Merge branch 'master' into 39957-redirect-to-gpc-page-if-users-try-to-create-a-cluster-but-the-account-is-not-enabled

175 files changed, 2888 insertions, 754 deletions

diff --git a/Gemfile.lock b/Gemfile.lock
index c510a6da2d7..2a81c81b0f8 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -718,7 +718,7 @@ GEM
       redis-store (>= 1.3, < 2)
     redis-namespace (1.5.2)
       redis (~> 3.0, >= 3.0.4)
-    redis-rack (2.0.3)
+    redis-rack (2.0.4)
       rack (>= 1.5, < 3)
       redis-store (>= 1.2, < 2)
     redis-rails (5.0.2)
diff --git a/app/assets/javascripts/behaviors/copy_as_gfm.js b/app/assets/javascripts/behaviors/copy_as_gfm.js
index e7dc4ef8304..c6eca72c51b 100644
--- a/app/assets/javascripts/behaviors/copy_as_gfm.js
+++ b/app/assets/javascripts/behaviors/copy_as_gfm.js
@@ -74,6 +74,18 @@ const gfmRules = {
       return `![${el.dataset.title}](${el.getAttribute('src')})`;
     },
   },
+  MermaidFilter: {
+    'svg.mermaid'(el, text) {
+      const sourceEl = el.querySelector('text.source');
+      if (!sourceEl) return false;
+
+      return `\`\`\`mermaid\n${CopyAsGFM.nodeToGFM(sourceEl)}\n\`\`\``;
+    },
+    'svg.mermaid style, svg.mermaid g'(el, text) {
+      // We don't want to include the content of these elements in the copied text.
+      return '';
+    },
+  },
   MathFilter: {
     'pre.code.math[data-math-style=display]'(el, text) {
       return `\`\`\`math\n${text.trim()}\n\`\`\``;
diff --git a/app/assets/javascripts/create_merge_request_dropdown.js b/app/assets/javascripts/create_merge_request_dropdown.js
index 23425672b16..eedbd3feeb5 100644
--- a/app/assets/javascripts/create_merge_request_dropdown.js
+++ b/app/assets/javascripts/create_merge_request_dropdown.js
@@ -276,13 +276,13 @@ export default class CreateMergeRequestDropdown {
     let target;
     let value;
 
-    if (event.srcElement === this.branchInput) {
+    if (event.target === this.branchInput) {
       target = 'branch';
       value = this.branchInput.value;
-    } else if (event.srcElement === this.refInput) {
+    } else if (event.target === this.refInput) {
       target = 'ref';
-      value = event.srcElement.value.slice(0, event.srcElement.selectionStart) +
-        event.srcElement.value.slice(event.srcElement.selectionEnd);
+      value = event.target.value.slice(0, event.target.selectionStart) +
+        event.target.value.slice(event.target.selectionEnd);
     } else {
       return false;
     }
diff --git a/app/assets/javascripts/groups/components/item_actions.vue b/app/assets/javascripts/groups/components/item_actions.vue
index a685960d862..0dd0783ce06 100644
--- a/app/assets/javascripts/groups/components/item_actions.vue
+++ b/app/assets/javascripts/groups/components/item_actions.vue
@@ -45,11 +45,9 @@ export default {
     onLeaveGroup() {
       this.modalStatus = true;
     },
-    leaveGroup(leaveConfirmed) {
+    leaveGroup() {
       this.modalStatus = false;
-      if (leaveConfirmed) {
-        eventHub.$emit('leaveGroup', this.group, this.parentGroup);
-      }
+      eventHub.$emit('leaveGroup', this.group, this.parentGroup);
     },
   },
 };
diff --git a/app/assets/javascripts/groups/components/item_stats.vue b/app/assets/javascripts/groups/components/item_stats.vue
index 803dc63d39c..2e42fb6c9a6 100644
--- a/app/assets/javascripts/groups/components/item_stats.vue
+++ b/app/assets/javascripts/groups/components/item_stats.vue
@@ -42,28 +42,28 @@ export default {
       v-if="isGroup"
       css-class="number-subgroups"
       icon-name="folder"
-      :title="s__('Subgroups')"
-      :value=item.subgroupCount
+      :title="__('Subgroups')"
+      :value="item.subgroupCount"
     />
     <item-stats-value
       v-if="isGroup"
       css-class="number-projects"
       icon-name="bookmark"
-      :title="s__('Projects')"
-      :value=item.projectCount
+      :title="__('Projects')"
+      :value="item.projectCount"
     />
     <item-stats-value
       v-if="isGroup"
       css-class="number-users"
       icon-name="users"
-      :title="s__('Members')"
-      :value=item.memberCount
+      :title="__('Members')"
+      :value="item.memberCount"
     />
     <item-stats-value
       v-if="isProject"
       css-class="project-stars"
       icon-name="star"
-      :value=item.starCount
+      :value="item.starCount"
     />
     <item-stats-value
       css-class="item-visibility"
diff --git a/app/assets/javascripts/ide/components/new_dropdown/index.vue b/app/assets/javascripts/ide/components/new_dropdown/index.vue
index 6e67e99a70f..d475813c4f7 100644
--- a/app/assets/javascripts/ide/components/new_dropdown/index.vue
+++ b/app/assets/javascripts/ide/components/new_dropdown/index.vue
@@ -32,10 +32,10 @@
     methods: {
       createNewItem(type) {
         this.modalType = type;
-        this.toggleModalOpen();
+        this.openModal = true;
       },
-      toggleModalOpen() {
-        this.openModal = !this.openModal;
+      hideModal() {
+        this.openModal = false;
       },
     },
   };
@@ -95,7 +95,7 @@
       :branch-id="branch"
       :path="path"
       :parent="parent"
-      @toggle="toggleModalOpen"
+      @hide="hideModal"
     />
   </div>
 </template>
diff --git a/app/assets/javascripts/ide/components/new_dropdown/modal.vue b/app/assets/javascripts/ide/components/new_dropdown/modal.vue
index a0650d37690..0312f56efbd 100644
--- a/app/assets/javascripts/ide/components/new_dropdown/modal.vue
+++ b/app/assets/javascripts/ide/components/new_dropdown/modal.vue
@@ -43,10 +43,10 @@
           type: this.type,
         });
 
-        this.toggleModalOpen();
+        this.hideModal();
       },
-      toggleModalOpen() {
-        this.$emit('toggle');
+      hideModal() {
+        this.$emit('hide');
       },
     },
     computed: {
@@ -86,7 +86,7 @@
     :title="modalTitle"
     :primary-button-label="buttonLabel"
     kind="success"
-    @toggle="toggleModalOpen"
+    @cancel="hideModal"
     @submit="createEntryInStore"
   >
     <form
diff --git a/app/assets/javascripts/ide/components/repo_commit_section.vue b/app/assets/javascripts/ide/components/repo_commit_section.vue
index 470db2c9650..979721dcb5a 100644
--- a/app/assets/javascripts/ide/components/repo_commit_section.vue
+++ b/app/assets/javascripts/ide/components/repo_commit_section.vue
@@ -110,7 +110,7 @@ export default {
     kind="primary"
     :title="__('Branch has changed')"
     :text="__('This branch has changed since you started editing. Would you like to create a new branch?')"
-    @toggle="showNewBranchModal = false"
+    @cancel="showNewBranchModal = false"
     @submit="makeCommit(true)"
   />
   <commit-files-list
diff --git a/app/assets/javascripts/ide/components/repo_edit_button.vue b/app/assets/javascripts/ide/components/repo_edit_button.vue
index 37bd9003e96..42d5d709209 100644
--- a/app/assets/javascripts/ide/components/repo_edit_button.vue
+++ b/app/assets/javascripts/ide/components/repo_edit_button.vue
@@ -50,7 +50,7 @@ export default {
       kind="warning"
       :title="__('Are you sure?')"
       :text="__('Are you sure you want to discard your changes?')"
-      @toggle="closeDiscardPopup"
+      @cancel="closeDiscardPopup"
       @submit="toggleEditMode(true)"
     />
   </div>
diff --git a/app/assets/javascripts/lib/utils/text_utility.js b/app/assets/javascripts/lib/utils/text_utility.js
index 9280b7f150c..cb6e06ea584 100644
--- a/app/assets/javascripts/lib/utils/text_utility.js
+++ b/app/assets/javascripts/lib/utils/text_utility.js
@@ -64,3 +64,12 @@ export const truncate = (string, maxLength) => `${string.substr(0, (maxLength -
 export function capitalizeFirstCharacter(text) {
   return `${text[0].toUpperCase()}${text.slice(1)}`;
 }
+
+/**
+ * Replaces all html tags from a string with the given replacement.
+ *
+ * @param {String} string
+ * @param {*} replace
+ * @returns {String}
+ */
+export const stripeHtml = (string, replace = '') => string.replace(/<[^>]*>/g, replace);
diff --git a/app/assets/javascripts/profile/account/components/delete_account_modal.vue b/app/assets/javascripts/profile/account/components/delete_account_modal.vue
index 78be6b6e884..36ad618aa46 100644
--- a/app/assets/javascripts/profile/account/components/delete_account_modal.vue
+++ b/app/assets/javascripts/profile/account/components/delete_account_modal.vue
@@ -1,7 +1,7 @@
 <script>
-  import modal from '../../../vue_shared/components/modal.vue';
-  import { __, s__, sprintf } from '../../../locale';
-  import csrf from '../../../lib/utils/csrf';
+  import modal from '~/vue_shared/components/modal.vue';
+  import { __, s__, sprintf } from '~/locale';
+  import csrf from '~/lib/utils/csrf';
 
   export default {
     props: {
@@ -22,7 +22,6 @@
       return {
         enteredPassword: '',
         enteredUsername: '',
-        isOpen: false,
       };
     },
     components: {
@@ -69,78 +68,58 @@ Once you confirm %{deleteAccount}, it cannot be undone or recovered.`),
 
         return this.enteredUsername === this.username;
       },
-      onSubmit(status) {
-        if (status) {
-          if (!this.canSubmit()) {
-            return;
-          }
-
-          this.$refs.form.submit();
-        }
-
-        this.toggleOpen(false);
-      },
-      toggleOpen(isOpen) {
-        this.isOpen = isOpen;
+      onSubmit() {
+        this.$refs.form.submit();
       },
     },
   };
 </script>
 
 <template>
-  <div>
-    <modal
-      v-if="isOpen"
-      :title="s__('Profiles|Delete your account?')"
-      :text="text"
-      :kind="`danger ${!canSubmit() && 'disabled'}`"
-      :primary-button-label="s__('Profiles|Delete account')"
-      @toggle="toggleOpen"
-      @submit="onSubmit">
-
-      <template slot="body" slot-scope="props">
-        <p v-html="props.text"></p>
+  <modal
+    id="delete-account-modal"
+    :title="s__('Profiles|Delete your account?')"
+    :text="text"
+    kind="danger"
+    :primary-button-label="s__('Profiles|Delete account')"
+    @submit="onSubmit"
+    :submit-disabled="!canSubmit()">
 
-        <form
-          ref="form"
-          :action="actionUrl"
-          method="post">
+    <template slot="body" slot-scope="props">
+      <p v-html="props.text"></p>
 
-          <input
-            type="hidden"
-            name="_method"
-            value="delete" />
-          <input
-            type="hidden"
-            name="authenticity_token"
-            :value="csrfToken" />
+      <form
+        ref="form"
+        :action="actionUrl"
+        method="post">
 
-          <p id="input-label" v-html="inputLabel"></p>
+        <input
+          type="hidden"
+          name="_method"
+          value="delete" />
+        <input
+          type="hidden"
+          name="authenticity_token"
+          :value="csrfToken" />
 
-          <input
-            v-if="confirmWithPassword"
-            name="password"
-            class="form-control"
-            type="password"
-            v-model="enteredPassword"
-            aria-labelledby="input-label" />
-          <input
-            v-else
-            name="username"
-            class="form-control"
-            type="text"
-            v-model="enteredUsername"
-            aria-labelledby="input-label" />
-        </form>
-      </template>
+        <p id="input-label" v-html="inputLabel"></p>
 
-    </modal>
+        <input
+          v-if="confirmWithPassword"
+          name="password"
+          class="form-control"
+          type="password"
+          v-model="enteredPassword"
+          aria-labelledby="input-label" />
+        <input
+          v-else
+          name="username"
+          class="form-control"
+          type="text"
+          v-model="enteredUsername"
+          aria-labelledby="input-label" />
+      </form>
+    </template>
 
-    <button
-      type="button"
-      class="btn btn-danger"
-      @click="toggleOpen(true)">
-      {{ s__('Profiles|Delete account') }}
-    </button>
-  </div>
+  </modal>
 </template>
diff --git a/app/assets/javascripts/profile/account/index.js b/app/assets/javascripts/profile/account/index.js
index 635056e0eeb..a93bc935dd0 100644
--- a/app/assets/javascripts/profile/account/index.js
+++ b/app/assets/javascripts/profile/account/index.js
@@ -1,7 +1,12 @@
 import Vue from 'vue';
 
+import Translate from '~/vue_shared/translate';
+
 import deleteAccountModal from './components/delete_account_modal.vue';
 
+Vue.use(Translate);
+
+const deleteAccountButton = document.getElementById('delete-account-button');
 const deleteAccountModalEl = document.getElementById('delete-account-modal');
 // eslint-disable-next-line no-new
 new Vue({
@@ -9,6 +14,9 @@ new Vue({
   components: {
     deleteAccountModal,
   },
+  mounted() {
+    deleteAccountButton.classList.remove('disabled');
+  },
   render(createElement) {
     return createElement('delete-account-modal', {
       props: {
diff --git a/app/assets/javascripts/projects/project_new.js b/app/assets/javascripts/projects/project_new.js
index 3ecc0c2a6e5..4710e70d619 100644
--- a/app/assets/javascripts/projects/project_new.js
+++ b/app/assets/javascripts/projects/project_new.js
@@ -1,6 +1,7 @@
 let hasUserDefinedProjectPath = false;
 
-const deriveProjectPathFromUrl = ($projectImportUrl, $projectPath) => {
+const deriveProjectPathFromUrl = ($projectImportUrl) => {
+  const $currentProjectPath = $projectImportUrl.parents('.toggle-import-form').find('#project_path');
   if (hasUserDefinedProjectPath) {
     return;
   }
@@ -21,7 +22,7 @@ const deriveProjectPathFromUrl = ($projectImportUrl, $projectPath) => {
   // extract everything after the last slash
   const pathMatch = /\/([^/]+)$/.exec(importUrl);
   if (pathMatch) {
-    $projectPath.val(pathMatch[1]);
+    $currentProjectPath.val(pathMatch[1]);
   }
 };
 
@@ -96,7 +97,7 @@ const bindEvents = () => {
     hasUserDefinedProjectPath = $projectPath.val().trim().length > 0;
   });
 
-  $projectImportUrl.keyup(() => deriveProjectPathFromUrl($projectImportUrl, $projectPath));
+  $projectImportUrl.keyup(() => deriveProjectPathFromUrl($projectImportUrl));
 };
 
 document.addEventListener('DOMContentLoaded', bindEvents);
diff --git a/app/assets/javascripts/render_mermaid.js b/app/assets/javascripts/render_mermaid.js
index 41942c04a4e..b7cde6fb092 100644
--- a/app/assets/javascripts/render_mermaid.js
+++ b/app/assets/javascripts/render_mermaid.js
@@ -24,7 +24,25 @@ export default function renderMermaid($els) {
     });
 
     $els.each((i, el) => {
-      mermaid.init(undefined, el);
+      const source = el.textContent;
+
+      mermaid.init(undefined, el, (id) => {
+        const svg = document.getElementById(id);
+
+        svg.classList.add('mermaid');
+
+        // pre > code > svg
+        svg.closest('pre').replaceWith(svg);
+
+        // We need to add the original source into the DOM to allow Copy-as-GFM
+        // to access it.
+        const sourceEl = document.createElement('text');
+        sourceEl.classList.add('source');
+        sourceEl.setAttribute('display', 'none');
+        sourceEl.textContent = source;
+
+        svg.appendChild(sourceEl);
+      });
     });
   }).catch((err) => {
     Flash(`Can't load mermaid module: ${err}`);
diff --git a/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_rebase.vue b/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_rebase.vue
new file mode 100644
index 00000000000..09276ba2769
--- /dev/null
+++ b/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_rebase.vue
@@ -0,0 +1,133 @@
+<script>
+  import simplePoll from '../../../lib/utils/simple_poll';
+  import eventHub from '../../event_hub';
+  import statusIcon from '../mr_widget_status_icon';
+  import loadingIcon from '../../../vue_shared/components/loading_icon.vue';
+  import Flash from '../../../flash';
+
+  export default {
+    name: 'MRWidgetRebase',
+    props: {
+      mr: {
+        type: Object,
+        required: true,
+      },
+      service: {
+        type: Object,
+        required: true,
+      },
+    },
+    components: {
+      statusIcon,
+      loadingIcon,
+    },
+    data() {
+      return {
+        isMakingRequest: false,
+        rebasingError: null,
+      };
+    },
+    computed: {
+      status() {
+        if (this.mr.rebaseInProgress || this.isMakingRequest) {
+          return 'loading';
+        }
+        if (!this.mr.canPushToSourceBranch && !this.mr.rebaseInProgress) {
+          return 'warning';
+        }
+        return 'success';
+      },
+      showDisabledButton() {
+        return ['failed', 'loading'].includes(this.status);
+      },
+    },
+    methods: {
+      rebase() {
+        this.isMakingRequest = true;
+        this.rebasingError = null;
+
+        this.service.rebase()
+          .then(() => {
+            simplePoll(this.checkRebaseStatus);
+          })
+          .catch((error) => {
+            this.rebasingError = error.merge_error;
+            this.isMakingRequest = false;
+            Flash('Something went wrong. Please try again.');
+          });
+      },
+      checkRebaseStatus(continuePolling, stopPolling) {
+        this.service.poll()
+          .then(res => res.data)
+          .then((res) => {
+            if (res.rebase_in_progress) {
+              continuePolling();
+            } else {
+              this.isMakingRequest = false;
+
+              if (res.merge_error && res.merge_error.length) {
+                this.rebasingError = res.merge_error;
+                Flash('Something went wrong. Please try again.');
+              }
+
+              eventHub.$emit('MRWidgetUpdateRequested');
+              stopPolling();
+            }
+          })
+          .catch(() => {
+            this.isMakingRequest = false;
+            Flash('Something went wrong. Please try again.');
+            stopPolling();
+          });
+      },
+    },
+  };
+</script>
+<template>
+  <div class="mr-widget-body media">
+    <status-icon
+      :status="status"
+      :show-disabled-button="showDisabledButton"
+      />
+
+    <div class="rebase-state-find-class-convention media media-body space-children">
+      <template v-if="mr.rebaseInProgress || isMakingRequest">
+        <span class="bold">
+          Rebase in progress
+        </span>
+      </template>
+      <template v-if="!mr.rebaseInProgress && !mr.canPushToSourceBranch">
+        <span class="bold">
+          Fast-forward merge is not possible.
+          Rebase the source branch onto
+          <span class="label-branch">{{mr.targetBranch}}</span>
+          to allow this merge request to be merged.
+        </span>
+      </template>
+      <template v-if="!mr.rebaseInProgress && mr.canPushToSourceBranch && !isMakingRequest">
+        <div class="accept-merge-holder clearfix js-toggle-container accept-action media space-children">
+          <button
+            type="button"
+            class="btn btn-sm btn-reopen btn-success"
+            :disabled="isMakingRequest"
+            @click="rebase">
+            <loading-icon v-if="isMakingRequest" />
+            Rebase
+          </button>
+          <span
+            v-if="!rebasingError"
+            class="bold">
+            Fast-forward merge is not possible.
+            Rebase the source branch onto the target branch or merge target
+            branch into source branch to allow this merge request to be merged.
+          </span>
+          <span
+            v-else
+            class="bold danger">
+            {{rebasingError}}
+          </span>
+        </div>
+      </template>
+    </div>
+  </div>
+</template>
diff --git a/app/assets/javascripts/vue_merge_request_widget/dependencies.js b/app/assets/javascripts/vue_merge_request_widget/dependencies.js
index 5bd8b99420a..940f3d9b2d0 100644
--- a/app/assets/javascripts/vue_merge_request_widget/dependencies.js
+++ b/app/assets/javascripts/vue_merge_request_widget/dependencies.js
@@ -32,6 +32,7 @@ export { default as UnresolvedDiscussionsState } from './components/states/mr_wi
 export { default as PipelineBlockedState } from './components/states/mr_widget_pipeline_blocked';
 export { default as PipelineFailedState } from './components/states/mr_widget_pipeline_failed';
 export { default as MergeWhenPipelineSucceedsState } from './components/states/mr_widget_merge_when_pipeline_succeeds';
+export { default as RebaseState } from './components/states/mr_widget_rebase.vue';
 export { default as AutoMergeFailed } from './components/states/mr_widget_auto_merge_failed';
 export { default as CheckingState } from './components/states/mr_widget_checking';
 export { default as MRWidgetStore } from './stores/mr_widget_store';
diff --git a/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.js b/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.js
index fdae06200de..2075f8e4fec 100644
--- a/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.js
+++ b/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.js
@@ -10,6 +10,7 @@ import {
   MergedState,
   ClosedState,
   MergingState,
+  RebaseState,
   WipState,
   ArchivedState,
   ConflictsState,
@@ -79,6 +80,7 @@ export default {
         ciEnvironmentsStatusPath: store.ciEnvironmentsStatusPath,
         statusPath: store.statusPath,
         mergeActionsContentPath: store.mergeActionsContentPath,
+        rebasePath: store.rebasePath,
       };
       return new MRWidgetService(endpoints);
     },
@@ -232,6 +234,7 @@ export default {
     'mr-widget-pipeline-failed': PipelineFailedState,
     'mr-widget-merge-when-pipeline-succeeds': MergeWhenPipelineSucceedsState,
     'mr-widget-auto-merge-failed': AutoMergeFailed,
+    'mr-widget-rebase': RebaseState,
   },
   template: `
     <div class="mr-state-widget prepend-top-default">
diff --git a/app/assets/javascripts/vue_merge_request_widget/services/mr_widget_service.js b/app/assets/javascripts/vue_merge_request_widget/services/mr_widget_service.js
index 7c0bbdd403f..fecbfec2214 100644
--- a/app/assets/javascripts/vue_merge_request_widget/services/mr_widget_service.js
+++ b/app/assets/javascripts/vue_merge_request_widget/services/mr_widget_service.js
@@ -37,6 +37,10 @@ export default class MRWidgetService {
     return axios.get(this.endpoints.mergeActionsContentPath);
   }
 
+  rebase() {
+    return axios.post(this.endpoints.rebasePath);
+  }
+
   static stopEnvironment(url) {
     return axios.post(url);
   }
diff --git a/app/assets/javascripts/vue_merge_request_widget/stores/get_state_key.js b/app/assets/javascripts/vue_merge_request_widget/stores/get_state_key.js
index 2bace3311c8..f7f0c1b6cb7 100644
--- a/app/assets/javascripts/vue_merge_request_widget/stores/get_state_key.js
+++ b/app/assets/javascripts/vue_merge_request_widget/stores/get_state_key.js
@@ -25,6 +25,8 @@ export default function deviseState(data) {
     return this.mergeError ? stateKey.autoMergeFailed : stateKey.mergeWhenPipelineSucceeds;
   } else if (!this.canMerge) {
     return stateKey.notAllowedToMerge;
+  } else if (this.shouldBeRebased) {
+    return stateKey.rebase;
   } else if (this.canBeMerged) {
     return stateKey.readyToMerge;
   }
diff --git a/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js b/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
index 474c17ec133..ed004b3bb08 100644
--- a/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
+++ b/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
@@ -26,6 +26,7 @@ export default class MergeRequestStore {
     this.divergedCommitsCount = data.diverged_commits_count;
     this.pipeline = data.pipeline || {};
     this.deployments = this.deployments || data.deployments || [];
+    this.initRebase(data);
 
     if (data.issues_links) {
       const links = data.issues_links;
@@ -124,6 +125,13 @@ export default class MergeRequestStore {
     return this.state === stateKey.nothingToMerge;
   }
 
+  initRebase(data) {
+    this.canPushToSourceBranch = data.can_push_to_source_branch;
+    this.rebaseInProgress = data.rebase_in_progress;
+    this.approvalsLeft = !data.approved;
+    this.rebasePath = data.rebase_path;
+  }
+
   static buildMetrics(metrics) {
     if (!metrics) {
       return {};
diff --git a/app/assets/javascripts/vue_merge_request_widget/stores/state_maps.js b/app/assets/javascripts/vue_merge_request_widget/stores/state_maps.js
index de980c175fb..29d5bd4a1da 100644
--- a/app/assets/javascripts/vue_merge_request_widget/stores/state_maps.js
+++ b/app/assets/javascripts/vue_merge_request_widget/stores/state_maps.js
@@ -17,6 +17,7 @@ const stateToComponentMap = {
   failedToMerge: 'mr-widget-failed-to-merge',
   autoMergeFailed: 'mr-widget-auto-merge-failed',
   shaMismatch: 'mr-widget-sha-mismatch',
+  rebase: 'mr-widget-rebase',
 };
 
 const statesToShowHelpWidget = [
@@ -29,6 +30,7 @@ const statesToShowHelpWidget = [
   'pipelineFailed',
   'pipelineBlocked',
   'autoMergeFailed',
+  'rebase',
 ];
 
 export const stateKey = {
@@ -46,6 +48,7 @@ export const stateKey = {
   mergeWhenPipelineSucceeds: 'mergeWhenPipelineSucceeds',
   notAllowedToMerge: 'notAllowedToMerge',
   readyToMerge: 'readyToMerge',
+  rebase: 'rebase',
 };
 
 export default {
diff --git a/app/assets/javascripts/vue_shared/components/expand_button.vue b/app/assets/javascripts/vue_shared/components/expand_button.vue
new file mode 100644
index 00000000000..05e48ed297f
--- /dev/null
+++ b/app/assets/javascripts/vue_shared/components/expand_button.vue
@@ -0,0 +1,46 @@
+<script>
+  import { __ } from '~/locale';
+  /**
+   * Port of detail_behavior expand button.
+   *
+   * @example
+   * <expand-button>
+   *   <template slot="expanded">
+   *      Text goes here.
+   *    </template>
+   * </expand-button>
+   */
+  export default {
+    name: 'expandButton',
+    data() {
+      return {
+        isCollapsed: true,
+      };
+    },
+    computed: {
+      ariaLabel() {
+        return __('Click to expand text');
+      },
+    },
+    methods: {
+      onClick() {
+        this.isCollapsed = !this.isCollapsed;
+      },
+    },
+  };
+</script>
+<template>
+  <span>
+    <button
+      type="button"
+      v-show="isCollapsed"
+      class="text-expander btn-blank"
+      :aria-label="ariaLabel"
+      @click="onClick">
+      ...
+    </button>
+    <span v-show="!isCollapsed">
+      <slot name="expanded"></slot>
+    </span>
+  </span>
+</template>
diff --git a/app/assets/javascripts/vue_shared/components/modal.vue b/app/assets/javascripts/vue_shared/components/modal.vue
index 55f466b7b41..00089dfef38 100644
--- a/app/assets/javascripts/vue_shared/components/modal.vue
+++ b/app/assets/javascripts/vue_shared/components/modal.vue
@@ -3,6 +3,10 @@ export default {
   name: 'modal',
 
   props: {
+    id: {
+      type: String,
+      required: false,
+    },
     title: {
       type: String,
       required: false,
@@ -62,11 +66,11 @@ export default {
   },
 
   methods: {
-    close() {
-      this.$emit('toggle', false);
+    emitCancel(event) {
+      this.$emit('cancel', event);
     },
-    emitSubmit(status) {
-      this.$emit('submit', status);
+    emitSubmit(event) {
+      this.$emit('submit', event);
     },
   },
 };
@@ -75,7 +79,9 @@ export default {
 <template>
 <div class="modal-open">
   <div
-    class="modal show"
+    :id="id"
+    class="modal"
+    :class="id ? '' : 'show'"
     role="dialog"
     tabindex="-1"
   >
@@ -93,7 +99,8 @@ export default {
             <button
               type="button"
               class="close pull-right"
-              @click="close"
+              @click="emitCancel($event)"
+              data-dismiss="modal"
               aria-label="Close"
             >
               <span aria-hidden="true">&times;</span>
@@ -110,7 +117,8 @@ export default {
             type="button"
             class="btn pull-left"
             :class="btnCancelKindClass"
-            @click="close">
+            @click="emitCancel($event)"
+            data-dismiss="modal">
             {{ closeButtonLabel }}
           </button>
           <button
@@ -119,13 +127,17 @@ export default {
             class="btn pull-right js-primary-button"
             :disabled="submitDisabled"
             :class="btnKindClass"
-            @click="emitSubmit(true)">
+            @click="emitSubmit($event)"
+            data-dismiss="modal">
             {{ primaryButtonLabel }}
           </button>
         </div>
       </div>
     </div>
   </div>
-  <div class="modal-backdrop fade in" />
+  <div
+    v-if="!id"
+    class="modal-backdrop fade in">
+  </div>
 </div>
 </template>
diff --git a/app/assets/javascripts/vue_shared/components/recaptcha_modal.vue b/app/assets/javascripts/vue_shared/components/recaptcha_modal.vue
index 8053c65d498..16d60bb2876 100644
--- a/app/assets/javascripts/vue_shared/components/recaptcha_modal.vue
+++ b/app/assets/javascripts/vue_shared/components/recaptcha_modal.vue
@@ -70,7 +70,7 @@ export default {
   class="recaptcha-modal js-recaptcha-modal"
   :hide-footer="true"
   :title="__('Please solve the reCAPTCHA')"
-  @toggle="close"
+  @cancel="close"
 >
   <div slot="body">
     <p>
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index 6b59c8461a3..2e8a738b6d9 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -10,6 +10,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
   before_action :authorize_update_issuable!, only: [:close, :edit, :update, :remove_wip, :sort]
   before_action :set_issuables_index, only: [:index]
   before_action :authenticate_user!, only: [:assign_related_issues]
+  before_action :check_user_can_push_to_source_branch!, only: [:rebase]
 
   def index
     @merge_requests = @issuables
@@ -223,6 +224,12 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
     render json: environments
   end
 
+  def rebase
+    RebaseWorker.perform_async(@merge_request.id, current_user.id)
+
+    render nothing: true, status: 200
+  end
+
   protected
 
   alias_method :subscribable_resource, :merge_request
@@ -322,4 +329,14 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
     @finder_type = MergeRequestsFinder
     super
   end
+
+  def check_user_can_push_to_source_branch!
+    return access_denied! unless @merge_request.source_branch_exists?
+
+    access_check = ::Gitlab::UserAccess
+      .new(current_user, project: @merge_request.source_project)
+      .can_push_to_branch?(@merge_request.source_branch)
+
+    access_denied! unless access_check
+  end
 end
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 6f609348402..6f229b08c0c 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -353,7 +353,7 @@ class ProjectsController < Projects::ApplicationController
   end
 
   def repo_exists?
-    project.repository_exists? && !project.empty_repo? && project.repo
+    project.repository_exists? && !project.empty_repo?
 
   rescue Gitlab::Git::Repository::NoRepository
     project.repository.expire_exists_cache
diff --git a/app/finders/labels_finder.rb b/app/finders/labels_finder.rb
index ce432ddbfe6..6de9eb89468 100644
--- a/app/finders/labels_finder.rb
+++ b/app/finders/labels_finder.rb
@@ -1,4 +1,6 @@
 class LabelsFinder < UnionFinder
+  include Gitlab::Utils::StrongMemoize
+
   def initialize(current_user, params = {})
     @current_user = current_user
     @params = params
@@ -32,6 +34,8 @@ class LabelsFinder < UnionFinder
           label_ids << project.labels
         end
       end
+    elsif only_group_labels?
+      label_ids << Label.where(group_id: group.id)
     else
       label_ids << Label.where(group_id: projects.group_ids)
       label_ids << Label.where(project_id: projects.select(:id))
@@ -51,6 +55,13 @@ class LabelsFinder < UnionFinder
     items.where(title: title)
   end
 
+  def group
+    strong_memoize(:group) do
+      group = Group.find(params[:group_id])
+      authorized_to_read_labels?(group) && group
+    end
+  end
+
   def group?
     params[:group_id].present?
   end
@@ -63,6 +74,10 @@ class LabelsFinder < UnionFinder
     params[:project_ids].present?
   end
 
+  def only_group_labels?
+    params[:only_group_labels]
+  end
+
   def title
     params[:title] || params[:name]
   end
@@ -96,9 +111,9 @@ class LabelsFinder < UnionFinder
     @projects
   end
 
-  def authorized_to_read_labels?(project)
+  def authorized_to_read_labels?(label_parent)
     return true if skip_authorization
 
-    Ability.allowed?(current_user, :read_label, project)
+    Ability.allowed?(current_user, :read_label, label_parent)
   end
 end
diff --git a/app/helpers/branches_helper.rb b/app/helpers/branches_helper.rb
index 686437fc99a..2641a98e29e 100644
--- a/app/helpers/branches_helper.rb
+++ b/app/helpers/branches_helper.rb
@@ -23,4 +23,12 @@ module BranchesHelper
   def protected_branch?(project, branch)
     ProtectedBranch.protected?(project, branch.name)
   end
+
+  def diverging_count_label(count)
+    if count >= Repository::MAX_DIVERGING_COUNT
+      "#{Repository::MAX_DIVERGING_COUNT - 1}+"
+    else
+      count.to_s
+    end
+  end
 end
diff --git a/app/models/concerns/deployment_platform.rb b/app/models/concerns/deployment_platform.rb
new file mode 100644
index 00000000000..89d0474a596
--- /dev/null
+++ b/app/models/concerns/deployment_platform.rb
@@ -0,0 +1,48 @@
+module DeploymentPlatform
+  def deployment_platform
+    @deployment_platform ||=
+      find_cluster_platform_kubernetes ||
+      find_kubernetes_service_integration ||
+      build_cluster_and_deployment_platform
+  end
+
+  private
+
+  def find_cluster_platform_kubernetes
+    clusters.find_by(enabled: true)&.platform_kubernetes
+  end
+
+  def find_kubernetes_service_integration
+    services.deployment.reorder(nil).find_by(active: true)
+  end
+
+  def build_cluster_and_deployment_platform
+    return unless kubernetes_service_template
+
+    cluster = ::Clusters::Cluster.create(cluster_attributes_from_service_template)
+    cluster.platform_kubernetes if cluster.persisted?
+  end
+
+  def kubernetes_service_template
+    @kubernetes_service_template ||= KubernetesService.active.find_by_template
+  end
+
+  def cluster_attributes_from_service_template
+    {
+      name: 'kubernetes-template',
+      projects: [self],
+      provider_type: :user,
+      platform_type: :kubernetes,
+      platform_kubernetes_attributes: platform_kubernetes_attributes_from_service_template
+    }
+  end
+
+  def platform_kubernetes_attributes_from_service_template
+    {
+      api_url: kubernetes_service_template.api_url,
+      ca_pem: kubernetes_service_template.ca_pem,
+      token: kubernetes_service_template.token,
+      namespace: kubernetes_service_template.namespace
+    }
+  end
+end
diff --git a/app/models/concerns/relative_positioning.rb b/app/models/concerns/relative_positioning.rb
index 835f26aa57b..afacdb8cb12 100644
--- a/app/models/concerns/relative_positioning.rb
+++ b/app/models/concerns/relative_positioning.rb
@@ -10,12 +10,12 @@ module RelativePositioning
     after_save :save_positionable_neighbours
   end
 
-  def project_ids
-    [project.id]
+  def min_relative_position
+    self.class.in_parents(parent_ids).minimum(:relative_position)
   end
 
   def max_relative_position
-    self.class.in_projects(project_ids).maximum(:relative_position)
+    self.class.in_parents(parent_ids).maximum(:relative_position)
   end
 
   def prev_relative_position
@@ -23,7 +23,7 @@ module RelativePositioning
 
     if self.relative_position
       prev_pos = self.class
-        .in_projects(project_ids)
+        .in_parents(parent_ids)
         .where('relative_position < ?', self.relative_position)
         .maximum(:relative_position)
     end
@@ -36,7 +36,7 @@ module RelativePositioning
 
     if self.relative_position
       next_pos = self.class
-        .in_projects(project_ids)
+        .in_parents(parent_ids)
         .where('relative_position > ?', self.relative_position)
         .minimum(:relative_position)
     end
@@ -63,7 +63,7 @@ module RelativePositioning
     pos_after = before.next_relative_position
 
     if before.shift_after?
-      issue_to_move = self.class.in_projects(project_ids).find_by!(relative_position: pos_after)
+      issue_to_move = self.class.in_parents(parent_ids).find_by!(relative_position: pos_after)
       issue_to_move.move_after
       @positionable_neighbours = [issue_to_move] # rubocop:disable Gitlab/ModuleWithInstanceVariables
 
@@ -78,7 +78,7 @@ module RelativePositioning
     pos_before = after.prev_relative_position
 
     if after.shift_before?
-      issue_to_move = self.class.in_projects(project_ids).find_by!(relative_position: pos_before)
+      issue_to_move = self.class.in_parents(parent_ids).find_by!(relative_position: pos_before)
       issue_to_move.move_before
       @positionable_neighbours = [issue_to_move] # rubocop:disable Gitlab/ModuleWithInstanceVariables
 
@@ -92,6 +92,10 @@ module RelativePositioning
     self.relative_position = position_between(max_relative_position || START_POSITION, MAX_POSITION)
   end
 
+  def move_to_start
+    self.relative_position = position_between(min_relative_position || START_POSITION, MIN_POSITION)
+  end
+
   # Indicates if there is an issue that should be shifted to free the place
   def shift_after?
     next_pos = next_relative_position
diff --git a/app/models/issue.rb b/app/models/issue.rb
index 4eafc1316d6..ad4a3c737ff 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -35,6 +35,8 @@ class Issue < ActiveRecord::Base
 
   validates :project, presence: true
 
+  alias_attribute :parent_ids, :project_id
+
   scope :in_projects, ->(project_ids) { where(project_id: project_ids) }
 
   scope :assigned, -> { where('EXISTS (SELECT TRUE FROM issue_assignees WHERE issue_id = issues.id)') }
@@ -78,6 +80,10 @@ class Issue < ActiveRecord::Base
 
   acts_as_paranoid
 
+  class << self
+    alias_method :in_parents, :in_projects
+  end
+
   def self.reference_prefix
     '#'
   end
diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index c39789b047d..ef58816937c 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -156,6 +156,13 @@ class MergeRequest < ActiveRecord::Base
     '!'
   end
 
+  def rebase_in_progress?
+    # The source project can be deleted
+    return false unless source_project
+
+    source_project.repository.rebase_in_progress?(id)
+  end
+
   # Use this method whenever you need to make sure the head_pipeline is synced with the
   # branch head commit, for example checking if a merge request can be merged.
   # For more information check: https://gitlab.com/gitlab-org/gitlab-ce/issues/40004
@@ -607,7 +614,7 @@ class MergeRequest < ActiveRecord::Base
 
     check_if_can_be_merged
 
-    can_be_merged?
+    can_be_merged? && !should_be_rebased?
   end
 
   def mergeable_state?(skip_ci_check: false)
diff --git a/app/models/project.rb b/app/models/project.rb
index 9c0bbf697e2..4cb9d9fe637 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -19,6 +19,7 @@ class Project < ActiveRecord::Base
   include Routable
   include GroupDescendant
   include Gitlab::SQL::Pattern
+  include DeploymentPlatform
 
   extend Gitlab::ConfigHelper
   extend Gitlab::CurrentSettings
@@ -904,12 +905,6 @@ class Project < ActiveRecord::Base
     @ci_service ||= ci_services.reorder(nil).find_by(active: true)
   end
 
-  # TODO: This will be extended for multiple enviroment clusters
-  def deployment_platform
-    @deployment_platform ||= clusters.find_by(enabled: true)&.platform_kubernetes
-    @deployment_platform ||= services.where(category: :deployment).reorder(nil).find_by(active: true)
-  end
-
   def monitoring_services
     services.where(category: :monitoring)
   end
@@ -992,10 +987,6 @@ class Project < ActiveRecord::Base
     false
   end
 
-  def repo
-    repository.rugged
-  end
-
   def url_to_repo
     gitlab_shell.url_to_repo(full_path)
   end
@@ -1438,7 +1429,7 @@ class Project < ActiveRecord::Base
     # We'd need to keep track of project full path otherwise directory tree
     # created with hashed storage enabled cannot be usefully imported using
     # the import rake task.
-    repo.config['gitlab.fullpath'] = gl_full_path
+    repository.rugged.config['gitlab.fullpath'] = gl_full_path
   rescue Gitlab::Git::Repository::NoRepository => e
     Rails.logger.error("Error writing to .git/config for project #{full_path} (#{id}): #{e.message}.")
     nil
diff --git a/app/models/repository.rb b/app/models/repository.rb
index b1fd981965c..7b8f5794a87 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -4,6 +4,7 @@ class Repository
   REF_MERGE_REQUEST = 'merge-requests'.freeze
   REF_KEEP_AROUND = 'keep-around'.freeze
   REF_ENVIRONMENTS = 'environments'.freeze
+  MAX_DIVERGING_COUNT = 1000
 
   RESERVED_REFS_NAMES = %W[
     heads
@@ -278,11 +279,12 @@ class Repository
     cache.fetch(:"diverging_commit_counts_#{branch.name}") do
       # Rugged seems to throw a `ReferenceError` when given branch_names rather
       # than SHA-1 hashes
-      number_commits_behind = raw_repository
-        .count_commits_between(branch.dereferenced_target.sha, root_ref_hash)
-
-      number_commits_ahead = raw_repository
-        .count_commits_between(root_ref_hash, branch.dereferenced_target.sha)
+      number_commits_behind, number_commits_ahead =
+        raw_repository.count_commits_between(
+          root_ref_hash,
+          branch.dereferenced_target.sha,
+          left_right: true,
+          max_count: MAX_DIVERGING_COUNT)
 
       { behind: number_commits_behind, ahead: number_commits_ahead }
     end
@@ -1099,6 +1101,13 @@ class Repository
     @project.repository_storage_path
   end
 
+  def rebase(user, merge_request)
+    raw.rebase(user, merge_request.id, branch: merge_request.source_branch,
+                                       branch_sha: merge_request.source_branch_sha,
+                                       remote_repository: merge_request.target_project.repository.raw,
+                                       remote_branch: merge_request.target_branch)
+  end
+
   private
 
   # TODO Generice finder, later split this on finders by Ref or Oid
diff --git a/app/models/service.rb b/app/models/service.rb
index 176b472e724..24ba3039707 100644
--- a/app/models/service.rb
+++ b/app/models/service.rb
@@ -44,6 +44,7 @@ class Service < ActiveRecord::Base
   scope :pipeline_hooks, -> { where(pipeline_events: true, active: true) }
   scope :wiki_page_hooks, -> { where(wiki_page_events: true, active: true) }
   scope :external_issue_trackers, -> { issue_trackers.active.without_defaults }
+  scope :deployment, -> { where(category: 'deployment') }
 
   default_value_for :category, 'common'
 
@@ -271,6 +272,10 @@ class Service < ActiveRecord::Base
     nil
   end
 
+  def self.find_by_template
+    find_by(template: true)
+  end
+
   private
 
   def cache_project_has_external_issue_tracker
diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index d2d45e402b0..f0bcba588a2 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -28,12 +28,18 @@ class GroupPolicy < BasePolicy
   with_options scope: :subject, score: 0
   condition(:request_access_enabled) { @subject.request_access_enabled }
 
-  rule { public_group }      .enable :read_group
+  rule { public_group }.policy do
+    enable :read_group
+    enable :read_list
+    enable :read_label
+  end
+
   rule { logged_in_viewable }.enable :read_group
 
   rule { guest }.policy do
     enable :read_group
     enable :upload_file
+    enable :read_label
   end
 
   rule { admin }             .enable :read_group
diff --git a/app/presenters/merge_request_presenter.rb b/app/presenters/merge_request_presenter.rb
index ab4c87c0169..c6806b7cc26 100644
--- a/app/presenters/merge_request_presenter.rb
+++ b/app/presenters/merge_request_presenter.rb
@@ -76,6 +76,12 @@ class MergeRequestPresenter < Gitlab::View::Presenter::Delegated
     end
   end
 
+  def rebase_path
+    if !rebase_in_progress? && should_be_rebased? && user_can_push_to_source_branch?
+      rebase_project_merge_request_path(project, merge_request)
+    end
+  end
+
   def target_branch_tree_path
     if target_branch_exists?
       project_tree_path(project, target_branch)
@@ -152,6 +158,10 @@ class MergeRequestPresenter < Gitlab::View::Presenter::Delegated
     user_can_collaborate_with_project? && can_be_cherry_picked?
   end
 
+  def can_push_to_source_branch?
+    source_branch_exists? && user_can_push_to_source_branch?
+  end
+
   private
 
   def conflicts
@@ -174,6 +184,14 @@ class MergeRequestPresenter < Gitlab::View::Presenter::Delegated
     end.sort.to_sentence
   end
 
+  def user_can_push_to_source_branch?
+    return false unless source_branch_exists?
+
+    ::Gitlab::UserAccess
+      .new(current_user, project: source_project)
+      .can_push_to_branch?(source_branch)
+  end
+
   def user_can_collaborate_with_project?
     can?(current_user, :push_code, project) ||
       (current_user && current_user.already_forked?(project))
diff --git a/app/serializers/merge_request_basic_entity.rb b/app/serializers/merge_request_basic_entity.rb
index d54a6516aed..e4aec977f01 100644
--- a/app/serializers/merge_request_basic_entity.rb
+++ b/app/serializers/merge_request_basic_entity.rb
@@ -4,4 +4,5 @@ class MergeRequestBasicEntity < IssuableSidebarEntity
   expose :merge_error
   expose :state
   expose :source_branch_exists?, as: :source_branch_exists
+  expose :rebase_in_progress?, as: :rebase_in_progress
 end
diff --git a/app/serializers/merge_request_widget_entity.rb b/app/serializers/merge_request_widget_entity.rb
index e905e6876c2..48cd2317f46 100644
--- a/app/serializers/merge_request_widget_entity.rb
+++ b/app/serializers/merge_request_widget_entity.rb
@@ -23,6 +23,16 @@ class MergeRequestWidgetEntity < IssuableEntity
     MergeRequestMetricsEntity.new(metrics).as_json
   end
 
+  expose :rebase_commit_sha
+  expose :rebase_in_progress?, as: :rebase_in_progress
+
+  expose :can_push_to_source_branch do |merge_request|
+    presenter(merge_request).can_push_to_source_branch?
+  end
+  expose :rebase_path do |merge_request|
+    presenter(merge_request).rebase_path
+  end
+
   # User entities
   expose :merge_user, using: UserEntity
 
diff --git a/app/services/merge_requests/rebase_service.rb b/app/services/merge_requests/rebase_service.rb
new file mode 100644
index 00000000000..0d5a25fa28e
--- /dev/null
+++ b/app/services/merge_requests/rebase_service.rb
@@ -0,0 +1,30 @@
+module MergeRequests
+  class RebaseService < MergeRequests::WorkingCopyBaseService
+    def execute(merge_request)
+      @merge_request = merge_request
+
+      if rebase
+        success
+      else
+        error('Failed to rebase. Should be done manually')
+      end
+    end
+
+    def rebase
+      if merge_request.rebase_in_progress?
+        log_error('Rebase task canceled: Another rebase is already in progress', save_message_on_model: true)
+        return false
+      end
+
+      rebase_sha = repository.rebase(current_user, merge_request)
+
+      merge_request.update_attributes(rebase_commit_sha: rebase_sha)
+
+      true
+    rescue => e
+      log_error('Failed to rebase branch:')
+      log_error(e.message, save_message_on_model: true)
+      false
+    end
+  end
+end
diff --git a/app/services/merge_requests/working_copy_base_service.rb b/app/services/merge_requests/working_copy_base_service.rb
new file mode 100644
index 00000000000..186e05bf966
--- /dev/null
+++ b/app/services/merge_requests/working_copy_base_service.rb
@@ -0,0 +1,24 @@
+module MergeRequests
+  class WorkingCopyBaseService < MergeRequests::BaseService
+    attr_reader :merge_request
+
+    def source_project
+      @source_project ||= merge_request.source_project
+    end
+
+    def target_project
+      @target_project ||= merge_request.target_project
+    end
+
+    def log_error(message, save_message_on_model: false)
+      Gitlab::GitLogger.error("#{self.class.name} error (#{merge_request.to_reference(full: true)}): #{message}")
+
+      merge_request.update(merge_error: message) if save_message_on_model
+    end
+
+    # Don't try to print expensive instance variables.
+    def inspect
+      "#<#{self.class} #{merge_request.to_reference(full: true)}>"
+    end
+  end
+end
diff --git a/app/views/profiles/accounts/show.html.haml b/app/views/profiles/accounts/show.html.haml
index f1313b79589..79e197ad08b 100644
--- a/app/views/profiles/accounts/show.html.haml
+++ b/app/views/profiles/accounts/show.html.haml
@@ -84,11 +84,13 @@
         = s_('Profiles|Deleting an account has the following effects:')
       = render 'users/deletion_guidance', user: current_user
 
+      %button#delete-account-button.btn.btn-danger.disabled{ data: { toggle: 'modal',
+        target: '#delete-account-modal' } }
+        = s_('Profiles|Delete account')
+
       #delete-account-modal{ data: { action_url: user_registration_path,
         confirm_with_password: ('true' if current_user.confirm_deletion_with_password?),
         username: current_user.username } }
-        %button.btn.btn-danger.disabled
-          = s_('Profiles|Delete account')
     - else
       - if @user.solo_owned_groups.present?
         %p
diff --git a/app/views/projects/_merge_request_fast_forward_settings.html.haml b/app/views/projects/_merge_request_fast_forward_settings.html.haml
index 9d357293a2f..8129c72feb2 100644
--- a/app/views/projects/_merge_request_fast_forward_settings.html.haml
+++ b/app/views/projects/_merge_request_fast_forward_settings.html.haml
@@ -10,4 +10,4 @@
       No merge commits are created and all merges are fast-forwarded, which means that merging is only allowed if the branch could be fast-forwarded.
     %br
     %span.descr
-      When fast-forward merge is not possible, the user must first rebase locally.
+      When fast-forward merge is not possible, the user is given the option to rebase.
diff --git a/app/views/projects/_merge_request_rebase_settings.html.haml b/app/views/projects/_merge_request_rebase_settings.html.haml
index c52e09573a6..54e0b73d24c 100644
--- a/app/views/projects/_merge_request_rebase_settings.html.haml
+++ b/app/views/projects/_merge_request_rebase_settings.html.haml
@@ -10,4 +10,4 @@
       This way you could make sure that if this merge request would build, after merging to target branch it would also build.
     %br
     %span.descr
-      When fast-forward merge is not possible, the user must first rebase locally.
+      When fast-forward merge is not possible, the user is given the option to rebase.
diff --git a/app/views/projects/branches/_branch.html.haml b/app/views/projects/branches/_branch.html.haml
index acf67b83890..1da0e865a41 100644
--- a/app/views/projects/branches/_branch.html.haml
+++ b/app/views/projects/branches/_branch.html.haml
@@ -66,16 +66,16 @@
             = icon("trash-o")
 
     - if branch.name != @repository.root_ref
-      .divergence-graph{ title: s_('%{number_commits_behind} commits behind %{default_branch}, %{number_commits_ahead} commits ahead') % { number_commits_behind: number_commits_behind,
+      .divergence-graph{ title: s_('%{number_commits_behind} commits behind %{default_branch}, %{number_commits_ahead} commits ahead') % { number_commits_behind: diverging_count_label(number_commits_behind),
         default_branch: @repository.root_ref,
-        number_commits_ahead: number_commits_ahead } }
+        number_commits_ahead: diverging_count_label(number_commits_ahead) } }
         .graph-side
           .bar.bar-behind{ style: "width: #{number_commits_behind * bar_graph_width_factor}%" }
-          %span.count.count-behind= number_commits_behind
+          %span.count.count-behind= diverging_count_label(number_commits_behind)
         .graph-separator
         .graph-side
           .bar.bar-ahead{ style: "width: #{number_commits_ahead * bar_graph_width_factor}%" }
-          %span.count.count-ahead= number_commits_ahead
+          %span.count.count-ahead= diverging_count_label(number_commits_ahead)
 
 
   - if commit
diff --git a/app/views/projects/clusters/_advanced_settings.html.haml b/app/views/projects/clusters/_advanced_settings.html.haml
index 7032b892029..8a13713ae02 100644
--- a/app/views/projects/clusters/_advanced_settings.html.haml
+++ b/app/views/projects/clusters/_advanced_settings.html.haml
@@ -11,5 +11,5 @@
     %label.text-danger
       = s_('ClusterIntegration|Remove cluster integration')
     %p
-      = s_('ClusterIntegration|Removing cluster integration will remove the cluster configuration you have added to this project. It will not delete your cluster on Google Kubernetes Engine.')
-    = link_to(s_('ClusterIntegration|Remove integration'), namespace_project_cluster_path(@project.namespace, @project, @cluster.id), method: :delete, class: 'btn btn-danger', data: { confirm: "Are you sure you want to remove cluster integration from this project? This will not delete your cluster on Google Kubernetes Engine"})
+      = s_("ClusterIntegration|Remove this cluster's configuration from this project. This will not delete your actual cluster.")
+    = link_to(s_('ClusterIntegration|Remove integration'), namespace_project_cluster_path(@project.namespace, @project, @cluster.id), method: :delete, class: 'btn btn-danger', data: { confirm: s_("ClusterIntegration|Are you sure you want to remove this cluster's integration? This will not delete your actual cluster.")})
diff --git a/app/views/projects/clusters/_banner.html.haml b/app/views/projects/clusters/_banner.html.haml
index 76a66fb92a2..26ca3307a4a 100644
--- a/app/views/projects/clusters/_banner.html.haml
+++ b/app/views/projects/clusters/_banner.html.haml
@@ -1,6 +1,6 @@
-%h4= s_('ClusterIntegration|Enable cluster integration')
-.settings-content
+%h4= s_('ClusterIntegration|Cluster integration')
 
+.settings-content
   .hidden.js-cluster-error.alert.alert-danger.alert-block.append-bottom-10{ role: 'alert' }
     = s_('ClusterIntegration|Something went wrong while creating your cluster on Google Kubernetes Engine')
     %p.js-error-reason
@@ -11,11 +11,4 @@
   .hidden.js-cluster-success.alert.alert-success.alert-block.append-bottom-10{ role: 'alert' }
     = s_('ClusterIntegration|Cluster was successfully created on Google Kubernetes Engine. Refresh the page to see cluster\'s details')
 
-  %p
-    - if @cluster.enabled?
-      - if can?(current_user, :update_cluster, @cluster)
-        = s_('ClusterIntegration|Cluster integration is enabled for this project. Disabling this integration will not affect your cluster, it will only temporarily turn off GitLab\'s connection to it.')
-      - else
-        = s_('ClusterIntegration|Cluster integration is enabled for this project.')
-    - else
-      = s_('ClusterIntegration|Cluster integration is disabled for this project.')
+  %p= s_('ClusterIntegration|Control how your cluster integrates with GitLab')
diff --git a/app/views/projects/clusters/_cluster.html.haml b/app/views/projects/clusters/_cluster.html.haml
index ad696daa259..3943dfc0856 100644
--- a/app/views/projects/clusters/_cluster.html.haml
+++ b/app/views/projects/clusters/_cluster.html.haml
@@ -4,7 +4,7 @@
     .table-mobile-content
       = link_to cluster.name, namespace_project_cluster_path(@project.namespace, @project, cluster)
   .table-section.section-30
-    .table-mobile-header{ role: "rowheader" }= s_("ClusterIntegration|Environment pattern")
+    .table-mobile-header{ role: "rowheader" }= s_("ClusterIntegration|Environment scope")
     .table-mobile-content= cluster.environment_scope
   .table-section.section-30
     .table-mobile-header{ role: "rowheader" }= s_("ClusterIntegration|Project namespace")
diff --git a/app/views/projects/clusters/_enabled.html.haml b/app/views/projects/clusters/_enabled.html.haml
deleted file mode 100644
index 547b3c8446f..00000000000
--- a/app/views/projects/clusters/_enabled.html.haml
+++ /dev/null
@@ -1,17 +0,0 @@
-= form_for @cluster, url: namespace_project_cluster_path(@project.namespace, @project, @cluster), as: :cluster do |field|
-  = form_errors(@cluster)
-  .form-group.append-bottom-20
-    %label.append-bottom-10
-      = field.hidden_field :enabled, { class: 'js-toggle-input'}
-
-      %button{ type: 'button',
-        class: "js-toggle-cluster project-feature-toggle #{'is-checked' unless !@cluster.enabled?} #{'is-disabled' unless can?(current_user, :update_cluster, @cluster)}",
-        "aria-label": s_("ClusterIntegration|Toggle Cluster"),
-        disabled: !can?(current_user, :update_cluster, @cluster) }
-        %span.toggle-icon
-          = sprite_icon('status_success_borderless', size: 16, css_class: 'toggle-icon-svg toggle-status-checked')
-          = sprite_icon('status_failed_borderless', size: 16, css_class: 'toggle-icon-svg toggle-status-unchecked')
-
-    - if can?(current_user, :update_cluster, @cluster)
-      .form-group
-        = field.submit _('Save'), class: 'btn btn-success'
diff --git a/app/views/projects/clusters/_integration_form.html.haml b/app/views/projects/clusters/_integration_form.html.haml
new file mode 100644
index 00000000000..9d593ffc021
--- /dev/null
+++ b/app/views/projects/clusters/_integration_form.html.haml
@@ -0,0 +1,33 @@
+= form_for @cluster, url: namespace_project_cluster_path(@project.namespace, @project, @cluster), as: :cluster do |field|
+  = form_errors(@cluster)
+  .form-group.append-bottom-20
+    %h5= s_('ClusterIntegration|Integration status')
+    %p
+      - if @cluster.enabled?
+        - if can?(current_user, :update_cluster, @cluster)
+          = s_('ClusterIntegration|Cluster integration is enabled for this project. Disabling this integration will not affect your cluster, it will only temporarily turn off GitLab\'s connection to it.')
+        - else
+          = s_('ClusterIntegration|Cluster integration is enabled for this project.')
+      - else
+        = s_('ClusterIntegration|Cluster integration is disabled for this project.')
+    %label.append-bottom-10
+      = field.hidden_field :enabled, { class: 'js-toggle-input'}
+
+      %button{ type: 'button',
+        class: "js-toggle-cluster project-feature-toggle #{'is-checked' unless !@cluster.enabled?} #{'is-disabled' unless can?(current_user, :update_cluster, @cluster)}",
+        "aria-label": s_("ClusterIntegration|Toggle Cluster"),
+        disabled: !can?(current_user, :update_cluster, @cluster) }
+        %span.toggle-icon
+          = sprite_icon('status_success_borderless', size: 16, css_class: 'toggle-icon-svg toggle-status-checked')
+          = sprite_icon('status_failed_borderless', size: 16, css_class: 'toggle-icon-svg toggle-status-unchecked')
+
+  .form-group
+    %h5= s_('ClusterIntegration|Environment scope')
+    %p
+      = s_("ClusterIntegration|Choose which of your project's environments will use this cluster.")
+      = link_to s_("ClusterIntegration|Learn more about environments"), help_page_path('ci/environments')
+    = field.text_field :environment_scope, class: 'form-control js-select-on-focus', readonly: !has_multiple_clusters?(@project), placeholder: s_('ClusterIntegration|Environment scope')
+
+  - if can?(current_user, :update_cluster, @cluster)
+    .form-group
+      = field.submit _('Save changes'), class: 'btn btn-success'
diff --git a/app/views/projects/clusters/gcp/_show.html.haml b/app/views/projects/clusters/gcp/_show.html.haml
index bde85aed341..f3122a1bf47 100644
--- a/app/views/projects/clusters/gcp/_show.html.haml
+++ b/app/views/projects/clusters/gcp/_show.html.haml
@@ -9,10 +9,6 @@
 = form_for @cluster, url: namespace_project_cluster_path(@project.namespace, @project, @cluster), as: :cluster do |field|
   = form_errors(@cluster)
 
-  .form-group
-    = field.label :environment_scope, s_('ClusterIntegration|Environment scope')
-    = field.text_field :environment_scope, class: 'form-control js-select-on-focus', readonly: !has_multiple_clusters?(@project), placeholder: s_('ClusterIntegration|Environment scope')
-
   = field.fields_for :platform_kubernetes, @cluster.platform_kubernetes do |platform_kubernetes_field|
     .form-group
       = platform_kubernetes_field.label :api_url, s_('ClusterIntegration|API URL')
diff --git a/app/views/projects/clusters/index.html.haml b/app/views/projects/clusters/index.html.haml
index bec512be91c..74dbe859eea 100644
--- a/app/views/projects/clusters/index.html.haml
+++ b/app/views/projects/clusters/index.html.haml
@@ -13,7 +13,7 @@
         .table-section.section-30{ role: "rowheader" }
           = s_("ClusterIntegration|Cluster")
         .table-section.section-30{ role: "rowheader" }
-          = s_("ClusterIntegration|Environment pattern")
+          = s_("ClusterIntegration|Environment scope")
         .table-section.section-30{ role: "rowheader" }
           = s_("ClusterIntegration|Project namespace")
         .table-section.section-10{ role: "rowheader" }
diff --git a/app/views/projects/clusters/show.html.haml b/app/views/projects/clusters/show.html.haml
index 0115c64c076..c7c84b5a42c 100644
--- a/app/views/projects/clusters/show.html.haml
+++ b/app/views/projects/clusters/show.html.haml
@@ -18,9 +18,9 @@
   .js-cluster-application-notice
     .flash-container
 
-  %section.settings.no-animate.expanded
+  %section.settings.no-animate.expanded#cluster-integration
     = render 'banner'
-    = render 'enabled'
+    = render 'integration_form'
 
   .cluster-applications-table#js-cluster-applications
 
@@ -41,6 +41,6 @@
       %h4= _('Advanced settings')
       %button.btn.js-settings-toggle
         = expanded ? 'Collapse' : 'Expand'
-      %p= s_('ClusterIntegration|Manage cluster integration on your GitLab project')
+      %p= s_("ClusterIntegration|Advanced options on this cluster's integration")
     .settings-content
       = render 'advanced_settings'
diff --git a/app/views/projects/clusters/user/_show.html.haml b/app/views/projects/clusters/user/_show.html.haml
index 89595bca007..5931e0b7f17 100644
--- a/app/views/projects/clusters/user/_show.html.haml
+++ b/app/views/projects/clusters/user/_show.html.haml
@@ -4,10 +4,6 @@
     = field.label :name, s_('ClusterIntegration|Cluster name')
     = field.text_field :name, class: 'form-control', placeholder: s_('ClusterIntegration|Cluster name')
 
-  .form-group
-    = field.label :environment_scope, s_('ClusterIntegration|Environment scope')
-    = field.text_field :environment_scope, class: 'form-control js-select-on-focus', readonly: !has_multiple_clusters?(@project), placeholder: s_('ClusterIntegration|Environment scope')
-
   = field.fields_for :platform_kubernetes, @cluster.platform_kubernetes do |platform_kubernetes_field|
     .form-group
       = platform_kubernetes_field.label :api_url, s_('ClusterIntegration|API URL')
diff --git a/app/workers/all_queues.yml b/app/workers/all_queues.yml
index 5da0de89d12..50e876b1d19 100644
--- a/app/workers/all_queues.yml
+++ b/app/workers/all_queues.yml
@@ -90,6 +90,7 @@
 - project_service
 - propagate_service_template
 - reactive_caching
+- rebase
 - repository_fork
 - repository_import
 - storage_migrator
diff --git a/app/workers/rebase_worker.rb b/app/workers/rebase_worker.rb
new file mode 100644
index 00000000000..090987778a2
--- /dev/null
+++ b/app/workers/rebase_worker.rb
@@ -0,0 +1,12 @@
+class RebaseWorker
+  include ApplicationWorker
+
+  def perform(merge_request_id, current_user_id)
+    current_user = User.find(current_user_id)
+    merge_request = MergeRequest.find(merge_request_id)
+
+    MergeRequests::RebaseService
+      .new(merge_request.source_project, current_user)
+      .execute(merge_request)
+  end
+end
diff --git a/changelogs/unreleased/40228-verify-integrity-of-repositories.yml b/changelogs/unreleased/40228-verify-integrity-of-repositories.yml
new file mode 100644
index 00000000000..261d48652db
--- /dev/null
+++ b/changelogs/unreleased/40228-verify-integrity-of-repositories.yml
@@ -0,0 +1,5 @@
+---
+title: Fix gitlab-rake gitlab:import:repos import schedule
+merge_request: 15931
+author:
+type: fixed
diff --git a/changelogs/unreleased/40301-rebase.yml b/changelogs/unreleased/40301-rebase.yml
new file mode 100644
index 00000000000..1c0fc0cd8ae
--- /dev/null
+++ b/changelogs/unreleased/40301-rebase.yml
@@ -0,0 +1,5 @@
+---
+title: Allow user to rebase merge requests.
+merge_request:
+author:
+type: added
diff --git a/changelogs/unreleased/40622-use-left-right-and-max-count.yml b/changelogs/unreleased/40622-use-left-right-and-max-count.yml
new file mode 100644
index 00000000000..c4c8f271cbe
--- /dev/null
+++ b/changelogs/unreleased/40622-use-left-right-and-max-count.yml
@@ -0,0 +1,6 @@
+---
+title: Improve the performance for counting diverging commits. Show 999+
+  if it is more than 1000 commits
+merge_request: 15963
+author:
+type: performance
diff --git a/changelogs/unreleased/41056-create-cluster-from-kubernetes-integration-application-template.yml b/changelogs/unreleased/41056-create-cluster-from-kubernetes-integration-application-template.yml
new file mode 100644
index 00000000000..2dd6fc5f1b5
--- /dev/null
+++ b/changelogs/unreleased/41056-create-cluster-from-kubernetes-integration-application-template.yml
@@ -0,0 +1,5 @@
+---
+title: Allow automatic creation of Kubernetes Integration from template
+merge_request: 16104
+author:
+type: added
diff --git a/changelogs/unreleased/ac-autodevopfix-kubectl-version.yml b/changelogs/unreleased/ac-autodevopfix-kubectl-version.yml
new file mode 100644
index 00000000000..0ceeb7ccee1
--- /dev/null
+++ b/changelogs/unreleased/ac-autodevopfix-kubectl-version.yml
@@ -0,0 +1,5 @@
+---
+title: Force Auto DevOps kubectl version to 1.8.6
+merge_request: 16218
+author:
+type: fixed
diff --git a/changelogs/unreleased/api-domains-expose-project_id.yml b/changelogs/unreleased/api-domains-expose-project_id.yml
new file mode 100644
index 00000000000..22617ffe9b5
--- /dev/null
+++ b/changelogs/unreleased/api-domains-expose-project_id.yml
@@ -0,0 +1,5 @@
+---
+title: Expose project_id on /api/v4/pages/domains
+merge_request: 16200
+author: Luc Didry
+type: changed
diff --git a/changelogs/unreleased/feature-api_runners_online.yml b/changelogs/unreleased/feature-api_runners_online.yml
new file mode 100644
index 00000000000..08f4dd16f28
--- /dev/null
+++ b/changelogs/unreleased/feature-api_runners_online.yml
@@ -0,0 +1,5 @@
+---
+title: Add online and status attribute to runner api entity
+merge_request: 11750
+author:
+type: added
diff --git a/changelogs/unreleased/issues-40986-get-participants-from-issues-mr-api.yml b/changelogs/unreleased/issues-40986-get-participants-from-issues-mr-api.yml
new file mode 100644
index 00000000000..4cac87b0cdb
--- /dev/null
+++ b/changelogs/unreleased/issues-40986-get-participants-from-issues-mr-api.yml
@@ -0,0 +1,5 @@
+---
+title: 'API: get participants from merge_requests & issues'
+merge_request: 16187
+author: Brent Greeff
+type: added
diff --git a/changelogs/unreleased/jivl-fix-import-project-url-bug.yml b/changelogs/unreleased/jivl-fix-import-project-url-bug.yml
new file mode 100644
index 00000000000..0d97b9c9a53
--- /dev/null
+++ b/changelogs/unreleased/jivl-fix-import-project-url-bug.yml
@@ -0,0 +1,5 @@
+---
+title: Fix import project url not updating project name
+merge_request: 16120
+author:
+type: fixed
diff --git a/changelogs/unreleased/ldap_username_attributes.yml b/changelogs/unreleased/ldap_username_attributes.yml
new file mode 100644
index 00000000000..89bbca58fc9
--- /dev/null
+++ b/changelogs/unreleased/ldap_username_attributes.yml
@@ -0,0 +1,5 @@
+---
+title: Modify `LDAP::Person` to return username value based on attributes
+merge_request:
+author:
+type: fixed
diff --git a/changelogs/unreleased/update-redis-rack.yml b/changelogs/unreleased/update-redis-rack.yml
new file mode 100644
index 00000000000..6e2e6e203b8
--- /dev/null
+++ b/changelogs/unreleased/update-redis-rack.yml
@@ -0,0 +1,5 @@
+---
+title: Update redis-rack to 2.0.4
+merge_request:
+author:
+type: other
diff --git a/changelogs/unreleased/winh-modal-target-id.yml b/changelogs/unreleased/winh-modal-target-id.yml
new file mode 100644
index 00000000000..f8d5b72be50
--- /dev/null
+++ b/changelogs/unreleased/winh-modal-target-id.yml
@@ -0,0 +1,5 @@
+---
+title: Add id to modal.vue to support data-toggle="modal"
+merge_request: 16189
+author:
+type: other
diff --git a/config/routes/project.rb b/config/routes/project.rb
index c3ad53a387f..1354c4c5537 100644
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -96,6 +96,7 @@ constraints(ProjectUrlConstrainer.new) do
           post :toggle_subscription
           post :remove_wip
           post :assign_related_issues
+          post :rebase
 
           scope constraints: { format: nil }, action: :show do
             get :commits, defaults: { tab: 'commits' }
diff --git a/db/migrate/20171230123729_add_rebase_commit_sha_to_merge_requests.rb b/db/migrate/20171230123729_add_rebase_commit_sha_to_merge_requests.rb
new file mode 100644
index 00000000000..2ce156fa92e
--- /dev/null
+++ b/db/migrate/20171230123729_add_rebase_commit_sha_to_merge_requests.rb
@@ -0,0 +1,7 @@
+class AddRebaseCommitShaToMergeRequests < ActiveRecord::Migration
+  DOWNTIME = false
+
+  def change
+    add_column :merge_requests, :rebase_commit_sha, :string
+  end
+end
diff --git a/db/post_migrate/20171221140220_schedule_issues_closed_at_type_change.rb b/db/post_migrate/20171221140220_schedule_issues_closed_at_type_change.rb
index be18c5866ae..eeecc7b1de0 100644
--- a/db/post_migrate/20171221140220_schedule_issues_closed_at_type_change.rb
+++ b/db/post_migrate/20171221140220_schedule_issues_closed_at_type_change.rb
@@ -1,6 +1,6 @@
 # See http://doc.gitlab.com/ce/development/migration_style_guide.html
 # for more information on how to write migrations for GitLab.
-
+# rubocop:disable Migration/Datetime
 class ScheduleIssuesClosedAtTypeChange < ActiveRecord::Migration
   include Gitlab::Database::MigrationHelpers
 
diff --git a/db/schema.rb b/db/schema.rb
index 778d66f16b0..740e80ccfd4 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20171229225929) do
+ActiveRecord::Schema.define(version: 20171230123729) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -1099,6 +1099,7 @@ ActiveRecord::Schema.define(version: 20171229225929) do
     t.string "merge_jid"
     t.boolean "discussion_locked"
     t.integer "latest_merge_request_diff_id"
+    t.string "rebase_commit_sha"
   end
 
   add_index "merge_requests", ["assignee_id"], name: "index_merge_requests_on_assignee_id", using: :btree
diff --git a/doc/administration/raketasks/check.md b/doc/administration/raketasks/check.md
index c8b5434c068..c39cb49b1c6 100644
--- a/doc/administration/raketasks/check.md
+++ b/doc/administration/raketasks/check.md
@@ -28,19 +28,25 @@ exactly which repositories are causing the trouble.
 
 ### Check all GitLab repositories
 
+>**Note:**
+>
+>  - `gitlab:repo:check` has been deprecated in favor of `gitlab:git:fsck`
+>  - [Deprecated][ce-15931] in GitLab 10.4.
+>  - `gitlab:repo:check` will be removed in the future. [Removal issue][ce-41699]
+
 This task loops through all repositories on the GitLab server and runs the
 3 integrity checks described previously.
 
 **Omnibus Installation**
 
 ```
-sudo gitlab-rake gitlab:repo:check
+sudo gitlab-rake gitlab:git:fsck
 ```
 
 **Source Installation**
 
 ```bash
-sudo -u git -H bundle exec rake gitlab:repo:check RAILS_ENV=production
+sudo -u git -H bundle exec rake gitlab:git:fsck RAILS_ENV=production
 ```
 
 ### Check repositories for a specific user
@@ -76,3 +82,6 @@ The LDAP check Rake task will test the bind_dn and password credentials
 (if configured) and will list a sample of LDAP users. This task is also
 executed as part of the `gitlab:check` task, but can run independently.
 See [LDAP Rake Tasks - LDAP Check](ldap.md#check) for details.
+
+[ce-15931]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15931
+[ce-41699]: https://gitlab.com/gitlab-org/gitlab-ce/issues/41699
diff --git a/doc/api/boards.md b/doc/api/boards.md
index 69c47abc806..246de50323e 100644
--- a/doc/api/boards.md
+++ b/doc/api/boards.md
@@ -15,10 +15,10 @@ GET /projects/:id/boards
 
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
-| `id`   | integer/string  | yes    | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
+| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
 
 ```bash
-curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/boards
+curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards
 ```
 
 Example response:
@@ -27,6 +27,19 @@ Example response:
 [
   {
     "id" : 1,
+    "project": {
+      "id": 5,
+      "name": "Diaspora Project Site",
+      "name_with_namespace": "Diaspora / Diaspora Project Site",
+      "path": "diaspora-project-site",
+      "path_with_namespace": "diaspora/diaspora-project-site",
+      "http_url_to_repo": "http://example.com/diaspora/diaspora-project-site.git",
+      "web_url": "http://example.com/diaspora/diaspora-project-site"
+    },
+    "milestone":   {
+      "id": 12
+      "title": "10.0"
+    },
     "lists" : [
       {
         "id" : 1,
@@ -60,6 +73,74 @@ Example response:
 ]
 ```
 
+## Single board
+
+Get a single board.
+
+```
+GET /projects/:id/boards/:board_id
+```
+
+| Attribute | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
+| `board_id` | integer | yes | The ID of a board |
+
+```bash
+curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1
+```
+
+Example response:
+
+```json
+  {
+    "id": 1,
+    "name:": "project issue board",
+    "project": {
+      "id": 5,
+      "name": "Diaspora Project Site",
+      "name_with_namespace": "Diaspora / Diaspora Project Site",
+      "path": "diaspora-project-site",
+      "path_with_namespace": "diaspora/diaspora-project-site",
+      "http_url_to_repo": "http://example.com/diaspora/diaspora-project-site.git",
+      "web_url": "http://example.com/diaspora/diaspora-project-site"
+    },
+    "milestone":   {
+      "id": 12
+      "title": "10.0"
+    },
+    "lists" : [
+      {
+        "id" : 1,
+        "label" : {
+          "name" : "Testing",
+          "color" : "#F0AD4E",
+          "description" : null
+        },
+        "position" : 1
+      },
+      {
+        "id" : 2,
+        "label" : {
+          "name" : "Ready",
+          "color" : "#FF0000",
+          "description" : null
+        },
+        "position" : 2
+      },
+      {
+        "id" : 3,
+        "label" : {
+          "name" : "Production",
+          "color" : "#FF5F00",
+          "description" : null
+        },
+        "position" : 3
+      }
+    ]
+  }
+```
+
 ## List board lists
 
 Get a list of the board's lists.
@@ -71,8 +152,8 @@ GET /projects/:id/boards/:board_id/lists
 
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
-| `id`   | integer/string  | yes    | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
-| `board_id`   | integer  | yes    | The ID of a board |
+| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
+| `board_id` | integer | yes | The ID of a board |
 
 ```bash
 curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1/lists
@@ -122,9 +203,9 @@ GET /projects/:id/boards/:board_id/lists/:list_id
 
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
-| `id`      | integer/string | yes   | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
-| `board_id`   | integer  | yes    | The ID of a board |
-| `list_id`| integer | yes   | The ID of a board's list |
+| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
+| `board_id` | integer | yes | The ID of a board |
+| `list_id`| integer | yes | The ID of a board's list |
 
 ```bash
 curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1/lists/1
@@ -154,9 +235,9 @@ POST /projects/:id/boards/:board_id/lists
 
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
-| `id`            | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
-| `board_id`   | integer  | yes    | The ID of a board |
-| `label_id`         | integer  | yes | The ID of a label |
+| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
+| `board_id` | integer | yes | The ID of a board |
+| `label_id` | integer | yes | The ID of a label |
 
 ```bash
 curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1/lists?label_id=5
@@ -186,10 +267,10 @@ PUT /projects/:id/boards/:board_id/lists/:list_id
 
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
-| `id`            | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
-| `board_id`   | integer  | yes    | The ID of a board |
-| `list_id`      | integer | yes | The ID of a board's list |
-| `position`         | integer  | yes  | The position of the list |
+| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
+| `board_id` | integer | yes | The ID of a board |
+| `list_id` | integer | yes | The ID of a board's list |
+| `position` | integer | yes | The position of the list |
 
 ```bash
 curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1/lists/1?position=2
@@ -219,9 +300,9 @@ DELETE /projects/:id/boards/:board_id/lists/:list_id
 
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
-| `id`            | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
-| `board_id`   | integer  | yes    | The ID of a board |
-| `list_id`      | integer | yes | The ID of a board's list |
+| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
+| `board_id` | integer | yes | The ID of a board |
+| `list_id` | integer | yes | The ID of a board's list |
 
 ```bash
 curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1/lists/1
diff --git a/doc/api/issues.md b/doc/api/issues.md
index d2fefbe68aa..da89db17cd9 100644
--- a/doc/api/issues.md
+++ b/doc/api/issues.md
@@ -1124,6 +1124,45 @@ Example response:
 ```
 
 
+## Participants on issues
+
+```
+GET /projects/:id/issues/:issue_iid/participants
+```
+
+| Attribute   | Type    | Required | Description                          |
+|-------------|---------|----------|--------------------------------------|
+| `id`        | integer/string | yes      | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user  |
+| `issue_iid` | integer | yes      | The internal ID of a project's issue |
+
+```bash
+curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/participants
+```
+
+Example response:
+
+```json
+[
+  {
+    "id": 1,
+    "name": "John Doe1",
+    "username": "user1",
+    "state": "active",
+    "avatar_url": "http://www.gravatar.com/avatar/c922747a93b40d1ea88262bf1aebee62?s=80&d=identicon",
+    "web_url": "http://localhost/user1"
+  },
+  {
+    "id": 5,
+    "name": "John Doe5",
+    "username": "user5",
+    "state": "active",
+    "avatar_url": "http://www.gravatar.com/avatar/4aea8cf834ed91844a2da4ff7ae6b491?s=80&d=identicon",
+    "web_url": "http://localhost/user5"
+  }
+]
+```
+
+
 ## Comments on issues
 
 Comments are done via the [notes](notes.md) resource.
diff --git a/doc/api/merge_requests.md b/doc/api/merge_requests.md
index 4d3592e8f71..24afcef9a31 100644
--- a/doc/api/merge_requests.md
+++ b/doc/api/merge_requests.md
@@ -308,6 +308,41 @@ Parameters:
 }
 ```
 
+## Get single MR participants
+
+Get a list of merge request participants.
+
+```
+GET /projects/:id/merge_requests/:merge_request_iid/participants
+```
+
+Parameters:
+
+- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user
+- `merge_request_iid` (required) - The internal ID of the merge request
+
+
+```json
+[
+  {
+    "id": 1,
+    "name": "John Doe1",
+    "username": "user1",
+    "state": "active",
+    "avatar_url": "http://www.gravatar.com/avatar/c922747a93b40d1ea88262bf1aebee62?s=80&d=identicon",
+    "web_url": "http://localhost/user1"
+  },
+  {
+    "id": 2,
+    "name": "John Doe2",
+    "username": "user2",
+    "state": "active",
+    "avatar_url": "http://www.gravatar.com/avatar/10fc7f102be8de7657fb4d80898bbfe3?s=80&d=identicon",
+    "web_url": "http://localhost/user2"
+  },
+]
+```
+
 ## Get single MR commits
 
 Get a list of merge request commits.
diff --git a/doc/api/pages_domains.md b/doc/api/pages_domains.md
index 50685f335f7..20275b902c6 100644
--- a/doc/api/pages_domains.md
+++ b/doc/api/pages_domains.md
@@ -21,6 +21,7 @@ curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/a
   {
     "domain": "ssl.domain.example",
     "url": "https://ssl.domain.example",
+    "project_id": 1337,
     "certificate": {
       "expired": false,
       "expiration": "2020-04-12T14:32:00.000Z"
diff --git a/doc/api/runners.md b/doc/api/runners.md
index 015b09a745e..7495c6cdedb 100644
--- a/doc/api/runners.md
+++ b/doc/api/runners.md
@@ -30,14 +30,18 @@ Example response:
         "description": "test-1-20150125",
         "id": 6,
         "is_shared": false,
-        "name": null
+        "name": null,
+        "online": true,
+        "status": "online"
     },
     {
         "active": true,
         "description": "test-2-20150125",
         "id": 8,
         "is_shared": false,
-        "name": null
+        "name": null,
+        "online": false,
+        "status": "offline"
     }
 ]
 ```
@@ -69,28 +73,36 @@ Example response:
         "description": "shared-runner-1",
         "id": 1,
         "is_shared": true,
-        "name": null
+        "name": null,
+        "online": true,
+        "status": "online"
     },
     {
         "active": true,
         "description": "shared-runner-2",
         "id": 3,
         "is_shared": true,
-        "name": null
+        "name": null,
+        "online": false
+        "status": "offline"
     },
     {
         "active": true,
         "description": "test-1-20150125",
         "id": 6,
         "is_shared": false,
-        "name": null
+        "name": null,
+        "online": true
+        "status": "paused"
     },
     {
         "active": true,
         "description": "test-2-20150125",
         "id": 8,
         "is_shared": false,
-        "name": null
+        "name": null,
+        "online": false,
+        "status": "offline"
     }
 ]
 ```
@@ -122,6 +134,8 @@ Example response:
     "is_shared": false,
     "contacted_at": "2016-01-25T16:39:48.066Z",
     "name": null,
+    "online": true,
+    "status": "online",
     "platform": null,
     "projects": [
         {
@@ -176,6 +190,8 @@ Example response:
     "is_shared": false,
     "contacted_at": "2016-01-25T16:39:48.066Z",
     "name": null,
+    "online": true,
+    "status": "online",
     "platform": null,
     "projects": [
         {
@@ -327,14 +343,18 @@ Example response:
         "description": "test-2-20150125",
         "id": 8,
         "is_shared": false,
-        "name": null
+        "name": null,
+        "online": false,
+        "status": "offline"
     },
     {
         "active": true,
         "description": "development_runner",
         "id": 5,
         "is_shared": true,
-        "name": null
+        "name": null,
+        "online": true
+        "status": "paused"
     }
 ]
 ```
@@ -364,7 +384,9 @@ Example response:
     "description": "test-2016-02-01",
     "id": 9,
     "is_shared": false,
-    "name": null
+    "name": null,
+    "online": true,
+    "status": "online"
 }
 ```
 
diff --git a/doc/api/settings.md b/doc/api/settings.md
index 0e4758cda2d..0b5b1f0c134 100644
--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@@ -69,7 +69,7 @@ PUT /application/settings
 | `after_sign_up_text`                     | string           | no                                            | Text shown to the user after signing up                                                                                                                                                                                                                                                                                                                                                                                                                   |
 | `akismet_api_key`                        | string           | no                                            | API key for akismet spam protection                                                                                                                                                                                                                                                                                                                                                                                                                       |
 | `akismet_enabled`                        | boolean          | no                                            | Enable or disable akismet spam protection                                                                                                                                                                                                                                                                                                                                                                                                                 |
-| `circuitbreaker_access_retries           | integer          | no                                            | The number of attempts GitLab will make to access a storage.                                                                                                                                                                                                                                                                                                                                                                                              |
+| `circuitbreaker_access_retries`          | integer          | no                                            | The number of attempts GitLab will make to access a storage.                                                                                                                                                                                                                                                                                                                                                                                              |
 | `circuitbreaker_check_interval`          | integer          | no                                            | Number of seconds in between storage checks.                                                                                                                                                                                                                                                                                                                                                                                                              |
 | `circuitbreaker_failure_count_threshold` | integer          | no                                            | The number of failures of after which GitLab will completely prevent access to the storage.                                                                                                                                                                                                                                                                                                                                                               |
 | `circuitbreaker_failure_reset_time`      | integer          | no                                            | Time in seconds GitLab will keep storage failure information. When no failures occur during this time, the failure information is reset.                                                                                                                                                                                                                                                                                                                  |
diff --git a/doc/development/gitaly.md b/doc/development/gitaly.md
index ca2048c7019..26abf967dcf 100644
--- a/doc/development/gitaly.md
+++ b/doc/development/gitaly.md
@@ -97,6 +97,29 @@ describe 'Gitaly Request count tests' do
 end
 ```
 
+## Running tests with a locally modified version of Gitaly
+
+Normally, gitlab-ce/ee tests use a local clone of Gitaly in `tmp/tests/gitaly`
+pinned at the version specified in GITALY_SERVER_VERSION. If you want
+to run tests locally against a modified version of Gitaly you can
+replace `tmp/tests/gitaly` with a symlink.
+
+```shell
+rm -rf tmp/tests/gitaly
+ln -s /path/to/gitaly tmp/tests/gitaly
+```
+
+Make sure you run `make` in your local Gitaly directory before running
+tests. Otherwise, Gitaly will fail to boot.
+
+If you make changes to your local Gitaly in between test runs you need
+to manually run `make` again.
+
+Note that CI tests will not use your locally modified version of
+Gitaly. To use a custom Gitaly version in CI you need to update
+GITALY_SERVER_VERSION. You can use the format `=revision` to use a
+non-tagged commit from https://gitlab.com/gitlab-org/gitaly in CI.
+
 ---
 
 [Return to Development documentation](README.md)
diff --git a/doc/development/testing_guide/end_to_end_tests.md b/doc/development/testing_guide/end_to_end_tests.md
new file mode 100644
index 00000000000..abe5b06e0f0
--- /dev/null
+++ b/doc/development/testing_guide/end_to_end_tests.md
@@ -0,0 +1,80 @@
+# End-to-End Testing
+
+## What is End-to-End testing?
+
+End-to-End testing is a strategy used to check whether your application works
+as expected across entire software stack and architecture, including
+integration of all microservices and components that are supposed to work
+together.
+
+## How do we test GitLab?
+
+We use [Omnibus GitLab][omnibus-gitlab] to build GitLab packages and then we
+test these packages using [GitLab QA][gitlab-qa] project, which is entirely
+black-box, click-driven testing framework.
+
+### Testing nightly builds
+
+We run scheduled pipeline each night to test nightly builds created by Omnibus.
+You can find these nightly pipelines at [GitLab QA pipelines page][gitlab-qa-pipelines].
+
+### Testing code in merge requests
+
+It is possible to run end-to-end tests (eventually being run within a
+[GitLab QA pipeline][gitlab-qa-pipelines]) for a merge request by triggering
+the `package-qa` manual action, that should be present in a merge request
+widget.
+
+Mmanual action that starts end-to-end tests is also available in merge requests
+in Omnibus GitLab project.
+
+Below you can read more about how to use it and how does it work.
+
+#### How does it work?
+
+Currently, we are using _multi-project pipeline_-like approach to run QA
+pipelines.
+
+1. Developer triggers a manual action, that can be found in CE and EE merge
+requests. This starts a chain of pipelines in multiple projects.
+
+1. The script being executed triggers a pipeline in GitLab Omnibus and waits
+for the resulting status. We call this a _status attribution_.
+
+1. GitLab packages are being built in Omnibus pipeline. Packages are going to be
+pushed to Container Registry.
+
+1. When packages are ready, and available in the registry, a final step in the
+pipeline, that is now running in Omnibus, triggers a new pipeline in the GitLab
+QA project. It also waits for a resulting status.
+
+1. GitLab QA pulls images from the registry, spins-up containers and runs tests
+against a test environment that has been just orchestrated by the `gitlab-qa`
+tool.
+
+1. The result of the GitLab QA pipeline is being propagated upstream, through
+Omnibus, back to CE / EE merge request.
+
+#### How do I write tests?
+
+In order to write new tests, you first need to learn more about GitLab QA
+architecture. See the [documentation about it][gitlab-qa-architecture] in
+GitLab QA project.
+
+Once you decided where to put test environment orchestration scenarios and
+instance specs, take a look at the [relevant documentation][instance-qa-readme]
+and examples in [the `qa/` directory][instance-qa-examples].
+
+## Where can I ask for help?
+
+You can ask question in the `#qa` channel on Slack (GitLab internal) or you can
+find an issue you would like to work on in [the issue tracker][gitlab-qa-issues]
+and start a new discussion there.
+
+[omnibus-gitlab]: https://gitlab.com/gitlab-org/omnibus-gitlab
+[gitlab-qa]: https://gitlab.com/gitlab-org/gitlab-qa
+[gitlab-qa-pipelines]: https://gitlab.com/gitlab-org/gitlab-qa/pipelines
+[gitlab-qa-architecture]: https://gitlab.com/gitlab-org/gitlab-qa/blob/master/docs/architecture.md
+[gitlab-qa-issues]: https://gitlab.com/gitlab-org/gitlab-qa/issues
+[instance-qa-readme]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/qa/README.md
+[instance-qa-examples]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/qa/qa
diff --git a/doc/development/testing_guide/index.md b/doc/development/testing_guide/index.md
index 65386f231a0..74d09eb91ff 100644
--- a/doc/development/testing_guide/index.md
+++ b/doc/development/testing_guide/index.md
@@ -65,6 +65,13 @@ Everything you should know about how to test Rake tasks.
 
 ---
 
+## [End-to-end tests](end_to_end_tests.md)
+
+Everything you should know about how to run end-to-end tests using
+[GitLab QA][gitlab-qa] testing framework.
+
+---
+
 ## Spinach (feature) tests
 
 GitLab [moved from Cucumber to Spinach](https://github.com/gitlabhq/gitlabhq/pull/1426)
@@ -89,3 +96,4 @@ test should be re-implemented using RSpec instead.
 [Capybara]: https://github.com/teamcapybara/capybara
 [Karma]: http://karma-runner.github.io/
 [Jasmine]: https://jasmine.github.io/
+[gitlab-qa]: https://gitlab.com/gitlab-org/gitlab-qa
diff --git a/doc/development/testing_guide/testing_levels.md b/doc/development/testing_guide/testing_levels.md
index 1cbd4350284..4adf0dc7c7a 100644
--- a/doc/development/testing_guide/testing_levels.md
+++ b/doc/development/testing_guide/testing_levels.md
@@ -121,6 +121,9 @@ running feature tests (i.e. using Capybara) against it.
 The actual test scenarios and steps are [part of GitLab Rails] so that they're
 always in-sync with the codebase.
 
+Read a separate document about [end-to-end tests](end_to_end_tests.md) to
+learn more.
+
 [multiple pieces]: ../architecture.md#components
 [GitLab Shell]: https://gitlab.com/gitlab-org/gitlab-shell
 [GitLab Workhorse]: https://gitlab.com/gitlab-org/gitlab-workhorse
diff --git a/doc/user/project/merge_requests/fast_forward_merge.md b/doc/user/project/merge_requests/fast_forward_merge.md
index 085170d9f03..3cd91a185e3 100644
--- a/doc/user/project/merge_requests/fast_forward_merge.md
+++ b/doc/user/project/merge_requests/fast_forward_merge.md
@@ -9,7 +9,7 @@ When the fast-forward merge ([`--ff-only`][ffonly]) setting is enabled, no merge
 commits will be created and all merges are fast-forwarded, which means that
 merging is only allowed if the branch could be fast-forwarded.
 
-When a fast-forward merge is not possible, the user must rebase the branch manually.
+When a fast-forward merge is not possible, the user is given the option to rebase.
 
 ## Use cases
 
@@ -25,7 +25,7 @@ merge commits. In such cases, the fast-forward merge is the perfect candidate.
 Now, when you visit the merge request page, you will be able to accept it
 **only if a fast-forward merge is possible**.
 
-![Fast forward merge request](img/ff_merge_mr.png)
+![Fast forward merge request](img/ff_merge_rebase.png)
 
 If the target branch is ahead of the source branch, you need to rebase the
 source branch locally before you will be able to do a fast-forward merge.
diff --git a/doc/user/project/merge_requests/img/ff_merge_mr.png b/doc/user/project/merge_requests/img/ff_merge_mr.png
deleted file mode 100644
index 241cc990343..00000000000
--- a/doc/user/project/merge_requests/img/ff_merge_mr.png
+++ /dev/null
diff --git a/doc/user/project/merge_requests/img/ff_merge_rebase.png b/doc/user/project/merge_requests/img/ff_merge_rebase.png
new file mode 100644
index 00000000000..f6139f189ce
--- /dev/null
+++ b/doc/user/project/merge_requests/img/ff_merge_rebase.png
diff --git a/features/project/ff_merge_requests.feature b/features/project/ff_merge_requests.feature
index 995e52f9332..39035d551d1 100644
--- a/features/project/ff_merge_requests.feature
+++ b/features/project/ff_merge_requests.feature
@@ -22,3 +22,20 @@ Feature: Project Ff Merge Requests
     Then I should see ff-only merge button
     When I accept this merge request
     Then I should see merged request
+
+  @javascript
+  Scenario: I do rebase before ff-only merge
+    Given ff merge enabled
+    And rebase before merge enabled
+    When I visit merge request page "Bug NS-05"
+    Then I should see rebase button
+    When I press rebase button
+    Then I should see rebase in progress message
+
+  @javascript
+  Scenario: I do rebase before regular merge
+    Given rebase before merge enabled
+    When I visit merge request page "Bug NS-05"
+    Then I should see rebase button
+    When I press rebase button
+    Then I should see rebase in progress message
diff --git a/features/steps/project/ff_merge_requests.rb b/features/steps/project/ff_merge_requests.rb
index d68fe71e16e..27efcfd65b6 100644
--- a/features/steps/project/ff_merge_requests.rb
+++ b/features/steps/project/ff_merge_requests.rb
@@ -17,6 +17,10 @@ class Spinach::Features::ProjectFfMergeRequests < Spinach::FeatureSteps
            author: project.users.first)
   end
 
+  step 'merge request is mergeable' do
+    expect(page).to have_button 'Merge'
+  end
+
   step 'I should see ff-only merge button' do
     expect(page).to have_content "Fast-forward merge without a merge commit"
     expect(page).to have_button 'Merge'
@@ -45,6 +49,10 @@ class Spinach::Features::ProjectFfMergeRequests < Spinach::FeatureSteps
     project.save!
   end
 
+  step 'I should see rebase button' do
+    expect(page).to have_button "Rebase"
+  end
+
   step 'merge request "Bug NS-05" is rebased' do
     merge_request.source_branch = 'flatten-dir'
     merge_request.target_branch = 'improve/awesome'
@@ -59,6 +67,20 @@ class Spinach::Features::ProjectFfMergeRequests < Spinach::FeatureSteps
     merge_request.save!
   end
 
+  step 'rebase before merge enabled' do
+    project = merge_request.target_project
+    project.merge_requests_rebase_enabled = true
+    project.save!
+  end
+
+  step 'I press rebase button' do
+    click_button "Rebase"
+  end
+
+  step "I should see rebase in progress message" do
+    expect(page).to have_content("Rebase in progress")
+  end
+
   def merge_request
     @merge_request ||= MergeRequest.find_by!(title: "Bug NS-05")
   end
diff --git a/lib/api/api.rb b/lib/api/api.rb
index 8094597d238..e0d14281c96 100644
--- a/lib/api/api.rb
+++ b/lib/api/api.rb
@@ -119,6 +119,7 @@ module API
     mount ::API::Features
     mount ::API::Files
     mount ::API::Groups
+    mount ::API::GroupMilestones
     mount ::API::Internal
     mount ::API::Issues
     mount ::API::Jobs
@@ -129,8 +130,6 @@ module API
     mount ::API::Members
     mount ::API::MergeRequestDiffs
     mount ::API::MergeRequests
-    mount ::API::ProjectMilestones
-    mount ::API::GroupMilestones
     mount ::API::Namespaces
     mount ::API::Notes
     mount ::API::NotificationSettings
@@ -139,6 +138,7 @@ module API
     mount ::API::PipelineSchedules
     mount ::API::ProjectHooks
     mount ::API::Projects
+    mount ::API::ProjectMilestones
     mount ::API::ProjectSnippets
     mount ::API::ProtectedBranches
     mount ::API::Repositories
diff --git a/lib/api/boards.rb b/lib/api/boards.rb
index 366b0dc9a6f..6c706b2b4e1 100644
--- a/lib/api/boards.rb
+++ b/lib/api/boards.rb
@@ -1,45 +1,46 @@
 module API
   class Boards < Grape::API
+    include BoardsResponses
     include PaginationParams
 
     before { authenticate! }
 
+    helpers do
+      def board_parent
+        user_project
+      end
+    end
+
     params do
       requires :id, type: String, desc: 'The ID of a project'
     end
     resource :projects, requirements: API::PROJECT_ENDPOINT_REQUIREMENTS do
-      desc 'Get all project boards' do
-        detail 'This feature was introduced in 8.13'
-        success Entities::Board
-      end
-      params do
-        use :pagination
-      end
-      get ':id/boards' do
-        authorize!(:read_board, user_project)
-        present paginate(user_project.boards), with: Entities::Board
+      segment ':id/boards' do
+        desc 'Get all project boards' do
+          detail 'This feature was introduced in 8.13'
+          success Entities::Board
+        end
+        params do
+          use :pagination
+        end
+        get '/' do
+          authorize!(:read_board, user_project)
+          present paginate(board_parent.boards), with: Entities::Board
+        end
+
+        desc 'Find a project board' do
+          detail 'This feature was introduced in 10.4'
+          success Entities::Board
+        end
+        get '/:board_id' do
+          present board, with: Entities::Board
+        end
       end
 
       params do
         requires :board_id, type: Integer, desc: 'The ID of a board'
       end
       segment ':id/boards/:board_id' do
-        helpers do
-          def project_board
-            board = user_project.boards.first
-
-            if params[:board_id] == board.id
-              board
-            else
-              not_found!('Board')
-            end
-          end
-
-          def board_lists
-            project_board.lists.destroyable
-          end
-        end
-
         desc 'Get the lists of a project board' do
           detail 'Does not include `done` list. This feature was introduced in 8.13'
           success Entities::List
@@ -72,22 +73,13 @@ module API
           requires :label_id, type: Integer, desc: 'The ID of an existing label'
         end
         post '/lists' do
-          unless available_labels.exists?(params[:label_id])
+          unless available_labels_for(user_project).exists?(params[:label_id])
             render_api_error!({ error: 'Label not found!' }, 400)
           end
 
           authorize!(:admin_list, user_project)
 
-          service = ::Boards::Lists::CreateService.new(user_project, current_user,
-            { label_id: params[:label_id] })
-
-          list = service.execute(project_board)
-
-          if list.valid?
-            present list, with: Entities::List
-          else
-            render_validation_error!(list)
-          end
+          create_list
         end
 
         desc 'Moves a board list to a new position' do
@@ -99,18 +91,11 @@ module API
           requires :position, type: Integer, desc: 'The position of the list'
         end
         put '/lists/:list_id' do
-          list = project_board.lists.movable.find(params[:list_id])
+          list = board_lists.find(params[:list_id])
 
           authorize!(:admin_list, user_project)
 
-          service = ::Boards::Lists::MoveService.new(user_project, current_user,
-              { position: params[:position] })
-
-          if service.execute(list)
-            present list, with: Entities::List
-          else
-            render_api_error!({ error: "List could not be moved!" }, 400)
-          end
+          move_list(list)
         end
 
         desc 'Delete a board list' do
@@ -124,12 +109,7 @@ module API
           authorize!(:admin_list, user_project)
           list = board_lists.find(params[:list_id])
 
-          destroy_conditionally!(list) do |list|
-            service = ::Boards::Lists::DestroyService.new(user_project, current_user)
-            unless service.execute(list)
-              render_api_error!({ error: 'List could not be deleted!' }, 400)
-            end
-          end
+          destroy_list(list)
         end
       end
     end
diff --git a/lib/api/boards_responses.rb b/lib/api/boards_responses.rb
new file mode 100644
index 00000000000..ead0943a74d
--- /dev/null
+++ b/lib/api/boards_responses.rb
@@ -0,0 +1,50 @@
+module API
+  module BoardsResponses
+    extend ActiveSupport::Concern
+
+    included do
+      helpers do
+        def board
+          board_parent.boards.find(params[:board_id])
+        end
+
+        def board_lists
+          board.lists.destroyable
+        end
+
+        def create_list
+          create_list_service =
+            ::Boards::Lists::CreateService.new(board_parent, current_user, { label_id: params[:label_id] })
+
+          list = create_list_service.execute(board)
+
+          if list.valid?
+            present list, with: Entities::List
+          else
+            render_validation_error!(list)
+          end
+        end
+
+        def move_list(list)
+          move_list_service =
+            ::Boards::Lists::MoveService.new(board_parent, current_user, { position: params[:position].to_i })
+
+          if move_list_service.execute(list)
+            present list, with: Entities::List
+          else
+            render_api_error!({ error: "List could not be moved!" }, 400)
+          end
+        end
+
+        def destroy_list(list)
+          destroy_conditionally!(list) do |list|
+            service = ::Boards::Lists::DestroyService.new(board_parent, current_user)
+            unless service.execute(list)
+              render_api_error!({ error: 'List could not be deleted!' }, 400)
+            end
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 4ad4a1f7867..bd0c54a1b04 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -791,6 +791,8 @@ module API
 
     class Board < Grape::Entity
       expose :id
+      expose :project, using: Entities::BasicProjectDetails
+
       expose :lists, using: Entities::List do |board|
         board.lists.destroyable
       end
@@ -862,6 +864,8 @@ module API
       expose :active
       expose :is_shared
       expose :name
+      expose :online?, as: :online
+      expose :status
     end
 
     class RunnerDetails < Runner
@@ -1133,6 +1137,7 @@ module API
     class PagesDomainBasic < Grape::Entity
       expose :domain
       expose :url
+      expose :project_id
       expose :certificate,
         as: :certificate_expiration,
         if: ->(pages_domain, _) { pages_domain.certificate? },
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 8ad4b2ecbf3..bf388163ec8 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -74,8 +74,15 @@ module API
       page || not_found!('Wiki Page')
     end
 
-    def available_labels
-      @available_labels ||= LabelsFinder.new(current_user, project_id: user_project.id).execute
+    def available_labels_for(label_parent)
+      search_params =
+        if label_parent.is_a?(Project)
+          { project_id: label_parent.id }
+        else
+          { group_id: label_parent.id, only_group_labels: true }
+        end
+
+      LabelsFinder.new(current_user, search_params).execute
     end
 
     def find_user(id)
@@ -141,7 +148,9 @@ module API
     end
 
     def find_project_label(id)
-      label = available_labels.find_by_id(id) || available_labels.find_by_title(id)
+      labels = available_labels_for(user_project)
+      label = labels.find_by_id(id) || labels.find_by_title(id)
+
       label || not_found!('Label')
     end
 
diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index b29c5848aef..7aa10631d53 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -277,6 +277,19 @@ module API
         present paginate(merge_requests), with: Entities::MergeRequestBasic, current_user: current_user, project: user_project
       end
 
+      desc 'List participants for an issue'  do
+        success Entities::UserBasic
+      end
+      params do
+        requires :issue_iid, type: Integer, desc: 'The internal ID of a project issue'
+      end
+      get ':id/issues/:issue_iid/participants' do
+        issue = find_project_issue(params[:issue_iid])
+        participants = ::Kaminari.paginate_array(issue.participants)
+
+        present paginate(participants), with: Entities::UserBasic, current_user: current_user, project: user_project
+      end
+
       desc 'Get the user agent details for an issue' do
         success Entities::UserAgentDetail
       end
diff --git a/lib/api/labels.rb b/lib/api/labels.rb
index e41a1720ac1..81eaf56e48e 100644
--- a/lib/api/labels.rb
+++ b/lib/api/labels.rb
@@ -15,7 +15,7 @@ module API
         use :pagination
       end
       get ':id/labels' do
-        present paginate(available_labels), with: Entities::Label, current_user: current_user, project: user_project
+        present paginate(available_labels_for(user_project)), with: Entities::Label, current_user: current_user, project: user_project
       end
 
       desc 'Create a new label' do
@@ -30,7 +30,7 @@ module API
       post ':id/labels' do
         authorize! :admin_label, user_project
 
-        label = available_labels.find_by(title: params[:name])
+        label = available_labels_for(user_project).find_by(title: params[:name])
         conflict!('Label already exists') if label
 
         priority = params.delete(:priority)
diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb
index 02f2b75ab9d..8f665b39fa8 100644
--- a/lib/api/merge_requests.rb
+++ b/lib/api/merge_requests.rb
@@ -185,6 +185,16 @@ module API
         present merge_request, with: Entities::MergeRequest, current_user: current_user, project: user_project
       end
 
+      desc 'Get the participants of a merge request' do
+        success Entities::UserBasic
+      end
+      get ':id/merge_requests/:merge_request_iid/participants' do
+        merge_request = find_merge_request_with_access(params[:merge_request_iid])
+        participants = ::Kaminari.paginate_array(merge_request.participants)
+
+        present paginate(participants), with: Entities::UserBasic
+      end
+
       desc 'Get the commits of a merge request' do
         success Entities::Commit
       end
diff --git a/lib/api/v3/labels.rb b/lib/api/v3/labels.rb
index bd5eb2175e8..4157462ec2a 100644
--- a/lib/api/v3/labels.rb
+++ b/lib/api/v3/labels.rb
@@ -11,7 +11,7 @@ module API
           success ::API::Entities::Label
         end
         get ':id/labels' do
-          present available_labels, with: ::API::Entities::Label, current_user: current_user, project: user_project
+          present available_labels_for(user_project), with: ::API::Entities::Label, current_user: current_user, project: user_project
         end
 
         desc 'Delete an existing label' do
diff --git a/lib/banzai/filter/mermaid_filter.rb b/lib/banzai/filter/mermaid_filter.rb
index b545b947a2c..65c131e08d9 100644
--- a/lib/banzai/filter/mermaid_filter.rb
+++ b/lib/banzai/filter/mermaid_filter.rb
@@ -2,16 +2,7 @@ module Banzai
   module Filter
     class MermaidFilter < HTML::Pipeline::Filter
       def call
-        doc.css('pre[lang="mermaid"]').add_class('mermaid')
-        doc.css('pre[lang="mermaid"]').add_class('js-render-mermaid')
-
-        # The `<code></code>` blocks are added in the lib/banzai/filter/syntax_highlight_filter.rb
-        # We want to keep context and consistency, so we the blocks are added for all filters.
-        # Details: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15107/diffs?diff_id=7962900#note_45495859
-        doc.css('pre[lang="mermaid"]').each do |pre|
-          document = pre.at('code')
-          document.replace(document.content)
-        end
+        doc.css('pre[lang="mermaid"] > code').add_class('js-render-mermaid')
 
         doc
       end
diff --git a/lib/gitlab/encoding_helper.rb b/lib/gitlab/encoding_helper.rb
index 6b53eb4533d..c0edcabc6fd 100644
--- a/lib/gitlab/encoding_helper.rb
+++ b/lib/gitlab/encoding_helper.rb
@@ -14,14 +14,7 @@ module Gitlab
     ENCODING_CONFIDENCE_THRESHOLD = 50
 
     def encode!(message)
-      return nil unless message.respond_to?(:force_encoding)
-      return message if message.encoding == Encoding::UTF_8 && message.valid_encoding?
-
-      if message.respond_to?(:frozen?) && message.frozen?
-        message = message.dup
-      end
-
-      message.force_encoding("UTF-8")
+      message = force_encode_utf8(message)
       return message if message.valid_encoding?
 
       # return message if message type is binary
@@ -35,6 +28,8 @@ module Gitlab
 
       # encode and clean the bad chars
       message.replace clean(message)
+    rescue ArgumentError
+      return nil
     rescue
       encoding = detect ? detect[:encoding] : "unknown"
       "--broken encoding: #{encoding}"
@@ -54,8 +49,8 @@ module Gitlab
     end
 
     def encode_utf8(message)
-      return nil unless message.is_a?(String)
-      return message if message.encoding == Encoding::UTF_8 && message.valid_encoding?
+      message = force_encode_utf8(message)
+      return message if message.valid_encoding?
 
       detect = CharlockHolmes::EncodingDetector.detect(message)
       if detect && detect[:encoding]
@@ -69,6 +64,8 @@ module Gitlab
       else
         clean(message)
       end
+    rescue ArgumentError
+      return nil
     end
 
     def encode_binary(s)
@@ -83,6 +80,15 @@ module Gitlab
 
     private
 
+    def force_encode_utf8(message)
+      raise ArgumentError unless message.respond_to?(:force_encoding)
+      return message if message.encoding == Encoding::UTF_8 && message.valid_encoding?
+
+      message = message.dup if message.respond_to?(:frozen?) && message.frozen?
+
+      message.force_encoding("UTF-8")
+    end
+
     def clean(message)
       message.encode("UTF-16BE", undef: :replace, invalid: :replace, replace: "")
         .encode("UTF-8")
diff --git a/lib/gitlab/git.rb b/lib/gitlab/git.rb
index 1f7c35cafaa..71647099f83 100644
--- a/lib/gitlab/git.rb
+++ b/lib/gitlab/git.rb
@@ -11,7 +11,7 @@ module Gitlab
       include Gitlab::EncodingHelper
 
       def ref_name(ref)
-        encode_utf8(ref).sub(/\Arefs\/(tags|heads|remotes)\//, '')
+        encode!(ref).sub(/\Arefs\/(tags|heads|remotes)\//, '')
       end
 
       def branch_name(ref)
diff --git a/lib/gitlab/git/blob.rb b/lib/gitlab/git/blob.rb
index 228d97a87ab..a1755143abe 100644
--- a/lib/gitlab/git/blob.rb
+++ b/lib/gitlab/git/blob.rb
@@ -50,10 +50,19 @@ module Gitlab
         # to the caller to limit the number of blobs and blob_size_limit.
         #
         # Gitaly migration issue: https://gitlab.com/gitlab-org/gitaly/issues/798
-        def batch(repository, blob_references, blob_size_limit: nil)
-          blob_size_limit ||= MAX_DATA_DISPLAY_SIZE
-          blob_references.map do |sha, path|
-            find_by_rugged(repository, sha, path, limit: blob_size_limit)
+        def batch(repository, blob_references, blob_size_limit: MAX_DATA_DISPLAY_SIZE)
+          Gitlab::GitalyClient.migrate(:list_blobs_by_sha_path) do |is_enabled|
+            if is_enabled
+              Gitlab::GitalyClient.allow_n_plus_1_calls do
+                blob_references.map do |sha, path|
+                  find_by_gitaly(repository, sha, path, limit: blob_size_limit)
+                end
+              end
+            else
+              blob_references.map do |sha, path|
+                find_by_rugged(repository, sha, path, limit: blob_size_limit)
+              end
+            end
           end
         end
 
@@ -122,13 +131,23 @@ module Gitlab
           )
         end
 
-        def find_by_gitaly(repository, sha, path)
+        def find_by_gitaly(repository, sha, path, limit: MAX_DATA_DISPLAY_SIZE)
           path = path.sub(/\A\/*/, '')
           path = '/' if path.empty?
           name = File.basename(path)
-          entry = Gitlab::GitalyClient::CommitService.new(repository).tree_entry(sha, path, MAX_DATA_DISPLAY_SIZE)
+
+          # Gitaly will think that setting the limit to 0 means unlimited, while
+          # the client might only need the metadata and thus set the limit to 0.
+          # In this method we'll then set the limit to 1, but clear the byte of data
+          # that we got back so for the outside world it looks like the limit was
+          # actually 0.
+          req_limit = limit == 0 ? 1 : limit
+
+          entry = Gitlab::GitalyClient::CommitService.new(repository).tree_entry(sha, path, req_limit)
           return unless entry
 
+          entry.data = "" if limit == 0
+
           case entry.type
           when :COMMIT
             new(
diff --git a/lib/gitlab/git/operation_service.rb b/lib/gitlab/git/operation_service.rb
index ef5bdbaf819..3fb0e2eed93 100644
--- a/lib/gitlab/git/operation_service.rb
+++ b/lib/gitlab/git/operation_service.rb
@@ -97,6 +97,11 @@ module Gitlab
         end
       end
 
+      def update_branch(branch_name, newrev, oldrev)
+        ref = Gitlab::Git::BRANCH_REF_PREFIX + branch_name
+        update_ref_in_hooks(ref, newrev, oldrev)
+      end
+
       private
 
       # Returns [newrev, should_run_after_create, should_run_after_create_branch]
diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index aec85f971ca..e8b1788e140 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -498,11 +498,13 @@ module Gitlab
       end
 
       def count_commits(options)
+        count_commits_options = process_count_commits_options(options)
+
         gitaly_migrate(:count_commits) do |is_enabled|
           if is_enabled
-            count_commits_by_gitaly(options)
+            count_commits_by_gitaly(count_commits_options)
           else
-            count_commits_by_shelling_out(options)
+            count_commits_by_shelling_out(count_commits_options)
           end
         end
       end
@@ -540,8 +542,8 @@ module Gitlab
       end
 
       # Counts the amount of commits between `from` and `to`.
-      def count_commits_between(from, to)
-        count_commits(ref: "#{from}..#{to}")
+      def count_commits_between(from, to, options = {})
+        count_commits(from: from, to: to, **options)
       end
 
       # Returns the SHA of the most recent common ancestor of +from+ and +to+
@@ -1219,9 +1221,16 @@ module Gitlab
         rebase_path = worktree_path(REBASE_WORKTREE_PREFIX, rebase_id)
         env = git_env_for_user(user)
 
+        if remote_repository.is_a?(RemoteRepository)
+          env.merge!(remote_repository.fetch_env)
+          remote_repo_path = GITALY_INTERNAL_URL
+        else
+          remote_repo_path = remote_repository.path
+        end
+
         with_worktree(rebase_path, branch, env: env) do
           run_git!(
-            %W(pull --rebase #{remote_repository.path} #{remote_branch}),
+            %W(pull --rebase #{remote_repo_path} #{remote_branch}),
             chdir: rebase_path, env: env
           )
 
@@ -1461,6 +1470,26 @@ module Gitlab
         end
       end
 
+      def process_count_commits_options(options)
+        if options[:from] || options[:to]
+          ref =
+            if options[:left_right] # Compare with merge-base for left-right
+              "#{options[:from]}...#{options[:to]}"
+            else
+              "#{options[:from]}..#{options[:to]}"
+            end
+
+          options.merge(ref: ref)
+
+        elsif options[:ref] && options[:left_right]
+          from, to = options[:ref].match(/\A([^\.]*)\.{2,3}([^\.]*)\z/)[1..2]
+
+          options.merge(from: from, to: to)
+        else
+          options
+        end
+      end
+
       def log_using_shell?(options)
         options[:path].present? ||
           options[:disable_walk] ||
@@ -1683,20 +1712,59 @@ module Gitlab
       end
 
       def count_commits_by_gitaly(options)
-        gitaly_commit_client.commit_count(options[:ref], options)
+        if options[:left_right]
+          from = options[:from]
+          to = options[:to]
+
+          right_count = gitaly_commit_client
+            .commit_count("#{from}..#{to}", options)
+          left_count = gitaly_commit_client
+            .commit_count("#{to}..#{from}", options)
+
+          [left_count, right_count]
+        else
+          gitaly_commit_client.commit_count(options[:ref], options)
+        end
       end
 
       def count_commits_by_shelling_out(options)
+        cmd = count_commits_shelling_command(options)
+
+        raw_output = IO.popen(cmd) { |io| io.read }
+
+        process_count_commits_raw_output(raw_output, options)
+      end
+
+      def count_commits_shelling_command(options)
         cmd = %W[#{Gitlab.config.git.bin_path} --git-dir=#{path} rev-list]
         cmd << "--after=#{options[:after].iso8601}" if options[:after]
         cmd << "--before=#{options[:before].iso8601}" if options[:before]
         cmd << "--max-count=#{options[:max_count]}" if options[:max_count]
+        cmd << "--left-right" if options[:left_right]
         cmd += %W[--count #{options[:ref]}]
         cmd += %W[-- #{options[:path]}] if options[:path].present?
+        cmd
+      end
 
-        raw_output = IO.popen(cmd) { |io| io.read }
+      def process_count_commits_raw_output(raw_output, options)
+        if options[:left_right]
+          result = raw_output.scan(/\d+/).map(&:to_i)
+
+          if result.sum != options[:max_count]
+            result
+          else # Reaching max count, right is not accurate
+            right_option =
+              process_count_commits_options(options
+                .except(:left_right, :from, :to)
+                .merge(ref: options[:to]))
+
+            right = count_commits_by_shelling_out(right_option)
 
-        raw_output.to_i
+            [result.first, right] # left should be accurate in the first call
+          end
+        else
+          raw_output.to_i
+        end
       end
 
       def gitaly_ls_files(ref)
diff --git a/lib/gitlab/import_export/command_line_util.rb b/lib/gitlab/import_export/command_line_util.rb
index 0135b3c6f22..dd5d35feab9 100644
--- a/lib/gitlab/import_export/command_line_util.rb
+++ b/lib/gitlab/import_export/command_line_util.rb
@@ -15,6 +15,11 @@ module Gitlab
         execute(%W(#{git_bin_path} --git-dir=#{repo_path} bundle create #{bundle_path} --all))
       end
 
+      def git_clone_bundle(repo_path:, bundle_path:)
+        execute(%W(#{git_bin_path} clone --bare -- #{bundle_path} #{repo_path}))
+        Gitlab::Git::Repository.create_hooks(repo_path, File.expand_path(Gitlab.config.gitlab_shell.hooks_path))
+      end
+
       def mkdir_p(path)
         FileUtils.mkdir_p(path, mode: DEFAULT_MODE)
         FileUtils.chmod(DEFAULT_MODE, path)
diff --git a/lib/gitlab/import_export/repo_restorer.rb b/lib/gitlab/import_export/repo_restorer.rb
index 32ca2809b2f..d0e5cfcfd3e 100644
--- a/lib/gitlab/import_export/repo_restorer.rb
+++ b/lib/gitlab/import_export/repo_restorer.rb
@@ -13,7 +13,7 @@ module Gitlab
       def restore
         return true unless File.exist?(@path_to_bundle)
 
-        gitlab_shell.import_repository(@project.repository_storage_path, @project.disk_path, @path_to_bundle)
+        git_clone_bundle(repo_path: @project.repository.path_to_repo, bundle_path: @path_to_bundle)
       rescue => e
         @shared.error(e)
         false
diff --git a/lib/gitlab/ldap/adapter.rb b/lib/gitlab/ldap/adapter.rb
index 0afaa2306b5..76863e77dc3 100644
--- a/lib/gitlab/ldap/adapter.rb
+++ b/lib/gitlab/ldap/adapter.rb
@@ -74,7 +74,7 @@ module Gitlab
 
       def user_options(fields, value, limit)
         options = {
-          attributes: Gitlab::LDAP::Person.ldap_attributes(config).compact.uniq,
+          attributes: Gitlab::LDAP::Person.ldap_attributes(config),
           base: config.base
         }
 
diff --git a/lib/gitlab/ldap/config.rb b/lib/gitlab/ldap/config.rb
index c8f19cd52d5..0d9a554fc18 100644
--- a/lib/gitlab/ldap/config.rb
+++ b/lib/gitlab/ldap/config.rb
@@ -148,7 +148,7 @@ module Gitlab
 
       def default_attributes
         {
-          'username'    => %w(uid userid sAMAccountName),
+          'username'    => %w(uid sAMAccountName userid),
           'email'       => %w(mail email userPrincipalName),
           'name'        => 'cn',
           'first_name'  => 'givenName',
diff --git a/lib/gitlab/ldap/person.rb b/lib/gitlab/ldap/person.rb
index 38d7a9ba2f5..e81cec6ba1a 100644
--- a/lib/gitlab/ldap/person.rb
+++ b/lib/gitlab/ldap/person.rb
@@ -6,6 +6,8 @@ module Gitlab
       # Source: http://ctogonewild.com/2009/09/03/bitmask-searches-in-ldap/
       AD_USER_DISABLED = Net::LDAP::Filter.ex("userAccountControl:1.2.840.113556.1.4.803", "2")
 
+      InvalidEntryError = Class.new(StandardError)
+
       attr_accessor :entry, :provider
 
       def self.find_by_uid(uid, adapter)
@@ -29,11 +31,12 @@ module Gitlab
 
       def self.ldap_attributes(config)
         [
-          'dn', # Used in `dn`
-          config.uid, # Used in `uid`
-          *config.attributes['name'], # Used in `name`
-          *config.attributes['email'] # Used in `email`
-        ]
+          'dn',
+          config.uid,
+          *config.attributes['name'],
+          *config.attributes['email'],
+          *config.attributes['username']
+        ].compact.uniq
       end
 
       def self.normalize_dn(dn)
@@ -60,6 +63,8 @@ module Gitlab
         Rails.logger.debug { "Instantiating #{self.class.name} with LDIF:\n#{entry.to_ldif}" }
         @entry = entry
         @provider = provider
+
+        validate_entry
       end
 
       def name
@@ -71,7 +76,13 @@ module Gitlab
       end
 
       def username
-        uid
+        username = attribute_value(:username)
+
+        # Depending on the attribute, multiple values may
+        # be returned. We need only one for username.
+        # Ex. `uid` returns only one value but `mail` may
+        # return an array of multiple email addresses.
+        [username].flatten.first
       end
 
       def email
@@ -104,6 +115,19 @@ module Gitlab
 
         entry.public_send(selected_attr) # rubocop:disable GitlabSecurity/PublicSend
       end
+
+      def validate_entry
+        allowed_attrs = self.class.ldap_attributes(config).map(&:downcase)
+
+        # Net::LDAP::Entry transforms keys to symbols. Change to strings to compare.
+        entry_attrs = entry.attribute_names.map { |n| n.to_s.downcase }
+        invalid_attrs = entry_attrs - allowed_attrs
+
+        if invalid_attrs.any?
+          raise InvalidEntryError,
+                "#{self.class.name} initialized with Net::LDAP::Entry containing invalid attributes(s): #{invalid_attrs}"
+        end
+      end
     end
   end
 end
diff --git a/lib/gitlab/setup_helper.rb b/lib/gitlab/setup_helper.rb
new file mode 100644
index 00000000000..d01213bb6e0
--- /dev/null
+++ b/lib/gitlab/setup_helper.rb
@@ -0,0 +1,61 @@
+module Gitlab
+  module SetupHelper
+    class << self
+      # We cannot create config.toml files for all possible Gitaly configuations.
+      # For instance, if Gitaly is running on another machine then it makes no
+      # sense to write a config.toml file on the current machine. This method will
+      # only generate a configuration for the most common and simplest case: when
+      # we have exactly one Gitaly process and we are sure it is running locally
+      # because it uses a Unix socket.
+      # For development and testing purposes, an extra storage is added to gitaly,
+      # which is not known to Rails, but must be explicitly stubbed.
+      def gitaly_configuration_toml(gitaly_dir, gitaly_ruby: true)
+        storages = []
+        address = nil
+
+        Gitlab.config.repositories.storages.each do |key, val|
+          if address
+            if address != val['gitaly_address']
+              raise ArgumentError, "Your gitlab.yml contains more than one gitaly_address."
+            end
+          elsif URI(val['gitaly_address']).scheme != 'unix'
+            raise ArgumentError, "Automatic config.toml generation only supports 'unix:' addresses."
+          else
+            address = val['gitaly_address']
+          end
+
+          storages << { name: key, path: val['path'] }
+        end
+
+        if Rails.env.test?
+          storages << { name: 'test_second_storage', path: Rails.root.join('tmp', 'tests', 'second_storage').to_s }
+        end
+
+        config = { socket_path: address.sub(%r{\Aunix:}, ''), storage: storages }
+        config[:auth] = { token: 'secret' } if Rails.env.test?
+        config[:'gitaly-ruby'] = { dir: File.join(gitaly_dir, 'ruby') } if gitaly_ruby
+        config[:'gitlab-shell'] = { dir: Gitlab.config.gitlab_shell.path }
+        config[:bin_dir] = Gitlab.config.gitaly.client_path
+
+        TOML.dump(config)
+      end
+
+      # rubocop:disable Rails/Output
+      def create_gitaly_configuration(dir, force: false)
+        config_path = File.join(dir, 'config.toml')
+        FileUtils.rm_f(config_path) if force
+
+        File.open(config_path, File::WRONLY | File::CREAT | File::EXCL) do |f|
+          f.puts gitaly_configuration_toml(dir)
+        end
+      rescue Errno::EEXIST
+        puts "Skipping config.toml generation:"
+        puts "A configuration file already exists."
+      rescue ArgumentError => e
+        puts "Skipping config.toml generation:"
+        puts e.message
+      end
+      # rubocop:enable Rails/Output
+    end
+  end
+end
diff --git a/lib/gitlab/shell.rb b/lib/gitlab/shell.rb
index 40650fc5ee7..564047bbd34 100644
--- a/lib/gitlab/shell.rb
+++ b/lib/gitlab/shell.rb
@@ -71,7 +71,6 @@ module Gitlab
     # Ex.
     #   add_repository("/path/to/storage", "gitlab/gitlab-ci")
     #
-    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/387
     def add_repository(storage, name)
       relative_path = name.dup
       relative_path << '.git' unless relative_path.end_with?('.git')
@@ -100,8 +99,12 @@ module Gitlab
     # Ex.
     #   import_repository("/path/to/storage", "gitlab/gitlab-ci", "https://gitlab.com/gitlab-org/gitlab-test.git")
     #
-    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/387
+    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/874
     def import_repository(storage, name, url)
+      if url.start_with?('.', '/')
+        raise Error.new("don't use disk paths with import_repository: #{url.inspect}")
+      end
+
       # The timeout ensures the subprocess won't hang forever
       cmd = gitlab_projects(storage, "#{name}.git")
       success = cmd.import_project(url, git_timeout)
@@ -122,7 +125,6 @@ module Gitlab
     # Ex.
     #   fetch_remote(my_repo, "upstream")
     #
-    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/387
     def fetch_remote(repository, remote, ssh_auth: nil, forced: false, no_tags: false)
       gitaly_migrate(:fetch_remote) do |is_enabled|
         if is_enabled
@@ -142,7 +144,7 @@ module Gitlab
     # Ex.
     #   mv_repository("/path/to/storage", "gitlab/gitlab-ci", "randx/gitlab-ci-new")
     #
-    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/387
+    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/873
     def mv_repository(storage, path, new_path)
       gitlab_projects(storage, "#{path}.git").mv_project("#{new_path}.git")
     end
@@ -156,7 +158,7 @@ module Gitlab
     # Ex.
     #  fork_repository("/path/to/forked_from/storage", "gitlab/gitlab-ci", "/path/to/forked_to/storage", "new-namespace/gitlab-ci")
     #
-    # Gitaly note: JV: not easy to migrate because this involves two Gitaly servers, not one.
+    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/817
     def fork_repository(forked_from_storage, forked_from_disk_path, forked_to_storage, forked_to_disk_path)
       gitlab_projects(forked_from_storage, "#{forked_from_disk_path}.git")
         .fork_repository(forked_to_storage, "#{forked_to_disk_path}.git")
@@ -170,7 +172,7 @@ module Gitlab
     # Ex.
     #   remove_repository("/path/to/storage", "gitlab/gitlab-ci")
     #
-    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/387
+    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/873
     def remove_repository(storage, name)
       gitlab_projects(storage, "#{name}.git").rm_project
     end
@@ -221,7 +223,6 @@ module Gitlab
     # Ex.
     #   add_namespace("/path/to/storage", "gitlab")
     #
-    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/385
     def add_namespace(storage, name)
       Gitlab::GitalyClient.migrate(:add_namespace) do |enabled|
         if enabled
@@ -243,7 +244,6 @@ module Gitlab
     # Ex.
     #   rm_namespace("/path/to/storage", "gitlab")
     #
-    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/385
     def rm_namespace(storage, name)
       Gitlab::GitalyClient.migrate(:remove_namespace) do |enabled|
         if enabled
@@ -261,7 +261,6 @@ module Gitlab
     # Ex.
     #   mv_namespace("/path/to/storage", "gitlab", "gitlabhq")
     #
-    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/385
     def mv_namespace(storage, old_name, new_name)
       Gitlab::GitalyClient.migrate(:rename_namespace) do |enabled|
         if enabled
diff --git a/lib/tasks/gitlab/check.rake b/lib/tasks/gitlab/check.rake
index dfade1f3885..903e84359cd 100644
--- a/lib/tasks/gitlab/check.rake
+++ b/lib/tasks/gitlab/check.rake
@@ -387,14 +387,8 @@ namespace :gitlab do
   namespace :repo do
     desc "GitLab | Check the integrity of the repositories managed by GitLab"
     task check: :environment do
-      Gitlab.config.repositories.storages.each do |name, repository_storage|
-        namespace_dirs = Dir.glob(File.join(repository_storage['path'], '*'))
-
-        namespace_dirs.each do |namespace_dir|
-          repo_dirs = Dir.glob(File.join(namespace_dir, '*'))
-          repo_dirs.each { |repo_dir| check_repo_integrity(repo_dir) }
-        end
-      end
+      puts "This task is deprecated. Please use gitlab:git:fsck instead".color(:red)
+      Rake::Task["gitlab:git:fsck"].execute
     end
   end
 
@@ -461,35 +455,4 @@ namespace :gitlab do
       puts "FAIL. Please update gitlab-shell to #{required_version} from #{current_version}".color(:red)
     end
   end
-
-  def check_repo_integrity(repo_dir)
-    puts "\nChecking repo at #{repo_dir.color(:yellow)}"
-
-    git_fsck(repo_dir)
-    check_config_lock(repo_dir)
-    check_ref_locks(repo_dir)
-  end
-
-  def git_fsck(repo_dir)
-    puts "Running `git fsck`".color(:yellow)
-    system(*%W(#{Gitlab.config.git.bin_path} fsck), chdir: repo_dir)
-  end
-
-  def check_config_lock(repo_dir)
-    config_exists = File.exist?(File.join(repo_dir, 'config.lock'))
-    config_output = config_exists ? 'yes'.color(:red) : 'no'.color(:green)
-    puts "'config.lock' file exists?".color(:yellow) + " ... #{config_output}"
-  end
-
-  def check_ref_locks(repo_dir)
-    lock_files = Dir.glob(File.join(repo_dir, 'refs/heads/*.lock'))
-    if lock_files.present?
-      puts "Ref lock files exist:".color(:red)
-      lock_files.each do |lock_file|
-        puts "  #{lock_file}"
-      end
-    else
-      puts "No ref lock files exist".color(:green)
-    end
-  end
 end
diff --git a/lib/tasks/gitlab/git.rake b/lib/tasks/gitlab/git.rake
index cf82134d97e..3f5dd2ae3b3 100644
--- a/lib/tasks/gitlab/git.rake
+++ b/lib/tasks/gitlab/git.rake
@@ -30,6 +30,20 @@ namespace :gitlab do
       end
     end
 
+    desc 'GitLab | Git | Check all repos integrity'
+    task fsck: :environment do
+      failures = perform_git_cmd(%W(#{Gitlab.config.git.bin_path} fsck --name-objects --no-progress), "Checking integrity") do |repo|
+        check_config_lock(repo)
+        check_ref_locks(repo)
+      end
+
+      if failures.empty?
+        puts "Done".color(:green)
+      else
+        output_failures(failures)
+      end
+    end
+
     def perform_git_cmd(cmd, message)
       puts "Starting #{message} on all repositories"
 
@@ -40,6 +54,8 @@ namespace :gitlab do
         else
           failures << repo
         end
+
+        yield(repo) if block_given?
       end
 
       failures
@@ -49,5 +65,24 @@ namespace :gitlab do
       puts "The following repositories reported errors:".color(:red)
       failures.each { |f| puts "- #{f}" }
     end
+
+    def check_config_lock(repo_dir)
+      config_exists = File.exist?(File.join(repo_dir, 'config.lock'))
+      config_output = config_exists ? 'yes'.color(:red) : 'no'.color(:green)
+
+      puts "'config.lock' file exists?".color(:yellow) + " ... #{config_output}"
+    end
+
+    def check_ref_locks(repo_dir)
+      lock_files = Dir.glob(File.join(repo_dir, 'refs/heads/*.lock'))
+
+      if lock_files.present?
+        puts "Ref lock files exist:".color(:red)
+
+        lock_files.each { |lock_file| puts "  #{lock_file}" }
+      else
+        puts "No ref lock files exist".color(:green)
+      end
+    end
   end
 end
diff --git a/lib/tasks/gitlab/gitaly.rake b/lib/tasks/gitlab/gitaly.rake
index 4d880c05f99..4507b841964 100644
--- a/lib/tasks/gitlab/gitaly.rake
+++ b/lib/tasks/gitlab/gitaly.rake
@@ -21,8 +21,8 @@ namespace :gitlab do
 
       command << 'BUNDLE_FLAGS=--no-deployment' if Rails.env.test?
 
+      Gitlab::SetupHelper.create_gitaly_configuration(args.dir)
       Dir.chdir(args.dir) do
-        create_gitaly_configuration
         # In CI we run scripts/gitaly-test-build instead of this command
         unless ENV['CI'].present?
           Bundler.with_original_env { run_command!(command) }
@@ -39,60 +39,7 @@ namespace :gitlab do
 
       # Exclude gitaly-ruby configuration because that depends on the gitaly
       # installation directory.
-      puts gitaly_configuration_toml(gitaly_ruby: false)
-    end
-
-    private
-
-    # We cannot create config.toml files for all possible Gitaly configuations.
-    # For instance, if Gitaly is running on another machine then it makes no
-    # sense to write a config.toml file on the current machine. This method will
-    # only generate a configuration for the most common and simplest case: when
-    # we have exactly one Gitaly process and we are sure it is running locally
-    # because it uses a Unix socket.
-    # For development and testing purposes, an extra storage is added to gitaly,
-    # which is not known to Rails, but must be explicitly stubbed.
-    def gitaly_configuration_toml(gitaly_ruby: true)
-      storages = []
-      address = nil
-
-      Gitlab.config.repositories.storages.each do |key, val|
-        if address
-          if address != val['gitaly_address']
-            raise ArgumentError, "Your gitlab.yml contains more than one gitaly_address."
-          end
-        elsif URI(val['gitaly_address']).scheme != 'unix'
-          raise ArgumentError, "Automatic config.toml generation only supports 'unix:' addresses."
-        else
-          address = val['gitaly_address']
-        end
-
-        storages << { name: key, path: val['path'] }
-      end
-
-      if Rails.env.test?
-        storages << { name: 'test_second_storage', path: Rails.root.join('tmp', 'tests', 'second_storage').to_s }
-      end
-
-      config = { socket_path: address.sub(%r{\Aunix:}, ''), storage: storages }
-      config[:auth] = { token: 'secret' } if Rails.env.test?
-      config[:'gitaly-ruby'] = { dir: File.join(Dir.pwd, 'ruby') } if gitaly_ruby
-      config[:'gitlab-shell'] = { dir: Gitlab.config.gitlab_shell.path }
-      config[:bin_dir] = Gitlab.config.gitaly.client_path
-
-      TOML.dump(config)
-    end
-
-    def create_gitaly_configuration
-      File.open("config.toml", File::WRONLY | File::CREAT | File::EXCL) do |f|
-        f.puts gitaly_configuration_toml
-      end
-    rescue Errno::EEXIST
-      puts "Skipping config.toml generation:"
-      puts "A configuration file already exists."
-    rescue ArgumentError => e
-      puts "Skipping config.toml generation:"
-      puts e.message
+      puts Gitlab::SetupHelper.gitaly_configuration_toml('', gitaly_ruby: false)
     end
   end
 end
diff --git a/lib/tasks/gitlab/task_helpers.rb b/lib/tasks/gitlab/task_helpers.rb
index 6723662703c..c1182af1014 100644
--- a/lib/tasks/gitlab/task_helpers.rb
+++ b/lib/tasks/gitlab/task_helpers.rb
@@ -130,7 +130,7 @@ module Gitlab
 
     def all_repos
       Gitlab.config.repositories.storages.each_value do |repository_storage|
-        IO.popen(%W(find #{repository_storage['path']} -mindepth 2 -maxdepth 2 -type d -name *.git)) do |find|
+        IO.popen(%W(find #{repository_storage['path']} -mindepth 2 -type d -name *.git)) do |find|
           find.each_line do |path|
             yield path.chomp
           end
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index 45c424af8c4..c8cc6b374f6 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -684,4 +684,62 @@ describe Projects::MergeRequestsController do
                             format: :json
     end
   end
+
+  describe 'POST #rebase' do
+    let(:viewer)        { user }
+
+    def post_rebase
+      post :rebase, namespace_id: project.namespace, project_id: project, id: merge_request
+    end
+
+    def expect_rebase_worker_for(user)
+      expect(RebaseWorker).to receive(:perform_async).with(merge_request.id, user.id)
+    end
+
+    context 'successfully' do
+      it 'enqeues a RebaseWorker' do
+        expect_rebase_worker_for(viewer)
+
+        post_rebase
+
+        expect(response.status).to eq(200)
+      end
+    end
+
+    context 'with a forked project' do
+      let(:fork_project) { create(:project, :repository, forked_from_project: project) }
+      let(:fork_owner) { fork_project.owner }
+
+      before do
+        merge_request.update!(source_project: fork_project)
+        fork_project.add_reporter(user)
+      end
+
+      context 'user cannot push to source branch' do
+        it 'returns 404' do
+          expect_rebase_worker_for(viewer).never
+
+          post_rebase
+
+          expect(response.status).to eq(404)
+        end
+      end
+
+      context 'user can push to source branch' do
+        before do
+          project.add_reporter(fork_owner)
+
+          sign_in(fork_owner)
+        end
+
+        it 'returns 200' do
+          expect_rebase_worker_for(fork_owner)
+
+          post_rebase
+
+          expect(response.status).to eq(200)
+        end
+      end
+    end
+  end
 end
diff --git a/spec/features/copy_as_gfm_spec.rb b/spec/features/copy_as_gfm_spec.rb
index 1fcb8d5bc67..d8f1a919522 100644
--- a/spec/features/copy_as_gfm_spec.rb
+++ b/spec/features/copy_as_gfm_spec.rb
@@ -285,6 +285,102 @@ describe 'Copy as GFM', :js do
       end
 
       verify(
+        'MermaidFilter: mermaid as converted from GFM to HTML',
+
+        <<-GFM.strip_heredoc
+          ```mermaid
+          graph TD;
+            A-->B;
+          ```
+        GFM
+      )
+
+      aggregate_failures('MermaidFilter: mermaid as transformed from HTML to SVG') do
+        gfm = <<-GFM.strip_heredoc
+          ```mermaid
+          graph TD;
+            A-->B;
+          ```
+        GFM
+
+        html = <<-HTML.strip_heredoc
+          <svg id="mermaidChart1" xmlns="http://www.w3.org/2000/svg" height="100%" viewBox="0 0 87.234375 174" style="max-width:87.234375px;" class="mermaid">
+            <style>
+              .mermaid {
+                /* Flowchart variables */
+                /* Sequence Diagram variables */
+                /* Gantt chart variables */
+                /** Section styling */
+                /* Grid and axis */
+                /* Today line */
+                /* Task styling */
+                /* Default task */
+                /* Specific task settings for the sections*/
+                /* Active task */
+                /* Completed task */
+                /* Tasks on the critical line */
+              }
+            </style>
+            <g>
+              <g class="output">
+                <g class="clusters"></g>
+                <g class="edgePaths">
+                  <g class="edgePath" style="opacity: 1;">
+                    <path class="path" d="M33.6171875,52L33.6171875,77L33.6171875,102" marker-end="url(#arrowhead65)" style="fill:none"></path>
+                    <defs>
+                      <marker id="arrowhead65" viewBox="0 0 10 10" refX="9" refY="5" markerUnits="strokeWidth" markerWidth="8" markerHeight="6" orient="auto">
+                        <path d="M 0 0 L 10 5 L 0 10 z" class="arrowheadPath" style="stroke-width: 1; stroke-dasharray: 1, 0;"></path>
+                      </marker>
+                    </defs>
+                  </g>
+                </g>
+                <g class="edgeLabels">
+                  <g class="edgeLabel" style="opacity: 1;" transform="">
+                    <g transform="translate(0,0)" class="label">
+                      <foreignObject width="0" height="0">
+                        <div xmlns="http://www.w3.org/1999/xhtml" style="display: inline-block; white-space: nowrap;">
+                          <span class="edgeLabel"></span>
+                        </div>
+                      </foreignObject>
+                    </g>
+                  </g>
+                </g>
+                <g class="nodes">
+                  <g class="node" id="A" transform="translate(33.6171875,36)" style="opacity: 1;">
+                    <rect rx="0" ry="0" x="-13.6171875" y="-16" width="27.234375" height="32"></rect>
+                    <g class="label" transform="translate(0,0)">
+                      <g transform="translate(-3.6171875,-6)">
+                        <foreignObject width="7.234375" height="12">
+                          <div xmlns="http://www.w3.org/1999/xhtml" style="display: inline-block; white-space: nowrap;">A</div>
+                        </foreignObject>
+                      </g>
+                    </g>
+                  </g>
+                  <g class="node" id="B" transform="translate(33.6171875,118)" style="opacity: 1;">
+                    <rect rx="0" ry="0" x="-13.6171875" y="-16" width="27.234375" height="32">
+                    </rect>
+                    <g class="label" transform="translate(0,0)">
+                      <g transform="translate(-3.6171875,-6)">
+                        <foreignObject width="7.234375" height="12">
+                          <div xmlns="http://www.w3.org/1999/xhtml" style="display: inline-block; white-space: nowrap;">B</div>
+                        </foreignObject>
+                      </g>
+                    </g>
+                  </g>
+                </g>
+              </g>
+            </g>
+            <text class="source" display="none">graph TD;
+            A--&gt;B;
+            </text>
+          </svg>
+        HTML
+
+        output_gfm = html_to_gfm(html)
+        expect(output_gfm.strip).to eq(gfm.strip)
+      end
+
+      verify(
         'SanitizationFilter',
 
         <<-GFM.strip_heredoc
diff --git a/spec/features/markdown_spec.rb b/spec/features/markdown_spec.rb
index e285befc66f..a2b78a5e021 100644
--- a/spec/features/markdown_spec.rb
+++ b/spec/features/markdown_spec.rb
@@ -71,7 +71,7 @@ describe 'GitLab Markdown' do
 
       it 'parses mermaid code block' do
         aggregate_failures do
-          expect(doc).to have_selector('pre.code.js-render-mermaid')
+          expect(doc).to have_selector('pre[lang=mermaid] > code.js-render-mermaid')
         end
       end
 
diff --git a/spec/features/projects/clusters/gcp_spec.rb b/spec/features/projects/clusters/gcp_spec.rb
index 51bd09e88e0..940b054cfe9 100644
--- a/spec/features/projects/clusters/gcp_spec.rb
+++ b/spec/features/projects/clusters/gcp_spec.rb
@@ -87,14 +87,14 @@ feature 'Gcp Cluster', :js do
         end
 
         it 'user sees a cluster details page' do
-          expect(page).to have_button('Save')
+          expect(page).to have_button('Save changes')
           expect(page.find(:css, '.cluster-name').value).to eq(cluster.name)
         end
 
         context 'when user disables the cluster' do
           before do
             page.find(:css, '.js-toggle-cluster').click
-            click_button 'Save'
+            page.within('#cluster-integration') { click_button 'Save changes' }
           end
 
           it 'user sees the successful message' do
@@ -105,7 +105,7 @@ feature 'Gcp Cluster', :js do
         context 'when user changes cluster parameters' do
           before do
             fill_in 'cluster_platform_kubernetes_attributes_namespace', with: 'my-namespace'
-            click_button 'Save changes'
+            page.within('#js-cluster-details') { click_button 'Save changes' }
           end
 
           it 'user sees the successful message' do
diff --git a/spec/features/projects/clusters/user_spec.rb b/spec/features/projects/clusters/user_spec.rb
index 414f4acba86..a519b9f9c7e 100644
--- a/spec/features/projects/clusters/user_spec.rb
+++ b/spec/features/projects/clusters/user_spec.rb
@@ -29,7 +29,7 @@ feature 'User Cluster', :js do
       end
 
       it 'user sees a cluster details page' do
-        expect(page).to have_content('Enable cluster integration')
+        expect(page).to have_content('Cluster integration')
         expect(page.find_field('cluster[name]').value).to eq('dev-cluster')
         expect(page.find_field('cluster[platform_kubernetes_attributes][api_url]').value)
           .to have_content('http://example.com')
@@ -57,14 +57,14 @@ feature 'User Cluster', :js do
     end
 
     it 'user sees a cluster details page' do
-      expect(page).to have_button('Save')
+      expect(page).to have_button('Save changes')
     end
 
     context 'when user disables the cluster' do
       before do
         page.find(:css, '.js-toggle-cluster').click
         fill_in 'cluster_name', with: 'dev-cluster'
-        click_button 'Save'
+        page.within('#cluster-integration') { click_button 'Save changes' }
       end
 
       it 'user sees the successful message' do
@@ -76,7 +76,7 @@ feature 'User Cluster', :js do
       before do
         fill_in 'cluster_name', with: 'my-dev-cluster'
         fill_in 'cluster_platform_kubernetes_attributes_namespace', with: 'my-namespace'
-        click_button 'Save changes'
+        page.within('#js-cluster-details') { click_button 'Save changes' }
       end
 
       it 'user sees the successful message' do
diff --git a/spec/features/projects/import_export/export_file_spec.rb b/spec/features/projects/import_export/export_file_spec.rb
index 461aa39d0ad..6732cf61767 100644
--- a/spec/features/projects/import_export/export_file_spec.rb
+++ b/spec/features/projects/import_export/export_file_spec.rb
@@ -2,7 +2,7 @@ require 'spec_helper'
 
 # Integration test that exports a file using the Import/Export feature
 # It looks up for any sensitive word inside the JSON, so if a sensitive word is found
-# we''l have to either include it adding the model that includes it to the +safe_list+
+# we'll have to either include it adding the model that includes it to the +safe_list+
 # or make sure the attribute is blacklisted in the +import_export.yml+ configuration
 feature 'Import/Export - project export integration test', :js do
   include Select2Helper
diff --git a/spec/finders/labels_finder_spec.rb b/spec/finders/labels_finder_spec.rb
index d507af3fd3d..06031aee217 100644
--- a/spec/finders/labels_finder_spec.rb
+++ b/spec/finders/labels_finder_spec.rb
@@ -56,6 +56,16 @@ describe LabelsFinder do
 
         expect(finder.execute).to eq [group_label_2, group_label_1, project_label_5]
       end
+
+      context 'when only_group_labels is true' do
+        it 'returns only group labels' do
+          group_1.add_developer(user)
+
+          finder = described_class.new(user, group_id: group_1.id, only_group_labels: true)
+
+          expect(finder.execute).to eq [group_label_2, group_label_1]
+        end
+      end
     end
 
     context 'filtering by project_id' do
diff --git a/spec/fixtures/api/schemas/entities/merge_request_basic.json b/spec/fixtures/api/schemas/entities/merge_request_basic.json
index 995f13381ad..f1199468d53 100644
--- a/spec/fixtures/api/schemas/entities/merge_request_basic.json
+++ b/spec/fixtures/api/schemas/entities/merge_request_basic.json
@@ -9,6 +9,7 @@
     "human_time_estimate": { "type": ["string", "null"] },
     "human_total_time_spent": { "type": ["string", "null"] },
     "merge_error": { "type": ["string", "null"] },
+    "rebase_in_progress": { "type": "boolean" },
     "assignee_id": { "type": ["integer", "null"] },
     "subscribed": { "type": ["boolean", "null"] },
     "participants": { "type": "array" }
diff --git a/spec/fixtures/api/schemas/entities/merge_request_widget.json b/spec/fixtures/api/schemas/entities/merge_request_widget.json
index 9de27bee751..7f662098216 100644
--- a/spec/fixtures/api/schemas/entities/merge_request_widget.json
+++ b/spec/fixtures/api/schemas/entities/merge_request_widget.json
@@ -103,7 +103,11 @@
     "remove_source_branch": { "type": ["boolean", "null"] },
     "merge_ongoing": { "type": "boolean" },
     "ff_only_enabled": { "type": ["boolean", false] },
-    "should_be_rebased": { "type": "boolean" }
+    "should_be_rebased": { "type": "boolean" },
+    "rebase_commit_sha": { "type": ["string", "null"] },
+    "rebase_in_progress": { "type": "boolean" },
+    "can_push_to_source_branch": { "type": "boolean" },
+    "rebase_path": { "type": ["string", "null"] }
   },
   "additionalProperties": false
 }
diff --git a/spec/fixtures/api/schemas/public_api/v4/board.json b/spec/fixtures/api/schemas/public_api/v4/board.json
new file mode 100644
index 00000000000..d667f1d631c
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/board.json
@@ -0,0 +1,86 @@
+{
+  "type": "object",
+  "required" : [
+    "id",
+    "project",
+    "lists"
+  ],
+  "properties" : {
+    "id": { "type": "integer" },
+    "project": {
+      "type": ["object", "null"],
+      "required": [
+        "id",
+        "avatar_url",
+        "description",
+        "default_branch",
+        "tag_list",
+        "ssh_url_to_repo",
+        "http_url_to_repo",
+        "web_url",
+        "name",
+        "name_with_namespace",
+        "path",
+        "path_with_namespace",
+        "star_count",
+        "forks_count",
+        "created_at",
+        "last_activity_at"
+      ],
+      "properties": {
+        "id": { "type": "integer" },
+        "avatar_url": { "type": ["string", "null"] },
+        "description": { "type": ["string", "null"] },
+        "default_branch": { "type": ["string", "null"] },
+        "tag_list": { "type": "array" },
+        "ssh_url_to_repo": { "type": "string" },
+        "http_url_to_repo": { "type": "string" },
+        "web_url": { "type": "string" },
+        "name": { "type": "string" },
+        "name_with_namespace": { "type": "string" },
+        "path": { "type": "string" },
+        "path_with_namespace": { "type": "string" },
+        "star_count": { "type": "integer" },
+        "forks_count": { "type": "integer" },
+        "created_at": { "type": "date" },
+        "last_activity_at": { "type": "date" }
+      },
+      "additionalProperties": false
+    },
+    "lists": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required" : [
+          "id",
+          "label",
+          "position"
+        ],
+        "properties" : {
+          "id": { "type": "integer" },
+          "label": {
+            "type": ["object", "null"],
+            "required": [
+              "id",
+              "color",
+              "description",
+              "name"
+            ],
+            "properties": {
+              "id": { "type": "integer" },
+              "color": {
+                "type": "string",
+                "pattern": "^#[0-9A-Fa-f]{3}{1,2}+$"
+              },
+              "description": { "type": ["string", "null"] },
+              "name": { "type": "string" }
+            }
+          },
+          "position": { "type": ["integer", "null"] }
+        },
+        "additionalProperties": false
+      }
+    }
+  },
+  "additionalProperties": true
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/boards.json b/spec/fixtures/api/schemas/public_api/v4/boards.json
new file mode 100644
index 00000000000..117564ef77a
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/boards.json
@@ -0,0 +1,4 @@
+{
+  "type": "array",
+  "items": { "$ref": "board.json" }
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/pages_domain/basic.json b/spec/fixtures/api/schemas/public_api/v4/pages_domain/basic.json
index 4ba6422406c..e8c17298b43 100644
--- a/spec/fixtures/api/schemas/public_api/v4/pages_domain/basic.json
+++ b/spec/fixtures/api/schemas/public_api/v4/pages_domain/basic.json
@@ -3,6 +3,7 @@
   "properties": {
     "domain": { "type": "string" },
     "url": { "type": "uri" },
+    "project_id": { "type": "integer" },
     "certificate_expiration": {
       "type": "object",
       "properties": {
@@ -13,6 +14,6 @@
       "additionalProperties": false
     }
   },
-  "required": ["domain", "url"],
+  "required": ["domain", "url", "project_id"],
   "additionalProperties": false
 }
diff --git a/spec/fixtures/api/schemas/public_api/v4/user/basic.json b/spec/fixtures/api/schemas/public_api/v4/user/basic.json
index 9f69d31971c..bf330d8278c 100644
--- a/spec/fixtures/api/schemas/public_api/v4/user/basic.json
+++ b/spec/fixtures/api/schemas/public_api/v4/user/basic.json
@@ -1,5 +1,5 @@
 {
-  "type": "object",
+  "type": ["object", "null"],
   "required": [
     "id",
     "state",
diff --git a/spec/javascripts/groups/components/item_actions_spec.js b/spec/javascripts/groups/components/item_actions_spec.js
index 7a5c1da4d1d..6d6fb410859 100644
--- a/spec/javascripts/groups/components/item_actions_spec.js
+++ b/spec/javascripts/groups/components/item_actions_spec.js
@@ -47,17 +47,11 @@ describe('ItemActionsComponent', () => {
       it('should change `modalStatus` prop to `false` and emit `leaveGroup` event with required params when called with `leaveConfirmed` as `true`', () => {
         spyOn(eventHub, '$emit');
         vm.modalStatus = true;
-        vm.leaveGroup(true);
-        expect(vm.modalStatus).toBeFalsy();
-        expect(eventHub.$emit).toHaveBeenCalledWith('leaveGroup', vm.group, vm.parentGroup);
-      });
 
-      it('should change `modalStatus` prop to `false` and should NOT emit `leaveGroup` event when called with `leaveConfirmed` as `false`', () => {
-        spyOn(eventHub, '$emit');
-        vm.modalStatus = true;
-        vm.leaveGroup(false);
+        vm.leaveGroup();
+
         expect(vm.modalStatus).toBeFalsy();
-        expect(eventHub.$emit).not.toHaveBeenCalled();
+        expect(eventHub.$emit).toHaveBeenCalledWith('leaveGroup', vm.group, vm.parentGroup);
       });
     });
   });
diff --git a/spec/javascripts/lib/utils/text_utility_spec.js b/spec/javascripts/lib/utils/text_utility_spec.js
index 1f46c225071..6f8dad6b835 100644
--- a/spec/javascripts/lib/utils/text_utility_spec.js
+++ b/spec/javascripts/lib/utils/text_utility_spec.js
@@ -62,4 +62,14 @@ describe('text_utility', () => {
       expect(textUtils.slugify('João')).toEqual('joão');
     });
   });
+
+  describe('stripeHtml', () => {
+    it('replaces html tag with the default replacement', () => {
+      expect(textUtils.stripeHtml('This is a text with <p>html</p>.')).toEqual('This is a text with html.');
+    });
+
+    it('replaces html tags with the provided replacement', () => {
+      expect(textUtils.stripeHtml('This is a text with <p>html</p>.', ' ')).toEqual('This is a text with  html .');
+    });
+  });
 });
diff --git a/spec/javascripts/profile/account/components/delete_account_modal_spec.js b/spec/javascripts/profile/account/components/delete_account_modal_spec.js
index 2e94948cfb2..588b61196a5 100644
--- a/spec/javascripts/profile/account/components/delete_account_modal_spec.js
+++ b/spec/javascripts/profile/account/components/delete_account_modal_spec.js
@@ -51,7 +51,7 @@ describe('DeleteAccountModal component', () => {
       Vue.nextTick()
         .then(() => {
           expect(vm.enteredPassword).toBe(input.value);
-          expect(submitButton).toHaveClass('disabled');
+          expect(submitButton).toHaveAttr('disabled', 'disabled');
           submitButton.click();
           expect(form.submit).not.toHaveBeenCalled();
         })
@@ -68,7 +68,7 @@ describe('DeleteAccountModal component', () => {
       Vue.nextTick()
         .then(() => {
           expect(vm.enteredPassword).toBe(input.value);
-          expect(submitButton).not.toHaveClass('disabled');
+          expect(submitButton).not.toHaveAttr('disabled', 'disabled');
           submitButton.click();
           expect(form.submit).toHaveBeenCalled();
         })
@@ -101,7 +101,7 @@ describe('DeleteAccountModal component', () => {
       Vue.nextTick()
         .then(() => {
           expect(vm.enteredUsername).toBe(input.value);
-          expect(submitButton).toHaveClass('disabled');
+          expect(submitButton).toHaveAttr('disabled', 'disabled');
           submitButton.click();
           expect(form.submit).not.toHaveBeenCalled();
         })
@@ -118,7 +118,7 @@ describe('DeleteAccountModal component', () => {
       Vue.nextTick()
         .then(() => {
           expect(vm.enteredUsername).toBe(input.value);
-          expect(submitButton).not.toHaveClass('disabled');
+          expect(submitButton).not.toHaveAttr('disabled', 'disabled');
           submitButton.click();
           expect(form.submit).toHaveBeenCalled();
         })
diff --git a/spec/javascripts/projects/project_new_spec.js b/spec/javascripts/projects/project_new_spec.js
index 850768f0e4f..c314ca8ab72 100644
--- a/spec/javascripts/projects/project_new_spec.js
+++ b/spec/javascripts/projects/project_new_spec.js
@@ -6,8 +6,12 @@ describe('New Project', () => {
 
   beforeEach(() => {
     setFixtures(`
-      <input id="project_import_url" />
-      <input id="project_path" />
+      <div class='toggle-import-form'>
+        <div class='import-url-data'>
+          <input id="project_import_url" />
+          <input id="project_path" />
+        </div>
+      </div>
     `);
 
     $projectImportUrl = $('#project_import_url');
@@ -25,7 +29,7 @@ describe('New Project', () => {
     it('does not change project path for disabled $projectImportUrl', () => {
       $projectImportUrl.attr('disabled', true);
 
-      projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+      projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
       expect($projectPath.val()).toEqual(dummyImportUrl);
     });
@@ -38,7 +42,7 @@ describe('New Project', () => {
       it('does not change project path if it is set by user', () => {
         $projectPath.keyup();
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual(dummyImportUrl);
       });
@@ -46,7 +50,7 @@ describe('New Project', () => {
       it('does not change project path for empty $projectImportUrl', () => {
         $projectImportUrl.val('');
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual(dummyImportUrl);
       });
@@ -54,7 +58,7 @@ describe('New Project', () => {
       it('does not change project path for whitespace $projectImportUrl', () => {
         $projectImportUrl.val('   ');
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual(dummyImportUrl);
       });
@@ -62,7 +66,7 @@ describe('New Project', () => {
       it('does not change project path for $projectImportUrl without slashes', () => {
         $projectImportUrl.val('has-no-slash');
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual(dummyImportUrl);
       });
@@ -70,7 +74,7 @@ describe('New Project', () => {
       it('changes project path to last $projectImportUrl component', () => {
         $projectImportUrl.val('/this/is/last');
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual('last');
       });
@@ -78,7 +82,7 @@ describe('New Project', () => {
       it('ignores trailing slashes in $projectImportUrl', () => {
         $projectImportUrl.val('/has/trailing/slash/');
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual('slash');
       });
@@ -86,7 +90,7 @@ describe('New Project', () => {
       it('ignores fragment identifier in $projectImportUrl', () => {
         $projectImportUrl.val('/this/has/a#fragment-identifier/');
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual('a');
       });
@@ -94,7 +98,7 @@ describe('New Project', () => {
       it('ignores query string in $projectImportUrl', () => {
         $projectImportUrl.val('/url/with?query=string');
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual('with');
       });
@@ -102,7 +106,7 @@ describe('New Project', () => {
       it('ignores trailing .git in $projectImportUrl', () => {
         $projectImportUrl.val('/repository.git');
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual('repository');
       });
@@ -110,7 +114,7 @@ describe('New Project', () => {
       it('changes project path for HTTPS URL in $projectImportUrl', () => {
         $projectImportUrl.val('https://username:password@gitlab.company.com/group/project.git');
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual('project');
       });
@@ -118,7 +122,7 @@ describe('New Project', () => {
       it('changes project path for SSH URL in $projectImportUrl', () => {
         $projectImportUrl.val('git@gitlab.com:gitlab-org/gitlab-ce.git');
 
-        projectNew.deriveProjectPathFromUrl($projectImportUrl, $projectPath);
+        projectNew.deriveProjectPathFromUrl($projectImportUrl);
 
         expect($projectPath.val()).toEqual('gitlab-ce');
       });
diff --git a/spec/javascripts/repo/components/new_dropdown/index_spec.js b/spec/javascripts/repo/components/new_dropdown/index_spec.js
index b001c1655b4..6efbbf6d75e 100644
--- a/spec/javascripts/repo/components/new_dropdown/index_spec.js
+++ b/spec/javascripts/repo/components/new_dropdown/index_spec.js
@@ -57,16 +57,17 @@ describe('new dropdown component', () => {
     });
   });
 
-  describe('toggleModalOpen', () => {
+  describe('hideModal', () => {
+    beforeAll((done) => {
+      vm.openModal = true;
+      Vue.nextTick(done);
+    });
+
     it('closes modal after toggling', (done) => {
-      vm.toggleModalOpen();
+      vm.hideModal();
 
       Vue.nextTick()
         .then(() => {
-          expect(vm.$el.querySelector('.modal')).not.toBeNull();
-        })
-        .then(vm.toggleModalOpen)
-        .then(() => {
           expect(vm.$el.querySelector('.modal')).toBeNull();
         })
         .then(done)
diff --git a/spec/javascripts/vue_mr_widget/components/mr_widget_rebase_spec.js b/spec/javascripts/vue_mr_widget/components/mr_widget_rebase_spec.js
new file mode 100644
index 00000000000..66ecaa316c8
--- /dev/null
+++ b/spec/javascripts/vue_mr_widget/components/mr_widget_rebase_spec.js
@@ -0,0 +1,115 @@
+import Vue from 'vue';
+import eventHub from '~/vue_merge_request_widget/event_hub';
+import component from '~/vue_merge_request_widget/components/states/mr_widget_rebase.vue';
+import mountComponent from '../../helpers/vue_mount_component_helper';
+
+describe('Merge request widget rebase component', () => {
+  let Component;
+  let vm;
+  beforeEach(() => {
+    Component = Vue.extend(component);
+  });
+
+  afterEach(() => {
+    vm.$destroy();
+  });
+
+  describe('While rebasing', () => {
+    it('should show progress message', () => {
+      vm = mountComponent(Component, {
+        mr: { rebaseInProgress: true },
+        service: {},
+      });
+
+      expect(
+        vm.$el.querySelector('.rebase-state-find-class-convention span').textContent.trim(),
+      ).toContain('Rebase in progress');
+    });
+  });
+
+  describe('With permissions', () => {
+    beforeEach(() => {
+      vm = mountComponent(Component, {
+        mr: {
+          rebaseInProgress: false,
+          canPushToSourceBranch: true,
+        },
+        service: {},
+      });
+    });
+
+    it('it should render rebase button and warning message', () => {
+      const text = vm.$el.querySelector('.rebase-state-find-class-convention span').textContent.trim();
+      expect(text).toContain('Fast-forward merge is not possible.');
+      expect(text).toContain('Rebase the source branch onto the target branch or merge target');
+      expect(text).toContain('branch into source branch to allow this merge request to be merged.');
+    });
+
+    it('it should render error message when it fails', (done) => {
+      vm.rebasingError = 'Something went wrong!';
+
+      Vue.nextTick(() => {
+        expect(
+          vm.$el.querySelector('.rebase-state-find-class-convention span').textContent.trim(),
+        ).toContain('Something went wrong!');
+        done();
+      });
+    });
+  });
+
+  describe('Without permissions', () => {
+    it('should render a message explaining user does not have permissions', () => {
+      vm = mountComponent(Component, {
+        mr: {
+          rebaseInProgress: false,
+          canPushToSourceBranch: false,
+          targetBranch: 'foo',
+        },
+        service: {},
+      });
+
+      const text = vm.$el.querySelector('.rebase-state-find-class-convention span').textContent.trim();
+
+      expect(text).toContain('Fast-forward merge is not possible.');
+      expect(text).toContain('Rebase the source branch onto');
+      expect(text).toContain('foo');
+      expect(text).toContain('to allow this merge request to be merged.');
+    });
+  });
+
+  describe('methods', () => {
+    it('checkRebaseStatus', (done) => {
+      spyOn(eventHub, '$emit');
+      vm = mountComponent(Component, {
+        mr: {},
+        service: {
+          rebase() {
+            return Promise.resolve();
+          },
+          poll() {
+            return Promise.resolve({
+              data: {
+                rebase_in_progress: false,
+                merge_error: null,
+              },
+            });
+          },
+        },
+      });
+
+      vm.rebase();
+
+      // Wait for the rebase request
+      vm.$nextTick()
+        // Wait for the polling request
+        .then(vm.$nextTick())
+        // Wait for the eventHub to be called
+        .then(vm.$nextTick())
+        .then(() => {
+          expect(eventHub.$emit).toHaveBeenCalledWith('MRWidgetUpdateRequested');
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+  });
+});
diff --git a/spec/javascripts/vue_shared/components/expand_button_spec.js b/spec/javascripts/vue_shared/components/expand_button_spec.js
new file mode 100644
index 00000000000..a33ab689dd1
--- /dev/null
+++ b/spec/javascripts/vue_shared/components/expand_button_spec.js
@@ -0,0 +1,32 @@
+import Vue from 'vue';
+import expandButton from '~/vue_shared/components/expand_button.vue';
+import mountComponent from '../../helpers/vue_mount_component_helper';
+
+describe('expand button', () => {
+  let vm;
+
+  beforeEach(() => {
+    const Component = Vue.extend(expandButton);
+    vm = mountComponent(Component, {
+      slots: {
+        expanded: '<p>Expanded!</p>',
+      },
+    });
+  });
+
+  afterEach(() => {
+    vm.$destroy();
+  });
+
+  it('renders a collpased button', () => {
+    expect(vm.$el.textContent.trim()).toEqual('...');
+  });
+
+  it('hides expander on click', (done) => {
+    vm.$el.querySelector('button').click();
+    vm.$nextTick(() => {
+      expect(vm.$el.querySelector('button').getAttribute('style')).toEqual('display: none;');
+      done();
+    });
+  });
+});
diff --git a/spec/javascripts/vue_shared/components/modal_spec.js b/spec/javascripts/vue_shared/components/modal_spec.js
index 721f4044659..fe75a86cac8 100644
--- a/spec/javascripts/vue_shared/components/modal_spec.js
+++ b/spec/javascripts/vue_shared/components/modal_spec.js
@@ -2,11 +2,65 @@ import Vue from 'vue';
 import modal from '~/vue_shared/components/modal.vue';
 import mountComponent from '../../helpers/vue_mount_component_helper';
 
+const modalComponent = Vue.extend(modal);
+
 describe('Modal', () => {
-  it('does not render a primary button if no primaryButtonLabel', () => {
-    const modalComponent = Vue.extend(modal);
-    const vm = mountComponent(modalComponent);
+  let vm;
+
+  afterEach(() => {
+    vm.$destroy();
+  });
+
+  describe('props', () => {
+    describe('without primaryButtonLabel', () => {
+      beforeEach(() => {
+        vm = mountComponent(modalComponent, {
+          primaryButtonLabel: null,
+        });
+      });
+
+      it('does not render a primary button', () => {
+        expect(vm.$el.querySelector('.js-primary-button')).toBeNull();
+      });
+    });
+
+    describe('with id', () => {
+      it('does not render a primary button', () => {
+        beforeEach(() => {
+          vm = mountComponent(modalComponent, {
+            id: 'my-modal',
+          });
+        });
+
+        it('assigns the id to the modal', () => {
+          expect(vm.$el.querySelector('#my-modal.modal')).not.toBeNull();
+        });
+
+        it('does not show the modal immediately', () => {
+          expect(vm.$el.querySelector('#my-modal.modal')).not.toHaveClass('show');
+        });
+
+        it('does not show a backdrop', () => {
+          expect(vm.$el.querySelector('modal-backdrop')).toBeNull();
+        });
+      });
+    });
+
+    it('works with data-toggle="modal"', (done) => {
+      setFixtures(`
+        <button id="modal-button" data-toggle="modal" data-target="#my-modal"></button>
+        <div id="modal-container"></div>
+      `);
+
+      const modalContainer = document.getElementById('modal-container');
+      const modalButton = document.getElementById('modal-button');
+      vm = mountComponent(modalComponent, {
+        id: 'my-modal',
+      }, modalContainer);
+      const modalElement = vm.$el.querySelector('#my-modal');
+      $(modalElement).on('shown.bs.modal', () => done());
 
-    expect(vm.$el.querySelector('.js-primary-button')).toBeNull();
+      modalButton.click();
+    });
   });
 });
diff --git a/spec/lib/banzai/filter/mermaid_filter_spec.rb b/spec/lib/banzai/filter/mermaid_filter_spec.rb
index 532d25e121d..f6474c8936d 100644
--- a/spec/lib/banzai/filter/mermaid_filter_spec.rb
+++ b/spec/lib/banzai/filter/mermaid_filter_spec.rb
@@ -3,9 +3,9 @@ require 'spec_helper'
 describe Banzai::Filter::MermaidFilter do
   include FilterSpecHelper
 
-  it 'adds `js-render-mermaid` class to the `pre` tag' do
+  it 'adds `js-render-mermaid` class to the `code` tag' do
     doc = filter("<pre class='code highlight js-syntax-highlight mermaid' lang='mermaid' v-pre='true'><code>graph TD;\n  A--&gt;B;\n</code></pre>")
-    result = doc.xpath('descendant-or-self::pre').first
+    result = doc.css('code').first
 
     expect(result[:class]).to include('js-render-mermaid')
   end
diff --git a/spec/lib/gitlab/background_migration/prepare_untracked_uploads_spec.rb b/spec/lib/gitlab/background_migration/prepare_untracked_uploads_spec.rb
index cd3f1a45270..8bb9ebe0419 100644
--- a/spec/lib/gitlab/background_migration/prepare_untracked_uploads_spec.rb
+++ b/spec/lib/gitlab/background_migration/prepare_untracked_uploads_spec.rb
@@ -2,21 +2,10 @@ require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::PrepareUntrackedUploads, :sidekiq do
   include TrackUntrackedUploadsHelpers
+  include MigrationsHelpers
 
   let!(:untracked_files_for_uploads) { described_class::UntrackedFile }
 
-  matcher :be_scheduled_migration do |*expected|
-    match do |migration|
-      BackgroundMigrationWorker.jobs.any? do |job|
-        job['args'] == [migration, expected]
-      end
-    end
-
-    failure_message do |migration|
-      "Migration `#{migration}` with args `#{expected.inspect}` not scheduled!"
-    end
-  end
-
   before do
     DatabaseCleaner.clean
 
diff --git a/spec/lib/gitlab/encoding_helper_spec.rb b/spec/lib/gitlab/encoding_helper_spec.rb
index 87ec2698fc1..4e9367323cb 100644
--- a/spec/lib/gitlab/encoding_helper_spec.rb
+++ b/spec/lib/gitlab/encoding_helper_spec.rb
@@ -120,6 +120,24 @@ describe Gitlab::EncodingHelper do
     it 'returns empty string on conversion errors' do
       expect { ext_class.encode_utf8('') }.not_to raise_error(ArgumentError)
     end
+
+    context 'with strings that can be forcefully encoded into utf8' do
+      let(:test_string) do
+        "refs/heads/FixSymbolsTitleDropdown".encode("ASCII-8BIT")
+      end
+      let(:expected_string) do
+        "refs/heads/FixSymbolsTitleDropdown".encode("UTF-8")
+      end
+
+      subject { ext_class.encode_utf8(test_string) }
+
+      it "doesn't use CharlockHolmes if the encoding can be forced into utf_8" do
+        expect(CharlockHolmes::EncodingDetector).not_to receive(:detect)
+
+        expect(subject).to eq(expected_string)
+        expect(subject.encoding.name).to eq('UTF-8')
+      end
+    end
   end
 
   describe '#clean' do
diff --git a/spec/lib/gitlab/git/blob_spec.rb b/spec/lib/gitlab/git/blob_spec.rb
index c04a9688503..7f5946b1658 100644
--- a/spec/lib/gitlab/git/blob_spec.rb
+++ b/spec/lib/gitlab/git/blob_spec.rb
@@ -202,16 +202,6 @@ describe Gitlab::Git::Blob, seed_helper: true do
     context 'limiting' do
       subject { described_class.batch(repository, blob_references, blob_size_limit: blob_size_limit) }
 
-      context 'default' do
-        let(:blob_size_limit) { nil }
-
-        it 'limits to MAX_DATA_DISPLAY_SIZE' do
-          stub_const('Gitlab::Git::Blob::MAX_DATA_DISPLAY_SIZE', 100)
-
-          expect(subject.first.data.size).to eq(100)
-        end
-      end
-
       context 'positive' do
         let(:blob_size_limit) { 10 }
 
@@ -221,7 +211,10 @@ describe Gitlab::Git::Blob, seed_helper: true do
       context 'zero' do
         let(:blob_size_limit) { 0 }
 
-        it { expect(subject.first.data).to eq('') }
+        it 'only loads the metadata' do
+          expect(subject.first.size).not_to be(0)
+          expect(subject.first.data).to eq('')
+        end
       end
 
       context 'negative' do
diff --git a/spec/lib/gitlab/git/repository_spec.rb b/spec/lib/gitlab/git/repository_spec.rb
index faccc2c8e00..f94234f6010 100644
--- a/spec/lib/gitlab/git/repository_spec.rb
+++ b/spec/lib/gitlab/git/repository_spec.rb
@@ -1030,12 +1030,50 @@ describe Gitlab::Git::Repository, seed_helper: true do
         end
       end
 
+      context 'with max_count' do
+        it 'returns the number of commits with path ' do
+          options = { ref: 'master', max_count: 5 }
+
+          expect(repository.count_commits(options)).to eq(5)
+        end
+      end
+
       context 'with path' do
         it 'returns the number of commits with path ' do
-          options = { ref: 'master', path: "encoding" }
+          options = { ref: 'master', path: 'encoding' }
+
+          expect(repository.count_commits(options)).to eq(2)
+        end
+      end
+
+      context 'with option :from and option :to' do
+        it 'returns the number of commits ahead for fix-mode..fix-blob-path' do
+          options = { from: 'fix-mode', to: 'fix-blob-path' }
 
           expect(repository.count_commits(options)).to eq(2)
         end
+
+        it 'returns the number of commits ahead for fix-blob-path..fix-mode' do
+          options = { from: 'fix-blob-path', to: 'fix-mode' }
+
+          expect(repository.count_commits(options)).to eq(1)
+        end
+
+        context 'with option :left_right' do
+          it 'returns the number of commits for fix-mode...fix-blob-path' do
+            options = { from: 'fix-mode', to: 'fix-blob-path', left_right: true }
+
+            expect(repository.count_commits(options)).to eq([1, 2])
+          end
+
+          context 'with max_count' do
+            it 'returns the number of commits with path ' do
+              options = { from: 'fix-mode', to: 'fix-blob-path', left_right: true, max_count: 1 }
+
+              expect(repository.count_commits(options)).to eq([1, 1])
+            end
+          end
+        end
       end
 
       context 'with max_count' do
diff --git a/spec/lib/gitlab/ldap/adapter_spec.rb b/spec/lib/gitlab/ldap/adapter_spec.rb
index d9ddb4326be..6132abd9b35 100644
--- a/spec/lib/gitlab/ldap/adapter_spec.rb
+++ b/spec/lib/gitlab/ldap/adapter_spec.rb
@@ -16,7 +16,7 @@ describe Gitlab::LDAP::Adapter do
       expect(adapter).to receive(:ldap_search) do |arg|
         expect(arg[:filter].to_s).to eq('(uid=johndoe)')
         expect(arg[:base]).to eq('dc=example,dc=com')
-        expect(arg[:attributes]).to match(%w{dn uid cn mail email userPrincipalName})
+        expect(arg[:attributes]).to match(ldap_attributes)
       end.and_return({})
 
       adapter.users('uid', 'johndoe')
@@ -26,7 +26,7 @@ describe Gitlab::LDAP::Adapter do
       expect(adapter).to receive(:ldap_search).with(
         base: 'uid=johndoe,ou=users,dc=example,dc=com',
         scope: Net::LDAP::SearchScope_BaseObject,
-        attributes: %w{dn uid cn mail email userPrincipalName},
+        attributes: ldap_attributes,
         filter: nil
       ).and_return({})
 
@@ -63,7 +63,7 @@ describe Gitlab::LDAP::Adapter do
     it 'uses the right uid attribute when non-default' do
       stub_ldap_config(uid: 'sAMAccountName')
       expect(adapter).to receive(:ldap_search).with(
-        hash_including(attributes: %w{dn sAMAccountName cn mail email userPrincipalName})
+        hash_including(attributes: ldap_attributes)
       ).and_return({})
 
       adapter.users('sAMAccountName', 'johndoe')
@@ -137,4 +137,8 @@ describe Gitlab::LDAP::Adapter do
       end
     end
   end
+
+  def ldap_attributes
+    Gitlab::LDAP::Person.ldap_attributes(Gitlab::LDAP::Config.new('ldapmain'))
+  end
 end
diff --git a/spec/lib/gitlab/ldap/person_spec.rb b/spec/lib/gitlab/ldap/person_spec.rb
index d204050ef66..ff29d9aa5be 100644
--- a/spec/lib/gitlab/ldap/person_spec.rb
+++ b/spec/lib/gitlab/ldap/person_spec.rb
@@ -8,13 +8,16 @@ describe Gitlab::LDAP::Person do
   before do
     stub_ldap_config(
       options: {
+        'uid'        => 'uid',
         'attributes' => {
-          'name' => 'cn',
-          'email' => %w(mail email userPrincipalName)
+          'name'     => 'cn',
+          'email'    => %w(mail email userPrincipalName),
+          'username' => username_attribute
         }
       }
     )
   end
+  let(:username_attribute) { %w(uid sAMAccountName userid) }
 
   describe '.normalize_dn' do
     subject { described_class.normalize_dn(given) }
@@ -44,6 +47,34 @@ describe Gitlab::LDAP::Person do
     end
   end
 
+  describe '.ldap_attributes' do
+    it 'returns a compact and unique array' do
+      stub_ldap_config(
+        options: {
+          'uid'        => nil,
+          'attributes' => {
+            'name'     => 'cn',
+            'email'    => 'mail',
+            'username' => %w(uid mail memberof)
+          }
+        }
+      )
+      config = Gitlab::LDAP::Config.new('ldapmain')
+      ldap_attributes = described_class.ldap_attributes(config)
+
+      expect(ldap_attributes).to match_array(%w(dn uid cn mail memberof))
+    end
+  end
+
+  describe '.validate_entry' do
+    it 'raises InvalidEntryError' do
+      entry['foo'] = 'bar'
+
+      expect { described_class.new(entry, 'ldapmain') }
+        .to raise_error(Gitlab::LDAP::Person::InvalidEntryError)
+    end
+  end
+
   describe '#name' do
     it 'uses the configured name attribute and handles values as an array' do
       name = 'John Doe'
@@ -72,6 +103,44 @@ describe Gitlab::LDAP::Person do
     end
   end
 
+  describe '#username' do
+    context 'with default uid username attribute' do
+      let(:username_attribute) { 'uid' }
+
+      it 'returns the proper username value' do
+        attr_value = 'johndoe'
+        entry[username_attribute] = attr_value
+        person = described_class.new(entry, 'ldapmain')
+
+        expect(person.username).to eq(attr_value)
+      end
+    end
+
+    context 'with a different username attribute' do
+      let(:username_attribute) { 'sAMAccountName' }
+
+      it 'returns the proper username value' do
+        attr_value = 'johndoe'
+        entry[username_attribute] = attr_value
+        person = described_class.new(entry, 'ldapmain')
+
+        expect(person.username).to eq(attr_value)
+      end
+    end
+
+    context 'with a non-standard username attribute' do
+      let(:username_attribute) { 'mail' }
+
+      it 'returns the proper username value' do
+        attr_value = 'john.doe@example.com'
+        entry[username_attribute] = attr_value
+        person = described_class.new(entry, 'ldapmain')
+
+        expect(person.username).to eq(attr_value)
+      end
+    end
+  end
+
   def assert_generic_test(test_description, got, expected)
     test_failure_message = "Failed test description: '#{test_description}'\n\n    expected: #{expected}\n         got: #{got}"
     expect(got).to eq(expected), test_failure_message
diff --git a/spec/lib/gitlab/o_auth/user_spec.rb b/spec/lib/gitlab/o_auth/user_spec.rb
index 6334bcd0156..45fff4c5787 100644
--- a/spec/lib/gitlab/o_auth/user_spec.rb
+++ b/spec/lib/gitlab/o_auth/user_spec.rb
@@ -275,6 +275,26 @@ describe Gitlab::OAuth::User do
             end
           end
 
+          context 'and a corresponding LDAP person with a non-default username' do
+            before do
+              allow(ldap_user).to receive(:uid) { uid }
+              allow(ldap_user).to receive(:username) { 'johndoe@example.com' }
+              allow(ldap_user).to receive(:email) { %w(johndoe@example.com john2@example.com) }
+              allow(ldap_user).to receive(:dn) { dn }
+            end
+
+            context 'and no account for the LDAP user' do
+              it 'creates a user favoring the LDAP username and strips email domain' do
+                allow(Gitlab::LDAP::Person).to receive(:find_by_uid).and_return(ldap_user)
+
+                oauth_user.save
+
+                expect(gl_user).to be_valid
+                expect(gl_user.username).to eql 'johndoe'
+              end
+            end
+          end
+
           context "and no corresponding LDAP person" do
             before do
               allow(Gitlab::LDAP::Person).to receive(:find_by_uid).and_return(nil)
diff --git a/spec/migrations/migrate_stage_id_reference_in_background_spec.rb b/spec/migrations/migrate_stage_id_reference_in_background_spec.rb
index 9b92f4b70b0..a837498e1b1 100644
--- a/spec/migrations/migrate_stage_id_reference_in_background_spec.rb
+++ b/spec/migrations/migrate_stage_id_reference_in_background_spec.rb
@@ -35,9 +35,9 @@ describe MigrateStageIdReferenceInBackground, :migration, :sidekiq do
       Timecop.freeze do
         migrate!
 
-        expect(described_class::MIGRATION).to be_scheduled_migration(2.minutes, 1, 2)
-        expect(described_class::MIGRATION).to be_scheduled_migration(2.minutes, 3, 3)
-        expect(described_class::MIGRATION).to be_scheduled_migration(4.minutes, 4, 5)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(2.minutes, 1, 2)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(2.minutes, 3, 3)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(4.minutes, 4, 5)
         expect(BackgroundMigrationWorker.jobs.size).to eq 3
       end
     end
diff --git a/spec/migrations/migrate_stages_statuses_spec.rb b/spec/migrations/migrate_stages_statuses_spec.rb
index 094c9bc604e..79d2708f9ad 100644
--- a/spec/migrations/migrate_stages_statuses_spec.rb
+++ b/spec/migrations/migrate_stages_statuses_spec.rb
@@ -50,9 +50,9 @@ describe MigrateStagesStatuses, :migration do
       Timecop.freeze do
         migrate!
 
-        expect(described_class::MIGRATION).to be_scheduled_migration(5.minutes, 1, 1)
-        expect(described_class::MIGRATION).to be_scheduled_migration(5.minutes, 2, 2)
-        expect(described_class::MIGRATION).to be_scheduled_migration(10.minutes, 3, 3)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(5.minutes, 1, 1)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(5.minutes, 2, 2)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(10.minutes, 3, 3)
         expect(BackgroundMigrationWorker.jobs.size).to eq 3
       end
     end
diff --git a/spec/migrations/schedule_create_gpg_key_subkeys_from_gpg_keys_spec.rb b/spec/migrations/schedule_create_gpg_key_subkeys_from_gpg_keys_spec.rb
index 0e884a7d910..65ec07da31c 100644
--- a/spec/migrations/schedule_create_gpg_key_subkeys_from_gpg_keys_spec.rb
+++ b/spec/migrations/schedule_create_gpg_key_subkeys_from_gpg_keys_spec.rb
@@ -2,18 +2,6 @@ require 'spec_helper'
 require Rails.root.join('db', 'post_migrate', '20171005130944_schedule_create_gpg_key_subkeys_from_gpg_keys')
 
 describe ScheduleCreateGpgKeySubkeysFromGpgKeys, :migration, :sidekiq do
-  matcher :be_scheduled_migration do |*expected|
-    match do |migration|
-      BackgroundMigrationWorker.jobs.any? do |job|
-        job['args'] == [migration, expected]
-      end
-    end
-
-    failure_message do |migration|
-      "Migration `#{migration}` with args `#{expected.inspect}` not scheduled!"
-    end
-  end
-
   before do
     create(:gpg_key, id: 1, key: GpgHelpers::User1.public_key)
     create(:gpg_key, id: 2, key: GpgHelpers::User3.public_key)
diff --git a/spec/migrations/schedule_merge_request_diff_migrations_spec.rb b/spec/migrations/schedule_merge_request_diff_migrations_spec.rb
index 76afb6c19cf..d230f064444 100644
--- a/spec/migrations/schedule_merge_request_diff_migrations_spec.rb
+++ b/spec/migrations/schedule_merge_request_diff_migrations_spec.rb
@@ -24,9 +24,9 @@ describe ScheduleMergeRequestDiffMigrations, :migration, :sidekiq do
       Timecop.freeze do
         migrate!
 
-        expect(described_class::MIGRATION).to be_scheduled_migration(5.minutes, 1, 1)
-        expect(described_class::MIGRATION).to be_scheduled_migration(10.minutes, 2, 2)
-        expect(described_class::MIGRATION).to be_scheduled_migration(15.minutes, 4, 4)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(5.minutes, 1, 1)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(10.minutes, 2, 2)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(15.minutes, 4, 4)
         expect(BackgroundMigrationWorker.jobs.size).to eq 3
       end
     end
diff --git a/spec/migrations/schedule_merge_request_diff_migrations_take_two_spec.rb b/spec/migrations/schedule_merge_request_diff_migrations_take_two_spec.rb
index cf323973384..1aab4ae1650 100644
--- a/spec/migrations/schedule_merge_request_diff_migrations_take_two_spec.rb
+++ b/spec/migrations/schedule_merge_request_diff_migrations_take_two_spec.rb
@@ -24,9 +24,9 @@ describe ScheduleMergeRequestDiffMigrationsTakeTwo, :migration, :sidekiq do
       Timecop.freeze do
         migrate!
 
-        expect(described_class::MIGRATION).to be_scheduled_migration(10.minutes, 1, 1)
-        expect(described_class::MIGRATION).to be_scheduled_migration(20.minutes, 2, 2)
-        expect(described_class::MIGRATION).to be_scheduled_migration(30.minutes, 4, 4)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(10.minutes, 1, 1)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(20.minutes, 2, 2)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(30.minutes, 4, 4)
         expect(BackgroundMigrationWorker.jobs.size).to eq 3
       end
     end
diff --git a/spec/migrations/schedule_merge_request_latest_merge_request_diff_id_migrations_spec.rb b/spec/migrations/schedule_merge_request_latest_merge_request_diff_id_migrations_spec.rb
index 158d0bc02ed..c9fdbe95d13 100644
--- a/spec/migrations/schedule_merge_request_latest_merge_request_diff_id_migrations_spec.rb
+++ b/spec/migrations/schedule_merge_request_latest_merge_request_diff_id_migrations_spec.rb
@@ -44,9 +44,9 @@ describe ScheduleMergeRequestLatestMergeRequestDiffIdMigrations, :migration, :si
       Timecop.freeze do
         migrate!
 
-        expect(described_class::MIGRATION).to be_scheduled_migration(5.minutes, merge_request_1.id, merge_request_1.id)
-        expect(described_class::MIGRATION).to be_scheduled_migration(10.minutes, merge_request_2.id, merge_request_2.id)
-        expect(described_class::MIGRATION).to be_scheduled_migration(15.minutes, merge_request_4.id, merge_request_4.id)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(5.minutes, merge_request_1.id, merge_request_1.id)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(10.minutes, merge_request_2.id, merge_request_2.id)
+        expect(described_class::MIGRATION).to be_scheduled_delayed_migration(15.minutes, merge_request_4.id, merge_request_4.id)
         expect(BackgroundMigrationWorker.jobs.size).to eq 3
       end
     end
diff --git a/spec/migrations/schedule_populate_merge_request_metrics_with_events_data_spec.rb b/spec/migrations/schedule_populate_merge_request_metrics_with_events_data_spec.rb
index 97e089c5cb8..2e6b2cff0ab 100644
--- a/spec/migrations/schedule_populate_merge_request_metrics_with_events_data_spec.rb
+++ b/spec/migrations/schedule_populate_merge_request_metrics_with_events_data_spec.rb
@@ -12,10 +12,10 @@ describe SchedulePopulateMergeRequestMetricsWithEventsData, :migration, :sidekiq
         migrate!
 
         expect(described_class::MIGRATION)
-          .to be_scheduled_migration(10.minutes, mrs.first.id, mrs.second.id)
+          .to be_scheduled_delayed_migration(10.minutes, mrs.first.id, mrs.second.id)
 
         expect(described_class::MIGRATION)
-          .to be_scheduled_migration(20.minutes, mrs.third.id, mrs.third.id)
+          .to be_scheduled_delayed_migration(20.minutes, mrs.third.id, mrs.third.id)
 
         expect(BackgroundMigrationWorker.jobs.size).to eq(2)
       end
diff --git a/spec/migrations/track_untracked_uploads_spec.rb b/spec/migrations/track_untracked_uploads_spec.rb
index 7fe7a140e2f..fe4d5b8a279 100644
--- a/spec/migrations/track_untracked_uploads_spec.rb
+++ b/spec/migrations/track_untracked_uploads_spec.rb
@@ -4,18 +4,6 @@ require Rails.root.join('db', 'post_migrate', '20171103140253_track_untracked_up
 describe TrackUntrackedUploads, :migration, :sidekiq do
   include TrackUntrackedUploadsHelpers
 
-  matcher :be_scheduled_migration do
-    match do |migration|
-      BackgroundMigrationWorker.jobs.any? do |job|
-        job['args'] == [migration]
-      end
-    end
-
-    failure_message do |migration|
-      "Migration `#{migration}` with args `#{expected.inspect}` not scheduled!"
-    end
-  end
-
   it 'correctly schedules the follow-up background migration' do
     Sidekiq::Testing.fake! do
       migrate!
diff --git a/spec/models/concerns/deployment_platform_spec.rb b/spec/models/concerns/deployment_platform_spec.rb
new file mode 100644
index 00000000000..7bb89fe41dc
--- /dev/null
+++ b/spec/models/concerns/deployment_platform_spec.rb
@@ -0,0 +1,73 @@
+require 'rails_helper'
+
+describe DeploymentPlatform do
+  let(:project) { create(:project) }
+
+  describe '#deployment_platform' do
+    subject { project.deployment_platform }
+
+    context 'with no Kubernetes configuration on CI/CD, no Kubernetes Service and a Kubernetes template configured' do
+      let!(:kubernetes_service) { create(:kubernetes_service, template: true) }
+
+      it 'returns a platform kubernetes' do
+        expect(subject).to be_a_kind_of(Clusters::Platforms::Kubernetes)
+      end
+
+      it 'creates a cluster and a platform kubernetes' do
+        expect { subject }
+          .to change { Clusters::Cluster.count }.by(1)
+          .and change { Clusters::Platforms::Kubernetes.count }.by(1)
+      end
+
+      it 'includes appropriate attributes for Cluster' do
+        cluster = subject.cluster
+        expect(cluster.name).to eq('kubernetes-template')
+        expect(cluster.project).to eq(project)
+        expect(cluster.provider_type).to eq('user')
+        expect(cluster.platform_type).to eq('kubernetes')
+      end
+
+      it 'creates a platform kubernetes' do
+        expect { subject }.to change { Clusters::Platforms::Kubernetes.count }.by(1)
+      end
+
+      it 'copies attributes from Clusters::Platform::Kubernetes template into the new Cluster::Platforms::Kubernetes' do
+        expect(subject.api_url).to eq(kubernetes_service.api_url)
+        expect(subject.ca_pem).to eq(kubernetes_service.ca_pem)
+        expect(subject.token).to eq(kubernetes_service.token)
+        expect(subject.namespace).to eq(kubernetes_service.namespace)
+      end
+    end
+
+    context 'with no Kubernetes configuration on CI/CD, no Kubernetes Service and no Kubernetes template configured' do
+      it { is_expected.to be_nil }
+    end
+
+    context 'when user configured kubernetes from CI/CD > Clusters' do
+      let!(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) }
+      let(:platform_kubernetes) { cluster.platform_kubernetes }
+
+      it 'returns the Kubernetes platform' do
+        expect(subject).to eq(platform_kubernetes)
+      end
+    end
+
+    context 'when user configured kubernetes integration from project services' do
+      let!(:kubernetes_service) { create(:kubernetes_service, project: project) }
+
+      it 'returns the Kubernetes service' do
+        expect(subject).to eq(kubernetes_service)
+      end
+    end
+
+    context 'when the cluster creation fails' do
+      let!(:kubernetes_service) { create(:kubernetes_service, template: true) }
+
+      before do
+        allow_any_instance_of(Clusters::Cluster).to receive(:persisted?).and_return(false)
+      end
+
+      it { is_expected.to be_nil }
+    end
+  end
+end
diff --git a/spec/models/merge_request_spec.rb b/spec/models/merge_request_spec.rb
index d8ebd46faab..07b3e1c1758 100644
--- a/spec/models/merge_request_spec.rb
+++ b/spec/models/merge_request_spec.rb
@@ -1903,4 +1903,50 @@ describe MergeRequest do
       end
     end
   end
+
+  describe '#should_be_rebased?' do
+    let(:project) { create(:project, :repository) }
+
+    it 'returns false for the same source and target branches' do
+      merge_request = create(:merge_request, source_project: project, target_project: project)
+
+      expect(merge_request.should_be_rebased?).to be_falsey
+    end
+  end
+
+  describe '#rebase_in_progress?' do
+    # Create merge request and project before we stub file calls
+    before do
+      subject
+    end
+
+    it 'returns true when there is a current rebase directory' do
+      allow(File).to receive(:exist?).and_return(true)
+      allow(File).to receive(:mtime).and_return(Time.now)
+
+      expect(subject.rebase_in_progress?).to be_truthy
+    end
+
+    it 'returns false when there is no rebase directory' do
+      allow(File).to receive(:exist?).and_return(false)
+
+      expect(subject.rebase_in_progress?).to be_falsey
+    end
+
+    it 'returns false when the rebase directory has expired' do
+      allow(File).to receive(:exist?).and_return(true)
+      allow(File).to receive(:mtime).and_return(20.minutes.ago)
+
+      expect(subject.rebase_in_progress?).to be_falsey
+    end
+
+    it 'returns false when the source project has been removed' do
+      allow(subject).to receive(:source_project).and_return(nil)
+      allow(File).to receive(:exist?).and_return(true)
+      allow(File).to receive(:mtime).and_return(Time.now)
+
+      expect(File).not_to have_received(:exist?)
+      expect(subject.rebase_in_progress?).to be_falsey
+    end
+  end
 end
diff --git a/spec/models/namespace_spec.rb b/spec/models/namespace_spec.rb
index 0678cae9b93..b3f160f3119 100644
--- a/spec/models/namespace_spec.rb
+++ b/spec/models/namespace_spec.rb
@@ -250,9 +250,13 @@ describe Namespace do
 
       parent.update(path: 'mygroup_new')
 
-      expect(project_in_parent_group.repo.config['gitlab.fullpath']).to eq "mygroup_new/#{project_in_parent_group.path}"
-      expect(hashed_project_in_subgroup.repo.config['gitlab.fullpath']).to eq "mygroup_new/mysubgroup/#{hashed_project_in_subgroup.path}"
-      expect(legacy_project_in_subgroup.repo.config['gitlab.fullpath']).to eq "mygroup_new/mysubgroup/#{legacy_project_in_subgroup.path}"
+      expect(project_rugged(project_in_parent_group).config['gitlab.fullpath']).to eq "mygroup_new/#{project_in_parent_group.path}"
+      expect(project_rugged(hashed_project_in_subgroup).config['gitlab.fullpath']).to eq "mygroup_new/mysubgroup/#{hashed_project_in_subgroup.path}"
+      expect(project_rugged(legacy_project_in_subgroup).config['gitlab.fullpath']).to eq "mygroup_new/mysubgroup/#{legacy_project_in_subgroup.path}"
+    end
+
+    def project_rugged(project)
+      project.repository.rugged
     end
   end
 
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index cea22bbd184..32f40f8c365 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -418,14 +418,21 @@ describe Project do
   end
 
   describe '#merge_method' do
-    it 'returns "ff" merge_method when ff is enabled' do
-      project = build(:project, merge_requests_ff_only_enabled: true)
-      expect(project.merge_method).to be :ff
+    using RSpec::Parameterized::TableSyntax
+
+    where(:ff, :rebase, :method) do
+      true  | true  | :ff
+      true  | false | :ff
+      false | true  | :rebase_merge
+      false | false | :merge
     end
 
-    it 'returns "merge" merge_method when ff is disabled' do
-      project = build(:project, merge_requests_ff_only_enabled: false)
-      expect(project.merge_method).to be :merge
+    with_them do
+      let(:project) { build(:project, merge_requests_rebase_enabled: rebase, merge_requests_ff_only_enabled: ff) }
+
+      subject { project.merge_method }
+
+      it { is_expected.to eq(method) }
     end
   end
 
@@ -2632,7 +2639,7 @@ describe Project do
 
         project.rename_repo
 
-        expect(project.repo.config['gitlab.fullpath']).to eq(project.full_path)
+        expect(project.repository.rugged.config['gitlab.fullpath']).to eq(project.full_path)
       end
     end
 
@@ -2793,7 +2800,7 @@ describe Project do
       it 'updates project full path in .git/config' do
         project.rename_repo
 
-        expect(project.repo.config['gitlab.fullpath']).to eq(project.full_path)
+        expect(project.repository.rugged.config['gitlab.fullpath']).to eq(project.full_path)
       end
     end
 
@@ -3137,38 +3144,19 @@ describe Project do
     end
   end
 
-  describe '#deployment_platform' do
-    subject { project.deployment_platform }
-
-    let(:project) { create(:project) }
-
-    context 'when user configured kubernetes from Integration > Kubernetes' do
-      let!(:kubernetes_service) { create(:kubernetes_service, project: project) }
-
-      it { is_expected.to eq(kubernetes_service) }
-    end
-
-    context 'when user configured kubernetes from CI/CD > Clusters' do
-      let!(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) }
-      let(:platform_kubernetes) { cluster.platform_kubernetes }
-
-      it { is_expected.to eq(platform_kubernetes) }
-    end
-  end
-
   describe '#write_repository_config' do
     set(:project) { create(:project, :repository) }
 
     it 'writes full path in .git/config when key is missing' do
       project.write_repository_config
 
-      expect(project.repo.config['gitlab.fullpath']).to eq project.full_path
+      expect(project.repository.rugged.config['gitlab.fullpath']).to eq project.full_path
     end
 
     it 'updates full path in .git/config when key is present' do
       project.write_repository_config(gl_full_path: 'old/path')
 
-      expect { project.write_repository_config }.to change { project.repo.config['gitlab.fullpath'] }.from('old/path').to(project.full_path)
+      expect { project.write_repository_config }.to change { project.repository.rugged.config['gitlab.fullpath'] }.from('old/path').to(project.full_path)
     end
 
     it 'does not raise an error with an empty repository' do
diff --git a/spec/models/repository_spec.rb b/spec/models/repository_spec.rb
index 9a68ae086ea..48a75c9885b 100644
--- a/spec/models/repository_spec.rb
+++ b/spec/models/repository_spec.rb
@@ -2215,6 +2215,15 @@ describe Repository do
     end
   end
 
+  describe '#diverging_commit_counts' do
+    it 'returns the commit counts behind and ahead of default branch' do
+      result = repository.diverging_commit_counts(
+        repository.find_branch('fix'))
+
+      expect(result).to eq(behind: 29, ahead: 2)
+    end
+  end
+
   describe '#cache_method_output', :use_clean_rails_memory_store_caching do
     let(:fallback) { 10 }
 
diff --git a/spec/models/service_spec.rb b/spec/models/service_spec.rb
index 540615de117..ab6678cab38 100644
--- a/spec/models/service_spec.rb
+++ b/spec/models/service_spec.rb
@@ -272,4 +272,12 @@ describe Service do
       expect(service.deprecation_message).to be_nil
     end
   end
+
+  describe '.find_by_template' do
+    let!(:kubernetes_service) { create(:kubernetes_service, template: true) }
+
+    it 'returns service template' do
+      expect(KubernetesService.find_by_template).to eq(kubernetes_service)
+    end
+  end
 end
diff --git a/spec/presenters/merge_request_presenter_spec.rb b/spec/presenters/merge_request_presenter_spec.rb
index 969c4753f33..e3b37739e8e 100644
--- a/spec/presenters/merge_request_presenter_spec.rb
+++ b/spec/presenters/merge_request_presenter_spec.rb
@@ -404,4 +404,67 @@ describe MergeRequestPresenter do
         .to eq("<a href=\"/#{resource.source_project.full_path}/tree/#{resource.source_branch}\">#{resource.source_branch}</a>")
     end
   end
+
+  describe '#rebase_path' do
+    before do
+      allow(resource).to receive(:rebase_in_progress?) { rebase_in_progress }
+      allow(resource).to receive(:should_be_rebased?) { should_be_rebased }
+
+      allow_any_instance_of(Gitlab::UserAccess::RequestCacheExtension)
+        .to receive(:can_push_to_branch?)
+        .with(resource.source_branch)
+        .and_return(can_push_to_branch)
+    end
+
+    subject do
+      described_class.new(resource, current_user: user).rebase_path
+    end
+
+    context 'when can rebase' do
+      let(:rebase_in_progress) { false }
+      let(:can_push_to_branch) { true }
+      let(:should_be_rebased) { true }
+
+      before do
+        allow(resource).to receive(:source_branch_exists?) { true }
+      end
+
+      it 'returns path' do
+        is_expected
+          .to eq("/#{project.full_path}/merge_requests/#{resource.iid}/rebase")
+      end
+    end
+
+    context 'when cannot rebase' do
+      context 'when rebase in progress' do
+        let(:rebase_in_progress) { true }
+        let(:can_push_to_branch) { true }
+        let(:should_be_rebased) { true }
+
+        it 'returns nil' do
+          is_expected.to be_nil
+        end
+      end
+
+      context 'when user cannot merge' do
+        let(:rebase_in_progress) { false }
+        let(:can_push_to_branch) { false }
+        let(:should_be_rebased) { true }
+
+        it 'returns nil' do
+          is_expected.to be_nil
+        end
+      end
+
+      context 'should not be rebased' do
+        let(:rebase_in_progress) { false }
+        let(:can_push_to_branch) { true }
+        let(:should_be_rebased) { false }
+
+        it 'returns nil' do
+          is_expected.to be_nil
+        end
+      end
+    end
+  end
 end
diff --git a/spec/requests/api/boards_spec.rb b/spec/requests/api/boards_spec.rb
index f65af69dc7f..c6c10025f7f 100644
--- a/spec/requests/api/boards_spec.rb
+++ b/spec/requests/api/boards_spec.rb
@@ -6,18 +6,18 @@ describe API::Boards do
   set(:non_member)  { create(:user) }
   set(:guest)       { create(:user) }
   set(:admin)       { create(:user, :admin) }
-  set(:project)    { create(:project, :public, creator_id: user.id, namespace: user.namespace ) }
+  set(:board_parent) { create(:project, :public, creator_id: user.id, namespace: user.namespace ) }
 
   set(:dev_label) do
-    create(:label, title: 'Development', color: '#FFAABB', project: project)
+    create(:label, title: 'Development', color: '#FFAABB', project: board_parent)
   end
 
   set(:test_label) do
-    create(:label, title: 'Testing', color: '#FFAACC', project: project)
+    create(:label, title: 'Testing', color: '#FFAACC', project: board_parent)
   end
 
   set(:ux_label) do
-    create(:label, title: 'UX', color: '#FF0000', project: project)
+    create(:label, title: 'UX', color: '#FF0000', project: board_parent)
   end
 
   set(:dev_list) do
@@ -28,180 +28,25 @@ describe API::Boards do
     create(:list, label: test_label, position: 2)
   end
 
-  set(:board) do
-    create(:board, project: project, lists: [dev_list, test_list])
-  end
-
-  before do
-    project.add_reporter(user)
-    project.add_guest(guest)
-  end
+  set(:milestone) { create(:milestone, project: board_parent) }
+  set(:board_label) { create(:label, project: board_parent) }
+  set(:board) { create(:board, project: board_parent, lists: [dev_list, test_list]) }
 
-  describe "GET /projects/:id/boards" do
-    let(:base_url) { "/projects/#{project.id}/boards" }
+  it_behaves_like 'group and project boards',  "/projects/:id/boards"
 
-    context "when unauthenticated" do
-      it "returns authentication error" do
-        get api(base_url)
-
-        expect(response).to have_gitlab_http_status(401)
-      end
-    end
-
-    context "when authenticated" do
-      it "returns the project issue board" do
-        get api(base_url, user)
-
-        expect(response).to have_gitlab_http_status(200)
-        expect(response).to include_pagination_headers
-        expect(json_response).to be_an Array
-        expect(json_response.length).to eq(1)
-        expect(json_response.first['id']).to eq(board.id)
-        expect(json_response.first['lists']).to be_an Array
-        expect(json_response.first['lists'].length).to eq(2)
-        expect(json_response.first['lists'].last).to have_key('position')
-      end
-    end
-  end
-
-  describe "GET /projects/:id/boards/:board_id/lists" do
-    let(:base_url) { "/projects/#{project.id}/boards/#{board.id}/lists" }
-
-    it 'returns issue board lists' do
-      get api(base_url, user)
-
-      expect(response).to have_gitlab_http_status(200)
-      expect(response).to include_pagination_headers
-      expect(json_response).to be_an Array
-      expect(json_response.length).to eq(2)
-      expect(json_response.first['label']['name']).to eq(dev_label.title)
-    end
-
-    it 'returns 404 if board not found' do
-      get api("/projects/#{project.id}/boards/22343/lists", user)
-
-      expect(response).to have_gitlab_http_status(404)
-    end
-  end
-
-  describe "GET /projects/:id/boards/:board_id/lists/:list_id" do
-    let(:base_url) { "/projects/#{project.id}/boards/#{board.id}/lists" }
-
-    it 'returns a list' do
-      get api("#{base_url}/#{dev_list.id}", user)
-
-      expect(response).to have_gitlab_http_status(200)
-      expect(json_response['id']).to eq(dev_list.id)
-      expect(json_response['label']['name']).to eq(dev_label.title)
-      expect(json_response['position']).to eq(1)
-    end
-
-    it 'returns 404 if list not found' do
-      get api("#{base_url}/5324", user)
-
-      expect(response).to have_gitlab_http_status(404)
-    end
-  end
-
-  describe "POST /projects/:id/board/lists" do
-    let(:base_url) { "/projects/#{project.id}/boards/#{board.id}/lists" }
+  describe "POST /projects/:id/boards/lists" do
+    let(:url) { "/projects/#{board_parent.id}/boards/#{board.id}/lists" }
 
     it 'creates a new issue board list for group labels' do
       group = create(:group)
       group_label = create(:group_label, group: group)
-      project.update(group: group)
+      board_parent.update(group: group)
 
-      post api(base_url, user), label_id: group_label.id
+      post api(url, user), label_id: group_label.id
 
       expect(response).to have_gitlab_http_status(201)
       expect(json_response['label']['name']).to eq(group_label.title)
       expect(json_response['position']).to eq(3)
     end
-
-    it 'creates a new issue board list for project labels' do
-      post api(base_url, user), label_id: ux_label.id
-
-      expect(response).to have_gitlab_http_status(201)
-      expect(json_response['label']['name']).to eq(ux_label.title)
-      expect(json_response['position']).to eq(3)
-    end
-
-    it 'returns 400 when creating a new list if label_id is invalid' do
-      post api(base_url, user), label_id: 23423
-
-      expect(response).to have_gitlab_http_status(400)
-    end
-
-    it 'returns 403 for project members with guest role' do
-      put api("#{base_url}/#{test_list.id}", guest), position: 1
-
-      expect(response).to have_gitlab_http_status(403)
-    end
-  end
-
-  describe "PUT /projects/:id/boards/:board_id/lists/:list_id to update only position" do
-    let(:base_url) { "/projects/#{project.id}/boards/#{board.id}/lists" }
-
-    it "updates a list" do
-      put api("#{base_url}/#{test_list.id}", user),
-        position: 1
-
-      expect(response).to have_gitlab_http_status(200)
-      expect(json_response['position']).to eq(1)
-    end
-
-    it "returns 404 error if list id not found" do
-      put api("#{base_url}/44444", user),
-        position: 1
-
-      expect(response).to have_gitlab_http_status(404)
-    end
-
-    it "returns 403 for project members with guest role" do
-      put api("#{base_url}/#{test_list.id}", guest),
-        position: 1
-
-      expect(response).to have_gitlab_http_status(403)
-    end
-  end
-
-  describe "DELETE /projects/:id/board/lists/:list_id" do
-    let(:base_url) { "/projects/#{project.id}/boards/#{board.id}/lists" }
-
-    it "rejects a non member from deleting a list" do
-      delete api("#{base_url}/#{dev_list.id}", non_member)
-
-      expect(response).to have_gitlab_http_status(403)
-    end
-
-    it "rejects a user with guest role from deleting a list" do
-      delete api("#{base_url}/#{dev_list.id}", guest)
-
-      expect(response).to have_gitlab_http_status(403)
-    end
-
-    it "returns 404 error if list id not found" do
-      delete api("#{base_url}/44444", user)
-
-      expect(response).to have_gitlab_http_status(404)
-    end
-
-    context "when the user is project owner" do
-      set(:owner) { create(:user) }
-
-      before do
-        project.update(namespace: owner.namespace)
-      end
-
-      it "deletes the list if an admin requests it" do
-        delete api("#{base_url}/#{dev_list.id}", owner)
-
-        expect(response).to have_gitlab_http_status(204)
-      end
-
-      it_behaves_like '412 response' do
-        let(:request) { api("#{base_url}/#{dev_list.id}", owner) }
-      end
-    end
   end
 end
diff --git a/spec/requests/api/issues_spec.rb b/spec/requests/api/issues_spec.rb
index 00d9c795619..320217f2032 100644
--- a/spec/requests/api/issues_spec.rb
+++ b/spec/requests/api/issues_spec.rb
@@ -1582,4 +1582,16 @@ describe API::Issues, :mailer do
     expect(json_response).to be_an Array
     expect(json_response.length).to eq(size) if size
   end
+
+  describe 'GET projects/:id/issues/:issue_iid/participants' do
+    it_behaves_like 'issuable participants endpoint' do
+      let(:entity) { issue }
+    end
+
+    it 'returns 404 if the issue is confidential' do
+      post api("/projects/#{project.id}/issues/#{confidential_issue.iid}/participants", non_member)
+
+      expect(response).to have_gitlab_http_status(404)
+    end
+  end
 end
diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb
index ef3f610740d..0c9fbb1f187 100644
--- a/spec/requests/api/merge_requests_spec.rb
+++ b/spec/requests/api/merge_requests_spec.rb
@@ -500,6 +500,12 @@ describe API::MergeRequests do
     end
   end
 
+  describe 'GET /projects/:id/merge_requests/:merge_request_iid/participants' do
+    it_behaves_like 'issuable participants endpoint' do
+      let(:entity) { merge_request }
+    end
+  end
+
   describe 'GET /projects/:id/merge_requests/:merge_request_iid/commits' do
     it 'returns a 200 when merge request is valid' do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/commits", user)
diff --git a/spec/requests/api/pages_domains_spec.rb b/spec/requests/api/pages_domains_spec.rb
index d412b045e9f..5d01dc37f0e 100644
--- a/spec/requests/api/pages_domains_spec.rb
+++ b/spec/requests/api/pages_domains_spec.rb
@@ -46,6 +46,7 @@ describe API::PagesDomains do
           expect(json_response).to be_an Array
           expect(json_response.size).to eq(3)
           expect(json_response.last).to have_key('domain')
+          expect(json_response.last).to have_key('project_id')
           expect(json_response.last).to have_key('certificate_expiration')
           expect(json_response.last['certificate_expiration']['expired']).to be true
           expect(json_response.first).not_to have_key('certificate_expiration')
diff --git a/spec/serializers/merge_request_widget_entity_spec.rb b/spec/serializers/merge_request_widget_entity_spec.rb
index e25552eb0d8..80a271ba7fb 100644
--- a/spec/serializers/merge_request_widget_entity_spec.rb
+++ b/spec/serializers/merge_request_widget_entity_spec.rb
@@ -190,4 +190,20 @@ describe MergeRequestWidgetEntity do
       end
     end
   end
+
+  describe 'when source project is deleted' do
+    let(:project) { create(:project, :repository) }
+    let(:fork_project) { create(:project, :repository, forked_from_project: project) }
+    let(:merge_request) { create(:merge_request, source_project: fork_project, target_project: project) }
+
+    it 'returns a blank rebase_path' do
+      allow(merge_request).to receive(:should_be_rebased?).and_return(true)
+      fork_project.destroy
+      merge_request.reload
+
+      entity = described_class.new(merge_request, request: request).as_json
+
+      expect(entity[:rebase_path]).to be_nil
+    end
+  end
 end
diff --git a/spec/services/merge_requests/rebase_service_spec.rb b/spec/services/merge_requests/rebase_service_spec.rb
new file mode 100644
index 00000000000..d1b37cdd073
--- /dev/null
+++ b/spec/services/merge_requests/rebase_service_spec.rb
@@ -0,0 +1,134 @@
+require 'spec_helper'
+
+describe MergeRequests::RebaseService do
+  include ProjectForksHelper
+
+  let(:user) { create(:user) }
+  let(:merge_request) do
+    create(:merge_request,
+           source_branch: 'feature_conflict',
+           target_branch: 'master')
+  end
+  let(:project) { merge_request.project }
+  let(:repository) { project.repository.raw }
+
+  subject(:service) { described_class.new(project, user, {}) }
+
+  before do
+    project.add_master(user)
+  end
+
+  describe '#execute' do
+    context 'when another rebase is already in progress' do
+      before do
+        allow(merge_request).to receive(:rebase_in_progress?).and_return(true)
+      end
+
+      it 'saves the error message' do
+        subject.execute(merge_request)
+
+        expect(merge_request.reload.merge_error).to eq 'Rebase task canceled: Another rebase is already in progress'
+      end
+
+      it 'returns an error' do
+        expect(service.execute(merge_request)).to match(status: :error,
+                                                        message: 'Failed to rebase. Should be done manually')
+      end
+    end
+
+    context 'when unexpected error occurs' do
+      before do
+        allow(repository).to receive(:run_git!).and_raise('Something went wrong')
+      end
+
+      it 'saves the error message' do
+        subject.execute(merge_request)
+
+        expect(merge_request.reload.merge_error).to eq 'Something went wrong'
+      end
+
+      it 'returns an error' do
+        expect(service.execute(merge_request)).to match(status: :error,
+                                                        message: 'Failed to rebase. Should be done manually')
+      end
+    end
+
+    context 'with git command failure' do
+      before do
+        allow(repository).to receive(:run_git!).and_raise(Gitlab::Git::Repository::GitError, 'Something went wrong')
+      end
+
+      it 'saves the error message' do
+        subject.execute(merge_request)
+
+        expect(merge_request.reload.merge_error).to eq 'Something went wrong'
+      end
+
+      it 'returns an error' do
+        expect(service.execute(merge_request)).to match(status: :error,
+                                                        message: 'Failed to rebase. Should be done manually')
+      end
+    end
+
+    context 'valid params' do
+      before do
+        service.execute(merge_request)
+      end
+
+      it 'rebases source branch' do
+        parent_sha = merge_request.source_project.repository.commit(merge_request.source_branch).parents.first.sha
+        target_branch_sha = merge_request.target_project.repository.commit(merge_request.target_branch).sha
+        expect(parent_sha).to eq(target_branch_sha)
+      end
+
+      it 'records the new SHA on the merge request' do
+        head_sha = merge_request.source_project.repository.commit(merge_request.source_branch).sha
+        expect(merge_request.reload.rebase_commit_sha).to eq(head_sha)
+      end
+
+      it 'logs correct author and commiter' do
+        head_commit = merge_request.source_project.repository.commit(merge_request.source_branch)
+
+        expect(head_commit.author_email).to eq('dmitriy.zaporozhets@gmail.com')
+        expect(head_commit.author_name).to eq('Dmitriy Zaporozhets')
+        expect(head_commit.committer_email).to eq(user.email)
+        expect(head_commit.committer_name).to eq(user.name)
+      end
+
+      context 'git commands' do
+        it 'sets GL_REPOSITORY env variable when calling git commands' do
+          expect(repository).to receive(:popen).exactly(3)
+            .with(anything, anything, hash_including('GL_REPOSITORY'))
+            .and_return(['', 0])
+
+          service.execute(merge_request)
+        end
+      end
+
+      context 'fork' do
+        let(:forked_project) do
+          fork_project(project, user, repository: true)
+        end
+
+        let(:merge_request_from_fork) do
+          forked_project.repository.create_file(
+            user,
+            'new-file-to-target',
+            '',
+            message: 'Add new file to target',
+            branch_name: 'master')
+
+          create(:merge_request,
+                 source_branch: 'master', source_project: forked_project,
+                 target_branch: 'master', target_project: project)
+        end
+
+        it 'rebases source branch' do
+          parent_sha = forked_project.repository.commit(merge_request_from_fork.source_branch).parents.first.sha
+          target_branch_sha = project.repository.commit(merge_request_from_fork.target_branch).sha
+          expect(parent_sha).to eq(target_branch_sha)
+        end
+      end
+    end
+  end
+end
diff --git a/spec/services/projects/create_service_spec.rb b/spec/services/projects/create_service_spec.rb
index 1833078f37c..9a44dfde41b 100644
--- a/spec/services/projects/create_service_spec.rb
+++ b/spec/services/projects/create_service_spec.rb
@@ -255,7 +255,7 @@ describe Projects::CreateService, '#execute' do
   it 'writes project full path to .git/config' do
     project = create_project(user, opts)
 
-    expect(project.repo.config['gitlab.fullpath']).to eq project.full_path
+    expect(project.repository.rugged.config['gitlab.fullpath']).to eq project.full_path
   end
 
   def create_project(user, opts)
diff --git a/spec/services/projects/hashed_storage/migrate_repository_service_spec.rb b/spec/services/projects/hashed_storage/migrate_repository_service_spec.rb
index ded864beb1d..7b536cc05cb 100644
--- a/spec/services/projects/hashed_storage/migrate_repository_service_spec.rb
+++ b/spec/services/projects/hashed_storage/migrate_repository_service_spec.rb
@@ -37,7 +37,7 @@ describe Projects::HashedStorage::MigrateRepositoryService do
       it 'writes project full path to .git/config' do
         service.execute
 
-        expect(project.repo.config['gitlab.fullpath']).to eq project.full_path
+        expect(project.repository.rugged.config['gitlab.fullpath']).to eq project.full_path
       end
     end
 
diff --git a/spec/services/projects/transfer_service_spec.rb b/spec/services/projects/transfer_service_spec.rb
index 7377c748698..39f6388c25e 100644
--- a/spec/services/projects/transfer_service_spec.rb
+++ b/spec/services/projects/transfer_service_spec.rb
@@ -58,7 +58,7 @@ describe Projects::TransferService do
     it 'updates project full path in .git/config' do
       transfer_project(project, user, group)
 
-      expect(project.repo.config['gitlab.fullpath']).to eq "#{group.full_path}/#{project.path}"
+      expect(project.repository.rugged.config['gitlab.fullpath']).to eq "#{group.full_path}/#{project.path}"
     end
   end
 
@@ -95,7 +95,7 @@ describe Projects::TransferService do
     it 'rolls back project full path in .git/config' do
       attempt_project_transfer
 
-      expect(project.repo.config['gitlab.fullpath']).to eq project.full_path
+      expect(project.repository.rugged.config['gitlab.fullpath']).to eq project.full_path
     end
 
     it "doesn't send move notifications" do
diff --git a/spec/support/api/boards_shared_examples.rb b/spec/support/api/boards_shared_examples.rb
new file mode 100644
index 00000000000..943c1f6ffd7
--- /dev/null
+++ b/spec/support/api/boards_shared_examples.rb
@@ -0,0 +1,180 @@
+shared_examples_for 'group and project boards' do |route_definition, ee = false|
+  let(:root_url) { route_definition.gsub(":id", board_parent.id.to_s) }
+
+  before do
+    board_parent.add_reporter(user)
+    board_parent.add_guest(guest)
+  end
+
+  def expect_schema_match_for(response, schema_file, ee)
+    if ee
+      expect(response).to match_response_schema(schema_file, dir: "ee")
+    else
+      expect(response).to match_response_schema(schema_file)
+    end
+  end
+
+  describe "GET #{route_definition}" do
+    context "when unauthenticated" do
+      it "returns authentication error" do
+        get api(root_url)
+
+        expect(response).to have_gitlab_http_status(401)
+      end
+    end
+
+    context "when authenticated" do
+      it "returns the issue boards" do
+        get api(root_url, user)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(response).to include_pagination_headers
+
+        expect_schema_match_for(response, 'public_api/v4/boards', ee)
+      end
+
+      describe "GET #{route_definition}/:board_id" do
+        let(:url) { "#{root_url}/#{board.id}" }
+
+        it 'get a single board by id' do
+          get api(url, user)
+
+          expect_schema_match_for(response, 'public_api/v4/board', ee)
+        end
+      end
+    end
+  end
+
+  describe "GET #{route_definition}/:board_id/lists" do
+    let(:url) { "#{root_url}/#{board.id}/lists" }
+
+    it 'returns issue board lists' do
+      get api(url, user)
+
+      expect(response).to have_gitlab_http_status(200)
+      expect(response).to include_pagination_headers
+      expect(json_response).to be_an Array
+      expect(json_response.length).to eq(2)
+      expect(json_response.first['label']['name']).to eq(dev_label.title)
+    end
+
+    it 'returns 404 if board not found' do
+      get api("#{root_url}/22343/lists", user)
+
+      expect(response).to have_gitlab_http_status(404)
+    end
+  end
+
+  describe "GET #{route_definition}/:board_id/lists/:list_id" do
+    let(:url) { "#{root_url}/#{board.id}/lists" }
+
+    it 'returns a list' do
+      get api("#{url}/#{dev_list.id}", user)
+
+      expect(response).to have_gitlab_http_status(200)
+      expect(json_response['id']).to eq(dev_list.id)
+      expect(json_response['label']['name']).to eq(dev_label.title)
+      expect(json_response['position']).to eq(1)
+    end
+
+    it 'returns 404 if list not found' do
+      get api("#{url}/5324", user)
+
+      expect(response).to have_gitlab_http_status(404)
+    end
+  end
+
+  describe "POST #{route_definition}/lists" do
+    let(:url) { "#{root_url}/#{board.id}/lists" }
+
+    it 'creates a new issue board list for labels' do
+      post api(url, user), label_id: ux_label.id
+
+      expect(response).to have_gitlab_http_status(201)
+      expect(json_response['label']['name']).to eq(ux_label.title)
+      expect(json_response['position']).to eq(3)
+    end
+
+    it 'returns 400 when creating a new list if label_id is invalid' do
+      post api(url, user), label_id: 23423
+
+      expect(response).to have_gitlab_http_status(400)
+    end
+
+    it 'returns 403 for members with guest role' do
+      put api("#{url}/#{test_list.id}", guest), position: 1
+
+      expect(response).to have_gitlab_http_status(403)
+    end
+  end
+
+  describe "PUT #{route_definition}/:board_id/lists/:list_id to update only position" do
+    let(:url) { "#{root_url}/#{board.id}/lists" }
+
+    it "updates a list" do
+      put api("#{url}/#{test_list.id}", user),
+        position: 1
+
+      expect(response).to have_gitlab_http_status(200)
+      expect(json_response['position']).to eq(1)
+    end
+
+    it "returns 404 error if list id not found" do
+      put api("#{url}/44444", user),
+        position: 1
+
+      expect(response).to have_gitlab_http_status(404)
+    end
+
+    it "returns 403 for members with guest role" do
+      put api("#{url}/#{test_list.id}", guest),
+        position: 1
+
+      expect(response).to have_gitlab_http_status(403)
+    end
+  end
+
+  describe "DELETE #{route_definition}/lists/:list_id" do
+    let(:url) { "#{root_url}/#{board.id}/lists" }
+
+    it "rejects a non member from deleting a list" do
+      delete api("#{url}/#{dev_list.id}", non_member)
+
+      expect(response).to have_gitlab_http_status(403)
+    end
+
+    it "rejects a user with guest role from deleting a list" do
+      delete api("#{url}/#{dev_list.id}", guest)
+
+      expect(response).to have_gitlab_http_status(403)
+    end
+
+    it "returns 404 error if list id not found" do
+      delete api("#{url}/44444", user)
+
+      expect(response).to have_gitlab_http_status(404)
+    end
+
+    context "when the user is parent owner" do
+      set(:owner) { create(:user) }
+
+      before do
+        if board_parent.try(:namespace)
+          board_parent.update(namespace: owner.namespace)
+        else
+          board.parent.add_owner(owner)
+        end
+      end
+
+      it "deletes the list if an admin requests it" do
+        delete api("#{url}/#{dev_list.id}", owner)
+
+        expect(response).to have_gitlab_http_status(204)
+      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("#{url}/#{dev_list.id}", owner) }
+      end
+    end
+  end
+end
diff --git a/spec/support/background_migrations_matchers.rb b/spec/support/background_migrations_matchers.rb
index 423c0e4cefc..f4127efc6ae 100644
--- a/spec/support/background_migrations_matchers.rb
+++ b/spec/support/background_migrations_matchers.rb
@@ -1,4 +1,4 @@
-RSpec::Matchers.define :be_scheduled_migration do |delay, *expected|
+RSpec::Matchers.define :be_scheduled_delayed_migration do |delay, *expected|
   match do |migration|
     BackgroundMigrationWorker.jobs.any? do |job|
       job['args'] == [migration, expected] &&
@@ -11,3 +11,16 @@ RSpec::Matchers.define :be_scheduled_migration do |delay, *expected|
       'not scheduled in expected time!'
   end
 end
+
+RSpec::Matchers.define :be_scheduled_migration do |*expected|
+  match do |migration|
+    BackgroundMigrationWorker.jobs.any? do |job|
+      args = job['args'].size == 1 ? [BackgroundMigrationWorker.jobs[0]['args'][0], []] : job['args']
+      args == [migration, expected]
+    end
+  end
+
+  failure_message do |migration|
+    "Migration `#{migration}` with args `#{expected.inspect}` not scheduled!"
+  end
+end
diff --git a/spec/support/shared_examples/requests/api/issuable_participants_examples.rb b/spec/support/shared_examples/requests/api/issuable_participants_examples.rb
new file mode 100644
index 00000000000..96d59e0c472
--- /dev/null
+++ b/spec/support/shared_examples/requests/api/issuable_participants_examples.rb
@@ -0,0 +1,29 @@
+shared_examples 'issuable participants endpoint' do
+  let(:area) { entity.class.name.underscore.pluralize }
+
+  it 'returns participants' do
+    get api("/projects/#{project.id}/#{area}/#{entity.iid}/participants", user)
+
+    expect(response).to have_gitlab_http_status(200)
+    expect(response).to include_pagination_headers
+    expect(json_response).to be_an Array
+    expect(json_response.size).to eq(entity.participants.size)
+
+    last_participant = entity.participants.last
+    expect(json_response.last['id']).to eq(last_participant.id)
+    expect(json_response.last['name']).to eq(last_participant.name)
+    expect(json_response.last['username']).to eq(last_participant.username)
+  end
+
+  it 'returns a 404 when iid does not exist' do
+    get api("/projects/#{project.id}/#{area}/999/participants", user)
+
+    expect(response).to have_gitlab_http_status(404)
+  end
+
+  it 'returns a 404 when id is used instead of iid' do
+    get api("/projects/#{project.id}/#{area}/#{entity.id}/participants", user)
+
+    expect(response).to have_gitlab_http_status(404)
+  end
+end
diff --git a/spec/support/test_env.rb b/spec/support/test_env.rb
index 1d99746b09f..664698fcbaf 100644
--- a/spec/support/test_env.rb
+++ b/spec/support/test_env.rb
@@ -1,4 +1,5 @@
 require 'rspec/mocks'
+require 'toml'
 
 module TestEnv
   extend self
@@ -147,6 +148,9 @@ module TestEnv
       version: Gitlab::GitalyClient.expected_server_version,
       task: "gitlab:gitaly:install[#{gitaly_dir}]") do
 
+      # Always re-create config, in case it's outdated. This is fast anyway.
+      Gitlab::SetupHelper.create_gitaly_configuration(gitaly_dir, force: true)
+
       start_gitaly(gitaly_dir)
     end
   end
@@ -347,6 +351,9 @@ module TestEnv
   end
 
   def component_needs_update?(component_folder, expected_version)
+    # Allow local overrides of the component for tests during development
+    return false if Rails.env.test? && File.symlink?(component_folder)
+
     version = File.read(File.join(component_folder, 'VERSION')).strip
 
     # Notice that this will always yield true when using branch versions
diff --git a/spec/tasks/gitlab/git_rake_spec.rb b/spec/tasks/gitlab/git_rake_spec.rb
new file mode 100644
index 00000000000..dacc5dc5ae7
--- /dev/null
+++ b/spec/tasks/gitlab/git_rake_spec.rb
@@ -0,0 +1,38 @@
+require 'rake_helper'
+
+describe 'gitlab:git rake tasks' do
+  before do
+    Rake.application.rake_require 'tasks/gitlab/git'
+
+    storages = { 'default' => { 'path' => Settings.absolute('tmp/tests/default_storage') } }
+
+    FileUtils.mkdir_p(Settings.absolute('tmp/tests/default_storage/@hashed/1/2/test.git'))
+    allow(Gitlab.config.repositories).to receive(:storages).and_return(storages)
+    allow_any_instance_of(String).to receive(:color) { |string, _color| string }
+
+    stub_warn_user_is_not_gitlab
+  end
+
+  after do
+    FileUtils.rm_rf(Settings.absolute('tmp/tests/default_storage'))
+  end
+
+  describe 'fsck' do
+    it 'outputs the integrity check for a repo' do
+      expect { run_rake_task('gitlab:git:fsck') }.to output(/Performed Checking integrity at .*@hashed\/1\/2\/test.git/).to_stdout
+    end
+
+    it 'errors out about config.lock issues' do
+      FileUtils.touch(Settings.absolute('tmp/tests/default_storage/@hashed/1/2/test.git/config.lock'))
+
+      expect { run_rake_task('gitlab:git:fsck') }.to output(/file exists\? ... yes/).to_stdout
+    end
+
+    it 'errors out about ref lock issues' do
+      FileUtils.mkdir_p(Settings.absolute('tmp/tests/default_storage/@hashed/1/2/test.git/refs/heads'))
+      FileUtils.touch(Settings.absolute('tmp/tests/default_storage/@hashed/1/2/test.git/refs/heads/blah.lock'))
+
+      expect { run_rake_task('gitlab:git:fsck') }.to output(/Ref lock files exist:/).to_stdout
+    end
+  end
+end
diff --git a/spec/views/projects/merge_requests/show.html.haml_spec.rb b/spec/views/projects/merge_requests/show.html.haml_spec.rb
index 28d54c2fb77..264e0ce0b40 100644
--- a/spec/views/projects/merge_requests/show.html.haml_spec.rb
+++ b/spec/views/projects/merge_requests/show.html.haml_spec.rb
@@ -54,6 +54,8 @@ describe 'projects/merge_requests/show.html.haml' do
     it 'closes the merge request if the source project does not exist' do
       closed_merge_request.update_attributes(state: 'open')
       forked_project.destroy
+      # Reload merge request so MergeRequest#source_project turns to `nil`
+      closed_merge_request.reload
 
       render
 
diff --git a/spec/workers/rebase_worker_spec.rb b/spec/workers/rebase_worker_spec.rb
new file mode 100644
index 00000000000..20aff020dbb
--- /dev/null
+++ b/spec/workers/rebase_worker_spec.rb
@@ -0,0 +1,27 @@
+require 'spec_helper'
+
+describe RebaseWorker, '#perform' do
+  context 'when rebasing an MR from a fork where upstream has protected branches' do
+    let(:upstream_project) { create(:project, :repository) }
+    let(:fork_project) { create(:project, :repository) }
+
+    let(:merge_request) do
+      create(:merge_request,
+             source_project: fork_project,
+             source_branch: 'feature_conflict',
+             target_project: upstream_project,
+             target_branch: 'master')
+    end
+
+    before do
+      create(:forked_project_link, forked_to_project: fork_project, forked_from_project: upstream_project)
+    end
+
+    it 'sets the correct project for running hooks' do
+      expect(MergeRequests::RebaseService)
+        .to receive(:new).with(fork_project, merge_request.author).and_call_original
+
+      subject.perform(merge_request, merge_request.author)
+    end
+  end
+end
diff --git a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml
index 18910a46d11..06473fba8e1 100644
--- a/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml
+++ b/vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml
@@ -34,6 +34,10 @@ variables:
   POSTGRES_ENABLED: "true"
   POSTGRES_DB: $CI_ENVIRONMENT_SLUG
 
+  KUBERNETES_VERSION: 1.8.6
+  HELM_VERSION: 2.6.1
+  CODECLIMATE_VERSION: 0.69.0
+
 stages:
   - build
   - test
@@ -250,8 +254,8 @@ production:
              --volume /var/run/docker.sock:/var/run/docker.sock \
              --volume /tmp/cc:/tmp/cc"
 
-    docker run ${cc_opts} codeclimate/codeclimate:0.69.0 init
-    docker run ${cc_opts} codeclimate/codeclimate:0.69.0 analyze -f json > codeclimate.json
+    docker run ${cc_opts} "codeclimate/codeclimate:${CODECLIMATE_VERSION}" init
+    docker run ${cc_opts} "codeclimate/codeclimate:${CODECLIMATE_VERSION}" analyze -f json > codeclimate.json
   }
 
   function sast() {
@@ -323,11 +327,11 @@ production:
     apk add glibc-2.23-r3.apk
     rm glibc-2.23-r3.apk
 
-    curl https://kubernetes-helm.storage.googleapis.com/helm-v2.6.1-linux-amd64.tar.gz | tar zx
+    curl "https://kubernetes-helm.storage.googleapis.com/helm-v${HELM_VERSION}-linux-amd64.tar.gz" | tar zx
     mv linux-amd64/helm /usr/bin/
     helm version --client
 
-    curl -L -o /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
+    curl -L -o /usr/bin/kubectl "https://storage.googleapis.com/kubernetes-release/release/v${KUBERNETES_VERSION}/bin/linux/amd64/kubectl"
     chmod +x /usr/bin/kubectl
     kubectl version --client
   }