Merge branch 'code-freeze-20181207' into 11-6-stable-prepare-rc5

* code-freeze-20181207: (85 commits)
  Changed frontmatter filtering to support YAML, JSON, TOML, and arbitrary languages
  Disable docs lint internal_links check
  Documentation cleanup
  Allow public forks to be deduplicated
  Prettifies
  [CE] - Add milestones autocomplete for epics
  Fixes linting errors
  Reorganize Jobs Variables feature spec
  CE Port of "Web Terminal FE"
  Extract context in JobsController spec
  Add specs for TriggerVariableEntity
  Extract context in JobsController spec
  Allows user to override default issuer email for cert manager
  Add specs for TriggerVariableEntity
  Adds toggle behavior - Adds coverage for hide/reveal toggle button behavior
  Backports changes made to One notification per code review
  Further design iteration on project overview
  Fix transaction pollution in Shard.by_name
  Show primary button when all labels are prioritized
  Consistent feature name in all docs
  ...

13 files changed, 280 insertions, 14 deletions

diff --git a/spec/models/appearance_spec.rb b/spec/models/appearance_spec.rb
index 77b07cf1ac9..35415030154 100644
--- a/spec/models/appearance_spec.rb
+++ b/spec/models/appearance_spec.rb
@@ -20,7 +20,7 @@ describe Appearance do
   end
 
   context 'with uploads' do
-    it_behaves_like 'model with mounted uploader', false do
+    it_behaves_like 'model with uploads', false do
       let(:model_object) { create(:appearance, :with_logo) }
       let(:upload_attribute) { :logo }
       let(:uploader_class) { AttachmentUploader }
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 4cdcae5f670..89f78f629d4 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -1925,7 +1925,7 @@ describe Ci::Build do
 
     context 'when token is empty' do
       before do
-        build.token = nil
+        build.update_columns(token: nil, token_encrypted: nil)
       end
 
       it { is_expected.to be_nil}
@@ -2141,7 +2141,7 @@ describe Ci::Build do
       end
 
       before do
-        build.token = 'my-token'
+        build.set_token('my-token')
         build.yaml_variables = []
       end
 
diff --git a/spec/models/clusters/applications/runner_spec.rb b/spec/models/clusters/applications/runner_spec.rb
index 97e50809647..47daa79873e 100644
--- a/spec/models/clusters/applications/runner_spec.rb
+++ b/spec/models/clusters/applications/runner_spec.rb
@@ -18,7 +18,7 @@ describe Clusters::Applications::Runner do
       let(:application) { create(:clusters_applications_runner, :scheduled, version: '0.1.30') }
 
       it 'updates the application version' do
-        expect(application.reload.version).to eq('0.1.38')
+        expect(application.reload.version).to eq('0.1.39')
       end
     end
   end
@@ -46,7 +46,7 @@ describe Clusters::Applications::Runner do
     it 'should be initialized with 4 arguments' do
       expect(subject.name).to eq('runner')
       expect(subject.chart).to eq('runner/gitlab-runner')
-      expect(subject.version).to eq('0.1.38')
+      expect(subject.version).to eq('0.1.39')
       expect(subject).not_to be_rbac
       expect(subject.repository).to eq('https://charts.gitlab.io')
       expect(subject.files).to eq(gitlab_runner.files)
@@ -64,7 +64,7 @@ describe Clusters::Applications::Runner do
       let(:gitlab_runner) { create(:clusters_applications_runner, :errored, runner: ci_runner, version: '0.1.13') }
 
       it 'should be initialized with the locked version' do
-        expect(subject.version).to eq('0.1.38')
+        expect(subject.version).to eq('0.1.39')
       end
     end
   end
diff --git a/spec/models/commit_spec.rb b/spec/models/commit_spec.rb
index 2a0039a0635..a2d2d77746d 100644
--- a/spec/models/commit_spec.rb
+++ b/spec/models/commit_spec.rb
@@ -204,7 +204,7 @@ describe Commit do
       message = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec sodales id felis id blandit. Vivamus egestas lacinia lacus, sed rutrum mauris.'
 
       allow(commit).to receive(:safe_message).and_return(message)
-      expect(commit.title).to eq('Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec sodales id felis…')
+      expect(commit.title).to eq('Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec sodales id...')
     end
 
     it "truncates a message with a newline before 80 characters at the newline" do
diff --git a/spec/models/concerns/discussion_on_diff_spec.rb b/spec/models/concerns/discussion_on_diff_spec.rb
index 8cd129dc851..73eb7a1160d 100644
--- a/spec/models/concerns/discussion_on_diff_spec.rb
+++ b/spec/models/concerns/discussion_on_diff_spec.rb
@@ -12,6 +12,34 @@ describe DiscussionOnDiff do
 
         expect(truncated_lines.count).to be <= DiffDiscussion::NUMBER_OF_TRUNCATED_DIFF_LINES
       end
+
+      context 'with truncated diff lines diff limit set' do
+        let(:truncated_lines) do
+          subject.truncated_diff_lines(
+            diff_limit: diff_limit
+          )
+        end
+
+        context 'when diff limit is higher than default' do
+          let(:diff_limit) { DiffDiscussion::NUMBER_OF_TRUNCATED_DIFF_LINES + 1 }
+
+          it 'returns fewer lines than the default' do
+            expect(subject.diff_lines.count).to be > diff_limit
+
+            expect(truncated_lines.count).to be <= DiffDiscussion::NUMBER_OF_TRUNCATED_DIFF_LINES
+          end
+        end
+
+        context 'when diff_limit is lower than default' do
+          let(:diff_limit) { 3 }
+
+          it 'returns fewer lines than the default' do
+            expect(subject.diff_lines.count).to be > DiffDiscussion::NUMBER_OF_TRUNCATED_DIFF_LINES
+
+            expect(truncated_lines.count).to be <= diff_limit
+          end
+        end
+      end
     end
 
     context "when some diff lines are meta" do
diff --git a/spec/models/concerns/token_authenticatable_spec.rb b/spec/models/concerns/token_authenticatable_spec.rb
index 0cdf430e9ab..55d83bc3a6b 100644
--- a/spec/models/concerns/token_authenticatable_spec.rb
+++ b/spec/models/concerns/token_authenticatable_spec.rb
@@ -351,3 +351,89 @@ describe PersonalAccessToken, 'TokenAuthenticatable' do
     end
   end
 end
+
+describe Ci::Build, 'TokenAuthenticatable' do
+  let(:token_field) { :token }
+  let(:build) { FactoryBot.build(:ci_build) }
+
+  it_behaves_like 'TokenAuthenticatable'
+
+  describe 'generating new token' do
+    context 'token is not generated yet' do
+      describe 'token field accessor' do
+        it 'makes it possible to access token' do
+          expect(build.token).to be_nil
+
+          build.save!
+
+          expect(build.token).to be_present
+        end
+      end
+
+      describe "ensure_token" do
+        subject { build.ensure_token }
+
+        it { is_expected.to be_a String }
+        it { is_expected.not_to be_blank }
+
+        it 'does not persist token' do
+          expect(build).not_to be_persisted
+        end
+      end
+
+      describe 'ensure_token!' do
+        it 'persists a new token' do
+          expect(build.ensure_token!).to eq build.reload.token
+          expect(build).to be_persisted
+        end
+
+        it 'persists new token as an encrypted string' do
+          build.ensure_token!
+
+          encrypted = Gitlab::CryptoHelper.aes256_gcm_encrypt(build.token)
+
+          expect(build.read_attribute('token_encrypted')).to eq encrypted
+        end
+
+        it 'does not persist a token in a clear text' do
+          build.ensure_token!
+
+          expect(build.read_attribute('token')).to be_nil
+        end
+      end
+    end
+
+    describe '#reset_token!' do
+      it 'persists a new token' do
+        build.save!
+
+        build.token.yield_self do |previous_token|
+          build.reset_token!
+
+          expect(build.token).not_to eq previous_token
+          expect(build.token).to be_a String
+        end
+      end
+    end
+  end
+
+  describe 'setting a new token' do
+    subject { build.set_token('0123456789') }
+
+    it 'returns the token' do
+      expect(subject).to eq '0123456789'
+    end
+
+    it 'writes a new encrypted token' do
+      expect(build.read_attribute('token_encrypted')).to be_nil
+      expect(subject).to eq '0123456789'
+      expect(build.read_attribute('token_encrypted')).to be_present
+    end
+
+    it 'does not write a new cleartext token' do
+      expect(build.read_attribute('token')).to be_nil
+      expect(subject).to eq '0123456789'
+      expect(build.read_attribute('token')).to be_nil
+    end
+  end
+end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 87aa5a46c21..e63881242f6 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -739,7 +739,7 @@ describe Group do
   end
 
   context 'with uploads' do
-    it_behaves_like 'model with mounted uploader', true do
+    it_behaves_like 'model with uploads', true do
       let(:model_object) { create(:group, :with_avatar) }
       let(:upload_attribute) { :avatar }
       let(:uploader_class) { AttachmentUploader }
diff --git a/spec/models/namespace_spec.rb b/spec/models/namespace_spec.rb
index 96561dab1c9..18b54cce834 100644
--- a/spec/models/namespace_spec.rb
+++ b/spec/models/namespace_spec.rb
@@ -249,7 +249,7 @@ describe Namespace do
 
               move_dir_result
             end
-            expect(Gitlab::Sentry).to receive(:should_raise?).and_return(false) # like prod
+            expect(Gitlab::Sentry).to receive(:should_raise_for_dev?).and_return(false) # like prod
 
             namespace.update(path: namespace.full_path + '_new')
           end
diff --git a/spec/models/pool_repository_spec.rb b/spec/models/pool_repository_spec.rb
index 541e78507e5..3d3878b8c39 100644
--- a/spec/models/pool_repository_spec.rb
+++ b/spec/models/pool_repository_spec.rb
@@ -5,6 +5,7 @@ require 'spec_helper'
 describe PoolRepository do
   describe 'associations' do
     it { is_expected.to belong_to(:shard) }
+    it { is_expected.to have_one(:source_project) }
     it { is_expected.to have_many(:member_projects) }
   end
 
@@ -12,15 +13,14 @@ describe PoolRepository do
     let!(:pool_repository) { create(:pool_repository) }
 
     it { is_expected.to validate_presence_of(:shard) }
+    it { is_expected.to validate_presence_of(:source_project) }
   end
 
   describe '#disk_path' do
     it 'sets the hashed disk_path' do
       pool = create(:pool_repository)
 
-      elements = File.split(pool.disk_path)
-
-      expect(elements).to all( match(/\d{2,}/) )
+      expect(pool.disk_path).to match(%r{\A@pools/\h{2}/\h{2}/\h{64}})
     end
   end
 end
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 50920d9d1fc..1c85411dc3b 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -3898,7 +3898,7 @@ describe Project do
   end
 
   context 'with uploads' do
-    it_behaves_like 'model with mounted uploader', true do
+    it_behaves_like 'model with uploads', true do
       let(:model_object) { create(:project, :with_avatar) }
       let(:upload_attribute) { :avatar }
       let(:uploader_class) { AttachmentUploader }
@@ -4092,6 +4092,44 @@ describe Project do
     end
   end
 
+  describe '#git_objects_poolable?' do
+    subject { project }
+
+    context 'when the feature flag is turned off' do
+      before do
+        stub_feature_flags(object_pools: false)
+      end
+
+      let(:project) { create(:project, :repository, :public) }
+
+      it { is_expected.not_to be_git_objects_poolable }
+    end
+
+    context 'when the feature flag is enabled' do
+      context 'when not using hashed storage' do
+        let(:project) { create(:project, :legacy_storage, :public, :repository) }
+
+        it { is_expected.not_to be_git_objects_poolable }
+      end
+
+      context 'when the project is not public' do
+        let(:project) { create(:project, :private) }
+
+        it { is_expected.not_to be_git_objects_poolable }
+      end
+
+      context 'when objects are poolable' do
+        let(:project) { create(:project, :repository, :public) }
+
+        before do
+          stub_application_setting(hashed_storage_enabled: true)
+        end
+
+        it { is_expected.to be_git_objects_poolable }
+      end
+    end
+  end
+
   def rugged_config
     rugged_repo(project.repository).config
   end
diff --git a/spec/models/uploads/fog_spec.rb b/spec/models/uploads/fog_spec.rb
new file mode 100644
index 00000000000..4a44cf5ab0f
--- /dev/null
+++ b/spec/models/uploads/fog_spec.rb
@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Uploads::Fog do
+  let(:data_store) { described_class.new }
+
+  before do
+    stub_uploads_object_storage(FileUploader)
+  end
+
+  describe '#available?' do
+    subject { data_store.available? }
+
+    context 'when object storage is enabled' do
+      it { is_expected.to be_truthy }
+    end
+
+    context 'when object storage is disabled' do
+      before do
+        stub_uploads_object_storage(FileUploader, enabled: false)
+      end
+
+      it { is_expected.to be_falsy }
+    end
+  end
+
+  context 'model with uploads' do
+    let(:project) { create(:project) }
+    let(:relation) { project.uploads }
+
+    describe '#keys' do
+      let!(:uploads) { create_list(:upload, 2, :object_storage, uploader: FileUploader, model: project) }
+      subject { data_store.keys(relation) }
+
+      it 'returns keys' do
+        is_expected.to match_array(relation.pluck(:path))
+      end
+    end
+
+    describe '#delete_keys' do
+      let(:keys) { data_store.keys(relation) }
+      let!(:uploads) { create_list(:upload, 2, :with_file, :issuable_upload, model: project) }
+      subject { data_store.delete_keys(keys) }
+
+      before do
+        uploads.each { |upload| upload.build_uploader.migrate!(2) }
+      end
+
+      it 'deletes multiple data' do
+        paths = relation.pluck(:path)
+
+        ::Fog::Storage.new(FileUploader.object_store_credentials).tap do |connection|
+          paths.each do |path|
+            expect(connection.get_object('uploads', path)[:body]).not_to be_nil
+          end
+        end
+
+        subject
+
+        ::Fog::Storage.new(FileUploader.object_store_credentials).tap do |connection|
+          paths.each do |path|
+            expect { connection.get_object('uploads', path)[:body] }.to raise_error(Excon::Error::NotFound)
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/spec/models/uploads/local_spec.rb b/spec/models/uploads/local_spec.rb
new file mode 100644
index 00000000000..3468399f370
--- /dev/null
+++ b/spec/models/uploads/local_spec.rb
@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Uploads::Local do
+  let(:data_store) { described_class.new }
+
+  before do
+    stub_uploads_object_storage(FileUploader)
+  end
+
+  context 'model with uploads' do
+    let(:project) { create(:project) }
+    let(:relation) { project.uploads }
+
+    describe '#keys' do
+      let!(:uploads) { create_list(:upload, 2, uploader: FileUploader, model: project) }
+      subject { data_store.keys(relation) }
+
+      it 'returns keys' do
+        is_expected.to match_array(relation.map(&:absolute_path))
+      end
+    end
+
+    describe '#delete_keys' do
+      let(:keys) { data_store.keys(relation) }
+      let!(:uploads) { create_list(:upload, 2, :with_file, :issuable_upload, model: project) }
+      subject { data_store.delete_keys(keys) }
+
+      it 'deletes multiple data' do
+        paths = relation.map(&:absolute_path)
+
+        paths.each do |path|
+          expect(File.exist?(path)).to be_truthy
+        end
+
+        subject
+
+        paths.each do |path|
+          expect(File.exist?(path)).to be_falsey
+        end
+      end
+    end
+  end
+end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 6cb27246f06..ff075e65c76 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -3231,7 +3231,7 @@ describe User do
   end
 
   context 'with uploads' do
-    it_behaves_like 'model with mounted uploader', false do
+    it_behaves_like 'model with uploads', false do
       let(:model_object) { create(:user, :with_avatar) }
       let(:upload_attribute) { :avatar }
       let(:uploader_class) { AttachmentUploader }