Merge branch 'master' into 'fix/gb/stage-id-reference-background-migration'

# Conflicts:
#   app/models/concerns/each_batch.rb
#   spec/models/concerns/each_batch_spec.rb

66 files changed, 1782 insertions, 289 deletions

diff --git a/spec/controllers/dashboard/labels_controller_spec.rb b/spec/controllers/dashboard/labels_controller_spec.rb
new file mode 100644
index 00000000000..2b63933008f
--- /dev/null
+++ b/spec/controllers/dashboard/labels_controller_spec.rb
@@ -0,0 +1,25 @@
+require 'spec_helper'
+
+describe Dashboard::LabelsController do
+  let(:project) { create(:empty_project) }
+  let(:user)    { create(:user) }
+  let!(:label)  { create(:label, project: project) }
+
+  before do
+    sign_in(user)
+    project.add_reporter(user)
+  end
+
+  describe "#index" do
+    let!(:unrelated_label) { create(:label, project: create(:empty_project, :public)) }
+
+    it 'returns global labels for projects the user has a relationship with' do
+      get :index, format: :json
+
+      expect(json_response).to be_kind_of(Array)
+      expect(json_response.size).to eq(1)
+      expect(json_response[0]["id"]).to be_nil
+      expect(json_response[0]["title"]).to eq(label.title)
+    end
+  end
+end
diff --git a/spec/controllers/groups/milestones_controller_spec.rb b/spec/controllers/groups/milestones_controller_spec.rb
index c6e5fb61cf9..aad67dd0164 100644
--- a/spec/controllers/groups/milestones_controller_spec.rb
+++ b/spec/controllers/groups/milestones_controller_spec.rb
@@ -2,8 +2,8 @@ require 'spec_helper'
 
 describe Groups::MilestonesController do
   let(:group) { create(:group) }
-  let(:project) { create(:empty_project, group: group) }
-  let(:project2) { create(:empty_project, group: group) }
+  let!(:project) { create(:empty_project, group: group) }
+  let!(:project2) { create(:empty_project, group: group) }
   let(:user)    { create(:user) }
   let(:title) { '肯定不是中文的问题' }
   let(:milestone) do
@@ -17,24 +17,67 @@ describe Groups::MilestonesController do
   end
   let(:milestone_path) { group_milestone_path(group, milestone.safe_title, title: milestone.title) }
 
+  let(:milestone_params) do
+    {
+      title: title,
+      start_date: Date.today,
+      due_date: 1.month.from_now.to_date
+    }
+  end
+
   before do
     sign_in(user)
     group.add_owner(user)
     project.team << [user, :master]
   end
 
-  describe "#index" do
+  describe '#index' do
     it 'shows group milestones page' do
       get :index, group_id: group.to_param
 
       expect(response).to have_http_status(200)
     end
 
-    it 'shows group milestones JSON' do
-      get :index, group_id: group.to_param, format: :json
+    context 'as JSON' do
+      let!(:milestone) { create(:milestone, group: group, title: 'group milestone') }
+      let!(:legacy_milestone1) { create(:milestone, project: project, title: 'legacy') }
+      let!(:legacy_milestone2) { create(:milestone, project: project2, title: 'legacy') }
 
-      expect(response).to have_http_status(200)
-      expect(response.content_type).to eq 'application/json'
+      it 'lists legacy group milestones and group milestones' do
+        get :index, group_id: group.to_param, format: :json
+
+        milestones = JSON.parse(response.body)
+
+        expect(milestones.count).to eq(2)
+        expect(milestones.first["title"]).to eq("group milestone")
+        expect(milestones.second["title"]).to eq("legacy")
+        expect(response).to have_http_status(200)
+        expect(response.content_type).to eq 'application/json'
+      end
+    end
+  end
+
+  describe '#show' do
+    let(:milestone1) { create(:milestone, project: project, title: 'legacy') }
+    let(:milestone2) { create(:milestone, project: project, title: 'legacy') }
+    let(:group_milestone) { create(:milestone, group: group) }
+
+    context 'when there is a title parameter' do
+      it 'searchs for a legacy group milestone' do
+        expect(GlobalMilestone).to receive(:build)
+        expect(Milestone).not_to receive(:find_by_iid)
+
+        get :show, group_id: group.to_param, id: title, title: milestone1.safe_title
+      end
+    end
+
+    context 'when there is not a title parameter' do
+      it 'searchs for a group milestone' do
+        expect(GlobalMilestone).not_to receive(:build)
+        expect(Milestone).to receive(:find_by_iid)
+
+        get :show, group_id: group.to_param, id: group_milestone.id
+      end
     end
   end
 
@@ -44,16 +87,57 @@ describe Groups::MilestonesController do
     it "creates group milestone with Chinese title" do
       post :create,
            group_id: group.to_param,
-           milestone: { project_ids: [project.id, project2.id], title: title }
+           milestone: milestone_params
 
-      expect(response).to redirect_to(group_milestone_path(group, title.to_slug.to_s, title: title))
-      expect(Milestone.where(title: title).count).to eq(2)
+      milestone = Milestone.find_by_title(title)
+
+      expect(response).to redirect_to(group_milestone_path(group, milestone.iid))
+      expect(milestone.group_id).to eq(group.id)
+      expect(milestone.due_date).to eq(milestone_params[:due_date])
+      expect(milestone.start_date).to eq(milestone_params[:start_date])
+    end
+  end
+
+  describe "#update" do
+    let(:milestone) { create(:milestone, group: group) }
+
+    it "updates group milestone" do
+      milestone_params[:title] = "title changed"
+
+      put :update,
+           id: milestone.iid,
+           group_id: group.to_param,
+           milestone: milestone_params
+
+      milestone.reload
+      expect(response).to redirect_to(group_milestone_path(group, milestone.iid))
+      expect(milestone.title).to eq("title changed")
     end
 
-    it "redirects to new when there are no project ids" do
-      post :create, group_id: group.to_param, milestone: { title: title, project_ids: [""] }
-      expect(response).to render_template :new
-      expect(assigns(:milestone).errors).not_to be_nil
+    context "legacy group milestones" do
+      let!(:milestone1) { create(:milestone, project: project, title: 'legacy milestone', description: "old description") }
+      let!(:milestone2) { create(:milestone, project: project2, title: 'legacy milestone', description: "old description") }
+
+      it "updates only group milestones state" do
+        milestone_params[:title] = "title changed"
+        milestone_params[:description] = "description changed"
+        milestone_params[:state_event] = "close"
+
+        put :update,
+             id: milestone1.title.to_slug.to_s,
+             group_id: group.to_param,
+             milestone: milestone_params,
+             title: milestone1.title
+
+        expect(response).to redirect_to(group_milestone_path(group, milestone1.safe_title, title: milestone1.title))
+
+        [milestone1, milestone2].each do |milestone|
+          milestone.reload
+          expect(milestone.title).to eq("legacy milestone")
+          expect(milestone.description).to eq("old description")
+          expect(milestone.state).to eq("closed")
+        end
+      end
     end
   end
 
@@ -156,7 +240,7 @@ describe Groups::MilestonesController do
       it 'does not 404' do
         post :create,
              group_id: group.to_param,
-             milestone: { project_ids: [project.id, project2.id], title: title }
+             milestone: { title: title }
 
         expect(response).not_to have_http_status(404)
       end
@@ -164,7 +248,7 @@ describe Groups::MilestonesController do
       it 'does not redirect to the correct casing' do
         post :create,
              group_id: group.to_param,
-             milestone: { project_ids: [project.id, project2.id], title: title }
+             milestone: { title: title }
 
         expect(response).not_to have_http_status(301)
       end
@@ -176,7 +260,7 @@ describe Groups::MilestonesController do
       it 'returns not found' do
         post :create,
              group_id: redirect_route.path,
-             milestone: { project_ids: [project.id, project2.id], title: title }
+             milestone: { title: title }
 
         expect(response).to have_http_status(404)
       end
diff --git a/spec/controllers/groups/settings/ci_cd_controller_spec.rb b/spec/controllers/groups/settings/ci_cd_controller_spec.rb
new file mode 100644
index 00000000000..2e0efb57c74
--- /dev/null
+++ b/spec/controllers/groups/settings/ci_cd_controller_spec.rb
@@ -0,0 +1,20 @@
+require 'spec_helper'
+
+describe Groups::Settings::CiCdController do
+  let(:group) { create(:group) }
+  let(:user) { create(:user) }
+
+  before do
+    group.add_master(user)
+    sign_in(user)
+  end
+
+  describe 'GET #show' do
+    it 'renders show with 200 status code' do
+      get :show, group_id: group
+
+      expect(response).to have_http_status(200)
+      expect(response).to render_template(:show)
+    end
+  end
+end
diff --git a/spec/controllers/groups/variables_controller_spec.rb b/spec/controllers/groups/variables_controller_spec.rb
new file mode 100644
index 00000000000..02f2fa46047
--- /dev/null
+++ b/spec/controllers/groups/variables_controller_spec.rb
@@ -0,0 +1,56 @@
+require 'spec_helper'
+
+describe Groups::VariablesController do
+  let(:group) { create(:group) }
+  let(:user) { create(:user) }
+
+  before do
+    sign_in(user)
+    group.add_master(user)
+  end
+
+  describe 'POST #create' do
+    context 'variable is valid' do
+      it 'shows a success flash message' do
+        post :create, group_id: group, variable: { key: "one", value: "two" }
+
+        expect(flash[:notice]).to include 'Variable was successfully created.'
+        expect(response).to redirect_to(group_settings_ci_cd_path(group))
+      end
+    end
+
+    context 'variable is invalid' do
+      it 'renders show' do
+        post :create, group_id: group, variable: { key: "..one", value: "two" }
+
+        expect(response).to render_template("groups/variables/show")
+      end
+    end
+  end
+
+  describe 'POST #update' do
+    let(:variable) { create(:ci_group_variable) }
+
+    context 'updating a variable with valid characters' do
+      before do
+        group.variables << variable
+      end
+
+      it 'shows a success flash message' do
+        post :update, group_id: group,
+                      id: variable.id, variable: { key: variable.key, value: 'two' }
+
+        expect(flash[:notice]).to include 'Variable was successfully updated.'
+        expect(response).to redirect_to(group_variables_path(group))
+      end
+
+      it 'renders the action #show if the variable key is invalid' do
+        post :update, group_id: group,
+                      id: variable.id, variable: { key: '?', value: variable.value }
+
+        expect(response).to have_http_status(200)
+        expect(response).to render_template :show
+      end
+    end
+  end
+end
diff --git a/spec/controllers/projects/group_links_controller_spec.rb b/spec/controllers/projects/group_links_controller_spec.rb
index 48a2994cbc0..019a50882ab 100644
--- a/spec/controllers/projects/group_links_controller_spec.rb
+++ b/spec/controllers/projects/group_links_controller_spec.rb
@@ -34,7 +34,7 @@ describe Projects::GroupLinksController do
 
       it 'redirects to project group links page' do
         expect(response).to redirect_to(
-          project_settings_members_path(project)
+          project_project_members_path(project)
         )
       end
     end
@@ -65,7 +65,7 @@ describe Projects::GroupLinksController do
 
       it 'redirects to project group links page' do
         expect(response).to redirect_to(
-          project_settings_members_path(project)
+          project_project_members_path(project)
         )
       end
     end
@@ -79,7 +79,7 @@ describe Projects::GroupLinksController do
 
       it 'redirects to project group links page' do
         expect(response).to redirect_to(
-          project_settings_members_path(project)
+          project_project_members_path(project)
         )
         expect(flash[:alert]).to eq('Please select a group.')
       end
diff --git a/spec/controllers/projects/milestones_controller_spec.rb b/spec/controllers/projects/milestones_controller_spec.rb
index 84a61b2784e..bb5a340cd96 100644
--- a/spec/controllers/projects/milestones_controller_spec.rb
+++ b/spec/controllers/projects/milestones_controller_spec.rb
@@ -31,6 +31,40 @@ describe Projects::MilestonesController do
     end
   end
 
+  describe "#index" do
+    context "as html" do
+      before do
+        get :index, namespace_id: project.namespace.id, project_id: project.id
+      end
+
+      it "queries only projects milestones" do
+        milestones = assigns(:milestones)
+
+        expect(milestones.count).to eq(1)
+        expect(milestones.where(project_id: nil)).to be_empty
+      end
+    end
+
+    context "as json" do
+      let!(:group) { create(:group, :public) }
+      let!(:group_milestone) { create(:milestone, group: group) }
+      let!(:group_member) { create(:group_member, group: group, user: user) }
+
+      before do
+        project.update(namespace: group)
+        get :index, namespace_id: project.namespace.id, project_id: project.id, format: :json
+      end
+
+      it "queries projects milestones and groups milestones" do
+        milestones = assigns(:milestones)
+
+        expect(milestones.count).to eq(2)
+        expect(milestones.where(project_id: nil).first).to eq(group_milestone)
+        expect(milestones.where(group_id: nil).first).to eq(milestone)
+      end
+    end
+  end
+
   describe "#destroy" do
     it "removes milestone" do
       expect(issue.milestone_id).to eq(milestone.id)
diff --git a/spec/controllers/projects/pipeline_schedules_controller_spec.rb b/spec/controllers/projects/pipeline_schedules_controller_spec.rb
index a8c44d5c313..41bf5580993 100644
--- a/spec/controllers/projects/pipeline_schedules_controller_spec.rb
+++ b/spec/controllers/projects/pipeline_schedules_controller_spec.rb
@@ -1,6 +1,8 @@
 require 'spec_helper'
 
 describe Projects::PipelineSchedulesController do
+  include AccessMatchersForController
+
   set(:project) { create(:empty_project, :public) }
   let!(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project) }
 
@@ -17,6 +19,14 @@ describe Projects::PipelineSchedulesController do
       expect(response).to render_template(:index)
     end
 
+    it 'avoids N + 1 queries' do
+      control_count = ActiveRecord::QueryRecorder.new { visit_pipelines_schedules }.count
+
+      create_list(:ci_pipeline_schedule, 2, project: project)
+
+      expect { visit_pipelines_schedules }.not_to exceed_query_limit(control_count)
+    end
+
     context 'when the scope is set to active' do
       let(:scope) { 'active' }
 
@@ -36,104 +46,352 @@ describe Projects::PipelineSchedulesController do
     end
   end
 
-  describe 'GET edit' do
-    let(:user) { create(:user) }
+  describe 'GET #new' do
+    set(:user) { create(:user) }
 
     before do
-      project.add_master(user)
-
+      project.add_developer(user)
       sign_in(user)
     end
 
-    it 'loads the pipeline schedule' do
-      get :edit, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id
+    it 'initializes a pipeline schedule model' do
+      get :new, namespace_id: project.namespace.to_param, project_id: project
 
       expect(response).to have_http_status(:ok)
-      expect(assigns(:schedule)).to eq(pipeline_schedule)
+      expect(assigns(:schedule)).to be_a_new(Ci::PipelineSchedule)
     end
   end
 
-  describe 'DELETE #destroy' do
-    set(:user) { create(:user) }
+  describe 'POST #create' do
+    describe 'functionality' do
+      set(:user) { create(:user) }
 
-    context 'when a developer makes the request' do
       before do
         project.add_developer(user)
         sign_in(user)
+      end
 
-        delete :destroy, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id
+      let(:basic_param) do
+        attributes_for(:ci_pipeline_schedule)
       end
 
-      it 'does not delete the pipeline schedule' do
-        expect(response).not_to have_http_status(:ok)
+      context 'when variables_attributes has one variable' do
+        let(:schedule) do
+          basic_param.merge({
+            variables_attributes: [{ key: 'AAA', value: 'AAA123' }]
+          })
+        end
+
+        it 'creates a new schedule' do
+          expect { go }
+            .to change { Ci::PipelineSchedule.count }.by(1)
+            .and change { Ci::PipelineScheduleVariable.count }.by(1)
+
+          expect(response).to have_http_status(:found)
+
+          Ci::PipelineScheduleVariable.last.tap do |v|
+            expect(v.key).to eq("AAA")
+            expect(v.value).to eq("AAA123")
+          end
+        end
+      end
+
+      context 'when variables_attributes has two variables and duplicted' do
+        let(:schedule) do
+          basic_param.merge({
+            variables_attributes: [{ key: 'AAA', value: 'AAA123' }, { key: 'AAA', value: 'BBB123' }]
+          })
+        end
+
+        it 'returns an error that the keys of variable are duplicated' do
+          expect { go }
+            .to change { Ci::PipelineSchedule.count }.by(0)
+            .and change { Ci::PipelineScheduleVariable.count }.by(0)
+
+          expect(assigns(:schedule).errors['variables']).not_to be_empty
+        end
       end
     end
 
-    context 'when a master makes the request' do
+    describe 'security' do
+      let(:schedule) { attributes_for(:ci_pipeline_schedule) }
+
+      it { expect { go }.to be_allowed_for(:admin) }
+      it { expect { go }.to be_allowed_for(:owner).of(project) }
+      it { expect { go }.to be_allowed_for(:master).of(project) }
+      it { expect { go }.to be_allowed_for(:developer).of(project) }
+      it { expect { go }.to be_denied_for(:reporter).of(project) }
+      it { expect { go }.to be_denied_for(:guest).of(project) }
+      it { expect { go }.to be_denied_for(:user) }
+      it { expect { go }.to be_denied_for(:external) }
+      it { expect { go }.to be_denied_for(:visitor) }
+    end
+
+    def go
+      post :create, namespace_id: project.namespace.to_param, project_id: project, schedule: schedule
+    end
+  end
+
+  describe 'PUT #update' do
+    describe 'functionality' do
+      set(:user) { create(:user) }
+      let!(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: user) }
+
       before do
-        project.add_master(user)
+        project.add_developer(user)
         sign_in(user)
       end
 
-      it 'destroys the pipeline schedule' do
-        expect do
-          delete :destroy, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id
-        end.to change { project.pipeline_schedules.count }.by(-1)
+      context 'when a pipeline schedule has no variables' do
+        let(:basic_param) do
+          { description: 'updated_desc', cron: '0 1 * * *', cron_timezone: 'UTC', ref: 'patch-x', active: true }
+        end
 
-        expect(response).to have_http_status(302)
+        context 'when params include one variable' do
+          let(:schedule) do
+            basic_param.merge({
+              variables_attributes: [{ key: 'AAA', value: 'AAA123' }]
+            })
+          end
+
+          it 'inserts new variable to the pipeline schedule' do
+            expect { go }.to change { Ci::PipelineScheduleVariable.count }.by(1)
+
+            pipeline_schedule.reload
+            expect(response).to have_http_status(:found)
+            expect(pipeline_schedule.variables.last.key).to eq('AAA')
+            expect(pipeline_schedule.variables.last.value).to eq('AAA123')
+          end
+        end
+
+        context 'when params include two duplicated variables' do
+          let(:schedule) do
+            basic_param.merge({
+              variables_attributes: [{ key: 'AAA', value: 'AAA123' }, { key: 'AAA', value: 'BBB123' }]
+            })
+          end
+
+          it 'returns an error that variables are duplciated' do
+            go
+
+            expect(assigns(:schedule).errors['variables']).not_to be_empty
+          end
+        end
+      end
+
+      context 'when a pipeline schedule has one variable' do
+        let(:basic_param) do
+          { description: 'updated_desc', cron: '0 1 * * *', cron_timezone: 'UTC', ref: 'patch-x', active: true }
+        end
+
+        let!(:pipeline_schedule_variable) do
+          create(:ci_pipeline_schedule_variable,
+            key: 'CCC', pipeline_schedule: pipeline_schedule)
+        end
+
+        context 'when adds a new variable' do
+          let(:schedule) do
+            basic_param.merge({
+              variables_attributes: [{ key: 'AAA', value: 'AAA123' }]
+            })
+          end
+
+          it 'adds the new variable' do
+            expect { go }.to change { Ci::PipelineScheduleVariable.count }.by(1)
+
+            pipeline_schedule.reload
+            expect(pipeline_schedule.variables.last.key).to eq('AAA')
+          end
+        end
+
+        context 'when adds a new duplicated variable' do
+          let(:schedule) do
+            basic_param.merge({
+              variables_attributes: [{ key: 'CCC', value: 'AAA123' }]
+            })
+          end
+
+          it 'returns an error' do
+            expect { go }.not_to change { Ci::PipelineScheduleVariable.count }
+
+            pipeline_schedule.reload
+            expect(assigns(:schedule).errors['variables']).not_to be_empty
+          end
+        end
+
+        context 'when updates a variable' do
+          let(:schedule) do
+            basic_param.merge({
+              variables_attributes: [{ id: pipeline_schedule_variable.id, value: 'new_value' }]
+            })
+          end
+
+          it 'updates the variable' do
+            expect { go }.not_to change { Ci::PipelineScheduleVariable.count }
+
+            pipeline_schedule_variable.reload
+            expect(pipeline_schedule_variable.value).to eq('new_value')
+          end
+        end
+
+        context 'when deletes a variable' do
+          let(:schedule) do
+            basic_param.merge({
+              variables_attributes: [{ id: pipeline_schedule_variable.id, _destroy: true }]
+            })
+          end
+
+          it 'delete the existsed variable' do
+            expect { go }.to change { Ci::PipelineScheduleVariable.count }.by(-1)
+          end
+        end
+
+        context 'when deletes and creates a same key simultaneously' do
+          let(:schedule) do
+            basic_param.merge({
+              variables_attributes: [{ id: pipeline_schedule_variable.id, _destroy: true },
+                                     { key: 'CCC', value: 'CCC123' }]
+            })
+          end
+
+          it 'updates the variable' do
+            expect { go }.not_to change { Ci::PipelineScheduleVariable.count }
+
+            pipeline_schedule.reload
+            expect(pipeline_schedule.variables.last.key).to eq('CCC')
+            expect(pipeline_schedule.variables.last.value).to eq('CCC123')
+          end
+        end
       end
     end
-  end
 
-  describe 'security' do
-    include AccessMatchersForController
+    describe 'security' do
+      let(:schedule) { { description: 'updated_desc' } }
 
-    describe 'GET edit' do
       it { expect { go }.to be_allowed_for(:admin) }
       it { expect { go }.to be_allowed_for(:owner).of(project) }
       it { expect { go }.to be_allowed_for(:master).of(project) }
-      it { expect { go }.to be_allowed_for(:developer).of(project) }
+      it { expect { go }.to be_allowed_for(:developer).of(project).own(pipeline_schedule) }
       it { expect { go }.to be_denied_for(:reporter).of(project) }
       it { expect { go }.to be_denied_for(:guest).of(project) }
       it { expect { go }.to be_denied_for(:user) }
       it { expect { go }.to be_denied_for(:external) }
       it { expect { go }.to be_denied_for(:visitor) }
 
-      def go
+      context 'when a developer created a pipeline schedule' do
+        let(:developer_1) { create(:user) }
+        let!(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: developer_1) }
+
+        before do
+          project.add_developer(developer_1)
+        end
+
+        it { expect { go }.to be_allowed_for(developer_1) }
+        it { expect { go }.to be_denied_for(:developer).of(project) }
+        it { expect { go }.to be_allowed_for(:master).of(project) }
+      end
+
+      context 'when a master created a pipeline schedule' do
+        let(:master_1) { create(:user) }
+        let!(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: master_1) }
+
+        before do
+          project.add_master(master_1)
+        end
+
+        it { expect { go }.to be_allowed_for(master_1) }
+        it { expect { go }.to be_allowed_for(:master).of(project) }
+        it { expect { go }.to be_denied_for(:developer).of(project) }
+      end
+    end
+
+    def go
+      put :update, namespace_id: project.namespace.to_param,
+                   project_id: project, id: pipeline_schedule,
+                   schedule: schedule
+    end
+  end
+
+  describe 'GET #edit' do
+    describe 'functionality' do
+      let(:user) { create(:user) }
+
+      before do
+        project.add_master(user)
+        sign_in(user)
+      end
+
+      it 'loads the pipeline schedule' do
         get :edit, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id
+
+        expect(response).to have_http_status(:ok)
+        expect(assigns(:schedule)).to eq(pipeline_schedule)
       end
     end
 
-    describe 'GET take_ownership' do
+    describe 'security' do
       it { expect { go }.to be_allowed_for(:admin) }
       it { expect { go }.to be_allowed_for(:owner).of(project) }
       it { expect { go }.to be_allowed_for(:master).of(project) }
-      it { expect { go }.to be_allowed_for(:developer).of(project) }
+      it { expect { go }.to be_allowed_for(:developer).of(project).own(pipeline_schedule) }
       it { expect { go }.to be_denied_for(:reporter).of(project) }
       it { expect { go }.to be_denied_for(:guest).of(project) }
       it { expect { go }.to be_denied_for(:user) }
       it { expect { go }.to be_denied_for(:external) }
       it { expect { go }.to be_denied_for(:visitor) }
+    end
 
-      def go
-        post :take_ownership, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id
-      end
+    def go
+      get :edit, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id
     end
+  end
 
-    describe 'PUT update' do
+  describe 'GET #take_ownership' do
+    describe 'security' do
       it { expect { go }.to be_allowed_for(:admin) }
       it { expect { go }.to be_allowed_for(:owner).of(project) }
       it { expect { go }.to be_allowed_for(:master).of(project) }
-      it { expect { go }.to be_allowed_for(:developer).of(project) }
+      it { expect { go }.to be_allowed_for(:developer).of(project).own(pipeline_schedule) }
       it { expect { go }.to be_denied_for(:reporter).of(project) }
       it { expect { go }.to be_denied_for(:guest).of(project) }
       it { expect { go }.to be_denied_for(:user) }
       it { expect { go }.to be_denied_for(:external) }
       it { expect { go }.to be_denied_for(:visitor) }
+    end
+
+    def go
+      post :take_ownership, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id
+    end
+  end
+
+  describe 'DELETE #destroy' do
+    set(:user) { create(:user) }
+
+    context 'when a developer makes the request' do
+      before do
+        project.add_developer(user)
+        sign_in(user)
 
-      def go
-        put :update, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id,
-                     schedule: { description: 'a' }
+        delete :destroy, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id
+      end
+
+      it 'does not delete the pipeline schedule' do
+        expect(response).to have_http_status(:not_found)
+      end
+    end
+
+    context 'when a master makes the request' do
+      before do
+        project.add_master(user)
+        sign_in(user)
+      end
+
+      it 'destroys the pipeline schedule' do
+        expect do
+          delete :destroy, namespace_id: project.namespace.to_param, project_id: project, id: pipeline_schedule.id
+        end.to change { project.pipeline_schedules.count }.by(-1)
+
+        expect(response).to have_http_status(302)
       end
     end
   end
diff --git a/spec/controllers/projects/project_members_controller_spec.rb b/spec/controllers/projects/project_members_controller_spec.rb
index 548ec8f487f..8671d7a78dd 100644
--- a/spec/controllers/projects/project_members_controller_spec.rb
+++ b/spec/controllers/projects/project_members_controller_spec.rb
@@ -5,11 +5,10 @@ describe Projects::ProjectMembersController do
   let(:project) { create(:empty_project, :public, :access_requestable) }
 
   describe 'GET index' do
-    it 'should have the settings/members address with a 302 status code' do
+    it 'should have the project_members address with a 200 status code' do
       get :index, namespace_id: project.namespace, project_id: project
 
-      expect(response).to have_http_status(302)
-      expect(response.location).to include project_settings_members_path(project)
+      expect(response).to have_http_status(200)
     end
   end
 
@@ -50,7 +49,7 @@ describe Projects::ProjectMembersController do
                       access_level: Gitlab::Access::GUEST
 
         expect(response).to set_flash.to 'Users were successfully added.'
-        expect(response).to redirect_to(project_settings_members_path(project))
+        expect(response).to redirect_to(project_project_members_path(project))
       end
 
       it 'adds no user to members' do
@@ -62,7 +61,7 @@ describe Projects::ProjectMembersController do
                       access_level: Gitlab::Access::GUEST
 
         expect(response).to set_flash.to 'Message'
-        expect(response).to redirect_to(project_settings_members_path(project))
+        expect(response).to redirect_to(project_project_members_path(project))
       end
     end
   end
@@ -111,7 +110,7 @@ describe Projects::ProjectMembersController do
                            id: member
 
           expect(response).to redirect_to(
-            project_settings_members_path(project)
+            project_project_members_path(project)
           )
           expect(project.members).not_to include member
         end
@@ -253,7 +252,7 @@ describe Projects::ProjectMembersController do
                                         id: member
 
           expect(response).to redirect_to(
-            project_settings_members_path(project)
+            project_project_members_path(project)
           )
           expect(project.members).to include member
         end
@@ -290,7 +289,7 @@ describe Projects::ProjectMembersController do
         expect(project.team_members).to include member
         expect(response).to set_flash.to 'Successfully imported'
         expect(response).to redirect_to(
-          project_settings_members_path(project)
+          project_project_members_path(project)
         )
       end
     end
diff --git a/spec/controllers/projects/settings/members_controller_spec.rb b/spec/controllers/projects/settings/members_controller_spec.rb
deleted file mode 100644
index 076d6cd9c6e..00000000000
--- a/spec/controllers/projects/settings/members_controller_spec.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-require('spec_helper')
-
-describe Projects::Settings::MembersController do
-  let(:project) { create(:empty_project, :public, :access_requestable) }
-
-  describe 'GET show' do
-    it 'renders show with 200 status code' do
-      get :show, namespace_id: project.namespace, project_id: project
-
-      expect(response).to have_http_status(200)
-      expect(response).to render_template(:show)
-    end
-  end
-end
diff --git a/spec/controllers/projects/variables_controller_spec.rb b/spec/controllers/projects/variables_controller_spec.rb
index a0ecc756653..da06fcb7cfb 100644
--- a/spec/controllers/projects/variables_controller_spec.rb
+++ b/spec/controllers/projects/variables_controller_spec.rb
@@ -15,13 +15,13 @@ describe Projects::VariablesController do
         post :create, namespace_id: project.namespace.to_param, project_id: project,
                       variable: { key: "one", value: "two" }
 
-        expect(flash[:notice]).to include 'Variables were successfully updated.'
+        expect(flash[:notice]).to include 'Variable was successfully created.'
         expect(response).to redirect_to(project_settings_ci_cd_path(project))
       end
     end
 
     context 'variable is invalid' do
-      it 'shows an alert flash message' do
+      it 'renders show' do
         post :create, namespace_id: project.namespace.to_param, project_id: project,
                       variable: { key: "..one", value: "two" }
 
@@ -35,7 +35,6 @@ describe Projects::VariablesController do
 
     context 'updating a variable with valid characters' do
       before do
-        variable.project_id = project.id
         project.variables << variable
       end
 
diff --git a/spec/factories/ci/group_variables.rb b/spec/factories/ci/group_variables.rb
new file mode 100644
index 00000000000..565ced9eb1a
--- /dev/null
+++ b/spec/factories/ci/group_variables.rb
@@ -0,0 +1,12 @@
+FactoryGirl.define do
+  factory :ci_group_variable, class: Ci::GroupVariable do
+    sequence(:key) { |n| "VARIABLE_#{n}" }
+    value 'VARIABLE_VALUE'
+
+    trait(:protected) do
+      protected true
+    end
+
+    group factory: :group
+  end
+end
diff --git a/spec/factories/ci/pipeline_schedule_variables.rb b/spec/factories/ci/pipeline_schedule_variables.rb
new file mode 100644
index 00000000000..ca64d1aada0
--- /dev/null
+++ b/spec/factories/ci/pipeline_schedule_variables.rb
@@ -0,0 +1,8 @@
+FactoryGirl.define do
+  factory :ci_pipeline_schedule_variable, class: Ci::PipelineScheduleVariable do
+    sequence(:key) { |n| "VARIABLE_#{n}" }
+    value 'VARIABLE_VALUE'
+
+    pipeline_schedule factory: :ci_pipeline_schedule
+  end
+end
diff --git a/spec/factories/milestones.rb b/spec/factories/milestones.rb
index 841ab3c73b8..113665ff11b 100644
--- a/spec/factories/milestones.rb
+++ b/spec/factories/milestones.rb
@@ -1,7 +1,13 @@
 FactoryGirl.define do
   factory :milestone do
     title
-    project factory: :empty_project
+
+    transient do
+      project nil
+      group nil
+      project_id nil
+      group_id nil
+    end
 
     trait :active do
       state "active"
@@ -11,6 +17,20 @@ FactoryGirl.define do
       state "closed"
     end
 
+    after(:build) do |milestone, evaluator|
+      if evaluator.group
+        milestone.group = evaluator.group
+      elsif evaluator.group_id
+        milestone.group_id = evaluator.group_id
+      elsif evaluator.project
+        milestone.project = evaluator.project
+      elsif evaluator.project_id
+        milestone.project_id = evaluator.project_id
+      else
+        milestone.project = create(:empty_project)
+      end
+    end
+
     factory :active_milestone, traits: [:active]
     factory :closed_milestone, traits: [:closed]
   end
diff --git a/spec/features/group_variables_spec.rb b/spec/features/group_variables_spec.rb
new file mode 100644
index 00000000000..37814ba6238
--- /dev/null
+++ b/spec/features/group_variables_spec.rb
@@ -0,0 +1,78 @@
+require 'spec_helper'
+
+feature 'Group variables', js: true do
+  let(:user) { create(:user) }
+  let(:group) { create(:group) }
+
+  background do
+    group.add_master(user)
+    gitlab_sign_in(user)
+  end
+
+  context 'when user creates a new variable' do
+    background do
+      visit group_settings_ci_cd_path(group)
+      fill_in 'variable_key', with: 'AAA'
+      fill_in 'variable_value', with: 'AAA123'
+      find(:css, "#variable_protected").set(true)
+      click_on 'Add new variable'
+    end
+
+    scenario 'user sees the created variable' do
+      page.within('.variables-table') do
+        expect(find(".variable-key")).to have_content('AAA')
+        expect(find(".variable-value")).to have_content('******')
+        expect(find(".variable-protected")).to have_content('Yes')
+      end
+      click_on 'Reveal Values'
+      page.within('.variables-table') do
+        expect(find(".variable-value")).to have_content('AAA123')
+      end
+    end
+  end
+
+  context 'when user edits a variable' do
+    background do
+      create(:ci_group_variable, key: 'AAA', value: 'AAA123', protected: true,
+                                 group: group)
+
+      visit group_settings_ci_cd_path(group)
+
+      page.within('.variable-menu') do
+        click_on 'Update'
+      end
+
+      fill_in 'variable_key', with: 'BBB'
+      fill_in 'variable_value', with: 'BBB123'
+      find(:css, "#variable_protected").set(false)
+      click_on 'Save variable'
+    end
+
+    scenario 'user sees the updated variable' do
+      page.within('.variables-table') do
+        expect(find(".variable-key")).to have_content('BBB')
+        expect(find(".variable-value")).to have_content('******')
+        expect(find(".variable-protected")).to have_content('No')
+      end
+    end
+  end
+
+  context 'when user deletes a variable' do
+    background do
+      create(:ci_group_variable, key: 'BBB', value: 'BBB123', protected: false,
+                                 group: group)
+
+      visit group_settings_ci_cd_path(group)
+
+      page.within('.variable-menu') do
+        page.accept_alert 'Are you sure?' do
+          click_on 'Remove'
+        end
+      end
+    end
+
+    scenario 'user does not see the deleted variable' do
+      expect(page).to have_no_css('.variables-table')
+    end
+  end
+end
diff --git a/spec/features/groups/milestone_spec.rb b/spec/features/groups/milestone_spec.rb
index 330310eae6b..9b6eb946f4b 100644
--- a/spec/features/groups/milestone_spec.rb
+++ b/spec/features/groups/milestone_spec.rb
@@ -33,4 +33,32 @@ feature 'Group milestones', :feature, :js do
       expect(find('.start_date')).to have_content(Date.today.at_beginning_of_month.strftime('%b %-d, %Y'))
     end
   end
+
+  context 'milestones list' do
+    let!(:other_project) { create(:project_empty_repo, group: group) }
+
+    let!(:active_group_milestone) { create(:milestone, group: group, state: 'active') }
+    let!(:active_project_milestone1) { create(:milestone, project: project, state: 'active', title: 'v1.0') }
+    let!(:active_project_milestone2) { create(:milestone, project: other_project, state: 'active', title: 'v1.0') }
+    let!(:closed_group_milestone) { create(:milestone, group: group, state: 'closed') }
+    let!(:closed_project_milestone1) { create(:milestone, project: project, state: 'closed', title: 'v2.0') }
+    let!(:closed_project_milestone2) { create(:milestone, project: other_project, state: 'closed', title: 'v2.0') }
+
+    before do
+      visit group_milestones_path(group)
+    end
+
+    it 'counts milestones correctly' do
+      expect(find('.top-area .active .badge').text).to eq("2")
+      expect(find('.top-area .closed .badge').text).to eq("2")
+      expect(find('.top-area .all .badge').text).to eq("4")
+    end
+
+    it 'lists legacy group milestones and group milestones' do
+      legacy_milestone = GroupMilestone.build_collection(group, group.projects, { state: 'active' }).first
+
+      expect(page).to have_selector("#milestone_#{active_group_milestone.id}", count: 1)
+      expect(page).to have_selector("#milestone_#{legacy_milestone.milestones.first.id}", count: 1)
+    end
+  end
 end
diff --git a/spec/features/issues/form_spec.rb b/spec/features/issues/form_spec.rb
index 5c75b0d56b0..4a2ca243755 100644
--- a/spec/features/issues/form_spec.rb
+++ b/spec/features/issues/form_spec.rb
@@ -23,7 +23,7 @@ describe 'New/edit issue', :feature, :js do
       visit new_project_issue_path(project)
     end
 
-    describe 'shorten users API pagination limit (CE)' do
+    describe 'shorten users API pagination limit' do
       before do
         # Using `allow_any_instance_of`/`and_wrap_original`, `original` would
         # somehow refer to the very block we defined to _wrap_ that method, instead of
@@ -63,7 +63,7 @@ describe 'New/edit issue', :feature, :js do
       end
     end
 
-    describe 'single assignee (CE)' do
+    describe 'single assignee' do
       before do
         click_button 'Unassigned'
 
diff --git a/spec/features/milestone_spec.rb b/spec/features/milestone_spec.rb
index 880c53343bc..2afdd0d321c 100644
--- a/spec/features/milestone_spec.rb
+++ b/spec/features/milestone_spec.rb
@@ -1,10 +1,12 @@
 require 'rails_helper'
 
 feature 'Milestone', feature: true do
-  let(:project) { create(:empty_project, :public) }
+  let(:group) { create(:group, :public) }
+  let(:project) { create(:empty_project, :public, namespace: group) }
   let(:user)   { create(:user) }
 
   before do
+    create(:group_member, group: group, user: user)
     project.team << [user, :master]
     gitlab_sign_in(user)
   end
@@ -37,8 +39,8 @@ feature 'Milestone', feature: true do
     end
   end
 
-  feature 'Open a milestone with an existing title' do
-    scenario 'displays validation message' do
+  feature 'Open a project milestone with an existing title' do
+    scenario 'displays validation message when there is a project milestone with same title' do
       milestone = create(:milestone, project: project, title: 8.7)
 
       visit new_project_milestone_path(project)
@@ -47,7 +49,20 @@ feature 'Milestone', feature: true do
       end
       find('input[name="commit"]').click
 
-      expect(find('.alert-danger')).to have_content('Title has already been taken')
+      expect(find('.alert-danger')).to have_content('already being used for another group or project milestone.')
+    end
+
+    scenario 'displays validation message when there is a group milestone with same title' do
+      milestone = create(:milestone, project_id: nil, group: project.group, title: 8.7)
+
+      visit new_group_milestone_path(project.group)
+
+      page.within '.milestone-form' do
+        fill_in "milestone_title", with: milestone.title
+      end
+      find('input[name="commit"]').click
+
+      expect(find('.alert-danger')).to have_content('already being used for another group or project milestone.')
     end
   end
 end
diff --git a/spec/features/oauth_login_spec.rb b/spec/features/oauth_login_spec.rb
index 1b6d1f3415f..42764e808e6 100644
--- a/spec/features/oauth_login_spec.rb
+++ b/spec/features/oauth_login_spec.rb
@@ -13,7 +13,7 @@ feature 'OAuth Login', js: true do
   end
 
   providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2,
-               :facebook, :cas3, :auth0]
+               :facebook, :cas3, :auth0, :authentiq]
 
   before(:all) do
     # The OmniAuth `full_host` parameter doesn't get set correctly (it gets set to something like `http://localhost`
diff --git a/spec/features/projects/members/anonymous_user_sees_members_spec.rb b/spec/features/projects/members/anonymous_user_sees_members_spec.rb
index 4958d5594ac..28c8d20aad5 100644
--- a/spec/features/projects/members/anonymous_user_sees_members_spec.rb
+++ b/spec/features/projects/members/anonymous_user_sees_members_spec.rb
@@ -11,10 +11,10 @@ feature 'Projects > Members > Anonymous user sees members', feature: true do
   end
 
   scenario "anonymous user visits the project's members page and sees the list of members" do
-    visit project_settings_members_path(project)
+    visit project_project_members_path(project)
 
     expect(current_path).to eq(
-      project_settings_members_path(project))
+      project_project_members_path(project))
     expect(page).to have_content(user.name)
   end
 end
diff --git a/spec/features/projects/members/user_requests_access_spec.rb b/spec/features/projects/members/user_requests_access_spec.rb
index 247cc0e6f2c..75a366a3eb7 100644
--- a/spec/features/projects/members/user_requests_access_spec.rb
+++ b/spec/features/projects/members/user_requests_access_spec.rb
@@ -46,10 +46,11 @@ feature 'Projects > Members > User requests access', feature: true do
 
     expect(project.requesters.exists?(user_id: user)).to be_truthy
 
-    open_project_settings_menu
-    click_link 'Members'
+    page.within('.layout-nav .nav-links') do
+      click_link('Members')
+    end
 
-    visit project_settings_members_path(project)
+    visit project_project_members_path(project)
     page.within('.content') do
       expect(page).not_to have_content(user.name)
     end
diff --git a/spec/features/projects/pipeline_schedules_spec.rb b/spec/features/projects/pipeline_schedules_spec.rb
index d8bb7ca9a83..fee54466b81 100644
--- a/spec/features/projects/pipeline_schedules_spec.rb
+++ b/spec/features/projects/pipeline_schedules_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-feature 'Pipeline Schedules', :feature do
+feature 'Pipeline Schedules', :feature, js: true do
   include PipelineSchedulesHelper
 
   let!(:project) { create(:project) }
@@ -11,27 +11,20 @@ feature 'Pipeline Schedules', :feature do
 
   before do
     project.add_master(user)
-
     gitlab_sign_in(user)
-    visit_page
   end
 
   describe 'GET /projects/pipeline_schedules' do
-    let(:visit_page) { visit_pipelines_schedules }
-
-    it 'avoids N + 1 queries' do
-      control_count = ActiveRecord::QueryRecorder.new { visit_pipelines_schedules }.count
-
-      create_list(:ci_pipeline_schedule, 2, project: project)
-
-      expect { visit_pipelines_schedules }.not_to exceed_query_limit(control_count)
+    before do
+      visit_pipelines_schedules
     end
 
     describe 'The view' do
       it 'displays the required information description' do
         page.within('.pipeline-schedule-table-row') do
           expect(page).to have_content('pipeline schedule')
-          expect(page).to have_content(pipeline_schedule.real_next_run.strftime('%b %d, %Y'))
+          expect(find(".next-run-cell time")['data-original-title'])
+            .to include(pipeline_schedule.real_next_run.strftime('%b %-d, %Y'))
           expect(page).to have_link('master')
           expect(page).to have_link("##{pipeline.id}")
         end
@@ -62,7 +55,7 @@ feature 'Pipeline Schedules', :feature do
       it 'deletes the pipeline' do
         click_link 'Delete'
 
-        expect(page).not_to have_content('pipeline schedule')
+        expect(page).not_to have_css(".pipeline-schedule-table-row")
       end
     end
 
@@ -78,8 +71,10 @@ feature 'Pipeline Schedules', :feature do
     end
   end
 
-  describe 'POST /projects/pipeline_schedules/new', js: true do
-    let(:visit_page) { visit_new_pipeline_schedule }
+  describe 'POST /projects/pipeline_schedules/new' do
+    before do
+      visit_new_pipeline_schedule
+    end
 
     it 'sets defaults for timezone and target branch' do
       expect(page).to have_button('master')
@@ -100,8 +95,8 @@ feature 'Pipeline Schedules', :feature do
     end
   end
 
-  describe 'PATCH /projects/pipelines_schedules/:id/edit', js: true do
-    let(:visit_page) do
+  describe 'PATCH /projects/pipelines_schedules/:id/edit' do
+    before do
       edit_pipeline_schedule
     end
 
@@ -134,6 +129,72 @@ feature 'Pipeline Schedules', :feature do
     end
   end
 
+  context 'when user creates a new pipeline schedule with variables' do
+    background do
+      visit_pipelines_schedules
+      click_link 'New schedule'
+      fill_in_schedule_form
+      all('[name="schedule[variables_attributes][][key]"]')[0].set('AAA')
+      all('[name="schedule[variables_attributes][][value]"]')[0].set('AAA123')
+      all('[name="schedule[variables_attributes][][key]"]')[1].set('BBB')
+      all('[name="schedule[variables_attributes][][value]"]')[1].set('BBB123')
+      save_pipeline_schedule
+    end
+
+    scenario 'user sees the new variable in edit window' do
+      find(".content-list .pipeline-schedule-table-row:nth-child(1) .btn-group a[title='Edit']").click
+      page.within('.pipeline-variable-list') do
+        expect(find(".pipeline-variable-row:nth-child(1) .pipeline-variable-key-input").value).to eq('AAA')
+        expect(find(".pipeline-variable-row:nth-child(1) .pipeline-variable-value-input").value).to eq('AAA123')
+        expect(find(".pipeline-variable-row:nth-child(2) .pipeline-variable-key-input").value).to eq('BBB')
+        expect(find(".pipeline-variable-row:nth-child(2) .pipeline-variable-value-input").value).to eq('BBB123')
+      end
+    end
+  end
+
+  context 'when user edits a variable of a pipeline schedule' do
+    background do
+      create(:ci_pipeline_schedule, project: project, owner: user).tap do |pipeline_schedule|
+        create(:ci_pipeline_schedule_variable, key: 'AAA', value: 'AAA123', pipeline_schedule: pipeline_schedule)
+      end
+
+      visit_pipelines_schedules
+      find(".content-list .pipeline-schedule-table-row:nth-child(1) .btn-group a[title='Edit']").click
+      all('[name="schedule[variables_attributes][][key]"]')[0].set('foo')
+      all('[name="schedule[variables_attributes][][value]"]')[0].set('bar')
+      click_button 'Save pipeline schedule'
+    end
+
+    scenario 'user sees the updated variable in edit window' do
+      find(".content-list .pipeline-schedule-table-row:nth-child(1) .btn-group a[title='Edit']").click
+      page.within('.pipeline-variable-list') do
+        expect(find(".pipeline-variable-row:nth-child(1) .pipeline-variable-key-input").value).to eq('foo')
+        expect(find(".pipeline-variable-row:nth-child(1) .pipeline-variable-value-input").value).to eq('bar')
+      end
+    end
+  end
+
+  context 'when user removes a variable of a pipeline schedule' do
+    background do
+      create(:ci_pipeline_schedule, project: project, owner: user).tap do |pipeline_schedule|
+        create(:ci_pipeline_schedule_variable, key: 'AAA', value: 'AAA123', pipeline_schedule: pipeline_schedule)
+      end
+
+      visit_pipelines_schedules
+      find(".content-list .pipeline-schedule-table-row:nth-child(1) .btn-group a[title='Edit']").click
+      find('.pipeline-variable-list .pipeline-variable-row-remove-button').click
+      click_button 'Save pipeline schedule'
+    end
+
+    scenario 'user does not see the removed variable in edit window' do
+      find(".content-list .pipeline-schedule-table-row:nth-child(1) .btn-group a[title='Edit']").click
+      page.within('.pipeline-variable-list') do
+        expect(find(".pipeline-variable-row:nth-child(1) .pipeline-variable-key-input").value).to eq('')
+        expect(find(".pipeline-variable-row:nth-child(1) .pipeline-variable-value-input").value).to eq('')
+      end
+    end
+  end
+
   def visit_new_pipeline_schedule
     visit new_project_pipeline_schedule_path(project, pipeline_schedule)
   end
diff --git a/spec/features/variables_spec.rb b/spec/features/variables_spec.rb
index 1a2dedf27eb..7acf7a089af 100644
--- a/spec/features/variables_spec.rb
+++ b/spec/features/variables_spec.rb
@@ -24,7 +24,7 @@ describe 'Project variables', js: true do
     fill_in('variable_value', with: 'key value')
     click_button('Add new variable')
 
-    expect(page).to have_content('Variables were successfully updated.')
+    expect(page).to have_content('Variable was successfully created.')
     page.within('.variables-table') do
       expect(page).to have_content('key')
       expect(page).to have_content('No')
@@ -36,7 +36,7 @@ describe 'Project variables', js: true do
     fill_in('variable_value', with: '')
     click_button('Add new variable')
 
-    expect(page).to have_content('Variables were successfully updated.')
+    expect(page).to have_content('Variable was successfully created.')
     page.within('.variables-table') do
       expect(page).to have_content('new_key')
     end
@@ -48,7 +48,7 @@ describe 'Project variables', js: true do
     check('Protected')
     click_button('Add new variable')
 
-    expect(page).to have_content('Variables were successfully updated.')
+    expect(page).to have_content('Variable was successfully created.')
     page.within('.variables-table') do
       expect(page).to have_content('key')
       expect(page).to have_content('Yes')
@@ -82,7 +82,7 @@ describe 'Project variables', js: true do
 
   it 'deletes variable' do
     page.within('.variables-table') do
-      find('.btn-variable-delete').click
+      click_on 'Remove'
     end
 
     expect(page).not_to have_selector('variables-table')
@@ -90,7 +90,7 @@ describe 'Project variables', js: true do
 
   it 'edits variable' do
     page.within('.variables-table') do
-      find('.btn-variable-edit').click
+      click_on 'Update'
     end
 
     expect(page).to have_content('Update variable')
@@ -104,7 +104,7 @@ describe 'Project variables', js: true do
 
   it 'edits variable with empty value' do
     page.within('.variables-table') do
-      find('.btn-variable-edit').click
+      click_on 'Update'
     end
 
     expect(page).to have_content('Update variable')
@@ -117,7 +117,7 @@ describe 'Project variables', js: true do
 
   it 'edits variable to be protected' do
     page.within('.variables-table') do
-      find('.btn-variable-edit').click
+      click_on 'Update'
     end
 
     expect(page).to have_content('Update variable')
@@ -132,7 +132,7 @@ describe 'Project variables', js: true do
     project.variables.first.update(protected: true)
 
     page.within('.variables-table') do
-      find('.btn-variable-edit').click
+      click_on 'Update'
     end
 
     expect(page).to have_content('Update variable')
diff --git a/spec/finders/issues_finder_spec.rb b/spec/finders/issues_finder_spec.rb
index 4a52f0d5c58..bef4fd44331 100644
--- a/spec/finders/issues_finder_spec.rb
+++ b/spec/finders/issues_finder_spec.rb
@@ -59,6 +59,23 @@ describe IssuesFinder do
         end
       end
 
+      context 'filtering by group milestone' do
+        let!(:group) { create(:group, :public) }
+        let(:group_milestone) { create(:milestone, group: group) }
+        let!(:group_member) { create(:group_member, group: group, user: user) }
+        let(:params) { { milestone_title: group_milestone.title } }
+
+        before do
+          project2.update(namespace: group)
+          issue2.update(milestone: group_milestone)
+          issue3.update(milestone: group_milestone)
+        end
+
+        it 'returns issues assigned to that group milestone' do
+          expect(issues).to contain_exactly(issue2, issue3)
+        end
+      end
+
       context 'filtering by no milestone' do
         let(:params) { { milestone_title: Milestone::None.title } }
 
diff --git a/spec/finders/merge_requests_finder_spec.rb b/spec/finders/merge_requests_finder_spec.rb
index 5eb26de6c92..b46218bf72e 100644
--- a/spec/finders/merge_requests_finder_spec.rb
+++ b/spec/finders/merge_requests_finder_spec.rb
@@ -47,6 +47,25 @@ describe MergeRequestsFinder do
       expect(merge_requests).to contain_exactly(merge_request1)
     end
 
+    context 'filtering by group milestone' do
+      let!(:group) { create(:group, :public) }
+      let(:group_milestone) { create(:milestone, group: group) }
+      let!(:group_member) { create(:group_member, group: group, user: user) }
+      let(:params) { { milestone_title: group_milestone.title } }
+
+      before do
+        project2.update(namespace: group)
+        merge_request2.update(milestone: group_milestone)
+        merge_request3.update(milestone: group_milestone)
+      end
+
+      it 'returns issues assigned to that group milestone' do
+        merge_requests = described_class.new(user, params).execute
+
+        expect(merge_requests).to contain_exactly(merge_request2, merge_request3)
+      end
+    end
+
     context 'with created_after and created_before params' do
       let(:project4) { create(:empty_project, forked_from_project: project1) }
 
diff --git a/spec/finders/milestones_finder_spec.rb b/spec/finders/milestones_finder_spec.rb
new file mode 100644
index 00000000000..32ec983c5b8
--- /dev/null
+++ b/spec/finders/milestones_finder_spec.rb
@@ -0,0 +1,90 @@
+require 'spec_helper'
+
+describe MilestonesFinder do
+  let(:group) { create(:group) }
+  let(:project_1) { create(:empty_project, namespace: group) }
+  let(:project_2) { create(:empty_project, namespace: group) }
+  let!(:milestone_1) { create(:milestone, group: group, title: 'one test', due_date: Date.today) }
+  let!(:milestone_2) { create(:milestone, group: group) }
+  let!(:milestone_3) { create(:milestone, project: project_1, state: 'active', due_date: Date.tomorrow) }
+  let!(:milestone_4) { create(:milestone, project: project_2, state: 'active') }
+
+  it 'it returns milestones for projects' do
+    result = described_class.new(project_ids: [project_1.id, project_2.id], state: 'all').execute
+
+    expect(result).to contain_exactly(milestone_3, milestone_4)
+  end
+
+  it 'returns milestones for groups' do
+    result = described_class.new(group_ids: group.id,  state: 'all').execute
+
+    expect(result).to contain_exactly(milestone_1, milestone_2)
+  end
+
+  it 'returns milestones for groups and projects' do
+    result = described_class.new(project_ids: [project_1.id, project_2.id], group_ids: group.id, state: 'all').execute
+
+    expect(result).to contain_exactly(milestone_1, milestone_2, milestone_3, milestone_4)
+  end
+
+  context 'with filters' do
+    let(:params) do
+      {
+        project_ids: [project_1.id, project_2.id],
+        group_ids: group.id,
+        state: 'all'
+      }
+    end
+
+    before do
+      milestone_1.close
+      milestone_3.close
+    end
+
+    it 'filters by active state' do
+      params[:state] = 'active'
+      result = described_class.new(params).execute
+
+      expect(result).to contain_exactly(milestone_2, milestone_4)
+    end
+
+    it 'filters by closed state' do
+      params[:state] = 'closed'
+      result = described_class.new(params).execute
+
+      expect(result).to contain_exactly(milestone_1, milestone_3)
+    end
+
+    it 'filters by title' do
+      result = described_class.new(params.merge(title: 'one test')).execute
+
+      expect(result.to_a).to contain_exactly(milestone_1)
+    end
+  end
+
+  context 'with order' do
+    let(:params) do
+      {
+        project_ids: [project_1.id, project_2.id],
+        group_ids: group.id,
+        state: 'all'
+      }
+    end
+
+    it "default orders by due date" do
+      result = described_class.new(params).execute
+
+      expect(result.first).to eq(milestone_1)
+      expect(result.second).to eq(milestone_3)
+    end
+
+    it "orders by parameter" do
+      result = described_class.new(params.merge(order: 'id DESC')).execute
+
+      expect(result.first).to eq(milestone_4)
+      expect(result.second).to eq(milestone_3)
+      expect(result.third).to eq(milestone_2)
+      expect(result.fourth).to eq(milestone_1)
+    end
+  end
+end
diff --git a/spec/fixtures/api/schemas/public_api/v3/issues.json b/spec/fixtures/api/schemas/public_api/v3/issues.json
index f2ee9c925ae..51b0822bc66 100644
--- a/spec/fixtures/api/schemas/public_api/v3/issues.json
+++ b/spec/fixtures/api/schemas/public_api/v3/issues.json
@@ -22,7 +22,8 @@
         "properties": {
           "id": { "type": "integer" },
           "iid": { "type": "integer" },
-          "project_id": { "type": "integer" },
+          "project_id": { "type": ["integer", "null"] },
+          "group_id": { "type": ["integer", "null"] },
           "title": { "type": "string" },
           "description": { "type": ["string", "null"] },
           "state": { "type": "string" },
diff --git a/spec/fixtures/api/schemas/public_api/v3/merge_requests.json b/spec/fixtures/api/schemas/public_api/v3/merge_requests.json
index 01f9fbb2c89..b5c74bcc26e 100644
--- a/spec/fixtures/api/schemas/public_api/v3/merge_requests.json
+++ b/spec/fixtures/api/schemas/public_api/v3/merge_requests.json
@@ -53,7 +53,8 @@
         "properties": {
           "id": { "type": "integer" },
           "iid": { "type": "integer" },
-          "project_id": { "type": "integer" },
+          "project_id": { "type": ["integer", "null"] },
+          "group_id": { "type": ["integer", "null"] },
           "title": { "type": "string" },
           "description": { "type": ["string", "null"] },
           "state": { "type": "string" },
diff --git a/spec/fixtures/api/schemas/public_api/v4/issues.json b/spec/fixtures/api/schemas/public_api/v4/issues.json
index 2d1c84ee93d..bd6bfc03199 100644
--- a/spec/fixtures/api/schemas/public_api/v4/issues.json
+++ b/spec/fixtures/api/schemas/public_api/v4/issues.json
@@ -22,7 +22,8 @@
         "properties": {
           "id": { "type": "integer" },
           "iid": { "type": "integer" },
-          "project_id": { "type": "integer" },
+          "project_id": { "type": ["integer", "null"] },
+          "group_id": { "type": ["integer", "null"] },
           "title": { "type": "string" },
           "description": { "type": ["string", "null"] },
           "state": { "type": "string" },
diff --git a/spec/fixtures/api/schemas/public_api/v4/merge_requests.json b/spec/fixtures/api/schemas/public_api/v4/merge_requests.json
index 51642e8cbb8..60aa47c1259 100644
--- a/spec/fixtures/api/schemas/public_api/v4/merge_requests.json
+++ b/spec/fixtures/api/schemas/public_api/v4/merge_requests.json
@@ -53,7 +53,8 @@
         "properties": {
           "id": { "type": "integer" },
           "iid": { "type": "integer" },
-          "project_id": { "type": "integer" },
+          "project_id": { "type": ["integer", "null"] },
+          "group_id": { "type": ["integer", "null"] },
           "title": { "type": "string" },
           "description": { "type": ["string", "null"] },
           "state": { "type": "string" },
diff --git a/spec/helpers/gitlab_routing_helper_spec.rb b/spec/helpers/gitlab_routing_helper_spec.rb
index 7a522487a74..717ac1962d1 100644
--- a/spec/helpers/gitlab_routing_helper_spec.rb
+++ b/spec/helpers/gitlab_routing_helper_spec.rb
@@ -2,12 +2,6 @@ require 'spec_helper'
 
 describe GitlabRoutingHelper do
   describe 'Project URL helpers' do
-    describe '#project_members_url' do
-      let(:project) { build_stubbed(:empty_project) }
-
-      it { expect(project_members_url(project)).to eq project_project_members_url(project) }
-    end
-
     describe '#project_member_path' do
       let(:project_member) { create(:project_member) }
 
diff --git a/spec/javascripts/issue_show/components/description_spec.js b/spec/javascripts/issue_show/components/description_spec.js
index f3fdbff01a6..360691a3546 100644
--- a/spec/javascripts/issue_show/components/description_spec.js
+++ b/spec/javascripts/issue_show/components/description_spec.js
@@ -44,32 +44,34 @@ describe('Description component', () => {
     });
   });
 
-  it('re-inits the TaskList when description changed', (done) => {
-    spyOn(gl, 'TaskList');
-    vm.descriptionHtml = 'changed';
-
-    setTimeout(() => {
-      expect(
-        gl.TaskList,
-      ).toHaveBeenCalled();
-
-      done();
-    });
-  });
-
-  it('does not re-init the TaskList when canUpdate is false', (done) => {
-    spyOn(gl, 'TaskList');
-    vm.canUpdate = false;
-    vm.descriptionHtml = 'changed';
-
-    setTimeout(() => {
-      expect(
-        gl.TaskList,
-      ).not.toHaveBeenCalled();
-
-      done();
-    });
-  });
+  // TODO: gl.TaskList no longer exists. rewrite these tests once we have a way to rewire ES modules
+
+  // it('re-inits the TaskList when description changed', (done) => {
+  //   spyOn(gl, 'TaskList');
+  //   vm.descriptionHtml = 'changed';
+  //
+  //   setTimeout(() => {
+  //     expect(
+  //       gl.TaskList,
+  //     ).toHaveBeenCalled();
+  //
+  //     done();
+  //   });
+  // });
+
+  // it('does not re-init the TaskList when canUpdate is false', (done) => {
+  //   spyOn(gl, 'TaskList');
+  //   vm.canUpdate = false;
+  //   vm.descriptionHtml = 'changed';
+  //
+  //   setTimeout(() => {
+  //     expect(
+  //       gl.TaskList,
+  //     ).not.toHaveBeenCalled();
+  //
+  //     done();
+  //   });
+  // });
 
   describe('taskStatus', () => {
     it('adds full taskStatus', (done) => {
diff --git a/spec/javascripts/merge_request_tabs_spec.js b/spec/javascripts/merge_request_tabs_spec.js
index 49ef21f75de..dc40244c20e 100644
--- a/spec/javascripts/merge_request_tabs_spec.js
+++ b/spec/javascripts/merge_request_tabs_spec.js
@@ -6,7 +6,6 @@ import '~/commit/pipelines/pipelines_bundle';
 import '~/breakpoints';
 import '~/lib/utils/common_utils';
 import '~/diff';
-import '~/single_file_diff';
 import '~/files_comment_button';
 import '~/notes';
 import 'vendor/jquery.scrollTo';
diff --git a/spec/javascripts/pipeline_schedules/setup_pipeline_variable_list_spec.js b/spec/javascripts/pipeline_schedules/setup_pipeline_variable_list_spec.js
new file mode 100644
index 00000000000..5b316b319a5
--- /dev/null
+++ b/spec/javascripts/pipeline_schedules/setup_pipeline_variable_list_spec.js
@@ -0,0 +1,145 @@
+import {
+  setupPipelineVariableList,
+  insertRow,
+  removeRow,
+} from '~/pipeline_schedules/setup_pipeline_variable_list';
+
+describe('Pipeline Variable List', () => {
+  let $markup;
+
+  describe('insertRow', () => {
+    it('should insert another row', () => {
+      $markup = $(`<div>
+        <li class="js-row">
+          <input>
+          <textarea></textarea>
+        </li>
+      </div>`);
+
+      insertRow($markup.find('.js-row'));
+
+      expect($markup.find('.js-row').length).toBe(2);
+    });
+
+    it('should clear `data-is-persisted` on cloned row', () => {
+      $markup = $(`<div>
+        <li class="js-row" data-is-persisted="true"></li>
+      </div>`);
+
+      insertRow($markup.find('.js-row'));
+
+      const $lastRow = $markup.find('.js-row').last();
+      expect($lastRow.attr('data-is-persisted')).toBe(undefined);
+    });
+
+    it('should clear inputs on cloned row', () => {
+      $markup = $(`<div>
+        <li class="js-row">
+          <input value="foo">
+          <textarea>bar</textarea>
+        </li>
+      </div>`);
+
+      insertRow($markup.find('.js-row'));
+
+      const $lastRow = $markup.find('.js-row').last();
+      expect($lastRow.find('input').val()).toBe('');
+      expect($lastRow.find('textarea').val()).toBe('');
+    });
+  });
+
+  describe('removeRow', () => {
+    it('should remove dynamic row', () => {
+      $markup = $(`<div>
+        <li class="js-row">
+          <input>
+          <textarea></textarea>
+        </li>
+      </div>`);
+
+      removeRow($markup.find('.js-row'));
+
+      expect($markup.find('.js-row').length).toBe(0);
+    });
+
+    it('should hide and mark to destroy with already persisted rows', () => {
+      $markup = $(`<div>
+        <li class="js-row" data-is-persisted="true">
+          <input class="js-destroy-input">
+        </li>
+      </div>`);
+
+      const $row = $markup.find('.js-row');
+      removeRow($row);
+
+      expect($row.find('.js-destroy-input').val()).toBe('1');
+      expect($markup.find('.js-row').length).toBe(1);
+    });
+  });
+
+  describe('setupPipelineVariableList', () => {
+    beforeEach(() => {
+      $markup = $(`<form>
+        <li class="js-row">
+          <input class="js-user-input" name="schedule[variables_attributes][][key]">
+          <textarea class="js-user-input" name="schedule[variables_attributes][][value]"></textarea>
+          <button class="js-row-remove-button"></button>
+          <button class="js-row-add-button"></button>
+        </li>
+      </form>`);
+
+      setupPipelineVariableList($markup);
+    });
+
+    it('should remove the row when clicking the remove button', () => {
+      $markup.find('.js-row-remove-button').trigger('click');
+
+      expect($markup.find('.js-row').length).toBe(0);
+    });
+
+    it('should add another row when editing the last rows key input', () => {
+      const $row = $markup.find('.js-row');
+      $row.find('input.js-user-input')
+        .val('foo')
+        .trigger('input');
+
+      expect($markup.find('.js-row').length).toBe(2);
+    });
+
+    it('should add another row when editing the last rows value textarea', () => {
+      const $row = $markup.find('.js-row');
+      $row.find('textarea.js-user-input')
+        .val('foo')
+        .trigger('input');
+
+      expect($markup.find('.js-row').length).toBe(2);
+    });
+
+    it('should remove empty row after blurring', () => {
+      const $row = $markup.find('.js-row');
+      $row.find('input.js-user-input')
+        .val('foo')
+        .trigger('input');
+
+      expect($markup.find('.js-row').length).toBe(2);
+
+      $row.find('input.js-user-input')
+        .val('')
+        .trigger('input')
+        .trigger('blur');
+
+      expect($markup.find('.js-row').length).toBe(1);
+    });
+
+    it('should clear out the `name` attribute on the inputs for the last empty row on form submission (avoid BE validation)', () => {
+      const $row = $markup.find('.js-row');
+      expect($row.find('input').attr('name')).toBe('schedule[variables_attributes][][key]');
+      expect($row.find('textarea').attr('name')).toBe('schedule[variables_attributes][][value]');
+
+      $markup.filter('form').submit();
+
+      expect($row.find('input').attr('name')).toBe('');
+      expect($row.find('textarea').attr('name')).toBe('');
+    });
+  });
+});
diff --git a/spec/javascripts/signin_tabs_memoizer_spec.js b/spec/javascripts/signin_tabs_memoizer_spec.js
index 0a32797c3e2..a53e8a94d89 100644
--- a/spec/javascripts/signin_tabs_memoizer_spec.js
+++ b/spec/javascripts/signin_tabs_memoizer_spec.js
@@ -1,8 +1,7 @@
 import AccessorUtilities from '~/lib/utils/accessor';
+import SigninTabsMemoizer from '~/signin_tabs_memoizer';
 
-import '~/signin_tabs_memoizer';
-
-((global) => {
+(() => {
   describe('SigninTabsMemoizer', () => {
     const fixtureTemplate = 'static/signin_tabs.html.raw';
     const tabSelector = 'ul.nav-tabs';
@@ -10,7 +9,7 @@ import '~/signin_tabs_memoizer';
     let memo;
 
     function createMemoizer() {
-      memo = new global.ActiveTabMemoizer({
+      memo = new SigninTabsMemoizer({
         currentTabKey,
         tabSelector,
       });
@@ -78,7 +77,7 @@ import '~/signin_tabs_memoizer';
         beforeEach(function () {
           memo.isLocalStorageAvailable = false;
 
-          global.ActiveTabMemoizer.prototype.saveData.call(memo);
+          SigninTabsMemoizer.prototype.saveData.call(memo);
         });
 
         it('should not call .setItem', () => {
@@ -92,7 +91,7 @@ import '~/signin_tabs_memoizer';
         beforeEach(function () {
           memo.isLocalStorageAvailable = true;
 
-          global.ActiveTabMemoizer.prototype.saveData.call(memo, value);
+          SigninTabsMemoizer.prototype.saveData.call(memo, value);
         });
 
         it('should call .setItem', () => {
@@ -117,7 +116,7 @@ import '~/signin_tabs_memoizer';
         beforeEach(function () {
           memo.isLocalStorageAvailable = false;
 
-          readData = global.ActiveTabMemoizer.prototype.readData.call(memo);
+          readData = SigninTabsMemoizer.prototype.readData.call(memo);
         });
 
         it('should not call .getItem and should return `null`', () => {
@@ -130,7 +129,7 @@ import '~/signin_tabs_memoizer';
         beforeEach(function () {
           memo.isLocalStorageAvailable = true;
 
-          readData = global.ActiveTabMemoizer.prototype.readData.call(memo);
+          readData = SigninTabsMemoizer.prototype.readData.call(memo);
         });
 
         it('should call .getItem and return the localStorage value', () => {
@@ -140,4 +139,4 @@ import '~/signin_tabs_memoizer';
       });
     });
   });
-})(window);
+})();
diff --git a/spec/javascripts/todos_spec.js b/spec/javascripts/todos_spec.js
index cd74aba4a4e..fd492159081 100644
--- a/spec/javascripts/todos_spec.js
+++ b/spec/javascripts/todos_spec.js
@@ -1,4 +1,4 @@
-import '~/todos';
+import Todos from '~/todos';
 import '~/lib/utils/common_utils';
 
 describe('Todos', () => {
@@ -9,7 +9,7 @@ describe('Todos', () => {
     loadFixtures('todos/todos.html.raw');
     todoItem = document.querySelector('.todos-list .todo');
 
-    return new gl.Todos();
+    return new Todos();
   });
 
   describe('goToTodoUrl', () => {
diff --git a/spec/javascripts/visibility_select_spec.js b/spec/javascripts/visibility_select_spec.js
index c2eaea7c2ed..82714cb69bd 100644
--- a/spec/javascripts/visibility_select_spec.js
+++ b/spec/javascripts/visibility_select_spec.js
@@ -1,8 +1,6 @@
-import '~/visibility_select';
+import VisibilitySelect from '~/visibility_select';
 
 (() => {
-  const VisibilitySelect = gl.VisibilitySelect;
-
   describe('VisibilitySelect', function () {
     const lockedElement = document.createElement('div');
     lockedElement.dataset.helpBlock = 'lockedHelpBlock';
diff --git a/spec/javascripts/zen_mode_spec.js b/spec/javascripts/zen_mode_spec.js
index 4399c8b2025..a225b04c47e 100644
--- a/spec/javascripts/zen_mode_spec.js
+++ b/spec/javascripts/zen_mode_spec.js
@@ -1,9 +1,8 @@
 /* eslint-disable space-before-function-paren, no-var, one-var, one-var-declaration-per-line, object-shorthand, comma-dangle, no-return-assign, new-cap, max-len */
 /* global Dropzone */
 /* global Mousetrap */
-/* global ZenMode */
 
-import '~/zen_mode';
+import ZenMode from '~/zen_mode';
 
 (function() {
   var enterZen, escapeKeydown, exitZen;
diff --git a/spec/lib/gitlab/git/repository_spec.rb b/spec/lib/gitlab/git/repository_spec.rb
index 6aca181194a..acffd335e43 100644
--- a/spec/lib/gitlab/git/repository_spec.rb
+++ b/spec/lib/gitlab/git/repository_spec.rb
@@ -3,6 +3,20 @@ require "spec_helper"
 describe Gitlab::Git::Repository, seed_helper: true do
   include Gitlab::EncodingHelper
 
+  shared_examples 'wrapping gRPC errors' do |gitaly_client_class, gitaly_client_method|
+    it 'wraps gRPC not found error' do
+      expect_any_instance_of(gitaly_client_class).to receive(gitaly_client_method)
+        .and_raise(GRPC::NotFound)
+      expect { subject }.to raise_error(Gitlab::Git::Repository::NoRepository)
+    end
+
+    it 'wraps gRPC unknown error' do
+      expect_any_instance_of(gitaly_client_class).to receive(gitaly_client_method)
+        .and_raise(GRPC::Unknown)
+      expect { subject }.to raise_error(Gitlab::Git::CommandError)
+    end
+  end
+
   let(:repository) { Gitlab::Git::Repository.new('default', TEST_REPO_PATH) }
 
   describe "Respond to" do
@@ -35,16 +49,8 @@ describe Gitlab::Git::Repository, seed_helper: true do
       repository.root_ref
     end
 
-    it 'wraps GRPC not found' do
-      expect_any_instance_of(Gitlab::GitalyClient::Ref).to receive(:default_branch_name)
-        .and_raise(GRPC::NotFound)
-      expect { repository.root_ref }.to raise_error(Gitlab::Git::Repository::NoRepository)
-    end
-
-    it 'wraps GRPC exceptions' do
-      expect_any_instance_of(Gitlab::GitalyClient::Ref).to receive(:default_branch_name)
-        .and_raise(GRPC::Unknown)
-      expect { repository.root_ref }.to raise_error(Gitlab::Git::CommandError)
+    it_behaves_like 'wrapping gRPC errors', Gitlab::GitalyClient::Ref, :default_branch_name do
+      subject { repository.root_ref }
     end
   end
 
@@ -130,17 +136,7 @@ describe Gitlab::Git::Repository, seed_helper: true do
       subject
     end
 
-    it 'wraps GRPC not found' do
-      expect_any_instance_of(Gitlab::GitalyClient::Ref).to receive(:branch_names)
-        .and_raise(GRPC::NotFound)
-      expect { subject }.to raise_error(Gitlab::Git::Repository::NoRepository)
-    end
-
-    it 'wraps GRPC other exceptions' do
-      expect_any_instance_of(Gitlab::GitalyClient::Ref).to receive(:branch_names)
-        .and_raise(GRPC::Unknown)
-      expect { subject }.to raise_error(Gitlab::Git::CommandError)
-    end
+    it_behaves_like 'wrapping gRPC errors', Gitlab::GitalyClient::Ref, :branch_names
   end
 
   describe '#tag_names' do
@@ -168,17 +164,7 @@ describe Gitlab::Git::Repository, seed_helper: true do
       subject
     end
 
-    it 'wraps GRPC not found' do
-      expect_any_instance_of(Gitlab::GitalyClient::Ref).to receive(:tag_names)
-        .and_raise(GRPC::NotFound)
-      expect { subject }.to raise_error(Gitlab::Git::Repository::NoRepository)
-    end
-
-    it 'wraps GRPC exceptions' do
-      expect_any_instance_of(Gitlab::GitalyClient::Ref).to receive(:tag_names)
-        .and_raise(GRPC::Unknown)
-      expect { subject }.to raise_error(Gitlab::Git::CommandError)
-    end
+    it_behaves_like 'wrapping gRPC errors', Gitlab::GitalyClient::Ref, :tag_names
   end
 
   shared_examples 'archive check' do |extenstion|
@@ -438,8 +424,21 @@ describe Gitlab::Git::Repository, seed_helper: true do
   end
 
   describe '#commit_count' do
-    it { expect(repository.commit_count("master")).to eq(25) }
-    it { expect(repository.commit_count("feature")).to eq(9) }
+    shared_examples 'counting commits' do
+      it { expect(repository.commit_count("master")).to eq(25) }
+      it { expect(repository.commit_count("feature")).to eq(9) }
+    end
+
+    context 'when Gitaly commit_count feature is enabled' do
+      it_behaves_like 'counting commits'
+      it_behaves_like 'wrapping gRPC errors', Gitlab::GitalyClient::Commit, :commit_count do
+        subject { repository.commit_count('master') }
+      end
+    end
+
+    context 'when Gitaly commit_count feature is disabled', skip_gitaly_mock: true  do
+      it_behaves_like 'counting commits'
+    end
   end
 
   describe "#reset" do
@@ -1298,16 +1297,8 @@ describe Gitlab::Git::Repository, seed_helper: true do
       @repo.local_branches
     end
 
-    it 'wraps GRPC not found' do
-      expect_any_instance_of(Gitlab::GitalyClient::Ref).to receive(:local_branches)
-        .and_raise(GRPC::NotFound)
-      expect { @repo.local_branches }.to raise_error(Gitlab::Git::Repository::NoRepository)
-    end
-
-    it 'wraps GRPC exceptions' do
-      expect_any_instance_of(Gitlab::GitalyClient::Ref).to receive(:local_branches)
-        .and_raise(GRPC::Unknown)
-      expect { @repo.local_branches }.to raise_error(Gitlab::Git::CommandError)
+    it_behaves_like 'wrapping gRPC errors', Gitlab::GitalyClient::Ref, :local_branches do
+      subject { @repo.local_branches }
     end
   end
 
diff --git a/spec/lib/gitlab/import_export/all_models.yml b/spec/lib/gitlab/import_export/all_models.yml
index 562f0c2991c..977174a5fd2 100644
--- a/spec/lib/gitlab/import_export/all_models.yml
+++ b/spec/lib/gitlab/import_export/all_models.yml
@@ -45,6 +45,7 @@ label:
 - merge_requests
 - priorities
 milestone:
+- group
 - project
 - issues
 - labels
@@ -133,8 +134,11 @@ pipeline_schedules:
 - owner
 - pipelines
 - last_pipeline
+- variables
 pipeline_schedule:
 - pipelines
+pipeline_schedule_variables:
+- pipeline_schedule
 deploy_keys:
 - user
 - deploy_keys_projects
diff --git a/spec/lib/gitlab/import_export/safe_model_attributes.yml b/spec/lib/gitlab/import_export/safe_model_attributes.yml
index b4a7e956686..4ef3db3721f 100644
--- a/spec/lib/gitlab/import_export/safe_model_attributes.yml
+++ b/spec/lib/gitlab/import_export/safe_model_attributes.yml
@@ -82,6 +82,7 @@ Milestone:
 - id
 - title
 - project_id
+- group_id
 - description
 - due_date
 - start_date
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 431fcda165d..154b6759f46 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -1356,6 +1356,59 @@ describe Ci::Build, :models do
       end
     end
 
+    context 'when group secret variable is defined' do
+      let(:secret_variable) do
+        { key: 'SECRET_KEY', value: 'secret_value', public: false }
+      end
+
+      let(:group) { create(:group, :access_requestable) }
+
+      before do
+        build.project.update(group: group)
+
+        create(:ci_group_variable,
+               secret_variable.slice(:key, :value).merge(group: group))
+      end
+
+      it { is_expected.to include(secret_variable) }
+    end
+
+    context 'when group protected variable is defined' do
+      let(:protected_variable) do
+        { key: 'PROTECTED_KEY', value: 'protected_value', public: false }
+      end
+
+      let(:group) { create(:group, :access_requestable) }
+
+      before do
+        build.project.update(group: group)
+
+        create(:ci_group_variable,
+               :protected,
+               protected_variable.slice(:key, :value).merge(group: group))
+      end
+
+      context 'when the branch is protected' do
+        before do
+          create(:protected_branch, project: build.project, name: build.ref)
+        end
+
+        it { is_expected.to include(protected_variable) }
+      end
+
+      context 'when the tag is protected' do
+        before do
+          create(:protected_tag, project: build.project, name: build.ref)
+        end
+
+        it { is_expected.to include(protected_variable) }
+      end
+
+      context 'when the ref is not protected' do
+        it { is_expected.not_to include(protected_variable) }
+      end
+    end
+
     context 'when build is for triggers' do
       let(:trigger) { create(:ci_trigger, project: project) }
       let(:trigger_request) { create(:ci_trigger_request_with_variables, pipeline: pipeline, trigger: trigger) }
@@ -1374,6 +1427,23 @@ describe Ci::Build, :models do
       it { is_expected.to include(predefined_trigger_variable) }
     end
 
+    context 'when a job was triggered by a pipeline schedule' do
+      let(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project) }
+
+      let!(:pipeline_schedule_variable) do
+        create(:ci_pipeline_schedule_variable,
+          key: 'SCHEDULE_VARIABLE_KEY',
+          pipeline_schedule: pipeline_schedule)
+      end
+
+      before do
+        pipeline_schedule.pipelines << pipeline
+        pipeline_schedule.reload
+      end
+
+      it { is_expected.to include(pipeline_schedule_variable.to_runner_variable) }
+    end
+
     context 'when yaml_variables are undefined' do
       before do
         build.yaml_variables = nil
diff --git a/spec/models/ci/group_variable_spec.rb b/spec/models/ci/group_variable_spec.rb
new file mode 100644
index 00000000000..24b914face9
--- /dev/null
+++ b/spec/models/ci/group_variable_spec.rb
@@ -0,0 +1,31 @@
+require 'spec_helper'
+
+describe Ci::GroupVariable, models: true do
+  subject { build(:ci_group_variable) }
+
+  it { is_expected.to include_module(HasVariable) }
+  it { is_expected.to include_module(Presentable) }
+  it { is_expected.to validate_uniqueness_of(:key).scoped_to(:group_id) }
+
+  describe '.unprotected' do
+    subject { described_class.unprotected }
+
+    context 'when variable is protected' do
+      before do
+        create(:ci_group_variable, :protected)
+      end
+
+      it 'returns nothing' do
+        is_expected.to be_empty
+      end
+    end
+
+    context 'when variable is not protected' do
+      let(:variable) { create(:ci_group_variable, protected: false) }
+
+      it 'returns the variable' do
+        is_expected.to contain_exactly(variable)
+      end
+    end
+  end
+end
diff --git a/spec/models/ci/pipeline_schedule_spec.rb b/spec/models/ci/pipeline_schedule_spec.rb
index 56817baf79d..6427deda31e 100644
--- a/spec/models/ci/pipeline_schedule_spec.rb
+++ b/spec/models/ci/pipeline_schedule_spec.rb
@@ -5,6 +5,7 @@ describe Ci::PipelineSchedule, models: true do
   it { is_expected.to belong_to(:owner) }
 
   it { is_expected.to have_many(:pipelines) }
+  it { is_expected.to have_many(:variables) }
 
   it { is_expected.to respond_to(:ref) }
   it { is_expected.to respond_to(:cron) }
@@ -117,4 +118,20 @@ describe Ci::PipelineSchedule, models: true do
       end
     end
   end
+
+  describe '#job_variables' do
+    let!(:pipeline_schedule) { create(:ci_pipeline_schedule) }
+
+    let!(:pipeline_schedule_variables) do
+      create_list(:ci_pipeline_schedule_variable, 2, pipeline_schedule: pipeline_schedule)
+    end
+
+    subject { pipeline_schedule.job_variables }
+
+    before do
+      pipeline_schedule.reload
+    end
+
+    it { is_expected.to contain_exactly(*pipeline_schedule_variables.map(&:to_runner_variable)) }
+  end
 end
diff --git a/spec/models/ci/pipeline_schedule_variable_spec.rb b/spec/models/ci/pipeline_schedule_variable_spec.rb
new file mode 100644
index 00000000000..0de76a57b7f
--- /dev/null
+++ b/spec/models/ci/pipeline_schedule_variable_spec.rb
@@ -0,0 +1,7 @@
+require 'spec_helper'
+
+describe Ci::PipelineScheduleVariable, models: true do
+  subject { build(:ci_pipeline_schedule_variable) }
+
+  it { is_expected.to include_module(HasVariable) }
+end
diff --git a/spec/models/ci/variable_spec.rb b/spec/models/ci/variable_spec.rb
index 4ffbfa6c130..890ffaae494 100644
--- a/spec/models/ci/variable_spec.rb
+++ b/spec/models/ci/variable_spec.rb
@@ -3,10 +3,9 @@ require 'spec_helper'
 describe Ci::Variable, models: true do
   subject { build(:ci_variable) }
 
-  let(:secret_value) { 'secret' }
-
   describe 'validations' do
     it { is_expected.to include_module(HasVariable) }
+    it { is_expected.to include_module(Presentable) }
     it { is_expected.to validate_uniqueness_of(:key).scoped_to(:project_id, :environment_scope) }
   end
 
diff --git a/spec/models/concerns/each_batch_spec.rb b/spec/models/concerns/each_batch_spec.rb
index 10d8c59eea4..951690a217b 100644
--- a/spec/models/concerns/each_batch_spec.rb
+++ b/spec/models/concerns/each_batch_spec.rb
@@ -20,6 +20,12 @@ describe EachBatch do
       end
     end
 
+    it 'yields a batch index as the second argument' do
+      model.each_batch do |_, index|
+        expect(index).to eq(1)
+      end
+    end
+
     it 'accepts a custom batch size' do
       amount = 0
 
diff --git a/spec/models/concerns/sha_attribute_spec.rb b/spec/models/concerns/sha_attribute_spec.rb
index 9e37c2b20c4..610793ee557 100644
--- a/spec/models/concerns/sha_attribute_spec.rb
+++ b/spec/models/concerns/sha_attribute_spec.rb
@@ -13,15 +13,34 @@ describe ShaAttribute do
   end
 
   describe '#sha_attribute' do
-    it 'defines a SHA attribute for a binary column' do
-      expect(model).to receive(:attribute)
-        .with(:sha1, an_instance_of(Gitlab::Database::ShaAttribute))
+    context' when the table exists' do
+      before do
+        allow(model).to receive(:table_exists?).and_return(true)
+      end
 
-      model.sha_attribute(:sha1)
+      it 'defines a SHA attribute for a binary column' do
+        expect(model).to receive(:attribute)
+          .with(:sha1, an_instance_of(Gitlab::Database::ShaAttribute))
+
+        model.sha_attribute(:sha1)
+      end
+
+      it 'raises ArgumentError when the column type is not :binary' do
+        expect { model.sha_attribute(:name) }.to raise_error(ArgumentError)
+      end
     end
 
-    it 'raises ArgumentError when the column type is not :binary' do
-      expect { model.sha_attribute(:name) }.to raise_error(ArgumentError)
+    context' when the table does not exist' do
+      before do
+        allow(model).to receive(:table_exists?).and_return(false)
+      end
+
+      it 'does nothing' do
+        expect(model).not_to receive(:columns)
+        expect(model).not_to receive(:attribute)
+
+        model.sha_attribute(:name)
+      end
     end
   end
 end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 4de1683b21c..399020953e8 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -13,6 +13,7 @@ describe Group, models: true do
     it { is_expected.to have_many(:shared_projects).through(:project_group_links) }
     it { is_expected.to have_many(:notification_settings).dependent(:destroy) }
     it { is_expected.to have_many(:labels).class_name('GroupLabel') }
+    it { is_expected.to have_many(:variables).class_name('Ci::GroupVariable') }
     it { is_expected.to have_many(:uploads).dependent(:destroy) }
     it { is_expected.to have_one(:chat_team) }
 
@@ -418,4 +419,69 @@ describe Group, models: true do
       expect(calls).to eq 2
     end
   end
+
+  describe '#secret_variables_for' do
+    let(:project) { create(:empty_project, group: group) }
+
+    let!(:secret_variable) do
+      create(:ci_group_variable, value: 'secret', group: group)
+    end
+
+    let!(:protected_variable) do
+      create(:ci_group_variable, :protected, value: 'protected', group: group)
+    end
+
+    subject { group.secret_variables_for('ref', project) }
+
+    shared_examples 'ref is protected' do
+      it 'contains all the variables' do
+        is_expected.to contain_exactly(secret_variable, protected_variable)
+      end
+    end
+
+    context 'when the ref is not protected' do
+      before do
+        stub_application_setting(
+          default_branch_protection: Gitlab::Access::PROTECTION_NONE)
+      end
+
+      it 'contains only the secret variables' do
+        is_expected.to contain_exactly(secret_variable)
+      end
+    end
+
+    context 'when the ref is a protected branch' do
+      before do
+        create(:protected_branch, name: 'ref', project: project)
+      end
+
+      it_behaves_like 'ref is protected'
+    end
+
+    context 'when the ref is a protected tag' do
+      before do
+        create(:protected_tag, name: 'ref', project: project)
+      end
+
+      it_behaves_like 'ref is protected'
+    end
+
+    context 'when group has children' do
+      let!(:group_child) { create(:group, parent: group) }
+      let!(:variable_child) { create(:ci_group_variable, group: group_child) }
+      let!(:group_child_3) { create(:group, parent: group_child_2) }
+      let!(:variable_child_3) { create(:ci_group_variable, group: group_child_3) }
+      let!(:group_child_2) { create(:group, parent: group_child) }
+      let!(:variable_child_2) { create(:ci_group_variable, group: group_child_2) }
+
+      it 'returns all variables belong to the group and parent groups' do
+        expected_array1 = [protected_variable, secret_variable]
+        expected_array2 = [variable_child, variable_child_2, variable_child_3]
+        got_array = group_child_3.secret_variables_for('ref', project).to_a
+
+        expect(got_array.shift(2)).to contain_exactly(*expected_array1)
+        expect(got_array).to eq(expected_array2)
+      end
+    end
+  end
 end
diff --git a/spec/models/merge_request_spec.rb b/spec/models/merge_request_spec.rb
index ea405fabff0..1eadc28869f 100644
--- a/spec/models/merge_request_spec.rb
+++ b/spec/models/merge_request_spec.rb
@@ -803,7 +803,7 @@ describe MergeRequest, models: true do
       shared_examples 'returning all SHA' do
         it 'returns all SHA from all merge_request_diffs' do
           expect(subject.merge_request_diffs.size).to eq(2)
-          expect(subject.all_commit_shas).to eq(all_commit_shas)
+          expect(subject.all_commit_shas).to match_array(all_commit_shas)
         end
       end
 
diff --git a/spec/models/milestone_spec.rb b/spec/models/milestone_spec.rb
index 45953023a36..2649d04bee3 100644
--- a/spec/models/milestone_spec.rb
+++ b/spec/models/milestone_spec.rb
@@ -6,9 +6,6 @@ describe Milestone, models: true do
       allow(subject).to receive(:set_iid).and_return(false)
     end
 
-    it { is_expected.to validate_presence_of(:title) }
-    it { is_expected.to validate_presence_of(:project) }
-
     describe 'start_date' do
       it 'adds an error when start_date is greated then due_date' do
         milestone = build(:milestone, start_date: Date.tomorrow, due_date: Date.yesterday)
@@ -37,17 +34,42 @@ describe Milestone, models: true do
     end
   end
 
-  describe "unique milestone title per project" do
-    it "does not accept the same title in a project twice" do
-      new_milestone = Milestone.new(project: milestone.project, title: milestone.title)
-      expect(new_milestone).not_to be_valid
+  describe "unique milestone title" do
+    context "per project" do
+      it "does not accept the same title in a project twice" do
+        new_milestone = Milestone.new(project: milestone.project, title: milestone.title)
+        expect(new_milestone).not_to be_valid
+      end
+
+      it "accepts the same title in another project" do
+        project = create(:empty_project)
+        new_milestone = Milestone.new(project: project, title: milestone.title)
+
+        expect(new_milestone).to be_valid
+      end
     end
 
-    it "accepts the same title in another project" do
-      project = build(:empty_project)
-      new_milestone = Milestone.new(project: project, title: milestone.title)
+    context "per group" do
+      let(:group) { create(:group) }
+      let(:milestone) { create(:milestone, group: group) }
+
+      before do
+        project.update(group: group)
+      end
+
+      it "does not accept the same title in a group twice" do
+        new_milestone = Milestone.new(group: group, title: milestone.title)
+
+        expect(new_milestone).not_to be_valid
+      end
 
-      expect(new_milestone).to be_valid
+      it "does not accept the same title of a child project milestone" do
+        create(:milestone, project: group.projects.first)
+
+        new_milestone = Milestone.new(group: group, title: milestone.title)
+
+        expect(new_milestone).not_to be_valid
+      end
     end
   end
 
diff --git a/spec/presenters/ci/group_variable_presenter_spec.rb b/spec/presenters/ci/group_variable_presenter_spec.rb
new file mode 100644
index 00000000000..d404028405b
--- /dev/null
+++ b/spec/presenters/ci/group_variable_presenter_spec.rb
@@ -0,0 +1,63 @@
+require 'spec_helper'
+
+describe Ci::GroupVariablePresenter do
+  include Gitlab::Routing.url_helpers
+
+  let(:group) { create(:group) }
+  let(:variable) { create(:ci_group_variable, group: group) }
+
+  subject(:presenter) do
+    described_class.new(variable)
+  end
+
+  it 'inherits from Gitlab::View::Presenter::Delegated' do
+    expect(described_class.superclass).to eq(Gitlab::View::Presenter::Delegated)
+  end
+
+  describe '#initialize' do
+    it 'takes a variable and optional params' do
+      expect { presenter }.not_to raise_error
+    end
+
+    it 'exposes variable' do
+      expect(presenter.variable).to eq(variable)
+    end
+
+    it 'forwards missing methods to variable' do
+      expect(presenter.key).to eq(variable.key)
+    end
+  end
+
+  describe '#placeholder' do
+    subject { described_class.new(variable).placeholder }
+
+    it { is_expected.to eq('GROUP_VARIABLE') }
+  end
+
+  describe '#form_path' do
+    context 'when variable is persisted' do
+      subject { described_class.new(variable).form_path }
+
+      it { is_expected.to eq(group_variable_path(group, variable)) }
+    end
+
+    context 'when variable is not persisted' do
+      let(:variable) { build(:ci_group_variable, group: group) }
+      subject { described_class.new(variable).form_path }
+
+      it { is_expected.to eq(group_variables_path(group)) }
+    end
+  end
+
+  describe '#edit_path' do
+    subject { described_class.new(variable).edit_path }
+
+    it { is_expected.to eq(group_variable_path(group, variable)) }
+  end
+
+  describe '#delete_path' do
+    subject { described_class.new(variable).delete_path }
+
+    it { is_expected.to eq(group_variable_path(group, variable)) }
+  end
+end
diff --git a/spec/presenters/ci/variable_presenter_spec.rb b/spec/presenters/ci/variable_presenter_spec.rb
new file mode 100644
index 00000000000..9e6aae7bcad
--- /dev/null
+++ b/spec/presenters/ci/variable_presenter_spec.rb
@@ -0,0 +1,63 @@
+require 'spec_helper'
+
+describe Ci::VariablePresenter do
+  include Gitlab::Routing.url_helpers
+
+  let(:project) { create(:empty_project) }
+  let(:variable) { create(:ci_variable, project: project) }
+
+  subject(:presenter) do
+    described_class.new(variable)
+  end
+
+  it 'inherits from Gitlab::View::Presenter::Delegated' do
+    expect(described_class.superclass).to eq(Gitlab::View::Presenter::Delegated)
+  end
+
+  describe '#initialize' do
+    it 'takes a variable and optional params' do
+      expect { presenter }.not_to raise_error
+    end
+
+    it 'exposes variable' do
+      expect(presenter.variable).to eq(variable)
+    end
+
+    it 'forwards missing methods to variable' do
+      expect(presenter.key).to eq(variable.key)
+    end
+  end
+
+  describe '#placeholder' do
+    subject { described_class.new(variable).placeholder }
+
+    it { is_expected.to eq('PROJECT_VARIABLE') }
+  end
+
+  describe '#form_path' do
+    context 'when variable is persisted' do
+      subject { described_class.new(variable).form_path }
+
+      it { is_expected.to eq(project_variable_path(project, variable)) }
+    end
+
+    context 'when variable is not persisted' do
+      let(:variable) { build(:ci_variable, project: project) }
+      subject { described_class.new(variable).form_path }
+
+      it { is_expected.to eq(project_variables_path(project)) }
+    end
+  end
+
+  describe '#edit_path' do
+    subject { described_class.new(variable).edit_path }
+
+    it { is_expected.to eq(project_variable_path(project, variable)) }
+  end
+
+  describe '#delete_path' do
+    subject { described_class.new(variable).delete_path }
+
+    it { is_expected.to eq(project_variable_path(project, variable)) }
+  end
+end
diff --git a/spec/requests/api/issues_spec.rb b/spec/requests/api/issues_spec.rb
index 79cac721202..9837fedb522 100644
--- a/spec/requests/api/issues_spec.rb
+++ b/spec/requests/api/issues_spec.rb
@@ -772,7 +772,7 @@ describe API::Issues do
       end
     end
 
-    context 'CE restrictions' do
+    context 'single assignee restrictions' do
       it 'creates a new project issue with no more than one assignee' do
         post api("/projects/#{project.id}/issues", user),
           title: 'new issue', assignee_ids: [user2.id, guest.id]
@@ -1123,7 +1123,7 @@ describe API::Issues do
       expect(json_response['assignees'].first['name']).to eq(user2.name)
     end
 
-    context 'CE restrictions' do
+    context 'single assignee restrictions' do
       it 'updates an issue with several assignees but only one has been applied' do
         put api("/projects/#{project.id}/issues/#{issue.iid}", user),
           assignee_ids: [user2.id, guest.id]
@@ -1462,6 +1462,25 @@ describe API::Issues do
     end
   end
 
+  describe "GET /projects/:id/issues/:issue_iid/user_agent_detail" do
+    let!(:user_agent_detail) { create(:user_agent_detail, subject: issue) }
+
+    it 'exposes known attributes' do
+      get api("/projects/#{project.id}/issues/#{issue.iid}/user_agent_detail", admin)
+
+      expect(response).to have_http_status(200)
+      expect(json_response['user_agent']).to eq(user_agent_detail.user_agent)
+      expect(json_response['ip_address']).to eq(user_agent_detail.ip_address)
+      expect(json_response['akismet_submitted']).to eq(user_agent_detail.submitted)
+    end
+
+    it "returns unautorized for non-admin users" do
+      get api("/projects/#{project.id}/issues/#{issue.iid}/user_agent_detail", user)
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
   def expect_paginated_array_response(size: nil)
     expect(response).to have_http_status(200)
     expect(response).to include_pagination_headers
diff --git a/spec/requests/api/pipeline_schedules_spec.rb b/spec/requests/api/pipeline_schedules_spec.rb
index 85d11deb26f..b34555d2815 100644
--- a/spec/requests/api/pipeline_schedules_spec.rb
+++ b/spec/requests/api/pipeline_schedules_spec.rb
@@ -279,6 +279,8 @@ describe API::PipelineSchedules do
     end
 
     context 'authenticated user with invalid permissions' do
+      let!(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: master) }
+
       it 'does not delete pipeline_schedule' do
         delete api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", developer)
 
diff --git a/spec/requests/api/project_snippets_spec.rb b/spec/requests/api/project_snippets_spec.rb
index 518639f45a2..f220972bae3 100644
--- a/spec/requests/api/project_snippets_spec.rb
+++ b/spec/requests/api/project_snippets_spec.rb
@@ -5,6 +5,26 @@ describe API::ProjectSnippets do
   let(:user) { create(:user) }
   let(:admin) { create(:admin) }
 
+  describe "GET /projects/:project_id/snippets/:id/user_agent_detail" do
+    let(:snippet) { create(:project_snippet, :public, project: project) }
+    let!(:user_agent_detail) { create(:user_agent_detail, subject: snippet) }
+
+    it 'exposes known attributes' do
+      get api("/projects/#{project.id}/snippets/#{snippet.id}/user_agent_detail", admin)
+
+      expect(response).to have_http_status(200)
+      expect(json_response['user_agent']).to eq(user_agent_detail.user_agent)
+      expect(json_response['ip_address']).to eq(user_agent_detail.ip_address)
+      expect(json_response['akismet_submitted']).to eq(user_agent_detail.submitted)
+    end
+
+    it "returns unautorized for non-admin users" do
+      get api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/user_agent_detail", user)
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
   describe 'GET /projects/:project_id/snippets/' do
     let(:user) { create(:user) }
 
@@ -20,7 +40,7 @@ describe API::ProjectSnippets do
       expect(response).to include_pagination_headers
       expect(json_response).to be_an Array
       expect(json_response.size).to eq(3)
-      expect(json_response.map{ |snippet| snippet['id']} ).to include(public_snippet.id, internal_snippet.id, private_snippet.id)
+      expect(json_response.map { |snippet| snippet['id'] }).to include(public_snippet.id, internal_snippet.id, private_snippet.id)
       expect(json_response.last).to have_key('web_url')
     end
 
@@ -38,7 +58,7 @@ describe API::ProjectSnippets do
 
   describe 'GET /projects/:project_id/snippets/:id' do
     let(:user) { create(:user) }
-    let(:snippet) {  create(:project_snippet, :public, project: project) }
+    let(:snippet) { create(:project_snippet, :public, project: project) }
 
     it 'returns snippet json' do
       get api("/projects/#{project.id}/snippets/#{snippet.id}", user)
diff --git a/spec/requests/api/snippets_spec.rb b/spec/requests/api/snippets_spec.rb
index b20a187acfe..373fab4d98a 100644
--- a/spec/requests/api/snippets_spec.rb
+++ b/spec/requests/api/snippets_spec.rb
@@ -271,4 +271,25 @@ describe API::Snippets do
       expect(json_response['message']).to eq('404 Snippet Not Found')
     end
   end
+
+  describe "GET /snippets/:id/user_agent_detail" do
+    let(:admin) { create(:admin) }
+    let(:snippet) { create(:personal_snippet, :public, author: user) }
+    let!(:user_agent_detail) { create(:user_agent_detail, subject: snippet) }
+
+    it 'exposes known attributes' do
+      get api("/snippets/#{snippet.id}/user_agent_detail", admin)
+
+      expect(response).to have_http_status(200)
+      expect(json_response['user_agent']).to eq(user_agent_detail.user_agent)
+      expect(json_response['ip_address']).to eq(user_agent_detail.ip_address)
+      expect(json_response['akismet_submitted']).to eq(user_agent_detail.submitted)
+    end
+
+    it "returns unautorized for non-admin users" do
+      get api("/snippets/#{snippet.id}/user_agent_detail", user)
+
+      expect(response).to have_http_status(403)
+    end
+  end
 end
diff --git a/spec/services/boards/create_service_spec.rb b/spec/services/boards/create_service_spec.rb
index effa4633d13..89615df1692 100644
--- a/spec/services/boards/create_service_spec.rb
+++ b/spec/services/boards/create_service_spec.rb
@@ -26,6 +26,8 @@ describe Boards::CreateService, services: true do
       end
 
       it 'does not create a new board' do
+        expect(service).to receive(:can_create_board?) { false }
+
         expect { service.execute }.not_to change(project.boards, :count)
       end
     end
diff --git a/spec/services/issues/move_service_spec.rb b/spec/services/issues/move_service_spec.rb
index d1dd1466d95..36d5038fb95 100644
--- a/spec/services/issues/move_service_spec.rb
+++ b/spec/services/issues/move_service_spec.rb
@@ -37,9 +37,6 @@ describe Issues::MoveService, services: true do
 
   describe '#execute' do
     shared_context 'issue move executed' do
-      let!(:milestone2) do
-        create(:milestone, project_id: new_project.id, title: 'v9.0')
-      end
       let!(:award_emoji) { create(:award_emoji, awardable: old_issue) }
 
       let!(:new_issue) { move_service.execute(old_issue, new_project) }
@@ -48,6 +45,63 @@ describe Issues::MoveService, services: true do
     context 'issue movable' do
       include_context 'user can move issue'
 
+      context 'move to new milestone'  do
+        let(:new_issue) { move_service.execute(old_issue, new_project) }
+
+        context 'project milestone' do
+          let!(:milestone2) do
+            create(:milestone, project_id: new_project.id, title: 'v9.0')
+          end
+
+          it 'assigns milestone to new issue' do
+            expect(new_issue.reload.milestone.title).to eq 'v9.0'
+            expect(new_issue.reload.milestone).to eq(milestone2)
+          end
+        end
+
+        context 'group milestones' do
+          let!(:group) { create(:group, :private) }
+          let!(:group_milestone_1) do
+            create(:milestone, group_id: group.id, title: 'v9.0_group')
+          end
+
+          before do
+            old_issue.update(milestone: group_milestone_1)
+            old_project.update(namespace: group)
+            new_project.update(namespace: group)
+
+            group.add_users([user], GroupMember::DEVELOPER)
+          end
+
+          context 'when moving to a project of the same group' do
+            it 'keeps the same group milestone' do
+              expect(new_issue.reload.project).to eq(new_project)
+              expect(new_issue.reload.milestone).to eq(group_milestone_1)
+            end
+          end
+
+          context 'when moving to a project of a different group' do
+            let!(:group_2) { create(:group, :private) }
+
+            let!(:group_milestone_2) do
+              create(:milestone, group_id: group_2.id, title: 'v9.0_group')
+            end
+
+            before do
+              old_issue.update(milestone: group_milestone_1)
+              new_project.update(namespace: group_2)
+
+              group_2.add_users([user], GroupMember::DEVELOPER)
+            end
+
+            it 'assigns to new group milestone of same title' do
+              expect(new_issue.reload.project).to eq(new_project)
+              expect(new_issue.reload.milestone).to eq(group_milestone_2)
+            end
+          end
+        end
+      end
+
       context 'generic issue' do
         include_context 'issue move executed'
 
@@ -55,11 +109,6 @@ describe Issues::MoveService, services: true do
           expect(new_issue.project).to eq new_project
         end
 
-        it 'assigns milestone to new issue' do
-          expect(new_issue.reload.milestone.title).to eq 'v9.0'
-          expect(new_issue.reload.milestone).to eq(milestone2)
-        end
-
         it 'assign labels to new issue' do
           expected_label_titles = new_issue.reload.labels.map(&:title)
           expect(expected_label_titles).to include 'label1'
diff --git a/spec/services/issues/update_service_spec.rb b/spec/services/issues/update_service_spec.rb
index c26642f5015..d0b991f19ab 100644
--- a/spec/services/issues/update_service_spec.rb
+++ b/spec/services/issues/update_service_spec.rb
@@ -253,13 +253,13 @@ describe Issues::UpdateService, services: true do
       end
 
       context 'when the milestone change' do
-        before do
+        it 'marks todos as done' do
           update_issue(milestone: create(:milestone))
-        end
 
-        it 'marks todos as done' do
           expect(todo.reload.done?).to eq true
         end
+
+        it_behaves_like 'system notes for milestones'
       end
 
       context 'when the labels change' do
diff --git a/spec/services/merge_requests/refresh_service_spec.rb b/spec/services/merge_requests/refresh_service_spec.rb
index 671a932441e..74dcf152cb8 100644
--- a/spec/services/merge_requests/refresh_service_spec.rb
+++ b/spec/services/merge_requests/refresh_service_spec.rb
@@ -98,18 +98,52 @@ describe MergeRequests::RefreshService, services: true do
     end
 
     context 'push to origin repo target branch' do
-      before do
-        service.new(@project, @user).execute(@oldrev, @newrev, 'refs/heads/feature')
-        reload_mrs
+      context 'when all MRs to the target branch had diffs' do
+        before do
+          service.new(@project, @user).execute(@oldrev, @newrev, 'refs/heads/feature')
+          reload_mrs
+        end
+
+        it 'updates the merge state' do
+          expect(@merge_request.notes.last.note).to include('merged')
+          expect(@merge_request).to be_merged
+          expect(@fork_merge_request).to be_merged
+          expect(@fork_merge_request.notes.last.note).to include('merged')
+          expect(@build_failed_todo).to be_done
+          expect(@fork_build_failed_todo).to be_done
+        end
       end
 
-      it 'updates the merge state' do
-        expect(@merge_request.notes.last.note).to include('merged')
-        expect(@merge_request).to be_merged
-        expect(@fork_merge_request).to be_merged
-        expect(@fork_merge_request.notes.last.note).to include('merged')
-        expect(@build_failed_todo).to be_done
-        expect(@fork_build_failed_todo).to be_done
+      context 'when an MR to be closed was empty already' do
+        let!(:empty_fork_merge_request) do
+          create(:merge_request,
+                 source_project: @fork_project,
+                 source_branch: 'master',
+                 target_branch: 'master',
+                 target_project: @project)
+        end
+
+        before do
+          # This spec already has a fake push, so pretend that we were targeting
+          # feature all along.
+          empty_fork_merge_request.update_columns(target_branch: 'feature')
+
+          service.new(@project, @user).execute(@oldrev, @newrev, 'refs/heads/feature')
+          reload_mrs
+          empty_fork_merge_request.reload
+        end
+
+        it 'only updates the non-empty MRs' do
+          expect(@merge_request).to be_merged
+          expect(@merge_request.notes.last.note).to include('merged')
+
+          expect(@fork_merge_request).to be_merged
+          expect(@fork_merge_request.notes.last.note).to include('merged')
+
+          expect(empty_fork_merge_request).to be_open
+          expect(empty_fork_merge_request.merge_request_diff.state).to eq('empty')
+          expect(empty_fork_merge_request.notes).to be_empty
+        end
       end
     end
 
diff --git a/spec/services/merge_requests/update_service_spec.rb b/spec/services/merge_requests/update_service_spec.rb
index ec15b5cac14..be62584ec0e 100644
--- a/spec/services/merge_requests/update_service_spec.rb
+++ b/spec/services/merge_requests/update_service_spec.rb
@@ -296,13 +296,13 @@ describe MergeRequests::UpdateService, services: true do
       end
 
       context 'when the milestone change' do
-        before do
+        it 'marks pending todos as done' do
           update_merge_request({ milestone: create(:milestone) })
-        end
 
-        it 'marks pending todos as done' do
           expect(pending_todo.reload).to be_done
         end
+
+        it_behaves_like 'system notes for milestones'
       end
 
       context 'when the labels change' do
diff --git a/spec/services/quick_actions/interpret_service_spec.rb b/spec/services/quick_actions/interpret_service_spec.rb
index 35373675894..a2db3f68ff7 100644
--- a/spec/services/quick_actions/interpret_service_spec.rb
+++ b/spec/services/quick_actions/interpret_service_spec.rb
@@ -431,22 +431,6 @@ describe QuickActions::InterpretService, services: true do
       end
     end
 
-    context 'reassign command' do
-      let(:content) { '/reassign' }
-
-      context 'Issue' do
-        it 'reassigns user if content contains /reassign @user' do
-          user = create(:user)
-
-          issue.update(assignee_ids: [developer.id])
-
-          _, updates = service.execute("/reassign @#{user.username}", issue)
-
-          expect(updates).to eq(assignee_ids: [user.id])
-        end
-      end
-    end
-
     it_behaves_like 'milestone command' do
       let(:content) { "/milestone %#{milestone.title}" }
       let(:issuable) { issue }
diff --git a/spec/support/gitaly.rb b/spec/support/gitaly.rb
index 2bf159002a0..89fb362cf14 100644
--- a/spec/support/gitaly.rb
+++ b/spec/support/gitaly.rb
@@ -1,8 +1,6 @@
-if Gitlab::GitalyClient.enabled?
-  RSpec.configure do |config|
-    config.before(:each) do |example|
-      next if example.metadata[:skip_gitaly_mock]
-      allow(Gitlab::GitalyClient).to receive(:feature_enabled?).and_return(true)
-    end
+RSpec.configure do |config|
+  config.before(:each) do |example|
+    next if example.metadata[:skip_gitaly_mock]
+    allow(Gitlab::GitalyClient).to receive(:feature_enabled?).and_return(true)
   end
 end
diff --git a/spec/support/issuable_shared_examples.rb b/spec/support/issuable_shared_examples.rb
index 03011535351..970fe10db2b 100644
--- a/spec/support/issuable_shared_examples.rb
+++ b/spec/support/issuable_shared_examples.rb
@@ -5,3 +5,34 @@ shared_examples 'cache counters invalidator' do
     described_class.new(project, user, {}).execute(merge_request)
   end
 end
+
+shared_examples 'system notes for milestones' do
+  def update_issuable(opts)
+    issuable = try(:issue) || try(:merge_request)
+    described_class.new(project, user, opts).execute(issuable)
+  end
+
+  context 'group milestones' do
+    let(:group) { create(:group) }
+    let(:group_milestone) { create(:milestone, group: group) }
+
+    before do
+      project.update(namespace: group)
+      create(:group_member, group: group, user: user)
+    end
+
+    it 'does not create system note' do
+      expect do
+        update_issuable(milestone: group_milestone)
+      end.not_to change { Note.system.count }
+    end
+  end
+
+  context 'project milestones' do
+    it 'creates system note' do
+      expect do
+        update_issuable(milestone: create(:milestone))
+      end.to change { Note.system.count }.by(1)
+    end
+  end
+end
diff --git a/spec/support/matchers/access_matchers_for_controller.rb b/spec/support/matchers/access_matchers_for_controller.rb
index fb43f51c70c..ff60bd0c0ae 100644
--- a/spec/support/matchers/access_matchers_for_controller.rb
+++ b/spec/support/matchers/access_matchers_for_controller.rb
@@ -50,9 +50,24 @@ module AccessMatchersForController
     "be #{type} for #{role}. Expected: #{expected.join(',')} Got: #{result}"
   end
 
+  def update_owner(objects, user)
+    return unless objects
+
+    objects.each do |object|
+      if object.respond_to?(:owner)
+        object.update_attribute(:owner, user)
+      elsif object.respond_to?(:user)
+        object.update_attribute(:user, user)
+      else
+        raise ArgumentError, "cannot own this object #{object}"
+      end
+    end
+  end
+
   matcher :be_allowed_for do |role|
     match do |action|
-      emulate_user(role, @membership)
+      user = emulate_user(role, @membership)
+      update_owner(@objects, user)
       action.call
 
       EXPECTED_STATUS_CODE_ALLOWED.include?(response.status)
@@ -62,13 +77,18 @@ module AccessMatchersForController
       @membership = membership
     end
 
+    chain :own do |*objects|
+      @objects = objects
+    end
+
     description { description_for(role, 'allowed', EXPECTED_STATUS_CODE_ALLOWED, response.status) }
     supports_block_expectations
   end
 
   matcher :be_denied_for do |role|
     match do |action|
-      emulate_user(role, @membership)
+      user = emulate_user(role, @membership)
+      update_owner(@objects, user)
       action.call
 
       EXPECTED_STATUS_CODE_DENIED.include?(response.status)
@@ -78,6 +98,10 @@ module AccessMatchersForController
       @membership = membership
     end
 
+    chain :own do |*objects|
+      @objects = objects
+    end
+
     description { description_for(role, 'denied', EXPECTED_STATUS_CODE_DENIED, response.status) }
     supports_block_expectations
   end
diff --git a/spec/support/test_env.rb b/spec/support/test_env.rb
index 32546abcad4..0cae5620920 100644
--- a/spec/support/test_env.rb
+++ b/spec/support/test_env.rb
@@ -69,7 +69,7 @@ module TestEnv
     # Setup GitLab shell for test instance
     setup_gitlab_shell
 
-    setup_gitaly if Gitlab::GitalyClient.enabled?
+    setup_gitaly
 
     # Create repository for FactoryGirl.create(:project)
     setup_factory_repo