Add latest changes from gitlab-org/gitlab@master

.rubocop_todo/gitlab/bounded_contexts.yml

@@ -2906,7 +2906,6 @@ Gitlab/BoundedContexts:
     - 'ee/app/models/elastic/group_index_status.rb'
     - 'ee/app/models/elastic/index_setting.rb'
     - 'ee/app/models/elastic/migration_record.rb'
-    - 'ee/app/models/elastic/reindexing_slice.rb'
     - 'ee/app/models/elasticsearch_indexed_namespace.rb'
     - 'ee/app/models/elasticsearch_indexed_project.rb'
     - 'ee/app/models/embedding/application_record.rb'

.rubocop_todo/layout/line_length.yml

@@ -741,7 +741,6 @@ Layout/LineLength:
     - 'ee/app/models/ee/upload.rb'
     - 'ee/app/models/ee/user.rb'
     - 'ee/app/models/ee/vulnerability.rb'
-    - 'ee/app/models/elastic/reindexing_slice.rb'
     - 'ee/app/models/epic_issue.rb'
     - 'ee/app/models/geo/secondary_usage_data.rb'
     - 'ee/app/models/geo_node.rb'

.rubocop_todo/rspec/feature_category.yml

@@ -815,7 +815,6 @@ RSpec/FeatureCategory:
     - 'ee/spec/models/ee/users/merge_request_interaction_spec.rb'
     - 'ee/spec/models/ee/users_statistics_spec.rb'
     - 'ee/spec/models/elastic/index_setting_spec.rb'
-    - 'ee/spec/models/elastic/reindexing_slice_spec.rb'
     - 'ee/spec/models/epic_user_mention_spec.rb'
     - 'ee/spec/models/gitlab/seat_link_data_spec.rb'
     - 'ee/spec/models/gitlab_subscriptions/upcoming_reconciliation_spec.rb'

.rubocop_todo/search/namespaced_class.yml

@@ -30,7 +30,6 @@ Search/NamespacedClass:
     - 'ee/app/models/elastic/group_index_status.rb'
     - 'ee/app/models/elastic/index_setting.rb'
     - 'ee/app/models/elastic/migration_record.rb'
-    - 'ee/app/models/elastic/reindexing_slice.rb'
     - 'ee/app/models/elasticsearch_indexed_namespace.rb'
     - 'ee/app/models/elasticsearch_indexed_project.rb'
     - 'ee/app/presenters/ee/search_service_presenter.rb'

.rubocop_todo/style/class_and_module_children.yml

@@ -420,7 +420,6 @@ Style/ClassAndModuleChildren:
     - 'ee/app/models/concerns/geo/selective_sync.rb'
     - 'ee/app/models/dast/profile_schedule.rb'
     - 'ee/app/models/ee/ci/job_artifact.rb'
-    - 'ee/app/models/elastic/reindexing_slice.rb'
     - 'ee/app/models/epic/metrics.rb'
     - 'ee/app/models/epic/related_epic_link.rb'
     - 'ee/app/models/geo/base_registry.rb'

app/finders/groups_finder.rb

@@ -74,10 +74,19 @@ class GroupsFinder < UnionFinder
 
   # rubocop: disable CodeReuse/ActiveRecord
   def groups_with_min_access_level
-    current_user
-      .groups
-      .where('members.access_level >= ?', params[:min_access_level])
-      .self_and_descendants
+    if Feature.enabled?(:cte_for_group_search_access_level, Feature.current_request)
+      inner_query = current_user
+        .groups
+        .where('members.access_level >= ?', params[:min_access_level])
+        .self_and_descendants
+      cte = Gitlab::SQL::CTE.new(:groups_with_min_access_level_cte, inner_query)
+      cte.apply_to(Group.where({}))
+    else
+      current_user
+        .groups
+        .where('members.access_level >= ?', params[:min_access_level])
+        .self_and_descendants
+    end
   end
   # rubocop: enable CodeReuse/ActiveRecord
 

config/feature_flags/gitlab_com_derisk/cte_for_group_search_access_level.yml

@@ -0,0 +1,9 @@
+---
+name: cte_for_group_search_access_level
+feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/502465
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/171735
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/502657
+milestone: '17.6'
+group: group::tenant scale
+type: gitlab_com_derisk
+default_enabled: false

config/sidekiq_queues.yml

@@ -591,8 +591,6 @@
   - 1
 - - onboarding_create_iterable_trigger
   - 1
-- - onboarding_create_iterable_triggers
-  - 1
 - - onboarding_progress_tracking
   - 1
 - - package_cleanup

data/deprecations/17-6-package-registry-permissions-breaking-change.yml

@@ -0,0 +1,18 @@
+- title: "Guest users can pull packages from private projects on GitLab.com"
+  announcement_milestone: "17.6"
+  removal_milestone: "18.0"
+  breaking_change: true
+  reporter: trizzi
+  stage: Package
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/336622
+  impact: high
+  scope: project
+  resolution_role: maintainer
+  manual_task: true
+  window: "3"
+  body: |
+    Starting in 18.0, Guest users on GitLab.com will be able to pull packages from private projects. This is the same ability that Guest users already have on self-managed GitLab.
+
+    This change streamlines package sharing capabilities within organizations and simplifies access management for package consumers by providing consistent behavior across all GitLab deployments.
+
+    Project Owners and Maintainers should review their private projects' lists of members. Users with the Guest role who should not have package pulling capabilities should be removed. If more restrictive package access is required, consider using project access tokens instead of guest access.

db/docs/elastic_reindexing_slices.yml

@@ -1,7 +1,7 @@
 ---
 table_name: elastic_reindexing_slices
 classes:
-- Elastic::ReindexingSlice
+- Search::Elastic::ReindexingSlice
 feature_categories:
 - global_search
 description: Used to track status of Zero downtime reindexing tasks in Elasticsearch or OpenSearch

db/migrate/20241104135544_remove_create_iterable_triggers_worker_job_instances.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class RemoveCreateIterableTriggersWorkerJobInstances < Gitlab::Database::Migration[2.2]
+  milestone '17.6'
+
+  DEPRECATED_JOB_CLASSES = %w[Onboarding::CreateIterableTriggersWorker]
+  # Always use `disable_ddl_transaction!` while using the `sidekiq_remove_jobs` method,
+  # as we had multiple production incidents due to `idle-in-transaction` timeout.
+  disable_ddl_transaction!
+
+  def up
+    # Removes scheduled instances from Sidekiq queues
+    sidekiq_remove_jobs(job_klasses: DEPRECATED_JOB_CLASSES)
+  end
+
+  def down
+    # This migration removes any instances of deprecated workers and cannot be undone.
+  end
+end

db/schema_migrations/20241104135544

@@ -0,0 +1 @@
+a3b1d3b6a2042eb0e139a01a2a948b54679edfcd9f917e67c3c626c03b010d4e

doc/development/labels/index.md

@@ -39,7 +39,7 @@ labels, you can _always_ add the type, stage, group, and often the category/feat
 Type labels are very important. They define what kind of issue this is. Every
 issue should have one and only one.
 
-The SSOT for type and subtype labels is [available in the handbook](https://handbook.gitlab.com/handbook/engineering/metrics/#work-type-classification).
+The SSOT for type and subtype labels is [available in the handbook](https://handbook.gitlab.com/handbook/product/groups/product-analysis/engineering/metrics/#work-type-classification).
 
 A number of type labels have a priority assigned to them, which automatically
 makes them float to the top, depending on their importance.

doc/topics/git/advanced.md

@@ -47,6 +47,17 @@ you can rebase to fix it.
 
 For more information, see [Rebase to address merge conflicts](git_rebase.md).
 
+## Cherry-pick changes
+
+The `git cherry-pick` command applies specific commits from one branch to another.
+Use it to:
+
+- Backport bug fixes from the default branch to previous release branches.
+- Copy changes from a fork to the upstream repository.
+- Apply specific changes without merging entire branches.
+
+For more information, see [Cherry-pick changes with Git](cherry_pick.md).
+
 ## Revert and undo changes
 
 The following Git commands help you to revert and undo changes:
@@ -58,6 +69,28 @@ The following Git commands help you to revert and undo changes:
 
 For more information, see [Revert changes](undo.md).
 
+## Reduce repository size
+
+The size of a Git repository can impact performance and storage costs.
+It can differ slightly from one instance to another due to compression, housekeeping, and other factors.
+For more information about repository size, see [Repository size](../../user/project/repository/repository_size.md)
+
+You can use Git to purge files from your repository's history and reduce its size. For more information, see [Reduce repository size](repository.md).
+
+## File management
+
+You can use Git to manage files in your repository. It helps you track changes, collaborate with others, and manage large files. The following options are available:
+
+- `git log`: View changes to files in your repository.
+- `git blame`: Identify who last modified a line of code in a file.
+- `git lfs`: Manages, track, and lock files in your repository.
+
+<!-- Include when the relevant MR is merged.
+
+For more information, see [File management](file_management.md).
+
+-->
+
 ## Update Git remote URLs
 
 The `git remote set-url` command updates the URL of the remote repository.

doc/update/deprecations.md

@@ -457,6 +457,26 @@ Along with this change we are also deprecating and removing the 2017 GraphQL API
 
 <div class="deprecation breaking-change" data-milestone="18.0">
 
+### Guest users can pull packages from private projects on GitLab.com
+
+<div class="deprecation-notes">
+
+- Announced in GitLab <span class="milestone">17.6</span>
+- Removal in GitLab <span class="milestone">18.0</span> ([breaking change](https://docs.gitlab.com/ee/update/terminology.html#breaking-change))
+- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/336622).
+
+</div>
+
+Starting in 18.0, Guest users on GitLab.com will be able to pull packages from private projects. This is the same ability that Guest users already have on self-managed GitLab.
+
+This change streamlines package sharing capabilities within organizations and simplifies access management for package consumers by providing consistent behavior across all GitLab deployments.
+
+Project Owners and Maintainers should review their private projects' lists of members. Users with the Guest role who should not have package pulling capabilities should be removed. If more restrictive package access is required, consider using project access tokens instead of guest access.
+
+</div>
+
+<div class="deprecation breaking-change" data-milestone="18.0">
+
 ### Limited `scan` actions in a scan execution policy
 
 <div class="deprecation-notes">

qa/qa/page/component/access_tokens.rb

@@ -58,6 +58,8 @@ module QA
         end
 
         def click_add_new_token_button
+          dismiss_duo_chat_popup if respond_to?(:dismiss_duo_chat_popup)
+
           click_element('add-new-token-button')
         end
 

spec/scripts/internal_events/server_spec.rb

@@ -171,7 +171,7 @@ RSpec.describe Server, feature_category: :service_ping do
     context 'with a non-structured event or an internal event' do
       let(:body) { internal_event_fixture('snowplow_events/non_internal_event_structured.json') }
 
-      it 'ignores the event' do
+      it 'ignores the event', quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/498774' do
         expect(response.code).to eq('200')
         expect(events).to be_empty
       end