Add latest changes from gitlab-org/gitlab@master

Author: GitLab Bot

app/models/concerns/spammable.rb

@@ -84,7 +84,8 @@ def recaptcha_error!
   end
 
   def unrecoverable_spam_error!
-    self.errors.add(:base, "Your #{spammable_entity_type} has been recognized as spam and has been discarded.")
+    self.errors.add(:base, _("Your %{spammable_entity_type} has been recognized as spam and has been discarded.") \
+                    % { spammable_entity_type: spammable_entity_type })
   end
 
   def spammable_entity_type

app/services/ci/job_artifacts/destroy_all_expired_service.rb

@@ -24,8 +24,6 @@ def initialize
       # preventing multiple `ExpireBuildArtifactsWorker` CRON jobs run concurrently,
       # which is scheduled every 7 minutes.
       def execute
-        return 0 unless ::Feature.enabled?(:ci_destroy_all_expired_service, default_enabled: :yaml)
-
         in_lock(EXCLUSIVE_LOCK_KEY, ttl: LOCK_TIMEOUT, retries: 1) do
           if ::Feature.enabled?(:ci_destroy_unlocked_job_artifacts)
             destroy_unlocked_job_artifacts

config/feature_flags/development/ci_destroy_all_expired_service.yml

@@ -5,4 +5,4 @@ rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/354726
 milestone: '14.10'
 type: development
 group: group::release
-default_enabled: false
+default_enabled: true

config/feature_flags/development/deployment_approval_rules.yml

@@ -293,6 +293,10 @@ control over how the Pages daemon runs and serves content in your environment.
 | `rate_limit_source_ip_burst`            | Rate limit per source IP maximum burst allowed per second. |
 | `rate_limit_domain`                     | Rate limit per domain in number of requests per second. Set to `0` to disable this feature. |
 | `rate_limit_domain_burst`               | Rate limit per domain maximum burst allowed per second. |
+| `server_read_timeout`                   | Maximum duration to read the request headers and body. For no timeout, set to `0` or a negative value. Default: `5s` |
+| `server_read_header_timeout`            | Maximum duration to read the request headers. For no timeout, set to `0` or a negative value. Default: `1s` |
+| `server_write_timeout`                  | Maximum duration to write all files in the response. Larger files require more time. For no timeout, set to `0` or a negative value. Default: `5m` |
+| `server_keep_alive`                     | The `Keep-Alive` period for network connections accepted by this listener. If `0`, `Keep-Alive` is enabled if supported by the protocol and operating system. If negative, `Keep-Alive` is disabled. Default: `15s` |
 
 ## Advanced configuration
 

doc/administration/pages/index.md

@@ -1790,6 +1790,7 @@ To configure the Sidekiq nodes, on each one:
    # Object Storage
    ## This is an example for configuring Object Storage on GCP
    ## Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',
@@ -1936,6 +1937,7 @@ On each node perform the following:
 
    # This is an example for configuring Object Storage on GCP
    # Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',

doc/administration/reference_architectures/10k_users.md

@@ -1794,6 +1794,7 @@ To configure the Sidekiq nodes, on each one:
    # Object Storage
    # This is an example for configuring Object Storage on GCP
    # Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',
@@ -1942,6 +1943,7 @@ On each node perform the following:
 
    # This is an example for configuring Object Storage on GCP
    # Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',

doc/administration/reference_architectures/25k_users.md

@@ -667,6 +667,7 @@ On each node perform the following:
    # Object Storage
    # This is an example for configuring Object Storage on GCP
    # Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',

doc/administration/reference_architectures/2k_users.md

@@ -1718,6 +1718,7 @@ To configure the Sidekiq nodes, one each one:
    # Object Storage
    ## This is an example for configuring Object Storage on GCP
    ## Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',
@@ -1904,6 +1905,7 @@ On each node perform the following:
    # Object storage
    # This is an example for configuring Object Storage on GCP
    # Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',

doc/administration/reference_architectures/3k_users.md

@@ -1803,6 +1803,7 @@ To configure the Sidekiq nodes, on each one:
    # Object storage
    ## This is an example for configuring Object Storage on GCP
    ## Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',
@@ -1958,6 +1959,7 @@ On each node perform the following:
 
    # This is an example for configuring Object Storage on GCP
    # Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',

doc/administration/reference_architectures/50k_users.md

@@ -1715,6 +1715,7 @@ To configure the Sidekiq nodes, one each one:
    # Object Storage
    ## This is an example for configuring Object Storage on GCP
    ## Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',
@@ -1889,6 +1890,7 @@ On each node perform the following:
 
    # This is an example for configuring Object Storage on GCP
    # Replace this config with your chosen Object Storage provider as desired
+   gitlab_rails['object_store']['enabled'] = true
    gitlab_rails['object_store']['connection'] = {
      'provider' => 'Google',
      'google_project' => '<gcp-project-name>',

doc/administration/reference_architectures/5k_users.md

@@ -13,11 +13,11 @@ the minimum requirements needed to install and use GitLab.
 
 ### Supported Linux distributions
 
-- Ubuntu (16.04/18.04/20.04)
-- Debian (9/10)
+- Ubuntu (18.04/20.04)
+- Debian (9/10/11)
 - AlmaLinux (8)
 - CentOS (7)
-- openSUSE Leap (15.2)
+- openSUSE Leap (15.3)
 - SUSE Linux Enterprise Server (12 SP2/12 SP5)
 - Red Hat Enterprise Linux (use the AlmaLinux or CentOS instructions)
 - Scientific Linux (use the CentOS instructions)

doc/install/requirements.md

@@ -0,0 +1,91 @@
+---
+stage: Ecosystem
+group: Integrations
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+---
+
+# Use AliCloud as an OmniAuth authentication provider **(FREE)**
+
+You can enable the AliCloud OAuth 2.0 OmniAuth provider and sign in to
+GitLab using your AliCloud account.
+
+## Create an AliCloud application
+
+Sign in to the AliCloud platform and create an application on it. AliCloud generates a client ID and secret key for you to use.
+
+1. Sign in to the [AliCloud platform](https://account.aliyun.com/login/login.htm).
+
+1. Go to the [OAuth application management page](https://ram.console.aliyun.com/applications).
+
+1. Select **Create Application**.
+
+1. Fill in the application details:
+
+   - **Application Name**: This can be anything.
+   - **Display Name**: This can be anything.
+   - **Callback URL**: This URL should be formatted as `'GitLab instance URL' + '/users/auth/alicloud/callback'`. For example, `http://test.gitlab.com/users/auth/alicloud/callback`.
+
+   Select **Save**.
+
+1. Add OAuth scopes in the application details page:
+ 
+   1. Under the **Application Name** column, select the name of the application you created. The application's details page opens.
+   1. Under the **Application OAuth Scopes** tab, select **Add OAuth Scopes**.
+   1. Select the **aliuid** and **profile** checkboxes.
+   1. Select **OK**.
+
+   ![AliCloud OAuth scope](img/alicloud_scope.png)
+
+1. Create a secret in the application details page:
+
+   1. Under the **App Secrets** tab, select **Create Secret**.
+   1. Copy the SecretValue generated.
+
+## Enable AliCloud OAuth in GitLab
+
+1. On your GitLab server, open the configuration file.
+
+   - **For Omnibus installations**
+
+     ```shell
+     sudo editor /etc/gitlab/gitlab.rb
+     ```
+
+   - **For installations from source**
+
+     ```shell
+     cd /home/git/gitlab
+
+     sudo -u git -H editor config/gitlab.yml
+     ```
+
+1. [Configure the initial settings](omniauth.md#configure-initial-settings).
+
+1. Add the provider configuration. Replace `YOUR_APP_ID` with the ID on the application details page
+   and `YOUR_APP_SECRET` with the **SecretValue** you got when you registered the AliCloud application.
+
+   - **For Omnibus installations**
+
+     ```ruby
+       gitlab_rails['omniauth_providers'] = [
+         {
+           name: "alicloud",
+           app_id: "YOUR_APP_ID",
+           app_secret: "YOUR_APP_SECRET"
+         }
+       ]
+     ```
+
+   - **For installations from source**
+
+     ```yaml
+     - { name: 'alicloud',
+         app_id: 'YOUR_APP_ID',
+         app_secret: 'YOUR_APP_SECRET' }
+     ```
+
+1. Save the configuration file.
+
+1. [Reconfigure GitLab](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure)
+   if you installed using Omnibus, or [restart GitLab](../administration/restart_gitlab.md#installations-from-source)
+   if you installed from source.

doc/integration/alicloud.md

@@ -21,6 +21,7 @@ GitLab supports the following OmniAuth providers.
 
 | Provider documentation                                              | OmniAuth provider name     |
 |---------------------------------------------------------------------|----------------------------|
+| [AliCloud](alicloud.md)                                             | `alicloud`                 |
 | [Atlassian Crowd](../administration/auth/crowd.md)                  | `crowd`                    |
 | [Atlassian](../administration/auth/atlassian.md)                    | `atlassian_oauth2`         |
 | [Auth0](auth0.md)                                                   | `auth0`                    |

doc/integration/img/alicloud_scope.png

@@ -43513,6 +43513,9 @@ msgstr ""
 msgid "Your %{plan} subscription expires on %{expiry_date}"
 msgstr ""
 
+msgid "Your %{spammable_entity_type} has been recognized as spam and has been discarded."
+msgstr ""
+
 msgid "Your %{spammable_entity_type} has been recognized as spam. Please, change the content or solve the reCAPTCHA to proceed."
 msgstr ""