Add latest changes from gitlab-org/gitlab@master

15 files changed, 140 insertions, 144 deletions

diff --git a/.gitlab/issue_templates/Security developer workflow.md b/.gitlab/issue_templates/Security developer workflow.md
index e63727fe484..3a210c358e5 100644
--- a/.gitlab/issue_templates/Security developer workflow.md
+++ b/.gitlab/issue_templates/Security developer workflow.md
@@ -9,9 +9,7 @@ Set the title to: `Description of the original issue`
 ## Prior to starting the security release work
 
 - [ ] Read the [security process for developers] if you are not familiar with it.
-- [ ] Make sure the issue really needs to follow the security release workflow.
-  - Verify if the issue you're working on `gitlab-org/gitlab` is confidential, if it's public fix should be placed on GitLab canonical and no backports are required.
-  - If the issue you're fixing doesn't appear to be something that can be exploited by a malicious person and is instead simply a security enhancement do not hesitate to ping `@gitlab-com/gl-security/appsec` to discuss if the issue can be fixed in the canonical repository.
+- [ ] Make sure the [issue really needs to follow the security release workflow].
 - [ ] **IMPORTANT**: Mark this [issue as linked] to the Security Release Tracking Issue. You can find it [here](https://gitlab.com/gitlab-org/gitlab/-/issues?sort=created_date&state=opened&label_name[]=upcoming+security+release). This issue
 MUST be linked for the release bot to know that the associated merge requests should be merged for this security release.
 - Fill out the [Links section](#links):
@@ -71,5 +69,6 @@ After your merge request has been approved according to our [approval guidelines
 [security Release merge request template]: https://gitlab.com/gitlab-org/security/gitlab/blob/master/.gitlab/merge_request_templates/Security%20Release.md
 [approval guidelines]: https://docs.gitlab.com/ee/development/code_review.html#approval-guidelines
 [issue as linked]: https://docs.gitlab.com/ee/user/project/issues/related_issues.html#add-a-linked-issue
+[issue really needs to follow the security release workflow]: https://gitlab.com/gitlab-org/release/docs/-/blob/master/general/security/developer.md#making-sure-the-issue-needs-to-follow-the-security-release-workflow
 
 /label ~security
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index f96e080ecf8..4acbb0482f3 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -38,8 +38,6 @@ class GroupsController < Groups::ApplicationController
 
   before_action :check_export_rate_limit!, only: [:export, :download_export]
 
-  before_action :track_experiment_event, only: [:new]
-
   helper_method :captcha_required?
 
   skip_cross_project_access_check :index, :new, :create, :edit, :update,
@@ -380,12 +378,6 @@ class GroupsController < Groups::ApplicationController
   def captcha_required?
     captcha_enabled? && !params[:parent_id]
   end
-
-  def track_experiment_event
-    return if params[:parent_id]
-
-    experiment(:require_verification_for_namespace_creation, user: current_user).track(:start_create_group)
-  end
 end
 
 GroupsController.prepend_mod_with('GroupsController')
diff --git a/app/experiments/require_verification_for_namespace_creation_experiment.rb b/app/experiments/require_verification_for_namespace_creation_experiment.rb
index 78390ddd099..1cadac7e7d4 100644
--- a/app/experiments/require_verification_for_namespace_creation_experiment.rb
+++ b/app/experiments/require_verification_for_namespace_creation_experiment.rb
@@ -1,10 +1,6 @@
 # frozen_string_literal: true
 
 class RequireVerificationForNamespaceCreationExperiment < ApplicationExperiment # rubocop:disable Gitlab/NamespacedClass
-  exclude :existing_user
-
-  EXPERIMENT_START_DATE = Date.new(2022, 1, 31)
-
   def control_behavior
     false
   end
@@ -28,10 +24,4 @@ class RequireVerificationForNamespaceCreationExperiment < ApplicationExperiment
   def subject
     context.value[:user]
   end
-
-  def existing_user
-    return false unless user_or_actor
-
-    user_or_actor.created_at < EXPERIMENT_START_DATE
-  end
 end
diff --git a/app/helpers/groups_helper.rb b/app/helpers/groups_helper.rb
index 3fbea0c0472..7296560a450 100644
--- a/app/helpers/groups_helper.rb
+++ b/app/helpers/groups_helper.rb
@@ -139,7 +139,7 @@ module GroupsHelper
     {}
   end
 
-  def require_verification_for_namespace_creation_enabled?
+  def require_verification_for_group_creation_enabled?
     # overridden in EE
     false
   end
diff --git a/config/feature_flags/experiment/require_verification_for_group_creation.yml b/config/feature_flags/experiment/require_verification_for_group_creation.yml
new file mode 100644
index 00000000000..767d5f55bce
--- /dev/null
+++ b/config/feature_flags/experiment/require_verification_for_group_creation.yml
@@ -0,0 +1,8 @@
+---
+name: require_verification_for_group_creation
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77569
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/349857
+milestone: '14.7'
+type: experiment
+group: group::activation
+default_enabled: false
diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md
index 053e0f634d3..4d672091753 100644
--- a/doc/administration/pages/index.md
+++ b/doc/administration/pages/index.md
@@ -1021,7 +1021,7 @@ Migrate your existing Pages deployments from local storage to object storage:
 sudo gitlab-rake gitlab:pages:deployments:migrate_to_object_storage
 ```
 
-You can track progress and verify that all Pages deployments migrated successfully using the 
+You can track progress and verify that all Pages deployments migrated successfully using the
 [PostgreSQL console](https://docs.gitlab.com/omnibus/settings/database.html#connecting-to-the-bundled-postgresql-database):
 
 - `sudo gitlab-rails dbconsole` for Omnibus GitLab instances.
@@ -1037,6 +1037,9 @@ total | filesystem | objectstg
    10 |          0 |        10
 ```
 
+After verifying everything is working correctly,
+[disable Pages local storage](#disable-pages-local-storage).
+
 ### Rolling Pages deployments back to local storage
 
 After the migration to object storage is performed, you can choose to move your Pages deployments back to local storage:
@@ -1049,7 +1052,7 @@ sudo gitlab-rake gitlab:pages:deployments:migrate_to_local
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/301159) in GitLab 13.11.
 
-If you use [object storage](#using-object-storage), you can disable local storage:
+If you use [object storage](#using-object-storage), you can disable local storage to avoid unnecessary disk usage/writes:
 
 1. Edit `/etc/gitlab/gitlab.rb`:
 
@@ -1080,6 +1083,8 @@ is the default starting from GitLab 14.0. Skip this step if you're already runni
 1. If you want to store your pages content in [object storage](#using-object-storage), make sure to configure it.
 If you want to store the pages content locally or continue using an NFS server, skip this step.
 1. [Migrate legacy storage to ZIP storage.](#migrate-legacy-storage-to-zip-storage)
+1. If you have configured GitLab to store your pages content in [object storage](#using-object-storage),
+   [migrate Pages deployments to object storage](#migrate-pages-deployments-to-object-storage)
 1. Upgrade GitLab to 14.0.
 
 ## Backup
diff --git a/doc/user/application_security/policies/index.md b/doc/user/application_security/policies/index.md
index ce6f08483a6..5490851d54e 100644
--- a/doc/user/application_security/policies/index.md
+++ b/doc/user/application_security/policies/index.md
@@ -159,7 +159,7 @@ at the bottom of the editor.
 
 You can use policy alerts to track your policy's impact. Alerts are only available if you've
 [installed](../../clusters/agent/repository.md)
-and [configured](../../clusters/agent/install/index.md#register-an-agent-with-gitlab)
+and [configured](../../clusters/agent/install/index.md#register-the-agent-with-gitlab)
 an agent for this project.
 
 There are two ways to create policy alerts:
diff --git a/doc/user/clusters/agent/ci_cd_tunnel.md b/doc/user/clusters/agent/ci_cd_tunnel.md
index 96aa619c104..6c319f575c5 100644
--- a/doc/user/clusters/agent/ci_cd_tunnel.md
+++ b/doc/user/clusters/agent/ci_cd_tunnel.md
@@ -20,7 +20,7 @@ Only CI/CD jobs set in the configuration project can access one of the configure
 ## Prerequisites
 
 - An existing Kubernetes cluster.
-- An agent [installed on your cluster](install/index.md#install-the-agent-into-the-cluster).
+- An Agent [installed on your cluster](install/index.md).
 
 ## Use the CI/CD Tunnel to run Kubernetes commands from GitLab CI/CD
 
diff --git a/doc/user/clusters/agent/install/index.md b/doc/user/clusters/agent/install/index.md
index b2372789284..6b03d1742e5 100644
--- a/doc/user/clusters/agent/install/index.md
+++ b/doc/user/clusters/agent/install/index.md
@@ -8,110 +8,134 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 > [Moved](https://gitlab.com/groups/gitlab-org/-/epics/6290) from GitLab Premium to GitLab Free in 14.5.
 
-To get started with the Agent, install it in your cluster.
+To connect a cluster to GitLab, you need to install the GitLab Agent
+onto your cluster.
 
-## Prerequisites **(SELF)**
+## Prerequisites
 
 - An existing Kubernetes cluster.
 - On self-managed GitLab instances, a GitLab administrator needs to set up the [GitLab Agent Server (KAS)](../../../../administration/clusters/kas.md).
 
 ## Installation steps
 
-To install the [Agent](../index.md) in your cluster:
+To install the GitLab Agent on your cluster:
 
 1. [Define a configuration repository](#define-a-configuration-repository).
-1. [Register an agent with GitLab](#register-an-agent-with-gitlab).
-1. [Install the agent into the cluster](#install-the-agent-into-the-cluster).
+1. [Register the Agent with GitLab](#register-the-agent-with-gitlab).
+1. [Install the Agent onto the cluster](#install-the-agent-onto-the-cluster).
 
 <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Watch a GitLab 14.2 [walking-through video](https://www.youtube.com/watch?v=XuBpKtsgGkE) with this process.
 
+When you complete the installation process, you can
+[view your Agent's status and activity information](#view-your-agents).
+You can also [configure](#configure-the-agent) it to your needs.
+
 ### Define a configuration repository
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/259669) in GitLab 13.7, the Agent manifest configuration can be added to multiple directories (or subdirectories) of its repository.
 > - Group authorization was [introduced](https://gitlab.com/groups/gitlab-org/-/epics/5784) in GitLab 14.3.
 
-To create an agent, you need a GitLab repository to hold the configuration file.
+To create an Agent, you need a GitLab repository to hold its
+configuration file. If you already have a repository holding your
+cluster's manifest files, you can use it to store your
+Agent's configuration file and sync them with no further steps.
 
-After installed, when you update the configuration file, GitLab transmits the
-information to the cluster automatically without downtime.
+#### Create the Agent's configuration file
 
-In your repository, add the Agent configuration file under:
+To create an Agent, go to the repository where you want to store
+it and add the Agent's configuration file under:
 
 ```plaintext
 .gitlab/agents/<agent-name>/config.yaml
 ```
 
-Make sure that `<agent-name>` conforms to the [Agent's naming format](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/identity_and_auth.md#agent-identity-and-name).
-
-WARNING:
-The agent is only recognized if you use `.yaml` extension for the `config.yaml` file. The extension `.yml` is **not** recognized.
+You **don't have to add any content** to this file at the moment you
+create it. The fact that the file exists tells GitLab that this is
+an Agent. You can edit it later to [configure the Agent](#configure-the-agent).
 
-You **don't have to add any content** to this file when you create it. The fact that the file exists
-tells GitLab that this is an agent configuration file and enables the [CI/CD tunnel](../ci_cd_tunnel.md#example-for-a-kubectl-command-using-the-cicd-tunnel). Later on, you can use this
-file to [configure the agent](../repository.md) by setting up parameters such as:
+When creating this file, pay special attention to:
 
-- Groups and projects that can access the agent via the [CI/CD Tunnel](../ci_cd_tunnel.md).
-- [Manifest projects to synchronize](../repository.md#synchronize-manifest-projects).
-- The address of the `hubble-relay` for the [Network Security policy integrations](../../../project/clusters/protect/index.md).
+- The [Agent's naming format](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/identity_and_auth.md#agent-identity-and-name).
+- The file extension: use the `.yaml` extension (`config.yaml`). The `.yml` extension is **not** recognized.
 
-To see all the settings available, read the [Agent configuration repository documentation](../repository.md).
-
-### Register an agent with GitLab
+### Register the Agent with GitLab
 
 > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5786) in GitLab 14.1, you can create a new Agent record directly from the GitLab UI.
 
-Next, create a GitLab Rails Agent record to associate it with
-the configuration repository project. Creating this record also creates a Secret needed to configure
-the Agent in subsequent steps.
+Now that you've created your Agent's configuration file, register it
+with GitLab.
+When you register the Agent, GitLab generates a token that you need for
+installing the Agent onto your cluster.
 
-In GitLab:
+In GitLab, go to the project where you added your Agent's configuration
+file and:
 
 1. Ensure that [GitLab CI/CD is enabled in your project](../../../../ci/enable_or_disable_ci.md#enable-cicd-in-a-project).
 1. From your project's sidebar, select **Infrastructure > Kubernetes clusters**.
 1. Select **Actions**.
-1. From the **Select an agent** dropdown, select the agent you want to connect and select **Register an agent** to access the installation form.
-1. The form reveals your registration token. Securely store this secret token as you cannot view it again.
-1. Copy the command under **Recommended installation method**.
+1. From the **Select an Agent** dropdown list, select the Agent you want to register and select **Register an Agent**.
+1. GitLab generates a registration token for this Agent. Securely store this secret token as you cannot view it again.
+1. Copy the command under **Recommended installation method**. You need it to install the Agent onto your cluster through the one-liner installation method.
+
+### Install the Agent onto the cluster
+
+To connect your cluster to GitLab, install the registered Agent
+onto your cluster. To install it, you can use either:
 
-### Install the agent into the cluster
+- [The one-liner installation method](#one-liner-installation).
+- [The advanced installation method](#advanced-installation).
 
-In your computer:
+You can use the one-liner installation for trying to use the Agent for the first time, to do internal setups with
+high trust, and to quickly get started. For long-term production usage, you may want to use the advanced installation
+method to benefit from more configuration options.
 
-1. Open your local terminal and connect to your cluster.
+#### One-liner installation
+
+The one-liner installation is the simplest process, but you need
+Docker installed locally. If you don't have it, you can either install
+it or opt to the [advanced installation method](#advanced-installation).
+
+To install the Agent on your cluster using the one-liner installation:
+
+1. In your computer, open the terminal and connect to your cluster.
 1. Run the command you copied when registering your cluster in the previous step.
 
-See the following sections to learn about customizing the installation.
+Optionally, you can [customize the one-liner installation command](#customize-the-one-liner-installation).
 
-## Simple installation method
+##### Customize the one-liner installation
 
-The command provided by GitLab does the following things:
+The one-liner command generated by GitLab:
 
 - Creates a namespace for the deployment (`gitlab-kubernetes-agent`).
-- Sets up a service account with `cluster-admin` rights. Read more on [how you can restrict this service account](#customize-the-permissions-for-the-agentk-service-account).
-- Creates a `Secret` resource for the agent registration token.
+- Sets up a service account with `cluster-admin` rights (see [how to restrict this service account](#customize-the-permissions-for-the-agentk-service-account)).
+- Creates a `Secret` resource for the Agent's registration token.
 - Creates a `Deployment` resource for the `agentk` pod.
 
-The one-liner installer can be customized at the command line. To find out the various options the above Docker container supports, run:
+You can edit these parameters according to your needs to customize the
+one-liner installation command at the command line. To find all available
+options, run in your terminal:
 
 ```shell
 docker run --pull=always --rm registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/cli:stable generate --help
 ```
 
 WARNING:
-`--agent-version stable` can be used to refer to the latest stable release at the time when the command runs. It's fine for
-testing purposes but for production please make sure to specify a matching version explicitly.
-
-## Advanced installation method
+`--agent-version stable` can be used to refer to the latest stable
+release at the time when the command runs. It's fine for testing
+purposes but for production please make sure to specify a matching
+version explicitly.
 
-For more advanced configurations, we recommend to use [the `kpt` based installation method](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/tree/master/build/deployment/gitlab-agent).
+#### Advanced installation
 
-Otherwise, follow the manual installation steps described below.
+For advanced installation options, use [the `kpt` installation method](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/tree/master/build/deployment/gitlab-agent).
 
-### Customize the permissions for the `agentk` service account
+##### Customize the permissions for the `agentk` service account
 
-The GitLab Agent for Kubernetes allows you to fully own your cluster and requires only the permissions you give. Still, for easy getting started, by default the generated manifests provide `cluster-admin` rights to the agent.
+The GitLab Agent allows you to fully own your cluster and grant GitLab
+the permissions you want. Still, to facilitate the process, by default the
+generated manifests provide `cluster-admin` rights to the Agent.
 
-As part of the advanced installation method, you can restrict the agent access rights using Kustomize overlays. [An example is commented out](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/build/deployment/gitlab-agent/cluster/kustomization.yaml) in the `kpt` package you retrieved as part of the installation.
+You can restrict the Agent's access rights using Kustomize overlays. [An example is commented out](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/build/deployment/gitlab-agent/cluster/kustomization.yaml) in the `kpt` package you retrieved as part of the installation.
 
 To create restricted permissions:
 
@@ -121,50 +145,67 @@ To create restricted permissions:
 
 The above setup allows you to regularly update from the upstream package using `kpt pkg update gitlab-agent --strategy resource-merge` and maintain your customizations at the same time.
 
-## Example projects
+## Configure the Agent
 
-The following example projects can help you get started with the Agent.
+When successfully installed, you can [configure the Agent](../repository.md)
+by editing its configuration file.
+When you update the configuration file, GitLab transmits the
+information to the cluster automatically without downtime.
 
-- [Configuration repository](https://gitlab.com/gitlab-org/configure/examples/kubernetes-agent)
-- This basic GitOps example deploys NGINX: [Manifest repository](https://gitlab.com/gitlab-org/configure/examples/gitops-project)
+## View your Agents
 
-## View installed Agents
+If you have the [Developer role](../../../permissions.md) or above, you can access the Agent's
+configuration repository and view the Agent's list:
 
-Users with at least the [Developer](../../../permissions.md) can access the user interface
-for the Agent at **Infrastructure > Kubernetes clusters**, under the
-**Agent** tab. This page lists all registered agents for the current project,
-and the configuration directory for each agent:
+1. On the left sidebar, select **Infrastructure > Kubernetes clusters**.
+1. Select **Agent** tab to view clusters connected to GitLab through the Agent.
 
-![GitLab Agent list UI](../../img/kubernetes-agent-ui-list_v14_5.png)
+On this page, you can view:
 
-Additional management interfaces are planned for the GitLab Agent.
-[Provide more feedback in the related epic](https://gitlab.com/groups/gitlab-org/-/epics/4739).
+- All the registered Agents for the current project.
+- The connection status.
+- The path to each Agent's configuration file.
 
-## View Agent activity information
+Furthermore, if you select one of the Agents on your list, you can view its
+[activity information](#view-the-agents-activity-information).
+
+### View the Agent's activity information
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/277323) in GitLab 14.6.
 
-Users with at least the [Developer](../../../permissions.md) can view the Agent's activity events.
-The activity logs help you to identify problems and get the information you need for troubleshooting.
-You can see events from a week before the current date.
-To access an agent's activity:
+The activity logs help you to identify problems and get the information
+you need for troubleshooting. You can see events from a week before the
+current date. To access an Agent's activity:
+
+1. In your Agent's repository, go to the Agents list as described [above](#view-your-agents).
+1. Select the Agent you want to see the activity.
+
+The activity list includes:
+
+- Agent registration events: when a new token is **created**.
+- Connection events: when an Agent is successfully **connected** to a cluster.
+
+Note that the connection status is logged when you connect an Agent for
+the first time or after more than an hour of inactivity.
 
-1. Go to your agent's configuration repository.
-1. From the sidebar, select **Infrastructure > Kubernetes clusters**.
-1. Select the **Agent** tab.
-1. Select the agent you want to see the activity.
+To check what else is planned for the Agent's UI and provide feedback,
+see the [related epic](https://gitlab.com/groups/gitlab-org/-/epics/4739).
 
-You can see the following events on the activity list:
+## Create multiple Agents
 
-- Agent registration:
-  - When a new token is **created**.
-- Connection events:
-  - When an agent is successfully **connected** to a cluster.
+You can create and install multiple Agents using the same process
+documented above. Give each Agent's configuration file a unique name
+and you're good to go. You can create multiple Agents, for example:
 
-Note that the connection status is logged when you connect an agent for the first time
-or after more than an hour of inactivity.
+- To reach your cluster from different projects.
+- To connect multiple clusters to GitLab.
 
-![GitLab Agent activity events UI](../../img/gitlab_agent_activity_events_v14_6.png)
+## Example projects
+
+The following example projects can help you get started with the Agent.
+
+- [Configuration repository](https://gitlab.com/gitlab-org/configure/examples/kubernetes-agent)
+- This basic GitOps example deploys NGINX: [Manifest repository](https://gitlab.com/gitlab-org/configure/examples/gitops-project)
 
 ## Upgrades and version compatibility
 
diff --git a/doc/user/clusters/img/gitlab_agent_activity_events_v14_6.png b/doc/user/clusters/img/gitlab_agent_activity_events_v14_6.png
deleted file mode 100644
index 90b41ee849c..00000000000
--- a/doc/user/clusters/img/gitlab_agent_activity_events_v14_6.png
+++ /dev/null
diff --git a/doc/user/clusters/img/kubernetes-agent-ui-list_v14_5.png b/doc/user/clusters/img/kubernetes-agent-ui-list_v14_5.png
deleted file mode 100644
index 3463eeb5d93..00000000000
--- a/doc/user/clusters/img/kubernetes-agent-ui-list_v14_5.png
+++ /dev/null
diff --git a/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_default_enabled_spec.rb b/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_default_enabled_spec.rb
index ecc59aa7cc8..a7c846b2173 100644
--- a/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_default_enabled_spec.rb
+++ b/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_default_enabled_spec.rb
@@ -10,7 +10,7 @@ module QA
         Page::Admin::Menu.perform(&:go_to_metrics_and_profiling_settings)
       end
 
-      it 'has service ping toggle enabled' do
+      it 'has service ping toggle enabled', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/348335' do
         Page::Admin::Settings::MetricsAndProfiling.perform do |setting|
           setting.expand_usage_statistics do |page|
             expect(page).not_to have_disabled_usage_data_checkbox
diff --git a/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_disabled_spec.rb b/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_disabled_spec.rb
index 309369265c9..cab8bd367f5 100644
--- a/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_disabled_spec.rb
+++ b/qa/qa/specs/features/browser_ui/14_non_devops/service_ping_disabled_spec.rb
@@ -10,7 +10,7 @@ module QA
         Page::Admin::Menu.perform(&:go_to_metrics_and_profiling_settings)
       end
 
-      it 'has service ping toggle is disabled' do
+      it 'has service ping toggle is disabled', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/348340' do
         Page::Admin::Settings::MetricsAndProfiling.perform do |settings|
           settings.expand_usage_statistics do |usage_statistics|
             expect(usage_statistics).to have_disabled_usage_data_checkbox
diff --git a/spec/controllers/groups_controller_spec.rb b/spec/controllers/groups_controller_spec.rb
index a82c5681911..62171528695 100644
--- a/spec/controllers/groups_controller_spec.rb
+++ b/spec/controllers/groups_controller_spec.rb
@@ -132,29 +132,6 @@ RSpec.describe GroupsController, factory_default: :keep do
         end
       end
     end
-
-    describe 'require_verification_for_namespace_creation experiment', :experiment do
-      before do
-        sign_in(owner)
-        stub_experiments(require_verification_for_namespace_creation: :candidate)
-      end
-
-      it 'tracks a "start_create_group" event' do
-        expect(experiment(:require_verification_for_namespace_creation)).to track(
-          :start_create_group
-        ).on_next_instance.with_context(user: owner)
-
-        get :new
-      end
-
-      context 'when creating a sub-group' do
-        it 'does not track a "start_create_group" event' do
-          expect(experiment(:require_verification_for_namespace_creation)).not_to track(:start_create_group)
-
-          get :new, params: { parent_id: group.id }
-        end
-      end
-    end
   end
 
   describe 'GET #activity' do
diff --git a/spec/experiments/require_verification_for_namespace_creation_experiment_spec.rb b/spec/experiments/require_verification_for_namespace_creation_experiment_spec.rb
index 5d9b0770fb5..87417fe1637 100644
--- a/spec/experiments/require_verification_for_namespace_creation_experiment_spec.rb
+++ b/spec/experiments/require_verification_for_namespace_creation_experiment_spec.rb
@@ -5,7 +5,7 @@ require 'spec_helper'
 RSpec.describe RequireVerificationForNamespaceCreationExperiment, :experiment do
   subject(:experiment) { described_class.new(user: user) }
 
-  let(:user) { create(:user, created_at: RequireVerificationForNamespaceCreationExperiment::EXPERIMENT_START_DATE + 1.hour) }
+  let_it_be(:user) { create(:user) }
 
   describe '#candidate?' do
     context 'when experiment subject is candidate' do
@@ -56,20 +56,4 @@ RSpec.describe RequireVerificationForNamespaceCreationExperiment, :experiment do
       end
     end
   end
-
-  describe 'exclusions' do
-    context 'when user is new' do
-      it 'is not excluded' do
-        expect(subject).not_to exclude(user: user)
-      end
-    end
-
-    context 'when user is NOT new' do
-      let(:user) { create(:user, created_at: RequireVerificationForNamespaceCreationExperiment::EXPERIMENT_START_DATE - 1.day) }
-
-      it 'is excluded' do
-        expect(subject).to exclude(user: user)
-      end
-    end
-  end
 end