform plan` and `terraform apply` as you normally would.
-
-### Get started using GitLab CI
-
-If you don't want to start with local development, you can also use GitLab CI to
-run your `terraform plan` and `terraform apply` commands.
-
-Next, [configure the backend](#configure-the-backend).
-
-#### Configure the backend
-
-After executing the `terraform init` command, you must configure the Terraform backend
-and the CI YAML file:
-
-1. In your Terraform project, define the [HTTP backend](https://www.terraform.io/docs/language/settings/backends/http.html)
-   by adding the following code block in a `.tf` file (such as `backend.tf`) to
-   define the remote backend:
-
-   ```hcl
-   terraform {
-     backend "http" {
-     }
-   }
-   ```
-
-1. In the root directory of your project repository, configure a
-   `.gitlab-ci.yml` file. This example uses a pre-built image which includes a
-   `gitlab-terraform` helper. For supported Terraform versions, see the [GitLab
-   Terraform Images project](https://gitlab.com/gitlab-org/terraform-images).
-
-   ```yaml
-   image: registry.gitlab.com/gitlab-org/terraform-images/stable:latest
-   ```
-
-1. In the `.gitlab-ci.yml` file, define some CI/CD variables to ease
-   development. In this example, `TF_ROOT` is the directory where the Terraform
-   commands must be executed, `TF_ADDRESS` is the URL to the state on the GitLab
-   instance where this pipeline runs, and the final path segment in `TF_ADDRESS`
-   is the name of the Terraform state. Projects may have multiple states, and
-   this name is arbitrary, so in this example we set it to `example-production`
-   which corresponds with the directory we're using as our `TF_ROOT`, and we
-   ensure that the `.terraform` directory is cached between jobs in the pipeline
-   using a cache key based on the state name (`example-production`):
-
-   ```yaml
-   variables:
-     TF_ROOT: ${CI_PROJECT_DIR}/environments/example/production
-     TF_ADDRESS: ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/terraform/state/example-production
-
-   cache:
-     key: example-production
-     paths:
-       - ${TF_ROOT}/.terraform
-   ```
-
-1. In a `before_script`, change to your `TF_ROOT`:
-
-   ```yaml
-   before_script:
-     - cd ${TF_ROOT}
-
-   stages:
-     - prepare
-     - validate
-     - build
-     - deploy
-
-   init:
-     stage: prepare
-     script:
-       - gitlab-terraform init
-
-   validate:
-     stage: validate
-     script:
-       - gitlab-terraform validate
-
-   plan:
-     stage: build
-     script:
-       - gitlab-terraform plan
-       - gitlab-terraform plan-json
-     artifacts:
-       name: plan
-       paths:
-         - ${TF_ROOT}/plan.cache
-       reports:
-         terraform: ${TF_ROOT}/plan.json
-
-   apply:
-     stage: deploy
-     environment:
-       name: production
-     script:
-       - gitlab-terraform apply
-     dependencies:
-       - plan
-     when: manual
-     only:
-       - master
-   ```
-
-1. Push your project to GitLab, which triggers a CI job pipeline. This pipeline
-   runs the `gitlab-terraform init`, `gitlab-terraform validate`, and
-   `gitlab-terraform plan` commands.
-
-The output from the above `terraform` commands should be viewable in the job logs.
-
-WARNING:
-Like any other job artifact, Terraform plan data is [viewable by anyone with Guest access](../permissions.md) to the repository.
-Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform plan
-includes sensitive data such as passwords, access tokens, or certificates, GitLab strongly
-recommends encrypting plan output or modifying the project visibility settings.
-
-### Example project
-
-See [this reference project](https://gitlab.com/gitlab-org/configure/examples/gitlab-terraform-aws) using GitLab and Terraform to deploy a basic AWS EC2 in a custom VPC.
-
-## Using a GitLab managed Terraform state backend as a remote data source
-
-You can use a GitLab-managed Terraform state as a
-[Terraform data source](https://www.terraform.io/docs/language/state/remote-state-data.html).
-To use your existing Terraform state backend as a data source, provide the following details
-as [Terraform input variables](https://www.terraform.io/docs/language/values/variables.html):
-
-- **address**: The URL of the remote state backend you want to use as a data source.
-  For example, `https://gitlab.com/api/v4/projects/<TARGET-PROJECT-ID>/terraform/state/<TARGET-STATE-NAME>`.
-- **username**: The username to authenticate with the data source. If you are using a [Personal Access Token](../profile/personal_access_tokens.md) for
-  authentication, this is your GitLab username. If you are using GitLab CI, this is `'gitlab-ci-token'`.
-- **password**: The password to authenticate with the data source. If you are using a Personal Access Token for
-  authentication, this is the token value. If you are using GitLab CI, it is the contents of the `${CI_JOB_TOKEN}` CI/CD variable.
-
-An example setup is shown below:
-
-1. Create a file named `example.auto.tfvars` with the following contents:
-
-   ```plaintext
-   example_remote_state_address=https://gitlab.com/api/v4/projects/<TARGET-PROJECT-ID>/terraform/state/<TARGET-STATE-NAME>
-   example_username=<GitLab username>
-   example_access_token=<GitLab Personal Access Token>
-   ```
-
-1. Define the data source by adding the following code block in a `.tf` file (such as `data.tf`):
-
-   ```hcl
-   data "terraform_remote_state" "example" {
-     backend = "http"
-
-     config = {
-       address = var.example_remote_state_address
-       username = var.example_username
-       password = var.example_access_token
-     }
-   }
-   ```
-
-Outputs from the data source can now be referenced in your Terraform resources
-using `data.terraform_remote_state.example.outputs.<OUTPUT-NAME>`.
-
-You need at least the [Developer role](../permissions.md) in the target project
-to read the Terraform state.
-
-## Migrating to GitLab Managed Terraform state
-
-Terraform supports copying the state when the backend is changed or
-reconfigured. This can be useful if you need to migrate from another backend to
-GitLab managed Terraform state. Using a local terminal is recommended to run the commands needed for migrating to GitLab Managed Terraform state.
-
-The following example demonstrates how to change the state name, the same workflow is needed to migrate to GitLab Managed Terraform state from a different state storage backend.
-
-### Setting up the initial backend
-
-```shell
-PROJECT_ID="<gitlab-project-id>"
-TF_USERNAME="<gitlab-username>"
-TF_PASSWORD="<gitlab-personal-access-token>"
-TF_ADDRESS="https://gitlab.com/api/v4/projects/${PROJECT_ID}/terraform/state/old-state-name"
-
-terraform init \
-  -backend-config=address=${TF_ADDRESS} \
-  -backend-config=lock_address=${TF_ADDRESS}/lock \
-  -backend-config=unlock_address=${TF_ADDRESS}/lock \
-  -backend-config=username=${TF_USERNAME} \
-  -backend-config=password=${TF_PASSWORD} \
-  -backend-config=lock_method=POST \
-  -backend-config=unlock_method=DELETE \
-  -backend-config=retry_wait_min=5
-```
-
-```plaintext
-Initializing the backend...
-
-Successfully configured the backend "http"! Terraform will automatically
-use this backend unless the backend configuration changes.
-
-Initializing provider plugins...
-
-Terraform has been successfully initialized!
-
-You may now begin working with Terraform. Try running "terraform plan" to see
-any changes that are required for your infrastructure. All Terraform commands
-should now work.
-
-If you ever set or change modules or backend configuration for Terraform,
-rerun this command to reinitialize your working directory. If you forget, other
-commands will detect it and remind you to do so if necessary.
-```
-
-### Changing the backend
-
-Now that `terraform init` has created a `.terraform/` directory that knows where
-the old state is, you can tell it about the new location:
-
-```shell
-TF_ADDRESS="https://gitlab.com/api/v4/projects/${PROJECT_ID}/terraform/state/new-state-name"
-
-terraform init \
-  -backend-config=address=${TF_ADDRESS} \
-  -backend-config=lock_address=${TF_ADDRESS}/lock \
-  -backend-config=unlock_address=${TF_ADDRESS}/lock \
-  -backend-config=username=${TF_USERNAME} \
-  -backend-config=password=${TF_PASSWORD} \
-  -backend-config=lock_method=POST \
-  -backend-config=unlock_method=DELETE \
-  -backend-config=retry_wait_min=5
-```
-
-```plaintext
-Initializing the backend...
-Backend configuration changed!
-
-Terraform has detected that the configuration specified for the backend
-has changed. Terraform will now check for existing state in the backends.
-
-
-Acquiring state lock. This may take a few moments...
-Do you want to copy existing state to the new backend?
-  Pre-existing state was found while migrating the previous "http" backend to the
-  newly configured "http" backend. No existing state was found in the newly
-  configured "http" backend. Do you want to copy this state to the new "http"
-  backend? Enter "yes" to copy and "no" to start with an empty state.
-
-  Enter a value: yes
-
-
-Successfully configured the backend "http"! Terraform will automatically
-use this backend unless the backend configuration changes.
-
-Initializing provider plugins...
-
-Terraform has been successfully initialized!
-
-You may now begin working with Terraform. Try running "terraform plan" to see
-any changes that are required for your infrastructure. All Terraform commands
-should now work.
-
-If you ever set or change modules or backend configuration for Terraform,
-rerun this command to reinitialize your working directory. If you forget, other
-commands will detect it and remind you to do so if necessary.
-```
-
-If you type `yes`, it copies your state from the old location to the new
-location. You can then go back to running it in GitLab CI/CD.
-
-## Managing state files
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/273592) in GitLab 13.8.
-
-Users with Developer and greater [permissions](../permissions.md) can view the
-state files attached to a project at **Infrastructure > Terraform**. Users with the
-Maintainer role can perform commands on the state files. The user interface
-contains these fields:
-
-![Terraform state list](img/terraform_list_view_v13_8.png)
-
-- **Name**: The name of the environment, with a locked (**{lock}**) icon if the
-  state file is locked.
-- **Pipeline**: A link to the most recent pipeline and its status.
-- **Details**: Information about when the state file was created or changed.
-- **Actions**: Actions you can take on the state file, including copying the `terraform init` command,
-  downloading, locking, unlocking, or [removing](#remove-a-state-file) the state file and versions.
-
-NOTE:
-Additional improvements to the
-[graphical interface for managing state files](https://gitlab.com/groups/gitlab-org/-/epics/4563)
-are planned.
-
-## Remove a state file
-
-Users with Maintainer and greater [permissions](../permissions.md) can use the
-following options to remove a state file:
-
-- **GitLab UI**: Go to **Infrastructure > Terraform**. In the **Actions** column,
-  click the vertical ellipsis (**{ellipsis_v}**) button and select
-  **Remove state file and versions**.
-- **GitLab REST API**: You can remove a state file by making a request to the
-  REST API. For example:
-
-  ```shell
-  curl --header "Private-Token: <your_access_token>" --request DELETE "https://gitlab.example.com/api/v4/projects/<your_project_id>/terraform/state/<your_state_name>"
-  ```
-
-- [GitLab GraphQL API](#remove-a-state-file-with-the-gitlab-graphql-api).
-
-### Remove a state file with the GitLab GraphQL API
-
-You can remove a state file by making a GraphQL API request. For example:
-
-```shell
-mutation deleteState {
-  terraformStateDelete(input: { id: "<global_id_for_the_state>" }) {
-    errors
-  }
-}
-```
-
-You can obtain the `<global_id_for_the_state>` by querying the list of states:
-
-```shell
-query ProjectTerraformStates {
-  project(fullPath: "<your_project_path>") {
-    terraformStates {
-      nodes {
-        id
-        name
-      }
-    }
-  }
-}
-```
-
-For those new to the GitLab GraphQL API, read
-[Getting started with GitLab GraphQL API](../../api/graphql/getting_started.md).
+<!-- This redirect file can be deleted after <2021-11-26>. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->

doc/user/packages/container_registry/index.md

@@ -747,6 +747,8 @@ The **Packages & Registries > Container Registry** entry is removed from the pro
 
 ## Change visibility of the Container Registry
 
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18792) in GitLab 14.2.
+
 By default, the Container Registry is visible to everyone with access to the project.
 You can, however, change the visibility of the Container Registry for a project.
 

doc/user/packages/terraform_module_registry/index.md

@@ -6,7 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Terraform module registry **(FREE)**
 
-> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3221) in GitLab 14.0.
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3221) in GitLab 14.0.
 
 Publish Terraform modules in your project's Infrastructure Registry, then reference them using GitLab
 as a Terraform module registry.

doc/user/project/merge_requests/index.md

@@ -27,7 +27,7 @@ important parts of the merge request:
 ![Merge request tab positions](img/merge_request_tab_position_v13_11.png)
 
 - **Overview**: Contains the description, notifications from pipelines, and a
-  discussion area for [comment threads](../../discussions/index.md#resolve-a-thread))
+  discussion area for [comment threads](../../discussions/index.md#resolve-a-thread)
   and [code suggestions](reviews/suggestions.md). The right sidebar provides fields
   to add assignees, reviewers, labels, and a milestone to your work, and the
   [merge request widgets area](widgets.md) reports results from pipelines and tests.

doc/user/project/merge_requests/reviews/suggestions.md

@@ -46,7 +46,7 @@ branch. The [Developer role](../../../permissions.md) is required to do so.
 
 ## Multi-line suggestions
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53310) in GitLab 11.10.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53310) in GitLab 11.10.
 
 Reviewers can also suggest changes to multiple lines with a single suggestion
 within merge request diff threads by adjusting the range offsets. The

doc/user/project/wiki/index.md

@@ -105,7 +105,7 @@ Wiki pages are stored as files in a Git repository, so certain characters have a
 
 ### Length restrictions for file and directory names
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/24364) in GitLab 12.8.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/24364) in GitLab 12.8.
 
 Many common file systems have a [limit of 255 bytes](https://en.wikipedia.org/wiki/Comparison_of_file_systems#Limits)
 for file and directory names. Git and GitLab both support paths exceeding
@@ -175,7 +175,7 @@ From the history page you can see:
 
 ### View changes between page versions
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15242) in GitLab 13.2.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15242) in GitLab 13.2.
 
 You can see the changes made in a version of a wiki page, similar to versioned diff file views:
 
@@ -201,7 +201,7 @@ Commits to wikis are not counted in [repository analytics](../../analytics/repos
 
 ## Customize sidebar
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/23109) in GitLab 13.8, the sidebar can be customized by selecting the **Edit sidebar** button.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/23109) in GitLab 13.8, the sidebar can be customized by selecting the **Edit sidebar** button.
 
 You need Developer [permissions](../../permissions.md) or higher to customize the wiki
 navigation sidebar. This process creates a wiki page named `_sidebar` which fully
@@ -238,7 +238,7 @@ Administrators for self-managed GitLab installs can
 
 ## Group wikis **(PREMIUM)**
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13195) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.5.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13195) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.5.
 
 Group wikis work the same way as project wikis. Their usage is similar to project
 wikis, with a few limitations:
@@ -306,7 +306,7 @@ to disable the wiki but toggle it on (in blue).
 
 ## Content Editor **(FREE)**
 
-> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5643) in GitLab 14.0.
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5643) in GitLab 14.0.
 
 GitLab version 14.0 introduces a WYSIWYG editing experience for GitLab Flavored Markdown
 in Wikis through the [Content Editor](../../../development/fe_guide/content_editor.md).

lib/gitlab/import_export/project/import_export.yml

@@ -107,6 +107,7 @@ tree:
       - lists:
         - label:
           - :priorities
+    - :service_desk_setting
   group_members:
     - :user
 
@@ -455,7 +456,6 @@ ee:
         - :unprotect_access_levels
       - protected_environments:
         - :deploy_access_levels
-      - :service_desk_setting
       - :security_setting
       - :push_rule
 

package.json

@@ -63,7 +63,7 @@
     "@gitlab/visual-review-tools": "1.6.1",
     "@rails/actioncable": "6.1.3-2",
     "@rails/ujs": "6.1.3-2",
-    "@sentry/browser": "5.26.0",
+    "@sentry/browser": "5.30.0",
     "@sourcegraph/code-host-integration": "0.0.60",
     "@tiptap/core": "^2.0.0-beta.101",
     "@tiptap/extension-blockquote": "^2.0.0-beta.15",

qa/qa/support/matchers/eventually_matcher.rb

@@ -108,10 +108,7 @@ module QA
             #
             # @return [String]
             def operator_msg
-              case operator
-              when 'eq' then 'equal'
-              else operator
-              end
+              operator == 'eq' ? 'equal' : operator
             end
 
             # Expect operator
@@ -127,7 +124,7 @@ module QA
             def expectation_args
               if operator.include?('truthy') || operator.include?('falsey') || operator.include?('empty')
                 operator
-              elsif operator == "include" && expected.is_a?(Array)
+              elsif operator == 'include' && expected.is_a?(Array)
                 [operator, *expected]
               else
                 [operator, expected]

scripts/rspec_helpers.sh

@@ -200,7 +200,7 @@ function rspec_matched_foss_tests() {
     echo "This job is intentionally failed because there are more than ${test_file_count_threshold} FOSS test files matched,"
     echo "which would take too long to run in this job."
     echo "To reduce the likelihood of breaking FOSS pipelines,"
-    echo "please add [RUN AS-IF-FOSS] to the MR title and restart the pipeline."
+    echo "please add ~\"pipeline:run-as-if-foss\" label to the merge request and trigger a new pipeline."
     echo "This would run all as-if-foss jobs in this merge request"
     echo "and remove this failing job from the pipeline."
     exit 1

spec/frontend/boards/mock_data.js

@@ -7,6 +7,7 @@ import '~/boards/models/list';
 import { ListType } from '~/boards/constants';
 import boardsStore from '~/boards/stores/boards_store';
 import { __ } from '~/locale';
+import { DEFAULT_MILESTONES_GRAPHQL } from '~/vue_shared/components/filtered_search_bar/constants';
 import AuthorToken from '~/vue_shared/components/filtered_search_bar/tokens/author_token.vue';
 import LabelToken from '~/vue_shared/components/filtered_search_bar/tokens/label_token.vue';
 import MilestoneToken from '~/vue_shared/components/filtered_search_bar/tokens/milestone_token.vue';
@@ -547,17 +548,17 @@ export const mockMoveData = {
 
 export const mockTokens = (fetchLabels, fetchAuthors, fetchMilestones) => [
   {
-    icon: 'labels',
-    title: __('Label'),
-    type: 'label_name',
+    icon: 'user',
+    title: __('Assignee'),
+    type: 'assignee_username',
     operators: [
       { value: '=', description: 'is' },
       { value: '!=', description: 'is not' },
     ],
-    token: LabelToken,
-    unique: false,
-    symbol: '~',
-    fetchLabels,
+    token: AuthorToken,
+    unique: true,
+    fetchAuthors,
+    preloadedAuthors: [],
   },
   {
     icon: 'pencil',
@@ -574,17 +575,27 @@ export const mockTokens = (fetchLabels, fetchAuthors, fetchMilestones) => [
     preloadedAuthors: [],
   },
   {
-    icon: 'user',
-    title: __('Assignee'),
-    type: 'assignee_username',
+    icon: 'labels',
+    title: __('Label'),
+    type: 'label_name',
     operators: [
       { value: '=', description: 'is' },
       { value: '!=', description: 'is not' },
     ],
-    token: AuthorToken,
+    token: LabelToken,
+    unique: false,
+    symbol: '~',
+    fetchLabels,
+  },
+  {
+    icon: 'clock',
+    title: __('Milestone'),
+    symbol: '%',
+    type: 'milestone_title',
+    token: MilestoneToken,
     unique: true,
-    fetchAuthors,
-    preloadedAuthors: [],
+    defaultMilestones: DEFAULT_MILESTONES_GRAPHQL,
+    fetchMilestones,
   },
   {
     icon: 'issues',
@@ -598,16 +609,6 @@ export const mockTokens = (fetchLabels, fetchAuthors, fetchMilestones) => [
       { icon: 'issue-type-incident', value: 'INCIDENT', title: 'Incident' },
     ],
   },
-  {
-    icon: 'clock',
-    title: __('Milestone'),
-    symbol: '%',
-    type: 'milestone_title',
-    token: MilestoneToken,
-    unique: true,
-    defaultMilestones: [],
-    fetchMilestones,
-  },
   {
     icon: 'weight',
     title: __('Weight'),

spec/frontend/groups/components/app_spec.js

@@ -182,7 +182,12 @@ describe('AppComponent', () => {
         jest.spyOn(window.history, 'replaceState').mockImplementation(() => {});
         jest.spyOn(window, 'scrollTo').mockImplementation(() => {});
 
-        const fetchPagePromise = vm.fetchPage(2, null, null, true);
+        const fetchPagePromise = vm.fetchPage({
+          page: 2,
+          filterGroupsBy: null,
+          sortBy: null,
+          archived: true,
+        });
 
         expect(vm.isLoading).toBe(true);
         expect(vm.fetchGroups).toHaveBeenCalledWith({

spec/frontend/groups/components/groups_spec.js

@@ -41,13 +41,12 @@ describe('GroupsComponent', () => {
 
         vm.change(2);
 
-        expect(eventHub.$emit).toHaveBeenCalledWith(
-          'fetchPage',
-          2,
-          expect.any(Object),
-          expect.any(Object),
-          expect.any(Object),
-        );
+        expect(eventHub.$emit).toHaveBeenCalledWith('fetchPage', {
+          page: 2,
+          archived: null,
+          filterGroupsBy: null,
+          sortBy: null,
+        });
       });
     });
   });

spec/frontend/vue_shared/components/filtered_search_bar/tokens/milestone_token_spec.js

@@ -11,7 +11,10 @@ import createFlash from '~/flash';
 import axios from '~/lib/utils/axios_utils';
 import { sortMilestonesByDueDate } from '~/milestones/milestone_utils';
 
-import { DEFAULT_MILESTONES } from '~/vue_shared/components/filtered_search_bar/constants';
+import {
+  DEFAULT_MILESTONES,
+  DEFAULT_MILESTONES_GRAPHQL,
+} from '~/vue_shared/components/filtered_search_bar/constants';
 import MilestoneToken from '~/vue_shared/components/filtered_search_bar/tokens/milestone_token.vue';
 
 import { mockMilestoneToken, mockMilestones, mockRegularMilestone } from '../mock_data';
@@ -191,5 +194,22 @@ describe('MilestoneToken', () => {
         expect(suggestions.at(index).text()).toBe(milestone.text);
       });
     });
+
+    describe('when getActiveMilestones is called and milestones is empty', () => {
+      beforeEach(() => {
+        wrapper = createComponent({
+          active: true,
+          config: { ...mockMilestoneToken, defaultMilestones: DEFAULT_MILESTONES_GRAPHQL },
+        });
+      });
+
+      it('finds the correct value from the activeToken', () => {
+        DEFAULT_MILESTONES_GRAPHQL.forEach(({ value, title }) => {
+          const activeToken = wrapper.vm.getActiveMilestone([], value);
+
+          expect(activeToken.title).toEqual(title);
+        });
+      });
+    });
   });
 });

spec/frontend/vue_shared/components/runner_aws_deployments/runner_aws_deployments_modal_spec.js

@@ -21,6 +21,7 @@ describe('RunnerAwsDeploymentsModal', () => {
     wrapper = shallowMount(RunnerAwsDeploymentsModal, {
       propsData: {
         modalId: 'runner-aws-deployments-modal',
+        imgSrc: '/assets/aws-cloud-formation.png',
       },
     });
   };

yarn.lock

@@ -1356,56 +1356,56 @@
   resolved "https://registry.yarnpkg.com/@rails/ujs/-/ujs-6.1.3-2.tgz#5d7e161e7061654e738a116a7ec8b58b51721a11"
   integrity sha512-Nd0Im4cW8tIX8ZR3jE/dS3wnJrN46RJSdCfU59Cji2puctIWohq63LjKFMufUwm21bCasISNGoLdkr3S7nwONw==
 
-"@sentry/browser@5.26.0":
-  version "5.26.0"
-  resolved "https://registry.yarnpkg.com/@sentry/browser/-/browser-5.26.0.tgz#e90a197fb94c5f26c8e05d6a539c118f33c7d598"
-  integrity sha512-52kNVpy10Zd3gJRGFkhnOQvr80WJg7+XBqjMOE0//Akh4PfvEK3IqmAjVqysz6aHdruwTTivKF4ZoAxL/pA7Rg==
+"@sentry/browser@5.30.0":
+  version "5.30.0"
+  resolved "https://registry.yarnpkg.com/@sentry/browser/-/browser-5.30.0.tgz#c28f49d551db3172080caef9f18791a7fd39e3b3"
+  integrity sha512-rOb58ZNVJWh1VuMuBG1mL9r54nZqKeaIlwSlvzJfc89vyfd7n6tQ1UXMN383QBz/MS5H5z44Hy5eE+7pCrYAfw==
   dependencies:
-    "@sentry/core" "5.26.0"
-    "@sentry/types" "5.26.0"
-    "@sentry/utils" "5.26.0"
+    "@sentry/core" "5.30.0"
+    "@sentry/types" "5.30.0"
+    "@sentry/utils" "5.30.0"
     tslib "^1.9.3"
 
-"@sentry/core@5.26.0":
-  version "5.26.0"
-  resolved "https://registry.yarnpkg.com/@sentry/core/-/core-5.26.0.tgz#9b5fe4de8a869d733ebcc77f5ec9c619f8717a51"
-  integrity sha512-Ubrw7K52orTVsaxpz8Su40FPXugKipoQC+zPrXcH+JIMB+o18kutF81Ae4WzuUqLfP7YB91eAlRrP608zw0EXA==
+"@sentry/core@5.30.0":
+  version "5.30.0"
+  resolved "https://registry.yarnpkg.com/@sentry/core/-/core-5.30.0.tgz#6b203664f69e75106ee8b5a2fe1d717379b331f3"
+  integrity sha512-TmfrII8w1PQZSZgPpUESqjB+jC6MvZJZdLtE/0hZ+SrnKhW3x5WlYLvTXZpcWePYBku7rl2wn1RZu6uT0qCTeg==
   dependencies:
-    "@sentry/hub" "5.26.0"
-    "@sentry/minimal" "5.26.0"
-    "@sentry/types" "5.26.0"
-    "@sentry/utils" "5.26.0"
+    "@sentry/hub" "5.30.0"
+    "@sentry/minimal" "5.30.0"
+    "@sentry/types" "5.30.0"
+    "@sentry/utils" "5.30.0"
     tslib "^1.9.3"
 
-"@sentry/hub@5.26.0":
-  version "5.26.0"
-  resolved "https://registry.yarnpkg.com/@sentry/hub/-/hub-5.26.0.tgz#b2bbd8128cd5915f2ee59cbc29fff30272d74ec5"
-  integrity sha512-lAYeWvvhGYS6eQ5d0VEojw0juxGc3v4aAu8VLvMKWcZ1jXD13Bhc46u9Nvf4qAY6BAQsJDQcpEZLpzJu1bk1Qw==
+"@sentry/hub@5.30.0":
+  version "5.30.0"
+  resolved "https://registry.yarnpkg.com/@sentry/hub/-/hub-5.30.0.tgz#2453be9b9cb903404366e198bd30c7ca74cdc100"
+  integrity sha512-2tYrGnzb1gKz2EkMDQcfLrDTvmGcQPuWxLnJKXJvYTQDGLlEvi2tWz1VIHjunmOvJrB5aIQLhm+dcMRwFZDCqQ==
   dependencies:
-    "@sentry/types" "5.26.0"
-    "@sentry/utils" "5.26.0"
+    "@sentry/types" "5.30.0"
+    "@sentry/utils" "5.30.0"
     tslib "^1.9.3"
 
-"@sentry/minimal@5.26.0":
-  version "5.26.0"
-  resolved "https://registry.yarnpkg.com/@sentry/minimal/-/minimal-5.26.0.tgz#851dea3644153ed3ac4837fa8ed5661d94e7a313"
-  integrity sha512-mdFo3FYaI1W3KEd8EHATYx8mDOZIxeoUhcBLlH7Iej6rKvdM7p8GoECrmHPU1l6sCCPtBuz66QT5YeXc7WILsA==
+"@sentry/minimal@5.30.0":
+  version "5.30.0"
+  resolved "https://registry.yarnpkg.com/@sentry/minimal/-/minimal-5.30.0.tgz#ce3d3a6a273428e0084adcb800bc12e72d34637b"
+  integrity sha512-BwWb/owZKtkDX+Sc4zCSTNcvZUq7YcH3uAVlmh/gtR9rmUvbzAA3ewLuB3myi4wWRAMEtny6+J/FN/x+2wn9Xw==
   dependencies:
-    "@sentry/hub" "5.26.0"
-    "@sentry/types" "5.26.0"
+    "@sentry/hub" "5.30.0"
+    "@sentry/types" "5.30.0"
     tslib "^1.9.3"
 
-"@sentry/types@5.26.0":
-  version "5.26.0"
-  resolved "https://registry.yarnpkg.com/@sentry/types/-/types-5.26.0.tgz#b0cbacb0b24cd86620fb296b46cf7277bb004a3e"
-  integrity sha512-ugpa1ePOhK55pjsyutAsa2tiJVQEyGYCaOXzaheg/3+EvhMdoW+owiZ8wupfvPhtZFIU3+FPOVz0d5k9K5d1rw==
+"@sentry/types@5.30.0":
+  version "5.30.0"
+  resolved "https://registry.yarnpkg.com/@sentry/types/-/types-5.30.0.tgz#19709bbe12a1a0115bc790b8942917da5636f402"
+  integrity sha512-R8xOqlSTZ+htqrfteCWU5Nk0CDN5ApUTvrlvBuiH1DyP6czDZ4ktbZB0hAgBlVcK0U+qpD3ag3Tqqpa5Q67rPw==
 
-"@sentry/utils@5.26.0":
-  version "5.26.0"
-  resolved "https://registry.yarnpkg.com/@sentry/utils/-/utils-5.26.0.tgz#09a3d01d91747f38f796cafeb24f8fd86e4fa05f"
-  integrity sha512-F2gnHIAWbjiowcAgxz3VpKxY/NQ39NTujEd/NPnRTWlRynLFg3bAV+UvZFXljhYJeN3b/zRlScNDcpCWTrtZGw==
+"@sentry/utils@5.30.0":
+  version "5.30.0"
+  resolved "https://registry.yarnpkg.com/@sentry/utils/-/utils-5.30.0.tgz#9a5bd7ccff85ccfe7856d493bffa64cabc41e980"
+  integrity sha512-zaYmoH0NWWtvnJjC9/CBseXMtKHm/tm40sz3YfJRxeQjyzRqNQPgivpd9R/oDJCYj999mzdW382p/qi2ypjLww==
   dependencies:
-    "@sentry/types" "5.26.0"
+    "@sentry/types" "5.30.0"
     tslib "^1.9.3"
 
 "@sindresorhus/is@^0.14.0":