Add latest changes from gitlab-org/gitlab@master

.gitlab/ci/qa-common/main.gitlab-ci.yml

@@ -6,7 +6,7 @@ workflow:
 
 include:
   - project: gitlab-org/quality/pipeline-common
-    ref: 7.5.0
+    ref: 7.5.1
     file:
       - /ci/base.gitlab-ci.yml
       - /ci/knapsack-report.yml

GITALY_SERVER_VERSION

@@ -1 +1 @@
-0279bd27cb92941ba71936f10a63cd52bd081c63
+2da899b99c7bc3536b1658f54ed1e8fdb6e02f23

doc/administration/audit_event_streaming/audit_event_types.md

@@ -91,8 +91,8 @@ Every audit event is associated with an event type. The association with the eve
 | [`email_confirmation_sent`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129261) | Triggered when users add or change and email address and it needs to be confirmed. | **{dotted-circle}** No | **{check-circle}** Yes | `user_profile` | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/377625) |
 | [`email_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/114546) | Event triggered when an email is created | **{check-circle}** Yes | **{check-circle}** Yes | `compliance_management` | GitLab [15.11](https://gitlab.com/gitlab-org/gitlab/-/issues/374107) |
 | [`email_destroyed`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/114546) | Event triggered when an email is destroyed | **{check-circle}** Yes | **{check-circle}** Yes | `compliance_management` | GitLab [15.11](https://gitlab.com/gitlab-org/gitlab/-/issues/374107) |
-| [`environment_protected`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/108247) | This event is triggered when a protected environment is created. | **{check-circle}** Yes | **{dotted-circle}** No | `environment_management` | GitLab [15.8](https://gitlab.com/gitlab-org/gitlab/-/issues/216164) |
+| [`environment_protected`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/108247) | This event is triggered when a protected environment is created. | **{check-circle}** Yes | **{check-circle}** Yes | `environment_management` | GitLab [15.8](https://gitlab.com/gitlab-org/gitlab/-/issues/216164) |
-| [`environment_unprotected`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/108247) | This event is triggered when a protected environment is deleted. | **{check-circle}** Yes | **{dotted-circle}** No | `environment_management` | GitLab [15.8](https://gitlab.com/gitlab-org/gitlab/-/issues/216164) |
+| [`environment_unprotected`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/108247) | This event is triggered when a protected environment is deleted. | **{check-circle}** Yes | **{check-circle}** Yes | `environment_management` | GitLab [15.8](https://gitlab.com/gitlab-org/gitlab/-/issues/216164) |
 | [`epic_closed_by_project_bot`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121485) | Triggered when an epic is closed by a group access token | **{check-circle}** Yes | **{check-circle}** Yes | `portfolio_management` | GitLab [16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/323299) |
 | [`epic_created_by_project_bot`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121485) | Triggered when an epic is created by a group access token | **{check-circle}** Yes | **{check-circle}** Yes | `portfolio_management` | GitLab [16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/323299) |
 | [`epic_reopened_by_project_bot`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121485) | Triggered when an epic is reopened by a group access token | **{check-circle}** Yes | **{check-circle}** Yes | `portfolio_management` | GitLab [16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/323299) |

doc/administration/audit_event_streaming/graphql_api.md

@@ -6,9 +6,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Audit event streaming GraphQL API **(ULTIMATE ALL)**
 
-> - API [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332747) in GitLab 14.5 [with a flag](../feature_flags.md) named `ff_external_audit_events_namespace`. Disabled by default.
+> - API [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332747) in GitLab 14.5 [with a flag](../feature_flags.md) named `ff_external_audit_events_namespace`. Disabled by default.
-> - API [Enabled on GitLab.com and by default on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/338939) in GitLab 14.7.
+> - API [enabled on GitLab.com and by default on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/338939) in GitLab 14.7.
-> - API [Feature flag `ff_external_audit_events_namespace`](https://gitlab.com/gitlab-org/gitlab/-/issues/349588) removed in GitLab 14.8.
+> - API [feature flag `ff_external_audit_events_namespace`](https://gitlab.com/gitlab-org/gitlab/-/issues/349588) removed in GitLab 14.8.
 > - Custom HTTP headers API [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/361216) in GitLab 15.1 [with a flag](../feature_flags.md) named `streaming_audit_event_headers`. Disabled by default.
 > - Custom HTTP headers API [enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/362941) in GitLab 15.2.
 > - Custom HTTP headers API [made generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/366524) in GitLab 15.3. [Feature flag `streaming_audit_event_headers`](https://gitlab.com/gitlab-org/gitlab/-/issues/362941) removed.
@@ -16,7 +16,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 > - APIs for custom HTTP headers for instance level streaming destinations [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/404560) in GitLab 16.1 [with a flag](../feature_flags.md) named `ff_external_audit_events`. Disabled by default.
 > - [Feature flag `ff_external_audit_events`](https://gitlab.com/gitlab-org/gitlab/-/issues/393772) enabled by default in GitLab 16.2.
 > - User-specified destination name API support [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/413894) in GitLab 16.2.
-> - API [Feature flag `ff_external_audit_events`](https://gitlab.com/gitlab-org/gitlab/-/issues/417708) removed in GitLab 16.2.
+> - API [feature flag `ff_external_audit_events`](https://gitlab.com/gitlab-org/gitlab/-/issues/417708) removed in GitLab 16.4.
 
 Audit event streaming destinations can be maintained using a GraphQL API.
 

doc/integration/advanced_search/elasticsearch.md

@@ -14,16 +14,14 @@ advanced search provides faster search response times and [improved search featu
 
 ### Elasticsearch version requirements
 
-> Support for Elasticsearch 6.8 was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/350275) in GitLab 15.0.
+> Support for Elasticsearch 6.8 [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/350275) in GitLab 15.0.
 
 Advanced search works with the following versions of Elasticsearch.
 
 | GitLab version        | Elasticsearch version       |
-|-----------------------|--------------------------|
+|-----------------------|-----------------------------|
-| GitLab 15.0 or later  | Elasticsearch 7.x - 8.x  |
+| GitLab 15.0 and later | Elasticsearch 7.x and later |
-| GitLab 13.9 - 14.10   | Elasticsearch 6.8 - 7.x  |
+| GitLab 14.0 to 14.10  | Elasticsearch 6.8 to 7.x    |
-| GitLab 13.3 - 13.8    | Elasticsearch 6.4 - 7.x  |
-| GitLab 12.7 - 13.2    | Elasticsearch 6.x - 7.x  |
 
 Advanced search follows the [Elasticsearch end-of-life policy](https://www.elastic.co/support/eol).
 When we change Elasticsearch supported versions in GitLab, we announce them in [deprecation notes](https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations) in monthly release posts
@@ -32,9 +30,9 @@ before we remove them.
 ### OpenSearch version requirements
 
 | GitLab version          | OpenSearch version       |
-|-------------------------|---------------------------|
+|-------------------------|--------------------------|
-| GitLab 15.0 to 15.5.2   | OpenSearch 1.x            |
 | GitLab 15.5.3 and later | OpenSearch 1.x and later |
+| GitLab 15.0 to 15.5.2   | OpenSearch 1.x           |
 
 If your version of Elasticsearch or OpenSearch is incompatible, to prevent data loss, indexing pauses and
 a message is logged in the
@@ -47,7 +45,7 @@ If you are using a compatible version and after connecting to OpenSearch, you ge
 Elasticsearch requires additional resources to those documented in the
 [GitLab system requirements](../../install/requirements.md).
 
-Memory, CPU, and storage resource amounts vary depending on the amount of data you index into the Elasticsearch cluster. Heavily used Elasticsearch clusters may require more resources. The [`estimate_cluster_size`](#gitlab-advanced-search-rake-tasks) Rake task ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/221177) in GitLab 13.10) uses the total repository size to estimate the advanced search storage requirements.
+Memory, CPU, and storage resource amounts vary depending on the amount of data you index into the Elasticsearch cluster. Heavily used Elasticsearch clusters may require more resources. The [`estimate_cluster_size`](#gitlab-advanced-search-rake-tasks) Rake task uses the total repository size to estimate the advanced search storage requirements.
 
 ## Install Elasticsearch
 
@@ -68,10 +66,14 @@ The search index updates after you:
 
 ## Upgrade to a new Elasticsearch major version
 
-> - Elasticsearch 6.8 support is removed with GitLab 15.0.
+> Support for Elasticsearch 6.8 [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/350275) in GitLab 15.0.
-> - Upgrading from GitLab 14.10 to 15.0 requires that you are using any version of Elasticsearch 7.x.
 
-You don't have to change the GitLab configuration when you upgrade Elasticsearch. You should pause indexing during an Elasticsearch upgrade so changes can still be tracked. When the Elasticsearch cluster is fully upgraded and active, [resume indexing](#unpause-indexing).
+You don't have to change the GitLab configuration when you upgrade Elasticsearch.
+
+You should pause indexing during an Elasticsearch upgrade so changes can still be tracked.
+When the Elasticsearch cluster is fully upgraded and active, [resume indexing](#unpause-indexing).
+
+When you upgrade to GitLab 15.0 and later, you must use Elasticsearch 7.x and later.
 
 ## Elasticsearch repository indexer
 
@@ -82,7 +84,7 @@ Depending on your GitLab version, there are different installation procedures fo
 - For Linux package installations, the Go indexer is included.
 - For self-compiled installations, see [Install the indexer from source](#install-the-indexer-from-source).
 - If you're using the GitLab Development Kit, see [Elasticsearch in the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/elasticsearch.md).
-- If you're running a Helm deployment of GitLab 11.10 and later, [the indexer is already included](https://gitlab.com/gitlab-org/build/CNG/-/merge_requests/213).
+- If you're using the GitLab Helm chart, [the indexer is already included](https://gitlab.com/gitlab-org/build/CNG/-/merge_requests/213).
 
 ### Install the indexer from source
 
@@ -462,10 +464,6 @@ You can use zero-downtime reindexing to configure index settings or mappings tha
 
 ### Trigger the reindex via the advanced search administration
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/34069) in GitLab 13.2.
-> - A scheduled index deletion and the ability to cancel it was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/38914) in GitLab 13.3.
-> - Support for retries during reindexing was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55681) in GitLab 13.12.
-
 To trigger the reindexing process:
 
 1. Sign in to your GitLab instance as an administrator.
@@ -485,8 +483,6 @@ While the reindexing is running, you can follow its progress under that same sec
 
 #### Elasticsearch zero-downtime reindexing
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55681) in GitLab 13.12.
-
 1. On the left sidebar, select **Search or go to**.
 1. Select **Admin Area**.
 1. On the left sidebar, select **Settings > Advanced Search**.
@@ -545,8 +541,6 @@ Sometimes, you might want to abandon the unfinished reindex job and resume the i
 ## Index integrity
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112369) in GitLab 15.10 [with a flag](../../administration/feature_flags.md) named `search_index_integrity`. Disabled by default.
-> - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/392981) in GitLab 16.0.
-> - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/392981) in GitLab 16.3.
 > - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/392981) in GitLab 16.4. Feature flag `search_index_integrity` removed.
 
 Index integrity detects and fixes missing repository data.
@@ -555,8 +549,6 @@ scoped to a group or project return no results.
 
 ## Advanced search migrations
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/234046) in GitLab 13.6.
-
 With reindex migrations running in the background, there's no need for a manual
 intervention. This usually happens in situations where new features are added to
 advanced search, which means adding or changing the way content is indexed.
@@ -682,7 +674,7 @@ The following are some available Rake tasks:
 | [`sudo gitlab-rake gitlab:elastic:index_snippets`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake)                   | Performs an Elasticsearch import that indexes the snippets data.                                                                                                                          |
 | [`sudo gitlab-rake gitlab:elastic:index_users`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake)                   | Imports all users into Elasticsearch.                                                                                                                 |
 | [`sudo gitlab-rake gitlab:elastic:projects_not_indexed`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake)             | Displays which projects are not indexed.                                                                                                                                                  |
-| [`sudo gitlab-rake gitlab:elastic:reindex_cluster`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake)                  | Schedules a zero-downtime cluster reindexing task. This feature should be used with an index that was created after GitLab 13.0. |
+| [`sudo gitlab-rake gitlab:elastic:reindex_cluster`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake)                  | Schedules a zero-downtime cluster reindexing task. |
 | [`sudo gitlab-rake gitlab:elastic:mark_reindex_failed`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake)              | Mark the most recent re-index job as failed. |
 | [`sudo gitlab-rake gitlab:elastic:list_pending_migrations`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake)          | List pending migrations. Pending migrations include those that have not yet started, have started but not finished, and those that are halted. |
 | [`sudo gitlab-rake gitlab:elastic:estimate_cluster_size`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake)            | Get an estimate of cluster size based on the total repository size. |

doc/user/project/integrations/slack.md

@@ -156,7 +156,7 @@ Commands that change data can cause damage if not run correctly or under the rig
 
 ```ruby
 # Grab all projects that have the Slack notifications enabled
-p = Project.find_by_sql("SELECT p.id FROM projects p LEFT JOIN integrations s ON p.id = s.project_id WHERE s.type_new = 'Slack' AND s.active = true")
+p = Project.find_by_sql("SELECT p.id FROM projects p LEFT JOIN integrations s ON p.id = s.project_id WHERE s.type_new = 'Integrations::Slack' AND s.active = true")
 
 # Disable the integration on each of the projects that were found.
 p.each do |project|

doc/user/workspace/configuration.md

@@ -25,6 +25,8 @@ which you can customize to meet the specific needs of each project.
 
 ## Set up a workspace
 
+> Support for private projects [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124273) in GitLab 16.4.
+
 ### Prerequisites
 
 - Set up a Kubernetes cluster that the GitLab agent for Kubernetes supports.
@@ -56,8 +58,6 @@ which you can customize to meet the specific needs of each project.
 
 ### Create a workspace
 
-> Support for private projects [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124273) in GitLab 16.4.
-
 To create a workspace:
 
 1. On the left sidebar, select **Search or go to**.
@@ -76,6 +76,8 @@ You also have access to the terminal and can install any necessary dependencies.
 
 ## Connect to a workspace with SSH
 
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/10478) in GitLab 16.3.
+
 Prerequisites:
 
 - SSH must be enabled for the workspace.

lib/banzai/filter/code_language_filter.rb

@@ -32,12 +32,17 @@ module Banzai
         lang, lang_params = parse_lang_params(code_node)
         pre_node = code_node.parent
 
-        pre_node.remove_attribute('lang') if lang.present?
+        if lang.present?
+          code_node.remove_attribute('lang')
+          pre_node.remove_attribute('lang')
+        end
+
         pre_node.set_attribute(LANG_ATTR, escape_once(lang)) if lang.present?
         pre_node.set_attribute(LANG_PARAMS_ATTR, escape_once(lang_params)) if lang_params.present?
 
         # cmark-gfm added this, it's now in data-lang-params
         pre_node.remove_attribute('data-meta')
+        code_node.remove_attribute('data-meta')
       end
 
       private
@@ -55,14 +60,14 @@ module Banzai
       # "```suggestion:+1-10 more```" -> '<pre data-canonical-lang="suggestion" data-lang-params="+1-10 more">'.
       def parse_lang_params(code_node)
         pre_node = code_node.parent
-        language = pre_node.attr('lang')
+        language = pre_node.attr('lang') || code_node.attr('lang')
 
         return unless language
 
         language, language_params = language.split(LANG_PARAMS_DELIMITER, 2)
 
         # cmark-gfm places extra lang parameters into data-meta
-        language_params = [pre_node.attr('data-meta'), language_params].compact.join(' ')
+        language_params = [pre_node.attr('data-meta'), code_node.attr('data-meta'), language_params].compact.join(' ')
 
         [language, language_params]
       end

qa/gdk/Dockerfile.gdk

@@ -1,4 +1,4 @@
-FROM registry.gitlab.com/gitlab-org/gitlab-development-kit/asdf-bootstrapped-verify:main@sha256:af7e6e7a9d6338ca7045e878b9717a1c8feb507dbd1e69db7ef407af4074f27d as base
+FROM registry.gitlab.com/gitlab-org/gitlab-development-kit/asdf-bootstrapped-verify:main@sha256:f752d46a2008e6b7e0ce0c3473994cc2b3ad8084dbb7dbfce8758297c0929112 as base
 
 ENV GITLAB_LICENSE_MODE=test \
     GDK_KILL_CONFIRM=true

qa/qa/specs/features/api/4_verify/file_variable_downstream_pipeline_spec.rb

@@ -8,12 +8,12 @@ module QA
     describe 'Pipeline with file variables and downstream pipelines' do
       let(:random_string) { Faker::Alphanumeric.alphanumeric(number: 8) }
       let(:executor) { "qa-runner-#{Faker::Alphanumeric.alphanumeric(number: 8)}" }
-      let!(:project) { create(:project, name: 'upstream-project-with-file-variables') }
+      let!(:upstream_project) { create(:project, name: 'upstream-project-with-file-variables') }
       let!(:downstream_project) { create(:project, name: 'downstream-project') }
 
-      let!(:project_runner) do
+      let!(:upstream_project_runner) do
         Resource::ProjectRunner.fabricate! do |runner|
-          runner.project = project
+          runner.project = upstream_project
           runner.name = executor
           runner.tags = [executor]
         end
@@ -27,11 +27,7 @@ module QA
         end
       end
 
-      let(:add_ci_file) do
+      let(:upstream_project_files) do
-        Resource::Repository::Commit.fabricate_via_api! do |commit|
-          commit.project = project
-          commit.commit_message = 'Add .gitlab-ci.yml and child.yml'
-          commit.add_files(
         [
           {
             file_path: '.gitlab-ci.yml',
@@ -78,15 +74,9 @@ module QA
             YAML
           }
         ]
-          )
-        end
       end
 
-      let(:add_downstream_project_ci_file) do
+      let(:downstream_project_file) do
-        Resource::Repository::Commit.fabricate_via_api! do |commit|
-          commit.project = downstream_project
-          commit.commit_message = 'Add .gitlab-ci.yml'
-          commit.add_files(
         [
           {
             file_path: '.gitlab-ci.yml',
@@ -108,57 +98,35 @@ module QA
             YAML
           }
         ]
-          )
-        end
-      end
-
-      let(:add_project_file_variables) do
-        {
-          'TEST_PROJECT_FILE' => "hello, this is test\n",
-          'DOCKER_CA_CERT' => "This is secret\n"
-        }.each do |file_name, content|
-          add_file_variable_to_project(project, file_name, content)
-        end
-      end
-
-      let(:upstream_pipeline) { create(:pipeline, project: project) }
-
-      def child_pipeline
-        create(:pipeline, project: project, id: upstream_pipeline.downstream_pipeline_id(bridge_name: 'trigger_child'))
-      end
-
-      def downstream_project_pipeline
-        create(:pipeline,
-          project: downstream_project,
-          id: upstream_pipeline.downstream_pipeline_id(bridge_name: 'trigger_downstream_project'))
       end
 
       around do |example|
-        Runtime::Feature.enable(:ci_prevent_file_var_expansion_downstream_pipeline, project: project)
+        Runtime::Feature.enable(:ci_prevent_file_var_expansion_downstream_pipeline, project: upstream_project)
         example.run
-        Runtime::Feature.disable(:ci_prevent_file_var_expansion_downstream_pipeline, project: project)
+        Runtime::Feature.disable(:ci_prevent_file_var_expansion_downstream_pipeline, project: upstream_project)
       end
 
       before do
-        add_project_file_variables
+        add_file_variables_to_upstream_project
-        add_downstream_project_ci_file
+        add_ci_file(downstream_project, downstream_project_file)
-        add_ci_file
+        add_ci_file(upstream_project, upstream_project_files)
-        upstream_pipeline
+        Support::Waiter.wait_until(message: 'Wait for first pipeline creation') { upstream_project.pipelines.present? }
-        wait_for_pipelines
+
+        wait_for_pipelines_to_finish
       end
 
       after do
-        project_runner.remove_via_api!
+        [upstream_project_runner, downstream_project_runner].each(&:remove_via_api!)
-        downstream_project_runner.remove_via_api!
       end
 
       it(
         'creates variable with file path in downstream pipelines and can read file variable content',
         testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/416337'
       ) do
-        child_echo_job = create(:job, project: project, id: project.job_by_name('child_job_echo')[:id])
+        child_echo_job = create(:job, project: upstream_project,
+          id: upstream_project.job_by_name('child_job_echo')[:id])
 
-        child_cat_job = create(:job, project: project, id: project.job_by_name('child_job_cat')[:id])
+        child_cat_job = create(:job, project: upstream_project, id: upstream_project.job_by_name('child_job_cat')[:id])
 
         downstream_project_echo_job = create(:job,
           project: downstream_project,
@@ -170,10 +138,10 @@ module QA
 
         aggregate_failures do
           trace = child_echo_job.trace
-          expect(trace).to include('run something -f', "#{project.name}.tmp/TEST_PROJECT_FILE")
+          expect(trace).to include('run something -f', "#{upstream_project.name}.tmp/TEST_PROJECT_FILE")
-          expect(trace).to include('docker run --tlscacert=', "#{project.name}.tmp/DOCKER_CA_CERT")
+          expect(trace).to include('docker run --tlscacert=', "#{upstream_project.name}.tmp/DOCKER_CA_CERT")
-          expect(trace).to include('run --output=', "#{project.name}.tmp/DOCKER_CA_CERT.crt")
+          expect(trace).to include('run --output=', "#{upstream_project.name}.tmp/DOCKER_CA_CERT.crt")
-          expect(trace).to include('Will read private key from', "#{project.name}.tmp/TEST_PROJECT_FILE")
+          expect(trace).to include('Will read private key from', "#{upstream_project.name}.tmp/TEST_PROJECT_FILE")
 
           trace = child_cat_job.trace
           expect(trace).to have_content('hello, this is test')
@@ -193,23 +161,54 @@ module QA
 
       private
 
-      def add_file_variable_to_project(project, key, value)
+      def add_file_variables_to_upstream_project
+        {
+          'TEST_PROJECT_FILE' => "hello, this is test\n",
+          'DOCKER_CA_CERT' => "This is secret\n"
+        }.each do |file_name, content|
           Resource::CiVariable.fabricate_via_api! do |ci_variable|
-          ci_variable.project = project
+            ci_variable.project = upstream_project
-          ci_variable.key = key
+            ci_variable.key = file_name
-          ci_variable.value = value
+            ci_variable.value = content
             ci_variable.variable_type = 'file'
           end
         end
+      end
 
-      def wait_for_pipelines
+      def add_ci_file(project, files)
+        Resource::Repository::Commit.fabricate_via_api! do |commit|
+          commit.project = project
+          commit.commit_message = 'Add CI files to project'
+          commit.add_files(files)
+        end
+      end
+
+      def wait_for_pipelines_to_finish
         Support::Waiter.wait_until(max_duration: 300, sleep_interval: 10) do
-          upstream_pipeline.reload!
           upstream_pipeline.status == 'success' &&
             child_pipeline.status == 'success' &&
             downstream_project_pipeline.status == 'success'
         end
       end
+
+      # Fetch upstream project's parent pipeline
+      def upstream_pipeline
+        create(:pipeline, project: upstream_project, id: upstream_project.latest_pipeline[:id])
+      end
+
+      # Fetch upstream project's child pipeline
+      def child_pipeline
+        create(:pipeline,
+          project: upstream_project,
+          id: upstream_pipeline.downstream_pipeline_id(bridge_name: 'trigger_child'))
+      end
+
+      # Fetch downstream project's pipeline
+      def downstream_project_pipeline
+        create(:pipeline,
+          project: downstream_project,
+          id: upstream_pipeline.downstream_pipeline_id(bridge_name: 'trigger_downstream_project'))
+      end
     end
   end
 end

spec/lib/banzai/filter/code_language_filter_spec.rb

@@ -27,7 +27,7 @@ RSpec.describe Banzai::Filter::CodeLanguageFilter, feature_category: :team_plann
     end
   end
 
-  context 'when lang is specified' do
+  context 'when lang is specified on `pre`' do
     it 'adds data-canonical-lang and removes lang attribute' do
       result = filter('<pre lang="ruby"><code>def fun end</code></pre>')
 
@@ -36,20 +36,40 @@ RSpec.describe Banzai::Filter::CodeLanguageFilter, feature_category: :team_plann
     end
   end
 
-  context 'when lang has extra params' do
+  context 'when lang is specified on `code`' do
-    let(:lang_params) { 'foo-bar-kux' }
+    it 'adds data-canonical-lang to `pre` and removes lang attribute' do
-    let(:xss_lang) { %(ruby data-meta="foo-bar-kux"&lt;script&gt;alert(1)&lt;/script&gt;) }
+      result = filter('<pre><code lang="ruby">def fun end</code></pre>')
 
-    it 'includes data-lang-params tag with extra information and removes data-meta' do
+      expect(result.to_html.delete("\n"))
-      expected_result = <<~HTML
+        .to eq('<pre data-canonical-lang="ruby"><code>def fun end</code></pre>')
+    end
+  end
+
+  context 'when lang has extra params' do
+    let_it_be(:lang_params) { 'foo-bar-kux' }
+    let_it_be(:xss_lang) { %(ruby data-meta="foo-bar-kux"&lt;script&gt;alert(1)&lt;/script&gt;) }
+    let_it_be(:expected_result) do
+      <<~HTML
         <pre data-canonical-lang="ruby" data-lang-params="#{lang_params}">
         <code>This is a test</code></pre>
       HTML
+    end
 
+    context 'when lang is specified on `pre`' do
+      it 'includes data-lang-params tag with extra information and removes data-meta' do
         result = filter(%(<pre lang="ruby" data-meta="#{lang_params}"><code>This is a test</code></pre>))
 
         expect(result.to_html.delete("\n")).to eq(expected_result.delete("\n"))
       end
+    end
+
+    context 'when lang is specified on `code`' do
+      it 'includes data-lang-params tag with extra information and removes data-meta' do
+        result = filter(%(<pre><code lang="ruby" data-meta="#{lang_params}">This is a test</code></pre>))
+
+        expect(result.to_html.delete("\n")).to eq(expected_result.delete("\n"))
+      end
+    end
 
     include_examples 'XSS prevention', 'ruby'
 

spec/lib/gitlab/other_markup_spec.rb

@@ -2,9 +2,48 @@
 
 require 'spec_helper'
 
-RSpec.describe Gitlab::OtherMarkup do
+RSpec.describe Gitlab::OtherMarkup, feature_category: :wiki do
   let(:context) { {} }
 
+  context 'when restructured text' do
+    it 'renders' do
+      input = <<~RST
+        Header
+        ======
+
+        *emphasis*; **strong emphasis**; `interpreted text`
+      RST
+
+      output = <<~HTML
+        <h1>Header</h1>
+        <p><em>emphasis</em>; <strong>strong emphasis</strong>; <cite>interpreted text</cite></p>
+      HTML
+
+      expect(render('unimportant_name.rst', input, context)).to include(output.strip)
+    end
+
+    context 'when PlantUML is enabled' do
+      it 'generates the diagram' do
+        Gitlab::CurrentSettings.current_application_settings.update!(plantuml_enabled: true, plantuml_url: 'https://plantuml.com/plantuml')
+
+        input = <<~RST
+          .. plantuml::
+                 :caption: Caption with **bold** and *italic*
+
+                 Bob -> Alice: hello
+                 Alice -> Bob: hi
+        RST
+
+        output = <<~HTML
+          <img class="plantuml" src="https://plantuml.com/plantuml/png/U9npoazIqBLJSCp9J4wrKiX8pSd9vm9pGA9E-Kb0iKm0o4SAt000" data-diagram="plantuml" data-diagram-src="data:text/plain;base64,Qm9iIC0+IEFsaWNlOiBoZWxsbwpBbGljZSAtPiBCb2I6IGhp">
+          <p>Caption with <strong>bold</strong> and <em>italic</em></p>
+        HTML
+
+        expect(render('unimportant_name.rst', input, context)).to include(output.strip)
+      end
+    end
+  end
+
   context 'XSS Checks' do
     links = {
       'links' => {