Merge branch 'docs-remove-notes' into 'master'

Remove additional unneeded notes from docs

See merge request gitlab-org/gitlab!46808

app/graphql/resolvers/users_resolver.rb

@@ -18,10 +18,14 @@ module Resolvers
              required: false,
              default_value: 'created_desc'
 
-    def resolve(ids: nil, usernames: nil, sort: nil)
+    argument :search, GraphQL::STRING_TYPE,
+             required: false,
+             description: "Query to search users by name, username, or primary email."
+
+    def resolve(ids: nil, usernames: nil, sort: nil, search: nil)
       authorize!
 
-      ::UsersFinder.new(context[:current_user], finder_params(ids, usernames, sort)).execute
+      ::UsersFinder.new(context[:current_user], finder_params(ids, usernames, sort, search)).execute
     end
 
     def ready?(**args)
@@ -42,11 +46,12 @@ module Resolvers
 
     private
 
-    def finder_params(ids, usernames, sort)
+    def finder_params(ids, usernames, sort, search)
       params = {}
       params[:sort] = sort if sort
       params[:username] = usernames if usernames
       params[:id] = parse_gids(ids) if ids
+      params[:search] = search if search
       params
     end
 

app/helpers/search_helper.rb

@@ -92,11 +92,27 @@ module SearchHelper
     end
   end
 
-  def search_entries_empty_message(scope, term)
-    (s_("SearchResults|We couldn't find any %{scope} matching %{term}") % {
+  def search_entries_empty_message(scope, term, group, project)
+    options = {
       scope: search_entries_scope_label(scope, 0),
-      term: "<code>#{h(term)}</code>"
-    }).html_safe
+      term: "<code>#{h(term)}</code>".html_safe
+    }
+
+    # We check project first because we have 3 possible combinations here:
+    # - group && project
+    # - group
+    # - group: nil, project: nil
+    if project
+      html_escape(_("We couldn't find any %{scope} matching %{term} in project %{project}")) % options.merge(
+        project: link_to(project.full_name, project_path(project), target: '_blank', rel: 'noopener noreferrer').html_safe
+      )
+    elsif group
+      html_escape(_("We couldn't find any %{scope} matching %{term} in group %{group}")) % options.merge(
+        group: link_to(group.full_name, group_path(group), target: '_blank', rel: 'noopener noreferrer').html_safe
+      )
+    else
+      html_escape(_("We couldn't find any %{scope} matching %{term}")) % options
+    end
   end
 
   def repository_ref(project)

app/views/search/results/_empty.html.haml

-.search_box
+.search_box.gl-my-8
   .search_glyph
   %h4
     = sprite_icon('search', size: 24, css_class: 'gl-vertical-align-text-bottom')
-    = search_entries_empty_message(@scope, @search_term)
+    = search_entries_empty_message(@scope, @search_term, @group, @project)

changelogs/unreleased/267394-improve-search-empty-message.yml

+---
+title: Improve empty search results message for group and project scopes
+merge_request: 46237
+author:
+type: changed

changelogs/unreleased/273801-graphql-fuzzy-search-users.yml

+---
+title: Add search param to Users GraphQL type
+merge_request: 46609
+author:
+type: added

changelogs/unreleased/improve_performance_of_has_vulnerabilities_scope.yml

+---
+title: Add `has_vulnerabilities` column into project_settings table
+merge_request: 45944
+author:
+type: added

db/migrate/20201022191817_add_has_vulnerabilities_into_project_settings.rb

+# frozen_string_literal: true
+
+class AddHasVulnerabilitiesIntoProjectSettings < ActiveRecord::Migration[6.0]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def up
+    with_lock_retries do
+      add_column :project_settings, :has_vulnerabilities, :boolean, default: false, null: false
+    end
+  end
+
+  def down
+    with_lock_retries do
+      remove_column :project_settings, :has_vulnerabilities
+    end
+  end
+end

db/migrate/20201022192254_index_project_settings_on_project_id_partially.rb

+# frozen_string_literal: true
+
+class IndexProjectSettingsOnProjectIdPartially < ActiveRecord::Migration[6.0]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+  INDEX_NAME = 'index_project_settings_on_project_id_partially'
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index :project_settings, :project_id, name: INDEX_NAME, where: 'has_vulnerabilities IS TRUE'
+  end
+
+  def down
+    remove_concurrent_index_by_name :project_settings, INDEX_NAME
+  end
+end

db/schema_migrations/20201022191817

+205cb628e9637bcd1acb90c5211b71b51015fa5f50aadcacd5fbafc4f09c00d0
\ No newline at end of file

db/schema_migrations/20201022192254

+9f942de6f83629a144e9d460b4bed7a246afe95275b5913745109fc0ab9dacc1
\ No newline at end of file

db/structure.sql

@@ -15191,6 +15191,7 @@ CREATE TABLE project_settings (
     allow_merge_on_skipped_pipeline boolean,
     squash_option smallint DEFAULT 3,
     has_confluence boolean DEFAULT false NOT NULL,
+    has_vulnerabilities boolean DEFAULT false NOT NULL,
     CONSTRAINT check_bde223416c CHECK ((show_default_award_emojis IS NOT NULL))
 );
 
@@ -21461,6 +21462,8 @@ CREATE UNIQUE INDEX index_project_repository_states_on_project_id ON project_rep
 
 CREATE INDEX index_project_repository_storage_moves_on_project_id ON project_repository_storage_moves USING btree (project_id);
 
+CREATE INDEX index_project_settings_on_project_id_partially ON project_settings USING btree (project_id) WHERE (has_vulnerabilities IS TRUE);
+
 CREATE UNIQUE INDEX index_project_settings_on_push_rule_id ON project_settings USING btree (push_rule_id);
 
 CREATE INDEX index_project_statistics_on_namespace_id ON project_statistics USING btree (namespace_id);

doc/administration/geo/replication/datatypes.md

@@ -188,7 +188,7 @@ successfully, you must replicate their data using some other means.
 | [Composer Repository](../../../user/packages/composer_repository/index.md)                                     | **Yes** (13.2)                                                                     | [No](https://gitlab.com/groups/gitlab-org/-/epics/1817)   | Via Object Storage provider if supported. Native Geo support (Beta).                 | Behind feature flag `geo_package_file_replication`, enabled by default                                                                                                                                                                                                                                                     |
 | [Generic packages](../../../user/packages/generic_packages/index.md)                                | **Yes** (13.5)                                                                     | [No](https://gitlab.com/groups/gitlab-org/-/epics/1817)   | Via Object Storage provider if supported. Native Geo support (Beta).                 | Behind feature flag `geo_package_file_replication`, enabled by default                                                                                                                                                                                                                                                     |
 | [Versioned Terraform State](../../terraform_state.md)                                                          | **Yes** (13.5)                                                                     | No                                                        | Via Object Storage provider if supported. Native Geo support (Beta).                 | Behind feature flag `geo_terraform_state_version_replication`, enabled by default                                                                                                                                                                                                                                          |
-| [External merge request diffs](../../merge_request_diffs.md)                                                   | **Yes** (13.5)                          | No                                                        |  Behind feature flag `geo_merge_request_diff_replication`, enabled by default                 |                                                                                                                                                                                                                                                                                                                            |
+| [External merge request diffs](../../merge_request_diffs.md)                                                   | **Yes** (13.5)                          | No                                                        |  Via Object Storage provider if supported. Native Geo support (Beta).                 |  Behind feature flag `geo_merge_request_diff_replication`, enabled by default                                                                                                                                                                                                                                                                                                                          |
 | [Versioned snippets](../../../user/snippets.md#versioned-snippets)                                             | [No](https://gitlab.com/groups/gitlab-org/-/epics/2809)                            | [No](https://gitlab.com/groups/gitlab-org/-/epics/2810)   | No                                                                                   |                                                                                                                                                                                                                                                                                                                            |
 | [Server-side Git hooks](../../server_hooks.md)                                                                 | [No](https://gitlab.com/groups/gitlab-org/-/epics/1867)                            | No                                                        | No                                                                                   |                                                                                                                                                                                                                                                                                                                            |
 | [Elasticsearch integration](../../../integration/elasticsearch.md)                                             | [No](https://gitlab.com/gitlab-org/gitlab/-/issues/1186)                           | No                                                        | No                                                                                   |                                                                                                                                                                                                                                                                                                                            |

doc/api/graphql/reference/gitlab_schema.graphql

@@ -16799,6 +16799,11 @@ type Query {
     """
     last: Int
 
+    """
+    Query to search users by name, username, or primary email.
+    """
+    search: String
+
     """
     Sort users by this criteria
     """

doc/api/graphql/reference/gitlab_schema.json

@@ -48626,6 +48626,16 @@
                   },
                   "defaultValue": "created_desc"
                 },
+                {
+                  "name": "search",
+                  "description": "Query to search users by name, username, or primary email.",
+                  "type": {
+                    "kind": "SCALAR",
+                    "name": "String",
+                    "ofType": null
+                  },
+                  "defaultValue": null
+                },
                 {
                   "name": "after",
                   "description": "Returns the elements in the list that come after the specified cursor.",

doc/user/clusters/agent/index.md

@@ -24,9 +24,11 @@ tasks in a secure and cloud-native way. It enables:
 
 Many more features are planned. Please [review our roadmap](https://gitlab.com/groups/gitlab-org/-/epics/3329).
 
-## Architecture
+## GitLab Agent GitOps workflow
 
-### GitLab Agent GitOps workflow
+The GitLab Agent uses multiple GitLab projects to provide a flexible workflow
+that can suit various needs. This diagram shows these repositories and the main
+actors involved in a deployment:
 
 ```mermaid
 sequenceDiagram
@@ -44,11 +46,6 @@ sequenceDiagram
   end
 ```
 
-Please refer to our [full architecture documentation](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/architecture.md#high-level-architecture)
-in the Agent project.
-
-## Get started with GitOps and the GitLab Agent
-
 There are several components that work in concert for the Agent to accomplish GitOps deployments:
 
 - A properly-configured Kubernetes cluster.
@@ -57,15 +54,43 @@ There are several components that work in concert for the Agent to accomplish Gi
 - A manifest repository that contains a `manifest.yaml`, which is tracked by the
   Agent and can be auto-generated. Any changes to `manifest.yaml` are applied to the cluster.
 
+These repositories might be the same GitLab project or separate projects.
+
+For more details, please refer to our [full architecture documentation](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/architecture.md#high-level-architecture) in the Agent project.
+
+## Get started with GitOps and the GitLab Agent
+
 The setup process involves a few steps to enable GitOps deployments:
 
-1. Installing the Agent server.
+1. Installing the Agent server. This must be done one time for every GitLab installation.
 1. Defining a configuration directory.
 1. Creating an Agent record in GitLab.
 1. Generating and copying a Secret token used to connect to the Agent.
 1. Installing the Agent into the cluster.
 1. Creating a `manifest.yaml`.
 
+### Upgrades and version compatibility
+
+As the GitLab Kubernetes Agent is a new product, we are constantly adding new features
+to it. As a result, while shipped features are production ready, its internal API is
+neither stable nor versioned yet. For this reason, GitLab only guarantees compatibility
+between corresponding major.minor (X.Y) versions of GitLab and its cluster side
+component, `agentk`.
+
+Upgrade your agent installations together with GitLab upgrades: if you install
+GitLab version 13.6, use version 13.6.x versions of `agentk`.
+
+The available `agentk` versions can be found in
+[its container registry](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/container_registry/eyJuYW1lIjoiZ2l0bGFiLW9yZy9jbHVzdGVyLWludGVncmF0aW9uL2dpdGxhYi1hZ2VudC9hZ2VudGsiLCJ0YWdzX3BhdGgiOiIvZ2l0bGFiLW9yZy9jbHVzdGVyLWludGVncmF0aW9uL2dpdGxhYi1hZ2VudC9yZWdpc3RyeS9yZXBvc2l0b3J5LzEyMjMyMDUvdGFncz9mb3JtYXQ9anNvbiIsImlkIjoxMjIzMjA1LCJjbGVhbnVwX3BvbGljeV9zdGFydGVkX2F0IjpudWxsfQ==).
+
+### Upgrades and Version compatibility
+
+As the GitLab Kubernetes Agent is a new product, we are constantly adding new features to it. As a result, while shipped features are production ready, it's internal API is not stable nor versioned yet. For this reason, we only guarantee compatibility between corresponding major.minor versions of GitLab and its cluster side component, `agentk`. Please, upgrade your agent installations together with GitLab upgrades.
+
+Example: having GitLab 13.6 installed, please use version 13.6.x versions of `agentk`.
+
+The available `agentk` versions can be found in [its container registry](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/container_registry/eyJuYW1lIjoiZ2l0bGFiLW9yZy9jbHVzdGVyLWludGVncmF0aW9uL2dpdGxhYi1hZ2VudC9hZ2VudGsiLCJ0YWdzX3BhdGgiOiIvZ2l0bGFiLW9yZy9jbHVzdGVyLWludGVncmF0aW9uL2dpdGxhYi1hZ2VudC9yZWdpc3RyeS9yZXBvc2l0b3J5LzEyMjMyMDUvdGFncz9mb3JtYXQ9anNvbiIsImlkIjoxMjIzMjA1LCJjbGVhbnVwX3BvbGljeV9zdGFydGVkX2F0IjpudWxsfQ==).
+
 ### Install the Kubernetes Agent Server
 
 The GitLab Kubernetes Agent Server (KAS) can be deployed using [Omnibus
@@ -77,6 +102,8 @@ documentation](https://docs.gitlab.com/ee/install/README.html).
 NOTE: **Note:**
 GitLab plans to include the KAS on [GitLab.com](https://gitlab.com/groups/gitlab-org/-/epics/3834).
 
+#### Install with Omnibus
+
 When using the [Omnibus GitLab](https://docs.gitlab.com/omnibus/) package:
 
 1. Edit `/etc/gitlab/gitlab.rb`:
@@ -87,6 +114,8 @@ gitlab_kas['enable'] = true
 
 1. [Reconfigure GitLab](../../../administration/restart_gitlab.md#omnibus-gitlab-reconfigure).
 
+#### Install with the Helm chart
+
 When installing or upgrading the GitLab Helm chart, consider the following Helm v3 example.
 If you're using Helm v2, you must modify this example. See our [notes regarding deploy with Helm](https://docs.gitlab.com/charts/installation/deployment.html#deploy-using-helm).
 

doc/user/packages/generic_packages/index.md

@@ -49,7 +49,7 @@ Example request:
 ```shell
 curl --header "PRIVATE-TOKEN: <your_access_token>" \
      --upload-file path/to/file.txt \
-     https://gitlab.example.com/api/v4/projects/24/generic/my_package/0.0.1/file.txt
+     https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt
 ```
 
 Example response:
@@ -85,7 +85,7 @@ Example request that uses a personal access token:
 
 ```shell
 curl --header "PRIVATE-TOKEN: <your_access_token>" \
-     https://gitlab.example.com/api/v4/projects/24/generic/my_package/0.0.1/file.txt
+     https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt
 ```
 
 ## Publish a generic package by using CI/CD

ee/app/services/security/store_reports_service.rb

@@ -6,20 +6,35 @@ module Security
   class StoreReportsService < ::BaseService
     def initialize(pipeline)
       @pipeline = pipeline
+      @errors = []
     end
 
     def execute
-      errors = []
-      @pipeline.security_reports.reports.each do |report_type, report|
-        result = StoreReportService.new(@pipeline, report).execute
+      store_reports
+      mark_project_as_vulnerable!
+
+      errors.any? ? error(full_errors) : success
+    end
+
+    private
+
+    attr_reader :pipeline, :errors
+
+    delegate :project, to: :pipeline, private: true
+
+    def store_reports
+      pipeline.security_reports.reports.each do |report_type, report|
+        result = StoreReportService.new(pipeline, report).execute
         errors << result[:message] if result[:status] == :error
       end
+    end
 
-      if errors.any?
-        error(errors.join(", "))
-      else
-        success
-      end
+    def mark_project_as_vulnerable!
+      project.project_setting.update!(has_vulnerabilities: true)
+    end
+
+    def full_errors
+      errors.join(", ")
     end
   end
 end

ee/spec/services/security/store_reports_service_spec.rb

@@ -33,6 +33,10 @@ RSpec.describe Security::StoreReportsService do
         subject
       end
 
+      it 'marks the project as vulnerable' do
+        expect { subject }.to change { project.project_setting.has_vulnerabilities }.from(false).to(true)
+      end
+
       context 'when StoreReportService returns an error for a report' do
         let(:reports) { Gitlab::Ci::Reports::Security::Reports.new(pipeline) }
         let(:sast_report) { reports.get_report('sast', sast_artifact) }

locale/gitlab.pot

@@ -23498,9 +23498,6 @@ msgstr ""
 msgid "SearchResults|Showing %{from} - %{to} of %{count} %{scope} for%{term_element} in your personal and project snippets"
 msgstr ""
 
-msgid "SearchResults|We couldn't find any %{scope} matching %{term}"
-msgstr ""
-
 msgid "SearchResults|code result"
 msgid_plural "SearchResults|code results"
 msgstr[0] ""
@@ -29844,6 +29841,15 @@ msgstr ""
 msgid "We could not determine the path to remove the issue"
 msgstr ""
 
+msgid "We couldn't find any %{scope} matching %{term}"
+msgstr ""
+
+msgid "We couldn't find any %{scope} matching %{term} in group %{group}"
+msgstr ""
+
+msgid "We couldn't find any %{scope} matching %{term} in project %{project}"
+msgstr ""
+
 msgid "We couldn't reach the Prometheus server. Either the server no longer exists or the configuration details need updating."
 msgstr ""
 

spec/graphql/resolvers/users_resolver_spec.rb

@@ -5,8 +5,8 @@ require 'spec_helper'
 RSpec.describe Resolvers::UsersResolver do
   include GraphqlHelpers
 
-  let_it_be(:user1) { create(:user) }
-  let_it_be(:user2) { create(:user) }
+  let_it_be(:user1) { create(:user, name: "SomePerson") }
+  let_it_be(:user2) { create(:user, username: "someone123784") }
 
   describe '#resolve' do
     it 'raises an error when read_users_list is not authorized' do
@@ -43,6 +43,14 @@ RSpec.describe Resolvers::UsersResolver do
         ).to contain_exactly(user1, user2)
       end
     end
+
+    context 'when a search term is passed' do
+      it 'returns all users who match', :aggregate_failures do
+        expect(resolve_users(search: "some")).to contain_exactly(user1, user2)
+        expect(resolve_users(search: "123784")).to contain_exactly(user2)
+        expect(resolve_users(search: "someperson")).to contain_exactly(user1)
+      end
+    end
   end
 
   def resolve_users(args = {})

spec/helpers/search_helper_spec.rb

@@ -236,11 +236,34 @@ RSpec.describe SearchHelper do
   end
 
   describe 'search_entries_empty_message' do
-    it 'returns the formatted entry message' do
-      message = search_entries_empty_message('projects', '<h1>foo</h1>')
+    let!(:group) { build(:group) }
+    let!(:project) { build(:project, group: group) }
 
-      expect(message).to eq("We couldn't find any projects matching <code>&lt;h1&gt;foo&lt;/h1&gt;</code>")
-      expect(message).to be_html_safe
+    context 'global search' do
+      let(:message) { search_entries_empty_message('projects', '<h1>foo</h1>', nil, nil) }
+
+      it 'returns the formatted entry message' do
+        expect(message).to eq("We couldn&#39;t find any projects matching <code>&lt;h1&gt;foo&lt;/h1&gt;</code>")
+        expect(message).to be_html_safe
+      end
+    end
+
+    context 'group search' do
+      let(:message) { search_entries_empty_message('projects', '<h1>foo</h1>', group, nil) }
+
+      it 'returns the formatted entry message' do
+        expect(message).to start_with('We couldn&#39;t find any projects matching <code>&lt;h1&gt;foo&lt;/h1&gt;</code> in group <a')
+        expect(message).to be_html_safe
+      end
+    end
+
+    context 'project search' do
+      let(:message) { search_entries_empty_message('projects', '<h1>foo</h1>', group, project) }
+
+      it 'returns the formatted entry message' do
+        expect(message).to start_with('We couldn&#39;t find any projects matching <code>&lt;h1&gt;foo&lt;/h1&gt;</code> in project <a')
+        expect(message).to be_html_safe
+      end
     end
   end
 

spec/lib/gitlab/import_export/safe_model_attributes.yml

@@ -683,6 +683,7 @@ ProjectCiCdSetting:
 ProjectSetting:
 - allow_merge_on_skipped_pipeline
 - has_confluence
+- has_vulnerabilities
 ProtectedEnvironment:
 - id
 - project_id