Add latest changes from gitlab-org/gitlab@master

.gitlab-ci.yml

@@ -213,7 +213,6 @@ variables:
   RSPEC_CHANGED_FILES_PATH: rspec/changed_files.txt
   RSPEC_FAIL_FAST_THRESHOLD: 20
   RSPEC_FAST_QUARANTINE_PATH: rspec/fast_quarantine-gitlab.txt
-  RSPEC_FOSS_IMPACT_PIPELINE_TEMPLATE_YML: .gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb
   RSPEC_LAST_RUN_RESULTS_FILE: rspec/rspec_last_run_results.txt
   RSPEC_MATCHING_JS_FILES_PATH: rspec/js_matching_files.txt
   RSPEC_MATCHING_TESTS_EE_PATH: rspec/matching_tests-ee.txt

.gitlab/ci/as-if-foss.gitlab-ci.yml

@@ -95,6 +95,10 @@ start-as-if-foss:
     ENABLE_GRAPHQL_SCHEMA_DUMP: $ENABLE_GRAPHQL_SCHEMA_DUMP
     ENABLE_JEST: $ENABLE_JEST
     ENABLE_JEST_INTEGRATION: $ENABLE_JEST_INTEGRATION
+    ENABLE_RSPEC_PREDICTIVE_PIPELINE_GENERATE: $ENABLE_RSPEC_PREDICTIVE_PIPELINE_GENERATE
+    ENABLE_RSPEC_PREDICTIVE_TRIGGER: $ENABLE_RSPEC_PREDICTIVE_TRIGGER
+    ENABLE_RSPEC_PREDICTIVE_TRIGGER_SINGLE_DB: $ENABLE_RSPEC_PREDICTIVE_TRIGGER_SINGLE_DB
+    ENABLE_RSPEC_PREDICTIVE_TRIGGER_SINGLE_DB_CI_CONNECTION: $ENABLE_RSPEC_PREDICTIVE_TRIGGER_SINGLE_DB_CI_CONNECTION
     ENABLE_RUBOCOP: $ENABLE_RUBOCOP
     ENABLE_QA_INTERNAL: $ENABLE_QA_INTERNAL
     ENABLE_QA_SELECTORS: $ENABLE_QA_SELECTORS

.gitlab/ci/rails.gitlab-ci.yml

@@ -1290,44 +1290,6 @@ rspec-ee fail-fast:
   variables:
     MATCHING_TESTS_PATH: "${RSPEC_MATCHING_TESTS_EE_PATH}"
 
-rspec-foss-impact:pipeline-generate:
-  extends:
-    - .rails:rules:rspec-foss-impact
-  stage: prepare
-  needs: ["detect-tests", "retrieve-tests-metadata"]
-  script:
-    - scripts/generate_rspec_pipeline.rb -f "${RSPEC_MATCHING_TESTS_FOSS_PATH}" -t "${RSPEC_FOSS_IMPACT_PIPELINE_TEMPLATE_YML}" -k "${KNAPSACK_RSPEC_SUITE_REPORT_PATH}"
-    - cat "${RSPEC_FOSS_IMPACT_PIPELINE_TEMPLATE_YML}.yml"
-  artifacts:
-    expire_in: 1 day
-    paths:
-      - "${RSPEC_FOSS_IMPACT_PIPELINE_TEMPLATE_YML}.yml"
-
-rspec-foss-impact:trigger:
-  extends:
-    - .rails:rules:rspec-foss-impact
-  stage: test
-  needs:
-    - job: "setup-test-env"
-      artifacts: false
-    - job: "retrieve-tests-metadata"
-      artifacts: false
-    - job: "compile-test-assets as-if-foss"
-      artifacts: false
-    - job: "rspec-foss-impact:pipeline-generate"
-      artifacts: true
-  variables:
-    PARENT_PIPELINE_ID: $CI_PIPELINE_ID
-    GIT_STRATEGY: $GIT_STRATEGY
-  trigger:
-    strategy: depend
-    forward:
-      yaml_variables: true
-      pipeline_variables: true
-    include:
-      - artifact: "${RSPEC_FOSS_IMPACT_PIPELINE_TEMPLATE_YML}.yml"
-        job: rspec-foss-impact:pipeline-generate
-
 fail-pipeline-early:
   extends:
     - .rails:rules:fail-pipeline-early

.gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb

@@ -1,89 +0,0 @@
-# RSpec FOSS impact pipeline loaded dynamically by script: scripts/generate_rspec_pipeline.rb
-
-include:
-  - local: .gitlab/ci/rails/shared.gitlab-ci.yml
-
-default:
-  image: $DEFAULT_CI_IMAGE
-  tags:
-    - gitlab-org
-  # Default job timeout set to 90m https://gitlab.com/gitlab-com/gl-infra/infrastructure/-/issues/10520
-  timeout: 90m
-  interruptible: true
-
-stages:
-  - test
-
-dont-interrupt-me:
-  extends: .rules:dont-interrupt
-  stage: .pre
-  interruptible: false
-  script:
-    - echo "This jobs makes sure this pipeline won't be interrupted! See https://docs.gitlab.com/ee/ci/yaml/#interruptible."
-
-.base-rspec-foss-impact:
-  extends: .rspec-base-pg14-as-if-foss
-  needs:
-  <% if repo_from_artifacts %>
-    - pipeline: $PARENT_PIPELINE_ID
-      job: clone-gitlab-repo
-  <% end %>
-    - pipeline: $PARENT_PIPELINE_ID
-      job: detect-tests
-    - pipeline: $PARENT_PIPELINE_ID
-      job: setup-test-env
-    - pipeline: $PARENT_PIPELINE_ID
-      job: retrieve-tests-metadata
-    - pipeline: $PARENT_PIPELINE_ID
-      job: compile-test-assets as-if-foss
-  rules:
-    - when: always
-  variables:
-    RSPEC_TESTS_FILTER_FILE: "${RSPEC_MATCHING_TESTS_FOSS_PATH}"
-    RSPEC_TESTS_MAPPING_ENABLED: "true"
-  script:
-    - !reference [.base-script, script]
-    - rspec_parallelized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~level:background_migration --tag ~zoekt --tag ~click_house"
-
-<% if rspec_files_per_test_level[:migration][:files].size > 0 %>
-rspec migration foss-impact:
-  extends: .base-rspec-foss-impact
-<% if rspec_files_per_test_level[:migration][:parallelization] > 1 %>
-  parallel: <%= rspec_files_per_test_level[:migration][:parallelization] %>
-<% end %>
-  script:
-    - !reference [.base-script, script]
-    - rspec_parallelized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~zoekt --tag ~click_house"
-<% end %>
-
-<% if rspec_files_per_test_level[:background_migration][:files].size > 0 %>
-rspec background_migration foss-impact:
-  extends: .base-rspec-foss-impact
-<% if rspec_files_per_test_level[:background_migration][:parallelization] > 1 %>
-  parallel: <%= rspec_files_per_test_level[:background_migration][:parallelization] %>
-<% end %>
-<% end %>
-
-<% if rspec_files_per_test_level[:unit][:files].size > 0 %>
-rspec unit foss-impact:
-  extends: .base-rspec-foss-impact
-<% if rspec_files_per_test_level[:unit][:parallelization] > 1 %>
-  parallel: <%= rspec_files_per_test_level[:unit][:parallelization] %>
-<% end %>
-<% end %>
-
-<% if rspec_files_per_test_level[:integration][:files].size > 0 %>
-rspec integration foss-impact:
-  extends: .base-rspec-foss-impact
-<% if rspec_files_per_test_level[:integration][:parallelization] > 1 %>
-  parallel: <%= rspec_files_per_test_level[:integration][:parallelization] %>
-<% end %>
-<% end %>
-
-<% if rspec_files_per_test_level[:system][:files].size > 0 %>
-rspec system foss-impact:
-  extends: .base-rspec-foss-impact
-<% if rspec_files_per_test_level[:system][:parallelization] > 1 %>
-  parallel: <%= rspec_files_per_test_level[:system][:parallelization] %>
-<% end %>
-<% end %>

.gitlab/ci/rules.gitlab-ci.yml

@@ -2056,6 +2056,7 @@
       changes: *code-backstage-patterns
     - <<: *if-merge-request-labels-pipeline-expedite
       when: never
+    - if: '$ENABLE_RSPEC_PREDICTIVE_PIPELINE_GENERATE == "true"'
     - <<: *if-merge-request
       changes: *db-patterns
     - <<: *if-merge-request
@@ -2085,6 +2086,7 @@
       changes: *code-backstage-patterns
     - <<: *if-merge-request-labels-pipeline-expedite
       when: never
+    - if: '$ENABLE_RSPEC_PREDICTIVE_TRIGGER == "true"'
     - <<: *if-merge-request-labels-run-all-rspec
       when: never
     - <<: *if-merge-request
@@ -2112,6 +2114,7 @@
       when: never
     - <<: *if-merge-request-labels-pipeline-expedite
       when: never
+    - if: '$ENABLE_RSPEC_PREDICTIVE_TRIGGER_SINGLE_DB == "true"'
     - <<: *if-merge-request-approved
       when: never
     - <<: *if-merge-request
@@ -2130,6 +2133,7 @@
       when: never
     - <<: *if-merge-request-labels-pipeline-expedite
       when: never
+    - if: '$ENABLE_RSPEC_PREDICTIVE_TRIGGER_SINGLE_DB_CI_CONNECTION == "true"'
     - <<: *if-merge-request-approved
       when: never
     - <<: *if-merge-request
@@ -2371,19 +2375,6 @@
   rules:
     - !reference [".rails:rules:previous-failed-tests-default-rules", rules]
 
-.rails:rules:rspec-foss-impact:
-  rules:
-    - <<: *if-not-ee
-      when: never
-    - <<: *if-merge-request-labels-as-if-foss
-      when: never
-    - <<: *if-merge-request-labels-pipeline-expedite
-      when: never
-    - <<: *if-security-merge-request
-      changes: *code-backstage-patterns
-    - <<: *if-dot-com-gitlab-org-merge-request
-      changes: *code-backstage-patterns
-
 .rails:rules:rspec fail-fast:
   rules:
     - <<: *if-not-ee

.gitlab/ci/static-analysis.gitlab-ci.yml

@@ -108,7 +108,7 @@ rubocop:
   script:
     - |
       # For non-merge request, or when RUN_ALL_RUBOCOP is 'true', run all RuboCop rules
-      if [ -z "${CI_MERGE_REQUEST_IID}" ] || [ "${RUN_ALL_RUBOCOP}" == "true" ]; then
+      if [ -z "${CI_MERGE_REQUEST_IID:-$FIND_CHANGES_MERGE_REQUEST_IID}" ] || [ "${RUN_ALL_RUBOCOP}" == "true" ]; then
         # Silence cop offenses for rules with "grace period".
         # We won't notify Slack if offenses were silenced to avoid frequent messages.
         # Job `update-static-analysis-cache` takes care of Slack notifications every 2 hours.

.rubocop_todo/layout/argument_alignment.yml

@@ -345,22 +345,6 @@ Layout/ArgumentAlignment:
     - 'app/graphql/types/release_type.rb'
     - 'app/graphql/types/repository/blob_type.rb'
     - 'app/graphql/types/repository_type.rb'
-    - 'app/graphql/types/resolvable_interface.rb'
-    - 'app/graphql/types/saved_reply_type.rb'
-    - 'app/graphql/types/security/report_type_enum.rb'
-    - 'app/graphql/types/sha_format_enum.rb'
-    - 'app/graphql/types/snippet_type.rb'
-    - 'app/graphql/types/snippets/blob_action_input_type.rb'
-    - 'app/graphql/types/snippets/blob_connection_type.rb'
-    - 'app/graphql/types/snippets/blob_type.rb'
-    - 'app/graphql/types/sort_enum.rb'
-    - 'app/graphql/types/task_completion_status.rb'
-    - 'app/graphql/types/terraform/state_type.rb'
-    - 'app/graphql/types/terraform/state_version_type.rb'
-    - 'app/graphql/types/time_tracking/timelog_category_type.rb'
-    - 'app/graphql/types/time_tracking/timelog_connection_type.rb'
-    - 'app/graphql/types/timelog_type.rb'
-    - 'app/graphql/types/todo_type.rb'
     - 'app/graphql/types/tree/blob_type.rb'
     - 'app/graphql/types/tree/entry_type.rb'
     - 'app/graphql/types/tree/submodule_type.rb'

app/assets/javascripts/observability/client.js

@@ -121,8 +121,11 @@ function handleAttributeFilter(filterValue, filterOperator, searchParams, namePa
 function addDateRangeFilterToQueryParams(dateRangeFilter, params) {
   if (!dateRangeFilter || !params) return;
 
-  const { value, endDate, startDate } = dateRangeFilter;
-  if (value === CUSTOM_DATE_RANGE_OPTION) {
+  const { value, endDate, startDate, timestamp } = dateRangeFilter;
+  if (timestamp) {
+    params.append('start_time', timestamp);
+    params.append('end_time', timestamp);
+  } else if (value === CUSTOM_DATE_RANGE_OPTION) {
     if (isValidDate(startDate) && isValidDate(endDate)) {
       params.append('start_time', startDate.toISOString());
       params.append('end_time', endDate.toISOString());

app/assets/javascripts/observability/constants.js

@@ -49,5 +49,6 @@ export const CUSTOM_DATE_RANGE_OPTION = 'custom';
 export const DATE_RANGE_QUERY_KEY = 'date_range';
 export const DATE_RANGE_START_QUERY_KEY = 'date_start';
 export const DATE_RANGE_END_QUERY_KEY = 'date_end';
+export const TIMESTAMP_QUERY_KEY = 'timestamp';
 
 export const FILTERED_SEARCH_TERM_QUERY_KEY = 'search';

app/assets/javascripts/observability/utils.js

@@ -5,6 +5,7 @@ import {
   DATE_RANGE_QUERY_KEY,
   DATE_RANGE_START_QUERY_KEY,
   DATE_RANGE_END_QUERY_KEY,
+  TIMESTAMP_QUERY_KEY,
 } from './constants';
 
 /**
@@ -83,8 +84,18 @@ export function queryToDateFilterObj(queryObj) {
     [DATE_RANGE_QUERY_KEY]: dateRangeValue,
     [DATE_RANGE_START_QUERY_KEY]: dateRangeStart,
     [DATE_RANGE_END_QUERY_KEY]: dateRangeEnd,
+    [TIMESTAMP_QUERY_KEY]: timestamp,
   } = queryObj;
 
+  if (timestamp) {
+    return {
+      value: CUSTOM_DATE_RANGE_OPTION,
+      startDate: new Date(timestamp),
+      endDate: new Date(timestamp),
+      timestamp,
+    };
+  }
+
   return validatedDateRangeQuery(dateRangeValue, dateRangeStart, dateRangeEnd);
 }
 
@@ -109,5 +120,6 @@ export function dateFilterObjToQuery(dateFilter = {}) {
           [DATE_RANGE_START_QUERY_KEY]: undefined,
           [DATE_RANGE_END_QUERY_KEY]: undefined,
         }),
+    [TIMESTAMP_QUERY_KEY]: dateFilter.timestamp,
   };
 }

app/services/users/activity_service.rb

@@ -32,10 +32,12 @@ module Users
       today = Date.today
       return if user.last_activity_on == today
 
+      if Feature.disabled?(:do_not_use_exclusive_lease_for_user_activity_service)
         lease = Gitlab::ExclusiveLease.new("activity_service:#{user.id}", timeout: LEASE_TIMEOUT)
         # Skip transaction checks for exclusive lease as it is breaking system specs.
         # See issue: https://gitlab.com/gitlab-org/gitlab/-/issues/441536
         return unless Gitlab::ExclusiveLease.skipping_transaction_check { lease.try_obtain }
+      end
 
       user.update_attribute(:last_activity_on, today)
 

config/feature_flags/gitlab_com_derisk/do_not_use_exclusive_lease_for_user_activity_service.yml

@@ -0,0 +1,9 @@
+---
+name: do_not_use_exclusive_lease_for_user_activity_service
+feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/441536
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/151342
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/458719
+milestone: '17.0'
+group: group::tenant scale
+type: gitlab_com_derisk
+default_enabled: false

danger/specs/Dangerfile

@@ -19,7 +19,7 @@ This could be a sign that you're testing an EE-specific behavior in a FOSS test.
 Please make sure the spec files pass in AS-IF-FOSS mode either:
 
 1. Locally with `FOSS_ONLY=1 bin/rspec -- %<spec_files>s`.
-1. In the MR pipeline by verifying that the `rspec foss-impact` job has passed.
+1. In the MR pipeline by verifying that the `rspec:predictive:trigger` job has passed in the as-if-foss cross project downstream pipeline.
 1. In the MR pipelines by setting the ~"pipeline:run-as-if-foss" label on the MR (you can do it with the `/label ~"pipeline:run-as-if-foss"` quick action) and start a new MR pipeline.
 
 MSG

db/migrate/20240327110521_migrate_zoekt_settings_in_application_settings.rb

@@ -9,19 +9,8 @@ class MigrateZoektSettingsInApplicationSettings < Gitlab::Database::Migration[2.
   end
 
   def up
-    return unless Gitlab.ee? # zoekt_settings available only in EE version
-
-    ApplicationSetting.reset_column_information
-
-    application_setting = ApplicationSetting.last
-    return if application_setting.nil? || application_setting.zoekt_settings.any?
-
-    zoekt_settings = {
-      zoekt_indexing_enabled: Feature.enabled?(:index_code_with_zoekt),
-      zoekt_indexing_paused: Feature.enabled?(:zoekt_pause_indexing, type: :ops),
-      zoekt_search_enabled: Feature.enabled?(:search_code_with_zoekt)
-    }
-    application_setting.update!(zoekt_settings: zoekt_settings)
+    # no-op this was just a data migration which is already done in 16.11. The plan is to remove the feature-flags used
+    # in this migration. So better to disable this migration in 17.0 to avoid any migration issues.
   end
 
   def down

doc/integration/advanced_search/elasticsearch.md

@@ -75,10 +75,14 @@ Before you use a new Elasticsearch cluster in production, see the
 
 > - Support for Elasticsearch 6.8 [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/350275) in GitLab 15.0.
 
-You don't have to change the GitLab configuration when you upgrade Elasticsearch.
+When you upgrade Elasticsearch, you do not have to change the GitLab configuration.
 
-You should pause indexing during an Elasticsearch upgrade so changes can still be tracked.
-When the Elasticsearch cluster is fully upgraded and active, [resume indexing](#unpause-indexing).
+During an Elasticsearch upgrade, you must:
+
+- Pause indexing so changes can still be tracked.
+- Disable advanced search so searches do not fail with an `HTTP 500` error.
+
+When the Elasticsearch cluster is fully upgraded and active, [resume indexing](#unpause-indexing) and enable advanced search.
 
 When you upgrade to GitLab 15.0 and later, you must use Elasticsearch 7.x and later.
 

scripts/setup/generate-as-if-foss-env.rb

@@ -6,6 +6,7 @@ require 'gitlab' unless Object.const_defined?(:Gitlab)
 require 'set' # rubocop:disable Lint/RedundantRequireStatement -- Ruby 3.1 and earlier needs this. Drop this line after Ruby 3.2+ is only supported.
 
 class GenerateAsIfFossEnv
+  # rubocop:disable Style/WordArray -- Probably a bug? It already is
   FOSS_JOBS = Set.new(%w[
     build-assets-image
     build-qa-image
@@ -16,11 +17,16 @@ class GenerateAsIfFossEnv
     eslint
     generate-apollo-graphql-schema
     graphql-schema-dump
+    rspec-predictive:pipeline-generate
+    rspec:predictive:trigger
+    rspec:predictive:trigger\ single-db
+    rspec:predictive:trigger\ single-db-ci-connection
     rubocop
     qa:internal
     qa:selectors
     static-analysis
   ]).freeze
+  # rubocop:enable Style/WordArray
 
   def initialize
     @client = Gitlab.client(
@@ -62,10 +68,12 @@ class GenerateAsIfFossEnv
   end
 
   def each_job
-    client.pipeline_jobs(ENV['CI_PROJECT_ID'], ENV['CI_PIPELINE_ID']).auto_paginate do |job|
+    %i[pipeline_jobs pipeline_bridges].each do |kind|
+      client.public_send(kind, ENV['CI_PROJECT_ID'], ENV['CI_PIPELINE_ID']).auto_paginate do |job| # rubocop:disable GitlabSecurity/PublicSend -- We're sending with static values, no concerns
         yield(job)
       end
     end
+  end
 
   def detect_rspec(job)
     rspec_type = job.name[%r{^rspec(?:-all)? ([\w\-]+)}, 1]

spec/dot_gitlab_ci/rules_spec.rb

@@ -102,6 +102,9 @@ RSpec.describe '.gitlab/ci/rules.gitlab-ci.yml', feature_category: :tooling do
 
           if base['when'] == 'never'
             expect(derived).to eq(base.except('when'))
+          elsif base['if'].start_with?('$ENABLE_')
+            derived_if = base['if'].sub('RSPEC', 'RSPEC_PREDICTIVE_TRIGGER')
+            expect(derived).to eq(base.merge('if' => derived_if))
           elsif base['when'].nil?
             expect(derived).to eq(base.merge('when' => 'never'))
           end
@@ -119,7 +122,13 @@ RSpec.describe '.gitlab/ci/rules.gitlab-ci.yml', feature_category: :tooling do
     it_behaves_like 'predictive is inverse of non-predictive' do
       let(:base_rules) { config.dig('.rails:rules:ee-and-foss-default-rules', 'rules') }
 
-      let(:derived_rules) { config.dig('.rails:rules:rspec-predictive', 'rules') }
+      let(:derived_rules) do
+        config.dig('.rails:rules:rspec-predictive', 'rules').reject do |rule|
+          # This happens in each specific rspec,
+          # which is outside of .rails:rules:ee-and-foss-default-rules
+          rule['if'].start_with?('$ENABLE_')
+        end
+      end
 
       it 'contains an additional allow rule about code-backstage-patterns not present in the base' do
         expected_rule = {
@@ -135,24 +144,14 @@ RSpec.describe '.gitlab/ci/rules.gitlab-ci.yml', feature_category: :tooling do
 
   describe '.rails:rules:single-db' do
     it_behaves_like 'predictive is inverse of non-predictive' do
-      let(:base_rules) do
-        config.dig('.rails:rules:single-db', 'rules').reject do |rule|
-          rule['if'].start_with?('$ENABLE_') # We don't handle this yet
-        end
-      end
-
+      let(:base_rules) { config.dig('.rails:rules:single-db', 'rules') }
       let(:derived_rules) { config.dig('.rails:rules:rspec-predictive:single-db', 'rules') }
     end
   end
 
   describe '.rails:rules:single-db-ci-connection' do
     it_behaves_like 'predictive is inverse of non-predictive' do
-      let(:base_rules) do
-        config.dig('.rails:rules:single-db-ci-connection', 'rules').reject do |rule|
-          rule['if'].start_with?('$ENABLE_') # We don't handle this yet
-        end
-      end
-
+      let(:base_rules) { config.dig('.rails:rules:single-db-ci-connection', 'rules') }
       let(:derived_rules) { config.dig('.rails:rules:rspec-predictive:single-db-ci-connection', 'rules') }
     end
   end

spec/factories/users.rb

@@ -140,6 +140,10 @@ FactoryBot.define do
       avatar { fixture_file_upload('spec/fixtures/dk.png') }
     end
 
+    trait :with_last_activity_on_today do
+      last_activity_on { Date.today }
+    end
+
     trait :with_sign_ins do
       sign_in_count { 3 }
       current_sign_in_at { FFaker::Time.between(10.days.ago, 1.day.ago) }

spec/frontend/observability/client_spec.js

@@ -1171,6 +1171,22 @@ describe('buildClient', () => {
             'start_time=2020-07-05T00:00:00.000Z&end_time=2020-07-06T00:00:00.000Z',
           );
         });
+
+        it('handles exact timestamps', async () => {
+          await client.fetchLogs({
+            filters: {
+              dateRange: {
+                timestamp: '2024-02-19T16:10:15.4433398Z',
+                endDate: new Date('2024-02-19'),
+                startDate: new Date('2024-02-19'),
+                value: 'custom',
+              },
+            },
+          });
+          expect(getQueryParam()).toContain(
+            'start_time=2024-02-19T16:10:15.4433398Z&end_time=2024-02-19T16:10:15.4433398Z',
+          );
+        });
       });
 
       describe('attributes filters', () => {

spec/frontend/observability/utils_spec.js

@@ -4,6 +4,7 @@ import {
   DATE_RANGE_QUERY_KEY,
   DATE_RANGE_START_QUERY_KEY,
   DATE_RANGE_END_QUERY_KEY,
+  TIMESTAMP_QUERY_KEY,
 } from '~/observability/constants';
 
 describe('periodToDate', () => {
@@ -74,6 +75,15 @@ describe('queryToDateFilterObj', () => {
     };
     expect(queryToDateFilterObj(query)).toEqual({ value: '1h' });
   });
+
+  it('returns a date range object from a nano timestamp', () => {
+    expect(queryToDateFilterObj({ timestamp: '2024-02-19T16:10:15.4433398Z' })).toEqual({
+      value: CUSTOM_DATE_RANGE_OPTION,
+      startDate: new Date('2024-02-19T16:10:15.443Z'),
+      endDate: new Date('2024-02-19T16:10:15.443Z'),
+      timestamp: '2024-02-19T16:10:15.4433398Z',
+    });
+  });
 });
 
 describe('dateFilterObjToQuery', () => {
@@ -99,6 +109,11 @@ describe('dateFilterObjToQuery', () => {
       [DATE_RANGE_END_QUERY_KEY]: '2020-01-02T00:00:00.000Z',
     });
   });
+  it('converts a filter with timestamp', () => {
+    expect(dateFilterObjToQuery({ timestamp: '2024-02-19T16:10:15.4433398Z' })).toEqual({
+      [TIMESTAMP_QUERY_KEY]: '2024-02-19T16:10:15.4433398Z',
+    });
+  });
 
   it('returns empty object if filter is empty', () => {
     expect(dateFilterObjToQuery({})).toEqual({});

spec/requests/api/graphql/project/error_tracking/sentry_detailed_error_request_spec.rb

@@ -4,9 +4,11 @@ require 'spec_helper'
 RSpec.describe 'getting a detailed sentry error', feature_category: :error_tracking do
   include GraphqlHelpers
 
-  let_it_be(:project) { create(:project, :repository) }
+  # user should have `last_on_activity` set to today,
+  # so that `Users::ActivityService` does not register any more updates.
+  let_it_be(:current_user) { create(:user, :with_last_activity_on_today) }
+  let_it_be(:project) { create(:project, :repository, namespace: create(:namespace, owner: current_user)) }
   let_it_be(:project_setting) { create(:project_error_tracking_setting, project: project) }
-  let_it_be(:current_user) { project.first_owner }
   let_it_be(:sentry_detailed_error) { build(:error_tracking_sentry_detailed_error) }
 
   let(:sentry_gid) { sentry_detailed_error.to_global_id.to_s }

spec/requests/api/usage_data_spec.rb

@@ -178,7 +178,7 @@ RSpec.describe API::UsageData, feature_category: :service_ping do
 
       context 'with unknown event' do
         it 'returns status ok' do
-          expect(Gitlab::Redis::HLL).not_to receive(:add)
+          expect(Gitlab::Redis::HLL).not_to receive(:add).with(hash_including(key: unknown_event))
 
           post api(endpoint, user), params: { event: unknown_event }
 

spec/requests/api/users_spec.rb

@@ -1608,6 +1608,10 @@ RSpec.describe API::Users, :aggregate_failures, feature_category: :user_profile
     end
 
     context 'updating password' do
+      # user should have `last_on_activity` set to today,
+      # so that `Users::ActivityService` does not register any more updates.
+      let_it_be(:admin) { create(:admin, :with_last_activity_on_today) }
+
       def update_password(user, admin, password = User.random_password)
         put api("/users/#{user.id}", admin, admin_mode: true), params: { password: password }
       end
@@ -1617,7 +1621,7 @@ RSpec.describe API::Users, :aggregate_failures, feature_category: :user_profile
           update_password(admin, admin)
 
           expect(response).to have_gitlab_http_status(:ok)
-          expect(user.reload.password_expired?).to eq(false)
+          expect(admin.reload.password_expired?).to eq(false)
         end
 
         it 'does not enqueue the `admin changed your password` email' do

spec/requests/projects/merge_requests_controller_spec.rb

@@ -3,9 +3,11 @@
 require 'spec_helper'
 
 RSpec.describe Projects::MergeRequestsController, feature_category: :source_code_management do
-  let_it_be(:merge_request) { create(:merge_request) }
-  let_it_be(:project) { merge_request.project }
-  let_it_be(:user) { merge_request.author }
+  # user should have `last_on_activity` set to today,
+  # so that `Users::ActivityService` does not register any more updates.
+  let_it_be(:user) { create(:user, :with_last_activity_on_today, :with_namespace) }
+  let_it_be(:project) { create(:project, :repository, namespace: user.namespace) }
+  let_it_be(:merge_request) { create(:merge_request, source_project: project, author: user) }
 
   describe 'GET #show' do
     let_it_be(:group) { create(:group) }

spec/requests/projects/merge_requests_spec.rb

@@ -3,7 +3,10 @@
 require 'spec_helper'
 
 RSpec.describe 'merge requests actions', feature_category: :source_code_management do
-  let_it_be(:project) { create(:project, :repository) }
+  # user should have `last_on_activity` set to today,
+  # so that `Users::ActivityService` does not register any more updates.
+  let_it_be(:user) { create(:user, :with_last_activity_on_today) }
+  let_it_be(:project) { create(:project, :repository, namespace: create(:namespace, owner: user)) }
 
   let(:merge_request) do
     create(
@@ -15,7 +18,6 @@ RSpec.describe 'merge requests actions', feature_category: :source_code_manageme
     )
   end
 
-  let(:user) { project.first_owner }
   let(:user2) { create(:user) }
 
   before do

spec/scripts/setup/generate_as_if_foss_env_spec.rb

@@ -53,16 +53,33 @@ RSpec.describe GenerateAsIfFossEnv, feature_category: :tooling do
       ]
     end
 
+    let(:bridges) do
+      [
+        'rspec-predictive:pipeline-generate',
+        'rspec:predictive:trigger',
+        'rspec:predictive:trigger single-db',
+        'rspec:predictive:trigger single-db-ci-connection'
+      ]
+    end
+
+    # rubocop:disable RSpec/VerifiedDoubles -- As explained at the top of this file, we do not load the Gitlab client
     before do
-      messages = receive_message_chain(:client, :pipeline_jobs, :auto_paginate)
+      client = double
+      allow(Gitlab).to receive(:client).and_return(client)
 
-      yield_jobs = jobs.inject(messages) do |stub, job|
-        stub.and_yield(double(name: job)) # rubocop:disable RSpec/VerifiedDoubles -- As explained at the top of this file, we do not load the Gitlab client
+      allow(client).to yield_jobs(:pipeline_jobs, jobs)
+      allow(client).to yield_jobs(:pipeline_bridges, bridges)
     end
 
-      allow(Gitlab).to yield_jobs
+    def yield_jobs(api_method, jobs)
+      messages = receive_message_chain(api_method, :auto_paginate)
+
+      jobs.inject(messages) do |stub, job_name|
+        stub.and_yield(double(name: job_name))
       end
     end
+    # rubocop:enable RSpec/VerifiedDoubles
+  end
 
   describe '#variables' do
     include_context 'when there are all jobs'
@@ -100,7 +117,11 @@ RSpec.describe GenerateAsIfFossEnv, feature_category: :tooling do
         ENABLE_RUBOCOP: 'true',
         ENABLE_QA_INTERNAL: 'true',
         ENABLE_QA_SELECTORS: 'true',
-        ENABLE_STATIC_ANALYSIS: 'true'
+        ENABLE_STATIC_ANALYSIS: 'true',
+        ENABLE_RSPEC_PREDICTIVE_PIPELINE_GENERATE: 'true',
+        ENABLE_RSPEC_PREDICTIVE_TRIGGER: 'true',
+        ENABLE_RSPEC_PREDICTIVE_TRIGGER_SINGLE_DB: 'true',
+        ENABLE_RSPEC_PREDICTIVE_TRIGGER_SINGLE_DB_CI_CONNECTION: 'true'
       })
     end
   end
@@ -142,6 +163,10 @@ RSpec.describe GenerateAsIfFossEnv, feature_category: :tooling do
         ENABLE_QA_INTERNAL=true
         ENABLE_QA_SELECTORS=true
         ENABLE_STATIC_ANALYSIS=true
+        ENABLE_RSPEC_PREDICTIVE_PIPELINE_GENERATE=true
+        ENABLE_RSPEC_PREDICTIVE_TRIGGER=true
+        ENABLE_RSPEC_PREDICTIVE_TRIGGER_SINGLE_DB=true
+        ENABLE_RSPEC_PREDICTIVE_TRIGGER_SINGLE_DB_CI_CONNECTION=true
       ENV
     end
   end

spec/services/quick_actions/interpret_service_spec.rb

@@ -643,7 +643,11 @@ RSpec.describe QuickActions::InterpretService, feature_category: :team_planning
       it 'returns the confidential message' do
         _, _, message = service.execute(content, issuable)
 
-        issuable_type = issuable.to_ability_name.humanize(capitalize: false)
+        issuable_type = if issuable.to_ability_name == "work_item"
+                          'item'
+                        else
+                          issuable.to_ability_name.humanize(capitalize: false)
+                        end
 
         expect(message).to eq("Made this #{issuable_type} confidential.")
       end

spec/services/users/activity_service_spec.rb

@@ -41,11 +41,26 @@ RSpec.describe Users::ActivityService, feature_category: :user_profile do
                 .to(Date.today)
       end
 
+      context 'for ExclusiveLease' do
+        context 'when the feature flag `do_not_use_exclusive_lease_for_user_activity_service` is turned off' do
+          before do
+            stub_feature_flags(do_not_use_exclusive_lease_for_user_activity_service: false)
+          end
+
           it 'tries to obtain ExclusiveLease' do
-        expect(Gitlab::ExclusiveLease).to receive(:new).with("activity_service:#{user.id}", anything).and_call_original
+            expect(Gitlab::ExclusiveLease).to receive(:new).with("activity_service:#{user.id}", anything)
+              .and_call_original
 
             subject.execute
           end
+        end
+
+        it 'does not try to obtain ExclusiveLease' do
+          expect(Gitlab::ExclusiveLease).not_to receive(:new).with("activity_service:#{user.id}", anything)
+
+          subject.execute
+        end
+      end
 
       it 'tracks RedisHLL event' do
         expect(Gitlab::UsageDataCounters::HLLRedisCounter)
@@ -108,6 +123,12 @@ RSpec.describe Users::ActivityService, feature_category: :user_profile do
       it_behaves_like 'does not update last_activity_on'
     end
 
+    context 'for ExclusiveLease' do
+      context 'when the feature flag `do_not_use_exclusive_lease_for_user_activity_service` is turned off' do
+        before do
+          stub_feature_flags(do_not_use_exclusive_lease_for_user_activity_service: false)
+        end
+
         context 'when a lease could not be obtained' do
           let(:last_activity_on) { nil }
 
@@ -118,6 +139,8 @@ RSpec.describe Users::ActivityService, feature_category: :user_profile do
           it_behaves_like 'does not update last_activity_on'
         end
       end
+    end
+  end
 
   context 'with DB Load Balancing' do
     let(:user) { create(:user, last_activity_on: last_activity_on) }