Add latest changes from gitlab-org/gitlab@master

2024-02-28 00:10:33 +00:00 · 2024-02-28 00:10:33 +00:00 · 5d3c4834af
parent d57f7e7a39
commit 5d3c4834af
322 changed files with 1229 additions and 540 deletions
--- a/.gitlab/ci/rules.gitlab-ci.yml
+++ b/.gitlab/ci/rules.gitlab-ci.yml
@ -47,9 +47,6 @@
 .if-merge-request-approved: &if-merge-request-approved
  if: '($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") && $CI_MERGE_REQUEST_LABELS =~ /pipeline:mr-approved/'

-.if-merge-request-approved-and-specific-devops-stage: &if-merge-request-approved-and-specific-devops-stage
-  if: '($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") && ($CI_MERGE_REQUEST_LABELS =~ /pipeline:mr-approved/ && $CI_MERGE_REQUEST_LABELS =~ /devops::(create|govern|manage|plan|verify|package|monitor|data stores|fulfillment|systems)/)'
-
 .if-merge-request-and-specific-devops-stage: &if-merge-request-and-specific-devops-stage
  if: '($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") && $CI_MERGE_REQUEST_LABELS =~ /devops::(create|govern|manage|plan|verify|package|monitor|data stores|fulfillment|systems)/'

@ -1473,6 +1470,17 @@
    - <<: *if-foss-schedule
    - <<: *if-merge-request-labels-update-caches

+.qa:rules:code-merge-request:
+  rules:
+    - <<: *if-merge-request
+      changes: *code-patterns
+
+.qa:rules:code-merge-request-allowed-to-fail:
+  rules:
+    - <<: *if-merge-request
+      changes: *code-patterns
+      allow_failure: true
+
 .qa:rules:code-merge-request-manual:
  rules:
    - <<: *if-merge-request
@ -1480,11 +1488,6 @@
      when: manual
      allow_failure: true

-.qa:rules:code-merge-request:
-  rules:
-    - <<: *if-merge-request
-      changes: *code-patterns
-
 .qa:rules:internal:
  rules:
    - if: '$ENABLE_QA_INTERNAL == "true"'
@ -1541,6 +1544,8 @@
    - <<: *if-merge-request-targeting-stable-branch
      changes: *setup-test-env-patterns
    - <<: *if-ruby-branch
+    - <<: *if-merge-request
+      changes: *qa-patterns
    - <<: *if-merge-request
      changes: *dependency-patterns
      variables:
@ -1554,16 +1559,14 @@
      changes: *nodejs-patterns
    - <<: *if-merge-request
      changes: *ci-qa-patterns
-    - <<: *if-merge-request
-      changes: *qa-patterns
    - <<: *if-dot-com-gitlab-org-and-security-merge-request-and-qa-tests-specified
      changes: *code-patterns
    - <<: *if-force-ci
+    - <<: *if-merge-request-and-specific-devops-stage
+      changes: *code-patterns
    # From .qa:rules:package-and-test-schedule
    - <<: *if-dot-com-gitlab-org-schedule
-    # From .qa:rules:code-merge-request-manual
-    - <<: *if-merge-request
-      changes: *code-patterns
+    - !reference [".qa:rules:code-merge-request", rules]

 .qa:rules:package-and-test-never-run:
  rules:
@ -1582,6 +1585,13 @@
      allow_failure: true
    - <<: *if-ruby-branch
      allow_failure: true
+    # Run tests automatically for MRs that touch QA files
+    - <<: *if-merge-request
+      changes: *qa-patterns
+      allow_failure: true
+    # Otherwise, only run tests after the MR is approved
+    - <<: *if-merge-request-not-approved
+      when: never
    - <<: *if-merge-request
      changes: *dependency-patterns
      variables:
@ -1600,16 +1610,13 @@
    - <<: *if-merge-request
      changes: *ci-qa-patterns
      allow_failure: true
-    - <<: *if-merge-request
-      changes: *qa-patterns
-      allow_failure: true
    - <<: *if-dot-com-gitlab-org-and-security-merge-request-and-qa-tests-specified
      changes: *code-patterns
      allow_failure: true
    - <<: *if-force-ci
      when: manual
      allow_failure: true
-    - <<: *if-merge-request-approved-and-specific-devops-stage
+    - <<: *if-merge-request-and-specific-devops-stage
      changes: *code-patterns
      allow_failure: true
      # We used to have a rule at the end here that would catch any remaining code MRs and allow the job to be run
@ -1744,7 +1751,7 @@

 # These are based on `.qa:rules:trigger-omnibus` except:
 # 1. Automatic jobs changed to `when: never.`
-# 2. For specific devops stage, do not run for code-patterns
+# 2. Do not run for specific devops stage
 # If any changes are made to this rule, `.qa:rules:follow-up-e2e` should also be updated.
 .qa:rules:manual-omnibus-and-follow-up-e2e:
  rules:
@ -1759,9 +1766,7 @@
    - !reference [".qa:rules:package-and-test-never-run", rules]
    - <<: *if-merge-request-and-specific-devops-stage
      when: never
-    - <<: *if-merge-request
-      changes: *code-patterns
-      allow_failure: true
+    - !reference [".qa:rules:code-merge-request-allowed-to-fail", rules]

 # These are based on `qa:rules:package-and-test-ee` but with when:never in all except for code-patterns in merge requests
 .qa:rules:post-run-e2e-message:
@ -1806,10 +1811,7 @@
    # Do not run on unapproved MR
    - <<: *if-merge-request-not-approved
      when: never
-    # From .qa:rules:code-merge-request-manual
-    - <<: *if-merge-request
-      changes: *code-patterns
-      allow_failure: true
+    - !reference [".qa:rules:code-merge-request-allowed-to-fail", rules]

 .qa:rules:fulfillment-e2e-quarantine-report:
  rules:
--- a/app/assets/javascripts/groups/settings/api/access_dropdown_api.js
+++ b/app/assets/javascripts/groups/settings/api/access_dropdown_api.js
@ -7,15 +7,16 @@ const buildUrl = (urlRoot, url) => {
  return joinPaths(urlRoot, url);
 };

-const defaultOptions = { includeParentDescendants: false };
+const defaultOptions = { includeParentDescendants: false, includeParentSharedGroups: false };

 export const getSubGroups = (options = defaultOptions) => {
-  const { includeParentDescendants } = options;
+  const { includeParentDescendants, includeParentSharedGroups } = options;

  return axios.get(buildUrl(gon.relative_url_root || '', GROUP_SUBGROUPS_PATH), {
    params: {
      group_id: gon.current_group_id,
      include_parent_descendants: includeParentDescendants,
+      include_parent_shared_groups: includeParentSharedGroups,
    },
  });
 };
--- a/app/assets/javascripts/groups/settings/components/access_dropdown.vue
+++ b/app/assets/javascripts/groups/settings/components/access_dropdown.vue
@ -96,7 +96,7 @@ export default {
        Promise.all([
          this.groups.length
            ? Promise.resolve({ data: this.groups })
-            : getSubGroups({ includeParentDescendants: true }),
+            : getSubGroups({ includeParentDescendants: true, includeParentSharedGroups: true }),
        ])
          .then(([groupsResponse]) => {
            this.consolidateData(groupsResponse.data);
--- a/app/assets/javascripts/groups_projects/components/more_actions_dropdown.vue
+++ b/app/assets/javascripts/groups_projects/components/more_actions_dropdown.vue
@ -29,6 +29,8 @@ export default {
    'withdrawPath',
    'withdrawConfirmMessage',
    'requestAccessPath',
+    'canEdit',
+    'editPath',
  ],
  computed: {
    namespaceType() {
@ -37,6 +39,9 @@ export default {
    hasPath() {
      return this.leavePath || this.withdrawPath || this.requestAccessPath;
    },
+    settingsTitle() {
+      return this.isGroup ? this.$options.i18n.groupSettings : this.$options.i18n.projectSettings;
+    },
    leaveTitle() {
      return this.isGroup
        ? this.$options.i18n.groupLeaveTitle
@ -99,6 +104,15 @@ export default {
        },
      };
    },
+    settingsItem() {
+      return {
+        text: this.settingsTitle,
+        href: this.editPath,
+        extraAttrs: {
+          'data-testid': `settings-${this.namespaceType}-link`,
+        },
+      };
+    },
  },
  i18n: {
    actionsLabel: __('Actions'),
@ -110,6 +124,8 @@ export default {
    requestAccessTitle: __('Request Access'),
    groupCopyTitle: s__('GroupPage|Copy group ID: %{id}'),
    projectCopyTitle: s__('ProjectPage|Copy project ID: %{id}'),
+    projectSettings: s__('ProjectPage|Project settings'),
+    groupSettings: s__('GroupPage|Group settings'),
  },
 };
 </script>
@ -153,6 +169,7 @@ export default {
      :item="copyIdItem"
      :data-clipboard-text="groupOrProjectId"
    />
+    <gl-disclosure-dropdown-item v-if="canEdit" :item="settingsItem" />

    <gl-disclosure-dropdown-group v-if="hasPath" bordered>
      <gl-disclosure-dropdown-item v-if="leavePath" ref="leaveItem" :item="leaveItem" />
--- a/app/assets/javascripts/groups_projects/init_more_actions_dropdown.js
+++ b/app/assets/javascripts/groups_projects/init_more_actions_dropdown.js
@ -17,6 +17,8 @@ export default function InitMoreActionsDropdown() {
    withdrawPath,
    withdrawConfirmMessage,
    requestAccessPath,
+    canEdit,
+    editPath,
  } = el.dataset;

  return new Vue({
@ -30,6 +32,8 @@ export default function InitMoreActionsDropdown() {
      withdrawPath,
      withdrawConfirmMessage,
      requestAccessPath,
+      canEdit: parseBoolean(canEdit),
+      editPath,
    },
    render: (createElement) => createElement(MoreActionsDropdown),
  });
--- a/app/assets/javascripts/pages/projects/home_panel/index.js
+++ b/app/assets/javascripts/pages/projects/home_panel/index.js
@ -33,6 +33,8 @@ const initHomePanel = () => {
    requestAccessPath,
    withdrawConfirmMessage,
    withdrawPath,
+    canEdit,
+    editPath,

    // Fork component
    canCreateFork,
@ -75,6 +77,8 @@ const initHomePanel = () => {
      requestAccessPath,
      withdrawConfirmMessage,
      withdrawPath,
+      canEdit,
+      editPath,

      // Fork component
      canCreateFork: parseBoolean(canCreateFork),
--- a/app/assets/javascripts/work_items/components/shared/work_item_sidebar_dropdown_widget_with_edit.vue
+++ b/app/assets/javascripts/work_items/components/shared/work_item_sidebar_dropdown_widget_with_edit.vue
@ -88,6 +88,11 @@ export default {
      required: false,
      default: false,
    },
+    clearSearchOnItemSelect: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
  },
  data() {
    return {
@ -131,6 +136,13 @@ export default {
      } else {
        this.isDirty = true;
        this.$emit('updateSelected', this.localSelectedItem);
+        this.clearSearch();
+      }
+    },
+    clearSearch() {
+      if (this.clearSearchOnItemSelect) {
+        this.setSearchKey('');
+        this.$refs.listbox.$refs.searchBox.clearInput();
      }
    },
    onListboxShown() {
@ -185,6 +197,7 @@ export default {
      </div>
      <gl-collapsible-listbox
        :id="inputId"
+        ref="listbox"
        :multiple="multiSelect"
        block
        searchable
--- a/app/assets/javascripts/work_items/components/work_item_assignees_with_edit.vue
+++ b/app/assets/javascripts/work_items/components/work_item_assignees_with_edit.vue
@ -238,6 +238,7 @@ export default {
    :header-text="headerText"
    :update-in-progress="updateInProgress"
    :reset-button-label="__('Clear')"
+    clear-search-on-item-select
    data-testid="work-item-assignees-with-edit"
    @dropdownShown="onDropdownShown"
    @searchStarted="setSearchKey"
--- a/app/assets/javascripts/work_items/components/work_item_labels_with_edit.vue
+++ b/app/assets/javascripts/work_items/components/work_item_labels_with_edit.vue
@ -230,9 +230,10 @@ export default {
    :item-value="itemValues"
    :update-in-progress="updateInProgress"
    :toggle-dropdown-text="dropdownText"
-    :header-text="__('Select label')"
+    :header-text="__('Select labels')"
    :reset-button-label="__('Clear')"
    :multi-select="true"
+    clear-search-on-item-select
    data-testid="work-item-labels-with-edit"
    @dropdownShown="onDropdownShown"
    @searchStarted="search"
--- a/app/finders/groups_finder.rb
+++ b/app/finders/groups_finder.rb
@ -16,6 +16,9 @@
 #     filter_group_ids: array of integers - only include groups from the specified list of ids
 #     include_parent_descendants: boolean (defaults to false) - includes descendant groups when
 #                                 filtering by parent. The parent param must be present.
+#     include_parent_shared_groups: boolean (defaults to false) - includes shared groups of a parent group
+#                                 when filtering by parent.
+#                                 Both parent and include_parent_descendants params must be present.
 #     include_ancestors: boolean (defaults to true)
 #     organization: Scope the groups to the Organizations::Organization
 #
@ -118,17 +121,27 @@ class GroupsFinder < UnionFinder
    groups.in_organization(organization)
  end

-  # rubocop: disable CodeReuse/ActiveRecord
  def by_parent(groups)
    return groups unless params[:parent]

-    if params.fetch(:include_parent_descendants, false)
-      groups.id_in(params[:parent].descendants)
+    if include_parent_descendants?
+      by_parent_descendants(groups, params[:parent])
    else
-      groups.where(parent: params[:parent])
+      by_parent_children(groups, params[:parent])
    end
  end
-  # rubocop: enable CodeReuse/ActiveRecord
+
+  def by_parent_descendants(groups, parent)
+    if include_parent_shared_groups?
+      groups.descendants_with_shared_with_groups(parent)
+    else
+      groups.id_in(parent.descendants)
+    end
+  end
+
+  def by_parent_children(groups, parent)
+    groups.by_parent(parent)
+  end

  def filter_group_ids(groups)
    return groups unless params[:filter_group_ids]
@ -154,6 +167,14 @@ class GroupsFinder < UnionFinder
    groups.sort_by_attribute(params[:sort])
  end

+  def include_parent_shared_groups?
+    params.fetch(:include_parent_shared_groups, false)
+  end
+
+  def include_parent_descendants?
+    params.fetch(:include_parent_descendants, false)
+  end
+
  def min_access_level?
    current_user && params[:min_access_level].present?
  end
--- a/app/graphql/mutations/concerns/mutations/work_items/update_arguments.rb
+++ b/app/graphql/mutations/concerns/mutations/work_items/update_arguments.rb
@ -52,6 +52,10 @@ module Mutations
                 ::Types::WorkItems::Widgets::NotesInputType,
                 required: false,
                 description: 'Input for notes widget.'
+        argument :time_tracking_widget,
+                 ::Types::WorkItems::Widgets::TimeTracking::TimeTrackingInputType,
+                 required: false,
+                 description: 'Input for time tracking widget.'
      end
    end
  end
--- a/app/graphql/resolvers/analytics/cycle_analytics/issue_count_resolver.rb
+++ b/app/graphql/resolvers/analytics/cycle_analytics/issue_count_resolver.rb
@ -13,7 +13,7 @@ module Resolvers

          {
            value: value,
-            title: n_('New Issue', 'New Issues', value),
+            title: n_('New issue', 'New issues', value),
            identifier: 'issues',
            links: []
          }
--- a/app/graphql/types/work_items/widget_interface.rb
+++ b/app/graphql/types/work_items/widget_interface.rb
@ -24,7 +24,7 @@ module Types
        ::Types::WorkItems::Widgets::AwardEmojiType,
        ::Types::WorkItems::Widgets::LinkedItemsType,
        ::Types::WorkItems::Widgets::ParticipantsType,
-        ::Types::WorkItems::Widgets::TimeTrackingType,
+        ::Types::WorkItems::Widgets::TimeTracking::TimeTrackingType,
        ::Types::WorkItems::Widgets::DesignsType
      ].freeze

@ -64,7 +64,7 @@ module Types
        when ::WorkItems::Widgets::Participants
          ::Types::WorkItems::Widgets::ParticipantsType
        when ::WorkItems::Widgets::TimeTracking
-          ::Types::WorkItems::Widgets::TimeTrackingType
+          ::Types::WorkItems::Widgets::TimeTracking::TimeTrackingType
        when ::WorkItems::Widgets::Designs
          ::Types::WorkItems::Widgets::DesignsType
        else
--- a/app/graphql/types/work_items/widgets/time_tracking/time_tracking_input_type.rb
+++ b/app/graphql/types/work_items/widgets/time_tracking/time_tracking_input_type.rb
@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Types
+  module WorkItems
+    module Widgets
+      module TimeTracking
+        class TimeTrackingInputType < BaseInputObject
+          graphql_name 'WorkItemWidgetTimeTrackingInput'
+
+          argument :time_estimate, GraphQL::Types::String,
+            required: false,
+            description: 'Time estimate for the work item in human readable format. For example: 1h 30m.'
+
+          argument :timelog, Types::WorkItems::Widgets::TimeTracking::TimelogInputType,
+            required: false,
+            description: 'Timelog data for time spent on the work item.'
+        end
+      end
+    end
+  end
+end
--- a/app/graphql/types/work_items/widgets/time_tracking/time_tracking_type.rb
+++ b/app/graphql/types/work_items/widgets/time_tracking/time_tracking_type.rb
@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module Types
+  module WorkItems
+    module Widgets
+      module TimeTracking
+        # rubocop:disable Graphql/AuthorizeTypes -- we already authorize the work item itself
+        class TimeTrackingType < BaseObject
+          graphql_name 'WorkItemWidgetTimeTracking'
+          description 'Represents a time tracking widget'
+
+          implements Types::WorkItems::WidgetInterface
+
+          field :time_estimate, GraphQL::Types::Int,
+            null: true,
+            description: 'Time estimate of the work item.'
+          field :total_time_spent, GraphQL::Types::Int,
+            null: true,
+            description: 'Total time (in seconds) reported as spent on the work item.'
+
+          field :timelogs, Types::WorkItems::Widgets::TimeTracking::TimelogType.connection_type,
+            null: true,
+            description: 'Timelogs on the work item.'
+        end
+        # rubocop:enable Graphql/AuthorizeTypes
+      end
+    end
+  end
+end
--- a/app/graphql/types/work_items/widgets/time_tracking/timelog_input_type.rb
+++ b/app/graphql/types/work_items/widgets/time_tracking/timelog_input_type.rb
@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Types
+  module WorkItems
+    module Widgets
+      module TimeTracking
+        class TimelogInputType < BaseInputObject
+          graphql_name 'WorkItemWidgetTimeTrackingTimelogInput'
+
+          argument :time_spent, GraphQL::Types::String,
+            required: true,
+            description: 'Amount of time spent in human readable format. For example: 1h 30m.'
+
+          argument :spent_at, Types::TimeType,
+            required: false,
+            description: 'Timestamp of when the time tracked was spent at, ' \
+                         'if not provided would be set to current timestamp.'
+
+          argument :summary, GraphQL::Types::String,
+            required: false,
+            description: 'Summary of how the time was spent.'
+        end
+      end
+    end
+  end
+end
--- a/app/graphql/types/work_items/widgets/time_tracking/timelog_type.rb
+++ b/app/graphql/types/work_items/widgets/time_tracking/timelog_type.rb
@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+module Types
+  module WorkItems
+    module Widgets
+      module TimeTracking
+        # rubocop:disable Graphql/AuthorizeTypes -- we already authorize the work item itself
+        class TimelogType < BaseObject
+          graphql_name 'WorkItemTimelog'
+
+          connection_type_class Types::TimeTracking::TimelogConnectionType
+          expose_permissions Types::PermissionTypes::Timelog
+
+          field :id, GraphQL::Types::ID,
+            null: false,
+            description: 'Internal ID of the timelog.'
+
+          field :spent_at, Types::TimeType,
+            null: true,
+            description: 'Timestamp of when the time tracked was spent at.'
+
+          field :time_spent, GraphQL::Types::Int,
+            null: false,
+            description: 'Time spent displayed in seconds.'
+
+          field :user, Types::UserType,
+            null: false,
+            description: 'User that logged the time.'
+
+          field :note, Types::Notes::NoteType,
+            null: true,
+            description: 'Note where the quick action was executed to add the logged time.'
+
+          field :summary, GraphQL::Types::String,
+            null: true,
+            description: 'Summary of how the time was spent.'
+
+          def user
+            Gitlab::Graphql::Loaders::BatchModelLoader.new(User, object.user_id).find
+          end
+
+          def spent_at
+            object.spent_at || object.created_at
+          end
+        end
+        # rubocop:enable Graphql/AuthorizeTypes
+      end
+    end
+  end
+end
--- a/app/graphql/types/work_items/widgets/time_tracking_type.rb
+++ b/app/graphql/types/work_items/widgets/time_tracking_type.rb
@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-module Types
-  module WorkItems
-    module Widgets
-      # rubocop:disable Graphql/AuthorizeTypes -- we already authorize the work item itself
-      class TimeTrackingType < BaseObject
-        graphql_name 'WorkItemWidgetTimeTracking'
-        description 'Represents a time tracking widget'
-
-        implements Types::WorkItems::WidgetInterface
-
-        field :time_estimate, GraphQL::Types::Int,
-          null: false,
-          description: 'Time estimate of the work item.'
-        field :total_time_spent, GraphQL::Types::Int,
-          null: false,
-          description: 'Total time (in seconds) reported as spent on the work item.'
-
-        field :timelogs, Types::TimelogType.connection_type,
-          null: false,
-          description: 'Timelogs on the work item.'
-      end
-      # rubocop:enable Graphql/AuthorizeTypes
-    end
-  end
-end
--- a/app/helpers/groups_helper.rb
+++ b/app/helpers/groups_helper.rb
@ -218,6 +218,14 @@ module GroupsHelper

    return dropdown_data unless current_user

+    if source.is_a?(Group)
+      dropdown_data[:can_edit] = can?(current_user, :admin_group, source).to_s
+      dropdown_data[:edit_path] = edit_group_path(source)
+    else
+      dropdown_data[:can_edit] = can?(current_user, :admin_project, source).to_s
+      dropdown_data[:edit_path] = edit_project_path(source)
+    end
+
    if can?(current_user, :"destroy_#{model_name}_member", source.members.find_by(user_id: current_user.id)) # rubocop: disable CodeReuse/ActiveRecord -- we need to fetch it
      dropdown_data[:leave_path] = polymorphic_path([:leave, source, :members])
      dropdown_data[:leave_confirm_message] = leave_confirmation_message(source)
--- a/app/models/concerns/ci/has_status.rb
+++ b/app/models/concerns/ci/has_status.rb
@ -90,7 +90,6 @@ module Ci
      scope :manual, -> { with_status(:manual) }
      scope :scheduled, -> { with_status(:scheduled) }
      scope :alive, -> { with_status(*ALIVE_STATUSES) }
-      scope :alive_or_scheduled, -> { with_status(*klass::CANCELABLE_STATUSES) }
      scope :created_or_pending, -> { with_status(:created, :pending) }
      scope :running_or_pending, -> { with_status(:running, :pending) }
      scope :finished, -> { with_status(:success, :failed, :canceled) }
--- a/app/models/group.rb
+++ b/app/models/group.rb
@ -239,6 +239,27 @@ class Group < Namespace
      .where(group_group_links: { shared_group_id: group.self_and_ancestors })
  end

+  # Returns all groups that are shared with the given group (see :shared_with_group)
+  # and all descendents of the given group
+  # returns none if the given group is nil
+  scope :descendants_with_shared_with_groups, -> (group) do
+    return none if group.nil?
+
+    descendants_query = group.descendants.select(:id)
+    # since we're only interested in ids, we query GroupGroupLink directly instead of using :shared_with_group
+    # to avoid an extra JOIN in the resulting query
+    shared_groups_query = GroupGroupLink
+      .where(shared_group_id: group.id)
+      .select('shared_with_group_id AS id')
+
+    combined_query = Group
+      .from_union(descendants_query, shared_groups_query, alias_as: :combined)
+      .unscope(where: :type)
+      .select(:id)
+
+    id_in(combined_query)
+  end
+
  # WARNING: This method should never be used on its own
  # please do make sure the number of rows you are filtering is small
  # enough for this query
--- a/app/services/ci/pipeline_creation/cancel_redundant_pipelines_service.rb
+++ b/app/services/ci/pipeline_creation/cancel_redundant_pipelines_service.rb
@ -67,7 +67,7 @@ module Ci
      def parent_and_child_pipelines(ids)
        Ci::Pipeline.object_hierarchy(parent_auto_cancelable_pipelines(ids), project_condition: :same)
          .base_and_descendants
-          .alive_or_scheduled
+          .cancelable
      end

      def auto_cancel_pipelines(pipeline_ids)
--- a/app/services/work_items/callbacks/time_tracking.rb
+++ b/app/services/work_items/callbacks/time_tracking.rb
@ -7,14 +7,50 @@ module WorkItems
        if excluded_in_new_type?
          params.delete(:time_estimate)
          params.delete(:spend_time)
+          params.delete(:timelog)
        end

        return unless has_permission?(:admin_work_item)
-        return if !params.present? || (!params.key?(:time_estimate) && !params.key?(:spend_time))

+        # below 2 parse_*_data methods, parse the data coming in from `time_tracking_widget` argument, in
+        # work item update mutation.
+        parse_timelog_data if params.key?(:timelog) && !params[:spend_time]
+        parse_time_estimate_data if params.key?(:time_estimate) && params[:time_estimate].is_a?(String)
+
+        # we still need to set the data here, in case when we had no data coming in from the `time_tracking_widget`
+        # argument, but data was still set through updating the description and using quick actions.
        work_item.time_estimate = params[:time_estimate] if params[:time_estimate].present?
        work_item.spend_time = params[:spend_time] if params[:spend_time].present?
      end
+
+      private
+
+      def parse_timelog_data
+        time_spent = params.dig(:timelog, :time_spent)
+        parsed_time_spent = if time_spent == ":reset"
+                              :reset
+                            else
+                              Gitlab::TimeTrackingFormatter.parse(time_spent)
+                            end
+
+        raise_error(invalid_time_spent_format('Time spent')) if parsed_time_spent.nil?
+
+        params[:spend_time] = { duration: parsed_time_spent, user_id: current_user.id }.merge(params[:timelog])
+      end
+
+      def parse_time_estimate_data
+        params[:time_estimate] = begin
+          Integer(params[:time_estimate] || '')
+        rescue ArgumentError
+          parsed_time_estimate = Gitlab::TimeTrackingFormatter.parse(params[:time_estimate])
+          raise_error(invalid_time_spent_format('Time estimate')) if parsed_time_estimate.nil?
+          parsed_time_estimate
+        end
+      end
+
+      def invalid_time_spent_format(argument_name)
+        format(_("%{argument_name} must be formatted correctly. For example: 1h 30m."), argument_name: argument_name)
+      end
    end
  end
 end
--- a/app/views/projects/_sidebar.html.haml
+++ b/app/views/projects/_sidebar.html.haml
@ -3,15 +3,7 @@

 %aside.project-page-sidebar
  .project-page-sidebar-block.home-panel-home-desc.gl-py-4.gl-border-b.gl-border-gray-50{ class: 'gl-pt-2!' }
-    .gl-display-flex.gl-justify-content-space-between
-      %h2.gl-font-base.gl-font-weight-bold.gl-reset-line-height.gl-text-gray-900.gl-m-0.gl-mb-1= s_('ProjectPage|Project information')
-      -# Project settings
-      - if can?(current_user, :admin_project, @project)
-        = render Pajamas::ButtonComponent.new(href: edit_project_path(@project),
-          category: :tertiary,
-          icon: 'settings',
-          size: :small,
-          button_options: { class: 'has-tooltip gl-ml-2 gl-sm-mr-3', title: s_('ProjectPage|Project settings'), 'aria-label' => s_('ProjectPage|Project settings'), 'data-testid': 'project-settings-button' })
+    %h2.gl-font-base.gl-font-weight-bold.gl-reset-line-height.gl-text-gray-900.gl-m-0.gl-mb-1= s_('ProjectPage|Project information')
    -# Project description
    - if @project.description.present?
      .home-panel-description.text-break
--- a/db/docs/user_credit_card_validations.yml
+++ b/db/docs/user_credit_card_validations.yml
@ -7,4 +7,4 @@ feature_categories:
 description: Stores whether the user has completed a first time validation to run CI pipelines
 introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60626
 milestone: '13.12'
-gitlab_schema: gitlab_main
+gitlab_schema: gitlab_main_clusterwide
--- a/doc/administration/admin_area.md
+++ b/doc/administration/admin_area.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The Admin Area provides a web UI to manage and configure features of GitLab
 self-managed instances. If you are an administrator, to access the Admin Area:
@ -150,7 +150,7 @@ the identities being used for an account.

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1772) in GitLab 13.8.
 > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/292436) in GitLab 13.9.
@ -478,7 +478,7 @@ The content of each log file is listed in chronological order. To minimize perfo

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The **Audit Events** page lists changes made within the GitLab server. With this information you can control, analyze, and track every change.

--- a/doc/administration/analytics/dev_ops_reports.md
+++ b/doc/administration/analytics/dev_ops_reports.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 DevOps Reports give you an overview of your entire instance's adoption of
 [DevOps](https://about.gitlab.com/topics/devops/)
@ -45,7 +45,7 @@ feature is available.

 DETAILS:
 **Tier:** Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/247112) in GitLab 13.7 as a [Beta feature](../../policy/experiment-beta-support.md#beta).
 > - The Overview tab [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/330401) in GitLab 14.1.
--- a/doc/administration/analytics/index.md
+++ b/doc/administration/analytics/index.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41416) in GitLab 11.2.

--- a/doc/administration/analytics/usage_trends.md
+++ b/doc/administration/analytics/usage_trends.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/235754) in GitLab 13.5 behind a feature flag, disabled by default.
 > - [Became enabled by default](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/46962) in GitLab 13.6.
--- a/doc/administration/appearance.md
+++ b/doc/administration/appearance.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 You can update your settings to change the look and feel of your GitLab self-managed instance.

--- a/doc/administration/application_settings_cache.md
+++ b/doc/administration/application_settings_cache.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 By default, GitLab caches application settings for 60 seconds. Occasionally,
 you may need to increase that interval to have more delay between application
--- a/doc/administration/audit_event_reports.md
+++ b/doc/administration/audit_event_reports.md
@ -73,7 +73,7 @@ Project audit events can also be accessed using the [Project Audit Events API](.

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 You can view audit events from user actions across an entire GitLab instance.
 To view instance audit events:
@ -105,7 +105,7 @@ After upgrading to a paid tier, you can also see successful sign-in events on au

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1449) in GitLab 13.4.
 > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/285441) in GitLab 13.7.
@ -154,7 +154,7 @@ All items are sorted by `created_at` in ascending order.

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/536) in GitLab 13.0.
 > - Impersonation session events included in group audit events in GitLab 14.8.
--- a/doc/administration/audit_event_streaming/graphql_api.md
+++ b/doc/administration/audit_event_streaming/graphql_api.md
@ -570,7 +570,7 @@ Streaming configuration is deleted if:

 DETAILS:
 **Tier:** Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/335175) in GitLab 16.0 [with a flag](../feature_flags.md) named `ff_external_audit_events`. Disabled by default.
 > - [Feature flag `ff_external_audit_events`](https://gitlab.com/gitlab-org/gitlab/-/issues/393772) enabled by default in GitLab 16.2.
--- a/doc/administration/audit_event_streaming/index.md
+++ b/doc/administration/audit_event_streaming/index.md
@ -369,7 +369,7 @@ To delete AWS S3 streaming destinations to a top-level group:

 DETAILS:
 **Tier:** Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/398107) in GitLab 16.1 [with a flag](../feature_flags.md) named `ff_external_audit_events`. Disabled by default.
 > - [Feature flag `ff_external_audit_events`](https://gitlab.com/gitlab-org/gitlab/-/issues/393772) enabled by default in GitLab 16.2.
--- a/doc/administration/auditor_users.md
+++ b/doc/administration/auditor_users.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Users with auditor access have read-only access to all groups, projects, and other resources except:

--- a/doc/administration/auth/atlassian.md
+++ b/doc/administration/auth/atlassian.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 To enable the Atlassian OmniAuth provider for passwordless authentication you must register an application with Atlassian.

--- a/doc/administration/auth/cognito.md
+++ b/doc/administration/auth/cognito.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Amazon Web Services (AWS) Cognito lets you add user sign-up, sign-in, and access control to your GitLab instance.
 The following documentation enables AWS Cognito as an OAuth 2.0 provider.
--- a/doc/administration/auth/crowd.md
+++ b/doc/administration/auth/crowd.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 WARNING:
 This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/369117) in GitLab 15.3 and is planned for
--- a/doc/administration/auth/index.md
+++ b/doc/administration/auth/index.md
@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 GitLab integrates with a number of [OmniAuth providers](../../integration/omniauth.md#supported-providers),
 and the following external authentication and authorization providers:
--- a/doc/administration/auth/jwt.md
+++ b/doc/administration/auth/jwt.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 To enable the JWT OmniAuth provider, you must register your application with JWT.
 JWT provides you with a secret key for you to use.
--- a/doc/administration/auth/ldap/index.md
+++ b/doc/administration/auth/ldap/index.md
@ -480,7 +480,7 @@ you must do so in an `attributes` hash.

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 These LDAP sync configuration settings are optional, excluding `group_base` which
 required when `external_groups` is configured:
@ -496,7 +496,7 @@ required when `external_groups` is configured:

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 If you have users on multiple LDAP servers, you can configure GitLab to use them. To add additional LDAP servers:

--- a/doc/administration/auth/ldap/ldap-troubleshooting.md
+++ b/doc/administration/auth/ldap/ldap-troubleshooting.md
@ -61,7 +61,7 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The following allows you to perform a search in LDAP using the rails console.
 Depending on what you're trying to do, it may make more sense to query [a user](#query-a-user-in-ldap)
@ -260,7 +260,7 @@ ldapsearch -H ldaps://$host:$port -D "$bind_dn" -y bind_dn_password.txt  -b "$ba

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The output from a manual [user sync](ldap_synchronization.md#user-sync) can show you what happens when
 GitLab tries to sync its users against LDAP. Enter the [rails console](#rails-console)
@ -278,7 +278,7 @@ Next, [learn how to read the output](#example-console-output-after-a-user-sync).

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The output from a [manual user sync](#sync-all-users) is very verbose, and a
 single user's successful sync can look like this:
@ -373,7 +373,7 @@ Gitlab::Auth::Ldap::Person.find_by_uid('<uid>', adapter)

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 #### Memberships not granted

--- a/doc/administration/auth/oidc.md
+++ b/doc/administration/auth/oidc.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 You can use GitLab as a client application with [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html)
 as an OmniAuth provider.
@ -940,7 +940,7 @@ based on group membership, configure GitLab to identify:

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Your IdP must pass group information to GitLab in the OIDC response. To use this
 response to assign users as auditors based on group membership, configure GitLab to identify:
--- a/doc/administration/auth/test_oidc_oauth.md
+++ b/doc/administration/auth/test_oidc_oauth.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 To test OIDC/OAuth in GitLab, you must:

--- a/doc/administration/backup_restore/backup_gitlab.md
+++ b/doc/administration/backup_restore/backup_gitlab.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The exact procedure for backing up GitLab depends on many factors. Your particular deployment's usage and configuration determine what kind of data exists, where it is located, and how much there is. These factors influence your options for how to perform a back up, how to store it, and how to restore it.

--- a/doc/administration/backup_restore/backup_large_reference_architectures.md
+++ b/doc/administration/backup_restore/backup_large_reference_architectures.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 This document describes how to:

--- a/doc/administration/backup_restore/index.md
+++ b/doc/administration/backup_restore/index.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Your software or organization depends on the data in your GitLab instance. You need to ensure this data is protected from adverse events such as:

--- a/doc/administration/backup_restore/restore_gitlab.md
+++ b/doc/administration/backup_restore/restore_gitlab.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 GitLab provides a command-line interface to restore your entire installation,
 and is flexible enough to fit your needs.
--- a/doc/administration/broadcast_messages.md
+++ b/doc/administration/broadcast_messages.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - Target roles [introduced](https://gitlab.com/gitlab-org/growth/team-tasks/-/issues/461) in GitLab 14.8 [with a flag](../administration/feature_flags.md) named `role_targeted_broadcast_messages`. Disabled by default.
 > - Theme [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/83251) and background color removed in GitLab 14.10.
--- a/doc/administration/cicd.md
+++ b/doc/administration/cicd.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 GitLab administrators can manage the GitLab CI/CD configuration for their instance.

@ -65,7 +65,7 @@ For Linux package installations:

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The maximum number of jobs that can be defined in `needs` defaults to 50.

--- a/doc/administration/clusters/kas.md
+++ b/doc/administration/clusters/kas.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3834) in GitLab 13.10, the GitLab agent server (KAS) became available on GitLab.com at `wss://kas.gitlab.com`.
 > - [Moved](https://gitlab.com/groups/gitlab-org/-/epics/6290) from GitLab Premium to GitLab Free in 14.5.
--- a/doc/administration/compliance.md
+++ b/doc/administration/compliance.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 GitLab compliance features ensure your GitLab instance meets common compliance standards, and are available at various pricing tiers. For more information about compliance management, see the compliance
 management [solutions page](https://about.gitlab.com/solutions/compliance/).
--- a/doc/administration/configure.md
+++ b/doc/administration/configure.md
@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Customize and configure your self-managed GitLab installation.

--- a/doc/administration/consul.md
+++ b/doc/administration/consul.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 A Consul cluster consists of both
 [server and client agents](https://developer.hashicorp.com/consul/docs/agent).
--- a/doc/administration/credentials_inventory.md
+++ b/doc/administration/credentials_inventory.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20912) in GitLab 12.6.
 > - [Bot-created access tokens not displayed in personal access token list](https://gitlab.com/gitlab-org/gitlab/-/issues/351759) in GitLab 14.9.
--- a/doc/administration/custom_project_templates.md
+++ b/doc/administration/custom_project_templates.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 As an administrator, you can configure a group that contains projects available for
 use as the source of project templates on your instance. You can then
--- a/doc/administration/diff_limits.md
+++ b/doc/administration/diff_limits.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 You can set a maximum size for display of diff files (patches).

--- a/doc/administration/docs_self_host.md
+++ b/doc/administration/docs_self_host.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 If you are not able to access the GitLab product documentation at `docs.gitlab.com`,
 you can host the documentation yourself instead.
--- a/doc/administration/email_from_gitlab.md
+++ b/doc/administration/email_from_gitlab.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Administrators can email all users, or users of a chosen group or project.
 Users receive the email at their primary email address.
--- a/doc/administration/encrypted_configuration.md
+++ b/doc/administration/encrypted_configuration.md
@ -8,7 +8,7 @@ info: "To determine the technical writer assigned to the Stage/Group associated

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45712) in GitLab 13.7.

--- a/doc/administration/environment_variables.md
+++ b/doc/administration/environment_variables.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 GitLab exposes certain environment variables which can be used to override
 their defaults values.
--- a/doc/administration/external_pipeline_validation.md
+++ b/doc/administration/external_pipeline_validation.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 You can use an external service to validate a pipeline before it's created.

--- a/doc/administration/external_users.md
+++ b/doc/administration/external_users.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 In cases where it is desired that a user has access only to some internal or
 private projects, there is the option of creating **External Users**. This
--- a/doc/administration/file_hooks.md
+++ b/doc/administration/file_hooks.md
@ -8,7 +8,7 @@ info: "To determine the technical writer assigned to the Stage/Group associated

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Use custom file hooks (not to be confused with [server hooks](server_hooks.md) or [system hooks](system_hooks.md)),
 to introduce custom integrations without modifying the GitLab source code.
--- a/doc/administration/geo/disaster_recovery/background_verification.md
+++ b/doc/administration/geo/disaster_recovery/background_verification.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Automatic background verification ensures that the transferred data matches a
 calculated checksum. If the checksum of the data on the **primary** site matches checksum of the
--- a/doc/administration/geo/disaster_recovery/bring_primary_back.md
+++ b/doc/administration/geo/disaster_recovery/bring_primary_back.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 After a failover, it is possible to fail back to the demoted **primary** site to
 restore your original configuration. This process consists of two steps:
--- a/doc/administration/geo/disaster_recovery/index.md
+++ b/doc/administration/geo/disaster_recovery/index.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Geo replicates your database, your Git repositories, and few other assets,
 but there are some [limitations](../index.md#limitations).
--- a/doc/administration/geo/disaster_recovery/planned_failover.md
+++ b/doc/administration/geo/disaster_recovery/planned_failover.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The primary use-case of Disaster Recovery is to ensure business continuity in
 the event of unplanned outage, but it can be used in conjunction with a planned
--- a/doc/administration/geo/disaster_recovery/runbooks/planned_failover_multi_node.md
+++ b/doc/administration/geo/disaster_recovery/runbooks/planned_failover_multi_node.md
@ -12,7 +12,7 @@ This runbook is an [Experiment](../../../../policy/experiment-beta-support.md#ex

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 ## Geo planned failover for a multi-node configuration

--- a/doc/administration/geo/disaster_recovery/runbooks/planned_failover_single_node.md
+++ b/doc/administration/geo/disaster_recovery/runbooks/planned_failover_single_node.md
@ -12,7 +12,7 @@ This runbook is an [Experiment](../../../../policy/experiment-beta-support.md#ex

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 ## Geo planned failover for a single-node configuration

--- a/doc/administration/geo/glossary.md
+++ b/doc/administration/geo/glossary.md
@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 NOTE:
 We are updating the Geo documentation, user interface and commands to reflect these changes. Not all pages comply with
--- a/doc/administration/geo/index.md
+++ b/doc/administration/geo/index.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Geo is the solution for widely distributed development teams and for providing
 a warm-standby as part of a disaster recovery strategy.
--- a/doc/administration/geo/replication/configuration.md
+++ b/doc/administration/geo/replication/configuration.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 ## Configuring a new **secondary** site

--- a/doc/administration/geo/replication/container_registry.md
+++ b/doc/administration/geo/replication/container_registry.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 You can set up a container registry on your **secondary** Geo site that mirrors the one on the **primary** Geo site.

--- a/doc/administration/geo/replication/datatypes.md
+++ b/doc/administration/geo/replication/datatypes.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 A Geo data type is a specific class of data that is required by one or more GitLab features to
 store relevant information.
--- a/doc/administration/geo/replication/disable_geo.md
+++ b/doc/administration/geo/replication/disable_geo.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 If you want to revert to a regular Linux package installation setup after a test, or you have encountered a Disaster Recovery
 situation and you want to disable Geo momentarily, you can use these instructions to disable your
--- a/doc/administration/geo/replication/faq.md
+++ b/doc/administration/geo/replication/faq.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 ## What are the minimum requirements to run Geo?

--- a/doc/administration/geo/replication/geo_validation_tests.md
+++ b/doc/administration/geo/replication/geo_validation_tests.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The Geo team performs manual testing and validation on common deployment configurations to ensure
 that Geo works when upgrading between minor GitLab versions and major PostgreSQL database versions.
--- a/doc/administration/geo/replication/location_aware_git_url.md
+++ b/doc/administration/geo/replication/location_aware_git_url.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 NOTE:
 Since GitLab 14.6,
--- a/doc/administration/geo/replication/multiple_servers.md
+++ b/doc/administration/geo/replication/multiple_servers.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 This document describes a minimal reference architecture for running Geo
 in a multi-node configuration. If your multi-node setup differs from the one
--- a/doc/administration/geo/replication/object_storage.md
+++ b/doc/administration/geo/replication/object_storage.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > Verification of files stored in object storage was [introduced](https://gitlab.com/groups/gitlab-org/-/epics/8056) in GitLab 16.4 [with a flag](../../feature_flags.md) named `geo_object_storage_verification`. Enabled by default.

--- a/doc/administration/geo/replication/remove_geo_site.md
+++ b/doc/administration/geo/replication/remove_geo_site.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 **Secondary** sites can be removed from the Geo cluster using the Geo administration page of the **primary** site. To remove a **secondary** site:

--- a/doc/administration/geo/replication/security_review.md
+++ b/doc/administration/geo/replication/security_review.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The following security review of the Geo feature set focuses on security aspects of
 the feature as they apply to customers running their own GitLab instances. The review
--- a/doc/administration/geo/replication/single_sign_on.md
+++ b/doc/administration/geo/replication/single_sign_on.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 This documentation only discusses Geo-specific SSO considerations and configuration. For more information on general authentication, see [GitLab authentication and authorization](../../auth/index.md).

--- a/doc/administration/geo/replication/troubleshooting.md
+++ b/doc/administration/geo/replication/troubleshooting.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Setting up Geo requires careful attention to details, and sometimes it's easy to
 miss a step.
--- a/doc/administration/geo/replication/tuning.md
+++ b/doc/administration/geo/replication/tuning.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 You can limit the number of concurrent operations the sites can run
 in the background.
--- a/doc/administration/geo/replication/upgrading_the_geo_sites.md
+++ b/doc/administration/geo/replication/upgrading_the_geo_sites.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 WARNING:
 Read these sections carefully before updating your Geo sites. Not following
--- a/doc/administration/geo/replication/usage.md
+++ b/doc/administration/geo/replication/usage.md
@ -10,7 +10,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 After you set up the [database replication and configure the Geo nodes](../index.md#setup-instructions), use your closest GitLab site as you would do with the primary one.

--- a/doc/administration/geo/secondary_proxy/index.md
+++ b/doc/administration/geo/secondary_proxy/index.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5914) in GitLab 14.4 [with a flag](../../feature_flags.md) named `geo_secondary_proxy`. Disabled by default.
 > - [Enabled by default for unified URLs](https://gitlab.com/gitlab-org/gitlab/-/issues/325732) in GitLab 14.6.
--- a/doc/administration/geo/secondary_proxy/location_aware_external_url.md
+++ b/doc/administration/geo/secondary_proxy/location_aware_external_url.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 With [Geo proxying for secondary sites](index.md), you can provide GitLab users
 with a single URL that automatically uses the Geo site closest to them.
--- a/doc/administration/geo/secondary_proxy/runners.md
+++ b/doc/administration/geo/secondary_proxy/runners.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed
 **Status:** Experiment

 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/415179) in GitLab 16.7 [with a flag](../../feature_flags.md) named `geo_proxy_check_pipeline_refs`. Enabled by default in 16.9
--- a/doc/administration/geo/setup/database.md
+++ b/doc/administration/geo/setup/database.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 This document describes the minimal required steps to replicate your primary
 GitLab database to a secondary site's database. You may have to change some
--- a/doc/administration/geo/setup/external_database.md
+++ b/doc/administration/geo/setup/external_database.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 This document is relevant if you are using a PostgreSQL instance that is not
 managed by the Linux package. This includes
--- a/doc/administration/geo/setup/index.md
+++ b/doc/administration/geo/setup/index.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 ## Prerequisites

--- a/doc/administration/geo/setup/two_single_node_external_services.md
+++ b/doc/administration/geo/setup/two_single_node_external_services.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The following guide provides concise instructions on how to deploy GitLab Geo for a two single-node site installation using two Linux package instances and external PostgreSQL databases like RDS, Azure Database, or Google Cloud SQL.

--- a/doc/administration/geo/setup/two_single_node_sites.md
+++ b/doc/administration/geo/setup/two_single_node_sites.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 The following guide provides concise instructions on how to deploy GitLab Geo for a two single-node site installation using two Linux package instances with no external services set up.

--- a/doc/administration/geo_sites.md
+++ b/doc/administration/geo_sites.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 You can configure various settings for GitLab Geo sites. For more information, see
 [Geo documentation](../administration/geo/index.md).
--- a/doc/administration/get_started.md
+++ b/doc/administration/get_started.md
@ -9,7 +9,7 @@ info: For assistance with this tutorial, see https://handbook.gitlab.com/handboo

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Get started with GitLab administration. Configure your organization and its authentication, then secure, monitor,
 and back up GitLab.
@ -189,7 +189,7 @@ It is common for a VM snapshot to require you to power down the server.

 DETAILS:
 **Tier:** Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Geo provides local, read-only instances of your GitLab instances.

--- a/doc/administration/git_protocol.md
+++ b/doc/administration/git_protocol.md
@ -9,7 +9,7 @@ description: "Set and configure Git protocol v2"

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 > - [Re-enabled](https://gitlab.com/gitlab-org/gitlab/-/issues/27828) in GitLab 12.8.

--- a/doc/administration/gitaly/configure_gitaly.md
+++ b/doc/administration/gitaly/configure_gitaly.md
@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 Configure Gitaly in one of two ways:

@ -886,7 +886,7 @@ result as you did at the start. For example:

 DETAILS:
 **Tier:** Free, Premium, Ultimate
-**Offering:** Self-managed, GitLab Dedicated
+**Offering:** Self-managed

 [Gitaly](index.md), the service that provides storage for Git
 repositories, can be configured to cache a short rolling window of Git
@ -1130,7 +1130,7 @@ Configure the `cat-file` cache in the [Gitaly configuration file](reference.md).
 FLAG:
 On self-managed GitLab, by default this feature is not available. To make it available,
 an administrator can [enable the feature flag](../feature_flags.md) named `gitaly_gpg_signing`.
-On GitLab.com, this feature is available.
+On GitLab.com, this feature is not available.

 By default, Gitaly doesn't sign commits made using GitLab UI. For example, commits made using:

--- a/Show More
+++ b/Show More