Merge remote-tracking branch 'upstream/master' into add-star-for-action-scope

* upstream/master: (3161 commits)
  Derive project path from import URL
  add article to list
  link to CI/CD Deep Dive demo for #5800
  Add code review guidelines related to Build [CI skip].
  Make time span dropdown style on cycle analytics page consistent
  copyedit, add article to the list
  Make Markdown autocomplete dropdown style consistent
  Add 204. Remove duplicated method.
  Make sure we didn't commit conflicts
  Fix bug in blob test
  Always fetch branches before finding the merge base, otherwise we could find an outdated merge base
  Fixes dropdown margin in sidebar
  Fixes the search losing focus
  Docs add blog articles
  Inline script cleanup globals and easy
  Add option to use CommitLanguages RPC
  CI fixes for gitaly-ruby
  fix
  Allow logged in users to read user list under public restriction
  Small refactor in LegacyNamespace and moved back send_update_instructions
  ...

1 files changed, 37 insertions, 25 deletions

diff --git a/spec/services/auth/container_registry_authentication_service_spec.rb b/spec/services/auth/container_registry_authentication_service_spec.rb
index 0609790893d..7f704629bfa 100644
--- a/spec/services/auth/container_registry_authentication_service_spec.rb
+++ b/spec/services/auth/container_registry_authentication_service_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe Auth::ContainerRegistryAuthenticationService, services: true do
+describe Auth::ContainerRegistryAuthenticationService do
   let(:current_project) { nil }
   let(:current_user) { nil }
   let(:current_params) { {} }
@@ -34,7 +34,9 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
       end
 
       context 'for changed configuration' do
-        before { stub_application_setting(container_registry_token_expire_delay: expire_delay) }
+        before do
+          stub_application_setting(container_registry_token_expire_delay: expire_delay)
+        end
 
         it { expect(expires_at).to be_within(2.seconds).of(Time.now + expire_delay.minutes) }
       end
@@ -44,7 +46,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
   shared_examples 'an accessible' do
     let(:access) do
       [{ 'type' => 'repository',
-         'name' => project.path_with_namespace,
+         'name' => project.full_path,
          'actions' => actions }]
     end
 
@@ -101,7 +103,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
 
   describe '#full_access_token' do
     let(:project) { create(:empty_project) }
-    let(:token) { described_class.full_access_token(project.path_with_namespace) }
+    let(:token) { described_class.full_access_token(project.full_path) }
 
     subject { { token: token } }
 
@@ -123,10 +125,12 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
       end
 
       context 'allow developer to push images' do
-        before { project.team << [current_user, :developer] }
+        before do
+          project.team << [current_user, :developer]
+        end
 
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:push" }
+          { scope: "repository:#{project.full_path}:push" }
         end
 
         it_behaves_like 'a pushable'
@@ -144,11 +148,13 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
       end
 
       context 'allow reporter to pull images' do
-        before { project.team << [current_user, :reporter] }
+        before do
+          project.team << [current_user, :reporter]
+        end
 
         context 'when pulling from root level repository' do
           let(:current_params) do
-            { scope: "repository:#{project.path_with_namespace}:pull" }
+            { scope: "repository:#{project.full_path}:pull" }
           end
 
           it_behaves_like 'a pullable'
@@ -167,10 +173,12 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
       end
 
       context 'return a least of privileges' do
-        before { project.team << [current_user, :reporter] }
+        before do
+          project.team << [current_user, :reporter]
+        end
 
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:push,pull" }
+          { scope: "repository:#{project.full_path}:push,pull" }
         end
 
         it_behaves_like 'a pullable'
@@ -178,10 +186,12 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
       end
 
       context 'disallow guest to pull or push images' do
-        before { project.team << [current_user, :guest] }
+        before do
+          project.team << [current_user, :guest]
+        end
 
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:pull,push" }
+          { scope: "repository:#{project.full_path}:pull,push" }
         end
 
         it_behaves_like 'an inaccessible'
@@ -204,7 +214,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
 
       context 'allow anyone to pull images' do
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:pull" }
+          { scope: "repository:#{project.full_path}:pull" }
         end
 
         it_behaves_like 'a pullable'
@@ -213,7 +223,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
 
       context 'disallow anyone to push images' do
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:push" }
+          { scope: "repository:#{project.full_path}:push" }
         end
 
         it_behaves_like 'an inaccessible'
@@ -244,7 +254,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
       context 'for internal user' do
         context 'allow anyone to pull images' do
           let(:current_params) do
-            { scope: "repository:#{project.path_with_namespace}:pull" }
+            { scope: "repository:#{project.full_path}:pull" }
           end
 
           it_behaves_like 'a pullable'
@@ -253,7 +263,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
 
         context 'disallow anyone to push images' do
           let(:current_params) do
-            { scope: "repository:#{project.path_with_namespace}:push" }
+            { scope: "repository:#{project.full_path}:push" }
           end
 
           it_behaves_like 'an inaccessible'
@@ -272,7 +282,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
       context 'for external user' do
         let(:current_user) { create(:user, external: true) }
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:pull,push,*" }
+          { scope: "repository:#{project.full_path}:pull,push,*" }
         end
 
         it_behaves_like 'an inaccessible'
@@ -319,7 +329,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
 
     context 'allow to pull and push images' do
       let(:current_params) do
-        { scope: "repository:#{current_project.path_with_namespace}:pull,push" }
+        { scope: "repository:#{current_project.full_path}:pull,push" }
       end
 
       it_behaves_like 'a pullable and pushable' do
@@ -344,7 +354,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
     context 'for other projects' do
       context 'when pulling' do
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:pull" }
+          { scope: "repository:#{project.full_path}:pull" }
         end
 
         context 'allow for public' do
@@ -411,7 +421,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
 
       context 'when pushing' do
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:push" }
+          { scope: "repository:#{project.full_path}:push" }
         end
 
         context 'disallow for all' do
@@ -439,11 +449,13 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
     context 'for project without container registry' do
       let(:project) { create(:empty_project, :public, container_registry_enabled: false) }
 
-      before { project.update(container_registry_enabled: false) }
+      before do
+        project.update(container_registry_enabled: false)
+      end
 
       context 'disallow when pulling' do
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:pull" }
+          { scope: "repository:#{project.full_path}:pull" }
         end
 
         it_behaves_like 'an inaccessible'
@@ -471,7 +483,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
       let(:project) { create(:empty_project, :private) }
 
       let(:current_params) do
-        { scope: "repository:#{project.path_with_namespace}:pull" }
+        { scope: "repository:#{project.full_path}:pull" }
       end
 
       it_behaves_like 'a forbidden'
@@ -482,7 +494,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
 
       context 'when pulling and pushing' do
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:pull,push" }
+          { scope: "repository:#{project.full_path}:pull,push" }
         end
 
         it_behaves_like 'a pullable'
@@ -491,7 +503,7 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
 
       context 'when pushing' do
         let(:current_params) do
-          { scope: "repository:#{project.path_with_namespace}:push" }
+          { scope: "repository:#{project.full_path}:push" }
         end
 
         it_behaves_like 'a forbidden'