Automatic merge of gitlab-org/gitlab master

app/assets/javascripts/persistent_user_callouts.js

@@ -25,7 +25,6 @@ const PERSISTENT_USER_CALLOUTS = [
   '.js-new-nav-for-everyone-callout',
   '.js-namespace-over-storage-users-combined-alert',
   '.js-joining-a-project-alert',
-  '.js-duo-chat-ga-alert',
   '.js-all-seats-used',
 ];
 

app/models/users/callout.rb

@@ -87,7 +87,7 @@ class Callout < MainClusterwide::ApplicationRecord
       summarize_code_changes: 85, # EE-only
       # 86 removed in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/152619
       deployment_details_feedback: 87,
-      duo_chat_ga_alert: 88, # EE-only
+      # 88 removed in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/152999
       board_add_new_column_trigger_popover: 89,
       deployment_approvals_empty_state: 90,
       period_in_terraform_state_name_alert: 91

app/views/groups/show.html.haml

@@ -20,7 +20,6 @@
 = render partial: 'flash_messages'
 
 = render_if_exists 'subscriptions/trials/alert', namespace: @group
-= render_if_exists 'shared/duo_chat_ga_alert', resource: @group
 
 = render 'groups/home_panel'
 

app/views/projects/empty.html.haml

@@ -5,7 +5,6 @@
 - escaped_default_branch_name = default_branch_name.shellescape
 - @skip_current_level_breadcrumb = true
 
-= render_if_exists 'projects/duo_chat_ga_alert', project: @project
 = render partial: 'flash_messages', locals: { project: @project }
 = render 'clusters_deprecation_alert'
 

app/views/projects/show.html.haml

@@ -7,7 +7,6 @@
   = auto_discovery_link_tag(:atom, project_path(@project, rss_url_options), title: "#{@project.name} activity")
 
 = render_if_exists 'shared/promotions/promote_mobile_devops', project: @project
-= render_if_exists 'projects/duo_chat_ga_alert', project: @project
 = render partial: 'flash_messages', locals: { project: @project }
 
 = render 'clusters_deprecation_alert'

config/feature_flags/gitlab_com_derisk/duo_chat_ga_alert.yml

----
-name: duo_chat_ga_alert
-feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/442655
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/149329
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/455857
-milestone: '17.0'
-type: gitlab_com_derisk
-group: group::acquisition
-default_enabled: false

doc/.vale/gitlab/spelling-exceptions.txt

@@ -507,8 +507,10 @@ Karma
 KCachegrind
 Kerberos
 Keycloak
+keyless
 keyset
 keyspace
+keystore
 keytab
 keytabs
 Kibana

doc/api/container_registry.md

@@ -24,10 +24,10 @@ This controls who can view the container registry.
 PUT /projects/:id/
 ```
 
-| Attribute | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `id`      | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) accessible by the authenticated user. |
-| `container_registry_access_level` | string | no | The desired visibility of the container registry. One of `enabled` (default), `private`, or `disabled`. |
+| Attribute                         | Type           | Required | Description |
+|-----------------------------------|----------------|----------|-------------|
+| `id`                              | integer/string | yes      | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) accessible by the authenticated user. |
+| `container_registry_access_level` | string         | no       | The desired visibility of the container registry. One of `enabled` (default), `private`, or `disabled`. |
 
 Descriptions of the possible values for `container_registry_access_level`:
 
@@ -78,11 +78,11 @@ Get a list of registry repositories in a project.
 GET /projects/:id/registry/repositories
 ```
 
-| Attribute | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `id`      | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) accessible by the authenticated user. |
-| `tags`      | boolean | no | If the parameter is included as true, each repository includes an array of `"tags"` in the response. |
-| `tags_count` | boolean | no | If the parameter is included as true, each repository includes `"tags_count"` in the response . |
+| Attribute    | Type           | Required | Description |
+|--------------|----------------|----------|-------------|
+| `id`         | integer/string | yes      | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) accessible by the authenticated user. |
+| `tags`       | boolean        | no       | If the parameter is included as true, each repository includes an array of `"tags"` in the response. |
+| `tags_count` | boolean        | no       | If the parameter is included as true, each repository includes `"tags_count"` in the response . |
 
 ```shell
 curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/registry/repositories"
@@ -125,9 +125,9 @@ Get a list of registry repositories in a group.
 GET /groups/:id/registry/repositories
 ```
 
-| Attribute | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `id`      | integer/string | yes | The ID or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) accessible by the authenticated user. |
+| Attribute | Type           | Required | Description |
+|-----------|----------------|----------|-------------|
+| `id`      | integer/string | yes      | The ID or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) accessible by the authenticated user. |
 
 ```shell
 curl --header "PRIVATE-TOKEN: <your_access_token>" \
@@ -167,12 +167,12 @@ Get details of a registry repository.
 GET /registry/repositories/:id
 ```
 
-| Attribute | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `id`      | integer/string | yes | The ID of the registry repository accessible by the authenticated user. |
-| `tags`      | boolean | no | If the parameter is included as `true`, the response includes an array of `"tags"`. |
-| `tags_count` | boolean | no | If the parameter is included as `true`, the response includes `"tags_count"`. |
-| `size` | boolean | no | If the parameter is included as `true`, the response includes `"size"`. This is the deduplicated size of all images within the repository. Deduplication eliminates extra copies of identical data. For example, if you upload the same image twice, the container registry stores only one copy. This field is only available on GitLab.com for repositories created after `2021-11-04`. |
+| Attribute    | Type           | Required | Description |
+|--------------|----------------|----------|-------------|
+| `id`         | integer/string | yes      | The ID of the registry repository accessible by the authenticated user. |
+| `tags`       | boolean        | no       | If the parameter is included as `true`, the response includes an array of `"tags"`. |
+| `tags_count` | boolean        | no       | If the parameter is included as `true`, the response includes `"tags_count"`. |
+| `size`       | boolean        | no       | If the parameter is included as `true`, the response includes `"size"`. This is the deduplicated size of all images within the repository. Deduplication eliminates extra copies of identical data. For example, if you upload the same image twice, the container registry stores only one copy. This field is only available on GitLab.com for repositories created after `2021-11-04`. |
 
 ```shell
 curl --header "PRIVATE-TOKEN: <your_access_token>" \
@@ -213,10 +213,10 @@ This operation is executed asynchronously and might take some time to get execut
 DELETE /projects/:id/registry/repositories/:repository_id
 ```
 
-| Attribute | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `id`      | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
-| `repository_id` | integer | yes | The ID of registry repository. |
+| Attribute       | Type           | Required | Description |
+|-----------------|----------------|----------|-------------|
+| `id`            | integer/string | yes      | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
+| `repository_id` | integer        | yes      | The ID of registry repository. |
 
 ```shell
 curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" \
@@ -235,10 +235,10 @@ Get a list of tags for given registry repository.
 GET /projects/:id/registry/repositories/:repository_id/tags
 ```
 
-| Attribute | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `id`      | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) accessible by the authenticated user. |
-| `repository_id` | integer | yes | The ID of registry repository. |
+| Attribute       | Type           | Required | Description |
+|-----------------|----------------|----------|-------------|
+| `id`            | integer/string | yes      | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) accessible by the authenticated user. |
+| `repository_id` | integer        | yes      | The ID of registry repository. |
 
 ```shell
 curl --header "PRIVATE-TOKEN: <your_access_token>" \
@@ -270,11 +270,11 @@ Get details of a registry repository tag.
 GET /projects/:id/registry/repositories/:repository_id/tags/:tag_name
 ```
 
-| Attribute | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `id`      | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) accessible by the authenticated user. |
-| `repository_id` | integer | yes | The ID of registry repository. |
-| `tag_name` | string | yes | The name of tag. |
+| Attribute       | Type           | Required | Description |
+|-----------------|----------------|----------|-------------|
+| `id`            | integer/string | yes      | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) accessible by the authenticated user. |
+| `repository_id` | integer        | yes      | The ID of registry repository. |
+| `tag_name`      | string         | yes      | The name of tag. |
 
 ```shell
 curl --header "PRIVATE-TOKEN: <your_access_token>" \
@@ -304,11 +304,11 @@ Delete a registry repository tag.
 DELETE /projects/:id/registry/repositories/:repository_id/tags/:tag_name
 ```
 
-| Attribute | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `id`      | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
-| `repository_id` | integer | yes | The ID of registry repository. |
-| `tag_name` | string | yes | The name of tag. |
+| Attribute       | Type           | Required | Description |
+|-----------------|----------------|----------|-------------|
+| `id`            | integer/string | yes      | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
+| `repository_id` | integer        | yes      | The ID of registry repository. |
+| `tag_name`      | string         | yes      | The name of tag. |
 
 ```shell
 curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" \
@@ -329,15 +329,15 @@ For an overview, see [Use the container registry API to delete all tags except *
 DELETE /projects/:id/registry/repositories/:repository_id/tags
 ```
 
-| Attribute | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `id`      | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
-| `repository_id` | integer | yes | The ID of registry repository. |
-| `name_regex` | string | no | The [re2](https://github.com/google/re2/wiki/Syntax) regex of the name to delete. To delete all tags specify `.*`. **Note:** `name_regex` is deprecated in favor of `name_regex_delete`. This field is validated. |
-| `name_regex_delete` | string | yes | The [re2](https://github.com/google/re2/wiki/Syntax) regex of the name to delete. To delete all tags specify `.*`. This field is validated. |
-| `name_regex_keep` | string | no | The [re2](https://github.com/google/re2/wiki/Syntax) regex of the name to keep. This value overrides any matches from `name_regex_delete`. This field is validated. Note: setting to `.*` results in a no-op. |
-| `keep_n` | integer | no | The amount of latest tags of given name to keep. |
-| `older_than` | string | no | Tags to delete that are older than the given time, written in human readable form `1h`, `1d`, `1month`. |
+| Attribute           | Type           | Required | Description |
+|---------------------|----------------|----------|-------------|
+| `id`                | integer/string | yes      | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
+| `repository_id`     | integer        | yes      | The ID of registry repository. |
+| `name_regex`        | string         | no       | The [re2](https://github.com/google/re2/wiki/Syntax) regex of the name to delete. To delete all tags specify `.*`. **Note:** `name_regex` is deprecated in favor of `name_regex_delete`. This field is validated. |
+| `name_regex_delete` | string         | yes      | The [re2](https://github.com/google/re2/wiki/Syntax) regex of the name to delete. To delete all tags specify `.*`. This field is validated. |
+| `name_regex_keep`   | string         | no       | The [re2](https://github.com/google/re2/wiki/Syntax) regex of the name to keep. This value overrides any matches from `name_regex_delete`. This field is validated. Note: setting to `.*` results in a no-op. |
+| `keep_n`            | integer        | no       | The amount of latest tags of given name to keep. |
+| `older_than`        | string         | no       | Tags to delete that are older than the given time, written in human readable form `1h`, `1d`, `1month`. |
 
 This API returns [HTTP response status code 202](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/202)
 if successful, and performs the following operations:

doc/api/graphql/reference/index.md

@@ -34896,7 +34896,6 @@ Name of the feature that the callout is for.
 | <a id="usercalloutfeaturenameenumdeployment_approvals_empty_state"></a>`DEPLOYMENT_APPROVALS_EMPTY_STATE` | Callout feature name for deployment_approvals_empty_state. |
 | <a id="usercalloutfeaturenameenumdeployment_details_feedback"></a>`DEPLOYMENT_DETAILS_FEEDBACK` | Callout feature name for deployment_details_feedback. |
 | <a id="usercalloutfeaturenameenumduo_chat_callout"></a>`DUO_CHAT_CALLOUT` | Callout feature name for duo_chat_callout. |
-| <a id="usercalloutfeaturenameenumduo_chat_ga_alert"></a>`DUO_CHAT_GA_ALERT` | Callout feature name for duo_chat_ga_alert. |
 | <a id="usercalloutfeaturenameenumfeature_flags_new_version"></a>`FEATURE_FLAGS_NEW_VERSION` | Callout feature name for feature_flags_new_version. |
 | <a id="usercalloutfeaturenameenumgcp_signup_offer"></a>`GCP_SIGNUP_OFFER` | Callout feature name for gcp_signup_offer. |
 | <a id="usercalloutfeaturenameenumgeo_enable_hashed_storage"></a>`GEO_ENABLE_HASHED_STORAGE` | Callout feature name for geo_enable_hashed_storage. |

doc/ci/docker/using_docker_images.md

@@ -492,67 +492,67 @@ and update Docker images on Amazon ECR, without using manual credential manageme
 1. [Authenticate GitLab with AWS](../cloud_deployment/index.md#authenticate-gitlab-with-aws).
 1. Create a `Dockerfile` with the following content:
 
-    ```Dockerfile
-      # Control package versions
-      ARG GITLAB_RUNNER_VERSION=v16.4.0
-      ARG AWS_CLI_VERSION=2.2.30
-
-      # AWS CLI and Amazon ECR Credential Helper
-      FROM amazonlinux as aws-tools
-      RUN set -e \
-          && yum update -y \
-          && yum install -y --allowerasing git make gcc curl unzip \
-          && curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" --output "awscliv2.zip" \
-          && unzip awscliv2.zip && ./aws/install -i /usr/local/bin \
-          && yum clean all
-
-      # Download and install ECR Credential Helper
-      RUN curl --location --output  /usr/local/bin/docker-credential-ecr-login "https://github.com/awslabs/amazon-ecr-credential-helper/releases/latest/download/docker-credential-ecr-login-linux-amd64"
-      RUN chmod +x /usr/local/bin/docker-credential-ecr-login
-
-      # Configure the ECR Credential Helper
-      RUN mkdir -p /root/.docker
-      RUN echo '{ "credsStore": "ecr-login" }' > /root/.docker/config.json
-
-      # Final image based on GitLab Runner
-      FROM gitlab/gitlab-runner:${GITLAB_RUNNER_VERSION}
-
-      # Install necessary packages
-      RUN apt-get update \
-          && apt-get install -y --no-install-recommends jq procps curl unzip groff libgcrypt20 tar gzip less openssh-client \
-          && apt-get clean && rm -rf /var/lib/apt/lists/*
-
-      # Copy AWS CLI and Amazon ECR Credential Helper binaries
-      COPY --from=aws-tools /usr/local/bin/ /usr/local/bin/
-
-      # Copy ECR Credential Helper Configuration
-      COPY --from=aws-tools /root/.docker/config.json /root/.docker/config.json
-    ```
+   ```Dockerfile
+   # Control package versions
+   ARG GITLAB_RUNNER_VERSION=v16.4.0
+   ARG AWS_CLI_VERSION=2.2.30
+
+   # AWS CLI and Amazon ECR Credential Helper
+   FROM amazonlinux as aws-tools
+   RUN set -e \
+       && yum update -y \
+       && yum install -y --allowerasing git make gcc curl unzip \
+       && curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" --output "awscliv2.zip" \
+       && unzip awscliv2.zip && ./aws/install -i /usr/local/bin \
+       && yum clean all
+
+   # Download and install ECR Credential Helper
+   RUN curl --location --output  /usr/local/bin/docker-credential-ecr-login "https://github.com/awslabs/amazon-ecr-credential-helper/releases/latest/download/docker-credential-ecr-login-linux-amd64"
+   RUN chmod +x /usr/local/bin/docker-credential-ecr-login
+
+   # Configure the ECR Credential Helper
+   RUN mkdir -p /root/.docker
+   RUN echo '{ "credsStore": "ecr-login" }' > /root/.docker/config.json
+
+   # Final image based on GitLab Runner
+   FROM gitlab/gitlab-runner:${GITLAB_RUNNER_VERSION}
+
+   # Install necessary packages
+   RUN apt-get update \
+       && apt-get install -y --no-install-recommends jq procps curl unzip groff libgcrypt20 tar gzip less openssh-client \
+       && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+   # Copy AWS CLI and Amazon ECR Credential Helper binaries
+   COPY --from=aws-tools /usr/local/bin/ /usr/local/bin/
+
+   # Copy ECR Credential Helper Configuration
+   COPY --from=aws-tools /root/.docker/config.json /root/.docker/config.json
+   ```
 
 1. To build the custom GitLab Runner Docker image within a `.gitlab-ci.yml`, include the following example below:
 
-    ```yaml
-    variables:
-      DOCKER_DRIVER: overlay2
-      IMAGE_NAME: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
-      GITLAB_RUNNER_VERSION: v16.4.0
-      AWS_CLI_VERSION: 2.13.21
-
-    stages:
-      - build
-
-    build-image:
-      stage: build
-      script:
-        - echo "Logging into GitLab container registry..."
-        - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
-        - echo "Building Docker image..."
-        - docker build --build-arg GITLAB_RUNNER_VERSION=${GITLAB_RUNNER_VERSION} --build-arg AWS_CLI_VERSION=${AWS_CLI_VERSION} -t ${IMAGE_NAME} .
-        - echo "Pushing Docker image to GitLab container registry..."
-        - docker push ${IMAGE_NAME}
-      rules:
-        - changes:
-            - Dockerfile
-    ```
+   ```yaml
+   variables:
+     DOCKER_DRIVER: overlay2
+     IMAGE_NAME: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
+     GITLAB_RUNNER_VERSION: v16.4.0
+     AWS_CLI_VERSION: 2.13.21
+
+   stages:
+     - build
+
+   build-image:
+     stage: build
+     script:
+       - echo "Logging into GitLab container registry..."
+       - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+       - echo "Building Docker image..."
+       - docker build --build-arg GITLAB_RUNNER_VERSION=${GITLAB_RUNNER_VERSION} --build-arg AWS_CLI_VERSION=${AWS_CLI_VERSION} -t ${IMAGE_NAME} .
+       - echo "Pushing Docker image to GitLab container registry..."
+       - docker push ${IMAGE_NAME}
+     rules:
+       - changes:
+           - Dockerfile
+   ```
 
 1. [Register the runner](https://docs.gitlab.com/runner/register/index.html#docker).

doc/ci/jobs/job_artifacts.md

@@ -288,13 +288,13 @@ some artifacts file extensions directly in your browser. If the project is inter
 
 The following extensions are supported:
 
-| File extension | GitLab.com | Linux package with built-in NGINX |
-|----------|---------------------|--------------|
-|  `.html`   | **{check-circle}** Yes | **{check-circle}** Yes |
-|  `.json`   | **{check-circle}** Yes | **{check-circle}** Yes |
-|  `.xml`   | **{check-circle}** Yes | **{check-circle}** Yes |
-|  `.txt` | **{dotted-circle}** No | **{check-circle}** Yes |
-| `.log` | **{dotted-circle}** No | **{check-circle}** Yes |
+| File extension | GitLab.com             | Linux package with built-in NGINX |
+|----------------|------------------------|-----------------------------------|
+| `.html`        | **{check-circle}** Yes | **{check-circle}** Yes            |
+| `.json`        | **{check-circle}** Yes | **{check-circle}** Yes            |
+| `.xml`         | **{check-circle}** Yes | **{check-circle}** Yes            |
+| `.txt`         | **{dotted-circle}** No | **{check-circle}** Yes            |
+| `.log`         | **{dotted-circle}** No | **{check-circle}** Yes            |
 
 ### From a URL
 

doc/ci/pipelines/index.md

@@ -350,7 +350,7 @@ running time is:
 To view all the pipelines that ran for your project:
 
 1. On the left sidebar, select **Search or go to** and find your project.
-1. **Build > Pipelines** page.
+1. Select **Build > Pipelines**.
 
 You can filter the pipeline list by:
 

doc/ci/pipelines/schedules.md

@@ -90,18 +90,6 @@ You need at least the Maintainer role to take ownership of a pipeline created by
 - [Pipeline schedules API](../../api/pipeline_schedules.md)
 - [Run jobs for scheduled pipelines](../jobs/job_rules.md#run-jobs-for-scheduled-pipelines)
 
-<!-- ## Troubleshooting
-
-Include any troubleshooting steps that you can foresee. If you know beforehand what issues
-one might have when setting this up, or when something is changed, or on upgrading, it's
-important to describe those, too. Think of things that may go wrong and include them here.
-This is important to minimize requests for support, and to avoid doc comments with
-questions that you know someone might ask.
-
-Each scenario can be a third-level heading, for example `### Getting error message X`.
-If you have none to add when creating a doc, leave this section in place
-but commented out to help encourage others to add to it in the future. -->
-
 ## Troubleshooting
 
 ### Short refs are expanded to Full refs

doc/ci/quick_start/index.md

@@ -69,9 +69,10 @@ In this file, you define:
 - The structure and order of jobs that the runner should execute.
 - The decisions the runner should make when specific conditions are encountered.
 
-To create a `.gitlab-ci.yml` file:
+To create a `.gitlab-ci.yml` file in your project:
 
-1. On the left sidebar, select **Code > Repository**.
+1. On the left sidebar, select **Search or go to** and find your project.
+1. Select **Code > Repository**.
 1. Above the file list, select the branch you want to commit to.
    If you're not sure, leave `master` or `main`.
    Then select the plus icon (**{plus}**) and **New file**:

doc/ci/quick_start/tutorial.md

@@ -37,9 +37,7 @@ Before adding the pipeline configuration, you must first set up a Docusaurus pro
 on GitLab.com:
 
 1. Create a new project under your username (not a group):
-   1. On the left sidebar, select **Search or go to**.
-   1. Select **View all my projects**.
-   1. On the right of the page, select **New project**.
+   1. On the left sidebar, at the top, select **Create new** (**{plus}**) and **New project/repository**.
    1. Select **Create blank project**.
    1. Enter the project details:
       - In the **Project name** field, enter the name of your project, for example `My Pipeline Tutorial Project`.

doc/ci/resource_groups/index.md

@@ -257,19 +257,19 @@ first check that the resource group is working correctly:
 1. Go to the job details page.
 1. If the resource is assigned to a job, select **View job currently using resource** and check the job status.
 
-    - If the status is `running` or `pending`, the feature is working correctly. Wait until the job finishes and releases the resource.
-    - If the status is `created` and the [process mode](#process-modes) is either **Oldest first** or **Newest first**, the feature is working correctly.
-     Visit the pipeline page of the job and check which upstream stage or job is blocking the execution.
-    - If none of the above conditions are met, the feature might not be working correctly. [Report the issue to GitLab](#report-an-issue).
+   - If the status is `running` or `pending`, the feature is working correctly. Wait until the job finishes and releases the resource.
+   - If the status is `created` and the [process mode](#process-modes) is either **Oldest first** or **Newest first**, the feature is working correctly.
+    Visit the pipeline page of the job and check which upstream stage or job is blocking the execution.
+   - If none of the above conditions are met, the feature might not be working correctly. [Report the issue to GitLab](#report-an-issue).
 
 1. If **View job currently using resource** is not available, the resource is not assigned to a job. Instead, check the resource's upcoming jobs.
 
-    1. Get the resource's upcoming jobs with the [REST API](../../api/resource_groups.md#list-upcoming-jobs-for-a-specific-resource-group).
-    1. Verify that the resource group's [process mode](#process-modes) is **Oldest first**.
-    1. Find the first job in the list of upcoming jobs, and get the job details [with GraphQL](#get-job-details-through-graphql).
-    1. If the first job's pipeline is an older pipeline, try to cancel the pipeline or the job itself.
-    1. Optional. Repeat this process if the next upcoming job is still in an older pipeline that should no longer run.
-    1. If the problem persists, [report the issue to GitLab](#report-an-issue).
+   1. Get the resource's upcoming jobs with the [REST API](../../api/resource_groups.md#list-upcoming-jobs-for-a-specific-resource-group).
+   1. Verify that the resource group's [process mode](#process-modes) is **Oldest first**.
+   1. Find the first job in the list of upcoming jobs, and get the job details [with GraphQL](#get-job-details-through-graphql).
+   1. If the first job's pipeline is an older pipeline, try to cancel the pipeline or the job itself.
+   1. Optional. Repeat this process if the next upcoming job is still in an older pipeline that should no longer run.
+   1. If the problem persists, [report the issue to GitLab](#report-an-issue).
 
 #### Race conditions in complex or busy pipelines
 
@@ -303,42 +303,42 @@ To get job information from the GraphQL API:
 1. Go to the [interactive GraphQL explorer](../../api/graphql/index.md#interactive-graphql-explorer).
 1. Run the following query:
 
-    ```graphql
-    {
-      project(fullPath: "<fullpath-to-your-project>") {
-        name
-        job(id: "gid://gitlab/Ci::Build/<job-id>") {
-          name
-          status
-          detailedStatus {
-            action {
-              path
-              buttonTitle
-            }
-          }
-        }
-      }
-    }
-    ```
+   ```graphql
+   {
+     project(fullPath: "<fullpath-to-your-project>") {
+       name
+       job(id: "gid://gitlab/Ci::Build/<job-id>") {
+         name
+         status
+         detailedStatus {
+           action {
+             path
+             buttonTitle
+           }
+         }
+       }
+     }
+   }
+   ```
 
     The `job.detailedStatus.action.path` field contains the job ID using the resource.
 
 1. Run the following query and check `job.status` field according to the criteria above. You can also visit the pipeline page from `pipeline.path` field.
 
-    ```graphql
-    {
-      project(fullPath: "<fullpath-to-your-project>") {
-        name
-        job(id: "gid://gitlab/Ci::Build/<job-id-currently-using-the-resource>") {
-          name
-          status
-          pipeline {
-            path
-          }
-        }
-      }
-    }
-    ```
+   ```graphql
+   {
+     project(fullPath: "<fullpath-to-your-project>") {
+       name
+       job(id: "gid://gitlab/Ci::Build/<job-id-currently-using-the-resource>") {
+         name
+         status
+         pipeline {
+           path
+         }
+       }
+     }
+   }
+   ```
 
 ### Report an issue
 

doc/ci/secrets/fortanix_dsm_integration.md

@@ -99,8 +99,9 @@ To generate a new secret in Fortanix DSM and use it with GitLab:
      }
      ```
 
-1. In GitLab, go to your project.
-1. Go to **Settings > CI/CD > Variables**, and add these variables:
+1. In GitLab, on the left sidebar, select **Search or go to** and find your project.
+1. Select **Settings > CI/CD**.
+1. Expand **Variables** and add these variables:
    - `FORTANIX_API_ENDPOINT`
    - `FORTANIX_API_KEY`
    - `FORTANIX_PLUGIN_ID`
@@ -130,7 +131,7 @@ To generate a new secret in Fortanix DSM and use it with GitLab:
    If not, select **Build > Pipelines > Run pipeline**.
 1. Go to **Build > Jobs** and check the `build` job's log:
 
-   - ![gitlab_build_result_1](img/gitlab_build_result_1.png)
+   ![gitlab_build_result_1](img/gitlab_build_result_1.png)
 
 ![dsm_secrets](img/dsm_secrets.png)
 
@@ -142,8 +143,9 @@ To use a secret that already exists in Fortanix DSM with GitLab:
 
    ![dsm_secret_import_1](img/dsm_secret_import_1.png)
 
-1. In GitLab, go to your project.
-1. Go to **Settings > CI/CD > Variables**, and add these variables:
+1. In GitLab, on the left sidebar, select **Search or go to** and find your project.
+1. Select **Settings > CI/CD**.
+1. Expand **Variables** and add these variables:
    - `FORTANIX_API_ENDPOINT`
    - `FORTANIX_API_KEY`
    - `FORTANIX_PLUGIN_ID`
@@ -181,8 +183,9 @@ To set up code signing securely in your GitLab environment:
 
    ![dsm_secret_import_2](img/dsm_secret_import_2.png)
 
-1. In GitLab, go to your project.
-1. Go to **Settings > CI/CD > Variables**, and add these variables:
+1. In GitLab, on the left sidebar, select **Search or go to** and find your project.
+1. Select **Settings > CI/CD**.
+1. Expand **Variables** and add these variables:
    - `FORTANIX_API_ENDPOINT`
    - `FORTANIX_API_KEY`
    - `FORTANIX_SECRET_NAME_1` (for `keystore_password`)

doc/ci/variables/index.md

@@ -139,7 +139,9 @@ Prerequisites:
 
 To add or update variables in the project settings:
 
-1. Go to your project's **Settings > CI/CD** and expand the **Variables** section.
+1. On the left sidebar, select **Search or go to** and find your project.
+1. Select **Settings > CI/CD**.
+1. Expand **Variables**.
 1. Select **Add variable** and fill in the details:
    - **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`.
    - **Value**: No limitations.
@@ -168,7 +170,9 @@ Prerequisites:
 
 To add a group variable:
 
-1. In the group, go to **Settings > CI/CD**.
+1. On the left sidebar, select **Search or go to** and find your group.
+1. Select **Settings > CI/CD**.
+1. Expand **Variables**.
 1. Select **Add variable** and fill in the details:
    - **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`.
    - **Value**: No limitations.
@@ -190,7 +194,9 @@ DETAILS:
 
 To set a group CI/CD variable to only be available for certain environments:
 
-1. In the group, go to **Settings > CI/CD**.
+1. On the left sidebar, select **Search or go to** and find your group.
+1. Select **Settings > CI/CD**.
+1. Expand **Variables**.
 1. To the right of the variable, select **Edit** (**{pencil}**).
 1. For **Environment scope**, select **All (default)** (`*`), a specific [environment](../environments/index.md#types-of-environments),
    or a wildcard [environment scope](../environments/index.md#limit-the-environment-scope-of-a-cicd-variable).
@@ -210,7 +216,8 @@ Prerequisites:
 To add an instance variable:
 
 1. On the left sidebar, at the bottom, select **Admin Area**.
-1. Select **Settings > CI/CD** and expand the **Variables** section.
+1. Select **Settings > CI/CD**.
+1. Expand **Variables**.
 1. Select **Add variable** and fill in the details:
    - **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`.
    - **Value**: The value is limited to 10,000 characters, but also bounded by any limits in the
@@ -279,8 +286,8 @@ Prerequisites:
 
 To mask a variable:
 
-1. In the project, group, or Admin Area, go to **Settings > CI/CD**.
-1. Expand the **Variables** section.
+1. For the group, project, or in the Admin Area, select **Settings > CI/CD**.
+1. Expand **Variables**.
 1. Next to the variable you want to protect, select **Edit**.
 1. Select the **Mask variable** checkbox.
 1. Select **Update variable**.
@@ -320,8 +327,8 @@ Prerequisites:
 
 To set a variable as protected:
 
-1. Go to **Settings > CI/CD** in the project, group or instance Admin Area.
-1. Expand the **Variables** section.
+1. For the project or group, go to **Settings > CI/CD**.
+1. Expand **Variables**.
 1. Next to the variable you want to protect, select **Edit**.
 1. Select the **Protect variable** checkbox.
 1. Select **Update variable**.
@@ -674,8 +681,8 @@ Prerequisites:
 
 To disable variable expansion for the variable:
 
-1. In the project or group, go to **Settings > CI/CD**.
-1. Expand the **Variables** section.
+1. For the project or group, go to **Settings > CI/CD**.
+1. Expand **Variables**.
 1. Next to the variable you want to do not want expanded, select **Edit**.
 1. Clear the **Expand variable** checkbox.
 1. Select **Update variable**.
@@ -781,38 +788,38 @@ The runner cannot handle manual exports, shell aliases, and functions executed i
 For example, in the following `.gitlab-ci.yml` file, the following scripts are defined:
 
 ```yaml
-    job:
-     variables:
-       JOB_DEFINED_VARIABLE: "job variable"
-     before_script:
-       - echo "This is the 'before_script' script"
-       - export MY_VARIABLE="variable"
-     script:
-       - echo "This is the 'script' script"
-       - echo "JOB_DEFINED_VARIABLE's value is ${JOB_DEFINED_VARIABLE}"
-       - echo "CI_COMMIT_SHA's value is ${CI_COMMIT_SHA}"
-       - echo "MY_VARIABLE's value is ${MY_VARIABLE}"
-     after_script:
-       - echo "JOB_DEFINED_VARIABLE's value is ${JOB_DEFINED_VARIABLE}"
-       - echo "CI_COMMIT_SHA's value is ${CI_COMMIT_SHA}"
-       - echo "MY_VARIABLE's value is ${MY_VARIABLE}"
+job:
+ variables:
+   JOB_DEFINED_VARIABLE: "job variable"
+ before_script:
+   - echo "This is the 'before_script' script"
+   - export MY_VARIABLE="variable"
+ script:
+   - echo "This is the 'script' script"
+   - echo "JOB_DEFINED_VARIABLE's value is ${JOB_DEFINED_VARIABLE}"
+   - echo "CI_COMMIT_SHA's value is ${CI_COMMIT_SHA}"
+   - echo "MY_VARIABLE's value is ${MY_VARIABLE}"
+ after_script:
+   - echo "JOB_DEFINED_VARIABLE's value is ${JOB_DEFINED_VARIABLE}"
+   - echo "CI_COMMIT_SHA's value is ${CI_COMMIT_SHA}"
+   - echo "MY_VARIABLE's value is ${MY_VARIABLE}"
 ```
 
 When the runner executes the job:
 
 1. `before_script` is executed:
-    1. Prints to the output.
-    1. Defines the variable for `MY_VARIABLE`.
+   1. Prints to the output.
+   1. Defines the variable for `MY_VARIABLE`.
 1. `script` is executed:
-    1. Prints to the output.
-    1. Prints the value of `JOB_DEFINED_VARIABLE`.
-    1. Prints the value of `CI_COMMIT_SHA`.
-    1. Prints the value of `MY_VARIABLE`.
+   1. Prints to the output.
+   1. Prints the value of `JOB_DEFINED_VARIABLE`.
+   1. Prints the value of `CI_COMMIT_SHA`.
+   1. Prints the value of `MY_VARIABLE`.
 1. `after_script` is executed in a new, separate shell context:
-    1. Prints to the output.
-    1. Prints the value of `JOB_DEFINED_VARIABLE`.
-    1. Prints the value of `CI_COMMIT_SHA`.
-    1. Prints an empty value of `MY_VARIABLE`. The variable value cannot be detected because `after_script` is in a separate shell context to `before_script`.
+   1. Prints to the output.
+   1. Prints the value of `JOB_DEFINED_VARIABLE`.
+   1. Prints the value of `CI_COMMIT_SHA`.
+   1. Prints an empty value of `MY_VARIABLE`. The variable value cannot be detected because `after_script` is in a separate shell context to `before_script`.
 
 ## Related topics
 

doc/ci/yaml/script.md

@@ -115,11 +115,11 @@ The job status displayed in the UI will be `canceling` while the `after_script`
 **Additional details:**
 
 - To avoid `after_script` commands being executed after canceling a job, you can check the `$CI_JOB_STATUS` predefined variable at the beginning of your `after_script` and end execution early depending on the value, for example:
-  
+
   ```shell
   - if [ "$CI_JOB_STATUS" == "canceled" ]; then exit 0; fi
   ```
-  
+
 - GitLab Runner 16.11.1 and above are recommended to support this feature:
   - In the GitLab Runner 16.11.1 patch release, [`canceled` is supported for `$CI_JOB_STATUS`](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/37485). Before the patch release, the status will be `failed` while `canceling`.
   - Prior to the GitLab Runner 16.11.1 patch release, a bug caused the `after_script` work to close pre-maturely.

doc/ci/yaml/signing_examples.md

@@ -36,7 +36,7 @@ Prerequisites:
 
 **Limitations**
 
-- The `id_tokens` portion of the CI/CD config file must be located in the project that is being built and signed. AutoDevOps, CI files included from another repository, and child pipelines are not supported. Work to remove this limitation is being tracked in [issue 411317](https://gitlab.com/gitlab-org/gitlab/-/issues/411317).
+- The `id_tokens` portion of the CI/CD configuration file must be located in the project that is being built and signed. AutoDevOps, CI files included from another repository, and child pipelines are not supported. Work to remove this limitation is being tracked in [issue 411317](https://gitlab.com/gitlab-org/gitlab/-/issues/411317).
 
 **Best practices**:
 
@@ -158,7 +158,7 @@ needed to make it safer to distribute and use open source software.
 **Related topics**:
 
 - [SLSA Provenance definition](https://slsa.dev/provenance/v1)
-- [npm Docs](https://docs.npmjs.com/generating-provenance-statements/)
+- [npm documentation](https://docs.npmjs.com/generating-provenance-statements/)
 - [npm Provenance RFC](https://github.com/npm/rfcs/blob/main/accepted/0049-link-packages-to-source-and-build.md#detailed-steps-to-publish)
 
 ### Generating provenance in GitLab CI/CD