Merge branch 'master' into fix-restricted-visibility

Conflicts:
	db/schema.rb

11 files changed, 50 insertions, 17 deletions

diff --git a/doc/development/README.md b/doc/development/README.md
index c31e5d7ae97..d5d264be19d 100644
--- a/doc/development/README.md
+++ b/doc/development/README.md
@@ -5,3 +5,4 @@
 - [Rake tasks](rake_tasks.md) for development
 - [CI setup](ci_setup.md) for testing GitLab
 - [Sidekiq debugging](sidekiq_debugging.md)
+- [UI guide](ui_guide.md) for building GitLab with existing css styles and elements
diff --git a/doc/development/ui_guide.md b/doc/development/ui_guide.md
new file mode 100644
index 00000000000..2f01defc11d
--- /dev/null
+++ b/doc/development/ui_guide.md
@@ -0,0 +1,12 @@
+# UI Guide for building GitLab 
+
+## Best practices for creating new pages in GitLab
+
+TODO: write some best practices when develop GitLab features.
+
+## GitLab UI development kit
+
+We created a page inside GitLab where you can check commonly used html and css elements.
+
+When you run GitLab instance locally - just visit http://localhost:3000/help/ui page to see UI examples 
+you can use during GitLab development.
diff --git a/doc/install/requirements.md b/doc/install/requirements.md
index 5bdb9caa2bf..65ddb3e3cfb 100644
--- a/doc/install/requirements.md
+++ b/doc/install/requirements.md
@@ -80,7 +80,7 @@ It's possible to increase the amount of unicorn workers and tis will usually hel
 For most instances we recommend using: CPU cores + 1 = unicorn workers.
 So for a machine with 2 cores, 3 unicorn workers is ideal.
 
-For all machines that have 1GB and up we recommend a minimum of two unicorn workers.
+For all machines that have 1GB and up we recommend a minimum of three unicorn workers.
 If you have a 512MB machine with a magnetic (non-SSD) swap drive we recommend to configure only one Unicorn worker to prevent excessive swapping.
 With one Unicorn worker only git over ssh access will work because the git over HTTP access requires two running workers (one worker to receive the user request and one worker for the authorization check).
 If you have a 512MB machine with a SSD drive you can use two Unicorn workers, this will allow HTTP access although it will be slow due to swapping.
diff --git a/doc/integration/github.md b/doc/integration/github.md
index a9f1bc31bb4..b64501c2aaa 100644
--- a/doc/integration/github.md
+++ b/doc/integration/github.md
@@ -53,7 +53,7 @@ GitHub will generate an application ID and secret key for you to use.
           "app_id" => "YOUR_APP_ID",
           "app_secret" => "YOUR_APP_SECRET",
           "url" => "https://github.com/",
-          "args" => { "scope" => "user:email" } }
+          "args" => { "scope" => "user:email" }
         }
       ]
     ```
@@ -76,4 +76,4 @@ GitHub will generate an application ID and secret key for you to use.
 
 On the sign in page there should now be a GitHub icon below the regular sign in form. 
 Click the icon to begin the authentication process. GitHub will ask the user to sign in and authorize the GitLab application. 
-If everything goes well the user will be returned to GitLab and will be signed in.
\ No newline at end of file
+If everything goes well the user will be returned to GitLab and will be signed in.
diff --git a/doc/integration/gitlab.md b/doc/integration/gitlab.md
index 49ffaa62af8..216f1f11a9b 100644
--- a/doc/integration/gitlab.md
+++ b/doc/integration/gitlab.md
@@ -58,7 +58,7 @@ GitLab.com will generate an application ID and secret key for you to use.
           "name" => "gitlab",
           "app_id" => "YOUR_APP_ID",
           "app_secret" => "YOUR_APP_SECRET",
-          "args" => { "scope" => "api" } }
+          "args" => { "scope" => "api" }
         }
       ]
     ```
@@ -81,4 +81,4 @@ GitLab.com will generate an application ID and secret key for you to use.
 
 On the sign in page there should now be a GitLab.com icon below the regular sign in form. 
 Click the icon to begin the authentication process. GitLab.com will ask the user to sign in and authorize the GitLab application. 
-If everything goes well the user will be returned to your GitLab instance and will be signed in.
\ No newline at end of file
+If everything goes well the user will be returned to your GitLab instance and will be signed in.
diff --git a/doc/integration/google.md b/doc/integration/google.md
index d7b741ece69..e1c14c7c948 100644
--- a/doc/integration/google.md
+++ b/doc/integration/google.md
@@ -55,7 +55,7 @@ To enable the Google OAuth2 OmniAuth provider you must register your application
           "name" => "google_oauth2",
           "app_id" => "YOUR_APP_ID",
           "app_secret" => "YOUR_APP_SECRET",
-          "args" => { "access_type" => "offline", "approval_prompt" => '' } }
+          "args" => { "access_type" => "offline", "approval_prompt" => '' }
         }
       ]
     ```
diff --git a/doc/markdown/markdown.md b/doc/markdown/markdown.md
index 1096ea9656c..64f28d46451 100644
--- a/doc/markdown/markdown.md
+++ b/doc/markdown/markdown.md
@@ -140,25 +140,25 @@ But let's throw in a <b>tag</b>.
 
 ## Emoji
 
-	Sometimes you want to be a :ninja: and add some :glowing_star: to your :speech_balloon:. Well we have a gift for you:
+	Sometimes you want to :monkey: around a bit and add some :star2: to your :speech_balloon:. Well we have a gift for you:
 
-	:high_voltage_sign: You can use emoji anywhere GFM is supported. :victory_hand:
+	:zap: You can use emoji anywhere GFM is supported. :v:
 
-	You can use it to point out a :bug: or warn about :speak_no_evil_monkey: patches. And if someone improves your really :snail: code, send them some :cake:. People will :heart: you for that.
+	You can use it to point out a :bug: or warn about :speak_no_evil: patches. And if someone improves your really :snail: code, send them some :birthday:. People will :heart: you for that.
 
-	If you are new to this, don't be :fearful_face:. You can easily join the emoji :family:. All you need to do is to look up on the supported codes.
+	If you are new to this, don't be :fearful:. You can easily join the emoji :family:. All you need to do is to look up on the supported codes.
 
-	Consult the [Emoji Cheat Sheet](https://s3.amazonaws.com/emoji-cheatsheet/cheat_sheet.pdf) for a list of all supported emoji codes. :thumbsup:
+	Consult the [Emoji Cheat Sheet](http://emoji.codes) for a list of all supported emoji codes. :thumbsup:
 
-Sometimes you want to be a :ninja: and add some :glowing_star: to your :speech_balloon:. Well we have a gift for you:
+Sometimes you want to :monkey: around a bit and add some :star2: to your :speech_balloon:. Well we have a gift for you:
 
-:high_voltage_sign: You can use emoji anywhere GFM is supported. :victory_hand:
+:zap: You can use emoji anywhere GFM is supported. :v:
 
-You can use it to point out a :bug: or warn about :speak_no_evil_monkey: patches. And if someone improves your really :snail: code, send them some :cake:. People will :heart: you for that.
+You can use it to point out a :bug: or warn about :speak_no_evil: patches. And if someone improves your really :snail: code, send them some :birthday:. People will :heart: you for that.
 
-If you are new to this, don't be :fearful_face:. You can easily join the emoji :family:. All you need to do is to look up on the supported codes.
+If you are new to this, don't be :fearful:. You can easily join the emoji :family:. All you need to do is to look up on the supported codes.
 
-Consult the [Emoji Cheat Sheet](https://s3.amazonaws.com/emoji-cheatsheet/cheat_sheet.pdf) for a list of all supported emoji codes. :thumbsup:
+Consult the [Emoji Cheat Sheet](http://emoji.codes) for a list of all supported emoji codes. :thumbsup:
 
 ## Special GitLab References
 
@@ -485,6 +485,10 @@ This line is separated from the one above by two newlines, so it will be a *sepa
 
 This line is also a separate paragraph, but...
 This line is only separated by a single newline, so it's a separate line in the *same paragraph*.
+
+This line is also a separate paragraph, and...  
+This line is on its own line, because the previous line ends with two
+spaces.
 ```
 
 Here's a line for us to start with.
@@ -494,6 +498,10 @@ This line is separated from the one above by two newlines, so it will be a *sepa
 This line is also begins a separate paragraph, but...
 This line is only separated by a single newline, so it's a separate line in the *same paragraph*.
 
+This line is also a separate paragraph, and...  
+This line is on its own line, because the previous line ends with two
+spaces.
+
 ## Tables
 
 Tables aren't part of the core Markdown spec, but they are part of GFM and Markdown Here supports them.
diff --git a/doc/release/monthly.md b/doc/release/monthly.md
index dd44c1eb860..ec96be27f3f 100644
--- a/doc/release/monthly.md
+++ b/doc/release/monthly.md
@@ -51,6 +51,7 @@ Xth: (5 working days before the 22nd)
 Xth: (4 working days before the 22nd)
 
 - [ ] Update GitLab.com with rc1 (#LINK) (https://dev.gitlab.org/cookbooks/chef-repo/blob/master/doc/administration.md#deploy-the-package)
+- [ ] Update ci.gitLab.com with rc1 (#LINK) (https://dev.gitlab.org/cookbooks/chef-repo/blob/master/doc/administration.md#deploy-the-package)
 - [ ] Create regression issues (CE, CI) (#LINK)
 - [ ] Tweet about rc1 (#LINK)
 
@@ -68,6 +69,7 @@ Xth: (1 working day before the 22nd)
 - [ ] Create CE, EE, CI stable versions (#LINK)
 - [ ] Create Omnibus tags and build packages
 - [ ] Update GitLab.com with the stable version (#LINK)
+- [ ] Update ci.gitLab.com with the stable version (#LINK)
 
 22nd:
 
@@ -200,3 +202,7 @@ Consider creating a post on Hacker News.
 ## Update GitLab.com with the stable version
 
 - Deploy the package (should not need downtime because of the small difference with RC1)
+
+## Release new AMIs
+
+[Follow this guide](https://dev.gitlab.org/gitlab/AMI/blob/master/README.md)
diff --git a/doc/release/patch.md b/doc/release/patch.md
index 80afa19b6c5..68156ae9c0e 100644
--- a/doc/release/patch.md
+++ b/doc/release/patch.md
@@ -51,6 +51,8 @@ CE=false be rake release['x.x.x']
 
 1. [Build new packages with the latest version](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/release.md)
 1. Apply the patch to GitLab.com and the private GitLab development server
+1. Apply the patch to ci.gitLab.com and the private GitLab CI development server
 1. Create and publish a blog post, see [patch release blog template](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/doc/patch_release_blog_template.md)
 1. Send tweets about the release from `@gitlab`, tweet should include the most important feature that the release is addressing and link to the blog post
 1. Note in the 'GitLab X.X regressions' issue that the patch was published (CE only)
+1. [Create new AMIs](https://dev.gitlab.org/gitlab/AMI/blob/master/README.md)
diff --git a/doc/release/security.md b/doc/release/security.md
index b67e0f37a04..60bcfbb6da5 100644
--- a/doc/release/security.md
+++ b/doc/release/security.md
@@ -18,11 +18,13 @@ Please report suspected security vulnerabilities in private to <support@gitlab.c
 1. Do the steps from [patch release document](doc/release/patch.md), starting with "Create an issue on private GitLab development server"
 1. The MR with the security fix should get a 'security' label and be assigned to the release manager
 1. Build the package for GitLab.com and do a deploy
+1. Build the package for ci.gitLab.com and do a deploy
+1. [Create new AMIs](https://dev.gitlab.org/gitlab/AMI/blob/master/README.md)
 1. Create feature branches for the blog post on GitLab.com and link them from the code branch
 1. Merge and publish the blog posts
 1. Send tweets about the release from `@gitlabhq`
 1. Send out an email to [the community google mailing list](https://groups.google.com/forum/#!forum/gitlabhq)
-1. Post a signed copy of our complete announcement to [oss-security](http://www.openwall.com/lists/oss-security/) and request a CVE number
+1. Post a signed copy of our complete announcement to [oss-security](http://www.openwall.com/lists/oss-security/) and request a CVE number. CVE is only needed for bugs that allow someone to own the server (Remote Code Execution) or access to code of projects they are not a member of.
 1. Add the security researcher to the [Security Researcher Acknowledgments list](http://about.gitlab.com/vulnerability-acknowledgements/)
 1. Thank the security researcher in an email for their cooperation
 1. Update the blog post and the CHANGELOG when we receive the CVE number
diff --git a/doc/web_hooks/web_hooks.md b/doc/web_hooks/web_hooks.md
index 3cccd84b063..851f50f5e9a 100644
--- a/doc/web_hooks/web_hooks.md
+++ b/doc/web_hooks/web_hooks.md
@@ -16,6 +16,7 @@ Triggered when you push to the repository except when pushing tags.
 
 ```json
 {
+  "object_kind": "push",
   "before": "95790bf891e76fee5e1747ab589903a6a1f80f22",
   "after": "da1560886d4f094c3e6c9ef40349f7d38b5d27d7",
   "ref": "refs/heads/master",
@@ -66,6 +67,7 @@ Triggered when you create (or delete) tags to the repository.
 
 ```json
 {
+  "object_kind": "tag_push",
   "ref": "refs/tags/v1.0.0",
   "before": "0000000000000000000000000000000000000000",
   "after": "82b3d5ae55f7080f1e6022629cdb57bfae7cccc7",