Add changelog

Rename word to query

User hash for limit

Do not allow control limit

Rename pluck names and add more specs

The columns 'Created on' and 'Last activity' have been
added to the admin -> users view.

Sorting options have also been added for last activity
and the search bar has been moved to match the issues
page.

Signed-off-by: NRémy Coutable <remy@rymai.me>

Users may specify an OAuth2 callback with a custom name, such as
AWSCognito, but Rails will reject this with the following message:

```
'import/AWSCognito' is not a supported controller name. This can
lead to potential routing problems. See
http://guides.rubyonrails.org/routing.html#specifying-a-controller-to-use
```

To avoid these errors, we can just downcase all the provider names.
Note that this will make it impossible to specify a duplicate name with
different cases.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/57156

To prevent an OAuth2 covert redirect vulnerability, this commit adds and
uses an alias for the GitHub and BitBucket OAuth2 callback URLs to the
following paths:

GitHub: /users/auth/-/import/github
Bitbucket: /users/auth/-/import/bitbucket

This allows admins to put a more restrictive callback URL in the OAuth2
configuration settings. Instead of https://example.com, admins can now use:

https://example.com/users/auth

It's possible but not trivial to change Devise and OmniAuth to use a
different prefix for callback URLs instead of /users/auth. For now,
aliasing the import URLs under the /users/auth namespace should suffice.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56663

(cherry picked from commit da3cd00f5a31f762eb67c2824233ad2b275b2ba8)

Conflicts:
	config/webpack.config.js

This change adds three new instrumentations, driven through rails
notifications: render_template.action_view,
render_collection.action_view and render_partial.action_view.

These can help developers understand why renders are taking a long
time which may in turn help them to improve their performance.

Specs were reviewed and improved to better cover the current behavior.
There was some standardization done as well to facilitate the
implementation of the rollback functionality.

StorageMigratorWorker was extracted to HashedStorage namespace were
RollbackerWorker will live one as well.

This includes a set of APIs to manipulate container registry.
This includes also an ability to delete tags based on requested
criteria, like keep-last-n, matching-name, older-than.

http_max_redirects was introduced in 4.2.2, so upgrade kubeclient.

The monkey-patch was global so we will have to check that all instances
of Kubeclient::Client are handled.

Spec all methods of KubeClient

This should provide better confidence that we are indeed disallowing
redirection in all cases

Signed-off-by: NRémy Coutable <remy@rymai.me>

This change will publish distributed tracing spans related to
SQL ActiveRecord queries. These queries are unbound, so will still
contain parameter substitution strings in place of actual parameter
values.

This ensures that the SQL strings do not need to be scrubbed, since the
values are not included in the SQL.

More details of rails instrumentation can be found here:
https://guides.rubyonrails.org/active_support_instrumentation.html

To prevent an OAuth2 covert redirect vulnerability, this commit adds and
uses an alias for the GitHub and BitBucket OAuth2 callback URLs to the
following paths:

GitHub: /users/auth/-/import/github
Bitbucket: /users/auth/-/import/bitbucket

This allows admins to put a more restrictive callback URL in the OAuth2
configuration settings. Instead of https://example.com, admins can now use:

https://example.com/users/auth

It's possible but not trivial to change Devise and OmniAuth to use a
different prefix for callback URLs instead of /users/auth. For now,
aliasing the import URLs under the /users/auth namespace should suffice.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56663

Signed-off-by: NRémy Coutable <remy@rymai.me>

This change allows the GitLab rails and sidekiq components to receive
tracing spans from upstream services such as Workhorse and pass these
spans on to downstream services including Gitaly and Sidekiq.

This change will also emit traces for incoming and outgoing requests
using the propagated trace information. This will allow operators and
engineers to view traces across the Workhorse, GitLab Rails, Sidekiq and
Gitaly components.

Additional intra-service instrumentation will be added in future
changes.

By visiting `projects/:id` you will be redirected to project page with
path in it.

projects/123 => foo/bar
Signed-off-by: NDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

This change will instantiate an OpenTracing tracer and configure it
as the global tracer when the GITLAB_TRACING environment variable is
configured. GITLAB_TRACING takes a "connection string"-like value,
encapsulating the driver (eg jaeger, etc) and options for the driver.

Since each service, whether it's written in Ruby or Golang, uses the
same connection-string, it should be very easy to configure all
services in a cluster, or even a single development machine to be
setup to use tracing.

Note that this change does not include instrumentation or propagation
changes as this is a way of breaking a previous larger change into
components. The instrumentation and propagation changes will follow
in separate changes.

GitLab::Sentry has a program_context method to determine whether a
Sentry exception occurred in Sidekiq or rails. Since we will need
similar functionality for distributed tracing, this change extracts the
program_context method into GitLab.process_name for more general
consumption.

Process CSV uploads async using a worker then email results

Added button and modal to accept CSV file for uploading

This commit prepares the structure for the upcoming feature error
tracking.

These are data columns that store runtime configuration
of build needed to execute it on runner and within pipeline.

The definition of this data is that once used, and when no longer
needed (due to retry capability) they can be freely removed.

They use `jsonb` on PostgreSQL, and `text` on MySQL (due to lacking
support for json datatype on old enough version).

Fix deprecation: returning false in Active Record and Active Model callbacks will not implicitly halt a callback chain

ActiveRecord supports `:order` natively, but it is skipped because of
our specific patch to support opclasses.

Relevant AR code:
https://github.com/rails/rails/blob/5-0-stable/activerecord/lib/active_record/connection_adapters/abstract/schema_statements.rb#L1167

When object storage is enabled, the logos used to customize a GitLab
appearance causes the time-limited URLs to be used. We fix this
by forcing all of these URLs to use the /uploads/-/system prefix
so that they will always be proxied through GitLab.

Closes https://gitlab.com/gitlab-org/gitlab-ee/issues/6778

Full list of changes:
https://github.com/carrierwaveuploader/carrierwave/blob/master/CHANGELOG.md

Because this could potentially load a model and we shouldn't
load models before all the patches we have in places.