Add latest changes from gitlab-org/gitlab@master

db/structure.sql

@@ -30189,12 +30189,12 @@ ALTER TABLE ONLY packages_packages
 ALTER TABLE ONLY sbom_occurrences
     ADD CONSTRAINT fk_c2a5562923 FOREIGN KEY (source_id) REFERENCES sbom_sources(id) ON DELETE CASCADE;
 
-ALTER TABLE ONLY issues
-    ADD CONSTRAINT fk_c34dd2b036 FOREIGN KEY (tmp_epic_id) REFERENCES epics(id) ON DELETE CASCADE;
-
 ALTER TABLE ONLY dependency_list_exports
     ADD CONSTRAINT fk_c348f16f10 FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE;
 
+ALTER TABLE ONLY issues
+    ADD CONSTRAINT fk_c34dd2b036 FOREIGN KEY (tmp_epic_id) REFERENCES epics(id) ON DELETE CASCADE;
+
 ALTER TABLE ONLY user_group_callouts
     ADD CONSTRAINT fk_c366e12ec3 FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE;
 

doc/architecture/blueprints/cdot_plan_managment/index.md

@@ -110,7 +110,7 @@ Use Zuora custom metadata (introduced in iteration 2) to resolve `ProductRatePla
 
 ### Iteration 1
 
-**[Iteration 1] Product Catalog is in sync with Zuora**
+**(Iteration 1) Product Catalog is in sync with Zuora**
 
 - Cron job to refresh the Product Catalog every day as a first iteration and add immediate value.
 - Create a Finance Systems issue to request:
@@ -123,7 +123,7 @@ Use Zuora custom metadata (introduced in iteration 2) to resolve `ProductRatePla
       | ProductRatePlanChargeTier | CatalogProductRatePlanChargeTierUpdate |
   - New callout under the `Billing` component for when records from the Zuora Product Catalog are added, deleted or updated.
 - Create a new controller in CustomersDot based on `ActionController::Metal` to not include redundant middlewares, callbacks, additional Rails stuff and make this controller as fast as possible.
-  
+
   ```ruby
   module Zuora
     class WebHooksController < ActionController::Metal
@@ -140,7 +140,7 @@ Use Zuora custom metadata (introduced in iteration 2) to resolve `ProductRatePla
 
 Ensure a debouncing strategy for `SyncProductCatalogJob` in case we get too many Product Catalog update notifications in a short period of time. Initially we can delay its execution for 5 minutes and ensure no new job is enqueued if one is already in the queue.
 
-**[Iteration 2] Transfer CustomersDot's classification knowledge to the Zuora Product Catalog**
+**(Iteration 2) Transfer CustomersDot's classification knowledge to the Zuora Product Catalog**
 
 _All these changes require a Finance Systems issue._
 
@@ -157,7 +157,7 @@ NOTE:
 There is a [current effort](https://gitlab.com/gitlab-com/business-technology/enterprise-apps/intake/-/issues/44) to add some of these fields to Zuora so we might be able to reuse these. If we are reusing these we need to double check that the value in Zuora and CustomersDot classification are aligned
 for each.
 
-**[Iteration 3] Use this Zuora custom metadata to resolve `ProductRatePlan`s directly from the Zuora Catalog**
+**(Iteration 3) Use this Zuora custom metadata to resolve `ProductRatePlan`s directly from the Zuora Catalog**
 
 - Create scopes to fetch `Zuora::Product`s and `Zuora::ProductRatePlan`s based on the metadata introduced in Iteration 2. Possible scopes:
   - `self_managed`

doc/development/database/multiple_databases.md

@@ -219,6 +219,19 @@ suitable for backfilling a `sharding_key`. In such cases the team owning the
 table will need to create the necessary merge requests to add the
 `sharding_key` manually.
 
+##### Exempting certain tables from having sharding keys
+
+Certain tables can be exempted from having sharding keys by adding
+
+```yaml
+exempt_from_sharding: true
+```
+
+to the table's database dictionary file. This is currently the case for JiHu specific tables, because these tables do not contain any data for the
+`.com` database. This was implemented in [!145905](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145905).
+
+When tables are exempted from sharding key requirements, they also do not show up in our [progress dashboard](https://cells-progress-tracker-gitlab-org-tenant-scale-g-f4ad96bf01d25f.gitlab.io/sharding_keys).
+
 ### The impact of `gitlab_schema`
 
 The usage of `gitlab_schema` has a significant impact on the application.

doc/user/application_security/sast/troubleshooting.md

@@ -97,6 +97,22 @@ If your job is failing at the build step with the message "Project couldn't be b
 
 The solution is to use [pre-compilation](index.md#pre-compilation). Pre-compilation ensures the images required by SpotBugs are available in the job's container.
 
+## SpotBugs Error: `java.lang.OutOfMemoryError`
+
+When a SAST job is running you might get an error that states `java.lang.OutOfMemoryError`. This issue occurs when Java has run out of memory.
+
+To try to resolve this issue you can:
+
+- Choose a lower [level of effort](index.md#security-scanner-configuration).
+- Set the CI/CD variable `JAVA_OPTS` to replace the default `-XX:MaxRAMPercentage=80`, e.g. `-XX:MaxRAMPercentage=90`.
+- [Tag a larger runner](../../../ci/runners/saas/linux_saas_runner.md#machine-types-available-for-linux-x86-64) in your `spotbugs-sast` job.
+
+### Links
+
+- [Overhauling memory tuning in OpenJDK containers updates](https://developers.redhat.com/articles/2023/03/07/overhauling-memory-tuning-openjdk-containers-updates)
+- [OpenJDK Configuration & Tuning](https://wiki.openjdk.org/display/zgc/Main#Main-Configuration&Tuning)
+- [Garbage First Garbage Collector Tuning](https://www.oracle.com/technical-resources/articles/java/g1gc.html)
+
 ## SpotBugs message: `Exception analyzing ... using detector ...` followed by a Java stack trace
 
 If your job log contains a message of the form "Exception analyzing ... using detector ..." followed by a Java stack trace, this is **not** a failure of the SAST pipeline. SpotBugs has determined that the exception is [recoverable](https://github.com/spotbugs/spotbugs/blob/5ebd4439f6f8f2c11246b79f58c44324718d39d8/spotbugs/src/main/java/edu/umd/cs/findbugs/FindBugs2.java#L1200), logged it, and resumed analysis.