Merge remote-tracking branch 'upstream/master' into 14995-custom_wiki_sidebar

* upstream/master: (4180 commits)
  Enable frozen string literals for app/workers/*.rb
  Resolve "Search dropdown hides & shows when typing"
  Revert merge request widget button max height
  Update CHANGELOG.md for 11.0.2
  Update external link icon in header user dropdown
  Added Diff Viewer to new VUE based MR page
  Fixed eslint failure in IDE spec helpers
  Use refs instead of querySelector.
  Show file in tree on WebIDE open
  Resolve "Remove unused bootstrap component CSS"
  Resolve "Explain what Groups are in the New Group page"
  [QA] Make sure we wait for the deploy key list to load
  Update _scopes_form.html.haml to remove duplicate information
  Use the branch instead of the tag to install
  port the EE changes
  Add index on deployable_type/id for deployments
  Add a helper to rename a column using a background migration
  Fix performance bottleneck when rendering large wiki pages
  Port Namespace#root_ancestor to CE
  Remove duplicate spec
  ...

10 files changed, 118 insertions, 47 deletions

diff --git a/qa/spec/git/repository_spec.rb b/qa/spec/git/repository_spec.rb
new file mode 100644
index 00000000000..ee1f08da238
--- /dev/null
+++ b/qa/spec/git/repository_spec.rb
@@ -0,0 +1,40 @@
+describe QA::Git::Repository do
+  let(:repository) { described_class.new }
+
+  before do
+    cd_empty_temp_directory
+    set_bad_uri
+    repository.use_default_credentials
+  end
+
+  describe '#clone' do
+    it 'redacts credentials from the URI in output' do
+      output, _ = repository.clone
+
+      expect(output).to include("fatal: unable to access 'http://****@foo/bar.git/'")
+    end
+  end
+
+  describe '#push_changes' do
+    before do
+      `git init` # need a repo to push from
+    end
+
+    it 'redacts credentials from the URI in output' do
+      output, _ = repository.push_changes
+
+      expect(output).to include("error: failed to push some refs to 'http://****@foo/bar.git'")
+    end
+  end
+
+  def cd_empty_temp_directory
+    tmp_dir = 'tmp/git-repository-spec/'
+    FileUtils.rm_r(tmp_dir) if File.exist?(tmp_dir)
+    FileUtils.mkdir_p tmp_dir
+    FileUtils.cd tmp_dir
+  end
+
+  def set_bad_uri
+    repository.uri = 'http://foo/bar.git'
+  end
+end
diff --git a/qa/spec/page/validator_spec.rb b/qa/spec/page/validator_spec.rb
index 02822d7d18f..55957649904 100644
--- a/qa/spec/page/validator_spec.rb
+++ b/qa/spec/page/validator_spec.rb
@@ -30,7 +30,7 @@ describe QA::Page::Validator do
     let(:view) { spy('view') }
 
     before do
-      allow(QA::Page::Admin::Settings)
+      allow(QA::Page::Admin::Settings::Main)
         .to receive(:views).and_return([view])
     end
 
diff --git a/qa/spec/runtime/api_client_spec.rb b/qa/spec/runtime/api/client_spec.rb
index d497d8839b8..d497d8839b8 100644
--- a/qa/spec/runtime/api_client_spec.rb
+++ b/qa/spec/runtime/api/client_spec.rb
diff --git a/qa/spec/runtime/api/request_spec.rb b/qa/spec/runtime/api/request_spec.rb
new file mode 100644
index 00000000000..80e3149f32d
--- /dev/null
+++ b/qa/spec/runtime/api/request_spec.rb
@@ -0,0 +1,44 @@
+describe QA::Runtime::API::Request do
+  include Support::StubENV
+
+  before do
+    stub_env('PERSONAL_ACCESS_TOKEN', 'a_token')
+  end
+
+  let(:client)  { QA::Runtime::API::Client.new('http://example.com') }
+  let(:request) { described_class.new(client, '/users') }
+
+  describe '#url' do
+    it 'returns the full api request url' do
+      expect(request.url).to eq 'http://example.com/api/v4/users?private_token=a_token'
+    end
+  end
+
+  describe '#request_path' do
+    it 'prepends the api path' do
+      expect(request.request_path('/users')).to eq '/api/v4/users'
+    end
+
+    it 'adds the personal access token' do
+      expect(request.request_path('/users', private_token: 'token'))
+        .to eq '/api/v4/users?private_token=token'
+    end
+
+    it 'adds the oauth access token' do
+      expect(request.request_path('/users', access_token: 'otoken'))
+        .to eq '/api/v4/users?access_token=otoken'
+    end
+
+    it 'respects query parameters' do
+      expect(request.request_path('/users?page=1')).to eq '/api/v4/users?page=1'
+      expect(request.request_path('/users', private_token: 'token', foo: 'bar/baz'))
+        .to eq '/api/v4/users?private_token=token&foo=bar%2Fbaz'
+      expect(request.request_path('/users?page=1', private_token: 'token', foo: 'bar/baz'))
+        .to eq '/api/v4/users?page=1&private_token=token&foo=bar%2Fbaz'
+    end
+
+    it 'uses a different api version' do
+      expect(request.request_path('/users', version: 'other_version')).to eq '/api/other_version/users'
+    end
+  end
+end
diff --git a/qa/spec/runtime/api_request_spec.rb b/qa/spec/runtime/api_request_spec.rb
index 9a1ed8a7a46..e69de29bb2d 100644
--- a/qa/spec/runtime/api_request_spec.rb
+++ b/qa/spec/runtime/api_request_spec.rb
@@ -1,42 +0,0 @@
-describe QA::Runtime::API::Request do
-  include Support::StubENV
-
-  before do
-    stub_env('PERSONAL_ACCESS_TOKEN', 'a_token')
-  end
-
-  let(:client)  { QA::Runtime::API::Client.new('http://example.com') }
-  let(:request) { described_class.new(client, '/users') }
-
-  describe '#url' do
-    it 'returns the full api request url' do
-      expect(request.url).to eq 'http://example.com/api/v4/users?private_token=a_token'
-    end
-  end
-
-  describe '#request_path' do
-    it 'prepends the api path' do
-      expect(request.request_path('/users')).to eq '/api/v4/users'
-    end
-
-    it 'adds the personal access token' do
-      expect(request.request_path('/users', personal_access_token: 'token'))
-        .to eq '/api/v4/users?private_token=token'
-    end
-
-    it 'adds the oauth access token' do
-      expect(request.request_path('/users', oauth_access_token: 'otoken'))
-        .to eq '/api/v4/users?access_token=otoken'
-    end
-
-    it 'respects query parameters' do
-      expect(request.request_path('/users?page=1')).to eq '/api/v4/users?page=1'
-      expect(request.request_path('/users?page=1', personal_access_token: 'token'))
-        .to eq '/api/v4/users?page=1&private_token=token'
-    end
-
-    it 'uses a different api version' do
-      expect(request.request_path('/users', version: 'v3')).to eq '/api/v3/users'
-    end
-  end
-end
diff --git a/qa/spec/runtime/key/ecdsa_spec.rb b/qa/spec/runtime/key/ecdsa_spec.rb
new file mode 100644
index 00000000000..8951e82b9bb
--- /dev/null
+++ b/qa/spec/runtime/key/ecdsa_spec.rb
@@ -0,0 +1,18 @@
+describe QA::Runtime::Key::ECDSA do
+  describe '#public_key' do
+    [256, 384, 521].each do |bits|
+      it "generates a public #{bits}-bits ECDSA key" do
+        subject = described_class.new(bits).public_key
+
+        expect(subject).to match(%r{\Aecdsa\-sha2\-\w+ AAAA[0-9A-Za-z+/]+={0,3}})
+      end
+    end
+  end
+
+  describe '#new' do
+    it 'does not support arbitrary bits' do
+      expect { described_class.new(123) }
+        .to raise_error(QA::Service::Shellout::CommandError)
+    end
+  end
+end
diff --git a/qa/spec/runtime/key/ed25519_spec.rb b/qa/spec/runtime/key/ed25519_spec.rb
new file mode 100644
index 00000000000..4844e7affdf
--- /dev/null
+++ b/qa/spec/runtime/key/ed25519_spec.rb
@@ -0,0 +1,9 @@
+describe QA::Runtime::Key::ED25519 do
+  describe '#public_key' do
+    subject { described_class.new.public_key }
+
+    it 'generates a public ED25519 key' do
+      expect(subject).to match(%r{\Assh\-ed25519 AAAA[0-9A-Za-z+/]})
+    end
+  end
+end
diff --git a/qa/spec/runtime/rsa_key.rb b/qa/spec/runtime/key/rsa_spec.rb
index 6d7ab4dcd2e..fbcc7ffdcb4 100644
--- a/qa/spec/runtime/rsa_key.rb
+++ b/qa/spec/runtime/key/rsa_spec.rb
@@ -1,9 +1,9 @@
-describe QA::Runtime::RSAKey do
+describe QA::Runtime::Key::RSA do
   describe '#public_key' do
     subject { described_class.new.public_key }
 
     it 'generates a public RSA key' do
-      expect(subject).to match(%r{\Assh\-rsa AAAA[0-9A-Za-z+/]+={0,3}\z})
+      expect(subject).to match(%r{\Assh\-rsa AAAA[0-9A-Za-z+/]+={0,3}})
     end
   end
 end
diff --git a/qa/spec/scenario/test/instance_spec.rb b/qa/spec/scenario/test/instance_spec.rb
index bd09c28e924..a74a9538be8 100644
--- a/qa/spec/scenario/test/instance_spec.rb
+++ b/qa/spec/scenario/test/instance_spec.rb
@@ -29,7 +29,7 @@ describe QA::Scenario::Test::Instance do
       it 'should call runner with default arguments' do
         subject.perform("test")
 
-        expect(runner).to have_received(:files=)
+        expect(runner).to have_received(:options=)
           .with(File.expand_path('../../../qa/specs/features', __dir__))
       end
     end
@@ -38,7 +38,7 @@ describe QA::Scenario::Test::Instance do
       it 'should call runner with paths' do
         subject.perform('test', 'path1', 'path2')
 
-        expect(runner).to have_received(:files=).with(%w[path1 path2])
+        expect(runner).to have_received(:options=).with(%w[path1 path2])
       end
     end
   end
diff --git a/qa/spec/support/stub_env.rb b/qa/spec/support/stub_env.rb
index bc8f3a5e22e..044804cd599 100644
--- a/qa/spec/support/stub_env.rb
+++ b/qa/spec/support/stub_env.rb
@@ -32,6 +32,8 @@ module Support
       allow(ENV).to receive(:[]).and_call_original
       allow(ENV).to receive(:key?).and_call_original
       allow(ENV).to receive(:fetch).and_call_original
+      # Prevent secrets from leaking in CI
+      allow(ENV).to receive(:inspect).and_return([])
       add_stubbed_value(STUBBED_KEY, true)
     end
   end