Add latest changes from gitlab-org/gitlab@12-5-stable-ee

.gitlab/ci/rails.gitlab-ci.yml

@@ -92,6 +92,14 @@ setup-test-env:
     - .use-pg10
     - .only-master
 
+rspec migration pg9:
+  extends: .rspec-base-pg9
+  parallel: 4
+
+rspec migration pg9-foss:
+  extends: .rspec-base-pg9-foss
+  parallel: 4
+
 rspec unit pg9:
   extends: .rspec-base-pg9
   parallel: 20
@@ -140,9 +148,13 @@ rspec system pg10:
     - .only-ee
     - .use-pg10-ee
 
+rspec-ee migration pg9:
+  extends: .rspec-ee-base-pg9
+  parallel: 2
+
 rspec-ee unit pg9:
   extends: .rspec-ee-base-pg9
-  parallel: 7
+  parallel: 5
 
 rspec-ee integration pg9:
   extends: .rspec-ee-base-pg9
@@ -152,11 +164,17 @@ rspec-ee system pg9:
   extends: .rspec-ee-base-pg9
   parallel: 5
 
+rspec-ee migration pg10:
+  extends:
+    - .rspec-ee-base-pg10
+    - .only-master
+  parallel: 2
+
 rspec-ee unit pg10:
   extends:
     - .rspec-ee-base-pg10
     - .only-master
-  parallel: 7
+  parallel: 5
 
 rspec-ee integration pg10:
   extends:

app/assets/javascripts/clusters/components/applications.vue

@@ -170,7 +170,7 @@ Crossplane runs inside your Kubernetes cluster and supports secure connectivity
           ),
         ),
         {
-          gitlabIntegrationLink: `<a href="https://docs.gitlab.com/ce/user/project/integrations/crossplane.html"
+          gitlabIntegrationLink: `<a href="https://docs.gitlab.com/ee/user/clusters/applications.html#crossplane"
           target="_blank" rel="noopener noreferrer">
           ${_.escape(s__('ClusterIntegration|Gitlab Integration'))}</a>`,
           kubectl: `<code>kubectl</code>`,

app/assets/javascripts/jobs/components/log/log.vue

@@ -9,7 +9,12 @@ export default {
     LogLine,
   },
   computed: {
-    ...mapState(['traceEndpoint', 'trace', 'isTraceComplete']),
+    ...mapState([
+      'traceEndpoint',
+      'trace',
+      'isTraceComplete',
+      'isScrolledToBottomBeforeReceivingTrace',
+    ]),
   },
   updated() {
     this.$nextTick(() => {

app/assets/stylesheets/pages/projects.scss

@@ -274,12 +274,6 @@
     height: 24px;
   }
 
-  .git-clone-holder {
-    .btn {
-      height: auto;
-    }
-  }
-
   .dropdown-toggle,
   .clone-dropdown-btn {
     .fa {

app/controllers/projects/error_tracking_controller.rb

@@ -2,6 +2,7 @@
 
 class Projects::ErrorTrackingController < Projects::ApplicationController
   before_action :authorize_read_sentry_issue!
+  before_action :set_issue_id, only: [:details, :stack_trace]
 
   POLLING_INTERVAL = 10_000
 
@@ -113,6 +114,10 @@ class Projects::ErrorTrackingController < Projects::ApplicationController
     params.permit(:issue_id)
   end
 
+  def set_issue_id
+    @issue_id = issue_details_params[:issue_id]
+  end
+
   def set_polling_interval
     Gitlab::PollingInterval.set_header(response, interval: POLLING_INTERVAL)
   end

app/helpers/projects/error_tracking_helper.rb

@@ -14,12 +14,12 @@ module Projects::ErrorTrackingHelper
     }
   end
 
-  def error_details_data(project, issue)
-    opts = [project, issue, { format: :json }]
+  def error_details_data(project, issue_id)
+    opts = [project, issue_id, { format: :json }]
 
     {
-      'issue-details-path' => details_namespace_project_error_tracking_index_path(*opts),
-      'issue-stack-trace-path' => stack_trace_namespace_project_error_tracking_index_path(*opts)
+      'issue-details-path' => details_project_error_tracking_index_path(*opts),
+      'issue-stack-trace-path' => stack_trace_project_error_tracking_index_path(*opts)
     }
   end
 end

app/services/merge_requests/push_options_handler_service.rb

@@ -4,14 +4,14 @@ module MergeRequests
   class PushOptionsHandlerService
     LIMIT = 10
 
-    attr_reader :branches, :changes_by_branch, :current_user, :errors,
+    attr_reader :current_user, :errors, :changes,
                 :project, :push_options, :target_project
 
     def initialize(project, current_user, changes, push_options)
       @project = project
       @target_project = @project.default_merge_request_target
       @current_user = current_user
-      @branches = get_branches(changes)
+      @changes = Gitlab::ChangesList.new(changes)
       @push_options = push_options
       @errors = []
     end
@@ -34,8 +34,12 @@ module MergeRequests
 
     private
 
-    def get_branches(raw_changes)
-      Gitlab::ChangesList.new(raw_changes).map do |changes|
+    def branches
+      changes_by_branch.keys
+    end
+
+    def changes_by_branch
+      @changes_by_branch ||= changes.each_with_object({}) do |changes, result|
         next unless Gitlab::Git.branch_ref?(changes[:ref])
 
         # Deleted branch
@@ -45,8 +49,8 @@ module MergeRequests
         branch_name = Gitlab::Git.branch_name(changes[:ref])
         next if branch_name == target_project.default_branch
 
-        branch_name
-      end.compact.uniq
+        result[branch_name] = changes
+      end
     end
 
     def validate_service
@@ -101,7 +105,7 @@ module MergeRequests
           project,
           current_user,
           merge_request.attributes.merge(assignees: merge_request.assignees,
-                                        label_ids: merge_request.label_ids)
+                                         label_ids: merge_request.label_ids)
         ).execute
       end
 
@@ -112,7 +116,7 @@ module MergeRequests
       merge_request = ::MergeRequests::UpdateService.new(
         target_project,
         current_user,
-        update_params
+        update_params(merge_request)
       ).execute(merge_request)
 
       collect_errors_from_merge_request(merge_request) unless merge_request.valid?
@@ -130,19 +134,22 @@ module MergeRequests
 
       params.compact!
 
-      if push_options.key?(:merge_when_pipeline_succeeds)
-        params.merge!(
-          merge_when_pipeline_succeeds: push_options[:merge_when_pipeline_succeeds],
-          merge_user: current_user
-        )
-      end
-
       params[:add_labels] = params.delete(:label).keys if params.has_key?(:label)
       params[:remove_labels] = params.delete(:unlabel).keys if params.has_key?(:unlabel)
 
       params
     end
 
+    def merge_params(branch)
+      return {} unless push_options.key?(:merge_when_pipeline_succeeds)
+
+      {
+        merge_when_pipeline_succeeds: push_options[:merge_when_pipeline_succeeds],
+        merge_user: current_user,
+        sha: changes_by_branch.dig(branch, :newrev)
+      }
+    end
+
     def create_params(branch)
       params = base_params
 
@@ -153,13 +160,15 @@ module MergeRequests
         target_project: target_project
       )
 
+      params.merge!(merge_params(branch))
+
       params[:target_branch] ||= target_project.default_branch
 
       params
     end
 
-    def update_params
-      base_params
+    def update_params(merge_request)
+      base_params.merge(merge_params(merge_request.source_branch))
     end
 
     def collect_errors_from_merge_request(merge_request)

app/views/clusters/clusters/aws/_new.html.haml

 - if !Gitlab::CurrentSettings.eks_integration_enabled?
-  - documentation_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: help_page_path("integration/amazon") }
+  - documentation_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: help_page_path('user/project/clusters/add_remove_clusters.md',
+      anchor: 'additional-requirements-for-self-managed-instances') }
   = s_('Amazon authentication is not %{link_start}correctly configured%{link_end}. Ask your GitLab administrator if you want to use this service.').html_safe % { link_start: documentation_link_start, link_end: '<a/>'.html_safe }
 - else
   .js-create-eks-cluster-form-container{ data: { 'gitlab-managed-cluster-help-path' => help_page_path('user/project/clusters/index.md', anchor: 'gitlab-managed-clusters'),
@@ -16,5 +17,7 @@
     'account-id' => Gitlab::CurrentSettings.eks_account_id,
     'external-id' => @aws_role.role_external_id,
     'kubernetes-integration-help-path' => help_page_path('user/project/clusters/index'),
+    'account-and-external-ids-help-path' => help_page_path('user/project/clusters/add_remove_clusters.md', anchor: 'eks-cluster'),
+    'create-role-arn-help-path' => help_page_path('user/project/clusters/add_remove_clusters.md', anchor: 'eks-cluster'),
     'external-link-icon' => icon('external-link'),
     'has-credentials' => @aws_role.role_arn.present?.to_s } }

app/views/projects/error_tracking/details.html.haml

 - page_title _('Error Details')
 - add_to_breadcrumbs 'Errors', project_error_tracking_index_path(@project)
 
-#js-error_details{ data: error_details_data(@current_user, @project) }
+#js-error_details{ data: error_details_data(@project, @issue_id) }

changelogs/unreleased/20668-crossplane-help-link.yml

+---
+title: Fix Crossplane help link in cluster applications page
+merge_request: 20668
+author:
+type: fixed

changelogs/unreleased/37313-scroll-to-bottom.yml

+---
+title: Fixes job log not scrolling to the bottom
+merge_request:
+author:
+type: fixed

changelogs/unreleased/bvl-fix-merging-through-push-options.yml

+---
+title: Fix merging merge requests from push options
+merge_request: 20639
+author:
+type: fixed

changelogs/unreleased/sh-fix-api-project-template-creation.yml

+---
+title: Fix project creation with templates using /projects/user/:id API
+merge_request: 20590
+author:
+type: fixed

changelogs/unreleased/sh-flatten-json-exceptions.yml

+---
+title: Flatten exception details in API and controller logs
+merge_request: 20434
+author:
+type: changed

config/initializers/lograge.rb

@@ -44,16 +44,7 @@ unless Sidekiq.server?
       # https://github.com/roidrage/lograge#logging-errors--exceptions
       exception = event.payload[:exception_object]
 
-      if exception
-        payload[:exception] = {
-          class: exception.class.name,
-          message: exception.message
-        }
-
-        if exception.backtrace
-          payload[:exception][:backtrace] = Gitlab::Profiler.clean_backtrace(exception.backtrace)
-        end
-      end
+      ::Gitlab::ExceptionLogFormatter.format!(exception, payload)
 
       payload
     end

db/migrate/20191014132931_remove_index_on_snippets_project_id.rb

@@ -8,10 +8,13 @@ class RemoveIndexOnSnippetsProjectId < ActiveRecord::Migration[5.2]
   disable_ddl_transaction!
 
   def up
-    remove_concurrent_index :snippets, [:project_id]
+    remove_concurrent_index_by_name :snippets, 'index_snippets_on_project_id'
+
+    # This is an extra index that is not present in db/schema.rb but known to exist on some installs
+    remove_concurrent_index_by_name :snippets, :snippets_project_id_idx if index_exists_by_name? :snippets, :snippets_project_id_idx
   end
 
   def down
-    add_concurrent_index :snippets, [:project_id]
+    add_concurrent_index :snippets, [:project_id], name: 'index_snippets_on_project_id'
   end
 end

doc/administration/geo/replication/index.md

@@ -266,7 +266,7 @@ these epics/issues:
 | All database content                                | **Yes**                  | **Yes**                     |                                            |
 | Project repository                                  | **Yes**                  | **Yes**                     |                                            |
 | Project wiki repository                             | **Yes**                  | **Yes**                     |                                            |
-| Project designs repository                          | [No][design-replication] | [No][design-verification]   |                                            |
+| Project designs repository                          | **Yes**                  | [No][design-verification]   | Behind feature flag (2)                    |
 | Uploads                                             | **Yes**                  | [No][upload-verification]   | Verified only on transfer, or manually (1) |
 | LFS Objects                                         | **Yes**                  | [No][lfs-verification]      | Verified only on transfer, or manually (1) |
 | CI job artifacts (other than traces)                | **Yes**                  | [No][artifact-verification] | Verified only manually (1)                 |
@@ -307,6 +307,12 @@ these epics/issues:
 1. The integrity can be verified manually using
 [Integrity Check Rake Task](../../raketasks/check.md)
 on both nodes and comparing the output between them.
+1. Enable the `enable_geo_design_sync` feature flag by running the
+following in a Rails console:
+
+    ```ruby
+    Feature.disable(:enable_geo_design_sync)
+    ```
 
 DANGER: **DANGER**
 Features not on this list, or with **No** in the **Replicated** column,

doc/administration/logs.md

@@ -67,20 +67,18 @@ NOTE: **Note:** Starting with GitLab 12.5, if an error occurs, an
   "queue_duration": 274.35,
   "correlation_id": "KjDVUhNvvV3",
   "cpu_s": 2.837645135999999,
-  "exception": {
-    "class": "NameError",
-    "message": "undefined local variable or method `adsf' for #<Admin::DashboardController:0x00007ff3c9648588>",
-    "backtrace": [
-      "app/controllers/admin/dashboard_controller.rb:11:in `index'",
-      "ee/app/controllers/ee/admin/dashboard_controller.rb:14:in `index'",
-      "ee/lib/gitlab/ip_address_state.rb:10:in `with'",
-      "ee/app/controllers/ee/application_controller.rb:43:in `set_current_ip_address'",
-      "lib/gitlab/session.rb:11:in `with_session'",
-      "app/controllers/application_controller.rb:450:in `set_session_storage'",
-      "app/controllers/application_controller.rb:444:in `set_locale'",
-      "ee/lib/gitlab/jira/middleware.rb:19:in `call'"
-    ]
-  }
+  "exception.class": "NameError",
+  "exception.message": "undefined local variable or method `adsf' for #<Admin::DashboardController:0x00007ff3c9648588>",
+  "exception.backtrace": [
+    "app/controllers/admin/dashboard_controller.rb:11:in `index'",
+    "ee/app/controllers/ee/admin/dashboard_controller.rb:14:in `index'",
+    "ee/lib/gitlab/ip_address_state.rb:10:in `with'",
+    "ee/app/controllers/ee/application_controller.rb:43:in `set_current_ip_address'",
+    "lib/gitlab/session.rb:11:in `with_session'",
+    "app/controllers/application_controller.rb:450:in `set_session_storage'",
+    "app/controllers/application_controller.rb:444:in `set_locale'",
+    "ee/lib/gitlab/jira/middleware.rb:19:in `call'"
+  ]
 }
 ```
 

doc/ci/environments.md

@@ -738,6 +738,11 @@ NOTE: **Note:**
 The most _specific_ spec takes precedence over the other wildcard matching.
 In this case, `review/feature-1` spec takes precedence over `review/*` and `*` specs.
 
+### Environments Dashboard **(PREMIUM)**
+
+See [Environments Dashboard](environments/environments_dashboard.md) for a summary of each
+environment's operational health.
+
 ## Limitations
 
 In the `environment: name`, you are limited to only the [predefined environment variables](variables/predefined_variables.md).

doc/ci/environments/environments_dashboard.md

+---
+type: reference
+---
+
+# Environments Dashboard **(PREMIUM)**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/3713) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.5.
+
+The Environments Dashboard provides a cross-project
+environment-based view that lets you see the big picture
+of what is going on in each environment. From a single
+location, you can track the progress as changes flow
+from development to staging, and then to production (or
+through any series of custom environment flows you can set up).
+With an at-a-glance view of multiple projects, you can instantly
+see which pipelines are green and which are red allowing you to
+diagnose if there is a block at a particular point, or if there’s
+a more systemic problem you need to investigate.
+
+You can access the dashboard from the top bar by clicking
+**More > Environments**.
+
+![Environments Dashboard with projects](img/environments_dashboard_v12_5.png)
+
+The Environments Dashboard displays a maximum of 7 projects
+and 3 environments per project.
+
+The listed environments for each project are unique, such as
+"production", "staging", etc. Review apps and other grouped
+environments are not displayed.
+
+## Adding a project to the dashboard
+
+To add a project to the dashboard:
+
+1. Click the **Add projects** button in the homescreen of the dashboard.
+1. Search and add one or more projects using the **Search your projects** field.
+1. Click the **Add projects** button.
+
+Once added, you can see a summary of each project's environment operational
+health, including the latest commit, pipeline status, and deployment time.
+
+The Environments and [Operations](../../user/operations_dashboard/index.md)
+dashboards share the same list of projects. When you add or remove a
+project from one, GitLab adds or removes the project from the other.
+
+## Environment dashboards on GitLab.com
+
+GitLab.com users can add public projects to the Environments
+Dashboard for free. If your project is private, the group it belongs
+to must have a [GitLab Silver](https://about.gitlab.com/pricing/) plan.

doc/ci/yaml/README.md

@@ -1539,9 +1539,14 @@ cache:
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/18986) in GitLab v12.5.
 
-If `cache:key:files` is added, one or two files must be defined with it. The cache `key`
-will be a SHA computed from the most recent commits (one or two) that changed the
-given files. If neither file was changed in any commits, the key will be `default`.
+The `cache:key:files` keyword extends the `cache:key` functionality by making it easier
+to reuse some caches, and rebuild them less often, which will speed up subsequent pipeline
+runs.
+
+When you include `cache:key:files`, you must also list the project files that will be used to generate the key, up to a maximum of two files.
+The cache `key` will be a SHA checksum computed from the most recent commits (up to two, if two files are listed)
+that changed the given files. If neither file was changed in any commits,
+the fallback key will be `default`.
 
 ```yaml
 cache:
@@ -1554,20 +1559,26 @@ cache:
     - node_modules
 ```
 
+In this example we are creating a cache for Ruby and Nodejs dependencies that
+is tied to current versions of the `Gemfile.lock` and `package.json` files. Whenever one of
+these files changes, a new cache key is computed and a new cache is created. Any future
+job runs using the same `Gemfile.lock` and `package.json`  with `cache:key:files` will
+use the new cache, instead of rebuilding the dependencies.
+
 ##### `cache:key:prefix`
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/18986) in GitLab v12.5.
-
 The `prefix` parameter adds extra functionality to `key:files` by allowing the key to
 be composed of the given `prefix` combined with the SHA computed for `cache:key:files`.
-For example, adding a `prefix` of `rspec`, will
-cause keys to look like: `rspec-feef9576d21ee9b6a32e30c5c79d0a0ceb68d1e5`. If neither
-file was changed in any commits, the prefix is added to `default`, so the key in the
-example would be `rspec-default`.
+For example, adding a `prefix` of `test`, will cause keys to look like: `test-feef9576d21ee9b6a32e30c5c79d0a0ceb68d1e5`.
+If neither file was changed in any commits, the prefix is added to `default`, so the
+key in the example would be `test-default`.
 
-`prefix` follows the same restrictions as `key`, so it can use any of the
-[predefined variables](../variables/README.md). Similarly, the `/` character or the
-equivalent URI-encoded `%2F`, or a value made only of `.` or `%2E`, is not allowed.
+Like `cache:key`, `prefix` can use any of the [predefined variables](../variables/README.md),
+but the following are not allowed:
+
+- the `/` character (or the equivalent URI-encoded `%2F`)
+- a value made only of `.` (or the equivalent URI-encoded `%2E`)
 
 ```yaml
 cache:
@@ -1577,8 +1588,20 @@ cache:
     prefix: ${CI_JOB_NAME}
   paths:
     - vendor/ruby
+
+rspec:
+  script:
+    - bundle exec rspec
 ```
 
+For example, adding a `prefix` of `$CI_JOB_NAME` will
+cause the key to look like: `rspec-feef9576d21ee9b6a32e30c5c79d0a0ceb68d1e5` and
+the job cache is shared across different branches. If a branch changes
+`Gemfile.lock`, that branch will have a new SHA checksum for `cache:key:files`. A new cache key
+will be generated, and a new cache will be created for that key.
+If `Gemfile.lock` is not found, the prefix is added to
+`default`, so the key in the example would be `rspec-default`.
+
 #### `cache:untracked`
 
 Set `untracked: true` to cache all files that are untracked in your Git

doc/integration/sourcegraph.md

@@ -108,9 +108,10 @@ When visiting one of these views, you can now hover over a code reference to see
 
 Sourcegraph powered code intelligence will be incrementally rolled out on GitLab.com.
 It will eventually become available for all public projects, but for now, it is only
-available for some specific [`gitlab-org` projects](https://gitlab.com/gitlab-org/).
-This means that you can see it working and use it to dig into the code of these projects,
-but you cannot use it on your own project on GitLab.com yet.
+available for some specific projects within the [`gitlab-org`](https://gitlab.com/gitlab-org/)
+group, e.g., <https://gitlab.com/gitlab-org/gitlab>. This means that you can see
+it working and use it to dig into the code of these projects, but you cannot use
+it on your own project on GitLab.com yet.
 
 If you would like to use it in your own projects as of GitLab 12.5, you can do so by
 setting up a self-managed GitLab instance.

doc/user/admin_area/settings/continuous_integration.md

@@ -161,6 +161,11 @@ but commented out to help encourage others to add to it in the future. -->
 
 ## Required pipeline configuration **(PREMIUM ONLY)**
 
+CAUTION: **Caution:**
+The Required Pipeline Configuration feature is deprecated and will be removed when an
+[improved compliance solution](https://gitlab.com/gitlab-org/gitlab/issues/34830)
+is added to GitLab. It is recommended to avoid using this feature.
+
 GitLab administrators can force a pipeline configuration to run on every
 pipeline.
 

doc/user/application_security/sast/analyzers.md

@@ -15,7 +15,7 @@ SAST supports the following official analyzers:
 
 - [`bandit`](https://gitlab.com/gitlab-org/security-products/analyzers/bandit) (Bandit)
 - [`brakeman`](https://gitlab.com/gitlab-org/security-products/analyzers/brakeman) (Brakeman)
-- [`eslint`](https://gitlab.com/gitlab-org/security-products/analyzers/eslint) (ESLint (JavaScript))
+- [`eslint`](https://gitlab.com/gitlab-org/security-products/analyzers/eslint) (ESLint (JavaScript and React))
 - [`flawfinder`](https://gitlab.com/gitlab-org/security-products/analyzers/flawfinder) (Flawfinder)
 - [`gosec`](https://gitlab.com/gitlab-org/security-products/analyzers/gosec) (Gosec)
 - [`nodejs-scan`](https://gitlab.com/gitlab-org/security-products/analyzers/nodejs-scan) (NodeJsScan)

doc/user/application_security/sast/index.md

@@ -76,6 +76,7 @@ The following table shows which languages, package managers and frameworks are s
 | Node.js                                                                     | [NodeJsScan](https://github.com/ajinabraham/NodeJsScan)                                | 11.1                         |
 | PHP                                                                         | [phpcs-security-audit](https://github.com/FloeDesignTechnologies/phpcs-security-audit) | 10.8                         |
 | Python ([pip](https://pip.pypa.io/en/stable/))                              | [bandit](https://github.com/PyCQA/bandit)                                              | 10.3                         |
+| React                                                                       | [ESLint react plugin](https://github.com/yannickcr/eslint-plugin-react)                | 12.5                         |
 | Ruby on Rails                                                               | [brakeman](https://brakemanscanner.org)                                                | 10.3                         |
 | Scala ([Ant](https://ant.apache.org/), [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/) and [SBT](https://www.scala-sbt.org/)) | [SpotBugs](https://spotbugs.github.io/) with the [find-sec-bugs](https://find-sec-bugs.github.io/) plugin | 11.0 (SBT) & 11.9 (Ant, Gradle, Maven) |
 | TypeScript                                                                  | [TSLint config security](https://github.com/webschik/tslint-config-security/)          | 11.9                         |

doc/user/application_security/security_dashboard/index.md

@@ -71,7 +71,7 @@ Once you're on the dashboard, at the top you should see a series of filters for:
 - Report type
 - Project
 
-To the right of the filters, you should see a **Hide dismissed** toggle button ([available in GitLab Ultimate 12.5](https://gitlab.com/gitlab-org/gitlab/issues/9102)).
+To the right of the filters, you should see a **Hide dismissed** toggle button ([available for GitLab.com Gold, planned for GitLab Ultimate 12.6](https://gitlab.com/gitlab-org/gitlab/issues/9102)).
 
 NOTE: **Note:**
 The dashboard only shows projects with [security reports](#supported-reports) enabled in a group.

doc/user/clusters/applications.md

@@ -417,6 +417,18 @@ install Crossplane using the
 [`values.yaml`](https://github.com/crossplaneio/crossplane/blob/master/cluster/charts/crossplane/values.yaml.tmpl)
 file.
 
+#### Enabling installation
+
+This is a preliminary release of Crossplane as a GitLab-managed application. By default,
+the ability to install it is disabled.
+
+To allow installation of Crossplane as a GitLab-managed application, ask a GitLab
+administrator to run following command within a Rails console:
+
+```ruby
+Feature.enable(:enable_cluster_application_crossplane)
+```
+
 ## Upgrading applications
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/24789) in GitLab 11.8.

doc/user/group/epics/index.md

@@ -50,14 +50,17 @@ Any issue that belongs to a project in the epic's group, or any of the epic's
 subgroups, are eligible to be added.  New issues appear at the top of the list of issues in the **Epics and Issues** tab.
 
 An epic contains a list of issues and an issue can be associated with at most
-one epic. When you add an issue to an epic that is already associated with another epic,
-the issue is automatically removed from the previous epic.
+one epic. When you add an issue that is already linked to an epic,
+the issue is automatically unlinked from its current parent.
 
 To add an issue to an epic:
 
 1. Click **Add an issue**.
-1. Paste the link of the issue.
-   - Press <kbd>Spacebar</kbd> and repeat this step if there are multiple issues.
+1. Identify the issue to be added, using either of the following methods:
+   - Paste the link of the issue.
+   - Search for the desired issue by entering part of the issue's title, then selecting the desired match. ([From GitLab 12.5](https://gitlab.com/gitlab-org/gitlab/issues/9126))
+
+   If there are multiple issues to be added, press <kbd>Spacebar</kbd> and repeat this step.
 1. Click **Add**.
 
 To remove an issue from an epic:
@@ -72,17 +75,19 @@ To remove an issue from an epic:
 Any epic that belongs to a group, or subgroup of the parent epic's group, is
 eligible to be added. New child epics appear at the top of the list of epics in the **Epics and Issues** tab.
 
-When you add a child epic that is already associated with another epic,
-that epic is automatically removed from the previous epic.
+When you add an epic that is already linked to a parent epic, the link to its current parent is removed.
 
 An epic can have multiple child epics with
 the maximum depth being 5.
 
-To add a child epic:
+To add a child epic to an epic:
 
 1. Click **Add an epic**.
-1. Paste the link of the epic.
-   - Press <kbd>Spacebar</kbd> and repeat this step if there are multiple issues.
+1. Identify the epic to be added, using either of the following methods:
+   - Paste the link of the epic.
+   - Search for the desired issue by entering part of the epic's title, then selecting the desired match. ([From GitLab 12.5](https://gitlab.com/gitlab-org/gitlab/issues/9126))
+
+   If there are multiple epics to be added, press <kbd>Spacebar</kbd> and repeat this step.
 1. Click **Add**.
 
 To remove a child epic from a parent epic:

doc/user/operations_dashboard/index.md

@@ -23,6 +23,8 @@ To add a project to the dashboard:
 Once added, the dashboard will display the project's number of active alerts,
 last commit, pipeline status, and when it was last deployed.
 
+The Operations and [Environments](../../ci/environments/environments_dashboard.md) dashboards share the same list of projects. Adding or removing a project from one adds or removes the project from the other.
+
 ![Operations Dashboard with projects](img/index_operations_dashboard_with_projects.png)
 
 ## Arranging projects on a dashboard

doc/user/project/clusters/add_remove_clusters.md

@@ -206,9 +206,46 @@ GitLab supports:
 Before creating your first cluster on Amazon EKS with GitLab's integration,
 make sure the following requirements are met:
 
+- Enable the `create_eks_clusters` feature flag for your GitLab instance.
 - An [Amazon Web Services](https://aws.amazon.com/) account is set up and you are able to log in.
 - You have permissions to manage IAM resources.
 
+#### Enable the `create_eks_clusters` feature flag **(CORE ONLY)**
+
+NOTE: **Note:**
+If you are running a self-managed instance, EKS cluster creation will not be available
+unless the feature flag `create_eks_clusters` is enabled. This can be done from the Rails console
+by instance administrators.
+
+Use these commands to start the Rails console:
+
+```sh
+# Omnibus GitLab
+gitlab-rails console
+
+# Installation from source
+cd /home/git/gitlab
+sudo -u git -H bin/rails console RAILS_ENV=production
+```
+
+Then run the following command to enable the feature flag:
+
+```
+Feature.enable(:create_eks_clusters)
+```
+
+You can also enable the feature flag only for specific projects with:
+
+```
+Feature.enable(:create_eks_clusters, Project.find_by_full_path('my_group/my_project'))
+```
+
+Run the following command to disable the feature flag:
+
+```
+Feature.disable(:create_eks_clusters)
+```
+
 ##### Additional requirements for self-managed instances
 
 If you are using a self-managed GitLab instance, GitLab must first
@@ -262,55 +299,55 @@ new Kubernetes cluster to your project:
    1. Click **Create Policy**, which will open a new window.
    1. Select the **JSON** tab, and paste in the following snippet in place of the existing content:
 
-    ```json
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Effect": "Allow",
-                "Action": [
-                    "autoscaling:CreateAutoScalingGroup",
-                    "autoscaling:DescribeAutoScalingGroups",
-                    "autoscaling:DescribeScalingActivities",
-                    "autoscaling:UpdateAutoScalingGroup",
-                    "autoscaling:CreateLaunchConfiguration",
-                    "autoscaling:DescribeLaunchConfigurations",
-                    "cloudformation:CreateStack",
-                    "cloudformation:DescribeStacks",
-                    "ec2:AuthorizeSecurityGroupEgress",
-                    "ec2:AuthorizeSecurityGroupIngress",
-                    "ec2:RevokeSecurityGroupEgress",
-                    "ec2:RevokeSecurityGroupIngress",
-                    "ec2:CreateSecurityGroup",
-                    "ec2:createTags",
-                    "ec2:DescribeImages",
-                    "ec2:DescribeKeyPairs",
-                    "ec2:DescribeRegions",
-                    "ec2:DescribeSecurityGroups",
-                    "ec2:DescribeSubnets",
-                    "ec2:DescribeVpcs",
-                    "eks:CreateCluster",
-                    "eks:DescribeCluster",
-                    "iam:AddRoleToInstanceProfile",
-                    "iam:AttachRolePolicy",
-                    "iam:CreateRole",
-                    "iam:CreateInstanceProfile",
-                    "iam:GetRole",
-                    "iam:ListRoles",
-                    "iam:PassRole",
-                    "ssm:GetParameters"
-                ],
-                "Resource": "*"
-            }
-        ]
-    }
-    ```
-
-    NOTE: **Note:**
-    These permissions give GitLab the ability to create resources, but not delete them.
-    This means that if an error is encountered during the creation process, changes will
-    not be rolled back and you must remove resources manually. You can do this by deleting
-    the relevant [CloudFormation stack](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-console-delete-stack.html)
+      ```json
+      {
+          "Version": "2012-10-17",
+          "Statement": [
+              {
+                  "Effect": "Allow",
+                  "Action": [
+                      "autoscaling:CreateAutoScalingGroup",
+                      "autoscaling:DescribeAutoScalingGroups",
+                      "autoscaling:DescribeScalingActivities",
+                      "autoscaling:UpdateAutoScalingGroup",
+                      "autoscaling:CreateLaunchConfiguration",
+                      "autoscaling:DescribeLaunchConfigurations",
+                      "cloudformation:CreateStack",
+                      "cloudformation:DescribeStacks",
+                      "ec2:AuthorizeSecurityGroupEgress",
+                      "ec2:AuthorizeSecurityGroupIngress",
+                      "ec2:RevokeSecurityGroupEgress",
+                      "ec2:RevokeSecurityGroupIngress",
+                      "ec2:CreateSecurityGroup",
+                      "ec2:createTags",
+                      "ec2:DescribeImages",
+                      "ec2:DescribeKeyPairs",
+                      "ec2:DescribeRegions",
+                      "ec2:DescribeSecurityGroups",
+                      "ec2:DescribeSubnets",
+                      "ec2:DescribeVpcs",
+                      "eks:CreateCluster",
+                      "eks:DescribeCluster",
+                      "iam:AddRoleToInstanceProfile",
+                      "iam:AttachRolePolicy",
+                      "iam:CreateRole",
+                      "iam:CreateInstanceProfile",
+                      "iam:GetRole",
+                      "iam:ListRoles",
+                      "iam:PassRole",
+                      "ssm:GetParameters"
+                  ],
+                  "Resource": "*"
+              }
+          ]
+      }
+      ```
+
+      NOTE: **Note:**
+      These permissions give GitLab the ability to create resources, but not delete them.
+      This means that if an error is encountered during the creation process, changes will
+      not be rolled back and you must remove resources manually. You can do this by deleting
+      the relevant [CloudFormation stack](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-console-delete-stack.html)
 
    1. Click **Review policy**.
    1. Enter a suitable name for this policy, and click **Create Policy**. You can now close this window.

doc/user/project/issues/issue_data_and_actions.md

@@ -157,6 +157,8 @@ The plain text title and description of the issue fill the top center of the iss
 The description fully supports [GitLab Flavored Markdown](../../markdown.md#gitlab-flavored-markdown-gfm),
 allowing many formatting options.
 
+> [Since GitLab 12.5](https://gitlab.com/gitlab-org/gitlab/issues/10103), changes to an issue's description are listed in the [issue history](#23-issue-history).**(STARTER)**
+
 #### 17. Mentions
 
 You can mention a user or a group present in your GitLab instance with `@username` or

doc/user/project/releases/index.md

@@ -147,7 +147,7 @@ You can also edit an existing tag to add release notes:
 
 ## Release Evidence
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/26019) in GitLab 12.5.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/26019) in GitLab 12.6.
 
 Each time a new release is created, specific related data is collected in
 parallel. This dataset will be a snapshot this new release (including linked
@@ -155,7 +155,7 @@ milestones and issues) at moment of creation. Such collection of data will
 provide a chain of custody and facilitate processes like external audits, for example.
 
 The gathered Evidence data is stored in the database upon creation of a new
-release as a JSON object. In GitLab 12.5, a link to
+release as a JSON object. In GitLab 12.6, a link to
 the Evidence data is provided for [each Release](#releases-list).
 
 Here's what this object can look like:

lib/api/projects.rb

@@ -191,6 +191,7 @@ module API
         optional :path, type: String, desc: 'The path of the repository'
         optional :default_branch, type: String, desc: 'The default branch of the project'
         use :optional_project_params
+        use :optional_create_project_params
         use :create_params
       end
       # rubocop: disable CodeReuse/ActiveRecord

lib/gitlab/exception_log_formatter.rb

+# frozen_string_literal: true
+
+module Gitlab
+  module ExceptionLogFormatter
+    def self.format!(exception, payload)
+      return unless exception
+
+      # Elasticsearch/Fluentd don't handle nested structures well.
+      # Use periods to flatten the fields.
+      payload.merge!(
+        'exception.class' => exception.class.name,
+        'exception.message' => exception.message
+      )
+
+      if exception.backtrace
+        payload['exception.backtrace'] = Gitlab::Profiler.clean_backtrace(exception.backtrace)
+      end
+    end
+  end
+end

lib/gitlab/grape_logging/loggers/exception_logger.rb

@@ -11,19 +11,11 @@ module Gitlab
           # precedence so the logger never sees it. We need to
           # store and retrieve the exception from the environment.
           exception = request.env[::API::Helpers::API_EXCEPTION_ENV]
+          data = {}
 
-          return {} unless exception.is_a?(Exception)
+          return data unless exception.is_a?(Exception)
 
-          data = {
-            exception: {
-              class: exception.class.to_s,
-              message: exception.message
-            }
-          }
-
-          if exception.backtrace
-            data[:exception][:backtrace] = Gitlab::Profiler.clean_backtrace(exception.backtrace)
-          end
+          Gitlab::ExceptionLogFormatter.format!(exception, data)
 
           data
         end

lib/gitlab/import_export/relation_factory.rb

@@ -327,7 +327,12 @@ module Gitlab
       end
 
       def find_or_create_object!
-        return relation_class.find_or_create_by(project_id: @project.id) if UNIQUE_RELATIONS.include?(@relation_name)
+        if UNIQUE_RELATIONS.include?(@relation_name)
+          unique_relation_object = relation_class.find_or_create_by(project_id: @project.id)
+          unique_relation_object.assign_attributes(parsed_relation_hash)
+
+          return unique_relation_object
+        end
 
         # Can't use IDs as validation exists calling `group` or `project` attributes
         finder_hash = parsed_relation_hash.tap do |hash|

lib/quality/test_level.rb

@@ -36,6 +36,10 @@ module Quality
         workers
         elastic_integration
       ],
+      migration: %w[
+        migrations
+        lib/gitlab/background_migration
+      ],
       integration: %w[
         controllers
         mailers
@@ -62,6 +66,10 @@ module Quality
 
     def level_for(file_path)
       case file_path
+      # Detect migration first since some background migration tests are under
+      # spec/lib/gitlab/background_migration and tests under spec/lib are unit by default
+      when regexp(:migration)
+        :migration
       when regexp(:unit)
         :unit
       when regexp(:integration)

spec/fixtures/lib/gitlab/import_export/complex/project.json

@@ -7209,15 +7209,15 @@
     }
   ],
   "project_feature": {
-    "builds_access_level": 0,
+    "builds_access_level": 10,
     "created_at": "2014-12-26T09:26:45.000Z",
     "id": 2,
-    "issues_access_level": 0,
-    "merge_requests_access_level": 20,
+    "issues_access_level": 10,
+    "merge_requests_access_level": 10,
     "project_id": 4,
-    "snippets_access_level": 20,
+    "snippets_access_level": 10,
     "updated_at": "2016-09-23T11:58:28.000Z",
-    "wiki_access_level": 20
+    "wiki_access_level": 10
   },
   "custom_attributes": [
     {
@@ -7257,6 +7257,9 @@
       "image_url": "http://www.example.com"
     }
   ],
+  "ci_cd_settings": {
+    "group_runners_enabled": false
+  },
   "boards": [
     {
       "id": 29,

spec/helpers/projects/error_tracking_helper_spec.rb

@@ -75,4 +75,21 @@ describe Projects::ErrorTrackingHelper do
       end
     end
   end
+
+  describe '#error_details_data' do
+    let(:issue_id) { 1234 }
+    let(:route_params) { [project.owner, project, issue_id, { format: :json }] }
+    let(:details_path) { details_namespace_project_error_tracking_index_path(*route_params) }
+    let(:stack_trace_path) { stack_trace_namespace_project_error_tracking_index_path(*route_params) }
+
+    let(:result) { helper.error_details_data(project, issue_id) }
+
+    it 'returns the correct details path' do
+      expect(result['issue-details-path']).to eq details_path
+    end
+
+    it 'returns the correct stack trace path' do
+      expect(result['issue-stack-trace-path']).to eq stack_trace_path
+    end
+  end
 end

spec/initializers/lograge_spec.rb

@@ -110,9 +110,9 @@ describe 'lograge', type: :request do
 
         log_data = JSON.parse(log_output.string)
 
-        expect(log_data['exception']['class']).to eq('RuntimeError')
-        expect(log_data['exception']['message']).to eq('bad request')
-        expect(log_data['exception']['backtrace']).to eq(Gitlab::Profiler.clean_backtrace(backtrace))
+        expect(log_data['exception.class']).to eq('RuntimeError')
+        expect(log_data['exception.message']).to eq('bad request')
+        expect(log_data['exception.backtrace']).to eq(Gitlab::Profiler.clean_backtrace(backtrace))
       end
     end
   end

spec/lib/gitlab/grape_logging/loggers/exception_logger_spec.rb

@@ -24,10 +24,8 @@ describe Gitlab::GrapeLogging::Loggers::ExceptionLogger do
 
       let(:expected) do
         {
-          exception: {
-            class: 'RuntimeError',
-            message: 'This is a test'
-          }
+          'exception.class' => 'RuntimeError',
+          'exception.message' => 'This is a test'
         }
       end
 
@@ -39,7 +37,7 @@ describe Gitlab::GrapeLogging::Loggers::ExceptionLogger do
         before do
           current_backtrace = caller
           allow(exception).to receive(:backtrace).and_return(current_backtrace)
-          expected[:exception][:backtrace] = Gitlab::Profiler.clean_backtrace(current_backtrace)
+          expected['exception.backtrace'] = Gitlab::Profiler.clean_backtrace(current_backtrace)
         end
 
         it 'includes the backtrace' do

spec/lib/gitlab/import_export/project_tree_restorer_spec.rb

@@ -48,11 +48,11 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
       it 'restore correct project features' do
         project = Project.find_by_path('project')
 
-        expect(project.project_feature.issues_access_level).to eq(ProjectFeature::DISABLED)
-        expect(project.project_feature.builds_access_level).to eq(ProjectFeature::ENABLED)
-        expect(project.project_feature.snippets_access_level).to eq(ProjectFeature::ENABLED)
-        expect(project.project_feature.wiki_access_level).to eq(ProjectFeature::ENABLED)
-        expect(project.project_feature.merge_requests_access_level).to eq(ProjectFeature::ENABLED)
+        expect(project.project_feature.issues_access_level).to eq(ProjectFeature::PRIVATE)
+        expect(project.project_feature.builds_access_level).to eq(ProjectFeature::PRIVATE)
+        expect(project.project_feature.snippets_access_level).to eq(ProjectFeature::PRIVATE)
+        expect(project.project_feature.wiki_access_level).to eq(ProjectFeature::PRIVATE)
+        expect(project.project_feature.merge_requests_access_level).to eq(ProjectFeature::PRIVATE)
       end
 
       it 'has the project description' do
@@ -220,6 +220,10 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
         expect(award_emoji.map(&:name)).to contain_exactly('thumbsup', 'coffee')
       end
 
+      it 'restores `ci_cd_settings` : `group_runners_enabled` setting' do
+        expect(@project.ci_cd_settings.group_runners_enabled?).to eq(false)
+      end
+
       it 'restores the correct service' do
         expect(CustomIssueTrackerService.first).not_to be_nil
       end

spec/lib/quality/test_level_spec.rb

@@ -25,6 +25,13 @@ RSpec.describe Quality::TestLevel do
       end
     end
 
+    context 'when level is migration' do
+      it 'returns a pattern' do
+        expect(subject.pattern(:migration))
+          .to eq("spec/{migrations,lib/gitlab/background_migration}{,/**/}*_spec.rb")
+      end
+    end
+
     context 'when level is integration' do
       it 'returns a pattern' do
         expect(subject.pattern(:integration))
@@ -79,6 +86,13 @@ RSpec.describe Quality::TestLevel do
       end
     end
 
+    context 'when level is migration' do
+      it 'returns a regexp' do
+        expect(subject.regexp(:migration))
+          .to eq(%r{spec/(migrations|lib/gitlab/background_migration)})
+      end
+    end
+
     context 'when level is integration' do
       it 'returns a regexp' do
         expect(subject.regexp(:integration))
@@ -116,6 +130,18 @@ RSpec.describe Quality::TestLevel do
       expect(subject.level_for('spec/models/abuse_report_spec.rb')).to eq(:unit)
     end
 
+    it 'returns the correct level for a migration test' do
+      expect(subject.level_for('spec/migrations/add_default_and_free_plans_spec.rb')).to eq(:migration)
+    end
+
+    it 'returns the correct level for a background_migration test' do
+      expect(subject.level_for('spec/lib/gitlab/background_migration/archive_legacy_traces_spec.rb')).to eq(:migration)
+    end
+
+    it 'returns the correct level for a geo migration test' do
+      expect(described_class.new('ee/').level_for('ee/spec/migrations/geo/migrate_ci_job_artifacts_to_separate_registry_spec.rb')).to eq(:migration)
+    end
+
     it 'returns the correct level for an integration test' do
       expect(subject.level_for('spec/mailers/abuse_report_mailer_spec.rb')).to eq(:integration)
     end

spec/services/merge_requests/push_options_handler_service_spec.rb

@@ -101,17 +101,15 @@ describe MergeRequests::PushOptionsHandlerService do
   shared_examples_for 'a service that can set the merge request to merge when pipeline succeeds' do
     subject(:last_mr) { MergeRequest.last }
 
+    let(:change) { Gitlab::ChangesList.new(changes).changes.first }
+
     it 'sets auto_merge_enabled' do
       service.execute
 
       expect(last_mr.auto_merge_enabled).to eq(true)
       expect(last_mr.auto_merge_strategy).to eq(AutoMergeService::STRATEGY_MERGE_WHEN_PIPELINE_SUCCEEDS)
-    end
-
-    it 'sets merge_user to the user' do
-      service.execute
-
       expect(last_mr.merge_user).to eq(user)
+      expect(last_mr.merge_params['sha']).to eq(change[:newrev])
     end
   end
 

spec/support/database_cleaner.rb

@@ -29,6 +29,39 @@ RSpec.configure do |config|
     delete_from_all_tables!
   end
 
+  config.append_after(:context, :migration) do
+    delete_from_all_tables!
+
+    # Postgres maximum number of columns in a table is 1600 (https://github.com/postgres/postgres/blob/de41869b64d57160f58852eab20a27f248188135/src/include/access/htup_details.h#L23-L47).
+    # And since:
+    # "The DROP COLUMN form does not physically remove the column, but simply makes
+    # it invisible to SQL operations. Subsequent insert and update operations in the
+    # table will store a null value for the column. Thus, dropping a column is quick
+    # but it will not immediately reduce the on-disk size of your table, as the space
+    # occupied by the dropped column is not reclaimed.
+    # The space will be reclaimed over time as existing rows are updated."
+    # according to https://www.postgresql.org/docs/current/sql-altertable.html.
+    # We drop and recreate the database if any table has more than 1200 columns, just to be safe.
+    max_allowed_columns = 1200
+    tables_with_more_than_allowed_columns =
+      ApplicationRecord.connection.execute("SELECT attrelid::regclass::text AS table, COUNT(*) AS column_count FROM pg_attribute GROUP BY attrelid HAVING COUNT(*) > #{max_allowed_columns}")
+
+    if tables_with_more_than_allowed_columns.any?
+      tables_with_more_than_allowed_columns.each do |result|
+        puts "The #{result['table']} table has #{result['column_count']} columns."
+      end
+      puts "Recreating the database"
+      start = Gitlab::Metrics::System.monotonic_time
+
+      ActiveRecord::Tasks::DatabaseTasks.drop_current
+      ActiveRecord::Tasks::DatabaseTasks.create_current
+      ActiveRecord::Tasks::DatabaseTasks.load_schema_current
+      ActiveRecord::Tasks::DatabaseTasks.migrate
+
+      puts "Database re-creation done in #{Gitlab::Metrics::System.monotonic_time - start}"
+    end
+  end
+
   config.around(:each, :delete) do |example|
     self.class.use_transactional_tests = false