Go Module Proxy MVC

Closes #27376

See merge request gitlab-org/gitlab!27746

- Various fixes and improvements
- Hide proxy behind a feature flag, due to performance issues: #218083
- Add a feature flag for testing to disable strict go.mod validation
- Document why case en/decoding is necessary
- Refactor pseudo-version processing
  - Move logic from VersionFinder to ModuleHelpers
  - Document reasoning for matching and validation
- Replace BasicAuthHelper and custom method with route setting
- Use serach_files_by_name instead of tree to improve performance
- Use correct content type for zip: closes #214876

- Reduce coupling between GoModule and VersionFinder
- Do not fetch go.mod when blobs have already been fetched

- Various fixes and tweaks
- Improve checksum database documentation

- Resolve discussions on !27746
- Document fetching private packages via `.netrc`
- Include required scope for API token

- Clean up pseudo-version logic
- Batch and memoize fetching blobs for a version
  + Fixes Gitaly N+1
- Remove archive generation from GoProxy (into GoModuleVersion)
- Test module finder for path traversal
- Also, add GitLab version to GoProxy API details

See !27746

- Fix rubocop disable comments
- Move `before` block to before tests
- Correct rubocop alerts due to new rules
- Use shared examples to clarify Go proxy spec
- Enable HTTP Basic authentication for Go proxy
  + Support both HTTP basic and normal token header/query var
  + Remove custom `find_project!` helper and use basic auth helpers
- Validate GoModuleVersion type attribute
- Implement testing factories
- Implement specs for untested new classes
- Add a Settings helper for Go URLs

- Allow CI job tokens
- Return 401 when project is not public and request is not authenticated
- Add assertions to spec to verify authn/authz

- Fix zip entry paths. The Go proxy spec requires zip entries to conform
  to `module@version/file`, where `file` is the path within the module.
- Fix /v2+ handling. For major versions 2+, the module name must include
  the major version as a suffix, e.g. /v2.
- Handle case encoding. Requests to the Go proxy encode uppercase
  characters in URLs as '!' followed by the character in lowercase.
- Per Zoom discussion with @trizzi, @sabrams, and team, modules with an
  invalid module name in go.mod will be ignored, initially.

- Call package authorization helpers
- Add change long entry
- Fix rubocop violations
- Add basic documentation

Implement models, entities, presenters

Docs: Add pages global configs descriptions

See merge request gitlab-org/gitlab!30901

Remove connection pool metrics env var

See merge request gitlab-org/gitlab!32550

Update data fetch strategy when variable updates

See merge request gitlab-org/gitlab!32720

Revert "Refactor project_or_wiki to container"

See merge request gitlab-org/gitlab!32828

Pin @gitlab/ui to v14.14.2

See merge request gitlab-org/gitlab!32855

Add direct links to environments/index.md

See merge request gitlab-org/gitlab!32853

Resolve "Geo: Design thumbnails are not replicated"

Closes #218557

See merge request gitlab-org/gitlab!32703

Extend "Remember me" token after each login

Closes #20340

See merge request gitlab-org/gitlab!32730

Merge branch '215195-update-api-responses-to-include-section-of-approvalmergerequestrule' into 'master'

Update API responses to include "section" of ApprovalMergeRequestRule

Closes #215195

See merge request gitlab-org/gitlab!32800

Currently, the variables section component fetches
data. This MR updates it so that when variable values
update action is called, data is fetched via vuex actions

Geo Form Validations

Closes #213732

See merge request gitlab-org/gitlab!32263

Migrate toggle_buttons spec to Jest

See merge request gitlab-org/gitlab!32869

Refactor state initialization for monitoring dashboard

See merge request gitlab-org/gitlab!32529

[GQL] Add author and merged-at fields to MergeRequest type

See merge request gitlab-org/gitlab!30935

This change will allow users to be logged in continuously as long as
they access GitLab once every 2 weeks and they click the "Remember me"
button upon login. Previously the session limit would be fixed to a hard
deadline of 2 weeks after the login.

In more detail, GitLab uses both a session and a persistent cookie:

1. Session Cookie: The `_gitlab_session` is a cookie with no expiration
date. A cookie with no expiration date specified will expire when the
browser is closed. These are often called session cookies because they
are removed after the browser session ends, usually when the browser is
closed.
2. Persistent Cookie: The `remember_me_token` is a cookie with a 2-week
expiration date. This is used if you click `Remember Me` upon login.
3. By default, the server will set a time-to-live (TTL) of 1-week on any
session that is used.

Note that browsers don't always remove session cookies if they are
closed. For example, Chrome has the `Continue where you left off` option
that restores session cookies after they are closed.

This means as long as your browser tab is open, you could remain signed
in with GitLab as long as you accessed GitLab at least once every 2
weeks, whether or not 2FA is installed. The server will keep resetting
the TTL for that session.

If you close your browser and open it up again, the `Remember me` token
will allow your user to reauthenticate itself. Without the
`extend_remember_period` flag, the cookie expires after a fixed 2 weeks,
and you are forced to login again.

Closes https://gitlab.com/gitlab-org/gitlab/-/issues/20340

Revisions to container scanning doc

See merge request gitlab-org/gitlab!32477