Add latest changes from gitlab-org/gitlab@master

3 files changed, 10 insertions, 14 deletions

diff --git a/lib/constraints/project_url_constrainer.rb b/lib/constraints/project_url_constrainer.rb
index d41490d2ebd..64eefd67d81 100644
--- a/lib/constraints/project_url_constrainer.rb
+++ b/lib/constraints/project_url_constrainer.rb
@@ -2,17 +2,12 @@
 
 module Constraints
   class ProjectUrlConstrainer
-    def matches?(request, existence_check: true)
+    def matches?(request)
       namespace_path = request.params[:namespace_id]
       project_path = request.params[:project_id] || request.params[:id]
       full_path = [namespace_path, project_path].join('/')
 
-      return false unless ProjectPathValidator.valid_path?(full_path)
-      return true unless existence_check
-
-      # We intentionally allow SELECT(*) here so result of this query can be used
-      # as cache for further Project.find_by_full_path calls within request
-      Project.find_by_full_path(full_path, follow_redirects: request.get?).present?
+      ProjectPathValidator.valid_path?(full_path)
     end
   end
 end
diff --git a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
index f058468ed8e..ef2fc561201 100644
--- a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
@@ -9,16 +9,17 @@ container_scanning:
     name: registry.gitlab.com/gitlab-org/security-products/analyzers/klar:$CS_MAJOR_VERSION
     entrypoint: []
   variables:
-    # By default, use the latest clair vulnerabilities database, however, allow it to be overridden here
-    # with a specific version to provide consistency for integration testing purposes
-    CLAIR_DB_IMAGE_TAG: latest
-    # Override this variable in your `.gitlab-ci.yml` file and set it to `fetch` if you want to provide a `clair-whitelist.yaml` file.
-    # See https://docs.gitlab.com/ee/user/application_security/container_scanning/index.html#overriding-the-container-scanning-template
+    # By default, use the latest clair vulnerabilities database, however, allow it to be overridden here with a specific image
+    # to enable container scanning to run offline, or to provide a consistent list of vulnerabilities for integration testing purposes
+    CLAIR_DB_IMAGE_TAG: "latest"
+    CLAIR_DB_IMAGE: "arminc/clair-db:$CLAIR_DB_IMAGE_TAG"
+    # Override the GIT_STRATEGY variable in your `.gitlab-ci.yml` file and set it to `fetch` if you want to provide a `clair-whitelist.yml`
+    # file. See https://docs.gitlab.com/ee/user/application_security/container_scanning/index.html#overriding-the-container-scanning-template
     # for details
     GIT_STRATEGY: none
   allow_failure: true
   services:
-    - name: arminc/clair-db:$CLAIR_DB_IMAGE_TAG
+    - name: $CLAIR_DB_IMAGE
       alias: clair-vulnerabilities-db
   script:
     # the kubernetes executor currently ignores the Docker image entrypoint value, so the start.sh script must
diff --git a/lib/gitlab/patch/draw_route.rb b/lib/gitlab/patch/draw_route.rb
index 4c8ca015974..4d1b57fbbbb 100644
--- a/lib/gitlab/patch/draw_route.rb
+++ b/lib/gitlab/patch/draw_route.rb
@@ -10,7 +10,7 @@ module Gitlab
       RoutesNotFound = Class.new(StandardError)
 
       def draw(routes_name)
-        drawn_any = draw_ce(routes_name) | draw_ee(routes_name)
+        drawn_any = draw_ee(routes_name) | draw_ce(routes_name)
 
         drawn_any || raise(RoutesNotFound.new("Cannot find #{routes_name}"))
       end