Add latest changes from gitlab-org/gitlab@master

.gitlab/ci/docs.gitlab-ci.yml

@@ -70,6 +70,7 @@ docs lint:
 
 graphql-docs-verify:
   extends:
+    - .only-ee
     - .default-tags
     - .default-retry
     - .default-cache

changelogs/unreleased/13426-disable-design-mutation-abilities-when-issue-moved-or-locked.yml

+---
+title: Make designs read-only if the issue has been moved, or if its discussion has been locked
+merge_request: 18551
+author:
+type: changed

doc/administration/geo/replication/object_storage.md

@@ -14,7 +14,7 @@ To have:
 
 ## Enabling GitLab managed object storage replication
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/10586) in GitLab 12.4.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/10586) in GitLab 12.4.
 
 CAUTION: **Caution:**
 This is a [**beta** feature](https://about.gitlab.com/handbook/product/#beta) and is not ready yet for production use at any scale.

doc/user/project/index.md

@@ -155,6 +155,26 @@ when a project is part of a group (under a
 If you choose to leave a project you will no longer be a project
 member, therefore, unable to contribute.
 
+## Project's landing page
+
+The project's landing page shows different information depending on
+the project's visibility settings and user permissions.
+
+For public projects, and to members of internal and private projects
+with [permissions to view the project's code](../permissions.md#project-members-permissions):
+
+- The content of a
+  [`README` or an index file](repository/#repository-readme-and-index-files)
+  is displayed (if any), followed by the list of directories within the
+  project's repository.
+- If the project doesn't contain either of these files, the
+  visitor will see the list of files and directories of the repository.
+
+For users without permissions to view the project's code:
+
+- The wiki homepage is displayed, if any.
+- The list of issues within the project is displayed.
+
 ## Redirects when changing repository paths
 
 When a repository path changes, it is essential to smoothly transition from the

doc/user/project/issues/design_management.md

@@ -63,6 +63,9 @@ To upload design images, click the **Upload Designs** button and select images t
 Designs with the same filename as an existing uploaded design will create a new version
 of the design, and will replace the previous version.
 
+Designs cannot be added if the issue has been moved, or its
+[discussion is locked](../../discussions/#lock-discussions).
+
 ## Viewing designs
 
 Images on the Design Management page can be enlarged by clicking on them.

lib/gitlab/sidekiq_daemon/memory_killer.rb

@@ -21,14 +21,46 @@ module Gitlab
       # In case not set, default to 300M. This is for extra-safe.
       DEFAULT_MAX_MEMORY_GROWTH_KB = 300_000
 
+      # Phases of memory killer
+      PHASE = {
+        running: 1,
+        above_soft_limit: 2,
+        stop_fetching_new_jobs: 3,
+        shutting_down: 4,
+        killing_sidekiq: 5
+      }.freeze
+
       def initialize
         super
 
         @enabled = true
+        @metrics = init_metrics
       end
 
       private
 
+      def init_metrics
+        {
+          sidekiq_current_rss:                  ::Gitlab::Metrics.gauge(:sidekiq_current_rss, 'Current RSS of Sidekiq Worker'),
+          sidekiq_memory_killer_soft_limit_rss: ::Gitlab::Metrics.gauge(:sidekiq_memory_killer_soft_limit_rss, 'Current soft_limit_rss of Sidekiq Worker'),
+          sidekiq_memory_killer_hard_limit_rss: ::Gitlab::Metrics.gauge(:sidekiq_memory_killer_hard_limit_rss, 'Current hard_limit_rss of Sidekiq Worker'),
+          sidekiq_memory_killer_phase:          ::Gitlab::Metrics.gauge(:sidekiq_memory_killer_phase, 'Current phase of Sidekiq Worker')
+        }
+      end
+
+      def refresh_state(phase)
+        @phase = PHASE.fetch(phase)
+        @current_rss = get_rss
+        @soft_limit_rss = get_soft_limit_rss
+        @hard_limit_rss = get_hard_limit_rss
+
+        # track the current state as prometheus gauges
+        @metrics[:sidekiq_memory_killer_phase].set({}, @phase)
+        @metrics[:sidekiq_current_rss].set({}, @current_rss)
+        @metrics[:sidekiq_memory_killer_soft_limit_rss].set({}, @soft_limit_rss)
+        @metrics[:sidekiq_memory_killer_hard_limit_rss].set({}, @hard_limit_rss)
+      end
+
       def run_thread
         Sidekiq.logger.info(
           class: self.class.to_s,
@@ -77,41 +109,51 @@ module Gitlab
         # Tell Sidekiq to stop fetching new jobs
         # We first SIGNAL and then wait given time
         # We also monitor a number of running jobs and allow to restart early
+        refresh_state(:stop_fetching_new_jobs)
         signal_and_wait(SHUTDOWN_TIMEOUT_SECONDS, 'SIGTSTP', 'stop fetching new jobs')
         return unless enabled?
 
         # Tell sidekiq to restart itself
         # Keep extra safe to wait `Sidekiq.options[:timeout] + 2` seconds before SIGKILL
+        refresh_state(:shutting_down)
         signal_and_wait(Sidekiq.options[:timeout] + 2, 'SIGTERM', 'gracefully shut down')
         return unless enabled?
 
         # Ideally we should never reach this condition
         # Wait for Sidekiq to shutdown gracefully, and kill it if it didn't
         # Kill the whole pgroup, so we can be sure no children are left behind
+        refresh_state(:killing_sidekiq)
         signal_pgroup('SIGKILL', 'die')
       end
 
       def rss_within_range?
-        current_rss = nil
+        refresh_state(:running)
+
         deadline = Gitlab::Metrics::System.monotonic_time + GRACE_BALLOON_SECONDS.seconds
         loop do
           return true unless enabled?
 
-          current_rss = get_rss
-
           # RSS go above hard limit should trigger forcible shutdown right away
-          break if current_rss > hard_limit_rss
+          break if @current_rss > @hard_limit_rss
 
           # RSS go below the soft limit
-          return true if current_rss < soft_limit_rss
+          return true if @current_rss < @soft_limit_rss
 
           # RSS did not go below the soft limit within deadline, restart
           break if Gitlab::Metrics::System.monotonic_time > deadline
 
           sleep(CHECK_INTERVAL_SECONDS)
+
+          refresh_state(:above_soft_limit)
         end
 
-        log_rss_out_of_range(current_rss, hard_limit_rss, soft_limit_rss)
+        # There are two chances to break from loop:
+        #   - above hard limit, or
+        #   - above soft limit after deadline
+        # When `above hard limit`, it immediately go to `stop_fetching_new_jobs`
+        # So ignore `above hard limit` and always set `above_soft_limit` here
+        refresh_state(:above_soft_limit)
+        log_rss_out_of_range(@current_rss, @hard_limit_rss, @soft_limit_rss)
 
         false
       end
@@ -143,11 +185,11 @@ module Gitlab
         output.to_i
       end
 
-      def soft_limit_rss
+      def get_soft_limit_rss
         SOFT_LIMIT_RSS_KB + rss_increase_by_jobs
       end
 
-      def hard_limit_rss
+      def get_hard_limit_rss
         HARD_LIMIT_RSS_KB
       end
 

scripts/review_apps/base-config.yaml

@@ -35,10 +35,10 @@ gitlab:
   gitlab-shell:
     resources:
       requests:
-        cpu: 70m
+        cpu: 125m
         memory: 20M
       limits:
-        cpu: 140m
+        cpu: 250m
         memory: 40M
     maxReplicas: 3
     hpa:
@@ -75,10 +75,10 @@ gitlab:
     workhorse:
       resources:
         requests:
-          cpu: 100m
+          cpu: 175m
           memory: 100M
         limits:
-          cpu: 200m
+          cpu: 350m
           memory: 200M
       readinessProbe:
         initialDelaySeconds: 5  # Default is 0
@@ -87,10 +87,10 @@ gitlab:
 gitlab-runner:
   resources:
     requests:
-      cpu: 300m
+      cpu: 355m
       memory: 300M
     limits:
-      cpu: 600m
+      cpu: 710m
       memory: 600M
 minio:
   resources:

spec/graphql/mutations/concerns/mutations/resolves_project_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Mutations::ResolvesProject do

spec/graphql/mutations/merge_requests/set_wip_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Mutations::MergeRequests::SetWip do

spec/graphql/resolvers/concerns/resolves_pipelines_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe ResolvesPipelines do

spec/graphql/resolvers/issues_resolver_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Resolvers::IssuesResolver do

spec/graphql/resolvers/merge_request_pipelines_resolver_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Resolvers::MergeRequestPipelinesResolver do

spec/graphql/resolvers/merge_requests_resolver_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Resolvers::MergeRequestsResolver do

spec/graphql/resolvers/metadata_resolver_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Resolvers::MetadataResolver do

spec/graphql/resolvers/project_pipelines_resolver_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Resolvers::ProjectPipelinesResolver do

spec/graphql/resolvers/project_resolver_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Resolvers::ProjectResolver do

spec/graphql/resolvers/tree_resolver_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Resolvers::TreeResolver do

spec/graphql/types/ci/detailed_status_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Types::Ci::DetailedStatusType do

spec/graphql/types/ci/pipeline_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Types::Ci::PipelineType do

spec/graphql/types/extended_issue_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe GitlabSchema.types['ExtendedIssue'] do

spec/graphql/types/issue_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe GitlabSchema.types['Issue'] do

spec/graphql/types/merge_request_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe GitlabSchema.types['MergeRequest'] do

spec/graphql/types/metadata_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe GitlabSchema.types['Metadata'] do

spec/graphql/types/permission_types/base_permission_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Types::PermissionTypes::BasePermissionType do

spec/graphql/types/permission_types/issue_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Types::PermissionTypes::Issue do

spec/graphql/types/permission_types/merge_request_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Types::PermissionTypes::MergeRequest do

spec/graphql/types/permission_types/merge_request_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Types::MergeRequestType do

spec/graphql/types/permission_types/note_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe GitlabSchema.types['NotePermissions'] do

spec/graphql/types/permission_types/project_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Types::PermissionTypes::Project do

spec/graphql/types/project_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe GitlabSchema.types['Project'] do

spec/graphql/types/query_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe GitlabSchema.types['Query'] do

spec/graphql/types/repository_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe GitlabSchema.types['Repository'] do

spec/graphql/types/time_type_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe GitlabSchema.types['Time'] do