Add latest changes from gitlab-org/gitlab@master

2019-10-08 03:05:52 +00:00 · 2019-10-08 03:05:52 +00:00 · e4f5b70718
commit e4f5b70718
parent ca95fe0b55
31 changed files with 94 additions and 86 deletions
--- a/changelogs/unreleased/add-timestamps-to-api-deployments-response.yml
+++ b/changelogs/unreleased/add-timestamps-to-api-deployments-response.yml
@ -0,0 +1,5 @@
+---
+title: Added timestamp (updated_at) to API deployments response
+merge_request: 17913
+author:
+type: added
--- a/doc/administration/issue_closing_pattern.md
+++ b/doc/administration/issue_closing_pattern.md
@ -17,7 +17,7 @@ The default pattern can be located in [`gitlab.yml.example`](https://gitlab.com/
 under the "Automatic issue closing" section.

 > **Tip:**
-You are advised to use <http://rubular.com> to test the issue closing pattern.
+You are advised to use <https://rubular.com> to test the issue closing pattern.
 Because Rubular doesn't understand `%{issue_ref}`, you can replace this by
 `#\d+` when testing your patterns, which matches only local issue references like `#123`.

--- a/doc/administration/job_artifacts.md
+++ b/doc/administration/job_artifacts.md
@ -118,7 +118,7 @@ The connection settings match those provided by [Fog](https://github.com/fog), a
 | `enable_signature_v4_streaming` | Set to true to enable HTTP chunked transfers with [AWS v4 signatures](https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html). Oracle Cloud S3 needs this to be false | true |
 | `region` | AWS region | us-east-1 |
 | `host` | S3 compatible host for when not using AWS, e.g. `localhost` or `storage.example.com` | s3.amazonaws.com |
-| `endpoint` | Can be used when configuring an S3 compatible service such as [MinIO](https://www.minio.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
+| `endpoint` | Can be used when configuring an S3 compatible service such as [MinIO](https://min.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
 | `path_style` | Set to true to use `host/bucket_name/object` style paths instead of `bucket_name.host/object`. Leave as false for AWS S3 | false |
 | `use_iam_profile` | Set to true to use IAM profile instead of access keys | false

--- a/doc/administration/merge_request_diffs.md
+++ b/doc/administration/merge_request_diffs.md
@ -96,7 +96,7 @@ The connection settings match those provided by [Fog](https://github.com/fog), a
 | `enable_signature_v4_streaming` | Set to true to enable HTTP chunked transfers with [AWS v4 signatures](https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html). Oracle Cloud S3 needs this to be false | true |
 | `region` | AWS region | us-east-1 |
 | `host` | S3 compatible host for when not using AWS, e.g. `localhost` or `storage.example.com` | s3.amazonaws.com |
-| `endpoint` | Can be used when configuring an S3 compatible service such as [MinIO](https://www.minio.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
+| `endpoint` | Can be used when configuring an S3 compatible service such as [MinIO](https://min.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
 | `path_style` | Set to true to use `host/bucket_name/object` style paths instead of `bucket_name.host/object`. Leave as false for AWS S3 | false |
 | `use_iam_profile` | Set to true to use IAM profile instead of access keys | false

--- a/doc/administration/uploads.md
+++ b/doc/administration/uploads.md
@ -81,7 +81,7 @@ The connection settings match those provided by [Fog](https://github.com/fog), a
 | `enable_signature_v4_streaming` | Set to true to enable HTTP chunked transfers with [AWS v4 signatures](https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html). Oracle Cloud S3 needs this to be false | true |
 | `region` | AWS region | us-east-1 |
 | `host` | S3 compatible host for when not using AWS, e.g. `localhost` or `storage.example.com` | s3.amazonaws.com |
-| `endpoint` | Can be used when configuring an S3 compatible service such as [MinIO](https://www.minio.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
+| `endpoint` | Can be used when configuring an S3 compatible service such as [MinIO](https://min.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
 | `path_style` | Set to true to use `host/bucket_name/object` style paths instead of `bucket_name.host/object`. Leave as false for AWS S3 | false |
 | `use_iam_profile` | Set to true to use IAM profile instead of access keys | false

--- a/doc/api/deployments.md
+++ b/doc/api/deployments.md
@ -24,6 +24,7 @@ Example of response
 [
  {
    "created_at": "2016-08-11T07:36:40.222Z",
+    "updated_at": "2016-08-11T07:38:12.414Z",
    "deployable": {
      "commit": {
        "author_email": "admin@example.com",
@ -83,6 +84,7 @@ Example of response
  },
  {
    "created_at": "2016-08-11T11:32:35.444Z",
+    "updated_at": "2016-08-11T11:34:01.123Z",
    "deployable": {
      "commit": {
        "author_email": "admin@example.com",
@ -167,6 +169,7 @@ Example of response
  "ref": "master",
  "sha": "a91957a858320c0e17f3a0eca7cfacbff50ea29a",
  "created_at": "2016-08-11T11:32:35.444Z",
+  "updated_at": "2016-08-11T11:34:01.123Z",
  "user": {
    "name": "Administrator",
    "username": "root",
--- a/doc/integration/README.md
+++ b/doc/integration/README.md
@ -47,10 +47,10 @@ application, most likely Sidekiq. There are 2 approaches you can take to solve t

 **OS main trusted chain**

-This [resource](http://kb.kerio.com/product/kerio-connect/server-configuration/ssl-certificates/adding-trusted-root-certificates-to-the-server-1605.html)
+This [resource](https://manuals.gfi.com/en/kerio/connect/content/server-configuration/ssl-certificates/adding-trusted-root-certificates-to-the-server-1605.html)
 has all the information you need to add a certificate to the main trusted chain.

-This [answer](http://superuser.com/questions/437330/how-do-you-add-a-certificate-authority-ca-to-ubuntu)
+This [answer](https://superuser.com/questions/437330/how-do-you-add-a-certificate-authority-ca-to-ubuntu)
 at Super User also has relevant information.

 **Omnibus Trusted Chain**
--- a/doc/integration/elasticsearch.md
+++ b/doc/integration/elasticsearch.md
@ -1,7 +1,7 @@
 # Elasticsearch integration **(STARTER ONLY)**

 > [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/109 "Elasticsearch Merge Request") in GitLab [Starter](https://about.gitlab.com/pricing/) 8.4. Support
-> for [Amazon Elasticsearch](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html) was [introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/1305) in GitLab
+> for [Amazon Elasticsearch](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html) was [introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/1305) in GitLab
 > [Starter](https://about.gitlab.com/pricing/) 9.0.

 This document describes how to set up Elasticsearch with GitLab. Once enabled,
@ -32,7 +32,7 @@ of this document.
 NOTE: **Note:**
 Elasticsearch should be installed on a separate server, whether you install
 it yourself or by using the
-[Amazon Elasticsearch](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html)
+[Amazon Elasticsearch](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html)
 service. Running Elasticsearch on the same server as GitLab is not recommended
 and it will likely cause performance degradation on the GitLab installation.

@ -136,19 +136,19 @@ Click **Save changes** for the changes to take effect.

 The following Elasticsearch settings are available:

-| Parameter                           | Description |
-| ---------                           | ----------- |
-| `Elasticsearch indexing`            | Enables/disables Elasticsearch indexing. You may want to enable indexing but disable search in order to give the index time to be fully completed, for example. Also, keep in mind that this option doesn't have any impact on existing data, this only enables/disables background indexer which tracks data changes. So by enabling this you will not get your existing data indexed, use special rake task for that as explained in [Adding GitLab's data to the Elasticsearch index](#adding-gitlabs-data-to-the-elasticsearch-index). |
-| `Use the new repository indexer (beta)` | Perform repository indexing using [GitLab Elasticsearch Indexer](https://gitlab.com/gitlab-org/gitlab-elasticsearch-indexer). |
-| `Search with Elasticsearch enabled` | Enables/disables using Elasticsearch in search. |
-| `URL`                              | The URL to use for connecting to Elasticsearch. Use a comma-separated list to support clustering (e.g., `http://host1, https://host2:9200`). If your Elasticsearch instance is password protected, pass the `username:password` in the URL (e.g., `http://<username>:<password>@<elastic_host>:9200/`). |
-| `Number of Elasticsearch shards` | Elasticsearch indexes are split into multiple shards for performance reasons. In general, larger indexes need to have more shards. Changes to this value do not take effect until the index is recreated. You can read more about tradeoffs in the [Elasticsearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html#create-index-settings) |
-| `Number of Elasticsearch replicas` | Each Elasticsearch shard can have a number of replicas. These are a complete copy of the shard, and can provide increased query performance or resilience against hardware failure. Increasing this value will greatly increase total disk space required by the index. |
-| `Limit namespaces and projects that can be indexed` | Enabling this will allow you to select namespaces and projects to index. All other namespaces and projects will use database search instead. Please note that if you enable this option but do not select any namespaces or projects, none will be indexed. [Read more below](#limiting-namespaces-and-projects).
-| `Using AWS hosted Elasticsearch with IAM credentials` | Sign your Elasticsearch requests using [AWS IAM authorization](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html) or [AWS EC2 Instance Profile Credentials](http://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-iam-instance-profile.html#getting-started-create-iam-instance-profile-cli). The policies must be configured to allow `es:*` actions. |
-| `AWS Region` | The AWS region your Elasticsearch service is located in. |
-| `AWS Access Key` | The AWS access key. |
-| `AWS Secret Access Key` | The AWS secret access key. |
+| Parameter                                             | Description |
+| ----------------------------------------------------- | ----------- |
+| `Elasticsearch indexing`                              | Enables/disables Elasticsearch indexing. You may want to enable indexing but disable search in order to give the index time to be fully completed, for example. Also, keep in mind that this option doesn't have any impact on existing data, this only enables/disables background indexer which tracks data changes. So by enabling this you will not get your existing data indexed, use special rake task for that as explained in [Adding GitLab's data to the Elasticsearch index](#adding-gitlabs-data-to-the-elasticsearch-index). |
+| `Use the new repository indexer (beta)`               | Perform repository indexing using [GitLab Elasticsearch Indexer](https://gitlab.com/gitlab-org/gitlab-elasticsearch-indexer). |
+| `Search with Elasticsearch enabled`                   | Enables/disables using Elasticsearch in search. |
+| `URL`                                                 | The URL to use for connecting to Elasticsearch. Use a comma-separated list to support clustering (e.g., `http://host1, https://host2:9200`). If your Elasticsearch instance is password protected, pass the `username:password` in the URL (e.g., `http://<username>:<password>@<elastic_host>:9200/`). |
+| `Number of Elasticsearch shards`                      | Elasticsearch indexes are split into multiple shards for performance reasons. In general, larger indexes need to have more shards. Changes to this value do not take effect until the index is recreated. You can read more about tradeoffs in the [Elasticsearch documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-create-index.html#create-index-settings) |
+| `Number of Elasticsearch replicas`                    | Each Elasticsearch shard can have a number of replicas. These are a complete copy of the shard, and can provide increased query performance or resilience against hardware failure. Increasing this value will greatly increase total disk space required by the index. |
+| `Limit namespaces and projects that can be indexed`   | Enabling this will allow you to select namespaces and projects to index. All other namespaces and projects will use database search instead. Please note that if you enable this option but do not select any namespaces or projects, none will be indexed. [Read more below](#limiting-namespaces-and-projects).
+| `Using AWS hosted Elasticsearch with IAM credentials` | Sign your Elasticsearch requests using [AWS IAM authorization](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html) or [AWS EC2 Instance Profile Credentials](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-iam-instance-profile.html#getting-started-create-iam-instance-profile-cli). The policies must be configured to allow `es:*` actions. |
+| `AWS Region`                                          | The AWS region your Elasticsearch service is located in. |
+| `AWS Access Key`                                      | The AWS access key. |
+| `AWS Secret Access Key`                               | The AWS secret access key. |

 ### Limiting namespaces and projects

@ -580,6 +580,6 @@ Here are some common pitfalls and how to overcome them:
  `http.max_content_length` setting in `elasticsearch.yml`. Increase it to a
  larger size and restart your Elasticsearch cluster.

-  AWS has [fixed limits](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-limits.html)
+  AWS has [fixed limits](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-limits.html)
  for this setting ("Maximum Size of HTTP Request Payloads"), based on the size of
  the underlying instance.
--- a/doc/integration/kerberos.md
+++ b/doc/integration/kerberos.md
@ -293,7 +293,7 @@ See also: [Git v2.11 release notes](https://github.com/git/git/blob/master/Docum

 - <https://help.ubuntu.com/community/Kerberos>
 - <http://blog.manula.org/2012/04/setting-up-kerberos-server-with-debian.html>
- <http://www.roguelynn.com/words/explain-like-im-5-kerberos/>
+- <https://www.roguelynn.com/words/explain-like-im-5-kerberos/>

 [restart gitlab]: ../administration/restart_gitlab.md#installations-from-source
 [reconfigure gitlab]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
--- a/doc/integration/saml.md
+++ b/doc/integration/saml.md
@ -370,7 +370,7 @@ This setting should only be used to map attributes that are part of the
 OmniAuth info hash schema.

 `attribute_statements` is used to map Attribute Names in a SAMLResponse to entries
-in the OmniAuth [info hash](https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema#schema-10-and-later).
+in the OmniAuth [info hash](https://github.com/omniauth/omniauth/wiki/Auth-Hash-Schema#schema-10-and-later).

 For example, if your SAMLResponse contains an Attribute called 'EmailAddress',
 specify `{ email: ['EmailAddress'] }` to map the Attribute to the
@ -414,7 +414,7 @@ args: {

 ### `uid_attribute`

-> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/43806) in GitLab 10.7.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/17734) in GitLab 10.7.

 By default, the `uid` is set as the `name_id` in the SAML response. If you'd like to designate a unique attribute for the `uid`, you can set the `uid_attribute`. In the example below, the value of `uid` attribute in the SAML response is set as the `uid_attribute`.

@ -458,7 +458,7 @@ installations from source. Restart Unicorn using the `sudo gitlab-ctl restart un
 command on Omnibus installations and `sudo service gitlab restart` on installations
 from source.

-You may also find the [SSO Tracer](https://addons.mozilla.org/en-US/firefox/addon/sso-tracer)
+You may also find the [SSO Tracer](https://addons.mozilla.org/en-US/firefox/addon/sso-tracer/)
 (Firefox) and [SAML Chrome Panel](https://chrome.google.com/webstore/detail/saml-chrome-panel/paijfdbeoenhembfhkhllainmocckace)
 (Chrome) browser extensions useful in your debugging.

--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@ -113,10 +113,9 @@ is used to detect the languages/frameworks and in turn runs the matching scan to

 ### Customizing the SAST settings

-The SAST settings can be changed through environment variables by using the
+The SAST settings can be changed through [environment variables](#available-variables)
+by using the
 [`variables`](../../../ci/yaml/README.md#variables) parameter in `.gitlab-ci.yml`.
-These variables are documented in the
-[SAST tool documentation](https://gitlab.com/gitlab-org/security-products/sast#settings).

 In the following example, we include the SAST template and at the same time we
 set the `SAST_GOSEC_LEVEL` variable to `2`:
@ -132,7 +131,22 @@ variables:
 Because the template is [evaluated before](../../../ci/yaml/README.md#include)
 the pipeline configuration, the last mention of the variable will take precedence.

-#### Using a variable to pass username and password to a private Maven repository
+### Overriding the SAST template
+
+If you want to override the job definition (for example, change properties like
+`variables` or `dependencies`), you need to declare a `sast` job after the
+template inclusion and specify any additional keys under it. For example:
+
+```yaml
+include:
+  template: SAST.gitlab-ci.yml
+
+sast:
+  variables:
+    CI_DEBUG_TRACE: "true"
+```
+
+### Using a variable to pass username and password to a private Maven repository

 If you have a private Apache Maven repository that requires login credentials,
 you can use the `MAVEN_CLI_OPTS` [environment variable](#available-variables)
@ -140,7 +154,7 @@ to pass a username and password. You can set it under your project's settings
 so that your credentials aren't exposed in `.gitlab-ci.yml`.

 If the username is `myuser` and the password is `verysecret` then you would
-set the following [variable](../../../ci/variables/README.md#via-the-ui)
+[set the following variable](../../../ci/variables/README.md#via-the-ui)
 under your project's settings:

 | Type | Key | Value |
@ -162,21 +176,6 @@ variables:

 This will create individual `<analyzer-name>-sast` jobs for each analyzer that runs in your CI/CD pipeline.

-### Overriding the SAST template
-
-If you want to override the job definition (for example, change properties like
-`variables` or `dependencies`), you need to declare a `sast` job after the
-template inclusion and specify any additional keys under it. For example:
-
-```yaml
-include:
-  template: SAST.gitlab-ci.yml
-
-sast:
-  variables:
-    CI_DEBUG_TRACE: "true"
-```
-
 ### Available variables

 SAST can be [configured](#customizing-the-sast-settings) using environment variables.
@ -194,7 +193,7 @@ The following are Docker image-related variables.
 | `SAST_DISABLE_DIND`           | Disable Docker in Docker and run analyzers [individually](#disabling-docker-in-docker-for-sast).                                      |
 | `SAST_PULL_ANALYZER_IMAGES`   | Pull the images from the Docker registry (set to 0 to disable). Read more about [customizing analyzers](analyzers.md).                 |

-### Vulnerability filters
+#### Vulnerability filters

 Some analyzers make it possible to filter out vulnerabilities under a given threshold.

@ -207,7 +206,7 @@ Some analyzers make it possible to filter out vulnerabilities under a given thre
 | `SAST_GOSEC_LEVEL`      |         0 | Ignore gosec vulnerabilities under given confidence level. Integer, 0=Undefined, 1=Low, 2=Medium, 3=High. | |
 | `SAST_EXCLUDED_PATHS`   |   -        | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs, file or folder paths. Parent directories will also match patterns. | `SAST_EXCLUDED_PATHS=doc,spec` |

-### Timeouts
+#### Timeouts

 The following variables configure timeouts.

@ -217,7 +216,7 @@ The following variables configure timeouts.
 | `SAST_PULL_ANALYZER_IMAGE_TIMEOUT`       |      5m | Time limit when pulling the image of an analyzer. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". For example, "300ms", "1.5h" or "2h45m". |
 | `SAST_RUN_ANALYZER_TIMEOUT`              |     20m | Time limit when running an analyzer. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". For example, "300ms", "1.5h" or "2h45m".|

-### Analyzer settings
+#### Analyzer settings

 Some analyzers can be customized with environment variables.

--- a/doc/user/asciidoc.md
+++ b/doc/user/asciidoc.md
@ -6,7 +6,7 @@ Consult the [Asciidoctor User Manual](https://asciidoctor.org/docs/user-manual/)
 ## Syntax

 Here's a brief reference of the most commonly used AsciiDoc syntax.
-You can find the full documentation for the AsciiDoc syntax at <https://asciidoctor.org/docs>.
+You can find the full documentation for the AsciiDoc syntax at <https://asciidoctor.org/docs/>.

 ### Paragraphs

@ -44,7 +44,7 @@ monospaced font:
 An admonition paragraph grabs the reader's attention:

 ```asciidoc
-NOTE: This is a brief reference, please read the full documentation at https://asciidoctor.org/docs.
+NOTE: This is a brief reference, please read the full documentation at https://asciidoctor.org/docs/.

 TIP: Lists can be indented. Leading whitespace is not significant.
 ```
--- a/doc/user/project/import/cvs.md
+++ b/doc/user/project/import/cvs.md
@ -64,5 +64,5 @@ Here's a few links to get you started with the migration:

 - [Migrate using the `cvs-fast-export` tool](http://www.catb.org/~esr/reposurgeon/dvcs-migration-guide.html) ([_source code_](https://gitlab.com/esr/cvs-fast-export))
 - [Stack Overflow post on importing the CVS repo](https://stackoverflow.com/a/11490134/974710)
- [Convert a CVS repository to Git](http://www.techrepublic.com/blog/linux-and-open-source/convert-cvs-repositories-to-git/)
- [Man page of the `git-cvsimport` tool](https://www.kernel.org/pub/software/scm/git/docs/git-cvsimport.html)
+- [Convert a CVS repository to Git](https://www.techrepublic.com/blog/linux-and-open-source/convert-cvs-repositories-to-git/)
+- [Man page of the `git-cvsimport` tool](https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-cvsimport.html)
--- a/doc/user/project/import/gemnasium.md
+++ b/doc/user/project/import/gemnasium.md
@ -53,7 +53,7 @@ Otherwise, you must configure your `.gitlab-ci.yml` according to the

 ### If your project is hosted on GitHub (`https://github.com` / GitHub Enterprise)

-Since [GitLab 10.6 comes with GitHub integration](https://about.gitlab.com/features/github/),
+Since [GitLab 10.6 comes with GitHub integration](https://about.gitlab.com/solutions/github/),
 GitLab users can now create a CI/CD project in GitLab connected to an external
 GitHub.com or GitHub Enterprise repository. This will automatically prompt
 GitLab CI/CD to run whenever code is pushed to GitHub and post CI/CD results
@ -81,7 +81,7 @@ back to both GitLab and GitHub when completed.

   Optional step: If you set this up on GitLab.com, make sure the project is
   public (in the project settings) if your GitHub project is public, since
-   the security feature is available only for [GitLab Ultimate](https://about.gitlab.com/pricing).
+   the security feature is available only for [GitLab Ultimate](https://about.gitlab.com/pricing/).

 1. To set up the dependency scanning job, corresponding to what Gemnasium was
   doing, you must create a `.gitlab-ci.yml` file, or update it according to
--- a/doc/user/project/import/gitea.md
+++ b/doc/user/project/import/gitea.md
@ -43,8 +43,8 @@ Click on the **Gitea** link and the import authorization process will start.
 With this method, you will perform a one-off authorization with Gitea to grant
 GitLab access your repositories:

-1. Go to <https://you-gitea-instance/user/settings/applications> (replace
-   `you-gitea-instance` with the host of your Gitea instance).
+1. Go to `https://your-gitea-instance/user/settings/applications` (replace
+   `your-gitea-instance` with the host of your Gitea instance).
 1. Click **Generate New Token**.
 1. Enter a token description.
 1. Click **Generate Token**.
--- a/doc/user/project/import/github.md
+++ b/doc/user/project/import/github.md
@ -42,7 +42,7 @@ assignees in the database of the GitLab instance (note that pull requests are ca

 For this association to succeed, prior to the import, each GitHub author and assignee in the repository must
 have either previously logged in to a GitLab account using the GitHub icon **or** have a GitHub account with
-a [public email address](https://help.github.com/articles/setting-your-commit-email-address-on-github/) that
+a [public email address](https://help.github.com/en/articles/setting-your-commit-email-address) that
 matches their GitLab account's email address.

 If a user referenced in the project is not found in GitLab's database, the project creator (typically the user
@ -71,7 +71,7 @@ Before you begin, ensure that any GitHub users who you want to map to GitLab use

 - A GitLab account that has logged in using the GitHub icon
  \- or -
- A GitLab account with an email address that matches the [public email address](https://help.github.com/articles/setting-your-commit-email-address-on-github/) of the GitHub user
+- A GitLab account with an email address that matches the [public email address](https://help.github.com/en/articles/setting-your-commit-email-address) of the GitHub user

 User-matching attempts occur in that order, and if a user is not identified either way, the activity is associated with
 the user account that is performing the import.
--- a/doc/user/project/import/perforce.md
+++ b/doc/user/project/import/perforce.md
@ -45,7 +45,7 @@ submit back from Git to Perforce.

 Here's a few links to get you started:

- [`git-p4` manual page](https://www.kernel.org/pub/software/scm/git/docs/git-p4.html)
+- [`git-p4` manual page](https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-p4.html)
 - [`git-p4` example usage](https://git.wiki.kernel.org/index.php/Git-p4_Usage)
 - [Git book migration guide](https://git-scm.com/book/en/v2/Git-and-Other-Systems-Migrating-to-Git#_perforce_import)

--- a/doc/user/project/import/svn.md
+++ b/doc/user/project/import/svn.md
@ -97,7 +97,7 @@ subgit import $GIT_REPO_PATH
 ### SubGit licensing

 Running SubGit in a mirror mode requires a
-[registration](https://subgit.com/pricing/). Registration is free for open
+[registration](https://subgit.com/pricing). Registration is free for open
 source, academic and startup projects.

 We're currently working on deeper GitLab/SubGit integration. You may track our
--- a/doc/user/project/integrations/hipchat.md
+++ b/doc/user/project/integrations/hipchat.md
@ -18,7 +18,7 @@ allow GitLab to send messages only to *one* room.

 ### Complete these steps in HipChat

-1. Go to: <https://admin.hipchat.com/admin>
+1. Go to: `https://admin.hipchat.com/admin`
 1. Click on "Group Admin" -> "Integrations".
 1. Find "Build Your Own!" and click "Create".
 1. Select the desired room, name the integration "GitLab", and click "Create".
--- a/doc/user/project/integrations/jira.md
+++ b/doc/user/project/integrations/jira.md
@ -25,9 +25,9 @@ Here's how the integration responds when you take the following actions in GitLa
  - GitLab's merge request page displays a note that it "Closed" the Jira issue, with a link to the issue. (Note: Before the merge, an MR will display that it "Closes" the Jira issue.)
  - The Jira issue shows the activity and the Jira issue is closed, or otherwise transitioned.

-You can also use [Jira's Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-298976812.html)
+You can also use [Jira's Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html)
 directly from GitLab, as covered in the article
-[How and why to integrate GitLab with Jira](https://www.programmableweb.com/news/how-and-why-to-integrate-gitlab-Jira/how-to/2017/04/25).
+[How and why to integrate GitLab with Jira](https://www.programmableweb.com/news/how-and-why-to-integrate-gitlab-jira/how-to/2017/04/25).

 ## Configuration

--- a/doc/user/project/integrations/prometheus_library/nginx_ingress.md
+++ b/doc/user/project/integrations/prometheus_library/nginx_ingress.md
@ -30,7 +30,7 @@ For other deployments, there is [some configuration](#manually-setting-up-nginx-

 ### About managed NGINX Ingress deployments

-NGINX Ingress is deployed into the `gitlab-managed-apps` namespace, using the [official Helm chart](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress). NGINX Ingress will be [externally reachable via the Load Balancer's Endpoint](../../clusters/index.md#getting-the-external-endpoint).
+NGINX Ingress is deployed into the `gitlab-managed-apps` namespace, using the [official Helm chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress). NGINX Ingress will be [externally reachable via the Load Balancer's Endpoint](../../clusters/index.md#getting-the-external-endpoint).

 NGINX is configured for Prometheus monitoring, by setting:

@ -49,7 +49,7 @@ Next, the Ingress needs to be annotated for Prometheus monitoring. Two new annot
 - `prometheus.io/scrape: "true"`
 - `prometheus.io/port: "10254"`

-Managing these settings depends on how NGINX Ingress has been deployed. If you have deployed via the [official Helm chart](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress), metrics can be enabled with `controller.stats.enabled` along with the required annotations. Alternatively it is possible to edit the NGINX Ingress YML directly in the [Kubernetes dashboard](https://github.com/kubernetes/dashboard).
+Managing these settings depends on how NGINX Ingress has been deployed. If you have deployed via the [official Helm chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress), metrics can be enabled with `controller.stats.enabled` along with the required annotations. Alternatively it is possible to edit the NGINX Ingress YML directly in the [Kubernetes dashboard](https://github.com/kubernetes/dashboard).

 ## Specifying the Environment label

--- a/doc/user/project/integrations/prometheus_library/nginx_ingress_vts.md
+++ b/doc/user/project/integrations/prometheus_library/nginx_ingress_vts.md
@ -30,7 +30,7 @@ For other deployments, there is [some configuration](#manually-setting-up-nginx-

 ### About managed NGINX Ingress deployments

-NGINX Ingress is deployed into the `gitlab-managed-apps` namespace, using the [official Helm chart](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress). NGINX Ingress will be [externally reachable via the Load Balancer's Endpoint](../../clusters/index.md#getting-the-external-endpoint).
+NGINX Ingress is deployed into the `gitlab-managed-apps` namespace, using the [official Helm chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress). NGINX Ingress will be [externally reachable via the Load Balancer's Endpoint](../../clusters/index.md#getting-the-external-endpoint).

 NGINX is configured for Prometheus monitoring, by setting:

@ -49,7 +49,7 @@ Next, the Ingress needs to be annotated for Prometheus monitoring. Two new annot
 - `prometheus.io/scrape: "true"`
 - `prometheus.io/port: "10254"`

-Managing these settings depends on how NGINX Ingress has been deployed. If you have deployed via the [official Helm chart](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress), metrics can be enabled with `controller.stats.enabled` along with the required annotations. Alternatively it is possible edit the NGINX Ingress YAML directly in the [Kubernetes dashboard](https://github.com/kubernetes/dashboard).
+Managing these settings depends on how NGINX Ingress has been deployed. If you have deployed via the [official Helm chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress), metrics can be enabled with `controller.stats.enabled` along with the required annotations. Alternatively it is possible edit the NGINX Ingress YAML directly in the [Kubernetes dashboard](https://github.com/kubernetes/dashboard).

 ## Specifying the Environment label

--- a/doc/user/project/issues/crosslinking_issues.md
+++ b/doc/user/project/issues/crosslinking_issues.md
@ -26,7 +26,7 @@ git commit -m "this is my commit message. Related to https://gitlab.com/<usernam
 Of course, you can replace `gitlab.com` with the URL of your own GitLab instance.

 NOTE: **Note:** Linking your first commit to your issue is going to be relevant
-for tracking your process with [GitLab Cycle Analytics](https://about.gitlab.com/features/cycle-analytics/).
+for tracking your process with [GitLab Cycle Analytics](https://about.gitlab.com/product/cycle-analytics/).
 It will measure the time taken for planning the implementation of that issue,
 which is the time between creating an issue and making the first commit.

--- a/doc/user/project/merge_requests/index.md
+++ b/doc/user/project/merge_requests/index.md
@ -221,7 +221,7 @@ to learn more.
 ## Multiple assignees **(STARTER)**

 > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/2004)
-in [GitLab Starter 11.11](https://about.gitlab.com/pricing).
+in [GitLab Starter 11.11](https://about.gitlab.com/pricing/).

 Multiple people often review merge requests at the same time. GitLab allows you to have multiple assignees for merge requests to indicate everyone that is reviewing or accountable for it.

@ -469,7 +469,7 @@ for preventing leakage or early release of sensitive data through regular merge

 ## Merge request approvals **(STARTER)**

-> Included in [GitLab Starter][products].
+> Included in [GitLab Starter](https://about.gitlab.com/product/).

 If you want to make sure every merge request is approved by one or more people,
 you can enforce this workflow by using merge request approvals. Merge request
@ -480,7 +480,7 @@ list of approvers that will need to approve every merge request in a project.

 ## Code Quality **(STARTER)**

-> Introduced in [GitLab Starter][products] 9.3.
+> Introduced in [GitLab Starter](https://about.gitlab.com/product/) 9.3.

 If you are using [GitLab CI][ci], you can analyze your source code quality using
 the [Code Climate][cc] analyzer [Docker image][cd]. Going a step further, GitLab
@ -490,7 +490,7 @@ can show the Code Climate report right in the merge request widget area.

 ## Metrics Reports **(PREMIUM)**

-> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9788) in [GitLab Premium][products] 11.10.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9788) in [GitLab Premium](https://about.gitlab.com/product/) 11.10.
 Requires GitLab Runner 11.10 and above.

 If you are using [GitLab CI][ci], you can configure your job to output custom
@ -501,7 +501,7 @@ that it's fast and easy to identify changes to important metrics.

 ## Browser Performance Testing **(PREMIUM)**

-> Introduced in [GitLab Premium][products] 10.3.
+> Introduced in [GitLab Premium](https://about.gitlab.com/product/) 10.3.

 If your application offers a web interface and you are using [GitLab CI/CD][ci], you can quickly determine the performance impact of pending code changes. GitLab uses [Sitespeed.io][sitespeed], a free and open source tool for measuring the performance of web sites, to analyze the performance of specific pages.

@ -511,7 +511,7 @@ GitLab runs the [Sitespeed.io container][sitespeed-container] and displays the d

 ## Merge Request Dependencies **(PREMIUM)**

-> Introduced in [GitLab Premium][products] 12.2.
+> Introduced in [GitLab Premium](https://about.gitlab.com/product/) 12.2.

 A single logical change may be split across several merge requests, across
 several projects. When this happens, the order in which MRs are merged is
@ -570,7 +570,7 @@ whitespace changes.

 ## Live preview with Review Apps

-If you configured [Review Apps](https://about.gitlab.com/features/review-apps/) for your project,
+If you configured [Review Apps](https://about.gitlab.com/product/review-apps/) for your project,
 you can preview the changes submitted to a feature-branch through a merge request
 in a per-branch basis. No need to checkout the branch, install and preview locally;
 all your changes will be available to preview by anyone with the Review Apps link.
@ -738,7 +738,6 @@ git checkout origin/merge-requests/1

 All the above can be done with the [`git-mr`](https://gitlab.com/glensc/git-mr) script.

-[products]: https://about.gitlab.com/products/ "GitLab products page"
 [protected branches]: ../protected_branches.md
 [ci]: ../../../ci/README.md
 [cc]: https://codeclimate.com/
--- a/doc/user/project/merge_requests/merge_request_approvals.md
+++ b/doc/user/project/merge_requests/merge_request_approvals.md
@ -329,7 +329,7 @@ the dropdown) `approver` and select the user.

 ## Security approvals in merge requests **(ULTIMATE)**

-> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing) 12.2.
+> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.2.

 Merge Request Approvals can be configured to require approval from a member
 of your security team when a vulnerability would be introduced by a merge request.
@ -339,7 +339,7 @@ For more information, see

 ## License compliance approvals in merge requests **(ULTIMATE)**

-> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing) 12.3.
+> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.3.

 Merge Request Approvals can be configured to require approval from a member
 of your security team when a blacklisted software license would be introduced by a merge request.
--- a/doc/user/project/milestones/index.md
+++ b/doc/user/project/milestones/index.md
@ -130,13 +130,13 @@ These features are only available for project milestones and not group milestone

 ### Project Burndown Charts **(STARTER)**

-For project milestones in [GitLab Starter](https://about.gitlab.com/pricing), a [burndown chart](burndown_charts.md) is in the milestone view, showing the progress of completing a milestone.
+For project milestones in [GitLab Starter](https://about.gitlab.com/pricing/), a [burndown chart](burndown_charts.md) is in the milestone view, showing the progress of completing a milestone.

 ![burndown chart](img/burndown_chart.png)

 ### Group Burndown Charts **(PREMIUM)**

-For group milestones in [GitLab Premium](https://about.gitlab.com/pricing), a [burndown chart](burndown_charts.md) is in the milestone view, showing the progress of completing a milestone.
+For group milestones in [GitLab Premium](https://about.gitlab.com/pricing/), a [burndown chart](burndown_charts.md) is in the milestone view, showing the progress of completing a milestone.

 ### Milestone sidebar

--- a/doc/user/project/pipelines/settings.md
+++ b/doc/user/project/pipelines/settings.md
@ -92,7 +92,7 @@ job log using a regular expression. In the pipelines settings, search for the
 ![Pipelines settings test coverage](img/pipelines_settings_test_coverage.png)

 Leave blank if you want to disable it or enter a ruby regular expression. You
-can use <http://rubular.com> to test your regex.
+can use <https://rubular.com> to test your regex.

 If the pipeline succeeds, the coverage is shown in the merge request widget and
 in the jobs table.
--- a/doc/workflow/lfs/lfs_administration.md
+++ b/doc/workflow/lfs/lfs_administration.md
@ -93,7 +93,7 @@ Here is a configuration example with S3.
 | `enable_signature_v4_streaming` | Set to true to enable HTTP chunked transfers with [AWS v4 signatures](https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html). Oracle Cloud S3 needs this to be false | true |
 | `region` | AWS region | us-east-1 |
 | `host` | S3 compatible host for when not using AWS, e.g. `localhost` or `storage.example.com` | s3.amazonaws.com |
-| `endpoint` | Can be used when configuring an S3 compatible service such as [MinIO](https://www.minio.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
+| `endpoint` | Can be used when configuring an S3 compatible service such as [MinIO](https://min.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
 | `path_style` | Set to true to use `host/bucket_name/object` style paths instead of `bucket_name.host/object`. Leave as false for AWS S3 | false |
 | `use_iam_profile` | Set to true to use IAM profile instead of access keys | false

--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@ -1474,7 +1474,7 @@ module API
    end

    class Deployment < Grape::Entity
-      expose :id, :iid, :ref, :sha, :created_at
+      expose :id, :iid, :ref, :sha, :created_at, :updated_at
      expose :user,        using: Entities::UserBasic
      expose :environment, using: Entities::EnvironmentBasic
      expose :deployable,  using: Entities::Job
--- a/scripts/trigger-build
+++ b/scripts/trigger-build
@ -90,7 +90,7 @@ module Trigger
    private

    def downstream_project_path
-      'gitlab-org/omnibus-gitlab'
+      ENV['OMNIBUS_PROJECT_PATH'] || 'gitlab-org/build/omnibus-gitlab-mirror'
    end

    def ref
@ -98,7 +98,7 @@ module Trigger
    end

    def trigger_token
-      ENV['BUILD_TRIGGER_TOKEN']
+      ENV['CI_JOB_TOKEN']
    end

    def access_token
--- a/spec/fixtures/api/schemas/public_api/v4/deployment.json
+++ b/spec/fixtures/api/schemas/public_api/v4/deployment.json
@ -6,6 +6,7 @@
    "ref",
    "sha",
    "created_at",
+    "updated_at",
    "user",
    "deployable"
  ],
@ -15,6 +16,7 @@
    "ref": { "type": "string" },
    "sha": { "type": "string" },
    "created_at": { "type": "string" },
+    "updated_at": { "type": "string" },
    "user": {
      "oneOf": [
        { "type": "null" },