Automatic merge of gitlab-org/gitlab master

app/assets/stylesheets/framework/dropdowns.scss

@@ -525,7 +525,7 @@
 
       &.is-active {
         /* stylelint-disable-next-line function-url-quotes */
-        background: url(asset_path('checkmark.png')) no-repeat 14px 8px;
+        background: url(asset_path('checkmark.png')) no-repeat 14px center;
       }
     }
   }

app/finders/packages/nuget/package_finder.rb

@@ -5,7 +5,7 @@ module Packages
     class PackageFinder
       include ::Packages::FinderHelper
 
-      MAX_PACKAGES_COUNT = 50
+      MAX_PACKAGES_COUNT = 300
 
       def initialize(current_user, project_or_group, package_name:, package_version: nil, limit: MAX_PACKAGES_COUNT)
         @current_user = current_user

changelogs/unreleased/241376-max-nuget-packages-returned.yml

+---
+title: Update max number of NuGet packages returned
+merge_request: 52265
+author:
+type: fixed

changelogs/unreleased/gl-card-advanced-search.yml

+---
+title: Move the sub-section to gl-card in advanced search settings in admin
+merge_request: 52585
+author: Yogi (@yo)
+type: changed

changelogs/unreleased/peterhegman-fix-assignee-dropdown-checkmark.yml

+---
+title: Fix misalignment of assignee dropdown checkmark
+merge_request: 53664
+author:
+type: fixed

doc/administration/instance_limits.md

@@ -612,3 +612,7 @@ Plan.default.actual_limits.update!(generic_packages_max_file_size: 100.megabytes
 ```
 
 Set the limit to `0` to allow any file size.
+
+### Package versions returned
+
+When asking for versions of a given NuGet package name, the GitLab Package Registry returns a maximum of 300 versions.

doc/development/documentation/index.md

@@ -328,68 +328,51 @@ with GitLab 11.4. Meaning, it's available only with `/help` from GitLab
 
 ### Linking to `/help`
 
-When you're building a new feature, you may need to link the documentation
-from GitLab, the application. This is normally done in files inside the
-`app/views/` directory with the help of the `help_page_path` helper method.
+When you're building a new feature, you may need to link to the documentation
+from the GitLab application. This is normally done in files inside the
+`app/views/` directory, with the help of the `help_page_path` helper method.
 
-In its simplest form, the HAML code to generate a link to the `/help` page is:
+The `help_page_path` contains the path to the document you want to link to,
+with the following conventions:
 
-```haml
-= link_to 'Help page', help_page_path('user/permissions')
-```
-
-The `help_page_path` contains the path to the document you want to link to with
-the following conventions:
-
-- it is relative to the `doc/` directory in the GitLab repository
-- the `.md` extension must be omitted
-- it must not end with a slash (`/`)
-
-Below are some special cases where should be used depending on the context.
-You can combine one or more of the following:
-
-1. **Linking to an anchor link.** Use `anchor` as part of the `help_page_path`
-   method:
+- It's relative to the `doc/` directory in the GitLab repository.
+- It omits the `.md` extension.
+- It doesn't end with a slash (`/`).
 
-   ```haml
-   = link_to 'Help page', help_page_path('user/permissions', anchor: 'anchor-link')
-   ```
+The help text follows the [Pajamas guidelines](https://design.gitlab.com/usability/helping-users/#formatting-help-content).
 
-1. **Opening links in a new tab.** This should be the default behavior:
+Use the following special cases depending on the context, ensuring all links
+are inside `_()` so they can be translated:
 
-   ```haml
-   = link_to 'Help page', help_page_path('user/permissions'), target: '_blank'
-   ```
+- Linking to a doc page. In its most basic form, the HAML code to generate a
+  link to the `/help` page is:
 
-1. **Using a question icon.** Usually used in settings where a long
-   description cannot be used, like near checkboxes. You can basically use
-   any GitLab SVG icon, but prefer the `question-o`:
-
-   ```haml
-   = link_to sprite_icon('question-o'), help_page_path('user/permissions')
-   ```
+  ```haml
+  = link_to _('Learn more.'), help_page_path('user/permissions'), target: '_blank', rel: 'noopener noreferrer'
+  ```
 
-1. **Using a button link.** Useful in places where text would be out of context
-   with the rest of the page layout:
+- Linking to an anchor link. Use `anchor` as part of the `help_page_path`
+  method:
 
-   ```haml
-   = link_to 'Help page', help_page_path('user/permissions'),  class: 'btn btn-info'
-   ```
+  ```haml
+  = link_to _('Learn more.'), help_page_path('user/permissions', anchor: 'anchor-link'), target: '_blank', rel: 'noopener noreferrer'
+  ```
 
-1. **Using links inline of some text.**
+- Using links inline of some text. First, define the link, and then use it. In
+  this example, `link_start` is the name of the variable that contains the
+  link:
 
-   ```haml
-   Description to #{link_to 'Help page', help_page_path('user/permissions')}.
-   ```
+  ```haml
+  - link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: help_page_path('user/permissions') }
+  %p= _("This is a text describing the option/feature in a sentence. %{link_start}Learn more.%{link_end}").html_safe % { link_start: link_start, link_end: '</a>'.html_safe }
+  ```
 
-1. **Adding a period at the end of the sentence.** Useful when you don't want
-   the period to be part of the link:
+- Using a button link. Useful in places where text would be out of context with
+  the rest of the page layout:
 
-   ```haml
-   = succeed '.' do
-     Learn more in the
-     = link_to 'Help page', help_page_path('user/permissions')
-   ```
+  ```haml
+  = link_to _('Learn more.'), help_page_path('user/permissions'),  class: 'btn btn-info', target: '_blank', rel: 'noopener noreferrer'
+  ```
 
 #### Linking to `/help` in JavaScript
 

doc/user/application_security/security_dashboard/index.md

@@ -9,11 +9,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 GitLab provides a comprehensive set of features for viewing and managing vulnerabilities:
 
-- Security dashboards: An overview of the security status in your instance, [groups](#group-security-dashboard), and
+- Security dashboards: An overview of the security status in your personal [Security Center](#security-center), [groups](#group-security-dashboard), and
   [projects](#project-security-dashboard).
-- [Vulnerability reports](../vulnerability_report/index.md): Detailed lists of all vulnerabilities for the instance, group, project, or
+- [Vulnerability reports](../vulnerability_report/index.md): Detailed lists of all vulnerabilities for the Security Center, group, project, or
   pipeline. This is where you triage and manage vulnerabilities.
-- [Security Center](#instance-security-center): A dedicated area for vulnerability management at the instance level. This
+- [Security Center](#security-center): A dedicated area for personalized vulnerability management. This
   includes a security dashboard, vulnerability report, and settings.
 
 You can also drill down into a vulnerability and get extra information on the
@@ -111,28 +111,28 @@ vulnerabilities are excluded.
 
 Navigate to the group's [vulnerability report](../vulnerability_report/index.md) to view the vulnerabilities found.
 
-## Instance Security Center
+## Security Center
 
 > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3426) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.4.
 
-The Security Center is where you manage vulnerabilities for your instance. It displays the
-vulnerabilities present in the default branches of all the projects you configure. It includes the
-following:
+The Security Center is personal space where you manage vulnerabilities across all your projects. It
+displays the vulnerabilities present in the default branches of all the projects you configure. It includes
+the following:
 
 - The [group security dashboard's](#group-security-dashboard) features.
 - A [vulnerability report](../vulnerability_report/index.md).
 - A dedicated settings area to configure which projects to display.
 
-![Instance Security Dashboard with projects](img/instance_security_dashboard_v13_4.png)
+![Security Center Dashboard with projects](img/security_center_dashboard_v13_4.png)
 
-You can access the Instance Security Center from the menu
+You can access the Security Center from the menu
 bar at the top of the page. Under **More**, select **Security**.
 
-![Instance Security Center navigation link](img/instance_security_dashboard_link_v12_4.png)
+![Security Center navigation link](img/security_center_dashboard_link_v12_4.png)
 
 The dashboard and vulnerability report are empty before you add projects.
 
-![Uninitialized Instance Security Center](img/instance_security_dashboard_empty_v13_4.png)
+![Uninitialized Security Center](img/security_center_dashboard_empty_v13_4.png)
 
 ### Adding projects to the Security Center
 
@@ -142,7 +142,7 @@ To add projects to the Security Center:
 1. Search for and add one or more projects using the **Search your projects** field.
 1. Click the **Add projects** button.
 
-![Adding projects to Instance Security Center](img/instance_security_center_settings_v13_4.png)
+![Adding projects to Security Center](img/security_center_settings_v13_4.png)
 
 After you add projects, the security dashboard and vulnerability report display the vulnerabilities
 found in those projects' default branches.

ee/app/controllers/ee/projects/issues_controller.rb

@@ -62,7 +62,7 @@ module EE
           errors << render_vulnerability_link_alert(error)
         end
 
-        flash[:alert] = errors.join('<br\>').html_safe
+        flash[:alert] = errors.join('<br\>').html_safe unless errors.blank?
       end
 
       def vulnerability

ee/app/views/admin/application_settings/_elasticsearch_form.html.haml

@@ -17,37 +17,38 @@
       = form_errors(@application_setting)
 
       %fieldset
-        .sub-section
-          - halted_migrations = elasticsearch_available && Elastic::DataMigrationService.halted_migrations?
-          - if halted_migrations
-            .gl-alert.gl-alert-warning.gl-mt-3.gl-mb-3{ role: 'alert' }
-              = sprite_icon('warning', css_class: 'gl-icon gl-alert-icon gl-alert-icon-no-title')
-              %button.js-close.gl-alert-dismiss{ type: 'button', 'aria-label' => _('Dismiss') }
-                = sprite_icon('close', css_class: 'gl-icon')
-              .gl-alert-body
-                %h4.gl-alert-title= _('There is a halted Elasticsearch migration')
-                = html_escape_once(_('Check the elasticsearch.log file to debug why the migration was halted and make any changes before retrying the migration. When you fix the cause of the failure, click "Retry migration", and the migration will be scheduled to be retried in the background.')).html_safe
-                = link_to _('Learn more.'), help_page_path('integration/elasticsearch', anchor: 'background-migrations')
-              .gl-alert-actions
-                - migration = Elastic::DataMigrationService.halted_migration
-                = link_to _('Retry migration'), admin_elasticsearch_retry_migration_path(version: migration.version), class: 'btn gl-alert-action btn-warning gl-button', disabled: @elasticsearch_reindexing_task&.in_progress?, data: { confirm: _('Are you sure you want to retry this migration?') }, method: :post
-
-          .form-group
-            .form-check
-              = f.check_box :elasticsearch_indexing, class: 'form-check-input', data: { qa_selector: 'indexing_checkbox' }
-              = f.label :elasticsearch_indexing, class: 'form-check-label' do
-                = _('Elasticsearch indexing')
-              - unless Gitlab::CurrentSettings.elasticsearch_indexing?
-                .form-text.text-muted
-                  = _('An empty index will be created if one does not already exist')
-              - if Gitlab::CurrentSettings.elasticsearch_indexing?
-                .form-text
-                  = link_to _('Index all projects'), admin_elasticsearch_enqueue_index_path,
-                      class: ['btn', 'btn-success'], method: :post
+        .gl-card.gl-bg-gray-10.gl-mb-6
+          .gl-card-body
+            - halted_migrations = elasticsearch_available && Elastic::DataMigrationService.halted_migrations?
+            - if halted_migrations
+              .gl-alert.gl-alert-warning.gl-mt-3.gl-mb-3{ role: 'alert' }
+                = sprite_icon('warning', css_class: 'gl-icon gl-alert-icon gl-alert-icon-no-title')
+                %button.js-close.gl-alert-dismiss{ type: 'button', 'aria-label' => _('Dismiss') }
+                  = sprite_icon('close', css_class: 'gl-icon')
+                .gl-alert-body
+                  %h4.gl-alert-title= _('There is a halted Elasticsearch migration')
+                  = html_escape_once(_('Check the elasticsearch.log file to debug why the migration was halted and make any changes before retrying the migration. When you fix the cause of the failure, click "Retry migration", and the migration will be scheduled to be retried in the background.')).html_safe
+                  = link_to _('Learn more.'), help_page_path('integration/elasticsearch', anchor: 'background-migrations')
+                .gl-alert-actions
+                  - migration = Elastic::DataMigrationService.halted_migration
+                  = link_to _('Retry migration'), admin_elasticsearch_retry_migration_path(version: migration.version), class: 'btn gl-alert-action btn-warning gl-button', disabled: @elasticsearch_reindexing_task&.in_progress?, data: { confirm: _('Are you sure you want to retry this migration?') }, method: :post
 
-          .card-body
             .form-group
               .form-check
+                = f.check_box :elasticsearch_indexing, class: 'form-check-input', data: { qa_selector: 'indexing_checkbox' }
+                = f.label :elasticsearch_indexing, class: 'form-check-label' do
+                  = _('Elasticsearch indexing')
+                - unless Gitlab::CurrentSettings.elasticsearch_indexing?
+                  .form-text.text-muted
+                    = _('An empty index will be created if one does not already exist')
+                - if Gitlab::CurrentSettings.elasticsearch_indexing?
+                  .form-text
+                    = link_to _('Index all projects'), admin_elasticsearch_enqueue_index_path,
+                        class: ['btn', 'btn-success'], method: :post
+
+            .gl-card-body
+              .form-group
+                .form-check
                 - pending_migrations = elasticsearch_available && Elastic::DataMigrationService.pending_migrations? && Gitlab::CurrentSettings.elasticsearch_pause_indexing?
                 - disable_checkbox = !Gitlab::CurrentSettings.elasticsearch_indexing? || pending_migrations
                 = f.check_box :elasticsearch_pause_indexing, class: 'form-check-input', data: { qa_selector: 'pause_checkbox' }, disabled: disable_checkbox
@@ -59,174 +60,178 @@
                   .form-text.text-warning
                     = _('There are pending advanced search migrations. Indexing must remain paused until the migrations are completed.')
 
-          .form-group
-            .form-check
-              = f.check_box :elasticsearch_search, class: 'form-check-input', data: { qa_selector: 'search_checkbox' }
-              = f.label :elasticsearch_search, class: 'form-check-label' do
-                Search with Elasticsearch enabled
-
-          .form-group
-            = f.label :elasticsearch_url, 'URL', class: 'label-bold'
-            = f.text_field :elasticsearch_url, value: @application_setting.elasticsearch_url.join(', '), class: 'form-control gl-form-input', placeholder: 'http://localhost:9200', data: { qa_selector: 'url_field' }
-            .form-text.text-muted
-              = _('The URL to use for connecting to Elasticsearch. Use a comma-separated list to support clustering (e.g., "http://localhost:9200, http://localhost:9201").')
-
-          .form-group
-            = f.label :elasticsearch_shards, _('Number of Elasticsearch shards'), class: 'label-bold'
-            = f.number_field :elasticsearch_shards, value: @application_setting.elasticsearch_shards, class: 'form-control gl-form-input'
-            .form-text.text-muted
-              = _('How many shards to split the Elasticsearch index over.')
-              = recreate_index_text
-
-          .form-group
-            = f.label :elasticsearch_replicas, _('Number of Elasticsearch replicas'), class: 'label-bold'
-            = f.number_field :elasticsearch_replicas, value: @application_setting.elasticsearch_replicas, class: 'form-control gl-form-input'
-            .form-text.text-muted
-              = _('How many replicas each Elasticsearch shard has.')
-              = recreate_index_text
-
-          .form-group
-            = f.label :elasticsearch_indexed_file_size_limit_kb, _('Maximum file size indexed (KiB)'), class: 'label-bold'
-            = f.number_field :elasticsearch_indexed_file_size_limit_kb, value: @application_setting.elasticsearch_indexed_file_size_limit_kb, class: 'form-control gl-form-input'
-            .form-text.text-muted
-              = _('Any files larger than this limit will not be indexed, and thus will not be searchable.')
-
-          .form-group
-            = f.label :elasticsearch_indexed_field_length_limit, _('Maximum field length'), class: 'label-bold'
-            = f.number_field :elasticsearch_indexed_field_length_limit, value: @application_setting.elasticsearch_indexed_field_length_limit, class: 'form-control gl-form-input'
-            .form-text.text-muted
-              = _('If any indexed field exceeds this limit it will be truncated to this number of characters and the rest will not be indexed or searchable. This does not apply to repository and wiki indexing. Setting this to 0 means it is unlimited.')
-
-          .form-group
-            = f.label :elasticsearch_max_bulk_size_mb, _('Maximum bulk request size (MiB)'), class: 'label-bold'
-            = f.number_field :elasticsearch_max_bulk_size_mb, value: @application_setting.elasticsearch_max_bulk_size_mb, class: 'form-control gl-form-input'
-            .form-text.text-muted
-              = _('Maximum size of Elasticsearch bulk indexing requests.')
-              = _('This only applies to repository indexing operations.')
-
-          .form-group
-            = f.label :elasticsearch_max_bulk_concurrency, _('Bulk request concurrency'), class: 'label-bold'
-            = f.number_field :elasticsearch_max_bulk_concurrency, value: @application_setting.elasticsearch_max_bulk_concurrency, class: 'form-control gl-form-input'
-            .form-text.text-muted
-              = _('Maximum concurrency of Elasticsearch bulk requests per indexing operation.')
-              = _('This only applies to repository indexing operations.')
-
-          .form-group
-            = f.label :elasticsearch_client_request_timeout, _('Client request timeout'), class: 'label-bold'
-            = f.number_field :elasticsearch_client_request_timeout, value: @application_setting.elasticsearch_client_request_timeout, class: 'form-control gl-form-input'
-            .form-text.text-muted
-              = _('Elasticsearch HTTP client timeout value in seconds.')
-              = _('Setting this to 0 means using the system default timeout value.')
-
-        .sub-section
-          %h4= _('Elasticsearch zero-downtime reindexing')
-          = link_to _('Trigger cluster reindexing'), admin_elasticsearch_trigger_reindexing_path, class: "gl-button btn btn-info", disabled: @elasticsearch_reindexing_task&.in_progress?, data: { confirm: _('Are you sure you want to reindex?') }, method: :post
-          .form-text.gl-text-gray-600
-            = _('This feature should be used with an index that was created after 13.0')
-          - Elastic::ReindexingTask.old_indices_scheduled_for_deletion.each do |task|
-            .form-text.text-danger
-              = _("Unused, previous indices: %{index_names} will be deleted after %{time} automatically.") % { index_names: task.subtasks.map(&:index_name_from).join(', '), time: task.delete_original_index_at }
-              = link_to _('Cancel index deletion'), admin_elasticsearch_cancel_index_deletion_path(task_id: task.id), class: 'gl-mb-2', method: :post
-          - if @elasticsearch_reindexing_task
-            %h5= _('Reindexing Status: %{status}') % { status: @elasticsearch_reindexing_task.state }
-            - if @elasticsearch_reindexing_task.error_message
-              %p= _('Error: %{error_message}') % { error_message: @elasticsearch_reindexing_task.error_message }
-            - @elasticsearch_reindexing_task.subtasks.each do |subtask|
-              .card-body.form-group
-                %h5= subtask.alias_name
-                - expected_documents = subtask.documents_count
-                - if subtask.elastic_task
-                  %p= _('Task ID: %{elastic_task}') % { elastic_task: subtask.elastic_task }
-                - if expected_documents
-                  - processed_documents = subtask.documents_count_target
-                  %p= _('Expected documents: %{expected_documents}') % { expected_documents: expected_documents }
-                  - if processed_documents && expected_documents
-                    - percentage = ((processed_documents / expected_documents.to_f) * 100).round(2)
-                    %p= _('Documents reindexed: %{processed_documents} (%{percentage}%%)') % { processed_documents: processed_documents, percentage: percentage }
-                    .progress
-                      .progress-bar{ "aria-valuemax" => "100", "aria-valuemin" => "0", "aria-valuenow" => percentage, :role => "progressbar", :style => "width: #{percentage}%" }
-
-        .sub-section
-          %h4= _('Elasticsearch indexing restrictions')
-          .form-group
-            .form-check
-              = f.check_box :elasticsearch_limit_indexing, class: 'form-check-input js-limit-checkbox'
-              = f.label :elasticsearch_limit_indexing, class: 'form-check-label' do
-                = _('Limit namespaces and projects that can be indexed')
-
-          .form-group.js-limit-namespaces{ class: ('hidden' unless @application_setting.elasticsearch_limit_indexing) }
-            = f.label :elasticsearch_namespace_ids, _('Namespaces to index'), class: 'label-bold'
-            - if elasticsearch_too_many_namespaces?
-              %p= _('Too many namespaces enabled. You will need to manage them via the console or the API.')
-            - else
-              = f.text_field :elasticsearch_namespace_ids, class: 'js-elasticsearch-namespaces', value: elasticsearch_namespace_ids, data: { selected: elasticsearch_objects_options(@application_setting.elasticsearch_limited_namespaces(true)).to_json }
-
-          .form-group.js-limit-projects{ class: ('hidden' unless @application_setting.elasticsearch_limit_indexing) }
-            = f.label :elasticsearch_project_ids, _('Projects to index'), class: 'label-bold'
-            - if elasticsearch_too_many_projects?
-              %p= _('Too many projects enabled. You will need to manage them via the console or the API.')
-            - else
-              = f.text_field :elasticsearch_project_ids, class: 'js-elasticsearch-projects', value: elasticsearch_project_ids, data: { selected: elasticsearch_objects_options(@application_setting.elasticsearch_limited_projects(true)).to_json }
-
-        .sub-section
-          %h4= _('Custom analyzers: language support')
-          %h5
-            = _('Chinese language support using')
-            %a{ href: 'https://www.elastic.co/guide/en/elasticsearch/plugins/current/analysis-smartcn.html' }
-              = _('smartcn custom analyzer')
-          .form-group
-            .form-check
-              = f.check_box :elasticsearch_analyzers_smartcn_enabled, class: 'form-check-input'
-              = f.label :elasticsearch_analyzers_smartcn_enabled, class: 'form-check-label' do
-                = _('Enable smartcn custom analyzer: Indexing')
-          .form-group
-            .form-check
-              = f.check_box :elasticsearch_analyzers_smartcn_search, class: 'form-check-input', disabled: !Gitlab::CurrentSettings.elasticsearch_analyzers_smartcn_enabled?
-              = f.label :elasticsearch_analyzers_smartcn_search, class: 'form-check-label' do
-                = _('Enable smartcn custom analyzer: Search')
-              .form-text.gl-text-gray-600
-                = _('Please only enable search after installing the plugin, enabling indexing and recreating the index')
-          %h5
-            = _('Japanese language support using')
-            %a{ href: 'https://www.elastic.co/guide/en/elasticsearch/plugins/current/analysis-kuromoji.html' }
-              = _('kuromoji custom analyzer')
-          .form-group
-            .form-check
-              = f.check_box :elasticsearch_analyzers_kuromoji_enabled, class: 'form-check-input'
-              = f.label :elasticsearch_analyzers_kuromoji_enabled, class: 'form-check-label' do
-                = _('Enable kuromoji custom analyzer: Indexing')
-          .form-group
-            .form-check
-              = f.check_box :elasticsearch_analyzers_kuromoji_search, class: 'form-check-input', disabled: !Gitlab::CurrentSettings.elasticsearch_analyzers_kuromoji_enabled?
-              = f.label :elasticsearch_analyzers_kuromoji_search, class: 'form-check-label' do
-                = _('Enable kuromoji custom analyzer: Search')
-              .form-text.gl-text-gray-600
-                = _('Please only enable search after installing the plugin, enabling indexing and recreating the index')
-
-        .sub-section
-          %h4= _('Elasticsearch AWS IAM credentials')
-          .form-group
-            .form-check
-              = f.check_box :elasticsearch_aws, class: 'form-check-input'
-              = f.label :elasticsearch_aws, class: 'form-check-label' do
-                Using AWS hosted Elasticsearch with IAM credentials
-          .form-group
-            = f.label :elasticsearch_aws_region, 'AWS region', class: 'label-bold'
-            = f.text_field :elasticsearch_aws_region, value: @application_setting.elasticsearch_aws_region, class: 'form-control gl-form-input'
-            .form-text.text-muted
-              = _('Region that Elasticsearch is configured')
-
-          .form-group
-            = f.label :elasticsearch_aws_access_key, _('AWS Access Key'), class: 'label-bold'
-            = f.text_field :elasticsearch_aws_access_key, value: @application_setting.elasticsearch_aws_access_key, class: 'form-control gl-form-input'
-            .form-text.text-muted
-              = _('AWS Access Key. Only required if not using role instance credentials')
-
-          - secret_access_key_label = @application_setting.elasticsearch_aws_secret_access_key.present? ? _('Enter new AWS Secret Access Key') : _('AWS Secret Access Key')
-          .form-group
-            = f.label :elasticsearch_aws_secret_access_key, secret_access_key_label, class: 'label-bold'
-            = f.password_field :elasticsearch_aws_secret_access_key, autocomplete: 'new-password', class: 'form-control gl-form-input'
-            .form-text.text-muted
-              = _('AWS Secret Access Key. Only required if not using role instance credentials')
+            .form-group
+              .form-check
+                = f.check_box :elasticsearch_search, class: 'form-check-input', data: { qa_selector: 'search_checkbox' }
+                = f.label :elasticsearch_search, class: 'form-check-label' do
+                  Search with Elasticsearch enabled
+
+            .form-group
+              = f.label :elasticsearch_url, 'URL', class: 'label-bold'
+              = f.text_field :elasticsearch_url, value: @application_setting.elasticsearch_url.join(', '), class: 'form-control gl-form-input', placeholder: 'http://localhost:9200', data: { qa_selector: 'url_field' }
+              .form-text.text-muted
+                = _('The URL to use for connecting to Elasticsearch. Use a comma-separated list to support clustering (e.g., "http://localhost:9200, http://localhost:9201").')
+
+            .form-group
+              = f.label :elasticsearch_shards, _('Number of Elasticsearch shards'), class: 'label-bold'
+              = f.number_field :elasticsearch_shards, value: @application_setting.elasticsearch_shards, class: 'form-control gl-form-input'
+              .form-text.text-muted
+                = _('How many shards to split the Elasticsearch index over.')
+                = recreate_index_text
+
+            .form-group
+              = f.label :elasticsearch_replicas, _('Number of Elasticsearch replicas'), class: 'label-bold'
+              = f.number_field :elasticsearch_replicas, value: @application_setting.elasticsearch_replicas, class: 'form-control gl-form-input'
+              .form-text.text-muted
+                = _('How many replicas each Elasticsearch shard has.')
+                = recreate_index_text
+
+            .form-group
+              = f.label :elasticsearch_indexed_file_size_limit_kb, _('Maximum file size indexed (KiB)'), class: 'label-bold'
+              = f.number_field :elasticsearch_indexed_file_size_limit_kb, value: @application_setting.elasticsearch_indexed_file_size_limit_kb, class: 'form-control gl-form-input'
+              .form-text.text-muted
+                = _('Any files larger than this limit will not be indexed, and thus will not be searchable.')
+
+            .form-group
+              = f.label :elasticsearch_indexed_field_length_limit, _('Maximum field length'), class: 'label-bold'
+              = f.number_field :elasticsearch_indexed_field_length_limit, value: @application_setting.elasticsearch_indexed_field_length_limit, class: 'form-control gl-form-input'
+              .form-text.text-muted
+                = _('If any indexed field exceeds this limit it will be truncated to this number of characters and the rest will not be indexed or searchable. This does not apply to repository and wiki indexing. Setting this to 0 means it is unlimited.')
+
+            .form-group
+              = f.label :elasticsearch_max_bulk_size_mb, _('Maximum bulk request size (MiB)'), class: 'label-bold'
+              = f.number_field :elasticsearch_max_bulk_size_mb, value: @application_setting.elasticsearch_max_bulk_size_mb, class: 'form-control gl-form-input'
+              .form-text.text-muted
+                = _('Maximum size of Elasticsearch bulk indexing requests.')
+                = _('This only applies to repository indexing operations.')
+
+            .form-group
+              = f.label :elasticsearch_max_bulk_concurrency, _('Bulk request concurrency'), class: 'label-bold'
+              = f.number_field :elasticsearch_max_bulk_concurrency, value: @application_setting.elasticsearch_max_bulk_concurrency, class: 'form-control gl-form-input'
+              .form-text.text-muted
+                = _('Maximum concurrency of Elasticsearch bulk requests per indexing operation.')
+                = _('This only applies to repository indexing operations.')
+
+            .form-group
+              = f.label :elasticsearch_client_request_timeout, _('Client request timeout'), class: 'label-bold'
+              = f.number_field :elasticsearch_client_request_timeout, value: @application_setting.elasticsearch_client_request_timeout, class: 'form-control gl-form-input'
+              .form-text.text-muted
+                = _('Elasticsearch HTTP client timeout value in seconds.')
+                = _('Setting this to 0 means using the system default timeout value.')
+
+        .gl-card.gl-bg-gray-10.gl-mb-6
+          .gl-card-body
+            %h4= _('Elasticsearch zero-downtime reindexing')
+            = link_to _('Trigger cluster reindexing'), admin_elasticsearch_trigger_reindexing_path, class: "gl-button btn btn-info", disabled: @elasticsearch_reindexing_task&.in_progress?, data: { confirm: _('Are you sure you want to reindex?') }, method: :post
+            .form-text.gl-text-gray-600
+              = _('This feature should be used with an index that was created after 13.0')
+            - Elastic::ReindexingTask.old_indices_scheduled_for_deletion.each do |task|
+              .form-text.text-danger
+                = _("Unused, previous indices: %{index_names} will be deleted after %{time} automatically.") % { index_names: task.subtasks.map(&:index_name_from).join(', '), time: task.delete_original_index_at }
+                = link_to _('Cancel index deletion'), admin_elasticsearch_cancel_index_deletion_path(task_id: task.id), class: 'gl-mb-2', method: :post
+            - if @elasticsearch_reindexing_task
+              %h5= _('Reindexing Status: %{status}') % { status: @elasticsearch_reindexing_task.state }
+              - if @elasticsearch_reindexing_task.error_message
+                %p= _('Error: %{error_message}') % { error_message: @elasticsearch_reindexing_task.error_message }
+              - @elasticsearch_reindexing_task.subtasks.each do |subtask|
+                .gl-card-body.form-group
+                  %h5= subtask.alias_name
+                  - expected_documents = subtask.documents_count
+                  - if subtask.elastic_task
+                    %p= _('Task ID: %{elastic_task}') % { elastic_task: subtask.elastic_task }
+                  - if expected_documents
+                    - processed_documents = subtask.documents_count_target
+                    %p= _('Expected documents: %{expected_documents}') % { expected_documents: expected_documents }
+                    - if processed_documents && expected_documents
+                      - percentage = ((processed_documents / expected_documents.to_f) * 100).round(2)
+                      %p= _('Documents reindexed: %{processed_documents} (%{percentage}%%)') % { processed_documents: processed_documents, percentage: percentage }
+                      .progress
+                        .progress-bar{ "aria-valuemax" => "100", "aria-valuemin" => "0", "aria-valuenow" => percentage, :role => "progressbar", :style => "width: #{percentage}%" }
+
+        .gl-card.gl-bg-gray-10.gl-mb-6
+          .gl-card-body
+            %h4= _('Elasticsearch indexing restrictions')
+            .form-group
+              .form-check
+                = f.check_box :elasticsearch_limit_indexing, class: 'form-check-input js-limit-checkbox'
+                = f.label :elasticsearch_limit_indexing, class: 'form-check-label' do
+                  = _('Limit namespaces and projects that can be indexed')
+
+            .form-group.js-limit-namespaces{ class: ('hidden' unless @application_setting.elasticsearch_limit_indexing) }
+              = f.label :elasticsearch_namespace_ids, _('Namespaces to index'), class: 'label-bold'
+              - if elasticsearch_too_many_namespaces?
+                %p= _('Too many namespaces enabled. You will need to manage them via the console or the API.')
+              - else
+                = f.text_field :elasticsearch_namespace_ids, class: 'js-elasticsearch-namespaces', value: elasticsearch_namespace_ids, data: { selected: elasticsearch_objects_options(@application_setting.elasticsearch_limited_namespaces(true)).to_json }
+
+            .form-group.js-limit-projects{ class: ('hidden' unless @application_setting.elasticsearch_limit_indexing) }
+              = f.label :elasticsearch_project_ids, _('Projects to index'), class: 'label-bold'
+              - if elasticsearch_too_many_projects?
+                %p= _('Too many projects enabled. You will need to manage them via the console or the API.')
+              - else
+                = f.text_field :elasticsearch_project_ids, class: 'js-elasticsearch-projects', value: elasticsearch_project_ids, data: { selected: elasticsearch_objects_options(@application_setting.elasticsearch_limited_projects(true)).to_json }
+
+        .gl-card.gl-bg-gray-10.gl-mb-6
+          .gl-card-body
+            %h4= _('Custom analyzers: language support')
+            %h5
+              = _('Chinese language support using')
+              %a{ href: 'https://www.elastic.co/guide/en/elasticsearch/plugins/current/analysis-smartcn.html' }
+                = _('smartcn custom analyzer')
+            .form-group
+              .form-check
+                = f.check_box :elasticsearch_analyzers_smartcn_enabled, class: 'form-check-input'
+                = f.label :elasticsearch_analyzers_smartcn_enabled, class: 'form-check-label' do
+                  = _('Enable smartcn custom analyzer: Indexing')
+            .form-group
+              .form-check
+                = f.check_box :elasticsearch_analyzers_smartcn_search, class: 'form-check-input', disabled: !Gitlab::CurrentSettings.elasticsearch_analyzers_smartcn_enabled?
+                = f.label :elasticsearch_analyzers_smartcn_search, class: 'form-check-label' do
+                  = _('Enable smartcn custom analyzer: Search')
+                .form-text.gl-text-gray-600
+                  = _('Please only enable search after installing the plugin, enabling indexing and recreating the index')
+            %h5
+              = _('Japanese language support using')
+              %a{ href: 'https://www.elastic.co/guide/en/elasticsearch/plugins/current/analysis-kuromoji.html' }
+                = _('kuromoji custom analyzer')
+            .form-group
+              .form-check
+                = f.check_box :elasticsearch_analyzers_kuromoji_enabled, class: 'form-check-input'
+                = f.label :elasticsearch_analyzers_kuromoji_enabled, class: 'form-check-label' do
+                  = _('Enable kuromoji custom analyzer: Indexing')
+            .form-group
+              .form-check
+                = f.check_box :elasticsearch_analyzers_kuromoji_search, class: 'form-check-input', disabled: !Gitlab::CurrentSettings.elasticsearch_analyzers_kuromoji_enabled?
+                = f.label :elasticsearch_analyzers_kuromoji_search, class: 'form-check-label' do
+                  = _('Enable kuromoji custom analyzer: Search')
+                .form-text.gl-text-gray-600
+                  = _('Please only enable search after installing the plugin, enabling indexing and recreating the index')
+
+        .gl-card.gl-bg-gray-10.gl-mb-6
+          .gl-card-body
+            %h4= _('Elasticsearch AWS IAM credentials')
+            .form-group
+              .form-check
+                = f.check_box :elasticsearch_aws, class: 'form-check-input'
+                = f.label :elasticsearch_aws, class: 'form-check-label' do
+                  Using AWS hosted Elasticsearch with IAM credentials
+            .form-group
+              = f.label :elasticsearch_aws_region, 'AWS region', class: 'label-bold'
+              = f.text_field :elasticsearch_aws_region, value: @application_setting.elasticsearch_aws_region, class: 'form-control gl-form-input'
+              .form-text.text-muted
+                = _('Region that Elasticsearch is configured')
+
+            .form-group
+              = f.label :elasticsearch_aws_access_key, _('AWS Access Key'), class: 'label-bold'
+              = f.text_field :elasticsearch_aws_access_key, value: @application_setting.elasticsearch_aws_access_key, class: 'form-control gl-form-input'
+              .form-text.text-muted
+                = _('AWS Access Key. Only required if not using role instance credentials')
+
+            - secret_access_key_label = @application_setting.elasticsearch_aws_secret_access_key.present? ? _('Enter new AWS Secret Access Key') : _('AWS Secret Access Key')
+            .form-group
+              = f.label :elasticsearch_aws_secret_access_key, secret_access_key_label, class: 'label-bold'
+              = f.password_field :elasticsearch_aws_secret_access_key, autocomplete: 'new-password', class: 'form-control gl-form-input'
+              .form-text.text-muted
+                = _('AWS Secret Access Key. Only required if not using role instance credentials')
 
       = f.submit _('Save changes'), class: "gl-button btn btn-success", data: { qa_selector: 'submit_button' }

ee/changelogs/unreleased/fix_blank_alert_from_vuln_issue.yml

+---
+title: Fix blank alert field when creating an issue from a vulnerability
+merge_request: 53656
+author:
+type: fixed

ee/spec/controllers/projects/issues_controller_spec.rb

@@ -127,6 +127,10 @@ RSpec.describe Projects::IssuesController do
             expect(issue.confidential).to be false
           end
 
+          it 'does not show an error message' do
+            expect(flash[:alert]).to be_nil
+          end
+
           context 'when vulnerability already has a linked issue' do
             render_views
 

ee/spec/migrations/update_cs_vulnerability_confidence_column_spec.rb

@@ -4,12 +4,14 @@ require 'spec_helper'
 require_migration!
 
 RSpec.describe UpdateCsVulnerabilityConfidenceColumn do
+  include MigrationHelpers::VulnerabilitiesFindingsHelper
+
   let(:vulnerabilities) { table(:vulnerability_occurrences) }
   let(:identifiers) { table(:vulnerability_identifiers) }
   let(:scanners) { table(:vulnerability_scanners) }
   let(:projects) { table(:projects) }
-  let(:vul1) { attributes_for(:vulnerabilities_finding, id: 1, report_type: 2, confidence: 5) } # rubocop: disable RSpec/FactoriesInMigrationSpecs
-  let(:vul2) { attributes_for(:vulnerabilities_finding, id: 2, report_type: 2, confidence: 5) } # rubocop: disable RSpec/FactoriesInMigrationSpecs
+  let(:finding1_attributes) { attributes_for_vulnerabilities_finding }
+  let(:finding2_attributes) { attributes_for_vulnerabilities_finding }
 
   before do
     stub_const("#{described_class}::BATCH_SIZE", 2)
@@ -34,33 +36,33 @@ RSpec.describe UpdateCsVulnerabilityConfidenceColumn do
 
     scanners.create!(id: 6, project_id: 123, external_id: 'clair', name: 'Security Scanner')
 
-    vulnerabilities.create!(id: vul1[:id],
+    vulnerabilities.create!(id: 1,
                             severity: 2,
                             confidence: 5,
                             report_type: 2,
                             project_id: 123,
                             scanner_id: 6,
                             primary_identifier_id: 1,
-                            project_fingerprint: vul1[:project_fingerprint],
-                            location_fingerprint: vul1[:location_fingerprint],
-                            uuid: vul1[:uuid],
-                            name: vul1[:name],
-                            metadata_version: '1.3',
-                            raw_metadata: vul1[:raw_metadata])
+                            project_fingerprint: finding1_attributes[:project_fingerprint],
+                            location_fingerprint: finding1_attributes[:location_fingerprint],
+                            uuid: finding1_attributes[:uuid],
+                            name: finding1_attributes[:name],
+                            metadata_version: finding1_attributes[:metadata_version],
+                            raw_metadata: finding1_attributes[:raw_metadata])
 
-    vulnerabilities.create!(id: vul2[:id],
+    vulnerabilities.create!(id: 2,
                             severity: 2,
                             confidence: 5,
                             report_type: 2,
                             project_id: 123,
                             scanner_id: 6,
                             primary_identifier_id: 2,
-                            project_fingerprint: vul2[:project_fingerprint],
-                            location_fingerprint: vul2[:location_fingerprint],
-                            uuid: vul2[:uuid],
-                            name: vul2[:name],
-                            metadata_version: '1.3',
-                            raw_metadata: vul2[:raw_metadata])
+                            project_fingerprint: finding2_attributes[:project_fingerprint],
+                            location_fingerprint: finding2_attributes[:location_fingerprint],
+                            uuid: finding2_attributes[:uuid],
+                            name: finding2_attributes[:name],
+                            metadata_version: finding2_attributes[:metadata_version],
+                            raw_metadata: finding2_attributes[:raw_metadata])
 
     expect(vulnerabilities.where(report_type: 2, confidence: 2).count). to eq(0)
     expect(vulnerabilities.exists?(report_type: 2, confidence: 5)).to be_truthy