Merge branch 'master' into 61964-unicorn-instrumentation

10 files changed, 187 insertions, 83 deletions

diff --git a/spec/lib/gitlab/ci/config_spec.rb b/spec/lib/gitlab/ci/config_spec.rb
index fd2a29e4ddb..092e9f242b7 100644
--- a/spec/lib/gitlab/ci/config_spec.rb
+++ b/spec/lib/gitlab/ci/config_spec.rb
@@ -190,7 +190,6 @@ describe Gitlab::Ci::Config do
     let(:remote_file_content) do
       <<~HEREDOC
       variables:
-        AUTO_DEVOPS_DOMAIN: domain.example.com
         POSTGRES_USER: user
         POSTGRES_PASSWORD: testing-password
         POSTGRES_ENABLED: "true"
@@ -232,7 +231,6 @@ describe Gitlab::Ci::Config do
           "bundle install --jobs $(nproc)  \"${FLAGS[@]}\""
         ]
         variables = {
-          AUTO_DEVOPS_DOMAIN: "domain.example.com",
           POSTGRES_USER: "user",
           POSTGRES_PASSWORD: "testing-password",
           POSTGRES_ENABLED: "true",
diff --git a/spec/lib/gitlab/data_builder/pipeline_spec.rb b/spec/lib/gitlab/data_builder/pipeline_spec.rb
index 9ef987a0826..1f36fd5c6ef 100644
--- a/spec/lib/gitlab/data_builder/pipeline_spec.rb
+++ b/spec/lib/gitlab/data_builder/pipeline_spec.rb
@@ -50,5 +50,14 @@ describe Gitlab::DataBuilder::Pipeline do
       it { expect(attributes[:variables]).to be_a(Array) }
       it { expect(attributes[:variables]).to contain_exactly({ key: 'TRIGGER_KEY_1', value: 'TRIGGER_VALUE_1' }) }
     end
+
+    context 'when pipeline is a detached merge request pipeline' do
+      let(:merge_request) { create(:merge_request, :with_detached_merge_request_pipeline) }
+      let(:pipeline) { merge_request.all_pipelines.first }
+
+      it 'returns a source ref' do
+        expect(attributes[:ref]).to eq(merge_request.source_branch)
+      end
+    end
   end
 end
diff --git a/spec/lib/gitlab/git/tree_spec.rb b/spec/lib/gitlab/git/tree_spec.rb
index 7ad3cde97f8..7e169cfe270 100644
--- a/spec/lib/gitlab/git/tree_spec.rb
+++ b/spec/lib/gitlab/git/tree_spec.rb
@@ -19,7 +19,9 @@ describe Gitlab::Git::Tree, :seed_helper do
     it 'returns a list of tree objects' do
       entries = described_class.where(repository, SeedRepo::Commit::ID, 'files', true)
 
-      expect(entries.count).to be >= 5
+      expect(entries.map(&:path)).to include('files/html',
+                                             'files/markdown/ruby-style-guide.md')
+      expect(entries.count).to be >= 10
       expect(entries).to all(be_a(Gitlab::Git::Tree))
     end
 
diff --git a/spec/lib/gitlab/import_export/members_mapper_spec.rb b/spec/lib/gitlab/import_export/members_mapper_spec.rb
index 67e4c289906..b95b5dfe791 100644
--- a/spec/lib/gitlab/import_export/members_mapper_spec.rb
+++ b/spec/lib/gitlab/import_export/members_mapper_spec.rb
@@ -12,7 +12,6 @@ describe Gitlab::ImportExport::MembersMapper do
          "access_level" => 40,
          "source_id" => 14,
          "source_type" => "Project",
-         "user_id" => 19,
          "notification_level" => 3,
          "created_at" => "2016-03-11T10:21:44.822Z",
          "updated_at" => "2016-03-11T10:21:44.822Z",
@@ -25,7 +24,8 @@ describe Gitlab::ImportExport::MembersMapper do
              "id" => exported_user_id,
              "email" => user2.email,
              "username" => 'test'
-           }
+           },
+          "user_id" => 19
        },
        {
          "id" => 3,
@@ -73,6 +73,22 @@ describe Gitlab::ImportExport::MembersMapper do
       expect(user2.authorized_project?(project)).to be true
     end
 
+    it 'maps an owner as a maintainer' do
+      exported_members.first['access_level'] = ProjectMember::OWNER
+
+      expect(members_mapper.map[exported_user_id]).to eq(user2.id)
+      expect(ProjectMember.find_by_user_id(user2.id).access_level).to eq(ProjectMember::MAINTAINER)
+    end
+
+    it 'removes old user_id from member_hash to avoid conflict with user key' do
+      expect(ProjectMember).to receive(:create)
+        .twice
+        .with(hash_excluding('user_id'))
+        .and_call_original
+
+      members_mapper.map
+    end
+
     context 'user is not an admin' do
       let(:user) { create(:user) }
 
diff --git a/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb b/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
index 6084dc96410..651aa600fb2 100644
--- a/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
+++ b/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
@@ -328,6 +328,19 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
     end
 
     context 'when the project has overridden params in import data' do
+      it 'handles string versions of visibility_level' do
+        # Project needs to be in a group for visibility level comparison
+        # to happen
+        group = create(:group)
+        project.group = group
+
+        project.create_import_data(data: { override_params: { visibility_level: Gitlab::VisibilityLevel::INTERNAL.to_s } })
+
+        restored_project_json
+
+        expect(project.visibility_level).to eq(Gitlab::VisibilityLevel::INTERNAL)
+      end
+
       it 'overwrites the params stored in the JSON' do
         project.create_import_data(data: { override_params: { description: "Overridden" } })
 
diff --git a/spec/lib/gitlab/lets_encrypt/client_spec.rb b/spec/lib/gitlab/lets_encrypt/client_spec.rb
index 16a16acfd25..d63a2fbee04 100644
--- a/spec/lib/gitlab/lets_encrypt/client_spec.rb
+++ b/spec/lib/gitlab/lets_encrypt/client_spec.rb
@@ -5,12 +5,14 @@ require 'spec_helper'
 describe ::Gitlab::LetsEncrypt::Client do
   include LetsEncryptHelpers
 
+  set(:private_key) { OpenSSL::PKey::RSA.new(4096).to_pem }
   let(:client) { described_class.new }
 
   before do
     stub_application_setting(
       lets_encrypt_notification_email: 'myemail@test.example.com',
-      lets_encrypt_terms_of_service_accepted: true
+      lets_encrypt_terms_of_service_accepted: true,
+      lets_encrypt_private_key: private_key
     )
   end
 
diff --git a/spec/lib/gitlab/lfs_token_spec.rb b/spec/lib/gitlab/lfs_token_spec.rb
index 8961ecc4be0..701ed1f3a1b 100644
--- a/spec/lib/gitlab/lfs_token_spec.rb
+++ b/spec/lib/gitlab/lfs_token_spec.rb
@@ -77,96 +77,42 @@ describe Gitlab::LfsToken, :clean_gitlab_redis_shared_state do
     let(:actor) { create(:user, username: 'test_user_lfs_1') }
     let(:lfs_token) { described_class.new(actor) }
 
-    context 'for an HMAC token' do
-      before do
-        # We're not interested in testing LegacyRedisDeviseToken here
-        allow(Gitlab::LfsToken::LegacyRedisDeviseToken).to receive_message_chain(:new, :token_valid?).and_return(false)
-      end
-
-      context 'where the token is invalid' do
-        context "because it's junk" do
-          it 'returns false' do
-            expect(lfs_token.token_valid?('junk')).to be_falsey
-          end
-        end
-
-        context "because it's been fiddled with" do
-          it 'returns false' do
-            fiddled_token = lfs_token.token.tap { |token| token[0] = 'E' }
-            expect(lfs_token.token_valid?(fiddled_token)).to be_falsey
-          end
-        end
-
-        context "because it was generated with a different secret" do
-          it 'returns false' do
-            different_actor = create(:user, username: 'test_user_lfs_2')
-            different_secret_token = described_class.new(different_actor).token
-            expect(lfs_token.token_valid?(different_secret_token)).to be_falsey
-          end
-        end
-
-        context "because it's expired" do
-          it 'returns false' do
-            expired_token = lfs_token.token
-            # Needs to be at least 1860 seconds, because the default expiry is
-            # 1800 seconds with an additional 60 second leeway.
-            Timecop.freeze(Time.now + 1865) do
-              expect(lfs_token.token_valid?(expired_token)).to be_falsey
-            end
-          end
+    context 'where the token is invalid' do
+      context "because it's junk" do
+        it 'returns false' do
+          expect(lfs_token.token_valid?('junk')).to be_falsey
         end
       end
 
-      context 'where the token is valid' do
-        it 'returns true' do
-          expect(lfs_token.token_valid?(lfs_token.token)).to be_truthy
+      context "because it's been fiddled with" do
+        it 'returns false' do
+          fiddled_token = lfs_token.token.tap { |token| token[0] = 'E' }
+          expect(lfs_token.token_valid?(fiddled_token)).to be_falsey
         end
       end
-    end
-
-    context 'for a LegacyRedisDevise token' do
-      before do
-        # We're not interested in testing HMACToken here
-        allow_any_instance_of(Gitlab::LfsToken::HMACToken).to receive(:token_valid?).and_return(false)
-      end
-
-      context 'where the token is invalid' do
-        context "because it's junk" do
-          it 'returns false' do
-            expect(lfs_token.token_valid?('junk')).to be_falsey
-          end
-        end
 
-        context "because it's been fiddled with" do
-          it 'returns false' do
-            generated_token = Gitlab::LfsToken::LegacyRedisDeviseToken.new(actor).store_new_token
-            fiddled_token = generated_token.tap { |token| token[0] = 'E' }
-            expect(lfs_token.token_valid?(fiddled_token)).to be_falsey
-          end
-        end
-
-        context "because it was generated with a different secret" do
-          it 'returns false' do
-            different_actor = create(:user, username: 'test_user_lfs_2')
-            different_secret_token = described_class.new(different_actor).token
-            expect(lfs_token.token_valid?(different_secret_token)).to be_falsey
-          end
+      context "because it was generated with a different secret" do
+        it 'returns false' do
+          different_actor = create(:user, username: 'test_user_lfs_2')
+          different_secret_token = described_class.new(different_actor).token
+          expect(lfs_token.token_valid?(different_secret_token)).to be_falsey
         end
+      end
 
-        context "because it's expired" do
-          it 'returns false' do
-            generated_token = Gitlab::LfsToken::LegacyRedisDeviseToken.new(actor).store_new_token(1)
-            # We need a real sleep here because we need to wait for redis to expire the key.
-            sleep(0.01)
-            expect(lfs_token.token_valid?(generated_token)).to be_falsey
+      context "because it's expired" do
+        it 'returns false' do
+          expired_token = lfs_token.token
+          # Needs to be at least 1860 seconds, because the default expiry is
+          # 1800 seconds with an additional 60 second leeway.
+          Timecop.freeze(Time.now + 1865) do
+            expect(lfs_token.token_valid?(expired_token)).to be_falsey
           end
         end
       end
 
       context 'where the token is valid' do
         it 'returns true' do
-          generated_token = Gitlab::LfsToken::LegacyRedisDeviseToken.new(actor).store_new_token
-          expect(lfs_token.token_valid?(generated_token)).to be_truthy
+          expect(lfs_token.token_valid?(lfs_token.token)).to be_truthy
         end
       end
     end
diff --git a/spec/lib/gitlab/metrics/samplers/puma_sampler_spec.rb b/spec/lib/gitlab/metrics/samplers/puma_sampler_spec.rb
new file mode 100644
index 00000000000..c471c30a194
--- /dev/null
+++ b/spec/lib/gitlab/metrics/samplers/puma_sampler_spec.rb
@@ -0,0 +1,96 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::Metrics::Samplers::PumaSampler do
+  subject { described_class.new(5) }
+  let(:null_metric) { double('null_metric', set: nil, observe: nil) }
+
+  before do
+    allow(Gitlab::Metrics::NullMetric).to receive(:instance).and_return(null_metric)
+  end
+
+  describe '#sample' do
+    before do
+      expect(subject).to receive(:puma_stats).and_return(puma_stats)
+    end
+
+    context 'in cluster mode' do
+      let(:puma_stats) do
+        <<~EOS
+        {
+          "workers": 2,
+          "phase": 2,
+          "booted_workers": 2,
+          "old_workers": 0,
+          "worker_status": [{
+            "pid": 32534,
+            "index": 0,
+            "phase": 1,
+            "booted": true,
+            "last_checkin": "2019-05-15T07:57:55Z",
+            "last_status": {
+              "backlog":0,
+              "running":1,
+              "pool_capacity":4,
+              "max_threads": 4
+            }
+          }]
+        }
+        EOS
+      end
+
+      it 'samples master statistics' do
+        labels = { worker: 'master' }
+
+        expect(subject.metrics[:puma_workers]).to receive(:set).with(labels, 2)
+        expect(subject.metrics[:puma_running_workers]).to receive(:set).with(labels, 2)
+        expect(subject.metrics[:puma_stale_workers]).to receive(:set).with(labels, 0)
+        expect(subject.metrics[:puma_phase]).to receive(:set).once.with(labels, 2)
+        expect(subject.metrics[:puma_phase]).to receive(:set).once.with({ worker: 'worker_0' }, 1)
+
+        subject.sample
+      end
+
+      it 'samples worker statistics' do
+        labels = { worker: 'worker_0' }
+
+        expect_worker_stats(labels)
+
+        subject.sample
+      end
+    end
+
+    context 'in single mode' do
+      let(:puma_stats) do
+        <<~EOS
+        {
+          "backlog":0,
+          "running":1,
+          "pool_capacity":4,
+          "max_threads": 4
+        }
+        EOS
+      end
+
+      it 'samples worker statistics' do
+        labels = {}
+
+        expect(subject.metrics[:puma_workers]).to receive(:set).with(labels, 1)
+        expect(subject.metrics[:puma_running_workers]).to receive(:set).with(labels, 1)
+        expect_worker_stats(labels)
+
+        subject.sample
+      end
+    end
+  end
+
+  def expect_worker_stats(labels)
+    expect(subject.metrics[:puma_queued_connections]).to receive(:set).with(labels, 0)
+    expect(subject.metrics[:puma_active_connections]).to receive(:set).with(labels, 0)
+    expect(subject.metrics[:puma_running]).to receive(:set).with(labels, 1)
+    expect(subject.metrics[:puma_pool_capacity]).to receive(:set).with(labels, 4)
+    expect(subject.metrics[:puma_max_threads]).to receive(:set).with(labels, 4)
+    expect(subject.metrics[:puma_idle_threads]).to receive(:set).with(labels, 1)
+  end
+end
diff --git a/spec/lib/gitlab/omniauth_initializer_spec.rb b/spec/lib/gitlab/omniauth_initializer_spec.rb
index d808b4d49e0..f9c0daf1ef1 100644
--- a/spec/lib/gitlab/omniauth_initializer_spec.rb
+++ b/spec/lib/gitlab/omniauth_initializer_spec.rb
@@ -38,6 +38,28 @@ describe Gitlab::OmniauthInitializer do
       subject.execute([hash_config])
     end
 
+    it 'normalizes a String strategy_class' do
+      hash_config = { 'name' => 'hash', 'args' => { strategy_class: 'OmniAuth::Strategies::OAuth2Generic' } }
+
+      expect(devise_config).to receive(:omniauth).with(:hash, strategy_class: OmniAuth::Strategies::OAuth2Generic)
+
+      subject.execute([hash_config])
+    end
+
+    it 'allows a class to be specified in strategy_class' do
+      hash_config = { 'name' => 'hash', 'args' => { strategy_class: OmniAuth::Strategies::OAuth2Generic } }
+
+      expect(devise_config).to receive(:omniauth).with(:hash, strategy_class: OmniAuth::Strategies::OAuth2Generic)
+
+      subject.execute([hash_config])
+    end
+
+    it 'throws an error for an invalid strategy_class' do
+      hash_config = { 'name' => 'hash', 'args' => { strategy_class: 'OmniAuth::Strategies::Bogus' } }
+
+      expect { subject.execute([hash_config]) }.to raise_error(NameError)
+    end
+
     it 'configures fail_with_empty_uid for shibboleth' do
       shibboleth_config = { 'name' => 'shibboleth', 'args' => {} }
 
diff --git a/spec/lib/gitlab/prometheus/query_variables_spec.rb b/spec/lib/gitlab/prometheus/query_variables_spec.rb
index 048f4af6020..6dc99ef26ec 100644
--- a/spec/lib/gitlab/prometheus/query_variables_spec.rb
+++ b/spec/lib/gitlab/prometheus/query_variables_spec.rb
@@ -23,7 +23,7 @@ describe Gitlab::Prometheus::QueryVariables do
 
     context 'with deployment platform' do
       context 'with project cluster' do
-        let(:kube_namespace) { environment.deployment_platform.actual_namespace }
+        let(:kube_namespace) { environment.deployment_platform.cluster.kubernetes_namespace_for(project) }
 
         before do
           create(:cluster, :project, :provided_by_user, projects: [project])