Add latest changes from gitlab-org/gitlab@master

.gitlab/ci/docs.gitlab-ci.yml

@@ -1,3 +1,15 @@
+include:
+  - component: gitlab.com/gitlab-org/technical-writing-group/markdown-link-check/lychee@0.2.0
+    inputs:
+      job-name: docs-lint links
+      job-stage: lint
+      lychee-version: "0.14.3"
+
+# Override rules for markdown-link-check CI/CD component
+docs-lint links:
+  extends:
+    - .docs:rules:docs-lint
+
 .review-docs:
   extends:
     - .default-retry
@@ -39,23 +51,6 @@ review-docs-cleanup:
   script:
     - ./scripts/trigger-build.rb docs cleanup
 
-docs-lint links:
-  extends:
-    - .docs:rules:docs-lint
-  image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-html:alpine-3.18-ruby-3.2.2-08fa6df8
-  stage: lint
-  needs: []
-  script:
-    # Prepare docs for build
-    # The path must be 'ee/' because we have hardcoded links relying on it
-    # https://gitlab.com/gitlab-org/gitlab-docs/-/blob/887850752fc0e72856da6632db132f005ba77f16/content/index.erb#L44-63
-    - mv doc/ /tmp/gitlab-docs/content/ee
-    - cd /tmp/gitlab-docs
-    # Build HTML from Markdown
-    - make compile
-    # Check the internal links and anchors (in parallel)
-    - "parallel time bundle exec nanoc check ::: internal_links internal_anchors"
-
 .docs-markdown-lint-image:
   # When updating the image version here, update it in /scripts/lint-doc.sh too.
   image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-markdown:alpine-3.19-vale-3.0.7-markdownlint-0.39.0-markdownlint2-0.12.1

app/assets/javascripts/invite_members/init_invite_groups_modal.js

@@ -31,6 +31,7 @@ export default function initInviteGroupsModal() {
     provide: {
       freeUsersLimit: parseInt(el.dataset.freeUsersLimit, 10),
       overageMembersModalAvailable: parseBoolean(el.dataset.overageMembersModalAvailable),
+      hasGitlabSubscription: parseBoolean(el.dataset.hasGitlabSubscription),
     },
     render: (createElement) =>
       createElement(InviteGroupsModal, {

app/assets/javascripts/invite_members/init_invite_members_modal.js

@@ -26,6 +26,7 @@ export default (function initInviteMembersModal() {
         provide: {
           name: el.dataset.name,
           overageMembersModalAvailable: parseBoolean(el.dataset.overageMembersModalAvailable),
+          hasGitlabSubscription: parseBoolean(el.dataset.hasGitlabSubscription),
         },
         render: (createElement) =>
           createElement(InviteMembersModal, {

app/events/work_items/work_item_created_event.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module WorkItems
+  class WorkItemCreatedEvent < Gitlab::EventStore::Event
+    def schema
+      {
+        'type' => 'object',
+        'required' => %w[id namespace_id],
+        'properties' => {
+          'id' => { 'type' => 'integer' },
+          'namespace_id' => { 'type' => 'integer' }
+        }
+      }
+    end
+  end
+end

app/services/auto_merge/merge_when_pipeline_succeeds_service.rb

@@ -22,13 +22,21 @@ module AutoMerge
 
     def cancel(merge_request)
       super do
-        SystemNoteService.cancel_merge_when_pipeline_succeeds(merge_request, project, current_user)
+        if block_given?
+          yield
+        else
+          SystemNoteService.cancel_merge_when_pipeline_succeeds(merge_request, project, current_user)
+        end
       end
     end
 
     def abort(merge_request, reason)
       super do
-        SystemNoteService.abort_merge_when_pipeline_succeeds(merge_request, project, current_user, reason)
+        if block_given?
+          yield
+        else
+          SystemNoteService.abort_merge_when_pipeline_succeeds(merge_request, project, current_user, reason)
+        end
       end
     end
 

app/services/system_note_service.rb

@@ -160,6 +160,21 @@ module SystemNoteService
     ::SystemNotes::IssuablesService.new(noteable: noteable, project: project, author: author).change_status(status, source)
   end
 
+  # Called when 'merge when checks pass' is executed
+  def merge_when_checks_pass(noteable, project, author, sha)
+    ::SystemNotes::MergeRequestsService.new(noteable: noteable, project: project, author: author).merge_when_checks_pass(sha)
+  end
+
+  # Called when 'auto merge' is canceled
+  def cancel_auto_merge(noteable, project, author)
+    ::SystemNotes::MergeRequestsService.new(noteable: noteable, project: project, author: author).cancel_auto_merge
+  end
+
+  # Called when 'auto merge' is aborted
+  def abort_auto_merge(noteable, project, author, reason)
+    ::SystemNotes::MergeRequestsService.new(noteable: noteable, project: project, author: author).abort_auto_merge(reason)
+  end
+
   # Called when 'merge when pipeline succeeds' is executed
   def merge_when_pipeline_succeeds(noteable, project, author, sha)
     ::SystemNotes::MergeRequestsService.new(noteable: noteable, project: project, author: author).merge_when_pipeline_succeeds(sha)

app/services/system_notes/merge_requests_service.rb

@@ -2,6 +2,30 @@
 
 module SystemNotes
   class MergeRequestsService < ::SystemNotes::BaseService
+    # Called when the auto merge is executed
+    def merge_when_checks_pass(sha)
+      body = "enabled an automatic merge when all merge checks for #{sha} pass"
+
+      create_note(NoteSummary.new(noteable, project, author, body, action: 'merge'))
+    end
+
+    # Called when the auto merge is canceled
+    def cancel_auto_merge
+      body = 'canceled the automatic merge'
+
+      create_note(NoteSummary.new(noteable, project, author, body, action: 'merge'))
+    end
+
+    # Called when the auto merge is aborted
+    def abort_auto_merge(reason)
+      body = "aborted the automatic merge because #{reason}"
+
+      ##
+      # TODO: Abort message should be sent by the system, not a particular user.
+      # See https://gitlab.com/gitlab-org/gitlab-foss/issues/63187.
+      create_note(NoteSummary.new(noteable, project, author, body, action: 'merge'))
+    end
+
     # Called when 'merge when pipeline succeeds' is executed
     def merge_when_pipeline_succeeds(sha)
       body = "enabled an automatic merge when the pipeline for #{sha} succeeds"

app/services/work_items/create_service.rb

@@ -23,6 +23,7 @@ module WorkItems
       work_item = result[:issue]
 
       if work_item.valid?
+        publish_event(work_item)
         success(payload(work_item))
       else
         error(work_item.errors.full_messages, :unprocessable_entity, pass_back: payload(work_item))
@@ -90,6 +91,17 @@ module WorkItems
     def skip_system_notes?
       false
     end
+
+    def publish_event(work_item)
+      work_item.run_after_commit_or_now do
+        Gitlab::EventStore.publish(
+          WorkItems::WorkItemCreatedEvent.new(data: {
+            id: work_item.id,
+            namespace_id: work_item.namespace_id
+          })
+        )
+      end
+    end
   end
 end
 

config/sidekiq_queues.yml

@@ -793,6 +793,10 @@
   - 1
 - - work_items_import_work_items_csv
   - 1
+- - work_items_rolledup_dates_update_parent_rolledup_dates_event_handler
+  - 1
+- - work_items_rolledup_dates_update_rolledup_dates
+  - 1
 - - work_items_update_parent_objectives_progress
   - 1
 - - work_items_validate_epic_work_item_sync

data/deprecations/15-6-deprecate-post-api-v4-runner.yml

@@ -10,7 +10,7 @@
     The support for registration tokens and certain runner configuration arguments in the `POST` method operation on the `/api/v4/runners` endpoint is deprecated.
     This endpoint [registers](https://docs.gitlab.com/ee/api/runners.html#register-a-new-runner) a runner
     with a GitLab instance at the instance, group, or project level through the API. Registration tokens, and support for certain configuration arguments,
-    will start returning the HTTP `410 Gone` status code in GitLab 17.0. For more information, see [Migrating to the new runner registration workflow](../ci/runners/new_creation_workflow.md).
+    will start returning the HTTP `410 Gone` status code in GitLab 17.0. For more information, see [Migrating to the new runner registration workflow](https://docs.gitlab.com/ee/ci/runners/runners_scope.html).
 
     The configuration arguments disabled for authentication tokens are:
 
@@ -22,7 +22,7 @@
     - `--tag-list`
     - `--maintenance-note`
 
-    This change is a breaking change. You should [create a runner in the UI](../ci/runners/runners_scope.html) to add configurations, and use the authentication token in the `gitlab-runner register` command instead.
+    This change is a breaking change. You should [create a runner in the UI](https://docs.gitlab.com/ee/ci/runners/runners_scope.html) to add configurations, and use the authentication token in the `gitlab-runner register` command instead.
   end_of_support_milestone:  # (optional) Use "XX.YY" format. The milestone when support for this feature will end.
   tiers:  # (optional - may be required in the future) An array of tiers that the feature is available in currently.  e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
   documentation_url: https://docs.gitlab.com/ee/api/runners.html#register-a-new-runner  # (optional) This is a link to the current documentation page

db/migrate/20240129123433_ensure_id_uniqueness_for_zoekt_tasks.rb

@@ -8,18 +8,13 @@ class EnsureIdUniquenessForZoektTasks < Gitlab::Database::Migration[2.2]
   enable_lock_retries!
 
   TABLE_NAME = :zoekt_tasks
-  FUNCTION_NAME = :assign_zoekt_tasks_id_value
+  SEQ_NAME = :zoekt_tasks_id_seq
 
   def up
-    ensure_unique_id(TABLE_NAME)
+    ensure_unique_id(TABLE_NAME, seq: SEQ_NAME)
   end
 
   def down
-    execute(<<~SQL.squish)
-      ALTER TABLE #{TABLE_NAME}
-        ALTER COLUMN id SET DEFAULT nextval('zoekt_tasks_id_seq'::regclass);
-
-      DROP FUNCTION IF EXISTS #{FUNCTION_NAME} CASCADE;
-    SQL
+    revert_ensure_unique_id(TABLE_NAME, seq: SEQ_NAME)
   end
 end

db/post_migrate/20240123101716_ensure_id_uniqueness_for_p_ci_pipeline_variables.rb

@@ -2,21 +2,18 @@
 
 class EnsureIdUniquenessForPCiPipelineVariables < Gitlab::Database::Migration[2.2]
   include Gitlab::Database::PartitioningMigrationHelpers::UniquenessHelpers
+
   milestone '16.9'
   enable_lock_retries!
+
   TABLE_NAME = :p_ci_pipeline_variables
-  FUNCTION_NAME = :assign_p_ci_pipeline_variables_id_value
+  SEQ_NAME = :ci_pipeline_variables_id_seq
 
   def up
-    ensure_unique_id(TABLE_NAME)
+    ensure_unique_id(TABLE_NAME, seq: SEQ_NAME)
   end
 
   def down
-    execute(<<~SQL.squish)
-      ALTER TABLE #{TABLE_NAME}
-        ALTER COLUMN id SET DEFAULT nextval('ci_pipeline_variables_id_seq'::regclass);
-
-      DROP FUNCTION IF EXISTS #{FUNCTION_NAME} CASCADE;
-    SQL
+    revert_ensure_unique_id(TABLE_NAME, seq: SEQ_NAME)
   end
 end

db/post_migrate/20240212092520_ensure_id_uniqueness_for_p_ci_job_artifacts.rb

@@ -7,18 +7,13 @@ class EnsureIdUniquenessForPCiJobArtifacts < Gitlab::Database::Migration[2.2]
   enable_lock_retries!
 
   TABLE_NAME = :p_ci_job_artifacts
-  FUNCTION_NAME = :assign_p_ci_job_artifacts_id_value
+  SEQ_NAME = :ci_job_artifacts_id_seq
 
   def up
-    ensure_unique_id(TABLE_NAME)
+    ensure_unique_id(TABLE_NAME, seq: SEQ_NAME)
   end
 
   def down
-    execute(<<~SQL.squish)
-      ALTER TABLE #{TABLE_NAME}
-        ALTER COLUMN id SET DEFAULT nextval('ci_job_artifacts_id_seq'::regclass);
-
-      DROP FUNCTION IF EXISTS #{FUNCTION_NAME} CASCADE;
-    SQL
+    revert_ensure_unique_id(TABLE_NAME, seq: SEQ_NAME)
   end
 end

db/post_migrate/20240226081837_ensure_id_uniqueness_for_p_ci_stages.rb

@@ -7,18 +7,13 @@ class EnsureIdUniquenessForPCiStages < Gitlab::Database::Migration[2.2]
   enable_lock_retries!
 
   TABLE_NAME = :p_ci_stages
-  FUNCTION_NAME = :assign_p_ci_stages_id_value
+  SEQ_NAME = :ci_stages_id_seq
 
   def up
-    ensure_unique_id(TABLE_NAME)
+    ensure_unique_id(TABLE_NAME, seq: SEQ_NAME)
   end
 
   def down
-    execute(<<~SQL.squish)
-      ALTER TABLE #{TABLE_NAME}
-        ALTER COLUMN id SET DEFAULT nextval('ci_stages_id_seq'::regclass);
-
-      DROP FUNCTION IF EXISTS #{FUNCTION_NAME} CASCADE;
-    SQL
+    revert_ensure_unique_id(TABLE_NAME, seq: SEQ_NAME)
   end
 end

doc/administration/gitaly/troubleshooting.md

@@ -509,7 +509,7 @@ go tool trace heap.bin
 
 FLAG:
 On self-managed GitLab, by default this feature is not available. To make it available, an administrator can [enable the feature flag](../../administration/feature_flags.md)
-named `log_git_traces`. On GitLab.com, this feature is available but can be configured by GitLab.com administrators only.
+named `log_git_traces`. On GitLab.com, this feature is available but can be configured by GitLab.com administrators only. On GitLab Dedicated, this feature is not available.
 
 You can profile Git operations that Gitaly performs by sending additional information about Git operations to Gitaly logs. With this information, users have more insight
 for performance optimization, debugging, and general telemetry collection. For more information, see the [Git Trace2 API reference](https://git-scm.com/docs/api-trace2).

doc/administration/repository_storage_paths.md

@@ -124,7 +124,7 @@ To look up a project's name using the `config` file in the `*.git` directory:
 
 ### Hashed object pools
 
-Object pools are repositories used to deduplicate forks of public and internal projects and
+Object pools are repositories used to deduplicate [forks of public and internal projects](../user/project/repository/forking_workflow.md) and
 contain the objects from the source project. Using `objects/info/alternates`, the source project and
 forks use the object pool for shared objects. For more information, see
 [How Git object deduplication works in GitLab](../development/git_object_deduplication.md).
@@ -141,6 +141,25 @@ WARNING:
 Do not run `git prune` or `git gc` in object pool repositories, which are stored in the `@pools` directory.
 This can cause data loss in the regular repositories that depend on the object pool.
 
+### Translate hashed object pool storage paths
+
+To look up a project's object pool using a Rails console:
+
+1. Start a [Rails console](operations/rails_console.md#starting-a-rails-console-session).
+1. Run a command similar to the following example:
+
+   ```ruby
+   project_id = 1
+   pool_repository = Project.find(project_id).pool_repository
+   pool_repository = Project.find_by_full_path('group/project').pool_repository
+
+   # Get more details about the pool repository
+   pool_repository.source_project
+   pool_repository.member_projects
+   pool_repository.shard
+   pool_repository.disk_path
+   ```
+
 ### Group wiki storage
 
 Unlike project wikis that are stored in the `@hashed` directory, group wikis are stored in a directory called `@groups`.

doc/api/group_releases.md

@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** GitLab.com, Self-managed, GitLab Dedicated
+**Offering:** GitLab.com, Self-managed
 
 Review your groups' [releases](../user/project/releases/index.md) with the REST API.
 

doc/api/group_ssh_certificates.md

@@ -13,7 +13,7 @@ DETAILS:
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/421915) in GitLab 16.4 [with a flag](../user/feature_flags.md) named `ssh_certificates_rest_endpoints`. Disabled by default.
 
 FLAG:
-On GitLab.com and GitLab Dedicated, this feature is not available.
+On GitLab.com, this feature is not available.
 
 Use this API to create, read and delete SSH certificates for a group.
 Only top-level groups can store SSH certificates.

doc/api/integrations.md

@@ -704,13 +704,13 @@ GET /projects/:id/integrations/external-wiki
 
 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed
+**Offering:** Self-managed, GitLab Dedicated
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/435706) in GitLab 16.9 [with a flag](../administration/feature_flags.md) named `git_guardian_integration`. Enabled by default. Disabled on GitLab.com.
 
 FLAG:
 On self-managed GitLab, by default this feature is available. To hide the feature, ask an administrator to [disable the feature flag](../administration/feature_flags.md) named `git_guardian_integration`.
-On GitLab.com and GitLab Dedicated, this feature is not available.
+On GitLab.com, this feature is not available. On GitLab Dedicated, this feature is available.
 
 [GitGuardian](https://www.gitguardian.com/) is a cybersecurity service that detects sensitive data such as API keys
 and passwords in source code repositories.

doc/api/markdown.md

@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** GitLab.com, Self-managed
+**Offering:** GitLab.com, Self-managed, GitLab Dedicated
 
 Convert Markdown content to HTML.
 
@@ -22,7 +22,7 @@ FLAG:
 On self-managed GitLab, by default this feature is enabled and authentication is required.
 To remove the requirement to authenticate, an administrator can
 [disable the feature flag](../administration/feature_flags.md) named `authenticate_markdown_api`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com, this feature is available. On GitLab Dedicated, this feature is available.
 
 All API calls to the Markdown API must be [authenticated](rest/index.md#authentication).
 

doc/api/project_import_export.md

@@ -224,7 +224,7 @@ DETAILS:
 
 FLAG:
 On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../administration/feature_flags.md) named `import_project_from_remote_file`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab Dedicated, this feature is available.
 
 ```plaintext
 POST /projects/remote-import

doc/development/database/partitioning/list.md

@@ -335,19 +335,14 @@ class EnsureIdUniquenessForPCiBuilds < Gitlab::Database::Migration[2.1]
   enable_lock_retries!
 
   TABLE_NAME = :p_ci_builds
-  FUNCTION_NAME = :assign_p_ci_builds_id_value
+  SEQ_NAME = :ci_builds_id_seq
 
   def up
-    ensure_unique_id(TABLE_NAME)
+    ensure_unique_id(TABLE_NAME, seq: SEQ_NAME)
   end
 
   def down
-    execute(<<~SQL.squish)
-      ALTER TABLE #{TABLE_NAME}
-        ALTER COLUMN id SET DEFAULT nextval('ci_builds_id_seq'::regclass);
-
-      DROP FUNCTION IF EXISTS #{FUNCTION_NAME} CASCADE;
-    SQL
+    revert_ensure_unique_id(TABLE_NAME, seq: SEQ_NAME)
   end
 end
 ```

doc/integration/oauth_provider.md

@@ -152,7 +152,7 @@ application are also deleted.
 
 FLAG:
 On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../administration/feature_flags.md) named `hash_oauth_secrets`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab Dedicated, this feature is available.
 
 By default, GitLab stores OAuth application secrets in the database in hashed format. These secrets are only available to users immediately after creating OAuth applications. In
 earlier versions of GitLab, application secrets are stored as plain text in the database.

doc/security/identity_verification.md

@@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** GitLab.com, Self-managed, GitLab Dedicated
+**Offering:** Self-managed
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/95722) in GitLab 15.4 [with a flag](../administration/feature_flags.md) named `identity_verification`. Disabled by default.
 

doc/update/deprecations.md

@@ -1580,7 +1580,7 @@ While the above approach is recommended for most instances, Sidekiq can also be
 The support for registration tokens and certain runner configuration arguments in the `POST` method operation on the `/api/v4/runners` endpoint is deprecated.
 This endpoint [registers](https://docs.gitlab.com/ee/api/runners.html#register-a-new-runner) a runner
 with a GitLab instance at the instance, group, or project level through the API. Registration tokens, and support for certain configuration arguments,
-will start returning the HTTP `410 Gone` status code in GitLab 17.0. For more information, see [Migrating to the new runner registration workflow](../ci/runners/new_creation_workflow.md).
+will start returning the HTTP `410 Gone` status code in GitLab 17.0. For more information, see [Migrating to the new runner registration workflow](https://docs.gitlab.com/ee/ci/runners/runners_scope.html).
 
 The configuration arguments disabled for authentication tokens are:
 
@@ -1592,7 +1592,7 @@ The configuration arguments disabled for authentication tokens are:
 - `--tag-list`
 - `--maintenance-note`
 
-This change is a breaking change. You should [create a runner in the UI](../ci/runners/runners_scope.html) to add configurations, and use the authentication token in the `gitlab-runner register` command instead.
+This change is a breaking change. You should [create a runner in the UI](https://docs.gitlab.com/ee/ci/runners/runners_scope.html) to add configurations, and use the authentication token in the `gitlab-runner register` command instead.
 
 </div>
 

doc/user/analytics/value_streams_dashboard.md

@@ -73,7 +73,7 @@ The contributor count metric is available only on GitLab.com at the group-level.
 > - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/439737) in GitLab 16.9.
 
 FLAG:
-On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../administration/feature_flags.md) named `dora_performers_score_panel`.
+On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../administration/feature_flags.md) named `dora_performers_score_panel`. On GitLab Dedicated, this feature is available.
 
 The [DORA metrics](dora_metrics.md) Performers score panel is a bar chart that visualizes the status of the organization's DevOps performance levels across different projects.
 

doc/user/application_security/policies/scan-execution-policies.md

@@ -106,7 +106,7 @@ the following sections and tables provide an alternative.
 
 FLAG:
 On self-managed GitLab, by default the `branch_exceptions` field is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `security_policies_branch_exceptions`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab Dedicated, this feature is available.
 
 This rule enforces the defined actions whenever the pipeline runs for a selected branch.
 
@@ -129,7 +129,7 @@ In GitLab 16.1 and earlier, you should **not** use [direct transfer](../../../ad
 
 FLAG:
 On self-managed GitLab, by default the `branch_exceptions` field is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `security_policies_branch_exceptions`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab Dedicated, this feature is available.
 
 This rule schedules a scan pipeline, enforcing the defined actions on the schedule defined in the `cadence` field. A scheduled pipeline does not run other jobs defined in the project's `.gitlab-ci.yml` file. When a project is linked to a security policy project, a security policy bot is created in the project and will become the author of any scheduled pipelines.
 

doc/user/application_security/policies/scan-result-policies.md

@@ -202,7 +202,7 @@ the defined policy.
 > - Feature flag `scan_result_policies_block_force_push` [was removed](https://gitlab.com/gitlab-org/gitlab/-/issues/432123) in GitLab 16.8.
 
 FLAG:
-On self-managed GitLab, by default the `block_branch_modification` field is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `scan_result_policies_block_unprotecting_branches`. On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On self-managed GitLab, by default the `block_branch_modification` field is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `scan_result_policies_block_unprotecting_branches`. On GitLab.com and GitLab Dedicated, this feature is available.
 
 The settings set in the policy overwrite settings in the project.
 

doc/user/clusters/agent/install/index.md

@@ -75,7 +75,7 @@ You can leave the file blank for now, and [configure it](#configure-your-agent)
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/347240) in GitLab 14.9, the agent can be registered without creating an agent configuration file.
 
 FLAG:
-In GitLab 14.10, a [flag](../../../../administration/feature_flags.md) named `certificate_based_clusters` changed the **Actions** menu to focus on the agent rather than certificates. The flag is [enabled on GitLab.com and self-managed](https://gitlab.com/groups/gitlab-org/configure/-/epics/8).
+In GitLab 14.10, a [flag](../../../../administration/feature_flags.md) named `certificate_based_clusters` changed the **Actions** menu to focus on the agent rather than certificates. The flag is [enabled on GitLab.com, GitLab Dedicated, and self-managed](https://gitlab.com/groups/gitlab-org/configure/-/epics/8).
 
 Prerequisites:
 

doc/user/compliance/compliance_center/index.md

@@ -473,7 +473,7 @@ To delete a compliance framework from the compliance projects report:
 
 FLAG:
 On self-managed GitLab, by default this feature is available. To hide the feature an administrator to [disable the feature flag](../../../administration/feature_flags.md) named
-`compliance_framework_report_ui`. On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+`compliance_framework_report_ui`. On GitLab.com and GitLab Dedicated, this feature is available.
 
 With compliance frameworks report, you can see all the compliance frameworks in a group. Each row of the report shows:
 

doc/user/group/epics/manage_epics.md

@@ -67,6 +67,7 @@ The parent epic's start date then reflects this change and propagates upwards to
 FLAG:
 On self-managed GitLab, by default this feature is not available. To make it available per group, an administrator can [enable the feature flag](../../../administration/feature_flags.md) named `epic_color_highlight`.
 On GitLab.com, this feature is available but can be configured by GitLab.com administrators only.
+On GitLab Dedicated, this feature is not available.
 The feature is not ready for production use.
 
 When you create or edit an epic, you can select its color.

doc/user/group/issues_analytics/index.md

@@ -46,13 +46,13 @@ shows a total of 15 months for the chart in the GitLab.org group.
 
 DETAILS:
 **Tier:** Ultimate
-**Offering:** GitLab.com, Self-managed
+**Offering:** GitLab.com, Self-managed, GitLab Dedicated
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/233905/) in GitLab 16.3 [with a flag](../../../administration/feature_flags.md) named `issues_completed_analytics_feature_flag`. Disabled by default.
 > - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/437542) in GitLab 16.8.
 
 FLAG:
-On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `issues_completed_analytics_feature_flag`. On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `issues_completed_analytics_feature_flag`. On GitLab.com and GitLab Dedicated, this feature is available.
 
 Enhanced issue analytics display the additional metric "Issues closed", which represents the total number of resolved issues in your group over a selected period.
 You can use this metric to improve the overall turn-around time and value delivered to your customers.

doc/user/group/value_stream_analytics/index.md

@@ -207,7 +207,7 @@ Keep in mind the following observations related to this example:
 FLAG:
 On self-managed GitLab, by default this feature is available.
 To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `enable_vsa_cumulative_label_duration_calculation`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab Dedicated, this feature is available.
 
 With this feature, value stream analytics measures the duration of repetitive events for label-based stages. You should configure label removal or addition events for both start and end events.
 

doc/user/infrastructure/clusters/connect/new_eks_cluster.md

@@ -51,7 +51,7 @@ This project provides you with:
 ## Register the agent
 
 FLAG:
-In GitLab 14.10, a [flag](../../../../administration/feature_flags.md) named `certificate_based_clusters` changed the **Actions** menu to focus on the agent rather than certificates. The flag is [enabled on GitLab.com and self-managed](https://gitlab.com/groups/gitlab-org/configure/-/epics/8).
+In GitLab 14.10, a [flag](../../../../administration/feature_flags.md) named `certificate_based_clusters` changed the **Actions** menu to focus on the agent rather than certificates. The flag is [enabled on GitLab.com, GitLab Dedicated, and self-managed](https://gitlab.com/groups/gitlab-org/configure/-/epics/8).
 
 To create a GitLab agent for Kubernetes:
 

doc/user/infrastructure/clusters/connect/new_gke_cluster.md

@@ -58,7 +58,7 @@ This project provides you with:
 ## Register the agent
 
 FLAG:
-In GitLab 14.10, a [flag](../../../../administration/feature_flags.md) named `certificate_based_clusters` changed the **Actions** menu to focus on the agent rather than certificates. The flag is [enabled on GitLab.com and self-managed](https://gitlab.com/groups/gitlab-org/configure/-/epics/8).
+In GitLab 14.10, a [flag](../../../../administration/feature_flags.md) named `certificate_based_clusters` changed the **Actions** menu to focus on the agent rather than certificates. The flag is [enabled on GitLab.com, GitLab Dedicated, and self-managed](https://gitlab.com/groups/gitlab-org/configure/-/epics/8).
 
 To create a GitLab agent for Kubernetes:
 

doc/user/okrs.md

@@ -532,7 +532,7 @@ or assignees, on the right.
 
 FLAG:
 On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../administration/feature_flags.md) named `linked_work_items`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab dedicated, this feature is available.
 
 Linked items are a bi-directional relationship and appear in a block below
 the Child objectives and key results. You can link an objective, key result, or a task in the same project with each other.

doc/user/packages/composer_repository/index.md

@@ -345,7 +345,7 @@ You can install from source by pulling the Git repository directly. To do so, ei
 FLAG:
 On self-managed GitLab, by default this feature is available. To hide the feature per project, an administrator can
 [disable the feature flag](../../../administration/feature_flags.md) named `composer_use_ssh_source_urls`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab Dedicated, this feature is available.
 
 When you install from source, the `composer` configures an
 access to the project's Git repository.

doc/user/packages/maven_repository/index.md

@@ -624,7 +624,7 @@ Your changes are automatically saved.
 
 FLAG:
 By default this feature is not available for self-managed. To make it available, an administrator can [enable the feature flag](../../../administration/feature_flags.md) named `maven_central_request_forwarding`.
-This feature is not available for SaaS users.
+This feature is not available for GitLab.com or GitLab Dedicated users.
 
 When a Maven package is not found in the package registry, the request is forwarded
 to [Maven Central](https://search.maven.org/).

doc/user/profile/account/two_factor_authentication.md

@@ -102,7 +102,7 @@ in a safe place.
 
 FLAG:
 On self-managed GitLab, by default this feature is not available. To make it available per user, an administrator can
-[enable the feature flag](../../../administration/feature_flags.md) named `forti_authenticator`. On GitLab.com, this
+[enable the feature flag](../../../administration/feature_flags.md) named `forti_authenticator`. On GitLab.com and GitLab Dedicated, this
 feature is not available.
 
 You can use FortiAuthenticator as a one-time password (OTP) provider in GitLab. Users must:
@@ -239,7 +239,7 @@ DETAILS:
 
 FLAG:
 On self-managed GitLab, by default this feature is not available. To make it available per user, an administrator can
-[enable the feature flag](../../../administration/feature_flags.md) named `forti_token_cloud`. On GitLab.com, this
+[enable the feature flag](../../../administration/feature_flags.md) named `forti_token_cloud`. On GitLab.com and GitLab Dedicated, this
 feature is not available. The feature is not ready for production use.
 
 You can use FortiToken Cloud as a one-time password (OTP) provider in GitLab. Users must:

doc/user/project/integrations/webhook_events.md

@@ -1910,7 +1910,7 @@ Payload example:
 
 FLAG:
 On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can
-[disable the feature flag](../../../administration/feature_flags.md) named `emoji_webhooks`. On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+[disable the feature flag](../../../administration/feature_flags.md) named `emoji_webhooks`. On GitLab.com, this feature is available. On GitLab Dedicated, this feature is available.
 
 NOTE:
 To have the `emoji_webhooks` flag enabled on GitLab.com, see [issue 417288](https://gitlab.com/gitlab-org/gitlab/-/issues/417288).

doc/user/project/integrations/webhooks.md

@@ -113,7 +113,7 @@ You can define URL variables directly using the REST API.
 FLAG:
 On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can
 [disable the feature flag](../../../administration/feature_flags.md) named `custom_webhook_template`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab Dedicated, this feature is available.
 
 You can set a custom payload template in the webhook configuration. The request body is rendered from the template
 with the data for the current event. The template must render as valid JSON.

doc/user/project/issues/managing_issues.md

@@ -493,7 +493,7 @@ To filter the list of issues:
 FLAG:
 On self-managed GitLab, by default this feature is available.
 To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `or_issuable_queries`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab Dedicated, this feature is available.
 
 When this feature is enabled, you can use the OR operator (**is one of: `||`**)
 when you [filter the list of issues](#filter-the-list-of-issues) by:

doc/user/project/labels.md

@@ -473,8 +473,8 @@ DETAILS:
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/408676) in GitLab 16.3 [with a flag](../../administration/feature_flags.md) named `enforce_locked_labels_on_merge`. This feature is [Beta](../../policy/experiment-beta-support.md).
 
 FLAG:
-On self-managed GitLab, this feature is not available.
-On GitLab.com, this feature is only available for use by GitLab Inc. To make it available per group or per project, an administrator can [enable the feature flag](../../administration/feature_flags.md) named `enforce_locked_labels_on_merge`.
+On self-managed GitLab and GitLab Dedicated, this feature is not available.
+On GitLab.com, this feature is available but can be configured by GitLab.com administrators only. To make it available per group or per project, an administrator can [enable the feature flag](../../administration/feature_flags.md) named `enforce_locked_labels_on_merge`.
 
 To comply with certain auditing requirements, you can set a label to be locked.
 When a merge request with locked labels gets merged, nobody can remove them from the MR.

doc/user/project/merge_requests/approvals/settings.md

@@ -123,7 +123,7 @@ When this field is changed, it can affect all open merge requests depending on t
 
 FLAG:
 On self-managed GitLab, by default requiring re-authentication by using SAML authentication is available. To hide the feature, an administrator can
-[disable the feature flag](../../../../administration/feature_flags.md) named `ff_require_saml_auth_to_approve`. On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+[disable the feature flag](../../../../administration/feature_flags.md) named `ff_require_saml_auth_to_approve`. On GitLab.com and GitLab Dedicated, this feature is available.
 
 You can force potential approvers to first authenticate with either:
 

doc/user/project/merge_requests/changes.md

@@ -68,13 +68,13 @@ Files with many changes are collapsed to improve performance. GitLab displays th
 
 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed
+**Offering:** GitLab.com, Self-managed, GitLab Dedicated
 
 FLAG:
 On self-managed GitLab, by default this feature is available. To disable it,
 an administrator can [disable the feature flag](../../../administration/feature_flags.md)
 named `collapse_generated_diff_files`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab Dedicated, this feature is available.
 
 To help reviewers focus on the files needed to perform a code review, GitLab collapses
 several common types of generated files. These files are collapsed by default, because

doc/user/project/protected_branches.md

@@ -124,7 +124,7 @@ The protected branch displays in the list of protected branches.
 
 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** GitLab.com, Self-managed
+**Offering:** Self-managed
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106532) in GitLab 15.9 [with a flag](../../administration/feature_flags.md) named `group_protected_branches`. Disabled by default.
 

doc/user/project/remote_development/connect_machine.md

@@ -15,7 +15,7 @@ DETAILS:
 > - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/115741) in GitLab 15.11.
 
 FLAG:
-On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `vscode_web_ide`. On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available. The feature is not ready for production use.
+On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `vscode_web_ide`. On GitLab.com and GitLab Dedicated, this feature is available. The feature is not ready for production use.
 
 This tutorial shows you how to:
 

doc/user/project/remote_development/index.md

@@ -8,14 +8,14 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** GitLab.com, Self-managed
+**Offering:** GitLab.com, Self-managed, GitLab Dedicated
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/95169) in GitLab 15.4 [with a flag](../../../administration/feature_flags.md) named `vscode_web_ide`. Disabled by default.
 > - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/371084) in GitLab 15.7.
 > - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/115741) in GitLab 15.11.
 
 FLAG:
-On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `vscode_web_ide`. On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available. The feature is not ready for production use.
+On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `vscode_web_ide`. On GitLab.com and GitLab Dedicated, this feature is available. The feature is not ready for production use.
 
 You can use remote development to write and compile code hosted on GitLab.
 With remote development, you can:

doc/user/project/repository/branches/index.md

@@ -137,11 +137,11 @@ On this page, you can:
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/88279) in GitLab 15.1 with a flag named `branch_rules`. Disabled by default.
 > - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/363170) in GitLab 15.10.
-> - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/363170) in GitLab 15.11
+> - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/363170) in GitLab 15.11.
 
 FLAG:
 On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../../feature_flags.md) named `branch_rules`.
-On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On GitLab.com and GitLab Dedicated, this feature is available.
 
 Branches in your repository can be [protected](../../protected_branches.md) in multiple ways. You can:
 

doc/user/project/web_ide/index.md

@@ -8,14 +8,14 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** GitLab.com, Self-managed
+**Offering:** GitLab.com, Self-managed, GitLab Dedicated
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/95169) in GitLab 15.7 [with a flag](../../../administration/feature_flags.md) named `vscode_web_ide`. Disabled by default.
 > - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/371084) in GitLab 15.7.
 > - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/115741) in GitLab 15.11.
 
 FLAG:
-On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `vscode_web_ide`. On GitLab.com, this feature is available. On GitLab Dedicated, this feature is not available.
+On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `vscode_web_ide`. On GitLab.co and GitLab Dedicated, this feature is available.
 
 The Web IDE is an advanced editor with commit staging.
 You can use the Web IDE to make changes to multiple files directly from the GitLab UI.

doc/user/search/exact_code_search.md

@@ -42,7 +42,7 @@ searches.
 FLAG:
 On self-managed GitLab, by default this feature is available.
 To hide the feature, an administrator can [disable the feature flag](../../administration/feature_flags.md) named `zoekt_search_api`.
-On GitLab.com and GitLab Dedicated, this feature is not available. The feature is not ready for production use.
+On GitLab.com, this feature is not available. The feature is not ready for production use.
 
 By default, the Zoekt search API is disabled on GitLab.com to avoid breaking changes.
 

doc/user/workspace/index.md

@@ -20,7 +20,6 @@ These environments ensure that different projects don't interfere with each othe
 
 Each workspace includes its own set of dependencies, libraries, and tools,
 which you can customize to meet the specific needs of each project.
-Workspaces use the AMD64 architecture.
 
 ## Workspaces and projects
 
@@ -144,13 +143,13 @@ components:
     attributes:
       gl/inject-editor: true
     container:
-      image: "{{registry-root}}/gitlab-org/remote-development/gitlab-remote-development-docs/debian-bullseye-ruby-3.2-node-18.12:rubygems-3.4-git-2.33-lfs-2.9-yarn-1.22-graphicsmagick-1.3.36-gitlab-workspaces"
+      image: "{{registry-root}}/gitlab-org/remote-development/gitlab-remote-development-docs/ubuntu:22.04"
       env:
         - name: KEY
           value: VALUE
       endpoints:
-      - name: http-3000
-        targetPort: 3000
+        - name: http-3000
+          targetPort: 3000
 ```
 
 For more information, see the [devfile documentation](https://devfile.io/docs/2.2.0/devfile-schema).
@@ -159,13 +158,22 @@ For other examples, see the [`examples` projects](https://gitlab.com/gitlab-org/
 This container image is for demonstration purposes only.
 To use your own container image, see [Arbitrary user IDs](#arbitrary-user-ids).
 
-## Web IDE
+## GitLab VS Code fork
 
-Workspaces are bundled with the Web IDE by default.
-The Web IDE is the only code editor available for workspaces.
+By default, workspaces inject and start the [GitLab VS Code fork](https://gitlab.com/gitlab-org/gitlab-web-ide-vscode-fork)
+in the container with the `gl/inject-editor` attribute in the devfile.
 
-The Web IDE is powered by the [GitLab VS Code fork](https://gitlab.com/gitlab-org/gitlab-web-ide-vscode-fork).
-For more information, see [Web IDE](../project/web_ide/index.md).
+The workspace container where the GitLab VS Code fork is injected must meet
+the following system requirements:
+
+- System architecture: AMD64
+- System libraries:
+  - `glibc` 2.28 and later
+  - `glibcxx` 3.4.25 and later
+
+These requirements have been tested on Debian 10.13 and Ubuntu 20.04.
+
+For more information, see the [VS Code documentation](https://code.visualstudio.com/docs/remote/linux).
 
 ## Personal access token
 

lib/gitlab/database/partitioning_migration_helpers/uniqueness_helpers.rb

@@ -7,26 +7,14 @@ module Gitlab
         include Gitlab::Database::MigrationHelpers
         include Gitlab::Database::SchemaHelpers
 
-        COL_NAME = :id
-        SequenceError = Class.new(StandardError)
-
-        def ensure_unique_id(table_name)
+        def ensure_unique_id(table_name, seq:)
           function_name = "assign_#{table_name}_id_value"
           trigger_name = "assign_#{table_name}_id_trigger"
-          sequences = existing_sequence(table_name, COL_NAME)
-
-          if sequences.many? || sequences.none?
-            raise(SequenceError, <<~MESSAGE)
-              Expected to find only one sequence for #{table_name}(#{COL_NAME}) but found #{sequences.size}.
-              Please ensure that there is only one sequence before proceeding.
-              Found sequences: #{sequences.map(&:seq_name)}
-            MESSAGE
-          end
+          sequence_name = Gitlab::Database::PostgresSequence.find_by!(seq_name: seq).seq_name
 
           return if trigger_exists?(table_name, trigger_name)
 
-          sequence_name = sequences.first.seq_name
-          change_column_default(table_name, COL_NAME, nil)
+          change_column_default(table_name, :id, nil)
 
           create_trigger_function(function_name) do
             <<~SQL
@@ -41,13 +29,16 @@ module Gitlab
           create_trigger(table_name, trigger_name, function_name, fires: 'BEFORE INSERT')
         end
 
-        private
+        def revert_ensure_unique_id(table_name, seq:)
+          function_name = "assign_#{table_name}_id_value"
+          sequence_name = Gitlab::Database::PostgresSequence.find_by!(seq_name: seq).seq_name
 
-        def existing_sequence(table_name, col_name)
-          Gitlab::Database::PostgresSequence
-            .by_table_name(table_name)
-            .by_col_name(col_name)
-            .to_a
+          execute(<<~SQL.squish)
+            ALTER TABLE #{table_name}
+              ALTER COLUMN id SET DEFAULT nextval(\'#{sequence_name}\'::regclass);
+
+            DROP FUNCTION IF EXISTS #{function_name} CASCADE;
+          SQL
         end
       end
     end

lib/gitlab/database/schema_helpers.rb

@@ -17,7 +17,7 @@ module Gitlab
       end
 
       def function_exists?(name)
-        connection.select_value("SELECT 1 FROM pg_proc WHERE proname = '#{name}'")
+        !!connection.select_value("SELECT 1 FROM pg_proc WHERE proname = '#{name}'")
       end
 
       def create_trigger(table_name, name, function_name, fires:)

spec/lib/gitlab/database/partitioning_migration_helpers/uniqueness_helpers_spec.rb

@@ -8,8 +8,10 @@ RSpec.describe Gitlab::Database::PartitioningMigrationHelpers::UniquenessHelpers
   end
 
   let(:connection) { ActiveRecord::Base.connection }
-  let(:table_not_partitioned) { '_test_not_partitioned_table' }
-  let(:table_partitioned) { '_test_partitioned_table' }
+  let(:table_name) { '_test_partitioned_table' }
+  let(:trigger_name) { "assign_#{table_name}_id_trigger" }
+  let(:function_name) { "assign_#{table_name}_id_value" }
+  let(:seq_name) { '_test_partitioned_table_id_seq' }
 
   before do
     connection.execute(<<~SQL)
@@ -26,76 +28,86 @@ RSpec.describe Gitlab::Database::PartitioningMigrationHelpers::UniquenessHelpers
   end
 
   describe '#ensure_unique_id' do
-    subject(:ensure_unique_id) { migration.ensure_unique_id(table_name) }
+    subject(:ensure_unique_id) do
+      migration.ensure_unique_id(table_name, seq: seq_name)
+    end
 
-    context 'when table is partitioned' do
-      let(:table_name) { table_partitioned }
-      let(:trigger_name) { "assign_#{table_name}_id_trigger" }
-      let(:function_name) { "assign_#{table_name}_id_value" }
-
-      context 'when trigger already exists' do
-        before do
-          allow(migration).to receive(:trigger_exists?)
-            .with(table_name, trigger_name)
-            .and_return(true)
-        end
-
-        it 'does not modify existing trigger' do
-          expect(migration).not_to receive(:change_column_default)
-          expect(migration).not_to receive(:create_trigger_function)
-          expect(migration).not_to receive(:create_trigger)
-
-          expect do
-            ensure_unique_id
-          end.not_to raise_error
-        end
+    context 'when trigger already exists' do
+      before do
+        allow(migration).to receive(:trigger_exists?)
+          .with(table_name, trigger_name)
+          .and_return(true)
       end
 
-      context 'when trigger is not defined' do
-        it 'creates trigger', :aggregate_failures do
-          expect(migration).to receive(:change_column_default).with(table_name, :id, nil).and_call_original
-          expect(migration).to receive(:create_trigger_function).with(function_name).and_call_original
-          expect(migration).to receive(:create_trigger)
-            .with(table_name, trigger_name, function_name, fires: 'BEFORE INSERT')
-            .and_call_original
+      it 'does not modify existing trigger' do
+        expect(migration).not_to receive(:change_column_default)
+        expect(migration).not_to receive(:create_trigger_function)
+        expect(migration).not_to receive(:create_trigger)
 
-          expect do
-            ensure_unique_id
-          end.not_to raise_error
+        expect do
+          ensure_unique_id
+        end.not_to raise_error
+      end
+    end
 
-          expect(migration.trigger_exists?(table_name, trigger_name)).to eq(true)
-        end
+    context 'when trigger is not defined' do
+      it 'creates trigger', :aggregate_failures do
+        expect(migration).to receive(:change_column_default).with(table_name, :id, nil).and_call_original
+        expect(migration).to receive(:create_trigger_function).with(function_name).and_call_original
+        expect(migration).to receive(:create_trigger)
+          .with(table_name, trigger_name, function_name, fires: 'BEFORE INSERT')
+          .and_call_original
+
+        expect do
+          ensure_unique_id
+        end.not_to raise_error
+
+        expect(migration.trigger_exists?(table_name, trigger_name)).to eq(true)
+      end
+    end
+
+    context 'when table does not have a sequence' do
+      before do
+        connection.execute(<<~SQL)
+          DROP SEQUENCE IF EXISTS #{seq_name} CASCADE;
+        SQL
       end
 
-      context 'when table does not have a sequence' do
-        before do
-          allow(migration).to receive(:existing_sequence).with(table_name, :id).and_return([])
-        end
+      it { expect { ensure_unique_id }.to raise_error(ActiveRecord::RecordNotFound) }
+    end
+  end
 
-        it 'raises SequenceError' do
-          expect do
-            ensure_unique_id
-          end.to raise_error(described_class::SequenceError, /Expected to find only one sequence for/)
-        end
-      end
+  describe '#revert_ensure_unique_id' do
+    subject(:revert_ensure_unique_id) do
+      migration.revert_ensure_unique_id(table_name, seq: seq_name)
+    end
 
-      context 'when table has multiple sequences attached to it' do
-        before do
-          connection.execute(<<~SQL)
-            CREATE SEQUENCE second_sequence
-              START 0
-              INCREMENT 1
-              MINVALUE 0
-              OWNED BY _test_partitioned_table.id;
-          SQL
-        end
+    before do
+      migration.ensure_unique_id(table_name, seq: seq_name)
+    end
 
-        it 'raises SequenceError' do
-          expect do
-            ensure_unique_id
-          end.to raise_error(described_class::SequenceError, /Expected to find only one sequence/)
-        end
-      end
+    it 'adds back the default function' do
+      expect { revert_ensure_unique_id }
+        .to change { default_function }
+        .from(nil).to("nextval('#{seq_name}'::regclass)")
+    end
+
+    it 'removes the trigger' do
+      expect { revert_ensure_unique_id }
+        .to change { migration.trigger_exists?(table_name, trigger_name) }
+        .from(true).to(false)
+    end
+
+    it 'removes the function' do
+      expect { revert_ensure_unique_id }
+        .to change { migration.function_exists?(function_name) }
+        .from(true).to(false)
+    end
+
+    def default_function
+      connection.columns(table_name)
+        .find { |col| col.name == "id" }
+        .default_function
     end
   end
 end

spec/services/system_note_service_spec.rb

@@ -171,6 +171,40 @@ RSpec.describe SystemNoteService, feature_category: :shared do
     end
   end
 
+  describe '.merge_when_checks_pass' do
+    it 'calls MergeRequestsService' do
+      sha = double
+
+      expect_next_instance_of(::SystemNotes::MergeRequestsService) do |service|
+        expect(service).to receive(:merge_when_checks_pass).with(sha)
+      end
+
+      described_class.merge_when_checks_pass(noteable, project, author, sha)
+    end
+  end
+
+  describe '.cancel_auto_merge' do
+    it 'calls MergeRequestsService' do
+      expect_next_instance_of(::SystemNotes::MergeRequestsService) do |service|
+        expect(service).to receive(:cancel_auto_merge)
+      end
+
+      described_class.cancel_auto_merge(noteable, project, author)
+    end
+  end
+
+  describe '.abort_auto_merge' do
+    it 'calls MergeRequestsService' do
+      reason = double
+
+      expect_next_instance_of(::SystemNotes::MergeRequestsService) do |service|
+        expect(service).to receive(:abort_auto_merge).with(reason)
+      end
+
+      described_class.abort_auto_merge(noteable, project, author, reason)
+    end
+  end
+
   describe '.merge_when_pipeline_succeeds' do
     it 'calls MergeRequestsService' do
       sha = double

spec/services/system_notes/merge_requests_service_spec.rb

@@ -13,6 +13,44 @@ RSpec.describe ::SystemNotes::MergeRequestsService, feature_category: :code_revi
 
   let(:service) { described_class.new(noteable: noteable, project: project, author: author) }
 
+  describe '.merge_when_checks_pass' do
+    let(:pipeline) { build(:ci_pipeline) }
+
+    subject { service.merge_when_checks_pass(pipeline.sha) }
+
+    it_behaves_like 'a system note' do
+      let(:action) { 'merge' }
+    end
+
+    it "posts the 'merge when merge checks pass' system note" do
+      expect(subject.note).to match(%r{enabled an automatic merge when all merge checks for #{pipeline.sha} pass})
+    end
+  end
+
+  describe '.cancel_auto_merge' do
+    subject { service.cancel_auto_merge }
+
+    it_behaves_like 'a system note' do
+      let(:action) { 'merge' }
+    end
+
+    it "posts the 'canceled auto merge' system note" do
+      expect(subject.note).to eq "canceled the automatic merge"
+    end
+  end
+
+  describe '.abort_auto_merge' do
+    subject { service.abort_auto_merge('merge request was closed') }
+
+    it_behaves_like 'a system note' do
+      let(:action) { 'merge' }
+    end
+
+    it "posts the 'abort auto merge' system note" do
+      expect(subject.note).to eq "aborted the automatic merge because merge request was closed"
+    end
+  end
+
   describe '.merge_when_pipeline_succeeds' do
     let(:pipeline) { build(:ci_pipeline) }
 

spec/services/work_items/create_service_spec.rb

@@ -201,6 +201,15 @@ RSpec.describe WorkItems::CreateService, feature_category: :team_planning do
           end
         end
       end
+
+      it "publishes WorkItems::WorkItemCreatedEvent" do
+        expect { service_result }
+          .to change { WorkItem.count }.by(1)
+            .and publish_event(WorkItems::WorkItemCreatedEvent).with(
+              id: kind_of(Numeric),
+              namespace_id: kind_of(Numeric)
+            )
+      end
     end
   end