Feature/password complexity on backend

What does this MR do and why?

related issue #354966 (closed) Also related: #348484 (closed)

This is the backend MR of adding minimum password complexity to application_settings, so we can let administrators to customize the password complexity. The chars used in a password can be covered by 4 types, uppercase letters, lowercase letters, numbers and symbols, so the the max value of this column should be 4.

The default value of this column is set to 1 to not change the default behaviors of password validations, the password can be set to any chars if the password complexity is 1.

Screenshots or screen recordings

The following images that shows that final stage of this feature, but the frontend part is not included in this MR.

before	after	Validation from PW creation	failed validation

How to set up and validate locally

bundle exec rspec ee/spec/features/users/signup_spec.rb

Database

Migrations

rails db:migrate:up VERSION=20220329092245

== 20220329092245 AddPasswordCharsRequirementToApplicationSettings: migrating =
-- add_column(:application_settings, :password_uppercase_required, :boolean, {:default=>false, :null=>false})
   -> 0.0042s
-- add_column(:application_settings, :password_lowercase_required, :boolean, {:default=>false, :null=>false})
   -> 0.0013s
-- add_column(:application_settings, :password_number_required, :boolean, {:default=>false, :null=>false})
   -> 0.0012s
-- add_column(:application_settings, :password_symbol_required, :boolean, {:default=>false, :null=>false})
   -> 0.0015s
== 20220329092245 AddPasswordCharsRequirementToApplicationSettings: migrated (0.0084s)


rails db:migrate:down VERSION=20220329092245

== 20220329092245 AddPasswordCharsRequirementToApplicationSettings: reverting =
-- remove_column(:application_settings, :password_symbol_required, :boolean, {:default=>false, :null=>false})
   -> 0.0032s
-- remove_column(:application_settings, :password_number_required, :boolean, {:default=>false, :null=>false})
   -> 0.0012s
-- remove_column(:application_settings, :password_lowercase_required, :boolean, {:default=>false, :null=>false})
   -> 0.0017s
-- remove_column(:application_settings, :password_uppercase_required, :boolean, {:default=>false, :null=>false})
   -> 0.0013s
== 20220329092245 AddPasswordCharsRequirementToApplicationSettings: reverted (0.0097s)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

added JiHu contribution label

@mtan-gitlab

Thank you for your contribution to GitLab. We believe that everyone can contribute and contributions like yours are what make GitLab great!

• Our Merge Request Coaches will ensure your contribution is reviewed in a timely manner*.
• If you haven't, please set up a DANGER_GITLAB_API_TOKEN.
• You can comment @gitlab-bot label ~"group::" to add a group label.
• If you need help moving the MR forward or finding a reviewer, feel free to ask @gitlab-bot help or ping a Merge Request Coach.
• Read more on how to get help.
• You can provide feedback on the GitLab Contributor Experience in this survey

This message was generated automatically. You're welcome to improve it.

added Community contribution label

assigned to @mtan-gitlab

changed title from Draft: Feature/password complexity to Draft: Feature/password complexity on backend

marked the checklist item I have evaluated the MR acceptance checklist for this MR. as completed

	5 Warnings
	903da824: Commits that change 30 or more lines across at least 3 files should describe these changes in the commit body. For more information, take a look at our Commit message guidelines.
	0f63e7fd: The commit subject may not be longer than 72 characters. For more information, take a look at our Commit message guidelines.
	840ec907: Commits that change 30 or more lines across at least 3 files should describe these changes in the commit body. For more information, take a look at our Commit message guidelines.
	fe53188a: Commits that change 30 or more lines across at least 3 files should describe these changes in the commit body. For more information, take a look at our Commit message guidelines.
	8bcb9301: Commits that change 30 or more lines across at least 3 files should describe these changes in the commit body. For more information, take a look at our Commit message guidelines.

	1 Message
	This merge request adds or changes files that require a review from the Database team.

If needed, you can retry the danger-review job that generated this comment.

This merge request requires a database review. To make sure these changes are reviewed, take the following steps:

1. Ensure the merge request has database and databasereview pending labels. If the merge request modifies database files, Danger will do this for you.
2. Prepare your MR for database review according to the docs.
3. Assign and mention the database reviewer suggested by Reviewer Roulette.

The following files require a review from the Database team:

• db/migrate/20220329092245_add_password_chars_requirement_to_application_settings.rb
• db/migrate/20220329092245_add_password_chars_requirement_to_application_settings.rb
• db/schema_migrations/20220329092245
• db/structure.sql

Notification to the Data Team about changes to files with possible impact on Data Warehouse, add label Data Warehouse::Impact Check.

The following files require a review:

• db/structure.sql

Reviewer roulette

Changes that require review have been detected!

Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:

Category	Reviewer	Maintainer
backend	Zamir Martins Filho (@zmartins) (UTC-4)	Terri Chu (@terrichu) (UTC-4)
database	Sincheol (David) Kim (@dskim_gitlab) (UTC+9.5)	Tiger Watson (@tigerwnz) (UTC+10)
~migration	No reviewer available	No maintainer available

To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.

To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.

Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.

Generated by Danger

mentioned in issue gitlab-org/quality/triage-reports#6850 (closed)

added 1 commit

• 7e49b7a7 - Test: fix casese breaks pipeline

Compare with previous version

added 162 commits

• 7e49b7a7...abc85104 - 159 commits from branch gitlab-org:master
• 283e4120 - Feat: add minimum password complexity to application settings
• 96b27597 - Feat: add mininum password complexity checking for premium plan
• ba2ef8f4 - Test: fix casese breaks pipeline

Compare with previous version

@gitlab-bot help

Hey there @jannik_lehmann, can you please take a look at this MR and help @mtan-gitlab out?

@mtan-gitlab,

Thanks for reaching out for help. I've notified the merge request coaches.

They will get back to you as soon as they can.

If you have not received any response, you may ask for help again after 1 day.

requested review from @acook.gitlab

added devopsmanage groupauthentication and authorization [DEPRECATED] typefeature labels

removed review request for @acook.gitlab

requested review from @rshambhuni

Setting label(s) ~"Category:Authentication and Authorization" sectiondev based on ~"group::authentication and authorization".

added sectiondev + 1 deleted label

mentioned in issue gitlab-jh/status-reports#118

changed the description

mentioned in issue gitlab-com/Product#3903 (closed)

changed the description

mentioned in issue gitlab-org/manage/general-discussion#17468

changed milestone to %14.10

changed the description

added GitLab Premium GitLab Ultimate labels

mentioned in issue gitlab-jh/status-reports#120

changed the description

mentioned in issue gitlab-jh/status-reports#122

added 2165 commits

• ba2ef8f4...d907b3d5 - 2160 commits from branch gitlab-org:master
• 8e671393 - Feat: add minimum password complexity to application settings
• f21fff08 - Feat: add mininum password complexity checking for premium plan
• 148e586e - Test: fix casese breaks pipeline
• 53780b81 - Feat: add password complexity requirements to settings
• f95d06b9 - Feat: update password complexity requirements

Compare with previous version

	3 Warnings
	This MR has a Changelog commit with the EE: true trailer, but there are database changes which requires the Changelog commit to not have the EE: true trailer. Consider removing the EE: true trailer from your commits.
	def31f17: The commit body should not contain more than 72 characters per line. For more information, take a look at our Commit message guidelines.
	74dbe717: Commits that change 30 or more lines across at least 3 files should describe these changes in the commit body. For more information, take a look at our Commit message guidelines.

If needed, you can retry the danger-review job that generated this comment.

Reviewer roulette

Changes that require review have been detected!

Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:

Category	Reviewer	Maintainer
backend	Dominic Bauer (@bauerdominic) (UTC+2)	Andy Soiron (@Andysoiron) (UTC+0)
database	Diogo Frazão (@dfrazao-gitlab) (UTC+0)	Adam Hegyi (@ahegyi) (UTC+2)
~migration	No reviewer available	No maintainer available

To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.

To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.

Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.

Generated by Danger

mentioned in merge request !84238 (closed)

@mtan-gitlab When you get a chance, can you let us know how this is looking for %14.10 timeframe?

mentioned in issue gitlab-jh/status-reports#124

added sec-planningpending-followup label

Added the sec-planningpending-followup label (to indicate that there is follow up action required on this MR from AppSec until a few ongoing discussions are resolved) based on the guidance in https://gitlab.com/gitlab-org/security/gitlab/-/issues/651.

added workflowin dev label

mentioned in issue #358669 (closed)

added 1425 commits

• f95d06b9...e3d05294 - 1419 commits from branch gitlab-org:master
• 7fef0703 - Feat: add minimum password complexity to application settings
• e0d70838 - Feat: add mininum password complexity checking for premium plan
• c4d7f9b7 - Test: fix casese breaks pipeline
• 29f943f2 - Feat: add password complexity requirements to settings
• b3455d63 - Feat: update password complexity requirements
• feaf292d - Refactor: improve the random password strength

Compare with previous version

mentioned in issue gitlab-jh/status-reports#126

added 237 commits

• feaf292d...892c2fc2 - 230 commits from branch gitlab-org:master
• f0a1152e - Feat: add minimum password complexity to application settings
• 5587c0a5 - Feat: add mininum password complexity checking for premium plan
• 2de85869 - Test: fix casese breaks pipeline
• cee0b36a - Feat: add password complexity requirements to settings
• d6c05a6c - Feat: update password complexity requirements
• 674b33eb - Refactor: improve the random password strength
• b4d74f71 - Refactor: not touch the default random password if no password complexity policies

Compare with previous version

added 1 commit

• ed494502 - Refactor: not touch the default random password if no password complexity policies

Compare with previous version

added 1 commit

• 517aff16 - Fix: skip password complexity validation for user updating

Compare with previous version

marked this merge request as ready

changed milestone to %15.0

mentioned in issue gitlab-jh/status-reports#128

added 1261 commits

• 517aff16...383c298e - 1252 commits from branch gitlab-org:master
• e3506056 - Feat: add minimum password complexity to application settings
• 183a3ad9 - Feat: add mininum password complexity checking for premium plan
• 931905ca - Test: fix casese breaks pipeline
• 4f0f1d8d - Feat: add password complexity requirements to settings
• 4ab8c25e - Feat: update password complexity requirements
• 9aa68297 - Refactor: improve the random password strength
• e5145d1d - Refactor: not touch the default random password if no password complexity policies
• 74c0661c - Fix: skip password complexity validation for user updating
• 4904e0e6 - Feat: add password complexity validator

Compare with previous version

added 1 commit

• cbcd98f8 - Chore: dump structure.sql for pipeline

Compare with previous version

mentioned in merge request !85763 (merged)

mentioned in issue gitlab-jh/status-reports#130

mentioned in commit gitlab-jh/jh-team/gitlab@fc36cdda

added 587 commits

• cbcd98f8...6dbf2c01 - 576 commits from branch gitlab-org:master
• 8bcb9301 - Feat: add minimum password complexity to application settings
• fe53188a - Feat: add mininum password complexity checking for premium plan
• 37ba9eb4 - Test: fix casese breaks pipeline
• fc36cdda - Feat: add password complexity requirements to settings
• 840ec907 - Feat: update password complexity requirements
• d55288a1 - Refactor: improve the random password strength
• 0f63e7fd - Refactor: not touch the default random password if no password complexity policies
• 82d1d775 - Fix: skip password complexity validation for user updating
• 777fd8e5 - Feat: add password complexity validator
• 0af2de2d - Chore: dump structure.sql for pipeline
• 903da824 - Fix: override user random_password method

Compare with previous version

@dskim_gitlab could you please take a database review

/cc @chaomao

requested review from @ifarkas

removed review request for @ifarkas

Thanks @mtan-gitlab - this approach looks good to me too. My only minor question is entropy in !82798 (comment 932807179)

Related to this, how will validation be handled in the front-end - is there an issue or MR we can discuss ? I'm curious if we will allow https://www.compart.com/en/unicode/category/Nd as a number, or not.

mentioned in issue gitlab-jh/status-reports#132

mentioned in issue #18691

mentioned in commit gitlab-jh/jh-team/gitlab@4aefdec0

added 91 commits

• 903da824...4b885b06 - 78 commits from branch gitlab-org:master
• c48399c5 - Feat: add minimum password complexity to application settings
• eaf46b7d - Feat: add mininum password complexity checking for premium plan
• 1d2341a6 - Test: fix casese breaks pipeline
• 4aefdec0 - Feat: add password complexity requirements to settings
• 5331d61b - Feat: update password complexity requirements
• 36934257 - Refactor: improve the random password strength
• c3b7fd11 - Refactor: not touch the default random password if no password complexity policies
• 8961c645 - Fix: skip password complexity validation for user updating
• 73854c02 - Feat: add password complexity validator
• a0c73478 - Chore: dump structure.sql for pipeline
• 23ae9fbe - Fix: override user random_password method
• 56f08fd9 - Fix: add specs for password validator
• def559b9 - Chore: regenerate structure.sql

Compare with previous version

added 2 commits

• 0628e63c - Chore: regenerate structure.sql
• 3c200b44 - Test: add password specs for user updating

Compare with previous version

added 1 commit

• 320f19ac - Fix: add specs for password validator

Compare with previous version

changed the description

added databasereviewed label

requested review from @alexives

approved this merge request

@dskim_gitlab, thanks for approving this merge request.

This is the first time the merge request is approved. To ensure full test coverage, please start a new pipeline before merging.

For more info, please refer to the following links:

• rspec minimal jobs
• jest minimal jobs
• merging a merge request.

@dskim_gitlab, thanks for approving this merge request.

This is the first time the merge request is approved. Please wait for AppSec approval.

cc @gitlab-com/gl-security/appsec this is a JiHu contribution, please follow the JiHu contribution review process.

requested review from @tigerwnz and removed review request for @alexives

mentioned in merge request gitlab-com/www-gitlab-com!103403 (merged)

approved this merge request

added databaseapproved label and removed databasereviewed label

removed review request for @tigerwnz

mentioned in issue #354963 (closed)

mentioned in issue #353874 (closed)

mentioned in issue gitlab-jh/status-reports#134

mentioned in merge request !86310 (merged)

mentioned in issue #348484 (closed)

Hi @rshambhuni, Looks like we do not have new comments for now, how is the review going?

approved this merge request

added sec-planningcomplete label and removed sec-planningpending-followup label

removed review request for @rshambhuni

resolved all threads

@mtan-gitlab This MR is 3000 commits behind. Can you please rebase ? I believe we introduced some pipeline changes since including checks for AppSec approval, and also ~"group::authentication and authorization" approval

In the meantime, I will assign to @ifarkas for backend, and ~"group::authentication and authorization" review.

(@dskim_gitlab approval was for database)

requested review from @ifarkas

mentioned in commit gitlab-jh/jh-team/gitlab@2c351ebb

added 3025 commits

• 320f19ac...2c6b6917 - 3010 commits from branch gitlab-org:master
• 7cb902ba - Feat: add minimum password complexity to application settings
• a20d865a - Feat: add mininum password complexity checking for premium plan
• 8b04c451 - Test: fix casese breaks pipeline
• 2c351ebb - Feat: add password complexity requirements to settings
• 8536cfae - Feat: update password complexity requirements
• a1aa5c7c - Refactor: improve the random password strength
• fa2e0a01 - Refactor: not touch the default random password if no password complexity policies
• ba38c130 - Fix: skip password complexity validation for user updating
• 0fdfda51 - Feat: add password complexity validator
• 94a19fb0 - Chore: dump structure.sql for pipeline
• aa8fa1ba - Fix: override user random_password method
• 120522fd - Fix: add specs for password validator
• ecc3ea6a - Chore: regenerate structure.sql
• 8d0a2da5 - Test: add password specs for user updating
• a03d003d - Fix: add specs for password validator

Compare with previous version

added sec-planningpending-followup label and removed sec-planningcomplete label

unapproved this merge request

approved this merge request

added sec-planningcomplete label and removed sec-planningpending-followup label

resolved all threads

removed review request for @ifarkas

mentioned in commit gitlab-jh/jh-team/gitlab@9959c281

added 213 commits

• a03d003d...4b6e735a - 197 commits from branch gitlab-org:master
• 383706f2 - Feat: add minimum password complexity to application settings
• cec73604 - Feat: add mininum password complexity checking for premium plan
• 9e24dd42 - Test: fix casese breaks pipeline
• 9959c281 - Feat: add password complexity requirements to settings
• abeffd7f - Feat: update password complexity requirements
• 13765318 - Refactor: improve the random password strength
• ad725bc0 - Refactor: not touch the default random password if no password complexity policies
• cc90ae2d - Fix: skip password complexity validation for user updating
• 26966a6a - Feat: add password complexity validator
• 60a1809f - Chore: dump structure.sql for pipeline
• 452bde9c - Fix: override user random_password method
• c5fad8d0 - Fix: add specs for password validator
• eb33b367 - Chore: regenerate structure.sql
• 83f50474 - Test: add password specs for user updating
• 2bd09bbd - Fix: add specs for password validator
• 41778434 - Test: resolve MR comments on specs

Compare with previous version

added sec-planningpending-followup label and removed sec-planningcomplete label

mentioned in issue gitlab-jh/status-reports#136

mentioned in commit gitlab-jh/jh-team/gitlab@7addd79b

mentioned in commit gitlab-jh/jh-team/gitlab@b6b3d8f6

added 263 commits

• 41778434...d3cb7805 - 245 commits from branch gitlab-org:master
• 74298fb4 - Feat: add minimum password complexity to application settings
• 32b31a01 - Feat: add mininum password complexity checking for premium plan
• b149cca7 - Test: fix casese breaks pipeline
• 7addd79b - Feat: add password complexity requirements to settings
• be7cd8e3 - Feat: update password complexity requirements
• e1c33cc0 - Refactor: improve the random password strength
• 37d21e33 - Refactor: not touch the default random password if no password complexity policies
• a5d98a17 - Fix: skip password complexity validation for user updating
• d7841a18 - Feat: add password complexity validator
• 0757efb5 - Chore: dump structure.sql for pipeline
• a220b8b5 - Fix: override user random_password method
• c1f15b19 - Fix: add specs for password validator
• 6f6ec154 - Chore: regenerate structure.sql
• 1a46bcf8 - Test: add password specs for user updating
• 01b40bb7 - Fix: add specs for password validator
• c7e8dde7 - Test: resolve MR comments on specs
• d1f8f421 - Fix: fix failed rubocop job
• 8e19aafa - Test: use stub setting in specs

Compare with previous version

added 42 commits

• 8e19aafa...ad0d820d - 24 commits from branch gitlab-org:master
• 114f3e55 - Feat: add minimum password complexity to application settings
• 111dd9ec - Feat: add mininum password complexity checking for premium plan
• 17e8f1be - Test: fix casese breaks pipeline
• b6b3d8f6 - Feat: add password complexity requirements to settings
• 4f13e886 - Feat: update password complexity requirements
• 7cd964ba - Refactor: improve the random password strength
• 2a5148ab - Refactor: not touch the default random password if no password complexity policies
• ec27a5db - Fix: skip password complexity validation for user updating
• 3c580ad7 - Feat: add password complexity validator
• 7fc554d7 - Chore: dump structure.sql for pipeline
• c2b22d2a - Fix: override user random_password method
• efbf1ee7 - Fix: add specs for password validator
• 8e83e475 - Chore: regenerate structure.sql
• 0f75bc1b - Test: add password specs for user updating
• cce50773 - Fix: add specs for password validator
• 2f5b4035 - Test: resolve MR comments on specs
• 7b53772d - Fix: fix failed rubocop job
• d39f7d52 - Test: use stub setting in specs

Compare with previous version

mentioned in design management/design #23610 (closed)[alert.png]

added 1 commit

• e6e9af02 - Test: resolve MR comments for specs

Compare with previous version

requested review from @ifarkas

mentioned in commit gitlab-jh/jh-team/gitlab@fa24b850

added 291 commits

• e6e9af02...9534dfb4 - 272 commits from branch gitlab-org:master
• da5a33cf - Feat: add minimum password complexity to application settings
• 8e1f53e7 - Feat: add mininum password complexity checking for premium plan
• 6492a3b4 - Test: fix casese breaks pipeline
• fa24b850 - Feat: add password complexity requirements to settings
• 62b0797e - Feat: update password complexity requirements
• db86cbbe - Refactor: improve the random password strength
• 2a8f3e30 - Refactor: not touch the default random password if no password complexity policies
• 340277e8 - Fix: skip password complexity validation for user updating
• 63f89448 - Feat: add password complexity validator
• 34b6502e - Chore: dump structure.sql for pipeline
• ad92a482 - Fix: override user random_password method
• 66babf66 - Fix: add specs for password validator
• 4c680e84 - Chore: regenerate structure.sql
• c695a0dc - Test: add password specs for user updating
• 85f6cb8d - Fix: add specs for password validator
• 4139b31e - Test: resolve MR comments on specs
• af8fdf8c - Fix: fix failed rubocop job
• a31240f0 - Test: use stub setting in specs
• c1c55b40 - Test: resolve MR comments for specs

Compare with previous version

mentioned in commit gitlab-jh/jh-team/gitlab@9612e18e

added 185 commits

• c1c55b40...bc2fe3f1 - 180 commits from branch gitlab-org:master
• f8550f62 - Feat: add minimum password complexity to application settings
• cdf2dbc8 - Feat: add mininum password complexity checking for premium plan
• 9612e18e - Feat: add password complexity requirements to settings
• e4d874d7 - Feat: add password complexity validator
• 4b3002d1 - Test: resolve MR comments on specs

Compare with previous version

removed review request for @ifarkas

mentioned in commit gitlab-jh/jh-team/gitlab@d0a507a9

added 174 commits

• 4b3002d1...d13bb990 - 168 commits from branch gitlab-org:master
• 38eb4aca - Feat: add minimum password complexity to application settings
• a2fa71cd - Feat: add mininum password complexity checking for premium plan
• d0a507a9 - Feat: add password complexity requirements to settings
• 0da538e6 - Feat: add password complexity validator
• 9aef7016 - Test: resolve MR comments on specs
• 885f3e76 - Test: resolve MR comments for specs

Compare with previous version

mentioned in issue #23610 (closed)

requested review from @rshambhuni

approved this merge request

requested review from @tkuah

unapproved this merge request

approved this merge request

added sec-planningcomplete label and removed sec-planningpending-followup label

removed review request for @rshambhuni

mentioned in issue gitlab-jh/status-reports#138

Why doesn't ee/app/models/concerns/password_complexity.rb trigger the .gitlab/CODEOWNERS for ~"group::authentication and authorization" ? @kwiebers @godfat-gitlab

Just one thing @mtan-gitlab ! See above

removed review request for @tkuah

mentioned in commit gitlab-jh/jh-team/gitlab@def31f17

added 262 commits

• 885f3e76...76a32d3a - 255 commits from branch gitlab-org:master
• 74dbe717 - Feat: add minimum password complexity to application settings
• 7fbe208c - Feat: add mininum password complexity checking for premium plan
• def31f17 - Feat: add password complexity requirements to settings
• b294df42 - Feat: add password complexity validator
• 68a99760 - Test: resolve MR comments on specs
• bf800e5c - Test: resolve MR comments for specs
• 0e15f812 - Fix: update migration file to version 2.0

Compare with previous version

added sec-planningpending-followup label and removed sec-planningcomplete label

approved this merge request

removed workflowin dev label

Suggested Reviewers (beta)

The individuals below may be good candidates to participate in the review based on various factors.

You can use slash commands in comments to quickly assign /assign_reviewer @user1.

Suggested Reviewers
@NikolayS, @adriel, @kmann, @rymai, @npost

If you do not believe these suggestions are useful, please apply the label Bad Suggested Reviewer. You can also provide feedback for this feature on this issue: https://gitlab.com/gitlab-org/gitlab/-/issues/357923.

Automatically generated by Suggested Reviewers Bot - an experimental ML-based recommendation engine created by ~"group::applied ml".

	3 Warnings
	This MR has a Changelog commit with the EE: true trailer, but there are database changes which requires the Changelog commit to not have the EE: true trailer. Consider removing the EE: true trailer from your commits.
	def31f17: The commit body should not contain more than 72 characters per line. For more information, take a look at our Commit message guidelines.
	74dbe717: Commits that change 30 or more lines across at least 3 files should describe these changes in the commit body. For more information, take a look at our Commit message guidelines.

If needed, you can retry the danger-review job that generated this comment.

Notification to the Data Team about changes to files with possible impact on Data Warehouse, add label Data Warehouse::Impact Check.

The following files require a review:

• db/structure.sql

Reviewer roulette

Changes that require review have been detected!

Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:

Category	Reviewer	Maintainer
backend	Dominic Bauer (@bauerdominic) (UTC+2)	Andy Soiron (@Andysoiron) (UTC+0)
database	Diogo Frazão (@dfrazao-gitlab) (UTC+0)	Adam Hegyi (@ahegyi) (UTC+2)
~migration	No reviewer available	No maintainer available

To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.

To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.

Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.

Generated by Danger

changed milestone to %15.1

unapproved this merge request

approved this merge request

added sec-planningcomplete label and removed sec-planningpending-followup label

resolved all threads

enabled an automatic merge when the pipeline for 66c39b8a succeeds

Allure report

allure-report-publisher generated test report!

review-qa-blocking: test report for 0e15f812

expand test summary

+-------------------------------------------------------------------+
|                          suites summary                           |
+----------------------+--------+--------+---------+-------+--------+
|                      | passed | failed | skipped | flaky | result |
+----------------------+--------+--------+---------+-------+--------+
| Create               | 23     | 0      | 2       | 23    | ❗     |
| Manage               | 36     | 0      | 2       | 38    | ❗     |
| Plan                 | 41     | 0      | 1       | 41    | ❗     |
| Verify               | 12     | 0      | 1       | 12    | ❗     |
| Package              | 0      | 0      | 1       | 0     | ➖     |
| Version sanity check | 0      | 0      | 1       | 0     | ➖     |
| Protect              | 2      | 0      | 0       | 2     | ❗     |
| Configure            | 0      | 0      | 1       | 0     | ➖     |
+----------------------+--------+--------+---------+-------+--------+
| Total                | 114    | 0      | 9       | 116   | ❗     |
+----------------------+--------+--------+---------+-------+--------+

merged

mentioned in commit c39f1f9f

mentioned in commit f207dffe

@mtan-gitlab, how was your code review experience with this merge request? Please tell us how we can continue to iterate and improve:

1. Leave a or a on this comment to describe your experience.
2. Create a new comment starting with @gitlab-bot feedback below, and leave any additional feedback you have for us in the comment.

Have five minutes? Take our survey to give us even more feedback on how GitLab can improve the contributor experience.

Thanks for your help!

added workflowstaging-canary label

added workflowcanary label and removed workflowstaging-canary label

resolved all threads

added workflowstaging label and removed workflowcanary label

added workflowproduction label and removed workflowstaging label

mentioned in epic &8139

mentioned in merge request !88621 (closed)

resolved all threads

mentioned in merge request !85765 (merged)

mentioned in issue gitlab-com/www-gitlab-com#13658 (closed)

added releasedcandidate label

mentioned in merge request gitlab-com/www-gitlab-com!107227 (merged)

mentioned in issue gitlab-com/www-gitlab-com#13790 (closed)

mentioned in merge request !94756 (closed)

mentioned in merge request gitlab-com/www-gitlab-com!109660 (merged)

mentioned in issue omnibus-gitlab#6954 (closed)