500 files changed, 6609 insertions, 2435 deletions

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index f89a52e7a3e..98fdda3593e 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -852,8 +852,6 @@ qa:selectors:
 .qa-frontend-node: &qa-frontend-node
   <<: *dedicated-no-docs-no-db-pull-cache-job
   stage: test
-  variables:
-    NODE_OPTIONS: --max_old_space_size=3584
   cache:
     key: "$CI_JOB_NAME"
     paths:
@@ -1143,3 +1141,4 @@ schedule:review-performance:
   <<: *review-schedules-only
   script:
     - wait_for_job_to_be_done "schedule:review-deploy"
+
diff --git a/.gitlab/issue_templates/Feature proposal.md b/.gitlab/issue_templates/Feature proposal.md
index b4007c1ba7b..8a49715e0e8 100644
--- a/.gitlab/issue_templates/Feature proposal.md
+++ b/.gitlab/issue_templates/Feature proposal.md
@@ -24,6 +24,10 @@ Personas can be found at https://about.gitlab.com/handbook/marketing/product-mar
 <!-- See the Feature Change Documentation Workflow https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html
 Add all known Documentation Requirements here, per https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html#documentation-requirements -->
 
+### Testing
+
+<!-- What risks does this change pose? How might it affect the quality of the product? What additional test coverage or changes to tests will be needed? Will it require cross-browser testing? See the test engineering process for further guidelines: https://about.gitlab.com/handbook/engineering/quality/guidelines/test-engineering/ -->
+
 ### What does success look like, and how can we measure that?
 
 <!-- Define both the success metrics and acceptance criteria. Note that success metrics indicate the desired business outcomes, while acceptance criteria indicate when the solution is working correctly. If there is no way to measure success, link to an issue that will implement a way to measure this. -->
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 76e2ed66cfd..c99e487d04b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,19 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 11.9.6 (2019-04-04)
+
+### Fixed (3 changes)
+
+- Force to recreate all MR diffs on import. !26480
+- Fix API /project/:id/branches not returning correct merge status. !26785
+- Avoid excessive recursive calls with Rugged TreeEntries. !26813
+
+### Performance (1 change)
+
+- Force a full GC after importing a project. !26803
+
+
 ## 11.9.5 (2019-04-03)
 
 ### Fixed (3 changes)
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 97dbe2f512b..82e16b4fbf4 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -18,7 +18,7 @@ _This notice should stay as the first item in the CONTRIBUTING.md file._
 ## Contributing Documentation has been moved
 
 As of July 2018, all the documentation for contributing to the GitLab project has been moved to a new location.
-[view the new documentation](doc/development/contributing/index.md) to find the latest information.
+[View the new documentation](doc/development/contributing/index.md) to find the latest information.
 
 ## Contribute to GitLab
 
diff --git a/Dangerfile b/Dangerfile
index 95dd48aae9e..3e8cb456003 100644
--- a/Dangerfile
+++ b/Dangerfile
@@ -1,16 +1,19 @@
 danger.import_plugin('danger/plugins/helper.rb')
-danger.import_dangerfile(path: 'danger/metadata')
-danger.import_dangerfile(path: 'danger/changes_size')
-danger.import_dangerfile(path: 'danger/changelog')
-danger.import_dangerfile(path: 'danger/specs')
-danger.import_dangerfile(path: 'danger/gemfile')
-danger.import_dangerfile(path: 'danger/database')
-danger.import_dangerfile(path: 'danger/documentation')
-danger.import_dangerfile(path: 'danger/frozen_string')
-danger.import_dangerfile(path: 'danger/commit_messages')
-danger.import_dangerfile(path: 'danger/duplicate_yarn_dependencies')
-danger.import_dangerfile(path: 'danger/prettier')
-danger.import_dangerfile(path: 'danger/eslint')
-danger.import_dangerfile(path: 'danger/roulette')
-danger.import_dangerfile(path: 'danger/single_codebase')
-danger.import_dangerfile(path: 'danger/gitlab_ui_wg')
+
+unless helper.release_automation?
+  danger.import_dangerfile(path: 'danger/metadata')
+  danger.import_dangerfile(path: 'danger/changes_size')
+  danger.import_dangerfile(path: 'danger/changelog')
+  danger.import_dangerfile(path: 'danger/specs')
+  danger.import_dangerfile(path: 'danger/gemfile')
+  danger.import_dangerfile(path: 'danger/database')
+  danger.import_dangerfile(path: 'danger/documentation')
+  danger.import_dangerfile(path: 'danger/frozen_string')
+  danger.import_dangerfile(path: 'danger/commit_messages')
+  danger.import_dangerfile(path: 'danger/duplicate_yarn_dependencies')
+  danger.import_dangerfile(path: 'danger/prettier')
+  danger.import_dangerfile(path: 'danger/eslint')
+  danger.import_dangerfile(path: 'danger/roulette')
+  danger.import_dangerfile(path: 'danger/single_codebase')
+  danger.import_dangerfile(path: 'danger/gitlab_ui_wg')
+end
diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION
index 034552a83ee..359c41089a4 100644
--- a/GITALY_SERVER_VERSION
+++ b/GITALY_SERVER_VERSION
@@ -1 +1 @@
-1.30.0
+1.32.0
diff --git a/GITLAB_SHELL_VERSION b/GITLAB_SHELL_VERSION
index d139a75408e..f7ee06693c1 100644
--- a/GITLAB_SHELL_VERSION
+++ b/GITLAB_SHELL_VERSION
@@ -1 +1 @@
-8.7.1
+9.0.0
diff --git a/GITLAB_WORKHORSE_VERSION b/GITLAB_WORKHORSE_VERSION
index d127a0ff9f1..6d2890793d4 100644
--- a/GITLAB_WORKHORSE_VERSION
+++ b/GITLAB_WORKHORSE_VERSION
@@ -1 +1 @@
-8.3.3
+8.5.0
diff --git a/Gemfile b/Gemfile
index c0815c4a2a6..6052018754a 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,6 +1,6 @@
 source 'https://rubygems.org'
 
-gem 'rails', '5.0.7.1'
+gem 'rails', '5.0.7.2'
 gem 'rails-deprecated_sanitizer', '~> 1.0.3'
 
 # Improves copy-on-write performance for MRI
@@ -139,10 +139,7 @@ gem 'icalendar'
 gem 'diffy', '~> 3.1.0'
 
 # Application server
-# The 2.0.6 version of rack requires monkeypatch to be present in
-# `config.ru`. This can be removed once a new update for Rack
-# is available that contains https://github.com/rack/rack/pull/1201.
-gem 'rack', '2.0.6'
+gem 'rack', '~> 2.0.7'
 
 group :unicorn do
   gem 'unicorn', '~> 5.4.1'
@@ -419,7 +416,7 @@ group :ed25519 do
 end
 
 # Gitaly GRPC client
-gem 'gitaly-proto', '~> 1.13.0', require: 'gitaly'
+gem 'gitaly-proto', '~> 1.19.0', require: 'gitaly'
 
 gem 'grpc', '~> 1.15.0'
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 4ebcc6c81b2..b522aa85b39 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -4,41 +4,41 @@ GEM
     RedCloth (4.3.2)
     abstract_type (0.0.7)
     ace-rails-ap (4.1.2)
-    actioncable (5.0.7.1)
-      actionpack (= 5.0.7.1)
+    actioncable (5.0.7.2)
+      actionpack (= 5.0.7.2)
       nio4r (>= 1.2, < 3.0)
       websocket-driver (~> 0.6.1)
-    actionmailer (5.0.7.1)
-      actionpack (= 5.0.7.1)
-      actionview (= 5.0.7.1)
-      activejob (= 5.0.7.1)
+    actionmailer (5.0.7.2)
+      actionpack (= 5.0.7.2)
+      actionview (= 5.0.7.2)
+      activejob (= 5.0.7.2)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (5.0.7.1)
-      actionview (= 5.0.7.1)
-      activesupport (= 5.0.7.1)
+    actionpack (5.0.7.2)
+      actionview (= 5.0.7.2)
+      activesupport (= 5.0.7.2)
       rack (~> 2.0)
       rack-test (~> 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.0.7.1)
-      activesupport (= 5.0.7.1)
+    actionview (5.0.7.2)
+      activesupport (= 5.0.7.2)
       builder (~> 3.1)
       erubis (~> 2.7.0)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (5.0.7.1)
-      activesupport (= 5.0.7.1)
+    activejob (5.0.7.2)
+      activesupport (= 5.0.7.2)
       globalid (>= 0.3.6)
-    activemodel (5.0.7.1)
-      activesupport (= 5.0.7.1)
-    activerecord (5.0.7.1)
-      activemodel (= 5.0.7.1)
-      activesupport (= 5.0.7.1)
+    activemodel (5.0.7.2)
+      activesupport (= 5.0.7.2)
+    activerecord (5.0.7.2)
+      activemodel (= 5.0.7.2)
+      activesupport (= 5.0.7.2)
       arel (~> 7.0)
     activerecord_sane_schema_dumper (1.0)
       rails (>= 5, < 6)
-    activesupport (5.0.7.1)
+    activesupport (5.0.7.2)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
@@ -281,7 +281,7 @@ GEM
       gettext_i18n_rails (>= 0.7.1)
       po_to_json (>= 1.0.0)
       rails (>= 3.2.0)
-    gitaly-proto (1.13.0)
+    gitaly-proto (1.19.0)
       grpc (~> 1.0)
     github-markup (1.7.0)
     gitlab-default_value_for (3.1.1)
@@ -298,7 +298,7 @@ GEM
       omniauth (~> 1.3)
       pyu-ruby-sasl (>= 0.0.3.3, < 0.1)
       rubyntlm (~> 0.5)
-    globalid (0.4.1)
+    globalid (0.4.2)
       activesupport (>= 4.2.0)
     gon (6.2.0)
       actionpack (>= 3.0)
@@ -385,7 +385,7 @@ GEM
       mime-types (~> 3.0)
       multi_xml (>= 0.5.2)
     httpclient (2.8.3)
-    i18n (1.2.0)
+    i18n (1.6.0)
       concurrent-ruby (~> 1.0)
     icalendar (2.4.1)
     ice_nine (0.11.2)
@@ -617,7 +617,7 @@ GEM
       puma (>= 2.7, < 4)
     pyu-ruby-sasl (0.0.3.3)
     raabro (1.1.6)
-    rack (2.0.6)
+    rack (2.0.7)
     rack-accept (0.4.5)
       rack (>= 0.4)
     rack-attack (4.4.1)
@@ -635,17 +635,17 @@ GEM
       rack
     rack-test (0.6.3)
       rack (>= 1.0)
-    rails (5.0.7.1)
-      actioncable (= 5.0.7.1)
-      actionmailer (= 5.0.7.1)
-      actionpack (= 5.0.7.1)
-      actionview (= 5.0.7.1)
-      activejob (= 5.0.7.1)
-      activemodel (= 5.0.7.1)
-      activerecord (= 5.0.7.1)
-      activesupport (= 5.0.7.1)
+    rails (5.0.7.2)
+      actioncable (= 5.0.7.2)
+      actionmailer (= 5.0.7.2)
+      actionpack (= 5.0.7.2)
+      actionview (= 5.0.7.2)
+      activejob (= 5.0.7.2)
+      activemodel (= 5.0.7.2)
+      activerecord (= 5.0.7.2)
+      activesupport (= 5.0.7.2)
       bundler (>= 1.3.0)
-      railties (= 5.0.7.1)
+      railties (= 5.0.7.2)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.2)
       actionpack (~> 5.x, >= 5.0.1)
@@ -661,9 +661,9 @@ GEM
     rails-i18n (5.1.1)
       i18n (>= 0.7, < 2)
       railties (>= 5.0, < 6)
-    railties (5.0.7.1)
-      actionpack (= 5.0.7.1)
-      activesupport (= 5.0.7.1)
+    railties (5.0.7.2)
+      actionpack (= 5.0.7.2)
+      activesupport (= 5.0.7.2)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
@@ -1017,7 +1017,7 @@ DEPENDENCIES
   gettext (~> 3.2.2)
   gettext_i18n_rails (~> 1.8.0)
   gettext_i18n_rails_js (~> 1.3)
-  gitaly-proto (~> 1.13.0)
+  gitaly-proto (~> 1.19.0)
   github-markup (~> 1.7.0)
   gitlab-default_value_for (~> 3.1.1)
   gitlab-markup (~> 1.7.0)
@@ -1100,12 +1100,12 @@ DEPENDENCIES
   pry-rails (~> 0.3.4)
   puma (~> 3.12)
   puma_worker_killer
-  rack (= 2.0.6)
+  rack (~> 2.0.7)
   rack-attack (~> 4.4.1)
   rack-cors (~> 1.0.0)
   rack-oauth2 (~> 1.9.3)
   rack-proxy (~> 0.6.0)
-  rails (= 5.0.7.1)
+  rails (= 5.0.7.2)
   rails-controller-testing
   rails-deprecated_sanitizer (~> 1.0.3)
   rails-i18n (~> 5.1)
diff --git a/app/assets/javascripts/group_avatar.js b/app/assets/javascripts/avatar_picker.js
index dcda625f587..d38e0b4abaa 100644
--- a/app/assets/javascripts/group_avatar.js
+++ b/app/assets/javascripts/avatar_picker.js
@@ -1,11 +1,12 @@
 import $ from 'jquery';
 
-export default function groupAvatar() {
-  $('.js-choose-group-avatar-button').on('click', function onClickGroupAvatar() {
+export default function initAvatarPicker() {
+  $('.js-choose-avatar-button').on('click', function onClickAvatar() {
     const form = $(this).closest('form');
-    return form.find('.js-group-avatar-input').click();
+    return form.find('.js-avatar-input').click();
   });
-  $('.js-group-avatar-input').on('change', function onChangeAvatarInput() {
+
+  $('.js-avatar-input').on('change', function onChangeAvatarInput() {
     const form = $(this).closest('form');
     const filename = $(this)
       .val()
diff --git a/app/assets/javascripts/contextual_sidebar.js b/app/assets/javascripts/contextual_sidebar.js
index 67fcdd082a2..03dea1ec0a5 100644
--- a/app/assets/javascripts/contextual_sidebar.js
+++ b/app/assets/javascripts/contextual_sidebar.js
@@ -41,6 +41,9 @@ export default class ContextualSidebar {
         this.toggleCollapsedSidebar(value, true);
       }
     });
+    this.$page.on('transitionstart transitionend', () => {
+      $(document).trigger('content.resize');
+    });
 
     $(window).on('resize', () => _.debounce(this.render(), 100));
   }
diff --git a/app/assets/javascripts/diffs/components/diff_line_note_form.vue b/app/assets/javascripts/diffs/components/diff_line_note_form.vue
index bb66ab36283..41670b45798 100644
--- a/app/assets/javascripts/diffs/components/diff_line_note_form.vue
+++ b/app/assets/javascripts/diffs/components/diff_line_note_form.vue
@@ -48,10 +48,13 @@ export default {
         noteableType: this.noteableType,
         noteTargetLine: this.noteTargetLine,
         diffViewType: this.diffViewType,
-        diffFile: this.getDiffFileByHash(this.diffFileHash),
+        diffFile: this.diffFile,
         linePosition: this.linePosition,
       };
     },
+    diffFile() {
+      return this.getDiffFileByHash(this.diffFileHash);
+    },
   },
   mounted() {
     if (this.isLoggedIn) {
@@ -102,6 +105,7 @@ export default {
       :line-code="line.line_code"
       :line="line"
       :help-page-path="helpPagePath"
+      :diff-file="diffFile"
       save-button-title="Comment"
       class="diff-comment-form"
       @handleFormUpdateAddToReview="addToReview"
diff --git a/app/assets/javascripts/filtered_search/filtered_search_manager.js b/app/assets/javascripts/filtered_search/filtered_search_manager.js
index 0c2e87521d9..efd03ec952f 100644
--- a/app/assets/javascripts/filtered_search/filtered_search_manager.js
+++ b/app/assets/javascripts/filtered_search/filtered_search_manager.js
@@ -1,6 +1,7 @@
 import _ from 'underscore';
 import { getParameterByName, getUrlParamsArray } from '~/lib/utils/common_utils';
 import IssuableFilteredSearchTokenKeys from '~/filtered_search/issuable_filtered_search_token_keys';
+import recentSearchesStorageKeys from 'ee_else_ce/filtered_search/recent_searches_storage_keys';
 import { visitUrl } from '../lib/utils/url_utility';
 import Flash from '../flash';
 import FilteredSearchContainer from './container';
@@ -36,10 +37,11 @@ export default class FilteredSearchManager {
     this.tokensContainer = this.container.querySelector('.tokens-container');
     this.filteredSearchTokenKeys = filteredSearchTokenKeys;
     this.stateFiltersSelector = stateFiltersSelector;
-    this.recentsStorageKeyNames = {
-      issues: 'issue-recent-searches',
-      merge_requests: 'merge-request-recent-searches',
-    };
+
+    const { multipleAssignees } = this.filteredSearchInput.dataset;
+    if (multipleAssignees && this.filteredSearchTokenKeys.enableMultipleAssignees) {
+      this.filteredSearchTokenKeys.enableMultipleAssignees();
+    }
 
     this.recentSearchesStore = new RecentSearchesStore({
       isLocalStorageAvailable: RecentSearchesService.isAvailable(),
@@ -51,7 +53,7 @@ export default class FilteredSearchManager {
     const fullPath = this.searchHistoryDropdownElement
       ? this.searchHistoryDropdownElement.dataset.fullPath
       : 'project';
-    const recentSearchesKey = `${fullPath}-${this.recentsStorageKeyNames[this.page]}`;
+    const recentSearchesKey = `${fullPath}-${recentSearchesStorageKeys[this.page]}`;
     this.recentSearchesService = new RecentSearchesService(recentSearchesKey);
   }
 
diff --git a/app/assets/javascripts/filtered_search/recent_searches_storage_keys.js b/app/assets/javascripts/filtered_search/recent_searches_storage_keys.js
new file mode 100644
index 00000000000..7e9b809e9b2
--- /dev/null
+++ b/app/assets/javascripts/filtered_search/recent_searches_storage_keys.js
@@ -0,0 +1,4 @@
+export default {
+  issues: 'issue-recent-searches',
+  merge_requests: 'merge-request-recent-searches',
+};
diff --git a/app/assets/javascripts/gl_field_errors.js b/app/assets/javascripts/gl_field_errors.js
index d5d5954ce6a..c4fd719c8d0 100644
--- a/app/assets/javascripts/gl_field_errors.js
+++ b/app/assets/javascripts/gl_field_errors.js
@@ -15,7 +15,7 @@ export default class GlFieldErrors {
 
   initValidators() {
     // register selectors here as needed
-    const validateSelectors = [':text', ':password', '[type=email]']
+    const validateSelectors = [':text', ':password', '[type=email]', '[type=url]', '[type=number]']
       .map(selector => `input${selector}`)
       .join(',');
 
diff --git a/app/assets/javascripts/helpers/monitor_helper.js b/app/assets/javascripts/helpers/monitor_helper.js
new file mode 100644
index 00000000000..2c2a04d5b5e
--- /dev/null
+++ b/app/assets/javascripts/helpers/monitor_helper.js
@@ -0,0 +1,17 @@
+/* eslint-disable import/prefer-default-export */
+
+export const makeDataSeries = (queryResults, defaultConfig) =>
+  queryResults.reduce((acc, result) => {
+    const data = result.values.filter(([, value]) => !Number.isNaN(value));
+    if (!data.length) {
+      return acc;
+    }
+    const relevantMetric = defaultConfig.name.toLowerCase().replace(' ', '_');
+    const name = result.metric[relevantMetric];
+    const series = { data };
+    if (name) {
+      series.name = `${defaultConfig.name}: ${name}`;
+    }
+
+    return acc.concat({ ...defaultConfig, ...series });
+  }, []);
diff --git a/app/assets/javascripts/ide/components/file_row_extra.vue b/app/assets/javascripts/ide/components/file_row_extra.vue
index d6673cf0421..80a6ab9598a 100644
--- a/app/assets/javascripts/ide/components/file_row_extra.vue
+++ b/app/assets/javascripts/ide/components/file_row_extra.vue
@@ -23,7 +23,7 @@ export default {
       type: Object,
       required: true,
     },
-    mouseOver: {
+    dropdownOpen: {
       type: Boolean,
       required: true,
     },
@@ -92,8 +92,9 @@ export default {
     <new-dropdown
       :type="file.type"
       :path="file.path"
-      :mouse-over="mouseOver"
+      :is-open="dropdownOpen"
       class="prepend-left-8"
+      v-on="$listeners"
     />
   </div>
 </template>
diff --git a/app/assets/javascripts/ide/components/new_dropdown/index.vue b/app/assets/javascripts/ide/components/new_dropdown/index.vue
index 593a9162a06..27d24fa5e1d 100644
--- a/app/assets/javascripts/ide/components/new_dropdown/index.vue
+++ b/app/assets/javascripts/ide/components/new_dropdown/index.vue
@@ -21,38 +21,29 @@ export default {
       required: false,
       default: '',
     },
-    mouseOver: {
+    isOpen: {
       type: Boolean,
-      required: true,
+      required: false,
+      default: false,
     },
   },
-  data() {
-    return {
-      dropdownOpen: false,
-    };
-  },
   watch: {
-    dropdownOpen() {
+    isOpen() {
       this.$nextTick(() => {
         this.$refs.dropdownMenu.scrollIntoView({
           block: 'nearest',
         });
       });
     },
-    mouseOver() {
-      if (!this.mouseOver) {
-        this.dropdownOpen = false;
-      }
-    },
   },
   methods: {
     ...mapActions(['createTempEntry', 'openNewEntryModal', 'deleteEntry']),
     createNewItem(type) {
       this.openNewEntryModal({ type, path: this.path });
-      this.dropdownOpen = false;
+      this.$emit('toggle', false);
     },
     openDropdown() {
-      this.dropdownOpen = !this.dropdownOpen;
+      this.$emit('toggle', !this.isOpen);
     },
   },
   modalTypes,
@@ -63,7 +54,7 @@ export default {
   <div class="ide-new-btn">
     <div
       :class="{
-        show: dropdownOpen,
+        show: isOpen,
       }"
       class="dropdown d-flex"
     >
diff --git a/app/assets/javascripts/ide/components/pipelines/list.vue b/app/assets/javascripts/ide/components/pipelines/list.vue
index 451c8030e16..5ae73b2fc9c 100644
--- a/app/assets/javascripts/ide/components/pipelines/list.vue
+++ b/app/assets/javascripts/ide/components/pipelines/list.vue
@@ -24,7 +24,13 @@ export default {
     ...mapState(['pipelinesEmptyStateSvgPath', 'links']),
     ...mapGetters(['currentProject']),
     ...mapGetters('pipelines', ['jobsCount', 'failedJobsCount', 'failedStages', 'pipelineFailed']),
-    ...mapState('pipelines', ['isLoadingPipeline', 'latestPipeline', 'stages', 'isLoadingJobs']),
+    ...mapState('pipelines', [
+      'isLoadingPipeline',
+      'hasLoadedPipeline',
+      'latestPipeline',
+      'stages',
+      'isLoadingJobs',
+    ]),
     ciLintText() {
       return sprintf(
         __('You can test your .gitlab-ci.yml in %{linkStart}CI Lint%{linkEnd}.'),
@@ -36,7 +42,7 @@ export default {
       );
     },
     showLoadingIcon() {
-      return this.isLoadingPipeline && this.latestPipeline === null;
+      return this.isLoadingPipeline && !this.hasLoadedPipeline;
     },
   },
   created() {
@@ -51,7 +57,7 @@ export default {
 <template>
   <div class="ide-pipeline">
     <gl-loading-icon v-if="showLoadingIcon" :size="2" class="prepend-top-default" />
-    <template v-else-if="latestPipeline !== null">
+    <template v-else-if="hasLoadedPipeline">
       <header v-if="latestPipeline" class="ide-tree-header ide-pipeline-header">
         <ci-icon :status="latestPipeline.details.status" :size="24" />
         <span class="prepend-left-8">
@@ -62,7 +68,7 @@ export default {
         </span>
       </header>
       <empty-state
-        v-if="latestPipeline === false"
+        v-if="!latestPipeline"
         :help-page-path="links.ciHelpPagePath"
         :empty-state-svg-path="pipelinesEmptyStateSvgPath"
         :can-set-ci="true"
diff --git a/app/assets/javascripts/ide/stores/actions/merge_request.js b/app/assets/javascripts/ide/stores/actions/merge_request.js
index 362ced248a1..1273e375859 100644
--- a/app/assets/javascripts/ide/stores/actions/merge_request.js
+++ b/app/assets/javascripts/ide/stores/actions/merge_request.js
@@ -4,10 +4,11 @@ import service from '../../services';
 import * as types from '../mutation_types';
 import { activityBarViews } from '../../constants';
 
-export const getMergeRequestsForBranch = ({ commit }, { projectId, branchId } = {}) =>
+export const getMergeRequestsForBranch = ({ commit, state }, { projectId, branchId } = {}) =>
   service
     .getProjectMergeRequests(`${projectId}`, {
       source_branch: branchId,
+      source_project_id: state.projects[projectId].id,
       order_by: 'created_at',
       per_page: 1,
     })
diff --git a/app/assets/javascripts/ide/stores/modules/pipelines/mutations.js b/app/assets/javascripts/ide/stores/modules/pipelines/mutations.js
index b4be100cb07..eaaa82cb339 100644
--- a/app/assets/javascripts/ide/stores/modules/pipelines/mutations.js
+++ b/app/assets/javascripts/ide/stores/modules/pipelines/mutations.js
@@ -10,6 +10,7 @@ export default {
   },
   [types.RECEIVE_LASTEST_PIPELINE_SUCCESS](state, pipeline) {
     state.isLoadingPipeline = false;
+    state.hasLoadedPipeline = true;
 
     if (pipeline) {
       state.latestPipeline = {
@@ -34,7 +35,7 @@ export default {
         };
       });
     } else {
-      state.latestPipeline = false;
+      state.latestPipeline = null;
     }
   },
   [types.REQUEST_JOBS](state, id) {
diff --git a/app/assets/javascripts/ide/stores/modules/pipelines/state.js b/app/assets/javascripts/ide/stores/modules/pipelines/state.js
index 8651e267b53..8dfa0ec491f 100644
--- a/app/assets/javascripts/ide/stores/modules/pipelines/state.js
+++ b/app/assets/javascripts/ide/stores/modules/pipelines/state.js
@@ -1,5 +1,6 @@
 export default () => ({
   isLoadingPipeline: true,
+  hasLoadedPipeline: false,
   isLoadingJobs: false,
   latestPipeline: null,
   stages: [],
diff --git a/app/assets/javascripts/jobs/components/empty_state.vue b/app/assets/javascripts/jobs/components/empty_state.vue
index 668fcf3d673..04f910b6b80 100644
--- a/app/assets/javascripts/jobs/components/empty_state.vue
+++ b/app/assets/javascripts/jobs/components/empty_state.vue
@@ -49,7 +49,7 @@ export default {
       <div class="text-content">
         <h4 class="js-job-empty-state-title text-center">{{ title }}</h4>
 
-        <p v-if="content" class="js-job-empty-state-content">{{ content }}</p>
+        <p v-if="content" class="js-job-empty-state-content text-center">{{ content }}</p>
 
         <div v-if="action" class="text-center">
           <gl-link
diff --git a/app/assets/javascripts/jobs/components/job_app.vue b/app/assets/javascripts/jobs/components/job_app.vue
index dbadd224251..0670e2b06b9 100644
--- a/app/assets/javascripts/jobs/components/job_app.vue
+++ b/app/assets/javascripts/jobs/components/job_app.vue
@@ -15,6 +15,7 @@ import ErasedBlock from './erased_block.vue';
 import Log from './job_log.vue';
 import LogTopBar from './job_log_controllers.vue';
 import StuckBlock from './stuck_block.vue';
+import UnmetPrerequisitesBlock from './unmet_prerequisites_block.vue';
 import Sidebar from './sidebar.vue';
 import { sprintf } from '~/locale';
 import delayedJobMixin from '../mixins/delayed_job_mixin';
@@ -32,6 +33,7 @@ export default {
     Log,
     LogTopBar,
     StuckBlock,
+    UnmetPrerequisitesBlock,
     Sidebar,
     GlLoadingIcon,
     SharedRunner: () => import('ee_component/jobs/components/shared_runner_limit_block.vue'),
@@ -48,6 +50,11 @@ export default {
       required: false,
       default: null,
     },
+    deploymentHelpUrl: {
+      type: String,
+      required: false,
+      default: null,
+    },
     endpoint: {
       type: String,
       required: true,
@@ -82,6 +89,7 @@ export default {
     ]),
     ...mapGetters([
       'headerTime',
+      'hasUnmetPrerequisitesFailure',
       'shouldRenderCalloutMessage',
       'shouldRenderTriggeredLabel',
       'hasEnvironment',
@@ -210,7 +218,10 @@ export default {
             />
           </div>
 
-          <callout v-if="shouldRenderCalloutMessage" :message="job.callout_message" />
+          <callout
+            v-if="shouldRenderCalloutMessage && !hasUnmetPrerequisitesFailure"
+            :message="job.callout_message"
+          />
         </header>
         <!-- EO Header Section -->
 
@@ -223,6 +234,12 @@ export default {
           :runners-path="runnerSettingsUrl"
         />
 
+        <unmet-prerequisites-block
+          v-if="hasUnmetPrerequisitesFailure"
+          class="js-job-failed"
+          :help-path="deploymentHelpUrl"
+        />
+
         <shared-runner
           v-if="shouldRenderSharedRunnerLimitWarning"
           class="js-shared-runner-limit"
diff --git a/app/assets/javascripts/jobs/components/unmet_prerequisites_block.vue b/app/assets/javascripts/jobs/components/unmet_prerequisites_block.vue
new file mode 100644
index 00000000000..25a8da84873
--- /dev/null
+++ b/app/assets/javascripts/jobs/components/unmet_prerequisites_block.vue
@@ -0,0 +1,30 @@
+<script>
+import { GlLink } from '@gitlab/ui';
+/**
+ * Renders Unmet Prerequisites block for job's view.
+ */
+export default {
+  components: {
+    GlLink,
+  },
+  props: {
+    helpPath: {
+      type: String,
+      required: true,
+    },
+  },
+};
+</script>
+<template>
+  <div class="bs-callout bs-callout-danger">
+    <p class="js-failed-unmet-prerequisites append-bottom-0">
+      {{
+        s__(`Job|This job failed because the necessary resources were not successfully created.`)
+      }}
+
+      <gl-link :href="helpPath" class="js-help-path">
+        <strong> {{ __('More information') }} </strong>
+      </gl-link>
+    </p>
+  </div>
+</template>
diff --git a/app/assets/javascripts/jobs/index.js b/app/assets/javascripts/jobs/index.js
index a32e945627c..25132449458 100644
--- a/app/assets/javascripts/jobs/index.js
+++ b/app/assets/javascripts/jobs/index.js
@@ -12,6 +12,7 @@ export default () => {
     render(createElement) {
       return createElement('job-app', {
         props: {
+          deploymentHelpUrl: element.dataset.deploymentHelpUrl,
           runnerHelpUrl: element.dataset.runnerHelpUrl,
           runnerSettingsUrl: element.dataset.runnerSettingsUrl,
           endpoint: element.dataset.endpoint,
diff --git a/app/assets/javascripts/jobs/store/getters.js b/app/assets/javascripts/jobs/store/getters.js
index 73c1cbc3a99..406b1a2e375 100644
--- a/app/assets/javascripts/jobs/store/getters.js
+++ b/app/assets/javascripts/jobs/store/getters.js
@@ -3,6 +3,9 @@ import { isScrolledToBottom } from '~/lib/utils/scroll_utils';
 
 export const headerTime = state => (state.job.started ? state.job.started : state.job.created_at);
 
+export const hasUnmetPrerequisitesFailure = state =>
+  state.job && state.job.failure_reason && state.job.failure_reason === 'unmet_prerequisites';
+
 export const shouldRenderCalloutMessage = state =>
   !_.isEmpty(state.job.status) && !_.isEmpty(state.job.callout_message);
 
diff --git a/app/assets/javascripts/monitoring/components/charts/area.vue b/app/assets/javascripts/monitoring/components/charts/area.vue
index d453dc1fdb7..b0bbe272d1f 100644
--- a/app/assets/javascripts/monitoring/components/charts/area.vue
+++ b/app/assets/javascripts/monitoring/components/charts/area.vue
@@ -5,6 +5,7 @@ import { debounceByAnimationFrame } from '~/lib/utils/common_utils';
 import { getSvgIconPathContent } from '~/lib/utils/icon_utils';
 import Icon from '~/vue_shared/components/icon.vue';
 import { chartHeight, graphTypes, lineTypes } from '../../constants';
+import { makeDataSeries } from '~/helpers/monitor_helper';
 
 let debouncedResize;
 
@@ -63,7 +64,7 @@ export default {
   },
   computed: {
     chartData() {
-      return this.graphData.queries.map(query => {
+      return this.graphData.queries.reduce((acc, query) => {
         const { appearance } = query;
         const lineType =
           appearance && appearance.line && appearance.line.type
@@ -74,9 +75,8 @@ export default {
             ? appearance.line.width
             : undefined;
 
-        return {
+        const series = makeDataSeries(query.result, {
           name: this.formatLegendLabel(query),
-          data: this.concatenateResults(query.result),
           lineStyle: {
             type: lineType,
             width: lineWidth,
@@ -87,8 +87,10 @@ export default {
                 ? appearance.area.opacity
                 : undefined,
           },
-        };
-      });
+        });
+
+        return acc.concat(series);
+      }, []);
     },
     chartOptions() {
       return {
@@ -175,9 +177,6 @@ export default {
     this.setSvg('scroll-handle');
   },
   methods: {
-    concatenateResults(results) {
-      return results.reduce((acc, result) => acc.concat(result.values), []);
-    },
     formatLegendLabel(query) {
       return `${query.label}`;
     },
diff --git a/app/assets/javascripts/notes/components/note_form.vue b/app/assets/javascripts/notes/components/note_form.vue
index 57d6b181bd7..471323bfc83 100644
--- a/app/assets/javascripts/notes/components/note_form.vue
+++ b/app/assets/javascripts/notes/components/note_form.vue
@@ -61,6 +61,11 @@ export default {
       required: false,
       default: null,
     },
+    diffFile: {
+      type: Object,
+      required: false,
+      default: null,
+    },
     helpPagePath: {
       type: String,
       required: false,
@@ -102,9 +107,42 @@ export default {
       }
       return '#';
     },
+    diffParams() {
+      if (this.diffFile) {
+        return {
+          filePath: this.diffFile.file_path,
+          refs: this.diffFile.diff_refs,
+        };
+      } else if (this.note && this.note.position) {
+        return {
+          filePath: this.note.position.new_path,
+          refs: this.note.position,
+        };
+      } else if (this.discussion && this.discussion.diff_file) {
+        return {
+          filePath: this.discussion.diff_file.file_path,
+          refs: this.discussion.diff_file.diff_refs,
+        };
+      }
+
+      return null;
+    },
     markdownPreviewPath() {
       const notable = this.getNoteableDataByProp('preview_note_path');
-      return mergeUrlParams({ preview_suggestions: true }, notable);
+
+      const previewSuggestions = this.line && this.diffParams;
+      const params = previewSuggestions
+        ? {
+            preview_suggestions: previewSuggestions,
+            line: this.line.new_line,
+            file_path: this.diffParams.filePath,
+            base_sha: this.diffParams.refs.base_sha,
+            start_sha: this.diffParams.refs.start_sha,
+            head_sha: this.diffParams.refs.head_sha,
+          }
+        : {};
+
+      return mergeUrlParams(params, notable);
     },
     markdownDocsPath() {
       return this.getNotesDataByProp('markdownDocsPath');
@@ -234,8 +272,8 @@ export default {
           placeholder="Write a comment or drag your files here…"
           @keydown.meta.enter="handleKeySubmit()"
           @keydown.ctrl.enter="handleKeySubmit()"
-          @keydown.up="editMyLastNote()"
-          @keydown.esc="cancelHandler(true)"
+          @keydown.exact.up="editMyLastNote()"
+          @keydown.exact.esc="cancelHandler(true)"
           @input="onInput"
         ></textarea>
       </markdown-field>
diff --git a/app/assets/javascripts/pages/admin/groups/edit/index.js b/app/assets/javascripts/pages/admin/groups/edit/index.js
index d3d125a1859..ad7276132b9 100644
--- a/app/assets/javascripts/pages/admin/groups/edit/index.js
+++ b/app/assets/javascripts/pages/admin/groups/edit/index.js
@@ -1,3 +1,3 @@
-import groupAvatar from '~/group_avatar';
+import initAvatarPicker from '~/avatar_picker';
 
-document.addEventListener('DOMContentLoaded', groupAvatar);
+document.addEventListener('DOMContentLoaded', initAvatarPicker);
diff --git a/app/assets/javascripts/pages/admin/groups/new/index.js b/app/assets/javascripts/pages/admin/groups/new/index.js
index 21f1ce222ac..6de740ee9ce 100644
--- a/app/assets/javascripts/pages/admin/groups/new/index.js
+++ b/app/assets/javascripts/pages/admin/groups/new/index.js
@@ -1,9 +1,9 @@
 import BindInOut from '../../../../behaviors/bind_in_out';
 import Group from '../../../../group';
-import groupAvatar from '../../../../group_avatar';
+import initAvatarPicker from '~/avatar_picker';
 
 document.addEventListener('DOMContentLoaded', () => {
   BindInOut.initAll();
   new Group(); // eslint-disable-line no-new
-  groupAvatar();
+  initAvatarPicker();
 });
diff --git a/app/assets/javascripts/pages/groups/edit/index.js b/app/assets/javascripts/pages/groups/edit/index.js
index 01ef445c901..d036ff07d89 100644
--- a/app/assets/javascripts/pages/groups/edit/index.js
+++ b/app/assets/javascripts/pages/groups/edit/index.js
@@ -1,4 +1,4 @@
-import groupAvatar from '~/group_avatar';
+import initAvatarPicker from '~/avatar_picker';
 import TransferDropdown from '~/groups/transfer_dropdown';
 import initConfirmDangerModal from '~/confirm_danger_modal';
 import initSettingsPanels from '~/settings_panels';
@@ -9,7 +9,7 @@ import groupsSelect from '~/groups_select';
 import projectSelect from '~/project_select';
 
 document.addEventListener('DOMContentLoaded', () => {
-  groupAvatar();
+  initAvatarPicker();
   new TransferDropdown(); // eslint-disable-line no-new
   initConfirmDangerModal();
   initSettingsPanels();
diff --git a/app/assets/javascripts/pages/groups/new/index.js b/app/assets/javascripts/pages/groups/new/index.js
index b2f275dc5ea..57b53eb9e5d 100644
--- a/app/assets/javascripts/pages/groups/new/index.js
+++ b/app/assets/javascripts/pages/groups/new/index.js
@@ -1,9 +1,9 @@
 import BindInOut from '~/behaviors/bind_in_out';
 import Group from '~/group';
-import groupAvatar from '~/group_avatar';
+import initAvatarPicker from '~/avatar_picker';
 
 document.addEventListener('DOMContentLoaded', () => {
   BindInOut.initAll();
   new Group(); // eslint-disable-line no-new
-  groupAvatar();
+  initAvatarPicker();
 });
diff --git a/app/assets/javascripts/pages/projects/edit/index.js b/app/assets/javascripts/pages/projects/edit/index.js
index 899d5925956..278c35d3846 100644
--- a/app/assets/javascripts/pages/projects/edit/index.js
+++ b/app/assets/javascripts/pages/projects/edit/index.js
@@ -3,7 +3,7 @@ import initSettingsPanels from '~/settings_panels';
 import setupProjectEdit from '~/project_edit';
 import initConfirmDangerModal from '~/confirm_danger_modal';
 import mountBadgeSettings from '~/pages/shared/mount_badge_settings';
-import fileUpload from '~/lib/utils/file_upload';
+import initAvatarPicker from '~/avatar_picker';
 import initProjectLoadingSpinner from '../shared/save_project_loader';
 import initProjectPermissionsSettings from '../shared/permissions';
 
@@ -12,7 +12,7 @@ document.addEventListener('DOMContentLoaded', () => {
   setupProjectEdit();
   // Initialize expandable settings panels
   initSettingsPanels();
-  fileUpload('.js-choose-project-avatar-button', '.js-project-avatar-input');
+  initAvatarPicker();
   initProjectPermissionsSettings();
   initConfirmDangerModal();
   mountBadgeSettings(PROJECT_BADGE);
diff --git a/app/assets/javascripts/sidebar/components/todo_toggle/todo.vue b/app/assets/javascripts/sidebar/components/todo_toggle/todo.vue
index 706e6ca19c3..57125c78cf6 100644
--- a/app/assets/javascripts/sidebar/components/todo_toggle/todo.vue
+++ b/app/assets/javascripts/sidebar/components/todo_toggle/todo.vue
@@ -50,6 +50,9 @@ export default {
     buttonLabel() {
       return this.isTodo ? MARK_TEXT : TODO_TEXT;
     },
+    buttonTooltip() {
+      return !this.collapsed ? undefined : this.buttonLabel;
+    },
     collapsedButtonIconClasses() {
       return this.isTodo ? 'todo-undone' : '';
     },
@@ -69,7 +72,7 @@ export default {
   <button
     v-tooltip
     :class="buttonClasses"
-    :title="buttonLabel"
+    :title="buttonTooltip"
     :aria-label="buttonLabel"
     :data-issuable-id="issuableId"
     :data-issuable-type="issuableType"
diff --git a/app/assets/javascripts/vue_shared/components/file_row.vue b/app/assets/javascripts/vue_shared/components/file_row.vue
index 0cbcdbf2eb4..1bfa91500cb 100644
--- a/app/assets/javascripts/vue_shared/components/file_row.vue
+++ b/app/assets/javascripts/vue_shared/components/file_row.vue
@@ -39,7 +39,7 @@ export default {
   },
   data() {
     return {
-      mouseOver: false,
+      dropdownOpen: false,
     };
   },
   computed: {
@@ -123,8 +123,8 @@ export default {
 
       return this.$router.currentRoute.path === `/project${this.file.url}`;
     },
-    toggleHover(over) {
-      this.mouseOver = over;
+    toggleDropdown(val) {
+      this.dropdownOpen = val;
     },
   },
 };
@@ -140,8 +140,7 @@ export default {
       class="file-row"
       role="button"
       @click="clickFile"
-      @mouseover="toggleHover(true)"
-      @mouseout="toggleHover(false)"
+      @mouseleave="toggleDropdown(false)"
     >
       <div class="file-row-name-container">
         <span ref="textOutput" :style="levelIndentation" class="file-row-name str-truncated">
@@ -160,7 +159,8 @@ export default {
           :is="extraComponent"
           v-if="extraComponent && !(hideExtraOnTree && file.type === 'tree')"
           :file="file"
-          :mouse-over="mouseOver"
+          :dropdown-open="dropdownOpen"
+          @toggle="toggleDropdown($event)"
         />
       </div>
     </div>
diff --git a/app/assets/javascripts/vue_shared/components/lib/utils/diff_utils.js b/app/assets/javascripts/vue_shared/components/lib/utils/diff_utils.js
new file mode 100644
index 00000000000..d1aba99ac22
--- /dev/null
+++ b/app/assets/javascripts/vue_shared/components/lib/utils/diff_utils.js
@@ -0,0 +1,20 @@
+/* eslint-disable import/prefer-default-export */
+
+function trimFirstCharOfLineContent(text) {
+  if (!text) {
+    return text;
+  }
+
+  return text.replace(/^( |\+|-)/, '');
+}
+
+function cleanSuggestionLine(line = {}) {
+  return {
+    ...line,
+    text: trimFirstCharOfLineContent(line.text),
+  };
+}
+
+export function selectDiffLines(lines) {
+  return lines.filter(line => line.type !== 'match').map(line => cleanSuggestionLine(line));
+}
diff --git a/app/assets/javascripts/vue_shared/components/markdown/field.vue b/app/assets/javascripts/vue_shared/components/markdown/field.vue
index eccf73e227c..0f3b3568414 100644
--- a/app/assets/javascripts/vue_shared/components/markdown/field.vue
+++ b/app/assets/javascripts/vue_shared/components/markdown/field.vue
@@ -76,6 +76,7 @@ export default {
       hasSuggestion: false,
       markdownPreviewLoading: false,
       previewMarkdown: false,
+      suggestions: this.note.suggestions || [],
     };
   },
   computed: {
@@ -109,9 +110,6 @@ export default {
       }
       return lineNumber;
     },
-    suggestions() {
-      return this.note.suggestions || [];
-    },
     lineType() {
       return this.line ? this.line.type : '';
     },
@@ -175,6 +173,7 @@ export default {
         this.referencedCommands = data.references.commands;
         this.referencedUsers = data.references.users;
         this.hasSuggestion = data.references.suggestions && data.references.suggestions.length;
+        this.suggestions = data.references.suggestions;
       }
 
       this.$nextTick()
diff --git a/app/assets/javascripts/vue_shared/components/markdown/header.vue b/app/assets/javascripts/vue_shared/components/markdown/header.vue
index cc6ecdb0395..a5a5b2ef415 100644
--- a/app/assets/javascripts/vue_shared/components/markdown/header.vue
+++ b/app/assets/javascripts/vue_shared/components/markdown/header.vue
@@ -38,7 +38,7 @@ export default {
       ].join('\n');
     },
     mdSuggestion() {
-      return ['```suggestion', `{text}`, '```'].join('\n');
+      return ['```suggestion:-0+0', `{text}`, '```'].join('\n');
     },
   },
   mounted() {
diff --git a/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff.vue b/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff.vue
index a351ca62c94..2eb4ec12a4a 100644
--- a/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff.vue
+++ b/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff.vue
@@ -1,24 +1,14 @@
 <script>
 import SuggestionDiffHeader from './suggestion_diff_header.vue';
+import SuggestionDiffRow from './suggestion_diff_row.vue';
+import { selectDiffLines } from '../lib/utils/diff_utils';
 
 export default {
   components: {
     SuggestionDiffHeader,
+    SuggestionDiffRow,
   },
   props: {
-    newLines: {
-      type: Array,
-      required: true,
-    },
-    fromContent: {
-      type: String,
-      required: false,
-      default: '',
-    },
-    fromLine: {
-      type: Number,
-      required: true,
-    },
     suggestion: {
       type: Object,
       required: true,
@@ -33,6 +23,11 @@ export default {
       required: true,
     },
   },
+  computed: {
+    lines() {
+      return selectDiffLines(this.suggestion.diff_lines);
+    },
+  },
   methods: {
     applySuggestion(callback) {
       this.$emit('apply', { suggestionId: this.suggestion.id, callback });
@@ -52,22 +47,11 @@ export default {
     />
     <table class="mb-3 md-suggestion-diff js-syntax-highlight code">
       <tbody>
-        <!-- Old Line -->
-        <tr class="line_holder old">
-          <td class="diff-line-num old_line qa-old-diff-line-number old">{{ fromLine }}</td>
-          <td class="diff-line-num new_line old"></td>
-          <td class="line_content old">
-            <span>{{ fromContent }}</span>
-          </td>
-        </tr>
-        <!-- New Line(s) -->
-        <tr v-for="(line, key) of newLines" :key="key" class="line_holder new">
-          <td class="diff-line-num old_line new"></td>
-          <td class="diff-line-num new_line qa-new-diff-line-number new">{{ line.lineNumber }}</td>
-          <td class="line_content new">
-            <span>{{ line.content }}</span>
-          </td>
-        </tr>
+        <suggestion-diff-row
+          v-for="(line, index) of lines"
+          :key="`${index}-${line.text}`"
+          :line="line"
+        />
       </tbody>
     </table>
   </div>
diff --git a/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff_row.vue b/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff_row.vue
new file mode 100644
index 00000000000..cafd3a515ea
--- /dev/null
+++ b/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff_row.vue
@@ -0,0 +1,32 @@
+<script>
+export default {
+  name: 'SuggestionDiffRow',
+  props: {
+    line: {
+      type: Object,
+      required: true,
+    },
+  },
+  computed: {
+    lineType() {
+      return this.line.type;
+    },
+  },
+};
+</script>
+
+<template>
+  <tr class="line_holder" :class="lineType">
+    <td class="diff-line-num old_line" :class="lineType">
+      {{ line.old_line }}
+    </td>
+    <td class="diff-line-num new_line" :class="lineType">
+      {{ line.new_line }}
+    </td>
+    <td class="line_content" :class="lineType">
+      <span v-if="line.text">{{ line.text }}</span>
+      <!-- TODO: replace this hack with zero-width whitespace when we have rich_text from BE -->
+      <span v-else>&#8203;</span>
+    </td>
+  </tr>
+</template>
diff --git a/app/assets/javascripts/vue_shared/components/markdown/suggestions.vue b/app/assets/javascripts/vue_shared/components/markdown/suggestions.vue
index 177d78cb904..8d3705e1e4a 100644
--- a/app/assets/javascripts/vue_shared/components/markdown/suggestions.vue
+++ b/app/assets/javascripts/vue_shared/components/markdown/suggestions.vue
@@ -6,16 +6,6 @@ import Flash from '~/flash';
 export default {
   components: { SuggestionDiff },
   props: {
-    fromLine: {
-      type: Number,
-      required: false,
-      default: 0,
-    },
-    fromContent: {
-      type: String,
-      required: false,
-      default: '',
-    },
     lineType: {
       type: String,
       required: false,
@@ -71,41 +61,19 @@ export default {
 
       suggestionElements.forEach((suggestionEl, i) => {
         const suggestionParentEl = suggestionEl.parentElement;
-        const newLines = this.extractNewLines(suggestionParentEl);
-        const diffComponent = this.generateDiff(newLines, i);
+        const diffComponent = this.generateDiff(i);
         diffComponent.$mount(suggestionParentEl);
       });
 
       this.isRendered = true;
     },
-    extractNewLines(suggestionEl) {
-      // extracts the suggested lines from the markdown
-      // calculates a line number for each line
-
-      const newLines = suggestionEl.querySelectorAll('.line');
-      const fromLine = this.suggestions.length ? this.suggestions[0].from_line : this.fromLine;
-      const lines = [];
-
-      newLines.forEach((line, i) => {
-        const content = `${line.innerText}\n`;
-        const lineNumber = fromLine + i;
-        lines.push({ content, lineNumber });
-      });
-
-      return lines;
-    },
-    generateDiff(newLines, suggestionIndex) {
-      // generates the diff <suggestion-diff /> component
-      // all `suggestion` markdown will be swapped out by this component
-
+    generateDiff(suggestionIndex) {
       const { suggestions, disabled, helpPagePath } = this;
       const suggestion =
         suggestions && suggestions[suggestionIndex] ? suggestions[suggestionIndex] : {};
-      const fromContent = suggestion.from_content || this.fromContent;
-      const fromLine = suggestion.from_line || this.fromLine;
       const SuggestionDiffComponent = Vue.extend(SuggestionDiff);
       const suggestionDiff = new SuggestionDiffComponent({
-        propsData: { newLines, fromLine, fromContent, disabled, suggestion, helpPagePath },
+        propsData: { disabled, suggestion, helpPagePath },
       });
 
       suggestionDiff.$on('apply', ({ suggestionId, callback }) => {
diff --git a/app/assets/javascripts/vue_shared/components/resizable_chart/resizable_chart_container.vue b/app/assets/javascripts/vue_shared/components/resizable_chart/resizable_chart_container.vue
new file mode 100644
index 00000000000..1f3d248e991
--- /dev/null
+++ b/app/assets/javascripts/vue_shared/components/resizable_chart/resizable_chart_container.vue
@@ -0,0 +1,40 @@
+<script>
+import { debounceByAnimationFrame } from '~/lib/utils/common_utils';
+import $ from 'jquery';
+
+export default {
+  data() {
+    return {
+      width: 0,
+      height: 0,
+    };
+  },
+  beforeDestroy() {
+    this.contentResizeHandler.off('content.resize', this.debouncedResize);
+    window.removeEventListener('resize', this.debouncedResize);
+  },
+  created() {
+    this.debouncedResize = debounceByAnimationFrame(this.onResize);
+
+    // Handle when we explicictly trigger a custom resize event
+    this.contentResizeHandler = $(document).on('content.resize', this.debouncedResize);
+
+    // Handle window resize
+    window.addEventListener('resize', this.debouncedResize);
+  },
+  methods: {
+    onResize() {
+      // Slot dimensions
+      const { clientWidth, clientHeight } = this.$refs.chartWrapper;
+      this.width = clientWidth;
+      this.height = clientHeight;
+    },
+  },
+};
+</script>
+
+<template>
+  <div ref="chartWrapper">
+    <slot :width="width" :height="height"> </slot>
+  </div>
+</template>
diff --git a/app/assets/stylesheets/framework/callout.scss b/app/assets/stylesheets/framework/callout.scss
index 0d8e4afa76f..643b20c56bc 100644
--- a/app/assets/stylesheets/framework/callout.scss
+++ b/app/assets/stylesheets/framework/callout.scss
@@ -28,6 +28,10 @@
   background-color: $red-100;
   border-color: $red-200;
   color: $red-700;
+
+  a {
+    color: $red-700;
+  }
 }
 
 .bs-callout-warning {
diff --git a/app/assets/stylesheets/framework/dropdowns.scss b/app/assets/stylesheets/framework/dropdowns.scss
index b90db135b4a..efcd35a2e0e 100644
--- a/app/assets/stylesheets/framework/dropdowns.scss
+++ b/app/assets/stylesheets/framework/dropdowns.scss
@@ -287,7 +287,7 @@
     list-style: none;
     padding: 0 1px;
 
-    a,
+    a:not(.btn),
     button,
     .menu-item {
       @include dropdown-link;
@@ -351,6 +351,10 @@
     // Expects up to 3 digits on the badge
     margin-right: 40px;
   }
+
+  .dropdown-menu-content {
+    padding: $dropdown-item-padding-y $dropdown-item-padding-x;
+  }
 }
 
 .droplab-dropdown {
diff --git a/app/assets/stylesheets/framework/forms.scss b/app/assets/stylesheets/framework/forms.scss
index c36c15a85be..1c23c14c2de 100644
--- a/app/assets/stylesheets/framework/forms.scss
+++ b/app/assets/stylesheets/framework/forms.scss
@@ -204,8 +204,10 @@ label {
   margin-top: #{$grid-size / 2};
 }
 
-.gl-field-error {
+.gl-field-error,
+.invalid-feedback {
   color: $red-500;
+  font-size: $gl-font-size;
 }
 
 .gl-show-field-errors {
diff --git a/app/assets/stylesheets/pages/diff.scss b/app/assets/stylesheets/pages/diff.scss
index 02364180c35..ebc5226bf87 100644
--- a/app/assets/stylesheets/pages/diff.scss
+++ b/app/assets/stylesheets/pages/diff.scss
@@ -154,11 +154,34 @@
 
       .swipe-wrap {
         overflow: hidden;
-        border-left: 1px solid $gl-gray-400;
+        border-right: 1px solid $gl-gray-400;
         position: absolute;
         display: block;
         top: 13px;
         right: 7px;
+
+        &.left-oriented {
+          /* only for commit view (different swipe viewer) */
+          border-right: 0;
+          border-left: 1px solid $gl-gray-400;
+        }
+      }
+
+      .frame {
+        top: 0;
+        right: 0;
+
+        &.old-diff {
+          /* only for commit / compare view */
+          position: absolute;
+        }
+
+        &.deleted {
+          margin: 0;
+          display: block;
+          top: 13px;
+          right: 7px;
+        }
       }
 
       .swipe-bar {
diff --git a/app/assets/stylesheets/pages/merge_requests.scss b/app/assets/stylesheets/pages/merge_requests.scss
index 7f8b8ea8100..f7ebd84dc1c 100644
--- a/app/assets/stylesheets/pages/merge_requests.scss
+++ b/app/assets/stylesheets/pages/merge_requests.scss
@@ -595,7 +595,6 @@
     color: $gl-text-color;
   }
 
-
   .git-merge-container {
     justify-content: space-between;
     flex: 1;
@@ -805,7 +804,8 @@
   }
 }
 
-.merge-request-tabs-holder {
+.merge-request-tabs-holder,
+.epic-tabs-holder {
   top: $header-height;
   z-index: 250;
   background-color: $white-light;
@@ -823,11 +823,6 @@
     @include media-breakpoint-down(xs) {
       right: 0;
     }
-
-    .merge-request-tabs-container {
-      padding-left: $gl-padding;
-      padding-right: $gl-padding;
-    }
   }
 
   .nav-links {
@@ -835,11 +830,21 @@
   }
 }
 
-.with-performance-bar .merge-request-tabs-holder {
-  top: $header-height + $performance-bar-height;
+.merge-request-tabs-holder.affix .merge-request-tabs-container,
+.epic-tabs-holder.affix .epic-tabs-container {
+  padding-left: $gl-padding;
+  padding-right: $gl-padding;
 }
 
-.merge-request-tabs {
+.with-performance-bar {
+  .merge-request-tabs-holder,
+  .epic-tabs-holder {
+    top: $header-height + $performance-bar-height;
+  }
+}
+
+.merge-request-tabs,
+.epic-tabs {
   display: flex;
   flex-wrap: nowrap;
   margin-bottom: 0;
@@ -847,7 +852,8 @@
 }
 
 .limit-container-width {
-  .merge-request-tabs-container {
+  .merge-request-tabs-container,
+  .epic-tabs-container {
     max-width: $limited-layout-width;
     margin-left: auto;
     margin-right: auto;
@@ -860,7 +866,8 @@
   }
 }
 
-.merge-request-tabs-container {
+.merge-request-tabs-container,
+.epic-tabs-container {
   display: flex;
   justify-content: space-between;
 
@@ -878,10 +885,9 @@
 }
 
 .limit-container-width:not(.container-limited) {
-  .merge-request-tabs-holder:not(.affix) {
-    .merge-request-tabs-container {
-      max-width: $limited-layout-width - ($gl-padding * 2);
-    }
+  .merge-request-tabs-holder:not(.affix) .merge-request-tabs-container,
+  .epic-tabs-holder:not(.affix) .epic-tabs-container {
+    max-width: $limited-layout-width - ($gl-padding * 2);
   }
 }
 
diff --git a/app/assets/stylesheets/pages/notes.scss b/app/assets/stylesheets/pages/notes.scss
index 0c334e919de..fd07415a52f 100644
--- a/app/assets/stylesheets/pages/notes.scss
+++ b/app/assets/stylesheets/pages/notes.scss
@@ -44,7 +44,6 @@ $note-form-margin-left: 72px;
     border: 1px solid $border-color;
     border-radius: $border-radius-default;
     margin: $gl-padding 0;
-    overflow: auto;
 
     &.system-note,
     &.note-form {
diff --git a/app/controllers/concerns/issuable_collections.rb b/app/controllers/concerns/issuable_collections.rb
index c529aabf797..6d6e0cc6c7f 100644
--- a/app/controllers/concerns/issuable_collections.rb
+++ b/app/controllers/concerns/issuable_collections.rb
@@ -100,6 +100,7 @@ module IssuableCollections
 
     if @project
       options[:project_id] = @project.id
+      options[:attempt_project_search_optimizations] = true
     elsif @group
       options[:group_id] = @group.id
       options[:include_subgroups] = true
diff --git a/app/controllers/concerns/preview_markdown.rb b/app/controllers/concerns/preview_markdown.rb
index f72d25fc54c..2a9729b6ffd 100644
--- a/app/controllers/concerns/preview_markdown.rb
+++ b/app/controllers/concerns/preview_markdown.rb
@@ -20,7 +20,7 @@ module PreviewMarkdown
       body: view_context.markdown(result[:text], markdown_params),
       references: {
         users: result[:users],
-        suggestions: result[:suggestions],
+        suggestions: SuggestionSerializer.new.represent_diff(result[:suggestions]),
         commands: view_context.markdown(result[:commands])
       }
     }
diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
index 75329b05a6f..1a97b39d3ae 100644
--- a/app/controllers/dashboard_controller.rb
+++ b/app/controllers/dashboard_controller.rb
@@ -46,7 +46,10 @@ class DashboardController < Dashboard::ApplicationController
   end
 
   def check_filters_presence!
-    @no_filters_set = finder_type.scalar_params.none? { |k| params.key?(k) }
+    no_scalar_filters_set = finder_type.scalar_params.none? { |k| params.key?(k) }
+    no_array_filters_set = finder_type.array_params.none? { |k, _| params.key?(k) }
+
+    @no_filters_set = no_scalar_filters_set && no_array_filters_set
 
     return unless @no_filters_set
 
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index 0192b1c253e..87b8ef03313 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -124,8 +124,8 @@ class GroupsController < Groups::ApplicationController
       flash[:notice] = "Group '#{@group.name}' was successfully transferred."
       redirect_to group_path(@group)
     else
-      flash.now[:alert] = service.error
-      render :edit
+      flash[:alert] = service.error
+      redirect_to edit_group_path(@group)
     end
   end
   # rubocop: enable CodeReuse/ActiveRecord
diff --git a/app/controllers/projects/application_controller.rb b/app/controllers/projects/application_controller.rb
index 6504fd6c08a..781eac7f080 100644
--- a/app/controllers/projects/application_controller.rb
+++ b/app/controllers/projects/application_controller.rb
@@ -88,4 +88,10 @@ class Projects::ApplicationController < ApplicationController
   def check_issues_available!
     return render_404 unless @project.feature_available?(:issues, current_user)
   end
+
+  def allow_gitaly_ref_name_caching
+    ::Gitlab::GitalyClient.allow_ref_name_caching do
+      yield
+    end
+  end
 end
diff --git a/app/controllers/projects/environments/prometheus_api_controller.rb b/app/controllers/projects/environments/prometheus_api_controller.rb
new file mode 100644
index 00000000000..fd3320637b0
--- /dev/null
+++ b/app/controllers/projects/environments/prometheus_api_controller.rb
@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+class Projects::Environments::PrometheusApiController < Projects::ApplicationController
+  before_action :authorize_read_prometheus!
+  before_action :environment
+
+  def proxy
+    result = Prometheus::ProxyService.new(
+      environment,
+      request.method,
+      params[:proxy_path],
+      params.permit!
+    ).execute
+
+    if result.nil?
+      return render status: :accepted, json: {
+        status: _('processing'),
+        message: _('Not ready yet. Try again later.')
+      }
+    end
+
+    if result[:status] == :success
+      render status: result[:http_status], json: result[:body]
+    else
+      render(
+        status: result[:http_status] || :bad_request,
+        json: { status: result[:status], message: result[:message] }
+      )
+    end
+  end
+
+  private
+
+  def environment
+    @environment ||= project.environments.find(params[:id])
+  end
+end
diff --git a/app/controllers/projects/environments_controller.rb b/app/controllers/projects/environments_controller.rb
index e9cd475a199..301449cfa90 100644
--- a/app/controllers/projects/environments_controller.rb
+++ b/app/controllers/projects/environments_controller.rb
@@ -10,6 +10,9 @@ class Projects::EnvironmentsController < Projects::ApplicationController
   before_action :environment, only: [:show, :edit, :update, :stop, :terminal, :terminal_websocket_authorize, :metrics]
   before_action :verify_api_request!, only: :terminal_websocket_authorize
   before_action :expire_etag_cache, only: [:index]
+  before_action only: [:metrics, :additional_metrics] do
+    push_frontend_feature_flag(:metrics_time_window)
+  end
 
   def index
     @environments = project.environments
@@ -114,7 +117,7 @@ class Projects::EnvironmentsController < Projects::ApplicationController
     terminal = environment.terminals.try(:first)
     if terminal
       set_workhorse_internal_api_content_type
-      render json: Gitlab::Workhorse.terminal_websocket(terminal)
+      render json: Gitlab::Workhorse.channel_websocket(terminal)
     else
       render html: 'Not found', status: :not_found
     end
@@ -146,7 +149,7 @@ class Projects::EnvironmentsController < Projects::ApplicationController
   def additional_metrics
     respond_to do |format|
       format.json do
-        additional_metrics = environment.additional_metrics || {}
+        additional_metrics = environment.additional_metrics(*metrics_params) || {}
 
         render json: additional_metrics, status: additional_metrics.any? ? :ok : :no_content
       end
@@ -186,6 +189,13 @@ class Projects::EnvironmentsController < Projects::ApplicationController
     @environment ||= project.environments.find(params[:id])
   end
 
+  def metrics_params
+    return unless Feature.enabled?(:metrics_time_window, project)
+    return unless params[:start].present? || params[:end].present?
+
+    params.require([:start, :end]).values_at(:start, :end)
+  end
+
   def search_environment_names
     return [] unless params[:query]
 
diff --git a/app/controllers/projects/jobs_controller.rb b/app/controllers/projects/jobs_controller.rb
index 35cc32d3e63..2a4933e7bc2 100644
--- a/app/controllers/projects/jobs_controller.rb
+++ b/app/controllers/projects/jobs_controller.rb
@@ -157,7 +157,7 @@ class Projects::JobsController < Projects::ApplicationController
   # GET .../terminal.ws : implemented in gitlab-workhorse
   def terminal_websocket_authorize
     set_workhorse_internal_api_content_type
-    render json: Gitlab::Workhorse.terminal_websocket(@build.terminal_specification)
+    render json: Gitlab::Workhorse.channel_websocket(@build.terminal_specification)
   end
 
   private
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index 34cb0416965..39ba2a651d4 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -16,6 +16,8 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
   before_action :authenticate_user!, only: [:assign_related_issues]
   before_action :check_user_can_push_to_source_branch!, only: [:rebase]
 
+  around_action :allow_gitaly_ref_name_caching, only: [:index, :show]
+
   def index
     @merge_requests = @issuables
 
@@ -315,9 +317,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
   end
 
   def serializer
-    ::Gitlab::GitalyClient.allow_ref_name_caching do
-      MergeRequestSerializer.new(current_user: current_user, project: merge_request.project)
-    end
+    MergeRequestSerializer.new(current_user: current_user, project: merge_request.project)
   end
 
   def define_edit_vars
diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb
index c306ba3ffcf..22c4b8eef1f 100644
--- a/app/controllers/projects/pipelines_controller.rb
+++ b/app/controllers/projects/pipelines_controller.rb
@@ -8,6 +8,8 @@ class Projects::PipelinesController < Projects::ApplicationController
   before_action :authorize_create_pipeline!, only: [:new, :create]
   before_action :authorize_update_pipeline!, only: [:retry, :cancel]
 
+  around_action :allow_gitaly_ref_name_caching, only: [:index, :show]
+
   wrap_parameters Ci::Pipeline
 
   POLLING_INTERVAL = 10_000
@@ -148,12 +150,10 @@ class Projects::PipelinesController < Projects::ApplicationController
   private
 
   def serialize_pipelines
-    ::Gitlab::GitalyClient.allow_ref_name_caching do
-      PipelineSerializer
-        .new(project: @project, current_user: @current_user)
-        .with_pagination(request, response)
-        .represent(@pipelines, disable_coverage: true, preload: true)
-    end
+    PipelineSerializer
+      .new(project: @project, current_user: @current_user)
+      .with_pagination(request, response)
+      .represent(@pipelines, disable_coverage: true, preload: true)
   end
 
   def render_show
diff --git a/app/controllers/projects/repositories_controller.rb b/app/controllers/projects/repositories_controller.rb
index 4eeaeb860ee..3b4215b766e 100644
--- a/app/controllers/projects/repositories_controller.rb
+++ b/app/controllers/projects/repositories_controller.rb
@@ -23,7 +23,7 @@ class Projects::RepositoriesController < Projects::ApplicationController
       append_sha = false if @filename == shortname
     end
 
-    send_git_archive @repository, ref: @ref, format: params[:format], append_sha: append_sha
+    send_git_archive @repository, ref: @ref, path: params[:path], format: params[:format], append_sha: append_sha
   rescue => ex
     logger.error("#{self.class.name}: #{ex}")
     git_not_found!
diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb
index da2420633ef..88910c91763 100644
--- a/app/controllers/projects/wikis_controller.rb
+++ b/app/controllers/projects/wikis_controller.rb
@@ -16,7 +16,10 @@ class Projects::WikisController < Projects::ApplicationController
   end
 
   def pages
-    @wiki_pages = Kaminari.paginate_array(@project_wiki.pages).page(params[:page])
+    @wiki_pages = Kaminari.paginate_array(
+      @project_wiki.pages(sort: params[:sort], direction: params[:direction])
+    ).page(params[:page])
+
     @wiki_entries = WikiPage.group_by_directory(@wiki_pages)
   end
 
diff --git a/app/finders/issuable_finder.rb b/app/finders/issuable_finder.rb
index 6eab8c5ee51..64c88505a16 100644
--- a/app/finders/issuable_finder.rb
+++ b/app/finders/issuable_finder.rb
@@ -53,7 +53,6 @@ class IssuableFinder
       assignee_username
       author_id
       author_username
-      label_name
       milestone_title
       my_reaction_emoji
       search
@@ -84,7 +83,7 @@ class IssuableFinder
     # https://www.postgresql.org/docs/current/static/queries-with.html
     items = by_search(items)
 
-    items = sort(items) unless use_cte_for_count?
+    items = sort(items)
 
     items
   end
@@ -92,7 +91,6 @@ class IssuableFinder
   def filter_items(items)
     items = by_project(items)
     items = by_group(items)
-    items = by_subquery(items)
     items = by_scope(items)
     items = by_created_at(items)
     items = by_updated_at(items)
@@ -132,10 +130,12 @@ class IssuableFinder
     # This does not apply when we are using a CTE for the search, as the labels
     # GROUP BY is inside the subquery in that case, so we set labels_count to 1.
     #
-    # We always use CTE when searching in Groups if the feature flag is enabled,
-    # but never when searching in Projects.
+    # Groups and projects have separate feature flags to suggest the use
+    # of a CTE. The CTE will not be used if the sort doesn't support it,
+    # but will always be used for the counts here as we ignore sorting
+    # anyway.
     labels_count = label_names.any? ? label_names.count : 1
-    labels_count = 1 if use_cte_for_count?
+    labels_count = 1 if use_cte_for_search?
 
     finder.execute.reorder(nil).group(:state).count.each do |key, value|
       counts[count_key(key)] += value / labels_count
@@ -309,15 +309,14 @@ class IssuableFinder
   end
   # rubocop: enable CodeReuse/ActiveRecord
 
-  def use_subquery_for_search?
-    strong_memoize(:use_subquery_for_search) do
-      !force_cte? && attempt_group_search_optimizations?
-    end
-  end
+  def use_cte_for_search?
+    strong_memoize(:use_cte_for_search) do
+      next false unless search
+      next false unless Gitlab::Database.postgresql?
+      # Only simple unsorted & simple sorts can use CTE
+      next false if params[:sort].present? && !params[:sort].in?(klass.simple_sorts.keys)
 
-  def use_cte_for_count?
-    strong_memoize(:use_cte_for_count) do
-      force_cte? && attempt_group_search_optimizations?
+      attempt_group_search_optimizations? || attempt_project_search_optimizations?
     end
   end
 
@@ -332,12 +331,15 @@ class IssuableFinder
   end
 
   def attempt_group_search_optimizations?
-    search &&
-      Gitlab::Database.postgresql? &&
-      params[:attempt_group_search_optimizations] &&
+    params[:attempt_group_search_optimizations] &&
       Feature.enabled?(:attempt_group_search_optimizations, default_enabled: true)
   end
 
+  def attempt_project_search_optimizations?
+    params[:attempt_project_search_optimizations] &&
+      Feature.enabled?(:attempt_project_search_optimizations)
+  end
+
   def count_key(value)
     Array(value).last.to_sym
   end
@@ -408,20 +410,11 @@ class IssuableFinder
   end
   # rubocop: enable CodeReuse/ActiveRecord
 
-  # Wrap projects and groups in a subquery if the conditions are met.
-  def by_subquery(items)
-    if use_subquery_for_search?
-      klass.where(id: items.select(:id)) # rubocop: disable CodeReuse/ActiveRecord
-    else
-      items
-    end
-  end
-
   # rubocop: disable CodeReuse/ActiveRecord
   def by_search(items)
     return items unless search
 
-    if use_cte_for_count?
+    if use_cte_for_search?
       cte = Gitlab::SQL::RecursiveCTE.new(klass.table_name)
       cte << items
 
diff --git a/app/finders/merge_requests_finder.rb b/app/finders/merge_requests_finder.rb
index 84689ff5dc7..29947bc94d5 100644
--- a/app/finders/merge_requests_finder.rb
+++ b/app/finders/merge_requests_finder.rb
@@ -40,7 +40,8 @@ class MergeRequestsFinder < IssuableFinder
     items = by_commit(super)
     items = by_source_branch(items)
     items = by_wip(items)
-    by_target_branch(items)
+    items = by_target_branch(items)
+    by_source_project_id(items)
   end
 
   private
@@ -74,6 +75,16 @@ class MergeRequestsFinder < IssuableFinder
     items.where(target_branch: target_branch)
   end
 
+  def source_project_id
+    @source_project_id ||= params[:source_project_id].presence
+  end
+
+  def by_source_project_id(items)
+    return items unless source_project_id
+
+    items.where(source_project_id: source_project_id)
+  end
+
   def by_wip(items)
     if params[:wip] == 'yes'
       items.where(wip_match(items.arel_table))
diff --git a/app/graphql/gitlab_schema.rb b/app/graphql/gitlab_schema.rb
index 06d26309b5b..53efd9042b1 100644
--- a/app/graphql/gitlab_schema.rb
+++ b/app/graphql/gitlab_schema.rb
@@ -1,13 +1,44 @@
 # frozen_string_literal: true
 
 class GitlabSchema < GraphQL::Schema
+  # Took our current most complicated query in use, issues.graphql,
+  # with a complexity of 19, and added a 20 point buffer to it.
+  # These values will evolve over time.
+  DEFAULT_MAX_COMPLEXITY   = 40
+  AUTHENTICATED_COMPLEXITY = 50
+  ADMIN_COMPLEXITY         = 60
+
   use BatchLoader::GraphQL
   use Gitlab::Graphql::Authorize
   use Gitlab::Graphql::Present
   use Gitlab::Graphql::Connections
+  use Gitlab::Graphql::Tracing
+
+  query_analyzer Gitlab::Graphql::QueryAnalyzers::LogQueryComplexity.analyzer
 
   query(Types::QueryType)
 
   default_max_page_size 100
+
+  max_complexity DEFAULT_MAX_COMPLEXITY
+
   mutation(Types::MutationType)
+
+  def self.execute(query_str = nil, **kwargs)
+    kwargs[:max_complexity] ||= max_query_complexity(kwargs[:context])
+
+    super(query_str, **kwargs)
+  end
+
+  def self.max_query_complexity(ctx)
+    current_user = ctx&.fetch(:current_user, nil)
+
+    if current_user&.admin
+      ADMIN_COMPLEXITY
+    elsif current_user
+      AUTHENTICATED_COMPLEXITY
+    else
+      DEFAULT_MAX_COMPLEXITY
+    end
+  end
 end
diff --git a/app/graphql/types/base_field.rb b/app/graphql/types/base_field.rb
index 2b2ea64c00b..8c8b8a82d3e 100644
--- a/app/graphql/types/base_field.rb
+++ b/app/graphql/types/base_field.rb
@@ -3,5 +3,14 @@
 module Types
   class BaseField < GraphQL::Schema::Field
     prepend Gitlab::Graphql::Authorize
+
+    DEFAULT_COMPLEXITY = 1
+
+    def initialize(*args, **kwargs, &block)
+      # complexity is already defaulted to 1, but let's make it explicit
+      kwargs[:complexity] ||= DEFAULT_COMPLEXITY
+
+      super(*args, **kwargs, &block)
+    end
   end
 end
diff --git a/app/graphql/types/ci/pipeline_type.rb b/app/graphql/types/ci/pipeline_type.rb
index 18696293b97..de7d6570a3e 100644
--- a/app/graphql/types/ci/pipeline_type.rb
+++ b/app/graphql/types/ci/pipeline_type.rb
@@ -3,10 +3,12 @@
 module Types
   module Ci
     class PipelineType < BaseObject
-      expose_permissions Types::PermissionTypes::Ci::Pipeline
-
       graphql_name 'Pipeline'
 
+      authorize :read_pipeline
+
+      expose_permissions Types::PermissionTypes::Ci::Pipeline
+
       field :id, GraphQL::ID_TYPE, null: false
       field :iid, GraphQL::ID_TYPE, null: false
 
diff --git a/app/graphql/types/issue_type.rb b/app/graphql/types/issue_type.rb
index 5ad3ea52930..adb137dfee3 100644
--- a/app/graphql/types/issue_type.rb
+++ b/app/graphql/types/issue_type.rb
@@ -2,10 +2,12 @@
 
 module Types
   class IssueType < BaseObject
-    expose_permissions Types::PermissionTypes::Issue
-
     graphql_name 'Issue'
 
+    authorize :read_issue
+
+    expose_permissions Types::PermissionTypes::Issue
+
     present_using IssuePresenter
 
     field :iid, GraphQL::ID_TYPE, null: false
@@ -15,16 +17,14 @@ module Types
 
     field :author, Types::UserType,
           null: false,
-          resolve: -> (obj, _args, _ctx) { Gitlab::Graphql::Loaders::BatchModelLoader.new(User, obj.author_id).find },
-          authorize: :read_user
+          resolve: -> (obj, _args, _ctx) { Gitlab::Graphql::Loaders::BatchModelLoader.new(User, obj.author_id).find }
 
     field :assignees, Types::UserType.connection_type, null: true
 
     field :labels, Types::LabelType.connection_type, null: true
     field :milestone, Types::MilestoneType,
           null: true,
-          resolve: -> (obj, _args, _ctx) { Gitlab::Graphql::Loaders::BatchModelLoader.new(Milestone, obj.milestone_id).find },
-          authorize: :read_milestone
+          resolve: -> (obj, _args, _ctx) { Gitlab::Graphql::Loaders::BatchModelLoader.new(Milestone, obj.milestone_id).find }
 
     field :due_date, Types::TimeType, null: true
     field :confidential, GraphQL::BOOLEAN_TYPE, null: false
diff --git a/app/graphql/types/merge_request_type.rb b/app/graphql/types/merge_request_type.rb
index 1ed27a14e33..120ffe0dfde 100644
--- a/app/graphql/types/merge_request_type.rb
+++ b/app/graphql/types/merge_request_type.rb
@@ -2,12 +2,14 @@
 
 module Types
   class MergeRequestType < BaseObject
+    graphql_name 'MergeRequest'
+
+    authorize :read_merge_request
+
     expose_permissions Types::PermissionTypes::MergeRequest
 
     present_using MergeRequestPresenter
 
-    graphql_name 'MergeRequest'
-
     field :id, GraphQL::ID_TYPE, null: false
     field :iid, GraphQL::ID_TYPE, null: false
     field :title, GraphQL::STRING_TYPE, null: false
@@ -48,7 +50,7 @@ module Types
     field :downvotes, GraphQL::INT_TYPE, null: false
     field :subscribed, GraphQL::BOOLEAN_TYPE, method: :subscribed?, null: false
 
-    field :head_pipeline, Types::Ci::PipelineType, null: true, method: :actual_head_pipeline, authorize: :read_pipeline
+    field :head_pipeline, Types::Ci::PipelineType, null: true, method: :actual_head_pipeline
     field :pipelines, Types::Ci::PipelineType.connection_type,
           resolver: Resolvers::MergeRequestPipelinesResolver
   end
diff --git a/app/graphql/types/milestone_type.rb b/app/graphql/types/milestone_type.rb
index af31b572c9a..2772fbec86f 100644
--- a/app/graphql/types/milestone_type.rb
+++ b/app/graphql/types/milestone_type.rb
@@ -4,6 +4,8 @@ module Types
   class MilestoneType < BaseObject
     graphql_name 'Milestone'
 
+    authorize :read_milestone
+
     field :description, GraphQL::STRING_TYPE, null: true
     field :title, GraphQL::STRING_TYPE, null: false
     field :state, GraphQL::STRING_TYPE, null: false
diff --git a/app/graphql/types/project_type.rb b/app/graphql/types/project_type.rb
index b96c2f3afb2..fbb4eddd13c 100644
--- a/app/graphql/types/project_type.rb
+++ b/app/graphql/types/project_type.rb
@@ -2,10 +2,12 @@
 
 module Types
   class ProjectType < BaseObject
-    expose_permissions Types::PermissionTypes::Project
-
     graphql_name 'Project'
 
+    authorize :read_project
+
+    expose_permissions Types::PermissionTypes::Project
+
     field :id, GraphQL::ID_TYPE, null: false
 
     field :full_path, GraphQL::ID_TYPE, null: false
@@ -67,14 +69,12 @@ module Types
     field :merge_requests,
           Types::MergeRequestType.connection_type,
           null: true,
-          resolver: Resolvers::MergeRequestsResolver,
-          authorize: :read_merge_request
+          resolver: Resolvers::MergeRequestsResolver
 
     field :merge_request,
           Types::MergeRequestType,
           null: true,
-          resolver: Resolvers::MergeRequestsResolver.single,
-          authorize: :read_merge_request
+          resolver: Resolvers::MergeRequestsResolver.single
 
     field :issues,
           Types::IssueType.connection_type,
@@ -88,7 +88,7 @@ module Types
 
     field :pipelines,
           Types::Ci::PipelineType.connection_type,
-          null: false,
+          null: true,
           resolver: Resolvers::ProjectPipelinesResolver
   end
 end
diff --git a/app/graphql/types/query_type.rb b/app/graphql/types/query_type.rb
index 472fe5d6ec2..0f655ab9d03 100644
--- a/app/graphql/types/query_type.rb
+++ b/app/graphql/types/query_type.rb
@@ -7,8 +7,7 @@ module Types
     field :project, Types::ProjectType,
           null: true,
           resolver: Resolvers::ProjectResolver,
-          description: "Find a project",
-          authorize: :read_project
+          description: "Find a project"
 
     field :metadata, Types::MetadataType,
           null: true,
diff --git a/app/graphql/types/user_type.rb b/app/graphql/types/user_type.rb
index a13e65207df..6b53554314b 100644
--- a/app/graphql/types/user_type.rb
+++ b/app/graphql/types/user_type.rb
@@ -4,6 +4,8 @@ module Types
   class UserType < BaseObject
     graphql_name 'User'
 
+    authorize :read_user
+
     present_using UserPresenter
 
     field :name, GraphQL::STRING_TYPE, null: false
diff --git a/app/helpers/blob_helper.rb b/app/helpers/blob_helper.rb
index d6fff1c36da..7e631053b54 100644
--- a/app/helpers/blob_helper.rb
+++ b/app/helpers/blob_helper.rb
@@ -77,7 +77,7 @@ module BlobHelper
       project,
       ref,
       path,
-      label:      "Replace",
+      label:      _("Replace"),
       action:     "replace",
       btn_class:  "default",
       modal_type: "upload"
@@ -89,7 +89,7 @@ module BlobHelper
       project,
       ref,
       path,
-      label:      "Delete",
+      label:      _("Delete"),
       action:     "delete",
       btn_class:  "remove",
       modal_type: "remove"
@@ -101,14 +101,14 @@ module BlobHelper
   end
 
   def leave_edit_message
-    "Leave edit mode?\nAll unsaved changes will be lost."
+    _("Leave edit mode? All unsaved changes will be lost.")
   end
 
   def editing_preview_title(filename)
     if Gitlab::MarkupHelper.previewable?(filename)
-      'Preview'
+      _('Preview')
     else
-      'Preview changes'
+      _('Preview changes')
     end
   end
 
@@ -201,14 +201,14 @@ module BlobHelper
     return if blob.empty?
     return if blob.binary? || blob.stored_externally?
 
-    title = 'Open raw'
+    title = _('Open raw')
     link_to icon('file-code-o'), blob_raw_path, class: 'btn btn-sm has-tooltip', target: '_blank', rel: 'noopener noreferrer', title: title, data: { container: 'body' }
   end
 
   def download_blob_button(blob)
     return if blob.empty?
 
-    title = 'Download'
+    title = _('Download')
     link_to sprite_icon('download'), blob_raw_path(inline: false), download: @path, class: 'btn btn-sm has-tooltip', target: '_blank', rel: 'noopener noreferrer', title: title, data: { container: 'body' }
   end
 
diff --git a/app/helpers/builds_helper.rb b/app/helpers/builds_helper.rb
index 3c8caec3fe5..a5fe6bb8f07 100644
--- a/app/helpers/builds_helper.rb
+++ b/app/helpers/builds_helper.rb
@@ -4,12 +4,12 @@ module BuildsHelper
   def build_summary(build, skip: false)
     if build.has_trace?
       if skip
-        link_to "View job trace", pipeline_job_url(build.pipeline, build)
+        link_to _("View job trace"), pipeline_job_url(build.pipeline, build)
       else
         build.trace.html(last_lines: 10).html_safe
       end
     else
-      "No job trace"
+      _("No job trace")
     end
   end
 
@@ -31,7 +31,7 @@ module BuildsHelper
 
   def build_failed_issue_options
     {
-      title: "Job Failed ##{@build.id}",
+      title: _("Job Failed #%{build_id}") % { build_id: @build.id },
       description: project_job_url(@project, @build)
     }
   end
diff --git a/app/helpers/button_helper.rb b/app/helpers/button_helper.rb
index 494c754e7d5..03adbfa204f 100644
--- a/app/helpers/button_helper.rb
+++ b/app/helpers/button_helper.rb
@@ -21,7 +21,7 @@ module ButtonHelper
   # See http://clipboardjs.com/#usage
   def clipboard_button(data = {})
     css_class = data[:class] || 'btn-clipboard btn-transparent'
-    title = data[:title] || 'Copy to clipboard'
+    title = data[:title] || _('Copy to clipboard')
     button_text = data[:button_text] || ''
     hide_tooltip = data[:hide_tooltip] || false
     hide_button_icon = data[:hide_button_icon] || false
diff --git a/app/helpers/form_helper.rb b/app/helpers/form_helper.rb
index 5705ee54cee..8b3d270e873 100644
--- a/app/helpers/form_helper.rb
+++ b/app/helpers/form_helper.rb
@@ -4,8 +4,7 @@ module FormHelper
   def form_errors(model, type: 'form')
     return unless model.errors.any?
 
-    pluralized = 'error'.pluralize(model.errors.count)
-    headline   = "The #{type} contains the following #{pluralized}:"
+    headline = n_('The %{type} contains the following error:', 'The %{type} contains the following errors:', model.errors.count) % { type: type }
 
     content_tag(:div, class: 'alert alert-danger', id: 'error_explanation') do
       content_tag(:h4, headline) <<
@@ -24,7 +23,7 @@ module FormHelper
       title: 'Select assignee',
       filter: true,
       dropdown_class: 'dropdown-menu-user dropdown-menu-selectable dropdown-menu-assignee',
-      placeholder: 'Search users',
+      placeholder: _('Search users'),
       data: {
         first_user: current_user&.username,
         null_user: true,
diff --git a/app/helpers/labels_helper.rb b/app/helpers/labels_helper.rb
index 16f2e51136a..e91e8f85515 100644
--- a/app/helpers/labels_helper.rb
+++ b/app/helpers/labels_helper.rb
@@ -195,8 +195,8 @@ module LabelsHelper
 
   def label_deletion_confirm_text(label)
     case label
-    when GroupLabel then 'Remove this label? This will affect all projects within the group. Are you sure?'
-    when ProjectLabel then 'Remove this label? Are you sure?'
+    when GroupLabel then _('Remove this label? This will affect all projects within the group. Are you sure?')
+    when ProjectLabel then _('Remove this label? Are you sure?')
     end
   end
 
diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb
index f2abb241753..009dd70c2c9 100644
--- a/app/helpers/projects_helper.rb
+++ b/app/helpers/projects_helper.rb
@@ -299,6 +299,10 @@ module ProjectsHelper
     }.to_json
   end
 
+  def directory?
+    @path.present?
+  end
+
   private
 
   def get_project_nav_tabs(project, current_user)
diff --git a/app/helpers/search_helper.rb b/app/helpers/search_helper.rb
index 69520e33774..a62c00df60b 100644
--- a/app/helpers/search_helper.rb
+++ b/app/helpers/search_helper.rb
@@ -30,7 +30,7 @@ module SearchHelper
     to = collection.offset_value + collection.to_a.size
     count = collection.total_count
 
-    "Showing #{from} - #{to} of #{count} #{scope.humanize(capitalize: false)} for \"#{term}\""
+    s_("SearchResults|Showing %{from} - %{to} of %{count} %{scope} for \"%{term}\"") % { from: from, to: to, count: count, scope: scope.humanize(capitalize: false), term: term }
   end
 
   def find_project_for_result_blob(projects, result)
@@ -59,31 +59,31 @@ module SearchHelper
   # Autocomplete results for various settings pages
   def default_autocomplete
     [
-      { category: "Settings", label: "User settings",    url: profile_path },
-      { category: "Settings", label: "SSH Keys",         url: profile_keys_path },
-      { category: "Settings", label: "Dashboard",        url: root_path }
+      { category: "Settings", label: _("User settings"),    url: profile_path },
+      { category: "Settings", label: _("SSH Keys"),         url: profile_keys_path },
+      { category: "Settings", label: _("Dashboard"),        url: root_path }
     ]
   end
 
   # Autocomplete results for settings pages, for admins
   def default_autocomplete_admin
     [
-      { category: "Settings", label: "Admin Section", url: admin_root_path }
+      { category: "Settings", label: _("Admin Section"), url: admin_root_path }
     ]
   end
 
   # Autocomplete results for internal help pages
   def help_autocomplete
     [
-      { category: "Help", label: "API Help",           url: help_page_path("api/README") },
-      { category: "Help", label: "Markdown Help",      url: help_page_path("user/markdown") },
-      { category: "Help", label: "Permissions Help",   url: help_page_path("user/permissions") },
-      { category: "Help", label: "Public Access Help", url: help_page_path("public_access/public_access") },
-      { category: "Help", label: "Rake Tasks Help",    url: help_page_path("raketasks/README") },
-      { category: "Help", label: "SSH Keys Help",      url: help_page_path("ssh/README") },
-      { category: "Help", label: "System Hooks Help",  url: help_page_path("system_hooks/system_hooks") },
-      { category: "Help", label: "Webhooks Help",      url: help_page_path("user/project/integrations/webhooks") },
-      { category: "Help", label: "Workflow Help",      url: help_page_path("workflow/README") }
+      { category: "Help", label: _("API Help"),           url: help_page_path("api/README") },
+      { category: "Help", label: _("Markdown Help"),      url: help_page_path("user/markdown") },
+      { category: "Help", label: _("Permissions Help"),   url: help_page_path("user/permissions") },
+      { category: "Help", label: _("Public Access Help"), url: help_page_path("public_access/public_access") },
+      { category: "Help", label: _("Rake Tasks Help"),    url: help_page_path("raketasks/README") },
+      { category: "Help", label: _("SSH Keys Help"),      url: help_page_path("ssh/README") },
+      { category: "Help", label: _("System Hooks Help"),  url: help_page_path("system_hooks/system_hooks") },
+      { category: "Help", label: _("Webhooks Help"),      url: help_page_path("user/project/integrations/webhooks") },
+      { category: "Help", label: _("Workflow Help"),      url: help_page_path("workflow/README") }
     ]
   end
 
@@ -93,16 +93,16 @@ module SearchHelper
       ref = @ref || @project.repository.root_ref
 
       [
-        { category: "In this project", label: "Files",          url: project_tree_path(@project, ref) },
-        { category: "In this project", label: "Commits",        url: project_commits_path(@project, ref) },
-        { category: "In this project", label: "Network",        url: project_network_path(@project, ref) },
-        { category: "In this project", label: "Graph",          url: project_graph_path(@project, ref) },
-        { category: "In this project", label: "Issues",         url: project_issues_path(@project) },
-        { category: "In this project", label: "Merge Requests", url: project_merge_requests_path(@project) },
-        { category: "In this project", label: "Milestones",     url: project_milestones_path(@project) },
-        { category: "In this project", label: "Snippets",       url: project_snippets_path(@project) },
-        { category: "In this project", label: "Members",        url: project_project_members_path(@project) },
-        { category: "In this project", label: "Wiki",           url: project_wikis_path(@project) }
+        { category: "In this project", label: _("Files"),          url: project_tree_path(@project, ref) },
+        { category: "In this project", label: _("Commits"),        url: project_commits_path(@project, ref) },
+        { category: "In this project", label: _("Network"),        url: project_network_path(@project, ref) },
+        { category: "In this project", label: _("Graph"),          url: project_graph_path(@project, ref) },
+        { category: "In this project", label: _("Issues"),         url: project_issues_path(@project) },
+        { category: "In this project", label: _("Merge Requests"), url: project_merge_requests_path(@project) },
+        { category: "In this project", label: _("Milestones"),     url: project_milestones_path(@project) },
+        { category: "In this project", label: _("Snippets"),       url: project_snippets_path(@project) },
+        { category: "In this project", label: _("Members"),        url: project_project_members_path(@project) },
+        { category: "In this project", label: _("Wiki"),           url: project_wikis_path(@project) }
       ]
     else
       []
@@ -162,7 +162,7 @@ module SearchHelper
     opts =
       {
         id: "filtered-search-#{type}",
-        placeholder: 'Search or filter results...',
+        placeholder: _('Search or filter results...'),
         data: {
           'username-params' => UserSerializer.new.represent(@users)
         },
diff --git a/app/helpers/tree_helper.rb b/app/helpers/tree_helper.rb
index c5bab877c00..4690b6ffbe1 100644
--- a/app/helpers/tree_helper.rb
+++ b/app/helpers/tree_helper.rb
@@ -86,17 +86,17 @@ module TreeHelper
   end
 
   def edit_in_new_fork_notice_now
-    "You're not allowed to make changes to this project directly." +
-      " A fork of this project is being created that you can make changes in, so you can submit a merge request."
+    _("You're not allowed to make changes to this project directly. "\
+      "A fork of this project is being created that you can make changes in, so you can submit a merge request.")
   end
 
   def edit_in_new_fork_notice
-    "You're not allowed to make changes to this project directly." +
-      " A fork of this project has been created that you can make changes in, so you can submit a merge request."
+    _("You're not allowed to make changes to this project directly. "\
+      "A fork of this project has been created that you can make changes in, so you can submit a merge request.")
   end
 
   def edit_in_new_fork_notice_action(action)
-    edit_in_new_fork_notice + " Try to #{action} this file again."
+    edit_in_new_fork_notice + _(" Try to %{action} this file again.") % { action: action }
   end
 
   def commit_in_fork_help
diff --git a/app/helpers/visibility_level_helper.rb b/app/helpers/visibility_level_helper.rb
index 712f0f808dd..9deb783d289 100644
--- a/app/helpers/visibility_level_helper.rb
+++ b/app/helpers/visibility_level_helper.rb
@@ -42,11 +42,11 @@ module VisibilityLevelHelper
   def group_visibility_level_description(level)
     case level
     when Gitlab::VisibilityLevel::PRIVATE
-      "The group and its projects can only be viewed by members."
+      _("The group and its projects can only be viewed by members.")
     when Gitlab::VisibilityLevel::INTERNAL
-      "The group and any internal projects can be viewed by any logged in user."
+      _("The group and any internal projects can be viewed by any logged in user.")
     when Gitlab::VisibilityLevel::PUBLIC
-      "The group and any public projects can be viewed without any authentication."
+      _("The group and any public projects can be viewed without any authentication.")
     end
   end
 
@@ -54,20 +54,20 @@ module VisibilityLevelHelper
     case level
     when Gitlab::VisibilityLevel::PRIVATE
       if snippet.is_a? ProjectSnippet
-        "The snippet is visible only to project members."
+        _("The snippet is visible only to project members.")
       else
-        "The snippet is visible only to me."
+        _("The snippet is visible only to me.")
       end
     when Gitlab::VisibilityLevel::INTERNAL
-      "The snippet is visible to any logged in user."
+      _("The snippet is visible to any logged in user.")
     when Gitlab::VisibilityLevel::PUBLIC
-      "The snippet can be accessed without any authentication."
+      _("The snippet can be accessed without any authentication.")
     end
   end
 
   def restricted_visibility_level_description(level)
     level_name = Gitlab::VisibilityLevel.level_name(level)
-    "#{level_name.capitalize} visibility has been restricted by the administrator."
+    _("%{level_name} visibility has been restricted by the administrator.") % { level_name: level_name.capitalize }
   end
 
   def disallowed_visibility_level_description(level, form_model)
diff --git a/app/helpers/wiki_helper.rb b/app/helpers/wiki_helper.rb
index 647f34e57ed..edd48f82729 100644
--- a/app/helpers/wiki_helper.rb
+++ b/app/helpers/wiki_helper.rb
@@ -47,4 +47,24 @@ module WikiHelper
   def wiki_attachment_upload_url
     expose_url(api_v4_projects_wikis_attachments_path(id: @project.id))
   end
+
+  def wiki_sort_controls(project, sort, direction)
+    sort ||= ProjectWiki::TITLE_ORDER
+    link_class = 'btn btn-default has-tooltip reverse-sort-btn qa-reverse-sort'
+    reversed_direction = direction == 'desc' ? 'asc' : 'desc'
+    icon_class = direction == 'desc' ? 'highest' : 'lowest'
+
+    link_to(project_wikis_pages_path(project, sort: sort, direction: reversed_direction),
+      type: 'button', class: link_class, title: _('Sort direction')) do
+      sprite_icon("sort-#{icon_class}", size: 16)
+    end
+  end
+
+  def wiki_sort_title(key)
+    if key == ProjectWiki::CREATED_AT_ORDER
+      s_("Wiki|Created date")
+    else
+      s_("Wiki|Title")
+    end
+  end
 end
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index 9e91e4ab4b9..7ec8505b33a 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -223,4 +223,11 @@ class ApplicationSetting < ApplicationRecord
     reset_memoized_terms
   end
   after_commit :expire_performance_bar_allowed_user_ids_cache, if: -> { previous_changes.key?('performance_bar_allowed_group_id') }
+
+  def self.create_from_defaults
+    super
+  rescue ActiveRecord::RecordNotUnique
+    # We already have an ApplicationSetting record, so just return it.
+    current_without_cache
+  end
 end
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb
index 1bd517641ac..b8a76e662b0 100644
--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -83,8 +83,13 @@ module Ci
     scope :unstarted, ->() { where(runner_id: nil) }
     scope :ignore_failures, ->() { where(allow_failure: false) }
     scope :with_artifacts_archive, ->() do
-      where('(artifacts_file IS NOT NULL AND artifacts_file <> ?) OR EXISTS (?)',
-        '', Ci::JobArtifact.select(1).where('ci_builds.id = ci_job_artifacts.job_id').archive)
+      if Feature.enabled?(:ci_enable_legacy_artifacts)
+        where('(artifacts_file IS NOT NULL AND artifacts_file <> ?) OR EXISTS (?)',
+          '', Ci::JobArtifact.select(1).where('ci_builds.id = ci_job_artifacts.job_id').archive)
+      else
+        where('EXISTS (?)',
+          Ci::JobArtifact.select(1).where('ci_builds.id = ci_job_artifacts.job_id').archive)
+      end
     end
 
     scope :with_existing_job_artifacts, ->(query) do
@@ -135,6 +140,8 @@ module Ci
       where("EXISTS (?)", matcher)
     end
 
+    ##
+    # TODO: Remove these mounters when we remove :ci_enable_legacy_artifacts feature flag
     mount_uploader :legacy_artifacts_file, LegacyArtifactUploader, mount_on: :artifacts_file
     mount_uploader :legacy_artifacts_metadata, LegacyArtifactUploader, mount_on: :artifacts_metadata
 
@@ -775,7 +782,7 @@ module Ci
     private
 
     def erase_old_artifacts!
-      # TODO: To be removed once we get rid of
+      # TODO: To be removed once we get rid of ci_enable_legacy_artifacts feature flag
       remove_artifacts_file!
       remove_artifacts_metadata!
       save
diff --git a/app/models/ci/build_runner_session.rb b/app/models/ci/build_runner_session.rb
index 061eff090f5..80dbb150085 100644
--- a/app/models/ci/build_runner_session.rb
+++ b/app/models/ci/build_runner_session.rb
@@ -6,6 +6,8 @@ module Ci
   class BuildRunnerSession < ApplicationRecord
     extend Gitlab::Ci::Model
 
+    TERMINAL_SUBPROTOCOL = 'terminal.gitlab.com'.freeze
+
     self.table_name = 'ci_builds_runner_session'
 
     belongs_to :build, class_name: 'Ci::Build', inverse_of: :runner_session
@@ -14,11 +16,21 @@ module Ci
     validates :url, url: { protocols: %w(https) }
 
     def terminal_specification
-      return {} unless url.present?
+      wss_url = Gitlab::UrlHelpers.as_wss(self.url)
+      return {} unless wss_url.present?
+
+      wss_url = "#{wss_url}/exec"
+      channel_specification(wss_url, TERMINAL_SUBPROTOCOL)
+    end
+
+    private
+
+    def channel_specification(url, subprotocol)
+      return {} if subprotocol.blank? || url.blank?
 
       {
-        subprotocols: ['terminal.gitlab.com'].freeze,
-        url: "#{url}/exec".sub("https://", "wss://"),
+        subprotocols: Array(subprotocol),
+        url: url,
         headers: { Authorization: [authorization.presence] }.compact,
         ca_pem: certificate.presence
       }
diff --git a/app/models/concerns/artifact_migratable.rb b/app/models/concerns/artifact_migratable.rb
index cbd63ba8876..7c9f579b480 100644
--- a/app/models/concerns/artifact_migratable.rb
+++ b/app/models/concerns/artifact_migratable.rb
@@ -13,7 +13,7 @@ module ArtifactMigratable
   end
 
   def artifacts?
-    !artifacts_expired? && artifacts_file.exists?
+    !artifacts_expired? && artifacts_file&.exists?
   end
 
   def artifacts_metadata?
@@ -43,4 +43,16 @@ module ArtifactMigratable
   def artifacts_size
     read_attribute(:artifacts_size).to_i + job_artifacts.sum(:size).to_i
   end
+
+  def legacy_artifacts_file
+    return unless Feature.enabled?(:ci_enable_legacy_artifacts)
+
+    super
+  end
+
+  def legacy_artifacts_metadata
+    return unless Feature.enabled?(:ci_enable_legacy_artifacts)
+
+    super
+  end
 end
diff --git a/app/models/concerns/issuable.rb b/app/models/concerns/issuable.rb
index 51a8395c013..17f94b4bd9b 100644
--- a/app/models/concerns/issuable.rb
+++ b/app/models/concerns/issuable.rb
@@ -172,6 +172,10 @@ module Issuable
       fuzzy_search(query, matched_columns)
     end
 
+    def simple_sorts
+      super.except('name_asc', 'name_desc')
+    end
+
     def sort_by_attribute(method, excluded_labels: [])
       sorted =
         case method.to_s
diff --git a/app/models/concerns/prometheus_adapter.rb b/app/models/concerns/prometheus_adapter.rb
index a29e80fe0c1..decbbbd87f2 100644
--- a/app/models/concerns/prometheus_adapter.rb
+++ b/app/models/concerns/prometheus_adapter.rb
@@ -51,7 +51,7 @@ module PrometheusAdapter
     end
 
     def build_query_args(*args)
-      args.map(&:id)
+      args.map { |arg| arg.respond_to?(:id) ? arg.id : arg }
     end
   end
 end
diff --git a/app/models/concerns/reactive_caching.rb b/app/models/concerns/reactive_caching.rb
index 1ab3b3ddc46..1e09cd89550 100644
--- a/app/models/concerns/reactive_caching.rb
+++ b/app/models/concerns/reactive_caching.rb
@@ -29,6 +29,40 @@
 # However, it will enqueue a background worker to call `#calculate_reactive_cache`
 # and set an initial cache lifetime of ten minutes.
 #
+# The background worker needs to find or generate the object on which
+# `with_reactive_cache` was called.
+# The default behaviour can be overridden by defining a custom
+# `reactive_cache_worker_finder`.
+# Otherwise the background worker will use the class name and primary key to get
+# the object using the ActiveRecord find_by method.
+#
+#    class Bar
+#      include ReactiveCaching
+#
+#      self.reactive_cache_key = ->() { ["bar", "thing"] }
+#      self.reactive_cache_worker_finder = ->(_id, *args) { from_cache(*args) }
+#
+#      def self.from_cache(var1, var2)
+#        # This method will be called by the background worker with "bar1" and
+#        # "bar2" as arguments.
+#        new(var1, var2)
+#      end
+#
+#      def initialize(var1, var2)
+#        # ...
+#      end
+#
+#      def calculate_reactive_cache
+#        # Expensive operation here. The return value of this method is cached
+#      end
+#
+#      def result
+#        with_reactive_cache("bar1", "bar2") do |data|
+#          # ...
+#        end
+#      end
+#    end
+#
 # Each time the background job completes, it stores the return value of
 # `#calculate_reactive_cache`. It is also re-enqueued to run again after
 # `reactive_cache_refresh_interval`, so keeping the stored value up to date.
@@ -52,6 +86,7 @@ module ReactiveCaching
     class_attribute :reactive_cache_key
     class_attribute :reactive_cache_lifetime
     class_attribute :reactive_cache_refresh_interval
+    class_attribute :reactive_cache_worker_finder
 
     # defaults
     self.reactive_cache_lease_timeout = 2.minutes
@@ -59,6 +94,10 @@ module ReactiveCaching
     self.reactive_cache_refresh_interval = 1.minute
     self.reactive_cache_lifetime = 10.minutes
 
+    self.reactive_cache_worker_finder = ->(id, *_args) do
+      find_by(primary_key => id)
+    end
+
     def calculate_reactive_cache(*args)
       raise NotImplementedError
     end
diff --git a/app/models/concerns/sortable.rb b/app/models/concerns/sortable.rb
index 29e48f0c5f7..df1a9e3fe6e 100644
--- a/app/models/concerns/sortable.rb
+++ b/app/models/concerns/sortable.rb
@@ -21,19 +21,21 @@ module Sortable
 
   class_methods do
     def order_by(method)
-      case method.to_s
-      when 'created_asc'  then order_created_asc
-      when 'created_date' then order_created_desc
-      when 'created_desc' then order_created_desc
-      when 'id_asc'       then order_id_asc
-      when 'id_desc'      then order_id_desc
-      when 'name_asc'     then order_name_asc
-      when 'name_desc'    then order_name_desc
-      when 'updated_asc'  then order_updated_asc
-      when 'updated_desc' then order_updated_desc
-      else
-        all
-      end
+      simple_sorts.fetch(method.to_s, -> { all }).call
+    end
+
+    def simple_sorts
+      {
+        'created_asc' => -> { order_created_asc },
+        'created_date' => -> { order_created_desc },
+        'created_desc' => -> { order_created_desc },
+        'id_asc' => -> { order_id_asc },
+        'id_desc' => -> { order_id_desc },
+        'name_asc' => -> { order_name_asc },
+        'name_desc' => -> { order_name_desc },
+        'updated_asc' => -> { order_updated_asc },
+        'updated_desc' => -> { order_updated_desc }
+      }
     end
 
     private
diff --git a/app/models/environment.rb b/app/models/environment.rb
index 25373c7a1f7..fa29a83e517 100644
--- a/app/models/environment.rb
+++ b/app/models/environment.rb
@@ -170,8 +170,10 @@ class Environment < ApplicationRecord
     prometheus_adapter.query(:environment, self) if has_metrics?
   end
 
-  def additional_metrics
-    prometheus_adapter.query(:additional_metrics_environment, self) if has_metrics?
+  def additional_metrics(*args)
+    return unless has_metrics?
+
+    prometheus_adapter.query(:additional_metrics_environment, self, *args.map(&:to_f))
   end
 
   # rubocop: disable CodeReuse/ServiceClass
diff --git a/app/models/group.rb b/app/models/group.rb
index c77586c4cdc..ac66815705c 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -228,22 +228,21 @@ class Group < Namespace
   def has_owner?(user)
     return false unless user
 
-    members_with_parents.owners.where(user_id: user).any?
+    members_with_parents.owners.exists?(user_id: user)
   end
 
   def has_maintainer?(user)
     return false unless user
 
-    members_with_parents.maintainers.where(user_id: user).any?
+    members_with_parents.maintainers.exists?(user_id: user)
   end
 
   # @deprecated
   alias_method :has_master?, :has_maintainer?
 
   # Check if user is a last owner of the group.
-  # Parent owners are ignored for nested groups.
   def last_owner?(user)
-    owners.include?(user) && owners.size == 1
+    has_owner?(user) && members_with_parents.owners.size == 1
   end
 
   def ldap_synced?
diff --git a/app/models/project_wiki.rb b/app/models/project_wiki.rb
index 268706a6aea..23ddd708396 100644
--- a/app/models/project_wiki.rb
+++ b/app/models/project_wiki.rb
@@ -13,6 +13,11 @@ class ProjectWiki
   CouldNotCreateWikiError = Class.new(StandardError)
   SIDEBAR = '_sidebar'
 
+  TITLE_ORDER = 'title'
+  CREATED_AT_ORDER = 'created_at'
+  DIRECTION_DESC = 'desc'
+  DIRECTION_ASC = 'asc'
+
   # Returns a string describing what went wrong after
   # an operation fails.
   attr_reader :error_message
@@ -82,8 +87,15 @@ class ProjectWiki
 
   # Returns an Array of GitLab WikiPage instances or an
   # empty Array if this Wiki has no pages.
-  def pages(limit: 0)
-    wiki.pages(limit: limit).map { |page| WikiPage.new(self, page, true) }
+  def pages(limit: 0, sort: nil, direction: DIRECTION_ASC)
+    sort ||= TITLE_ORDER
+    direction_desc = direction == DIRECTION_DESC
+
+    wiki.pages(
+      limit: limit, sort: sort, direction_desc: direction_desc
+    ).map do |page|
+      WikiPage.new(self, page, true)
+    end
   end
 
   # Finds a page within the repository based on a tile
diff --git a/app/models/repository.rb b/app/models/repository.rb
index 574ce12b309..51ab2247a03 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -299,13 +299,14 @@ class Repository
     end
   end
 
-  def archive_metadata(ref, storage_path, format = "tar.gz", append_sha:)
+  def archive_metadata(ref, storage_path, format = "tar.gz", append_sha:, path: nil)
     raw_repository.archive_metadata(
       ref,
       storage_path,
       project.path,
       format,
-      append_sha: append_sha
+      append_sha: append_sha,
+      path: path
     )
   end
 
diff --git a/app/models/wiki_page.rb b/app/models/wiki_page.rb
index 64daba81dcf..909da4316d0 100644
--- a/app/models/wiki_page.rb
+++ b/app/models/wiki_page.rb
@@ -28,16 +28,15 @@ class WikiPage
   def self.group_by_directory(pages)
     return [] if pages.blank?
 
-    pages.sort_by { |page| [page.directory, page.slug] }
-      .group_by(&:directory)
-      .map do |dir, pages|
-        if dir.present?
-          WikiDirectory.new(dir, pages)
-        else
-          pages
-        end
-      end
-      .flatten
+    pages.each_with_object([]) do |page, grouped_pages|
+      next grouped_pages << page unless page.directory.present?
+
+      directory = grouped_pages.find { |dir| dir.slug == page.directory }
+
+      next directory.pages << page if directory
+
+      grouped_pages << WikiDirectory.new(page.directory, [page])
+    end
   end
 
   def self.unhyphenize(name)
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index 75825c8fac0..26d7d6e84c4 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -204,6 +204,7 @@ class ProjectPolicy < BasePolicy
     enable :read_merge_request
     enable :read_sentry_issue
     enable :read_release
+    enable :read_prometheus
   end
 
   # We define `:public_user_access` separately because there are cases in gitlab-ee
diff --git a/app/presenters/ci/bridge_presenter.rb b/app/presenters/ci/bridge_presenter.rb
new file mode 100644
index 00000000000..ee11cffe355
--- /dev/null
+++ b/app/presenters/ci/bridge_presenter.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module Ci
+  class BridgePresenter < CommitStatusPresenter
+    def detailed_status
+      @detailed_status ||= subject.detailed_status(user)
+    end
+  end
+end
diff --git a/app/serializers/build_details_entity.rb b/app/serializers/build_details_entity.rb
index 9ddce0d2c80..62c26809eeb 100644
--- a/app/serializers/build_details_entity.rb
+++ b/app/serializers/build_details_entity.rb
@@ -45,6 +45,8 @@ class BuildDetailsEntity < JobEntity
     erase_project_job_path(project, build)
   end
 
+  expose :failure_reason, if: -> (*) { build.failed? }
+
   expose :terminal_path, if: -> (*) { can_create_build_terminal? } do |build|
     terminal_project_job_path(project, build)
   end
diff --git a/app/serializers/issue_entity.rb b/app/serializers/issue_entity.rb
index c3f7d4651fb..914ad628a99 100644
--- a/app/serializers/issue_entity.rb
+++ b/app/serializers/issue_entity.rb
@@ -42,6 +42,6 @@ class IssueEntity < IssuableEntity
   end
 
   expose :preview_note_path do |issue|
-    preview_markdown_path(issue.project, quick_actions_target_type: 'Issue', quick_actions_target_id: issue.iid)
+    preview_markdown_path(issue.project, target_type: 'Issue', target_id: issue.iid)
   end
 end
diff --git a/app/serializers/merge_request_widget_entity.rb b/app/serializers/merge_request_widget_entity.rb
index d673f8ae896..4831eb32c96 100644
--- a/app/serializers/merge_request_widget_entity.rb
+++ b/app/serializers/merge_request_widget_entity.rb
@@ -235,7 +235,7 @@ class MergeRequestWidgetEntity < IssuableEntity
   end
 
   expose :preview_note_path do |merge_request|
-    preview_markdown_path(merge_request.project, quick_actions_target_type: 'MergeRequest', quick_actions_target_id: merge_request.iid)
+    preview_markdown_path(merge_request.project, target_type: 'MergeRequest', target_id: merge_request.iid)
   end
 
   expose :merge_commit_path do |merge_request|
diff --git a/app/serializers/suggestion_entity.rb b/app/serializers/suggestion_entity.rb
index 4d0d4da10be..2dd62e19e29 100644
--- a/app/serializers/suggestion_entity.rb
+++ b/app/serializers/suggestion_entity.rb
@@ -3,6 +3,8 @@
 class SuggestionEntity < API::Entities::Suggestion
   include RequestAwareEntity
 
+  unexpose :from_line, :to_line, :from_content, :to_content
+  expose :diff_lines, using: DiffLineEntity
   expose :current_user do
     expose :can_apply do |suggestion|
       Ability.allowed?(current_user, :apply_suggestion, suggestion)
diff --git a/app/serializers/suggestion_serializer.rb b/app/serializers/suggestion_serializer.rb
new file mode 100644
index 00000000000..010344f9fcd
--- /dev/null
+++ b/app/serializers/suggestion_serializer.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class SuggestionSerializer < BaseSerializer
+  entity SuggestionEntity
+
+  def represent_diff(resource)
+    represent(resource, { only: [:diff_lines] })
+  end
+end
diff --git a/app/services/clusters/applications/base_helm_service.rb b/app/services/clusters/applications/base_helm_service.rb
index c38b2656260..adaa68b1efb 100644
--- a/app/services/clusters/applications/base_helm_service.rb
+++ b/app/services/clusters/applications/base_helm_service.rb
@@ -13,16 +13,20 @@ module Clusters
 
       def log_error(error)
         meta = {
-          exception: error.class.name,
           error_code: error.respond_to?(:error_code) ? error.error_code : nil,
           service: self.class.name,
           app_id: app.id,
           project_ids: app.cluster.project_ids,
-          group_ids: app.cluster.group_ids,
-          message: error.message
+          group_ids: app.cluster.group_ids
         }
 
-        logger.error(meta)
+        logger_meta = meta.merge(
+          exception: error.class.name,
+          message: error.message,
+          backtrace: Gitlab::Profiler.clean_backtrace(error.backtrace)
+        )
+
+        logger.error(logger_meta)
         Gitlab::Sentry.track_acceptable_exception(error, extra: meta)
       end
 
diff --git a/app/services/concerns/suggestible.rb b/app/services/concerns/suggestible.rb
index 0b9822b1909..0cba9bf1b8a 100644
--- a/app/services/concerns/suggestible.rb
+++ b/app/services/concerns/suggestible.rb
@@ -2,10 +2,17 @@
 
 module Suggestible
   extend ActiveSupport::Concern
+  include Gitlab::Utils::StrongMemoize
 
   # This translates into limiting suggestion changes to `suggestion:-100+100`.
   MAX_LINES_CONTEXT = 100.freeze
 
+  def diff_lines
+    strong_memoize(:diff_lines) do
+      Gitlab::Diff::SuggestionDiff.new(self).diff_lines
+    end
+  end
+
   def fetch_from_content
     diff_file.new_blob_lines_between(from_line, to_line).join
   end
diff --git a/app/services/groups/base_service.rb b/app/services/groups/base_service.rb
index 8c8acce5ca5..019cd047ae9 100644
--- a/app/services/groups/base_service.rb
+++ b/app/services/groups/base_service.rb
@@ -7,5 +7,11 @@ module Groups
     def initialize(group, user, params = {})
       @group, @current_user, @params = group, user, params.dup
     end
+
+    private
+
+    def remove_unallowed_params
+      # overridden in EE
+    end
   end
 end
diff --git a/app/services/groups/create_service.rb b/app/services/groups/create_service.rb
index 99ead467f74..74aad3b1c94 100644
--- a/app/services/groups/create_service.rb
+++ b/app/services/groups/create_service.rb
@@ -8,6 +8,8 @@ module Groups
     end
 
     def execute
+      remove_unallowed_params
+
       @group = Group.new(params)
 
       after_build_hook(@group, params)
diff --git a/app/services/groups/update_service.rb b/app/services/groups/update_service.rb
index 787445180f0..73e1e00dc33 100644
--- a/app/services/groups/update_service.rb
+++ b/app/services/groups/update_service.rb
@@ -6,6 +6,7 @@ module Groups
 
     def execute
       reject_parent_id!
+      remove_unallowed_params
 
       return false unless valid_visibility_level_change?(group, params[:visibility_level])
 
diff --git a/app/services/merge_requests/add_todo_when_build_fails_service.rb b/app/services/merge_requests/add_todo_when_build_fails_service.rb
index 79c43b8e7d5..d3ef892875b 100644
--- a/app/services/merge_requests/add_todo_when_build_fails_service.rb
+++ b/app/services/merge_requests/add_todo_when_build_fails_service.rb
@@ -7,7 +7,7 @@ module MergeRequests
     def execute(commit_status)
       return if commit_status.allow_failure? || commit_status.retried?
 
-      commit_status_merge_requests(commit_status) do |merge_request|
+      pipeline_merge_requests(commit_status.pipeline) do |merge_request|
         todo_service.merge_request_build_failed(merge_request)
       end
     end
@@ -16,7 +16,7 @@ module MergeRequests
     # build is retried
     #
     def close(commit_status)
-      commit_status_merge_requests(commit_status) do |merge_request|
+      pipeline_merge_requests(commit_status.pipeline) do |merge_request|
         todo_service.merge_request_build_retried(merge_request)
       end
     end
diff --git a/app/services/merge_requests/base_service.rb b/app/services/merge_requests/base_service.rb
index 3e208241da5..8a9e5ebb014 100644
--- a/app/services/merge_requests/base_service.rb
+++ b/app/services/merge_requests/base_service.rb
@@ -55,15 +55,7 @@ module MergeRequests
     end
 
     def create_pipeline_for(merge_request, user)
-      return unless Feature.enabled?(:ci_merge_request_pipeline,
-                                     merge_request.source_project,
-                                     default_enabled: true)
-
-      ##
-      # UpdateMergeRequestsWorker could be retried by an exception.
-      # MR pipelines should not be recreated in such case.
-      return if merge_request.merge_request_pipeline_exists?
-      return if merge_request.has_no_commits?
+      return unless can_create_pipeline_for?(merge_request)
 
       create_detached_merge_request_pipeline(merge_request, user)
     end
@@ -80,6 +72,16 @@ module MergeRequests
       end
     end
 
+    def can_create_pipeline_for?(merge_request)
+      ##
+      # UpdateMergeRequestsWorker could be retried by an exception.
+      # pipelines for merge request should not be recreated in such case.
+      return false if merge_request.merge_request_pipeline_exists?
+      return false if merge_request.has_no_commits?
+
+      true
+    end
+
     def can_use_merge_request_ref?(merge_request)
       Feature.enabled?(:ci_use_merge_request_ref, project, default_enabled: true) &&
         !merge_request.for_fork?
@@ -97,22 +99,11 @@ module MergeRequests
     # rubocop: enable CodeReuse/ActiveRecord
 
     def pipeline_merge_requests(pipeline)
-      merge_requests_for(pipeline.ref).each do |merge_request|
+      pipeline.all_merge_requests.opened.each do |merge_request|
         next unless pipeline == merge_request.head_pipeline
 
         yield merge_request
       end
     end
-
-    def commit_status_merge_requests(commit_status)
-      merge_requests_for(commit_status.ref).each do |merge_request|
-        pipeline = merge_request.head_pipeline
-
-        next unless pipeline
-        next unless pipeline.sha == commit_status.sha
-
-        yield merge_request
-      end
-    end
   end
 end
diff --git a/app/services/preview_markdown_service.rb b/app/services/preview_markdown_service.rb
index c1655c38095..7386530f45f 100644
--- a/app/services/preview_markdown_service.rb
+++ b/app/services/preview_markdown_service.rb
@@ -17,7 +17,7 @@ class PreviewMarkdownService < BaseService
   private
 
   def explain_quick_actions(text)
-    return text, [] unless %w(Issue MergeRequest Commit).include?(commands_target_type)
+    return text, [] unless %w(Issue MergeRequest Commit).include?(target_type)
 
     quick_actions_service = QuickActions::InterpretService.new(project, current_user)
     quick_actions_service.explain(text, find_commands_target)
@@ -30,22 +30,34 @@ class PreviewMarkdownService < BaseService
   end
 
   def find_suggestions(text)
-    return [] unless params[:preview_suggestions]
+    return [] unless preview_sugestions?
 
-    Banzai::SuggestionsParser.parse(text)
+    position = Gitlab::Diff::Position.new(new_path: params[:file_path],
+                                          new_line: params[:line].to_i,
+                                          base_sha: params[:base_sha],
+                                          head_sha: params[:head_sha],
+                                          start_sha: params[:start_sha])
+
+    Gitlab::Diff::SuggestionsParser.parse(text, position: position, project: project)
+  end
+
+  def preview_sugestions?
+    params[:preview_suggestions] &&
+      target_type == 'MergeRequest' &&
+      Ability.allowed?(current_user, :download_code, project)
   end
 
   def find_commands_target
     QuickActions::TargetService
       .new(project, current_user)
-      .execute(commands_target_type, commands_target_id)
+      .execute(target_type, target_id)
   end
 
-  def commands_target_type
-    params[:quick_actions_target_type]
+  def target_type
+    params[:target_type]
   end
 
-  def commands_target_id
-    params[:quick_actions_target_id]
+  def target_id
+    params[:target_id]
   end
 end
diff --git a/app/services/prometheus/proxy_service.rb b/app/services/prometheus/proxy_service.rb
new file mode 100644
index 00000000000..c5d2b84878b
--- /dev/null
+++ b/app/services/prometheus/proxy_service.rb
@@ -0,0 +1,116 @@
+# frozen_string_literal: true
+
+module Prometheus
+  class ProxyService < BaseService
+    include ReactiveCaching
+    include Gitlab::Utils::StrongMemoize
+
+    self.reactive_cache_key = ->(service) { service.cache_key }
+    self.reactive_cache_lease_timeout = 30.seconds
+    self.reactive_cache_refresh_interval = 30.seconds
+    self.reactive_cache_lifetime = 1.minute
+    self.reactive_cache_worker_finder = ->(_id, *args) { from_cache(*args) }
+
+    attr_accessor :proxyable, :method, :path, :params
+
+    PROXY_SUPPORT = {
+      'query' => {
+        method: ['GET'],
+        params: %w(query time timeout)
+      },
+      'query_range' => {
+        method: ['GET'],
+        params: %w(query start end step timeout)
+      }
+    }.freeze
+
+    def self.from_cache(proxyable_class_name, proxyable_id, method, path, params)
+      proxyable_class = begin
+        proxyable_class_name.constantize
+      rescue NameError
+        nil
+      end
+      return unless proxyable_class
+
+      proxyable = proxyable_class.find(proxyable_id)
+
+      new(proxyable, method, path, params)
+    end
+
+    # proxyable can be any model which responds to .prometheus_adapter
+    # like Environment.
+    def initialize(proxyable, method, path, params)
+      @proxyable = proxyable
+      @path = path
+
+      # Convert ActionController::Parameters to hash because reactive_cache_worker
+      # does not play nice with ActionController::Parameters.
+      @params = filter_params(params, path).to_hash
+
+      @method = method
+    end
+
+    def id
+      nil
+    end
+
+    def execute
+      return cannot_proxy_response unless can_proxy?
+      return no_prometheus_response unless can_query?
+
+      with_reactive_cache(*cache_key) do |result|
+        result
+      end
+    end
+
+    def calculate_reactive_cache(proxyable_class_name, proxyable_id, method, path, params)
+      return no_prometheus_response unless can_query?
+
+      response = prometheus_client_wrapper.proxy(path, params)
+
+      success(http_status: response.code, body: response.body)
+    rescue Gitlab::PrometheusClient::Error => err
+      service_unavailable_response(err)
+    end
+
+    def cache_key
+      [@proxyable.class.name, @proxyable.id, @method, @path, @params]
+    end
+
+    private
+
+    def service_unavailable_response(exception)
+      error(exception.message, :service_unavailable)
+    end
+
+    def no_prometheus_response
+      error('No prometheus server found', :service_unavailable)
+    end
+
+    def cannot_proxy_response
+      error('Proxy support for this API is not available currently')
+    end
+
+    def prometheus_adapter
+      strong_memoize(:prometheus_adapter) do
+        @proxyable.prometheus_adapter
+      end
+    end
+
+    def prometheus_client_wrapper
+      prometheus_adapter&.prometheus_client_wrapper
+    end
+
+    def can_query?
+      prometheus_adapter&.can_query?
+    end
+
+    def filter_params(params, path)
+      params.slice(*PROXY_SUPPORT.dig(path, :params))
+    end
+
+    def can_proxy?
+      PROXY_SUPPORT.dig(@path, :method)&.include?(@method)
+    end
+  end
+end
diff --git a/app/uploaders/legacy_artifact_uploader.rb b/app/uploaders/legacy_artifact_uploader.rb
index a9afc104ed1..fac3c3dcb8f 100644
--- a/app/uploaders/legacy_artifact_uploader.rb
+++ b/app/uploaders/legacy_artifact_uploader.rb
@@ -1,5 +1,8 @@
 # frozen_string_literal: true
 
+##
+# TODO: Remove this uploader when we remove :ci_enable_legacy_artifacts feature flag
+# See https://gitlab.com/gitlab-org/gitlab-ce/issues/58595
 class LegacyArtifactUploader < GitlabUploader
   extend Workhorse::UploadPath
   include ObjectStorage::Concern
diff --git a/app/uploaders/records_uploads.rb b/app/uploaders/records_uploads.rb
index 9a243e07936..00b51f92b12 100644
--- a/app/uploaders/records_uploads.rb
+++ b/app/uploaders/records_uploads.rb
@@ -46,6 +46,10 @@ module RecordsUploads
       File.join(store_dir, filename.to_s)
     end
 
+    def filename
+      upload&.path ? File.basename(upload.path) : super
+    end
+
     private
 
     # rubocop: disable CodeReuse/ActiveRecord
diff --git a/app/views/admin/groups/_form.html.haml b/app/views/admin/groups/_form.html.haml
index 5e05568e384..8fb38f6a690 100644
--- a/app/views/admin/groups/_form.html.haml
+++ b/app/views/admin/groups/_form.html.haml
@@ -8,7 +8,7 @@
   .form-group.row.group-description-holder
     = f.label :avatar, _("Group avatar"), class: 'col-form-label col-sm-2'
     .col-sm-10
-      = render 'shared/choose_group_avatar_button', f: f
+      = render 'shared/choose_avatar_button', f: f
 
   = render 'shared/old_visibility_level', f: f, visibility_level: visibility_level, can_change_visibility_level: can_change_group_visibility_level?(@group), form_model: @group, with_label: false
 
diff --git a/app/views/clusters/clusters/gcp/_form.html.haml b/app/views/clusters/clusters/gcp/_form.html.haml
index 00582e19662..3e0f8955081 100644
--- a/app/views/clusters/clusters/gcp/_form.html.haml
+++ b/app/views/clusters/clusters/gcp/_form.html.haml
@@ -7,25 +7,27 @@
 - help_link_end = ' %{external_link_icon}</a>'.html_safe % { external_link_icon: external_link_icon }
 
 %p
-  - link_to_help_page = link_to(s_('ClusterIntegration|help page'), help_page_path('user/project/clusters/index'), target: '_blank', rel: 'noopener noreferrer')
-  = s_('ClusterIntegration|Read our %{link_to_help_page} on Kubernetes cluster integration.').html_safe % { link_to_help_page: link_to_help_page}
+  - link_to_help_page = link_to(s_('ClusterIntegration|help page'),
+    help_page_path('user/project/clusters/index'), target: '_blank', rel: 'noopener noreferrer')
+  = s_('ClusterIntegration|Read our %{link_to_help_page} on Kubernetes cluster integration.').html_safe % { link_to_help_page: link_to_help_page }
 
 %p= link_to('Select a different Google account', @authorize_url)
 
-= form_for @gcp_cluster, html: { class: 'js-gke-cluster-creation prepend-top-20', data: { token: token_in_session } }, url: clusterable.create_gcp_clusters_path, as: :cluster do |field|
-  = form_errors(@gcp_cluster)
-  .form-group
-    = field.label :name, s_('ClusterIntegration|Kubernetes cluster name'), class: 'label-bold'
-    = field.text_field :name, class: 'form-control', placeholder: s_('ClusterIntegration|Kubernetes cluster name')
+= bootstrap_form_for @gcp_cluster, html: { class: 'gl-show-field-errors js-gke-cluster-creation prepend-top-20',
+  data: { token: token_in_session } }, url: clusterable.create_gcp_clusters_path, as: :cluster do |field|
+  = field.text_field :name, required: true, title: s_('ClusterIntegration|Cluster name is required.'),
+    label: s_('ClusterIntegration|Kubernetes cluster name'), label_class: 'label-bold'
   - if has_multiple_clusters?
-    .form-group
-      = field.label :environment_scope, s_('ClusterIntegration|Environment scope'), class: 'label-bold'
-      = field.text_field :environment_scope, class: 'form-control', placeholder: s_('ClusterIntegration|Environment scope')
+    = field.form_group :environment_scope, label: { text: s_('ClusterIntegration|Environment scope'),
+      class: 'label-bold' } do
+      = field.text_field :environment_scope, required: true, class: 'form-control',
+        title: 'Environment scope is required.', wrapper: false
       .form-text.text-muted= s_("ClusterIntegration|Choose which of your environments will use this cluster.")
 
   = field.fields_for :provider_gcp, @gcp_cluster.provider_gcp do |provider_gcp_field|
     .form-group
-      = provider_gcp_field.label :gcp_project_id, s_('ClusterIntegration|Google Cloud Platform project'), class: 'label-bold'
+      = provider_gcp_field.label :gcp_project_id, s_('ClusterIntegration|Google Cloud Platform project'),
+        class: 'label-bold'
       .js-gcp-project-id-dropdown-entry-point{ data: { docsUrl: 'https://console.cloud.google.com/home/dashboard' } }
         = provider_gcp_field.hidden_field :gcp_project_id
         .dropdown
@@ -47,9 +49,9 @@
       %p.form-text.text-muted
         = s_('ClusterIntegration|Learn more about %{help_link_start}zones%{help_link_end}.').html_safe % { help_link_start: help_link_start % { url: zones_link_url }, help_link_end: help_link_end }
 
-    .form-group
-      = provider_gcp_field.label :num_nodes, s_('ClusterIntegration|Number of nodes'), class: 'label-bold'
-      = provider_gcp_field.text_field :num_nodes, class: 'form-control', placeholder: '3'
+    = provider_gcp_field.number_field :num_nodes, required: true, placeholder: '3',
+      title: s_('ClusterIntegration|Number of nodes must be a numerical value.'),
+      label: s_('ClusterIntegration|Number of nodes'), label_class: 'label-bold'
 
     .form-group
       = provider_gcp_field.label :machine_type, s_('ClusterIntegration|Machine type'), class: 'label-bold'
@@ -64,13 +66,14 @@
         = s_('ClusterIntegration|Learn more about %{help_link_start_machine_type}machine types%{help_link_end} and %{help_link_start_pricing}pricing%{help_link_end}.').html_safe % { help_link_start_machine_type: help_link_start % { url: machine_type_link_url }, help_link_start_pricing: help_link_start % { url: pricing_link_url }, help_link_end: help_link_end }
 
     .form-group
-      .form-check
-        = provider_gcp_field.check_box :legacy_abac, { class: 'form-check-input' }, false, true
-        = provider_gcp_field.label :legacy_abac, s_('ClusterIntegration|RBAC-enabled cluster'), class: 'form-check-label label-bold'
-        .form-text.text-muted
-          = s_('ClusterIntegration|Enable this setting if using role-based access control (RBAC).')
-          = s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
-          = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'role-based-access-control-rbac-core-only'), target: '_blank'
+      = provider_gcp_field.check_box :legacy_abac, { label: s_('ClusterIntegration|RBAC-enabled cluster'),
+        label_class: 'label-bold' }, false, true
+      .form-text.text-muted
+        = s_('ClusterIntegration|Enable this setting if using role-based access control (RBAC).')
+        = s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
+        = link_to _('More information'), help_page_path('user/project/clusters/index.md',
+          anchor: 'role-based-access-control-rbac-core-only'), target: '_blank'
 
     .form-group
-      = field.submit s_('ClusterIntegration|Create Kubernetes cluster'), class: 'js-gke-cluster-creation-submit btn btn-success', disabled: true
+      = field.submit s_('ClusterIntegration|Create Kubernetes cluster'),
+        class: 'js-gke-cluster-creation-submit btn btn-success', disabled: true
diff --git a/app/views/clusters/clusters/user/_form.html.haml b/app/views/clusters/clusters/user/_form.html.haml
index 136f98d0126..27b11e8469f 100644
--- a/app/views/clusters/clusters/user/_form.html.haml
+++ b/app/views/clusters/clusters/user/_form.html.haml
@@ -1,40 +1,39 @@
-= form_for @user_cluster, url: clusterable.create_user_clusters_path, as: :cluster do |field|
-  = form_errors(@user_cluster)
-  .form-group
-    = field.label :name, s_('ClusterIntegration|Kubernetes cluster name'), class: 'label-bold'
-    = field.text_field :name, class: 'form-control', placeholder: s_('ClusterIntegration|Kubernetes cluster name')
+= bootstrap_form_for @user_cluster, html: { class: 'gl-show-field-errors' },
+  url: clusterable.create_user_clusters_path, as: :cluster do |field|
+  = field.text_field :name, required: true, title: s_('ClusterIntegration|Cluster name is required.'),
+    label: s_('ClusterIntegration|Kubernetes cluster name'), label_class: 'label-bold'
   - if has_multiple_clusters?
-    .form-group
-      = field.label :environment_scope, s_('ClusterIntegration|Environment scope'), class: 'label-bold'
-      = field.text_field :environment_scope, class: 'form-control', placeholder: s_('ClusterIntegration|Environment scope')
-      .form-text.text-muted= s_("ClusterIntegration|Choose which of your environments will use this cluster.")
+    = field.form_group :environment_scope, label: { text: s_('ClusterIntegration|Environment scope'),
+      class: 'label-bold' } do
+      = field.text_field :environment_scope, required: true,
+        title: 'Environment scope is required.', wrapper: false
+      .form-text.text-muted
+        = s_("ClusterIntegration|Choose which of your environments will use this cluster.")
 
   = field.fields_for :platform_kubernetes, @user_cluster.platform_kubernetes do |platform_kubernetes_field|
-    .form-group
-      = platform_kubernetes_field.label :api_url, s_('ClusterIntegration|API URL'), class: 'label-bold'
-      = platform_kubernetes_field.text_field :api_url, class: 'form-control', placeholder: s_('ClusterIntegration|API URL')
-
-    .form-group
-      = platform_kubernetes_field.label :ca_cert, s_('ClusterIntegration|CA Certificate'), class: 'label-bold'
-      = platform_kubernetes_field.text_area :ca_cert, class: 'form-control', placeholder: s_('ClusterIntegration|Certificate Authority bundle (PEM format)')
-
-    .form-group
-      = platform_kubernetes_field.label :token, s_('ClusterIntegration|Token'), class: 'label-bold'
-      = platform_kubernetes_field.text_field :token, class: 'form-control', placeholder: s_('ClusterIntegration|Service token'), autocomplete: 'off'
+    = platform_kubernetes_field.url_field :api_url, required: true,
+      title: s_('ClusterIntegration|API URL should be a valid http/https url.'),
+      label: s_('ClusterIntegration|API URL'), label_class: 'label-bold'
+    = platform_kubernetes_field.text_area :ca_cert,
+      placeholder: s_('ClusterIntegration|Certificate Authority bundle (PEM format)'),
+      label: s_('ClusterIntegration|CA Certificate'), label_class: 'label-bold'
+    = platform_kubernetes_field.text_field :token, required: true,
+      title: s_('ClusterIntegration|Service token is required.'), label: s_('ClusterIntegration|Service Token'),
+      autocomplete: 'off', label_class: 'label-bold'
 
     - if @user_cluster.allow_user_defined_namespace?
-      .form-group
-        = platform_kubernetes_field.label :namespace, s_('ClusterIntegration|Project namespace (optional, unique)'), class: 'label-bold'
-        = platform_kubernetes_field.text_field :namespace, class: 'form-control', placeholder: s_('ClusterIntegration|Project namespace')
+      = platform_kubernetes_field.text_field :namespace,
+        label: s_('ClusterIntegration|Project namespace (optional, unique)'), label_class: 'label-bold'
 
-    .form-group
-      .form-check
-        = platform_kubernetes_field.check_box :authorization_type, { class: 'form-check-input qa-rbac-checkbox' }, 'rbac', 'abac'
-        = platform_kubernetes_field.label :authorization_type, s_('ClusterIntegration|RBAC-enabled cluster'), class: 'form-check-label label-bold'
-        .form-text.text-muted
-          = s_('ClusterIntegration|Enable this setting if using role-based access control (RBAC).')
-          = s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
-          = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'role-based-access-control-rbac-core-only'), target: '_blank'
+    = platform_kubernetes_field.form_group :authorization_type do
+      = platform_kubernetes_field.check_box :authorization_type,
+        { class: 'qa-rbac-checkbox', label: s_('ClusterIntegration|RBAC-enabled cluster'),
+        label_class: 'label-bold', inline: true }, 'rbac', 'abac'
+      .form-text.text-muted
+        = s_('ClusterIntegration|Enable this setting if using role-based access control (RBAC).')
+        = s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
+        = link_to _('More information'), help_page_path('user/project/clusters/index.md',
+          anchor: 'role-based-access-control-rbac-core-only'), target: '_blank'
 
     .form-group
       = field.submit s_('ClusterIntegration|Add Kubernetes cluster'), class: 'btn btn-success'
diff --git a/app/views/clusters/platforms/kubernetes/_form.html.haml b/app/views/clusters/platforms/kubernetes/_form.html.haml
index b5ddca7ccb9..f9f8097cb38 100644
--- a/app/views/clusters/platforms/kubernetes/_form.html.haml
+++ b/app/views/clusters/platforms/kubernetes/_form.html.haml
@@ -1,58 +1,51 @@
-= form_for cluster, url: update_cluster_url_path, as: :cluster do |field|
-  = form_errors(cluster)
-
-  .form-group
-    - if cluster.read_only_kubernetes_platform_fields?
-      %label.append-bottom-10{ for: 'cluster-name' }
-        = s_('ClusterIntegration|Kubernetes cluster name')
-      .input-group
-        %input.form-control.cluster-name.js-select-on-focus{ value: cluster.name, readonly: true }
-        %span.input-group-append
-          = clipboard_button(text: cluster.name, title: s_('ClusterIntegration|Copy Kubernetes cluster name'), class: 'input-group-text btn-default')
-    - else
-      = field.label :name, s_('ClusterIntegration|Kubernetes cluster name'), class: 'label-bold'
-      .input-group
-        = field.text_field :name, class: 'form-control', placeholder: s_('ClusterIntegration|Kubernetes cluster name')
+= bootstrap_form_for cluster, url: update_cluster_url_path, html: { class: 'gl-show-field-errors' },
+  as: :cluster do |field|
+  - copy_name_btn = clipboard_button(text: cluster.name, title: s_('ClusterIntegration|Copy Kubernetes cluster name'),
+    class: 'input-group-text btn-default') unless !cluster.read_only_kubernetes_platform_fields?
+  = field.text_field :name, class: 'js-select-on-focus cluster-name', required: true,
+  title: s_('ClusterIntegration|Cluster name is required.'),
+  readonly: cluster.read_only_kubernetes_platform_fields?,
+  label: s_('ClusterIntegration|Kubernetes cluster name'), label_class: 'label-bold',
+  input_group_class: 'gl-field-error-anchor', append: copy_name_btn
 
   = field.fields_for :platform_kubernetes, platform do |platform_field|
-    .form-group
-      = platform_field.label :api_url, s_('ClusterIntegration|API URL')
-      .input-group
-        = platform_field.text_field :api_url, class: 'form-control js-select-on-focus', placeholder: s_('ClusterIntegration|API URL'), readonly: cluster.read_only_kubernetes_platform_fields?
-        - if cluster.read_only_kubernetes_platform_fields?
-          %span.input-group-append
-            = clipboard_button(text: platform.api_url, title: s_('ClusterIntegration|Copy API URL'), class: 'input-group-text btn-default')
+    - copy_api_url = clipboard_button(text: platform.api_url, title: s_('ClusterIntegration|Copy API URL'),
+    class: 'input-group-text btn-default') unless !cluster.read_only_kubernetes_platform_fields?
+    = platform_field.text_field :api_url, class: 'js-select-on-focus', required: true,
+    title: s_('ClusterIntegration|API URL should be a valid http/https url.'),
+    readonly: cluster.read_only_kubernetes_platform_fields?,
+    label: s_('ClusterIntegration|API URL'), label_class: 'label-bold',
+    input_group_class: 'gl-field-error-anchor', append: copy_api_url
+
+    - copy_ca_cert_btn = clipboard_button(text: platform.ca_cert, title: s_('ClusterIntegration|Copy CA Certificate'),
+      class: 'input-group-text btn-default') unless !cluster.read_only_kubernetes_platform_fields?
+    = platform_field.text_area :ca_cert, class: 'js-select-on-focus', rows: '5',
+    readonly: cluster.read_only_kubernetes_platform_fields?,
+    placeholder: s_('ClusterIntegration|Certificate Authority bundle (PEM format)'),
+    label: s_('ClusterIntegration|CA Certificate'), label_class: 'label-bold',
+    input_group_class: 'gl-field-error-anchor', append: copy_ca_cert_btn
 
-    .form-group
-      = platform_field.label :ca_cert, s_('ClusterIntegration|CA Certificate')
-      .input-group
-        = platform_field.text_area :ca_cert, class: 'form-control js-select-on-focus', placeholder: s_('ClusterIntegration|Certificate Authority bundle (PEM format)'), readonly: cluster.read_only_kubernetes_platform_fields?
-        - if cluster.read_only_kubernetes_platform_fields?
-          %span.input-group-append.clipboard-addon
-            = clipboard_button(text: platform.ca_cert, title: s_('ClusterIntegration|Copy CA Certificate'), class: 'input-group-text btn-blank')
+    - show_token_btn = (platform_field.button s_('ClusterIntegration|Show'),
+      type: 'button', class: 'js-show-cluster-token btn btn-default')
+    - copy_token_btn = clipboard_button(text: platform.token, title: s_('ClusterIntegration|Copy Service Token'),
+      class: 'input-group-text btn-default') unless !cluster.read_only_kubernetes_platform_fields?
 
-    .form-group
-      = platform_field.label :token, s_('ClusterIntegration|Token')
-      .input-group
-        = platform_field.text_field :token, class: 'form-control js-cluster-token js-select-on-focus', type: 'password', placeholder: s_('ClusterIntegration|Token'), readonly: cluster.read_only_kubernetes_platform_fields?
-        %span.input-group-append
-          %button.btn.btn-default.input-group-text.js-show-cluster-token{ type: 'button' }
-            = s_('ClusterIntegration|Show')
-          - if cluster.read_only_kubernetes_platform_fields?
-            = clipboard_button(text: platform.token, title: s_('ClusterIntegration|Copy Token'), class: 'btn-default')
+    = platform_field.text_field :token, type: 'password', class: 'js-select-on-focus js-cluster-token',
+    required: true, title: s_('ClusterIntegration|Service token is required.'),
+    readonly: cluster.read_only_kubernetes_platform_fields?,
+    label: s_('ClusterIntegration|Service Token'), label_class: 'label-bold',
+    input_group_class: 'gl-field-error-anchor', append: show_token_btn + copy_token_btn
 
     - if cluster.allow_user_defined_namespace?
-      .form-group
-        = platform_field.label :namespace, s_('ClusterIntegration|Project namespace (optional, unique)')
-        = platform_field.text_field :namespace, class: 'form-control', placeholder: s_('ClusterIntegration|Project namespace')
+      = platform_field.text_field :namespace, label: s_('ClusterIntegration|Project namespace (optional, unique)'),
+        label_class: 'label-bold'
 
-    .form-group
-      .form-check
-        = platform_field.check_box :authorization_type, { class: 'form-check-input', disabled: true }, 'rbac', 'abac'
-        = platform_field.label :authorization_type, s_('ClusterIntegration|RBAC-enabled cluster'), class: 'form-check-label label-bold'
-        .form-text.text-muted
-          = s_('ClusterIntegration|Enable this setting if using role-based access control (RBAC).')
-          = s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
+    = platform_field.form_group :authorization_type do
+      = platform_field.check_box :authorization_type, { disabled: true, label: s_('ClusterIntegration|RBAC-enabled cluster'),
+      label_class: 'label-bold', inline: true }, 'rbac', 'abac'
+      .form-text.text-muted
+        = s_('ClusterIntegration|Enable this setting if using role-based access control (RBAC).')
+        = s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
 
   .form-group
     = field.submit s_('ClusterIntegration|Save changes'), class: 'btn btn-success'
diff --git a/app/views/groups/new.html.haml b/app/views/groups/new.html.haml
index 51dcc9d0cda..6269678079a 100644
--- a/app/views/groups/new.html.haml
+++ b/app/views/groups/new.html.haml
@@ -27,7 +27,7 @@
         .form-group.group-description-holder.col-sm-12
           = f.label :avatar, _("Group avatar"), class: 'label-bold'
           %div
-            = render 'shared/choose_group_avatar_button', f: f
+            = render 'shared/choose_avatar_button', f: f
 
         .form-group.col-sm-12
           %label.label-bold
diff --git a/app/views/groups/settings/_general.html.haml b/app/views/groups/settings/_general.html.haml
index 9ed71d19d32..c382a1ed168 100644
--- a/app/views/groups/settings/_general.html.haml
+++ b/app/views/groups/settings/_general.html.haml
@@ -23,10 +23,10 @@
       .avatar-container.rect-avatar.s90
         = group_icon(@group, alt: '', class: 'avatar group-avatar s90')
       = f.label :avatar, _('Group avatar'), class: 'label-bold d-block'
-      = render 'shared/choose_group_avatar_button', f: f
+      = render 'shared/choose_avatar_button', f: f
       - if @group.avatar?
         %hr
-        = link_to _('Remove avatar'), group_avatar_path(@group.to_param), data: { confirm: _('Avatar will be removed. Are you sure?')}, method: :delete, class: 'btn btn-danger btn-inverted'
+        = link_to _('Remove avatar'), group_avatar_path(@group.to_param), data: { confirm: _('Avatar will be removed. Are you sure?')}, method: :delete, class: 'btn btn-link'
 
     = render 'shared/visibility_level', f: f, visibility_level: @group.visibility_level, can_change_visibility_level: can_change_group_visibility_level?(@group), form_model: @group
 
diff --git a/app/views/projects/blob/viewers/_route_map.html.haml b/app/views/projects/blob/viewers/_route_map.html.haml
index 6d6bd79bc3c..07b9378ba97 100644
--- a/app/views/projects/blob/viewers/_route_map.html.haml
+++ b/app/views/projects/blob/viewers/_route_map.html.haml
@@ -6,4 +6,4 @@
   This Route Map is invalid:
   = viewer.validation_message
 
-= link_to 'Learn more', help_page_path('ci/environments', anchor: 'go-directly-from-source-files-to-public-pages-on-the-environment')
+= link_to 'Learn more', help_page_path('ci/environments', anchor: 'going-from-source-files-to-public-pages')
diff --git a/app/views/projects/blob/viewers/_route_map_loading.html.haml b/app/views/projects/blob/viewers/_route_map_loading.html.haml
index a5f73fb0197..f11c047e85a 100644
--- a/app/views/projects/blob/viewers/_route_map_loading.html.haml
+++ b/app/views/projects/blob/viewers/_route_map_loading.html.haml
@@ -1,4 +1,4 @@
 = icon('spinner spin fw')
 Validating Route Map…
 
-= link_to 'Learn more', help_page_path('ci/environments', anchor: 'go-directly-from-source-files-to-public-pages-on-the-environment')
+= link_to 'Learn more', help_page_path('ci/environments', anchor: 'going-from-source-files-to-public-pages')
diff --git a/app/views/projects/buttons/_download.html.haml b/app/views/projects/buttons/_download.html.haml
index 4eb53faa6ff..acd63de2277 100644
--- a/app/views/projects/buttons/_download.html.haml
+++ b/app/views/projects/buttons/_download.html.haml
@@ -8,30 +8,20 @@
       %span.sr-only=  _('Select Archive Format')
       = sprite_icon("arrow-down")
     %ul.dropdown-menu.dropdown-menu-right{ role: 'menu' }
-      %li.dropdown-header
-        #{ _('Source code') }
-      %li
-        = link_to project_archive_path(project, id: tree_join(ref, archive_prefix), format: 'zip'), rel: 'nofollow', download: '' do
-          %span=  _('Download zip')
-      %li
-        = link_to project_archive_path(project, id: tree_join(ref, archive_prefix), format: 'tar.gz'), rel: 'nofollow', download: '' do
-          %span= _('Download tar.gz')
-      %li
-        = link_to project_archive_path(project, id: tree_join(ref, archive_prefix), format: 'tar.bz2'), rel: 'nofollow', download: '' do
-          %span= _('Download tar.bz2')
-      %li
-        = link_to project_archive_path(project, id: tree_join(ref, archive_prefix), format: 'tar'), rel: 'nofollow', download: '' do
-          %span= _('Download tar')
-
+      %li.dropdown-bold-header= _('Download source code')
+      %li.dropdown-menu-content
+        = render 'projects/buttons/download_links', project: project, ref: ref, archive_prefix: archive_prefix, path: nil
+      - if directory?
+        %li.separator
+        %li.dropdown-bold-header= _('Download this directory')
+        %li.dropdown-menu-content
+          = render 'projects/buttons/download_links', project: project, ref: ref, archive_prefix: archive_prefix, path: @path
       - if pipeline && pipeline.latest_builds_with_artifacts.any?
-        %li.dropdown-header Artifacts
+        %li.separator
+        %li.dropdown-bold-header= _('Download artifacts')
         - unless pipeline.latest?
-          - latest_pipeline = project.pipeline_for(ref)
-          %li
-            .unclickable= ci_status_for_statuseable(latest_pipeline)
-          %li.dropdown-header Previous Artifacts
+          %span.unclickable= ci_status_for_statuseable(project.pipeline_for(ref))
+        %li.dropdown-header= _('Previous Artifacts')
         - pipeline.latest_builds_with_artifacts.each do |job|
           %li
-            = link_to latest_succeeded_project_artifacts_path(project, "#{ref}/download", job: job.name), rel: 'nofollow', download: '' do
-              %span
-                #{s_('DownloadArtifacts|Download')} '#{job.name}'
+            = link_to job.name, latest_succeeded_project_artifacts_path(project, "#{ref}/download", job: job.name), rel: 'nofollow', download: ''
diff --git a/app/views/projects/buttons/_download_links.html.haml b/app/views/projects/buttons/_download_links.html.haml
new file mode 100644
index 00000000000..47a1704f946
--- /dev/null
+++ b/app/views/projects/buttons/_download_links.html.haml
@@ -0,0 +1,9 @@
+%ul
+  %li.d-inline-block.m-0.p-0
+    = link_to 'zip', project_archive_path(project, id: tree_join(ref, archive_prefix), path: path, format: 'zip'), rel: 'nofollow', download: '', class: 'btn btn-primary btn-xs'
+  %li.d-inline-block.m-0.p-0
+    = link_to 'tar.gz', project_archive_path(project, id: tree_join(ref, archive_prefix), path: path, format: 'tar.gz'), rel: 'nofollow', download: '', class: 'btn btn-xs'
+  %li.d-inline-block.m-0.p-0
+    = link_to 'tar.bz2', project_archive_path(project, id: tree_join(ref, archive_prefix), path: path, format: 'tar.bz2'), rel: 'nofollow', download: '', class: 'btn btn-xs'
+  %li.d-inline-block.m-0.p-0
+    = link_to 'tar', project_archive_path(project, id: tree_join(ref, archive_prefix), path: path, format: 'tar'), rel: 'nofollow', download: '', class: 'btn btn-xs'
diff --git a/app/views/projects/diffs/_replaced_image_diff.html.haml b/app/views/projects/diffs/_replaced_image_diff.html.haml
index 6dffc7c4390..566dfe798c6 100644
--- a/app/views/projects/diffs/_replaced_image_diff.html.haml
+++ b/app/views/projects/diffs/_replaced_image_diff.html.haml
@@ -35,10 +35,10 @@
 
   .swipe.view.hide
     .swipe-frame
-      .frame.deleted
+      .frame.deleted.old-diff
         = image_tag(old_blob_raw_url, alt: diff_file.old_path, lazy: false)
-      .swipe-wrap
-        = render partial: "projects/diffs/image_diff_frame", locals: { class_name: "added js-image-frame #{class_name}", position: position, note_type: DiffNote.name, image_path: blob_raw_url, alt: diff_file.new_path }
+      .swipe-wrap.left-oriented
+        = render partial: "projects/diffs/image_diff_frame", locals: { class_name: "added old-diff js-image-frame #{class_name}", position: position, note_type: DiffNote.name, image_path: blob_raw_url, alt: diff_file.new_path }
       %span.swipe-bar
         %span.top-handle
         %span.bottom-handle
diff --git a/app/views/projects/diffs/_single_image_diff.html.haml b/app/views/projects/diffs/_single_image_diff.html.haml
index 454f814795a..daac543b939 100644
--- a/app/views/projects/diffs/_single_image_diff.html.haml
+++ b/app/views/projects/diffs/_single_image_diff.html.haml
@@ -10,5 +10,5 @@
 .image.js-single-image{ data: diff_view_data }
   .wrap
     - single_class_name = diff_file.deleted_file? ? 'deleted' : 'added'
-    = render partial: "projects/diffs/image_diff_frame", locals: { class_name: "#{single_class_name} #{class_name} js-image-frame", position: position, note_type: DiffNote.name, image_path: blob_raw_url, alt: diff_file.file_path }
+    = render partial: "projects/diffs/image_diff_frame", locals: { class_name: "#{single_class_name} #{class_name} old-diff js-image-frame", position: position, note_type: DiffNote.name, image_path: blob_raw_url, alt: diff_file.file_path }
   %p.image-info= number_to_human_size(blob.size)
diff --git a/app/views/projects/edit.html.haml b/app/views/projects/edit.html.haml
index a6a8ca489a9..98017bea0c9 100644
--- a/app/views/projects/edit.html.haml
+++ b/app/views/projects/edit.html.haml
@@ -40,23 +40,16 @@
           = f.label :tag_list, "Topics", class: 'label-bold'
           = f.text_field :tag_list, value: @project.tag_list.join(', '), maxlength: 2000, class: "form-control"
           %p.form-text.text-muted Separate topics with commas.
-        %fieldset.features
-          %h5.prepend-top-0= _("Project avatar")
-          .form-group
-            - if @project.avatar?
-              .avatar-container.rect-avatar.s160.append-bottom-15
-                = project_icon(@project, alt: '', class: 'avatar project-avatar s160', width: 160, height: 160)
-            - if @project.avatar_in_git
-              %p.light
-                = _("Project avatar in repository: %{link}").html_safe % { link: @project.avatar_in_git }
-            .prepend-top-5.append-bottom-10
-              %button.btn.js-choose-project-avatar-button{ type: 'button' }= _("Choose file...")
-              %span.file_name.prepend-left-default.js-filename= _("No file chosen")
-              = f.file_field :avatar, class: "js-project-avatar-input hidden"
-            .form-text.text-muted= _("The maximum file size allowed is 200KB.")
-            - if @project.avatar?
-              %hr
-              = link_to _('Remove avatar'), project_avatar_path(@project), data: { confirm: _("Avatar will be removed. Are you sure?") }, method: :delete, class: "btn btn-danger btn-inverted"
+
+        .form-group.prepend-top-default.append-bottom-20
+          .avatar-container.s90
+            = project_icon(@project, alt: _('Project avatar'), class: 'avatar project-avatar s90')
+          = f.label :avatar, _('Project avatar'), class: 'label-bold d-block'
+          = render 'shared/choose_avatar_button', f: f
+          - if @project.avatar?
+            %hr
+            = link_to _('Remove avatar'), project_avatar_path(@project), data: { confirm: _('Avatar will be removed. Are you sure?')}, method: :delete, class: 'btn btn-link'
+
         = f.submit 'Save changes', class: "btn btn-success js-btn-success-general-project-settings"
 
   %section.settings.sharing-permissions.no-animate#js-shared-permissions{ class: ('expanded' if expanded) }
diff --git a/app/views/projects/jobs/show.html.haml b/app/views/projects/jobs/show.html.haml
index 475bae887ec..81a53f22f67 100644
--- a/app/views/projects/jobs/show.html.haml
+++ b/app/views/projects/jobs/show.html.haml
@@ -8,6 +8,7 @@
 
 %div{ class: container_class }
   #js-job-vue-app{ data: { endpoint: project_job_path(@project, @build, format: :json),
+    deployment_help_url: help_page_path('user/project/clusters/index.html', anchor: 'troubleshooting-failed-deployment-jobs'),
     runner_help_url: help_page_path('ci/runners/README.html', anchor: 'setting-maximum-job-timeout-for-a-runner'),
     runner_settings_url: project_runners_path(@build.project, anchor: 'js-runners-settings'),
     build_options: javascript_build_options } }
diff --git a/app/views/projects/settings/ci_cd/_autodevops_form.html.haml b/app/views/projects/settings/ci_cd/_autodevops_form.html.haml
index fac68a36e79..fe74dc122c3 100644
--- a/app/views/projects/settings/ci_cd/_autodevops_form.html.haml
+++ b/app/views/projects/settings/ci_cd/_autodevops_form.html.haml
@@ -17,10 +17,11 @@
                     = s_('CICD|The Auto DevOps pipeline will run if no alternative CI configuration file is found.')
                     = link_to _('More information'), help_page_path('topics/autodevops/index.md'), target: '_blank'
               .card-footer.js-extra-settings{ class: auto_devops_enabled || 'hidden' }
-                %p.settings-message.text-center
-                  - kubernetes_cluster_link = help_page_path('user/project/clusters/index')
-                  - kubernetes_cluster_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: kubernetes_cluster_link }
-                  = s_('CICD|You must add a %{kubernetes_cluster_start}Kubernetes cluster integration%{kubernetes_cluster_end} to this project with a domain in order for your deployment strategy to work correctly.').html_safe % { kubernetes_cluster_start: kubernetes_cluster_start, kubernetes_cluster_end: '</a>'.html_safe }
+                - if @project.all_clusters.empty?
+                  %p.settings-message.text-center
+                    - kubernetes_cluster_link = help_page_path('user/project/clusters/index')
+                    - kubernetes_cluster_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: kubernetes_cluster_link }
+                    = s_('CICD|You must add a %{kubernetes_cluster_start}Kubernetes cluster integration%{kubernetes_cluster_end} to this project with a domain in order for your deployment strategy to work correctly.').html_safe % { kubernetes_cluster_start: kubernetes_cluster_start, kubernetes_cluster_end: '</a>'.html_safe }
                 %label.prepend-top-10
                   %strong= s_('CICD|Deployment strategy')
                 .form-check
diff --git a/app/views/projects/wikis/pages.html.haml b/app/views/projects/wikis/pages.html.haml
index 94267b6e0cf..77fdf7f001c 100644
--- a/app/views/projects/wikis/pages.html.haml
+++ b/app/views/projects/wikis/pages.html.haml
@@ -2,6 +2,7 @@
 - add_to_breadcrumbs "Wiki", project_wiki_path(@project, :home)
 - breadcrumb_title s_("Wiki|Pages")
 - page_title s_("Wiki|Pages"), _("Wiki")
+- sort_title = wiki_sort_title(params[:sort])
 
 %div{ class: container_class }
   .wiki-page-header
@@ -15,6 +16,18 @@
         = icon('cloud-download')
         = _("Clone repository")
 
+      .dropdown.inline.wiki-sort-dropdown
+        .btn-group{ role: 'group' }
+          .btn-group{ role: 'group' }
+            %button.dropdown-toggle{ type: 'button', data: { toggle: 'dropdown', display: 'static' }, class: 'btn btn-default' }
+              = sort_title
+              = icon('chevron-down')
+            %ul.dropdown-menu.dropdown-menu-right.dropdown-menu-selectable.dropdown-menu-sort
+              %li
+                = sortable_item(s_("Wiki|Title"), project_wikis_pages_path(@project, sort: ProjectWiki::TITLE_ORDER), sort_title)
+                = sortable_item(s_("Wiki|Created date"), project_wikis_pages_path(@project, sort: ProjectWiki::CREATED_AT_ORDER), sort_title)
+          = wiki_sort_controls(@project, params[:sort], params[:direction])
+
   %ul.wiki-pages-list.content-list
     = render @wiki_entries, context: 'pages'
 
diff --git a/app/views/shared/_choose_avatar_button.html.haml b/app/views/shared/_choose_avatar_button.html.haml
new file mode 100644
index 00000000000..0d46d047134
--- /dev/null
+++ b/app/views/shared/_choose_avatar_button.html.haml
@@ -0,0 +1,4 @@
+%button.btn.js-choose-avatar-button{ type: 'button' }= _("Choose file…")
+%span.file_name.js-avatar-filename= _("No file chosen")
+= f.file_field :avatar, class: "js-avatar-input hidden"
+.form-text.text-muted= _("The maximum file size allowed is 200KB.")
diff --git a/app/views/shared/_choose_group_avatar_button.html.haml b/app/views/shared/_choose_group_avatar_button.html.haml
deleted file mode 100644
index 0552fe62090..00000000000
--- a/app/views/shared/_choose_group_avatar_button.html.haml
+++ /dev/null
@@ -1,4 +0,0 @@
-%button.btn.js-choose-group-avatar-button{ type: 'button' }= _("Choose File ...")
-%span.file_name.js-avatar-filename= _("No file chosen")
-= f.file_field :avatar, class: "js-group-avatar-input hidden"
-.form-text.text-muted= _("The maximum file size allowed is 200KB.")
diff --git a/app/views/shared/form_elements/_description.html.haml b/app/views/shared/form_elements/_description.html.haml
index 25df2fe5cd6..b11cb8a3076 100644
--- a/app/views/shared/form_elements/_description.html.haml
+++ b/app/views/shared/form_elements/_description.html.haml
@@ -5,7 +5,7 @@
 - supports_quick_actions = model.new_record?
 
 - if supports_quick_actions
-  - preview_url = preview_markdown_path(project, quick_actions_target_type: model.class.name)
+  - preview_url = preview_markdown_path(project, target_type: model.class.name)
 - else
   - preview_url = preview_markdown_path(project)
 
diff --git a/app/views/shared/notes/_form.html.haml b/app/views/shared/notes/_form.html.haml
index 6a1eea85fde..d91bc6e57c9 100644
--- a/app/views/shared/notes/_form.html.haml
+++ b/app/views/shared/notes/_form.html.haml
@@ -1,7 +1,7 @@
 - supports_autocomplete = local_assigns.fetch(:supports_autocomplete, true)
 - supports_quick_actions = note_supports_quick_actions?(@note)
 - if supports_quick_actions
-  - preview_url = preview_markdown_path(@project, quick_actions_target_type: @note.noteable_type, quick_actions_target_id: @note.noteable_id)
+  - preview_url = preview_markdown_path(@project, target_type: @note.noteable_type, target_id: @note.noteable_id)
 - else
   - preview_url = preview_markdown_path(@project)
 
diff --git a/app/workers/reactive_caching_worker.rb b/app/workers/reactive_caching_worker.rb
index 9ec8bcca4f3..b30864db802 100644
--- a/app/workers/reactive_caching_worker.rb
+++ b/app/workers/reactive_caching_worker.rb
@@ -3,7 +3,6 @@
 class ReactiveCachingWorker
   include ApplicationWorker
 
-  # rubocop: disable CodeReuse/ActiveRecord
   def perform(class_name, id, *args)
     klass = begin
       class_name.constantize
@@ -12,7 +11,9 @@ class ReactiveCachingWorker
     end
     return unless klass
 
-    klass.find_by(klass.primary_key => id).try(:exclusively_update_reactive_cache!, *args)
+    klass
+      .reactive_cache_worker_finder
+      .call(id, *args)
+      .try(:exclusively_update_reactive_cache!, *args)
   end
-  # rubocop: enable CodeReuse/ActiveRecord
 end
diff --git a/changelogs/unreleased/24704-download-repository-path.yml b/changelogs/unreleased/24704-download-repository-path.yml
new file mode 100644
index 00000000000..ff3082bec45
--- /dev/null
+++ b/changelogs/unreleased/24704-download-repository-path.yml
@@ -0,0 +1,5 @@
+---
+title: Download a folder from repository
+merge_request: 26532
+author: kiameisomabes
+type: added
diff --git a/changelogs/unreleased/38564-cant-leave-subgroup.yml b/changelogs/unreleased/38564-cant-leave-subgroup.yml
new file mode 100644
index 00000000000..a6397062343
--- /dev/null
+++ b/changelogs/unreleased/38564-cant-leave-subgroup.yml
@@ -0,0 +1,5 @@
+---
+title: Allow removing last owner from subgroup if parent group has owners
+merge_request: 26718
+author:
+type: changed
diff --git a/changelogs/unreleased/48090-filter-sensitive-metric-labels.yml b/changelogs/unreleased/48090-filter-sensitive-metric-labels.yml
new file mode 100644
index 00000000000..e588fa79619
--- /dev/null
+++ b/changelogs/unreleased/48090-filter-sensitive-metric-labels.yml
@@ -0,0 +1,5 @@
+---
+title: Remove `path` and `branch` labels from metrics
+merge_request: 26744
+author:
+type: fixed
diff --git a/changelogs/unreleased/54417-graphql-type-authorization.yml b/changelogs/unreleased/54417-graphql-type-authorization.yml
new file mode 100644
index 00000000000..528b58a858a
--- /dev/null
+++ b/changelogs/unreleased/54417-graphql-type-authorization.yml
@@ -0,0 +1,5 @@
+---
+title: GraphQL Types can be made to always authorize access to resources of that Type
+merge_request: 25724
+author:
+type: added
diff --git a/changelogs/unreleased/54506-show-error-when-namespace-svc-missing.yml b/changelogs/unreleased/54506-show-error-when-namespace-svc-missing.yml
new file mode 100644
index 00000000000..3e3784d5413
--- /dev/null
+++ b/changelogs/unreleased/54506-show-error-when-namespace-svc-missing.yml
@@ -0,0 +1,5 @@
+---
+title: Show error when namespace/svc account missing
+merge_request: 26362
+author:
+type: added
diff --git a/changelogs/unreleased/55964-fix-email-encoding.yml b/changelogs/unreleased/55964-fix-email-encoding.yml
new file mode 100644
index 00000000000..2195a853702
--- /dev/null
+++ b/changelogs/unreleased/55964-fix-email-encoding.yml
@@ -0,0 +1,5 @@
+---
+title: Fix notfication emails having wrong encoding
+merge_request: 26931
+author:
+type: fixed
diff --git a/changelogs/unreleased/56762-fix-commit-swipe-view-26968.yml b/changelogs/unreleased/56762-fix-commit-swipe-view-26968.yml
new file mode 100644
index 00000000000..18bd51711d9
--- /dev/null
+++ b/changelogs/unreleased/56762-fix-commit-swipe-view-26968.yml
@@ -0,0 +1,5 @@
+---
+title: "Fix image diff swipe view on commit and compare pages"
+merge_request: 26968
+author: ftab
+type: fixed
\ No newline at end of file
diff --git a/changelogs/unreleased/57319-hide-kubernetes-cluster-warning-if-project-has-cluster-related.yml b/changelogs/unreleased/57319-hide-kubernetes-cluster-warning-if-project-has-cluster-related.yml
new file mode 100644
index 00000000000..a6953a68a76
--- /dev/null
+++ b/changelogs/unreleased/57319-hide-kubernetes-cluster-warning-if-project-has-cluster-related.yml
@@ -0,0 +1,5 @@
+---
+title: Resolve "Hide Kubernetes cluster warning if project has cluster related"
+merge_request: 26749
+author:
+type: fixed
diff --git a/changelogs/unreleased/57602-create-cluster-validations.yml b/changelogs/unreleased/57602-create-cluster-validations.yml
new file mode 100644
index 00000000000..35349c1e9f4
--- /dev/null
+++ b/changelogs/unreleased/57602-create-cluster-validations.yml
@@ -0,0 +1,5 @@
+---
+title: Display cluster form validation error messages inline
+merge_request: 26502
+author:
+type: changed
diff --git a/changelogs/unreleased/58375-api-controller.yml b/changelogs/unreleased/58375-api-controller.yml
new file mode 100644
index 00000000000..60f21b37ae7
--- /dev/null
+++ b/changelogs/unreleased/58375-api-controller.yml
@@ -0,0 +1,5 @@
+---
+title: Add a Prometheus API per environment
+merge_request: 26841
+author:
+type: added
diff --git a/changelogs/unreleased/58375-reactive-caching-changes.yml b/changelogs/unreleased/58375-reactive-caching-changes.yml
new file mode 100644
index 00000000000..cf73736b8ef
--- /dev/null
+++ b/changelogs/unreleased/58375-reactive-caching-changes.yml
@@ -0,0 +1,5 @@
+---
+title: Allow reactive caching to be used in services 
+merge_request: 26839
+author:
+type: added
diff --git a/changelogs/unreleased/58405-basic-limiting-complexity-of-graphql-queries.yml b/changelogs/unreleased/58405-basic-limiting-complexity-of-graphql-queries.yml
new file mode 100644
index 00000000000..058a120b500
--- /dev/null
+++ b/changelogs/unreleased/58405-basic-limiting-complexity-of-graphql-queries.yml
@@ -0,0 +1,5 @@
+---
+title: Add initial complexity limits to GraphQL queries
+merge_request: 26629
+author:
+type: performance
diff --git a/changelogs/unreleased/58717-checkbox-cannot-be-checked-if-a-blockquote-is-above.yml b/changelogs/unreleased/58717-checkbox-cannot-be-checked-if-a-blockquote-is-above.yml
new file mode 100644
index 00000000000..9f5881966c7
--- /dev/null
+++ b/changelogs/unreleased/58717-checkbox-cannot-be-checked-if-a-blockquote-is-above.yml
@@ -0,0 +1,5 @@
+---
+title: Allow task lists that follow a blockquote to work correctly
+merge_request: 26937
+author:
+type: fixed
diff --git a/changelogs/unreleased/58839-automatically-set-prometheus-step-interval.yml b/changelogs/unreleased/58839-automatically-set-prometheus-step-interval.yml
new file mode 100644
index 00000000000..2c6edf45ae2
--- /dev/null
+++ b/changelogs/unreleased/58839-automatically-set-prometheus-step-interval.yml
@@ -0,0 +1,5 @@
+---
+title: Automatically set Prometheus step interval
+merge_request: 26441
+author:
+type: changed
diff --git a/changelogs/unreleased/59324-queries-which-return-multiple-series-are-not-working-correctly.yml b/changelogs/unreleased/59324-queries-which-return-multiple-series-are-not-working-correctly.yml
new file mode 100644
index 00000000000..9ab8d2b8596
--- /dev/null
+++ b/changelogs/unreleased/59324-queries-which-return-multiple-series-are-not-working-correctly.yml
@@ -0,0 +1,5 @@
+---
+title: Fix multiple series queries on metrics dashboard
+merge_request: 26514
+author:
+type: fixed
diff --git a/changelogs/unreleased/add_backtrace_to_kubernetes_log.yml b/changelogs/unreleased/add_backtrace_to_kubernetes_log.yml
new file mode 100644
index 00000000000..26b8ac4b1ef
--- /dev/null
+++ b/changelogs/unreleased/add_backtrace_to_kubernetes_log.yml
@@ -0,0 +1,5 @@
+---
+title: Show error backtrace when logging errors to kubernetes.log
+merge_request: 25726
+author:
+type: other
diff --git a/changelogs/unreleased/allow-to-use-untrusted-ruby-syntax.yml b/changelogs/unreleased/allow-to-use-untrusted-ruby-syntax.yml
new file mode 100644
index 00000000000..731c9c10b00
--- /dev/null
+++ b/changelogs/unreleased/allow-to-use-untrusted-ruby-syntax.yml
@@ -0,0 +1,5 @@
+---
+title: Allow to use untrusted Regexp via feature flag
+merge_request: 26905
+author:
+type: deprecated
diff --git a/changelogs/unreleased/bump_kubernetes_1_11_9.yml b/changelogs/unreleased/bump_kubernetes_1_11_9.yml
new file mode 100644
index 00000000000..4bc7ff6d8e9
--- /dev/null
+++ b/changelogs/unreleased/bump_kubernetes_1_11_9.yml
@@ -0,0 +1,5 @@
+---
+title: Bump Helm and kubectl used in Kubernetes integration to 2.13.1 and 1.11.9 respectively
+merge_request: 26991
+author:
+type: other
diff --git a/changelogs/unreleased/ce-proj-settings-ok-avatar-only.yml b/changelogs/unreleased/ce-proj-settings-ok-avatar-only.yml
new file mode 100644
index 00000000000..10475824a75
--- /dev/null
+++ b/changelogs/unreleased/ce-proj-settings-ok-avatar-only.yml
@@ -0,0 +1,5 @@
+---
+title: Change project avatar remove button to a link
+merge_request: 26589
+author:
+type: other
diff --git a/changelogs/unreleased/drop-usage-of-leagcy-artifacts.yml b/changelogs/unreleased/drop-usage-of-leagcy-artifacts.yml
new file mode 100644
index 00000000000..d99187d8d41
--- /dev/null
+++ b/changelogs/unreleased/drop-usage-of-leagcy-artifacts.yml
@@ -0,0 +1,5 @@
+---
+title: Drop legacy artifacts usage as there are no leftovers
+merge_request: 24294
+author:
+type: performance
diff --git a/changelogs/unreleased/extend-cte-optimisations-to-projects.yml b/changelogs/unreleased/extend-cte-optimisations-to-projects.yml
new file mode 100644
index 00000000000..e5407127b2f
--- /dev/null
+++ b/changelogs/unreleased/extend-cte-optimisations-to-projects.yml
@@ -0,0 +1,5 @@
+---
+title: Speed up filtering issues in a project when searching
+merge_request:
+author:
+type: performance
diff --git a/changelogs/unreleased/fix-UI-links-to-route-map-info.yml b/changelogs/unreleased/fix-UI-links-to-route-map-info.yml
new file mode 100644
index 00000000000..bb506507080
--- /dev/null
+++ b/changelogs/unreleased/fix-UI-links-to-route-map-info.yml
@@ -0,0 +1,5 @@
+---
+title: Fix UI anchor links after docs refactor
+merge_request: 26890
+author:
+type: fixed
diff --git a/changelogs/unreleased/fix-include-ci-yaml.yml b/changelogs/unreleased/fix-include-ci-yaml.yml
new file mode 100644
index 00000000000..042413b89aa
--- /dev/null
+++ b/changelogs/unreleased/fix-include-ci-yaml.yml
@@ -0,0 +1,5 @@
+---
+title: Fix single string values for the 'include' keyword validation of gitlab-ci.yml.
+merge_request: 26998
+author: Paul Bonaud (@paulrbr)
+type: fixed
diff --git a/changelogs/unreleased/fix-merge-request-relations-with-pipeline-on-mwps.yml b/changelogs/unreleased/fix-merge-request-relations-with-pipeline-on-mwps.yml
new file mode 100644
index 00000000000..9ccc79109d8
--- /dev/null
+++ b/changelogs/unreleased/fix-merge-request-relations-with-pipeline-on-mwps.yml
@@ -0,0 +1,5 @@
+---
+title: Fix MWPS does not work for merge request pipelines
+merge_request: 26906
+author:
+type: fixed
diff --git a/changelogs/unreleased/fix-missing-border.yml b/changelogs/unreleased/fix-missing-border.yml
deleted file mode 100644
index 21728223cb8..00000000000
--- a/changelogs/unreleased/fix-missing-border.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fixes missing border color in discussion card component
-merge_request: 26242
-author: Farhad Yasir
-type: fixed
diff --git a/changelogs/unreleased/gitaly-version-v1.32.0.yml b/changelogs/unreleased/gitaly-version-v1.32.0.yml
new file mode 100644
index 00000000000..8413f31278e
--- /dev/null
+++ b/changelogs/unreleased/gitaly-version-v1.32.0.yml
@@ -0,0 +1,5 @@
+---
+title: Upgrade to Gitaly v1.32.0
+merge_request: 26989
+author:
+type: changed
diff --git a/changelogs/unreleased/graphql-prometheus.yml b/changelogs/unreleased/graphql-prometheus.yml
new file mode 100644
index 00000000000..180577f3aec
--- /dev/null
+++ b/changelogs/unreleased/graphql-prometheus.yml
@@ -0,0 +1,5 @@
+---
+title: Added prometheus monitoring to GraphQL
+merge_request:
+author:
+type: added
diff --git a/changelogs/unreleased/id-51433-sort-wiki-by-date.yml b/changelogs/unreleased/id-51433-sort-wiki-by-date.yml
new file mode 100644
index 00000000000..86fcf195fa7
--- /dev/null
+++ b/changelogs/unreleased/id-51433-sort-wiki-by-date.yml
@@ -0,0 +1,5 @@
+---
+title: Allow to sort wiki pages by date and title
+merge_request: 25365
+author:
+type: added
diff --git a/changelogs/unreleased/ide-fix-detect-mr-from-fork.yml b/changelogs/unreleased/ide-fix-detect-mr-from-fork.yml
new file mode 100644
index 00000000000..8f4f49896d7
--- /dev/null
+++ b/changelogs/unreleased/ide-fix-detect-mr-from-fork.yml
@@ -0,0 +1,5 @@
+---
+title: Fix IDE detection of MR from fork with same branch name
+merge_request: 26986
+author:
+type: fixed
diff --git a/changelogs/unreleased/osw-support-multi-line-suggestions.yml b/changelogs/unreleased/osw-support-multi-line-suggestions.yml
new file mode 100644
index 00000000000..8c8206c3822
--- /dev/null
+++ b/changelogs/unreleased/osw-support-multi-line-suggestions.yml
@@ -0,0 +1,5 @@
+---
+title: Support multi-line suggestions
+merge_request: 25211
+author:
+type: added
diff --git a/changelogs/unreleased/require-all-templates-to-include-default-stages.yml b/changelogs/unreleased/require-all-templates-to-include-default-stages.yml
new file mode 100644
index 00000000000..de8b07160ba
--- /dev/null
+++ b/changelogs/unreleased/require-all-templates-to-include-default-stages.yml
@@ -0,0 +1,5 @@
+---
+title: Require all templates to use default stages
+merge_request: 26954
+author:
+type: fixed
diff --git a/changelogs/unreleased/sh-fix-ref-name-caching.yml b/changelogs/unreleased/sh-fix-ref-name-caching.yml
new file mode 100644
index 00000000000..6abd86688b4
--- /dev/null
+++ b/changelogs/unreleased/sh-fix-ref-name-caching.yml
@@ -0,0 +1,5 @@
+---
+title: Fix and expand Gitaly FindCommit caching
+merge_request: 27018
+author:
+type: performance
diff --git a/changelogs/unreleased/sh-update-rails-5-0-7-2.yml b/changelogs/unreleased/sh-update-rails-5-0-7-2.yml
new file mode 100644
index 00000000000..b0bc08d4760
--- /dev/null
+++ b/changelogs/unreleased/sh-update-rails-5-0-7-2.yml
@@ -0,0 +1,5 @@
+---
+title: Update Rails to 5.0.7.2
+merge_request: 27022
+author:
+type: security
diff --git a/changelogs/unreleased/stop-signing-avatar-paths.yml b/changelogs/unreleased/stop-signing-avatar-paths.yml
new file mode 100644
index 00000000000..2c2493f0f21
--- /dev/null
+++ b/changelogs/unreleased/stop-signing-avatar-paths.yml
@@ -0,0 +1,5 @@
+---
+title: Speed up generation of avatar URLs when using object storage
+merge_request:
+author:
+type: performance
diff --git a/changelogs/unreleased/update-gitlab-shell.yml b/changelogs/unreleased/update-gitlab-shell.yml
new file mode 100644
index 00000000000..446a5fe1ea9
--- /dev/null
+++ b/changelogs/unreleased/update-gitlab-shell.yml
@@ -0,0 +1,5 @@
+---
+title: Update GitLab Shell to v9.0.0
+merge_request: 27002
+author:
+type: other
diff --git a/changelogs/unreleased/xanf-gitlab-ce-transfer-disables-js.yml b/changelogs/unreleased/xanf-gitlab-ce-transfer-disables-js.yml
new file mode 100644
index 00000000000..57c9a1aaa48
--- /dev/null
+++ b/changelogs/unreleased/xanf-gitlab-ce-transfer-disables-js.yml
@@ -0,0 +1,5 @@
+---
+title: Group transfer now properly redirects to edit on failure
+merge_request: 26837
+author:
+type: fixed
diff --git a/config.ru b/config.ru
index 5cd79870d54..6f6fb85d8fa 100644
--- a/config.ru
+++ b/config.ru
@@ -13,10 +13,6 @@ if defined?(Unicorn)
     # Max memory size (RSS) per worker
     use Unicorn::WorkerKiller::Oom, min, max
   end
-
-  # Monkey patch for fixing Rack 2.0.6 bug:
-  # https://gitlab.com/gitlab-org/gitlab-ee/issues/8539
-  Unicorn::StreamInput.send(:public, :eof?) # rubocop:disable GitlabSecurity/PublicSend
 end
 
 require ::File.expand_path('../config/environment', __FILE__)
diff --git a/config/initializers/graphql.rb b/config/initializers/graphql.rb
index e653556231d..f1bc289f1f0 100644
--- a/config/initializers/graphql.rb
+++ b/config/initializers/graphql.rb
@@ -1,4 +1,7 @@
 # frozen_string_literal: true
 
+GraphQL::ObjectType.accepts_definitions(authorize: GraphQL::Define.assign_metadata_key(:authorize))
 GraphQL::Field.accepts_definitions(authorize: GraphQL::Define.assign_metadata_key(:authorize))
+
+GraphQL::Schema::Object.accepts_definition(:authorize)
 GraphQL::Schema::Field.accepts_definition(:authorize)
diff --git a/config/initializers/premailer.rb b/config/initializers/premailer.rb
index cb00d3cfe95..87f8e67ef1c 100644
--- a/config/initializers/premailer.rb
+++ b/config/initializers/premailer.rb
@@ -4,5 +4,6 @@ Premailer::Rails.config.merge!(
   preserve_styles: true,
   remove_comments: true,
   remove_ids: false,
-  remove_scripts: false
+  remove_scripts: false,
+  output_encoding: 'US-ASCII'
 )
diff --git a/config/routes/project.rb b/config/routes/project.rb
index d60a5cc9ae8..1cb8f331f6f 100644
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -219,6 +219,8 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
           get :metrics
           get :additional_metrics
           get '/terminal.ws/authorize', to: 'environments#terminal_websocket_authorize', constraints: { format: nil }
+
+          get '/prometheus/api/v1/*proxy_path', to: 'environments/prometheus_api#proxy'
         end
 
         collection do
diff --git a/db/fixtures/development/02_application_settings.rb b/db/fixtures/development/02_application_settings.rb
new file mode 100644
index 00000000000..d604f0be3cd
--- /dev/null
+++ b/db/fixtures/development/02_application_settings.rb
@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+puts "Creating the default ApplicationSetting record.".color(:green)
+Gitlab::CurrentSettings.current_application_settings
+
+# Details https://gitlab.com/gitlab-org/gitlab-ce/issues/46241
+puts "Enable hashed storage for every new projects.".color(:green)
+ApplicationSetting.current_without_cache.update!(hashed_storage_enabled: true)
+
+print '.'
diff --git a/db/fixtures/development/02_settings.rb b/db/fixtures/development/02_settings.rb
deleted file mode 100644
index 3a4a5d436bf..00000000000
--- a/db/fixtures/development/02_settings.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-# Enable hashed storage, in development mode, for all projects by default.
-Gitlab::Seeder.quiet do
-  ApplicationSetting.create_from_defaults unless ApplicationSetting.current_without_cache
-  ApplicationSetting.current_without_cache.update!(hashed_storage_enabled: true)
-  print '.'
-end
diff --git a/db/fixtures/development/08_settings.rb b/db/fixtures/development/08_settings.rb
deleted file mode 100644
index 141465c06cf..00000000000
--- a/db/fixtures/development/08_settings.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-# We want to enable hashed storage for every new project in development
-# Details https://gitlab.com/gitlab-org/gitlab-ce/issues/46241
-Gitlab::Seeder.quiet do
-  ApplicationSetting.create_from_defaults unless ApplicationSetting.current_without_cache
-  ApplicationSetting.current_without_cache.update!(hashed_storage_enabled: true)
-  print '.'
-end
diff --git a/db/fixtures/production/001_application_settings.rb b/db/fixtures/production/001_application_settings.rb
index ab15717e9a9..cf647650142 100644
--- a/db/fixtures/production/001_application_settings.rb
+++ b/db/fixtures/production/001_application_settings.rb
@@ -1,2 +1,4 @@
+# frozen_string_literal: true
+
 puts "Creating the default ApplicationSetting record.".color(:green)
 Gitlab::CurrentSettings.current_application_settings
diff --git a/db/post_migrate/20190325111602_rename_v2_root_namespaces.rb b/db/post_migrate/20190325111602_rename_v2_root_namespaces.rb
new file mode 100644
index 00000000000..8571bb82fa0
--- /dev/null
+++ b/db/post_migrate/20190325111602_rename_v2_root_namespaces.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class RenameV2RootNamespaces < ActiveRecord::Migration[5.0]
+  include Gitlab::Database::MigrationHelpers
+  include Gitlab::Database::RenameReservedPathsMigration::V1
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  # We're taking over the /v2 namespace as it necessary for Docker client to
+  # work with GitLab as Dependency proxy for containers.
+  def up
+    disable_statement_timeout do
+      rename_root_paths 'v2'
+    end
+  end
+
+  def down
+    disable_statement_timeout do
+      revert_renames
+    end
+  end
+end
diff --git a/doc/administration/container_registry.md b/doc/administration/container_registry.md
index b21bfafc096..05beb724d4d 100644
--- a/doc/administration/container_registry.md
+++ b/doc/administration/container_registry.md
@@ -362,6 +362,10 @@ configuring a different storage driver. By default the GitLab Container Registry
 is configured to use the filesystem driver, which makes use of [storage path](#container-registry-storage-path)
 configuration.
 
+NOTE: **Note:** Enabling a storage driver other than `filesystem` would mean
+that your Docker client needs to be able to access the storage backend directly.
+In that case, you must use an address that resolves and is accessible outside GitLab server.
+
 The different supported drivers are:
 
 | Driver     | Description                         |
@@ -369,20 +373,16 @@ The different supported drivers are:
 | filesystem | Uses a path on the local filesystem |
 | azure      | Microsoft Azure Blob Storage        |
 | gcs        | Google Cloud Storage                |
-| s3         | Amazon Simple Storage Service       |
+| s3         | Amazon Simple Storage Service. Be sure to configure your storage bucket with the correct [S3 Permission Scopes](https://docs.docker.com/registry/storage-drivers/s3/#s3-permission-scopes).       |
 | swift      | OpenStack Swift Object Storage      |
 | oss        | Aliyun OSS                          |
 
 Read more about the individual driver's config options in the
 [Docker Registry docs][storage-config].
 
-> **Warning** GitLab will not backup Docker images that are not stored on the
+CAUTION: **Warning:** GitLab will not backup Docker images that are not stored on the
 filesystem. Remember to enable backups with your object storage provider if
 desired.
->
-> **Important** Enabling storage driver other than `filesystem` would mean
-that your Docker client needs to be able to access the storage backend directly.
-So you must use an address that resolves and is accessible outside GitLab server.
 
 ---
 
diff --git a/doc/api/runners.md b/doc/api/runners.md
index 0b7ef46888c..46f7b1d2a25 100644
--- a/doc/api/runners.md
+++ b/doc/api/runners.md
@@ -4,6 +4,29 @@
 
 [ce-2640]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/2640
 
+## Registration and authentication tokens
+
+There are two tokens to take into account when connecting a Runner with GitLab.
+
+| Token | Description |
+| ----- | ----------- |
+| Registration token   | Token used to [register the Runner](https://docs.gitlab.com/runner/register/). It can be [obtained through GitLab](../ci/runners/README.md). |
+| Authentication token | Token used to authenticate the Runner with the GitLab instance. It is obtained either automatically when [registering a Runner](https://docs.gitlab.com/runner/register/), or manually when [registering the Runner via the Runners API](#register-a-new-runner). |
+
+Here's an example of how the two tokens are used in Runner registration:
+
+1. You register the Runner via the GitLab API using a registration token, and an
+   authentication token is returned.
+1. You use that authentication token and add it to the
+   [Runner's configuration file](https://docs.gitlab.com/runner/commands/#configuration-file):
+
+    ```toml
+    [[runners]]
+      token = "<authentication_token>"
+    ```
+
+GitLab and Runner are then connected.
+
 ## List owned runners
 
 Get a list of specific runners available to the user.
@@ -456,7 +479,7 @@ POST /runners
 
 | Attribute   | Type    | Required | Description         |
 |-------------|---------|----------|---------------------|
-| `token`     | string  | yes      | Registration token ([Read how to obtain a token](../ci/runners/README.md)) |
+| `token`     | string  | yes      | [Registration token](#registration-and-authentication-tokens).  |
 | `description`| string | no       | Runner's description|
 | `info`       | hash   | no       | Runner's metadata   |
 | `active`     | boolean| no       | Whether the Runner is active   |
@@ -466,7 +489,7 @@ POST /runners
 | `maximum_timeout` | integer | no | Maximum timeout set when this Runner will handle the job |
 
 ```
-curl --request POST "https://gitlab.example.com/api/v4/runners" --form "token=ipzXrMhuyyJPifUt6ANz" --form "description=test-1-20150125-test" --form "tag_list=ruby,mysql,tag1,tag2"
+curl --request POST "https://gitlab.example.com/api/v4/runners" --form "token=<registration_token>" --form "description=test-1-20150125-test" --form "tag_list=ruby,mysql,tag1,tag2"
 ```
 
 Response:
@@ -494,10 +517,10 @@ DELETE /runners
 
 | Attribute   | Type    | Required | Description         |
 |-------------|---------|----------|---------------------|
-| `token`     | string  | yes      | Runner's authentication token  |
+| `token`     | string  | yes      | Runner's [authentication token](#registration-and-authentication-tokens).  |
 
 ```
-curl --request DELETE "https://gitlab.example.com/api/v4/runners" --form "token=ebb6fc00521627750c8bb750f2490e"
+curl --request DELETE "https://gitlab.example.com/api/v4/runners" --form "token=<authentication_token>"
 ```
 
 Response:
@@ -516,10 +539,10 @@ POST /runners/verify
 
 | Attribute   | Type    | Required | Description         |
 |-------------|---------|----------|---------------------|
-| `token`     | string  | yes      | Runner's authentication token  |
+| `token`     | string  | yes      | Runner's [authentication token](#registration-and-authentication-tokens).  |
 
 ```
-curl --request POST "https://gitlab.example.com/api/v4/runners/verify" --form "token=ebb6fc00521627750c8bb750f2490e"
+curl --request POST "https://gitlab.example.com/api/v4/runners/verify" --form "token=<authentication_token>"
 ```
 
 Response:
diff --git a/doc/ci/variables/predefined_variables.md b/doc/ci/variables/predefined_variables.md
index 416627740d2..b429dc8c8be 100644
--- a/doc/ci/variables/predefined_variables.md
+++ b/doc/ci/variables/predefined_variables.md
@@ -23,6 +23,9 @@ future GitLab releases.**
 | `CHAT_INPUT`                            | 10.6   | all    | Additional arguments passed in the [ChatOps](../chatops/README.md) command |
 | `CHAT_CHANNEL`                          | 10.6   | all    | Source chat channel which triggered the [ChatOps](../chatops/README.md) command |
 | `CI`                                    | all    | 0.4    | Mark that job is executed in CI environment |
+| `CI_BUILDS_DIR`                         | all    | 11.10  | Top-level directory where builds are executed. |
+| `CI_CONCURRENT_ID`                      | all    | 11.10  | Unique ID of build execution within a single executor. |
+| `CI_CONCURRENT_PROJECT_ID`              | all    | 11.10  | Unique ID of build execution within a single executor and project. |
 | `CI_COMMIT_BEFORE_SHA`                  | 11.2   | all    | The previous latest commit present on a branch before a push request. |
 | `CI_COMMIT_DESCRIPTION`                 | 10.8   | all    | The description of the commit: the message without first line, if the title is shorter than 100 characters; full message in other case. |
 | `CI_COMMIT_MESSAGE`                     | 10.8   | all    | The full commit message. |
diff --git a/doc/ci/variables/where_variables_can_be_used.md b/doc/ci/variables/where_variables_can_be_used.md
index ceca4af1bee..1218ac0b071 100644
--- a/doc/ci/variables/where_variables_can_be_used.md
+++ b/doc/ci/variables/where_variables_can_be_used.md
@@ -15,26 +15,26 @@ There are two places defined variables can be used. On the:
 
 ### `.gitlab-ci.yml` file
 
-| Definition                           | Can be expanded?  | Expansion place | Description  |
-|--------------------------------------|-------------------|-----------------|--------------|
-| `environment:url`                    | yes               | GitLab           | The variable expansion is made by GitLab's [internal variable expansion mechanism](#gitlab-internal-variable-expansion-mechanism).<ul><li>Supported: all variables defined for a job (project/group variables, variables from `.gitlab-ci.yml`, variables from triggers, variables from pipeline schedules)</li><li>Not supported: variables defined in Runner's `config.toml` and variables created in job's `script`</li></ul> |
-| `environment:name`                   | yes               | GitLab           | Similar to `environment:url`, but the variables expansion doesn't support: <ul><li>variables that are based on the environment's name (`CI_ENVIRONMENT_NAME`, `CI_ENVIRONMENT_SLUG`)</li><li>any other variables related to environment (currently only `CI_ENVIRONMENT_URL`)</li><li>[persisted variables](#persisted-variables)</li></ul> |
-| `variables` | yes               | Runner          | The variable expansion is made by GitLab Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism) |
-| `image`          | yes               | Runner          | The variable expansion is made by GitLab Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism) |
-| `services:[]` | yes           | Runner          | The variable expansion is made by GitLab Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism) |
-| `services:[]:name` | yes  | Runner          | The variable expansion is made by GitLab Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism) |
-| `cache:key` | yes               | Runner          | The variable expansion is made by GitLab Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism) |
-| `artifacts:name`                     | yes               | Runner          | The variable expansion is made by GitLab Runner's shell environment  |
-| `script`, `before_script`, `after_script` | yes | Script execution shell | The variable expansion is made by the [execution shell environment](#execution-shell-environment) |
-| `only:variables:[]`, `except:variables:[]`    | no                | n/a             | The variable must be in the form of `$variable`.<br/>Not supported:<ul><li>variables that are based on the environment's name (`CI_ENVIRONMENT_NAME`, `CI_ENVIRONMENT_SLUG`)</li><li>any other variables related to environment (currently only `CI_ENVIRONMENT_URL`)</li><li>[persisted variables](#persisted-variables)</li></ul> |
+| Definition                                 | Can be expanded? | Expansion place        | Description                                                                                                                                                                                                                                                                                                                                                                                                                       |
+|:-------------------------------------------|:-----------------|:-----------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `environment:url`                          | yes              | GitLab                 | The variable expansion is made by GitLab's [internal variable expansion mechanism](#gitlab-internal-variable-expansion-mechanism).<br/><br/>Supported are all variables defined for a job (project/group variables, variables from `.gitlab-ci.yml`, variables from triggers, variables from pipeline schedules).<br/><br/>Not supported are variables defined in Runner's `config.toml` and variables created in job's `script`. |
+| `environment:name`                         | yes              | GitLab                 | Similar to `environment:url`, but the variables expansion doesn't support the following:<br/><br/>- Variables that are based on the environment's name (`CI_ENVIRONMENT_NAME`, `CI_ENVIRONMENT_SLUG`).<br/>- Any other variables related to environment (currently only `CI_ENVIRONMENT_URL`).<br/>- [Persisted variables](#persisted-variables).                                                                                 |
+| `variables`                                | yes              | Runner                 | The variable expansion is made by GitLab Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism)                                                                                                                                                                                                                                                                                   |
+| `image`                                    | yes              | Runner                 | The variable expansion is made by GitLab Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism)                                                                                                                                                                                                                                                                                   |
+| `services:[]`                              | yes              | Runner                 | The variable expansion is made by GitLab Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism)                                                                                                                                                                                                                                                                                   |
+| `services:[]:name`                         | yes              | Runner                 | The variable expansion is made by GitLab Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism)                                                                                                                                                                                                                                                                                   |
+| `cache:key`                                | yes              | Runner                 | The variable expansion is made by GitLab Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism)                                                                                                                                                                                                                                                                                   |
+| `artifacts:name`                           | yes              | Runner                 | The variable expansion is made by GitLab Runner's shell environment                                                                                                                                                                                                                                                                                                                                                               |
+| `script`, `before_script`, `after_script`  | yes              | Script execution shell | The variable expansion is made by the [execution shell environment](#execution-shell-environment)                                                                                                                                                                                                                                                                                                                                 |
+| `only:variables:[]`, `except:variables:[]` | no               | n/a                    | The variable must be in the form of `$variable`. Not supported are the following:<br/><br/>- Variables that are based on the environment's name (`CI_ENVIRONMENT_NAME`, `CI_ENVIRONMENT_SLUG`).<br/>- Any other variables related to environment (currently only `CI_ENVIRONMENT_URL`).<br/>- [Persisted variables](#persisted-variables).                                                                                            |
 
 ### `config.toml` file
 
 NOTE: **Note:**
 You can read more about `config.toml` in the [Runner's docs](https://docs.gitlab.com/runner/configuration/advanced-configuration.html).
 
-| Definition                           | Can be expanded? | Description |
-|--------------------------------------|------------------|-------------|
+| Definition                           | Can be expanded? | Description                                                                                                                                  |
+|:-------------------------------------|:-----------------|:---------------------------------------------------------------------------------------------------------------------------------------------|
 | `runners.environment`                | yes              | The variable expansion is made by the Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism) |
 | `runners.kubernetes.pod_labels`      | yes              | The Variable expansion is made by the Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism) |
 | `runners.kubernetes.pod_annotations` | yes              | The Variable expansion is made by the Runner's [internal variable expansion mechanism](#gitlab-runner-internal-variable-expansion-mechanism) |
diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md
index e75f7050a09..d52312371cd 100644
--- a/doc/ci/yaml/README.md
+++ b/doc/ci/yaml/README.md
@@ -414,6 +414,27 @@ job:
   only: ['branches', 'tags']
 ```
 
+### Supported `only`/`except` regexp syntax
+
+CAUTION: **Warning:**
+This is a breaking change that was introduced with GitLab 11.9.4.
+
+In GitLab 11.9.4, GitLab begun internally converting regexp used
+in `only` and `except` parameters to [RE2](https://github.com/google/re2/wiki/Syntax).
+
+This means that only subset of features provided by [Ruby Regexp](https://ruby-doc.org/core/Regexp.html)
+is supported. [RE2](https://github.com/google/re2/wiki/Syntax) limits the set of features
+provided due to computational complexity, which means some features became unavailable in GitLab 11.9.4.
+For example, negative lookaheads.
+
+For GitLab versions from 11.9.7 and up to GitLab 12.0, GitLab provides a feature flag that can be
+enabled by administrators that allows users to use unsafe regexp syntax. This brings compatibility
+with previously allowed syntax version and allows users to gracefully migrate to the new syntax.
+
+```ruby
+Feature.enable(:allow_unsafe_ruby_regexp)
+```
+
 ### `only`/`except` (advanced)
 
 > - `refs` and `kubernetes` policies introduced in GitLab 10.0.
@@ -2341,8 +2362,35 @@ variables:
   GIT_STRATEGY: clone
   GIT_CHECKOUT: "false"
 script:
-  - git checkout master
-  - git merge $CI_BUILD_REF_NAME
+  - git checkout -B master origin/master
+  - git merge $CI_COMMIT_SHA
+```
+
+#### Git clean flags
+
+> Introduced in GitLab Runner 11.10
+
+The `GIT_CLEAN_FLAGS` variable is used to control the default behavior of
+`git clean` after checking out the sources. You can set it globally or per-job in the
+[`variables`](#variables) section.
+
+`GIT_CLEAN_FLAGS` accepts all possible options of the [git clean](https://git-scm.com/docs/git-clean)
+command.
+
+`git clean` is disabled if `GIT_CHECKOUT: "false"` is specified.
+
+If `GIT_CLEAN_FLAGS` is:
+
+- Not specified, `git clean` flags default to `-ffdx`.
+- Given the value `none`, `git clean` is not executed.
+
+For example:
+
+```yaml
+variables:
+  GIT_CLEAN_FLAGS: -ffdx -e cache/
+script:
+  - ls -al cache/
 ```
 
 #### Job stages attempts
@@ -2418,6 +2466,72 @@ CAUTION: **Deprecated:**
 `type` is deprecated, and could be removed in one of the future releases.
 Use [`stage`](#stage) instead.
 
+## Custom build directories
+
+> [Introduced][https://gitlab.com/gitlab-org/gitlab-runner/merge_requests/1267] in Gitlab Runner 11.10
+
+NOTE: **Note:**
+This can only be used when `custom_build_dir` is enabled in the [Runner's
+configuration](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runnerscustom_build_dir-section).
+This is the default configuration for `docker` and `kubernetes` executor.
+
+By default, GitLab Runner clones the repository in a unique subpath of the `$CI_BUILDS_DIR` directory.
+However, sometimes your project might require the code in a specific directory,
+but sometimes your project might require to have the code in a specific directory,
+like Go projects, for example. In that case, you can specify the `GIT_CLONE_PATH` variable
+to tell the Runner in which directory to clone the repository:
+
+```yml
+variables:
+  GIT_CLONE_PATH: $CI_BUILDS_DIR/project-name
+
+test:
+  script:
+    - pwd
+```
+
+The `GIT_CLONE_PATH` has to always be within `$CI_BUILDS_DIR`. The directory set in `$CI_BUILDS_DIR`
+is dependent on executor and configuration of [runners.builds_dir](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runners-section)
+setting.
+
+### Handling concurrency
+
+An executor using a concurrency greater than `1` might lead
+to failures because multiple jobs might be working on the same directory if the `builds_dir`
+is shared between jobs.
+GitLab Runner does not try to prevent this situation. It is up to the administrator
+and developers to comply with the requirements of Runner configuration.
+
+To avoid this scenario, you can use a unique path within `$CI_BUILDS_DIR`, because Runner
+exposes two additional variables that provide a unique `ID` of concurrency:
+
+- `$CI_CONCURRENT_ID`: Unique ID for all jobs running within the given executor.
+- `$CI_CONCURRENT_PROJECT_ID`: Unique ID for all jobs running within the given executor and project.
+
+The most stable configuration that should work well in any scenario and on any executor
+is to use `$CI_CONCURRENT_ID` in the `GIT_CLONE_PATH`. For example:
+
+```yml
+variables:
+  GIT_CLONE_PATH: $CI_BUILDS_DIR/$CI_CONCURRENT_ID/project-name
+
+test:
+  script:
+    - pwd
+```
+
+The `$CI_CONCURRENT_PROJECT_ID` should be used in conjunction with `$CI_PROJECT_PATH`
+as the `$CI_PROJECT_PATH` provides a path of a repository. That is, `group/subgroup/project`. For example:
+
+```yml
+variables:
+  GIT_CLONE_PATH: $CI_BUILDS_DIR/$CI_CONCURRENT_ID/$CI_PROJECT_PATH
+
+test:
+  script:
+    - pwd
+```
+
 ## Special YAML features
 
 It's possible to use special YAML features like anchors (`&`), aliases (`*`)
diff --git a/doc/development/api_graphql_styleguide.md b/doc/development/api_graphql_styleguide.md
index 501092ff2aa..8d2bfff3a5d 100644
--- a/doc/development/api_graphql_styleguide.md
+++ b/doc/development/api_graphql_styleguide.md
@@ -9,38 +9,6 @@ can be shared.
 It is also possible to add a `private_token` to the querystring, or
 add a `HTTP_PRIVATE_TOKEN` header.
 
-### Authorization
-
-Fields can be authorized using the same abilities used in the Rails
-app. This can be done by supplying the `authorize` option:
-
-```ruby
-module Types
-  class QueryType < BaseObject
-    graphql_name 'Query'
-
-    field :project, Types::ProjectType, null: true, resolver: Resolvers::ProjectResolver, authorize: :read_project
-  end
-end
-```
-
-Fields can be authorized against multiple abilities, in which case all
-ability checks must pass. This requires explicitly passing a block to `field`:
-
-```ruby
-field :project, Types::ProjectType, null: true, resolver: Resolvers::ProjectResolver do
-  authorize [:read_project, :another_ability]
-end
-```
-
-The object found by the resolve call is used for authorization.
-
-TIP: **Tip:**
-When authorizing collections, try to load only what the currently
-authenticated user is allowed to view with our existing finders first.
-This minimizes database queries and unnecessary authorization checks of
-the loaded records.
-
 ## Types
 
 When exposing a model through the GraphQL API, we do so by creating a
@@ -197,6 +165,114 @@ end
   policies at once. The fields for these will all have be non-nullable
   booleans with a default description.
 
+## Authorization
+
+Authorizations can be applied to both types and fields using the same
+abilities as in the Rails app.
+
+If the:
+
+- Currently authenticated user fails the authorization, the authorized
+resource will be returned as `null`.
+- Resource is part of a collection, the collection will be filtered to
+exclude the objects that the user's authorization checks failed against.
+
+TIP: **Tip:**
+Try to load only what the currently authenticated user is allowed to
+view with our existing finders first, without relying on authorization
+to filter the records. This minimizes database queries and unnecessary
+authorization checks of the loaded records.
+
+### Type authorization
+
+Authorize a type by passing an ability to the `authorize` method. All
+fields with the same type will be authorized by checking that the
+currently authenticated user has the required ability.
+
+For example, the following authorization ensures that the currently
+authenticated user can only see projects that they have the
+`read_project` ability for (so long as the project is returned in a
+field that uses `Types::ProjectType`):
+
+```ruby
+module Types
+  class ProjectType < BaseObject
+    authorize :read_project
+  end
+end
+```
+
+You can also authorize against multiple abilities, in which case all of
+the ability checks must pass.
+
+For example, the following authorization ensures that the currently
+authenticated user must have `read_project` and `another_ability`
+abilities to see a project:
+
+```ruby
+module Types
+  class ProjectType < BaseObject
+    authorize [:read_project, :another_ability]
+  end
+end
+```
+
+### Field authorization
+
+Fields can be authorized with the `authorize` option.
+
+For example, the following authorization ensures that the currently
+authenticated user must have the `owner_access` ability to see the
+project:
+
+```ruby
+module Types
+  class MyType < BaseObject
+    field :project, Types::ProjectType, null: true, resolver: Resolvers::ProjectResolver, authorize: :owner_access
+  end
+end
+```
+
+Fields can also be authorized against multiple abilities, in which case
+all of ability checks must pass. **Note:** This requires explicitly
+passing a block to `field`:
+
+```ruby
+module Types
+  class MyType < BaseObject
+    field :project, Types::ProjectType, null: true, resolver: Resolvers::ProjectResolver do
+      authorize [:owner_access, :another_ability]
+    end
+  end
+end
+```
+
+NOTE: **Note:** If the field's type already [has a particular
+authorization](#type-authorization) then there is no need to add that
+same authorization to the field.
+
+### Type and Field authorizations together
+
+Authorizations are cumulative, so where authorizations are defined on
+a field, and also on the field's type, then the currently authenticated
+user would need to pass all ability checks.
+
+In the following simplified example the currently authenticated user
+would need both `first_permission` and `second_permission` abilities in
+order to see the author of the issue.
+
+```ruby
+class UserType
+  authorize :first_permission
+end
+```
+
+```ruby
+class IssueType
+  field :author, UserType, authorize: :second_permission
+end
+```
+
 ## Resolvers
 
 To find objects to display in a field, we can add resolvers to
diff --git a/doc/development/testing_guide/review_apps.md b/doc/development/testing_guide/review_apps.md
index ffc71051377..55ca502f84a 100644
--- a/doc/development/testing_guide/review_apps.md
+++ b/doc/development/testing_guide/review_apps.md
@@ -130,9 +130,9 @@ secure note named **gitlab-{ce,ee} Review App's root password**.
 1. Find and open the `task-runner` Deployment, e.g. `review-29951-issu-id2qax-task-runner`.
 1. Click on the Pod in the "Managed pods" section, e.g. `review-29951-issu-id2qax-task-runner-d5455cc8-2lsvz`.
 1. Click on the `KUBECTL` dropdown, then `Exec` -> `task-runner`.
-1. Replace `-c task-runner -- ls` with `-- /srv/gitlab/bin/rails c` from the
+1. Replace `-c task-runner -- ls` with `-it -- gitlab-rails console` from the
   default command or
-  - Run `kubectl exec --namespace review-apps-ce -it review-29951-issu-id2qax-task-runner-d5455cc8-2lsvz -- /srv/gitlab/bin/rails c`
+  - Run `kubectl exec --namespace review-apps-ce review-29951-issu-id2qax-task-runner-d5455cc8-2lsvz -it -- gitlab-rails console`
     and
   - Replace `review-apps-ce` with `review-apps-ee` if the Review App
     is running EE, and
diff --git a/doc/user/discussions/img/multi-line-suggestion-preview.png b/doc/user/discussions/img/multi-line-suggestion-preview.png
new file mode 100644
index 00000000000..4288d0ba034
--- /dev/null
+++ b/doc/user/discussions/img/multi-line-suggestion-preview.png
diff --git a/doc/user/discussions/img/multi-line-suggestion-syntax.png b/doc/user/discussions/img/multi-line-suggestion-syntax.png
new file mode 100644
index 00000000000..df0c99b84ef
--- /dev/null
+++ b/doc/user/discussions/img/multi-line-suggestion-syntax.png
diff --git a/doc/user/discussions/index.md b/doc/user/discussions/index.md
index 23b9604a456..bf41fdecd10 100644
--- a/doc/user/discussions/index.md
+++ b/doc/user/discussions/index.md
@@ -344,6 +344,24 @@ and push the suggested change directly into the codebase in the merge request's
 Custom commit messages will be introduced by
 [#54404](https://gitlab.com/gitlab-org/gitlab-ce/issues/54404).
 
+### Multi-line suggestions
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/53310) in GitLab 11.10.
+
+Reviewers can also suggest changes to
+multiple lines with a single suggestion within Merge Request diff discussions.
+
+![Multi-line suggestion syntax](img/multi-line-suggestion-syntax.png)
+
+In the example above, the suggestion covers three lines above and four lines below the commented diff line.
+It'd change from 3 lines _above_ to 4 lines _below_ the commented Diff line.
+
+![Multi-line suggestion preview](img/multi-line-suggestion-preview.png)
+
+NOTE: **Note:**
+Suggestions covering multiple lines are limited to 100 lines _above_ and 100 lines _below_ 
+the commented diff line, allowing up to 200 changed lines per suggestion.
+
 ## Start a discussion by replying to a standard comment
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/30299) in GitLab 11.9
diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md
index c94a3f4d3b5..878d30dddaa 100644
--- a/doc/user/project/clusters/index.md
+++ b/doc/user/project/clusters/index.md
@@ -570,7 +570,7 @@ deployment jobs, immediately before the jobs starts.
 However, sometimes GitLab can not create them. In such instances, your job will fail with the message:
 
 ```text
-The job failed to complete prerequisite tasks
+This job failed because the necessary resources were not successfully created.
 ```
 
 To find the cause of this error when creating a namespace and service account, check the [logs](../../../administration/logs.md#sidekiqlog).
diff --git a/doc/user/project/merge_requests/img/merge_when_pipeline_succeeds_only_if_succeeds_settings.png b/doc/user/project/merge_requests/img/merge_when_pipeline_succeeds_only_if_succeeds_settings.png
index 2a2101719ba..ea3aff59aa1 100644
--- a/doc/user/project/merge_requests/img/merge_when_pipeline_succeeds_only_if_succeeds_settings.png
+++ b/doc/user/project/merge_requests/img/merge_when_pipeline_succeeds_only_if_succeeds_settings.png
diff --git a/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md b/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md
index f8af71ab46b..1477e35dca8 100644
--- a/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md
+++ b/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md
@@ -35,11 +35,11 @@ You need to have jobs configured to enable this feature.
 You can prevent merge requests from being merged if their pipeline did not succeed
 or if there are discussions to be resolved.
 
-Navigate to your project's settings page, select the
-**Only allow merge requests to be merged if the pipeline succeeds** check box and
-hit **Save** for the changes to take effect.
+Navigate to your project's settings page and expand the **Merge requests** section.
+In the **Merge checks** subsection, select the **Pipelines must succeed** check
+box and hit **Save** for the changes to take effect.
 
-![Only allow merge if pipeline succeeds settings](img/merge_when_pipeline_succeeds_only_if_succeeds_settings.png)
+![Pipelines must succeed settings](img/merge_when_pipeline_succeeds_only_if_succeeds_settings.png)
 
 From now on, every time the pipeline fails you will not be able to merge the
 merge request from the UI, until you make all relevant jobs pass.
diff --git a/doc/user/project/repository/img/download_source_code.png b/doc/user/project/repository/img/download_source_code.png
new file mode 100644
index 00000000000..17f2cb4b3e8
--- /dev/null
+++ b/doc/user/project/repository/img/download_source_code.png
diff --git a/doc/user/project/repository/index.md b/doc/user/project/repository/index.md
index 22d912cd9d1..718566a539f 100644
--- a/doc/user/project/repository/index.md
+++ b/doc/user/project/repository/index.md
@@ -241,4 +241,24 @@ Projects that contain a `.xcodeproj` or `.xcworkspace` directory can now be clon
 in Xcode using the new **Open in Xcode** button, located next to the Git URL
 used for cloning your project. The button is only shown on macOS.
 
+## Download Source Code
+
+Source code stored in the repository can be downloaded.
+
+By clicking the download icon, a dropdown will open with links to download the following:
+
+![Download source code](img/download_source_code.png)
+
+- **Source Code:**
+  This allows users to download the source code on branch they're currently
+  viewing. Available zip, tar, tar.gz and tar.bz2.
+- **Directory:**
+  > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/24704) in GitLab 11.10
+
+  Only shows up when viewing a sub-directory. This allows users to download
+  the specific directory they're currently viewing. Also available in zip, tar,
+  tar.gz and tar.bz2.
+- **Artifacts:**
+  This allows users to download the artifacts of the latest CI build.
+
 [jupyter]: https://jupyter.org
diff --git a/doc/user/reserved_names.md b/doc/user/reserved_names.md
index 9aa81e33fc0..9e8475d8294 100644
--- a/doc/user/reserved_names.md
+++ b/doc/user/reserved_names.md
@@ -83,6 +83,7 @@ Currently the following names are reserved as top level groups:
 - unsubscribes
 - uploads
 - users
+- v2
 
 These group names are unavailable as subgroup names:
 
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index cc62b5a3661..2dd3120d3fc 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -690,6 +690,10 @@ module API
       # Deprecated
       expose :allow_collaboration, as: :allow_maintainer_to_push, if: -> (merge_request, _) { merge_request.for_fork? }
 
+      expose :reference do |merge_request, options|
+        merge_request.to_reference(options[:project])
+      end
+
       expose :web_url do |merge_request|
         Gitlab::UrlBuilder.build(merge_request)
       end
@@ -726,6 +730,8 @@ module API
         merge_request.metrics&.pipeline
       end
 
+      expose :head_pipeline, using: 'API::Entities::Pipeline'
+
       expose :diff_refs, using: Entities::DiffRefs
 
       # Allow the status of a rebase to be determined
@@ -1267,6 +1273,9 @@ module API
       expose :created_at, :updated_at, :started_at, :finished_at, :committed_at
       expose :duration
       expose :coverage
+      expose :detailed_status, using: DetailedStatusEntity do |pipeline, options|
+        pipeline.detailed_status(options[:current_user])
+      end
     end
 
     class PipelineSchedule < Grape::Entity
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index 9fcf476f537..ad16f26f5cc 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -26,6 +26,7 @@ module API
           optional :ldap_cn, type: String, desc: 'LDAP Common Name'
           optional :ldap_access, type: Integer, desc: 'A valid access level'
           optional :shared_runners_minutes_limit, type: Integer, desc: '(admin-only) Pipeline minutes quota for this group'
+          optional :extra_shared_runners_minutes_limit, type: Integer, desc: '(admin-only) Extra pipeline minutes quota for this group'
           all_or_none_of :ldap_cn, :ldap_access
         end
       end
diff --git a/lib/api/internal.rb b/lib/api/internal.rb
index cb9aa849eeb..9c7b9146c8f 100644
--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@@ -87,7 +87,8 @@ module API
             gl_id: Gitlab::GlId.gl_id(user),
             gl_username: user&.username,
             git_config_options: [],
-            gitaly: gitaly_payload(params[:action])
+            gitaly: gitaly_payload(params[:action]),
+            gl_console_messages: check_result.console_messages
           }
 
           # Custom option for git-receive-pack command
diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index fae20e45bf9..3dd90502050 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -310,7 +310,7 @@ module API
           .flatten
 
         present paginate(::Kaminari.paginate_array(merge_requests)),
-          with: Entities::MergeRequestBasic,
+          with: Entities::MergeRequest,
           current_user: current_user,
           project: user_project
       end
diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb
index 98dcc388f44..e4b21b7d1c4 100644
--- a/lib/api/merge_requests.rb
+++ b/lib/api/merge_requests.rb
@@ -111,6 +111,7 @@ module API
                          desc: 'Return merge requests for the given scope: `created_by_me`, `assigned_to_me` or `all`'
         optional :my_reaction_emoji, type: String, desc: 'Return issues reacted by the authenticated user by the given emoji'
         optional :source_branch, type: String, desc: 'Return merge requests with the given source branch'
+        optional :source_project_id, type: Integer, desc: 'Return merge requests with the given source project id'
         optional :target_branch, type: String, desc: 'Return merge requests with the given target branch'
         optional :search, type: String, desc: 'Search merge requests for text present in the title, description, or any combination of these'
         optional :in, type: String, desc: '`title`, `description`, or a string joining them with comma'
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 776329622e2..2f23e33bd4a 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -54,6 +54,7 @@ module API
 
           if Gitlab.ee?
             optional :shared_runners_minutes_limit, type: Integer, desc: 'Pipeline minutes quota for this user'
+            optional :extra_shared_runners_minutes_limit, type: Integer, desc: '(admin-only) Extra pipeline minutes quota for this user'
           end
         end
 
diff --git a/lib/banzai/filter/blockquote_fence_filter.rb b/lib/banzai/filter/blockquote_fence_filter.rb
index ad367cc5efe..8f5ad9981e5 100644
--- a/lib/banzai/filter/blockquote_fence_filter.rb
+++ b/lib/banzai/filter/blockquote_fence_filter.rb
@@ -42,7 +42,9 @@ module Banzai
       def call
         @text.gsub(REGEX) do
           if $~[:quote]
-            $~[:quote].gsub(/^/, "> ").gsub(/^> $/, ">")
+            # keep the same number of source lines/positions by replacing the
+            # fence lines with newlines
+            "\n" + $~[:quote].gsub(/^/, "> ").gsub(/^> $/, ">") + "\n"
           else
             $~[0]
           end
diff --git a/lib/banzai/suggestions_parser.rb b/lib/banzai/suggestions_parser.rb
deleted file mode 100644
index 0d7f751bfc1..00000000000
--- a/lib/banzai/suggestions_parser.rb
+++ /dev/null
@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-
-# TODO: Delete when https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26107
-# exchange this parser by `Gitlab::Diff::SuggestionsParser`.
-module Banzai
-  module SuggestionsParser
-    # Returns the content of each suggestion code block.
-    #
-    def self.parse(text)
-      html = Banzai.render(text, project: nil, no_original_data: true)
-      doc = Nokogiri::HTML(html)
-
-      doc.search('pre.suggestion').map { |node| node.text }
-    end
-  end
-end
diff --git a/lib/gitlab/ci/build/policy/refs.rb b/lib/gitlab/ci/build/policy/refs.rb
index 360424bec11..c3005303fd8 100644
--- a/lib/gitlab/ci/build/policy/refs.rb
+++ b/lib/gitlab/ci/build/policy/refs.rb
@@ -35,7 +35,7 @@ module Gitlab
             # patterns can be matched only when branch or tag is used
             # the pattern matching does not work for merge requests pipelines
             if pipeline.branch? || pipeline.tag?
-              if regexp = Gitlab::UntrustedRegexp::RubySyntax.fabricate(pattern)
+              if regexp = Gitlab::UntrustedRegexp::RubySyntax.fabricate(pattern, fallback: true)
                 regexp.match?(pipeline.ref)
               else
                 pattern == pipeline.ref
diff --git a/lib/gitlab/ci/config.rb b/lib/gitlab/ci/config.rb
index 15643fa03ac..f187e456993 100644
--- a/lib/gitlab/ci/config.rb
+++ b/lib/gitlab/ci/config.rb
@@ -73,17 +73,13 @@ module Gitlab
       def build_config(config, project:, sha:, user:)
         initial_config = Gitlab::Config::Loader::Yaml.new(config).load!
 
-        if project
-          process_external_files(initial_config, project: project, sha: sha, user: user)
-        else
-          initial_config
-        end
+        process_external_files(initial_config, project: project, sha: sha, user: user)
       end
 
       def process_external_files(config, project:, sha:, user:)
         Config::External::Processor.new(config,
           project: project,
-          sha: sha || project.repository.root_ref_sha,
+          sha: sha || project&.repository&.root_ref_sha,
           user: user,
           expandset: Set.new).perform
       end
diff --git a/lib/gitlab/ci/config/entry/includes.rb b/lib/gitlab/ci/config/entry/includes.rb
index 82b2b1ccf4b..43e74dfd628 100644
--- a/lib/gitlab/ci/config/entry/includes.rb
+++ b/lib/gitlab/ci/config/entry/includes.rb
@@ -11,7 +11,7 @@ module Gitlab
           include ::Gitlab::Config::Entry::Validatable
 
           validations do
-            validates :config, type: Array
+            validates :config, array_or_string: true
           end
 
           def self.aspects
diff --git a/lib/gitlab/ci/config/entry/policy.rb b/lib/gitlab/ci/config/entry/policy.rb
index adc3660d950..7b14218d3ea 100644
--- a/lib/gitlab/ci/config/entry/policy.rb
+++ b/lib/gitlab/ci/config/entry/policy.rb
@@ -17,7 +17,7 @@ module Gitlab
             include ::Gitlab::Config::Entry::Validatable
 
             validations do
-              validates :config, array_of_strings_or_regexps: true
+              validates :config, array_of_strings_or_regexps_with_fallback: true
             end
 
             def value
@@ -38,7 +38,7 @@ module Gitlab
               validate :variables_expressions_syntax
 
               with_options allow_nil: true do
-                validates :refs, array_of_strings_or_regexps: true
+                validates :refs, array_of_strings_or_regexps_with_fallback: true
                 validates :kubernetes, allowed_values: %w[active]
                 validates :variables, array_of_strings: true
                 validates :changes, array_of_strings: true
diff --git a/lib/gitlab/ci/config/external/file/local.rb b/lib/gitlab/ci/config/external/file/local.rb
index 229a06451e8..cac321ec4a6 100644
--- a/lib/gitlab/ci/config/external/file/local.rb
+++ b/lib/gitlab/ci/config/external/file/local.rb
@@ -21,7 +21,9 @@ module Gitlab
             private
 
             def validate_content!
-              if content.nil?
+              if context.project&.repository.nil?
+                errors.push("Local file `#{location}` does not have project!")
+              elsif content.nil?
                 errors.push("Local file `#{location}` does not exist!")
               elsif content.blank?
                 errors.push("Local file `#{location}` is empty!")
diff --git a/lib/gitlab/ci/status/build/factory.rb b/lib/gitlab/ci/status/build/factory.rb
index f7d0715e617..96d05842838 100644
--- a/lib/gitlab/ci/status/build/factory.rb
+++ b/lib/gitlab/ci/status/build/factory.rb
@@ -16,7 +16,8 @@ module Gitlab
               Status::Build::Skipped],
              [Status::Build::Cancelable,
               Status::Build::Retryable],
-             [Status::Build::Failed],
+             [Status::Build::FailedUnmetPrerequisites,
+              Status::Build::Failed],
              [Status::Build::FailedAllowed,
               Status::Build::Unschedule,
               Status::Build::Play,
diff --git a/lib/gitlab/ci/status/build/failed_unmet_prerequisites.rb b/lib/gitlab/ci/status/build/failed_unmet_prerequisites.rb
new file mode 100644
index 00000000000..eaad3969a4c
--- /dev/null
+++ b/lib/gitlab/ci/status/build/failed_unmet_prerequisites.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Ci
+    module Status
+      module Build
+        class FailedUnmetPrerequisites < Status::Extended
+          def illustration
+            {
+              image: 'illustrations/pipelines_failed.svg',
+              size: 'svg-430',
+              title: _('Failed to create resources'),
+              content: _('Retry this job in order to create the necessary resources.')
+            }
+          end
+
+          def self.matches?(build, _)
+            build.unmet_prerequisites?
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/ci/templates/Android-Fastlane.gitlab-ci.yml b/lib/gitlab/ci/templates/Android-Fastlane.gitlab-ci.yml
index 8e767b22360..120272200c6 100644
--- a/lib/gitlab/ci/templates/Android-Fastlane.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Android-Fastlane.gitlab-ci.yml
@@ -6,6 +6,7 @@ stages:
   - environment
   - build
   - test
+  - deploy
   - internal
   - alpha
   - beta
diff --git a/lib/gitlab/ci/templates/Android.gitlab-ci.yml b/lib/gitlab/ci/templates/Android.gitlab-ci.yml
index c169e3f7686..2be7f933462 100644
--- a/lib/gitlab/ci/templates/Android.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Android.gitlab-ci.yml
@@ -24,10 +24,6 @@ before_script:
   - yes | android-sdk-linux/tools/bin/sdkmanager --licenses
   - set -o pipefail
 
-stages:
-  - build
-  - test
-
 lintDebug:
   stage: build
   script:
diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
index f786022beb0..611b25c2113 100644
--- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
@@ -60,6 +60,7 @@ variables:
 stages:
   - build
   - test
+  - deploy # dummy stage to follow the template guidelines
   - review
   - dast
   - staging
diff --git a/lib/gitlab/ci/templates/Chef.gitlab-ci.yml b/lib/gitlab/ci/templates/Chef.gitlab-ci.yml
index 33507aa58e4..1e14aa8bea9 100644
--- a/lib/gitlab/ci/templates/Chef.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Chef.gitlab-ci.yml
@@ -14,9 +14,11 @@ variables:
   KITCHEN_LOCAL_YAML: ".kitchen.dokken.yml"
 
 stages:
+  - build
   - lint
-  - unit
+  - test
   - functional
+  - deploy
 
 foodcritic:
   stage: lint
@@ -29,7 +31,7 @@ cookstyle:
   - chef exec cookstyle .
 
 chefspec:
-  stage: unit
+  stage: test
   script:
   - chef exec rspec spec
 
diff --git a/lib/gitlab/ci/templates/Go.gitlab-ci.yml b/lib/gitlab/ci/templates/Go.gitlab-ci.yml
index d572d7a1edc..55fda1a4799 100644
--- a/lib/gitlab/ci/templates/Go.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Go.gitlab-ci.yml
@@ -18,6 +18,7 @@ before_script:
 stages:
     - test
     - build
+    - deploy
 
 format:
     stage: test
diff --git a/lib/gitlab/ci/templates/Mono.gitlab-ci.yml b/lib/gitlab/ci/templates/Mono.gitlab-ci.yml
index 86d62b93313..10fb6be6c39 100644
--- a/lib/gitlab/ci/templates/Mono.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Mono.gitlab-ci.yml
@@ -15,6 +15,7 @@
 image: mono:latest
 
 stages:
+  - build
   - test
   - deploy
 
diff --git a/lib/gitlab/ci/templates/OpenShift.gitlab-ci.yml b/lib/gitlab/ci/templates/OpenShift.gitlab-ci.yml
index 290b9997084..61a925e0d2d 100644
--- a/lib/gitlab/ci/templates/OpenShift.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/OpenShift.gitlab-ci.yml
@@ -1,7 +1,9 @@
 image: ayufan/openshift-cli
 
 stages:
+  - build # dummy stage to follow the template guidelines
   - test
+  - deploy # dummy stage to follow the template guidelines
   - review
   - staging
   - production
diff --git a/lib/gitlab/ci/templates/Packer.gitlab-ci.yml b/lib/gitlab/ci/templates/Packer.gitlab-ci.yml
index fa296057c72..83e179f37c3 100644
--- a/lib/gitlab/ci/templates/Packer.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Packer.gitlab-ci.yml
@@ -9,6 +9,8 @@ before_script:
 
 stages:
   - validate
+  - build
+  - test
   - deploy
 
 validate:
diff --git a/lib/gitlab/ci/templates/Serverless.gitlab-ci.yml b/lib/gitlab/ci/templates/Serverless.gitlab-ci.yml
index 4f3d08d98fe..4e0d3de9389 100644
--- a/lib/gitlab/ci/templates/Serverless.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Serverless.gitlab-ci.yml
@@ -4,6 +4,7 @@ image: alpine:latest
 
 stages:
   - build
+  - test
   - deploy
 
 .serverless:build:image:
diff --git a/lib/gitlab/ci/templates/Swift.gitlab-ci.yml b/lib/gitlab/ci/templates/Swift.gitlab-ci.yml
index ba8a802ba4f..9aa4abd4791 100644
--- a/lib/gitlab/ci/templates/Swift.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Swift.gitlab-ci.yml
@@ -2,7 +2,9 @@
 # This file assumes an own GitLab CI runner, setup on a macOS system.
 stages:
   - build
+  - test
   - archive
+  - deploy
 
 build_project:
   stage: build
diff --git a/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml b/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml
index 7160fce26a8..f374bc7e26a 100644
--- a/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml
@@ -24,6 +24,7 @@ before_script:
 stages:
   - validate
   - build
+  - test
   - deploy
 
 validate:
diff --git a/lib/gitlab/ci/templates/iOS-Fastlane.gitlab-ci.yml b/lib/gitlab/ci/templates/iOS-Fastlane.gitlab-ci.yml
index df6ac4d340d..a4a9e96c1d2 100644
--- a/lib/gitlab/ci/templates/iOS-Fastlane.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/iOS-Fastlane.gitlab-ci.yml
@@ -12,6 +12,8 @@
 
 stages:
   - build
+  - test
+  - deploy
 
 variables:
   LC_ALL: "en_US.UTF-8"
diff --git a/lib/gitlab/config/entry/validators.rb b/lib/gitlab/config/entry/validators.rb
index d0ee94370ba..df34d254c65 100644
--- a/lib/gitlab/config/entry/validators.rb
+++ b/lib/gitlab/config/entry/validators.rb
@@ -54,6 +54,14 @@ module Gitlab
           end
         end
 
+        class ArrayOrStringValidator < ActiveModel::EachValidator
+          def validate_each(record, attribute, value)
+            unless value.is_a?(Array) || value.is_a?(String)
+              record.errors.add(attribute, 'should be an array or a string')
+            end
+          end
+        end
+
         class BooleanValidator < ActiveModel::EachValidator
           include LegacyValidationHelpers
 
@@ -129,6 +137,12 @@ module Gitlab
             end
           end
 
+          protected
+
+          def fallback
+            false
+          end
+
           private
 
           def matches_syntax?(value)
@@ -137,7 +151,7 @@ module Gitlab
 
           def validate_regexp(value)
             matches_syntax?(value) &&
-              Gitlab::UntrustedRegexp::RubySyntax.valid?(value)
+              Gitlab::UntrustedRegexp::RubySyntax.valid?(value, fallback: fallback)
           end
         end
 
@@ -162,6 +176,14 @@ module Gitlab
           end
         end
 
+        class ArrayOfStringsOrRegexpsWithFallbackValidator < ArrayOfStringsOrRegexpsValidator
+          protected
+
+          def fallback
+            true
+          end
+        end
+
         class ArrayOfStringsOrStringValidator < RegexpValidator
           def validate_each(record, attribute, value)
             unless validate_array_of_strings_or_string(value)
diff --git a/lib/gitlab/danger/helper.rb b/lib/gitlab/danger/helper.rb
index ac65cf74808..d347f3c13a4 100644
--- a/lib/gitlab/danger/helper.rb
+++ b/lib/gitlab/danger/helper.rb
@@ -7,6 +7,7 @@ require_relative 'teammate'
 module Gitlab
   module Danger
     module Helper
+      RELEASE_TOOLS_BOT = 'gitlab-release-tools-bot'
       ROULETTE_DATA_URL = URI.parse('https://about.gitlab.com/roulette.json').freeze
 
       # Returns a list of all files that have been added, modified or renamed.
@@ -40,6 +41,10 @@ module Gitlab
         ENV['CI_PROJECT_NAME'] == 'gitlab-ee' || File.exist?('../../CHANGELOG-EE.md')
       end
 
+      def release_automation?
+        gitlab.mr_author == RELEASE_TOOLS_BOT
+      end
+
       def project_name
         ee? ? 'gitlab-ee' : 'gitlab-ce'
       end
diff --git a/lib/gitlab/data_builder/pipeline.rb b/lib/gitlab/data_builder/pipeline.rb
index 76c8b4ec5c2..fa06fb935f7 100644
--- a/lib/gitlab/data_builder/pipeline.rb
+++ b/lib/gitlab/data_builder/pipeline.rb
@@ -47,7 +47,7 @@ module Gitlab
           user: build.user.try(:hook_attrs),
           runner: build.runner && runner_hook_attrs(build.runner),
           artifacts_file: {
-            filename: build.artifacts_file.filename,
+            filename: build.artifacts_file&.filename,
             size: build.artifacts_size
           }
         }
diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index 7d6851a4b8d..c33d243330d 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -231,12 +231,12 @@ module Gitlab
         end
       end
 
-      def archive_metadata(ref, storage_path, project_path, format = "tar.gz", append_sha:)
+      def archive_metadata(ref, storage_path, project_path, format = "tar.gz", append_sha:, path: nil)
         ref ||= root_ref
         commit = Gitlab::Git::Commit.find(self, ref)
         return {} if commit.nil?
 
-        prefix = archive_prefix(ref, commit.id, project_path, append_sha: append_sha)
+        prefix = archive_prefix(ref, commit.id, project_path, append_sha: append_sha, path: path)
 
         {
           'ArchivePrefix' => prefix,
@@ -248,13 +248,14 @@ module Gitlab
 
       # This is both the filename of the archive (missing the extension) and the
       # name of the top-level member of the archive under which all files go
-      def archive_prefix(ref, sha, project_path, append_sha:)
+      def archive_prefix(ref, sha, project_path, append_sha:, path:)
         append_sha = (ref != sha) if append_sha.nil?
 
         formatted_ref = ref.tr('/', '-')
 
         prefix_segments = [project_path, formatted_ref]
         prefix_segments << sha if append_sha
+        prefix_segments << path.tr('/', '-').gsub(%r{^/|/$}, '') if path
 
         prefix_segments.join('-')
       end
diff --git a/lib/gitlab/git/wiki.rb b/lib/gitlab/git/wiki.rb
index c43331bed60..a0dd4a24363 100644
--- a/lib/gitlab/git/wiki.rb
+++ b/lib/gitlab/git/wiki.rb
@@ -86,9 +86,9 @@ module Gitlab
         end
       end
 
-      def pages(limit: 0)
+      def pages(limit: 0, sort: nil, direction_desc: false)
         wrapped_gitaly_errors do
-          gitaly_get_all_pages(limit: limit)
+          gitaly_get_all_pages(limit: limit, sort: sort, direction_desc: direction_desc)
         end
       end
 
@@ -168,8 +168,10 @@ module Gitlab
         Gitlab::Git::WikiFile.new(wiki_file)
       end
 
-      def gitaly_get_all_pages(limit: 0)
-        gitaly_wiki_client.get_all_pages(limit: limit).map do |wiki_page, version|
+      def gitaly_get_all_pages(limit: 0, sort: nil, direction_desc: false)
+        gitaly_wiki_client.get_all_pages(
+          limit: limit, sort: sort, direction_desc: direction_desc
+        ).map do |wiki_page, version|
           Gitlab::Git::WikiPage.new(wiki_page, version)
         end
       end
diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb
index 010bd0e520c..cb80ed64eff 100644
--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -85,7 +85,7 @@ module Gitlab
         check_push_access!
       end
 
-      ::Gitlab::GitAccessResult::Success.new
+      ::Gitlab::GitAccessResult::Success.new(console_messages: check_for_console_messages(cmd))
     end
 
     def guest_can_download_code?
@@ -116,6 +116,10 @@ module Gitlab
       nil
     end
 
+    def check_for_console_messages(cmd)
+      []
+    end
+
     def check_valid_actor!
       return unless actor.is_a?(Key)
 
diff --git a/lib/gitlab/git_access_result/success.rb b/lib/gitlab/git_access_result/success.rb
index 7bb9f24cb0e..e950d727e2e 100644
--- a/lib/gitlab/git_access_result/success.rb
+++ b/lib/gitlab/git_access_result/success.rb
@@ -3,6 +3,11 @@
 module Gitlab
   module GitAccessResult
     class Success
+      attr_reader :console_messages
+
+      def initialize(console_messages: [])
+        @console_messages = console_messages
+      end
     end
   end
 end
diff --git a/lib/gitlab/gitaly_client/wiki_service.rb b/lib/gitlab/gitaly_client/wiki_service.rb
index 15c9463e2f2..e036cdcd800 100644
--- a/lib/gitlab/gitaly_client/wiki_service.rb
+++ b/lib/gitlab/gitaly_client/wiki_service.rb
@@ -87,8 +87,13 @@ module Gitlab
         wiki_page_from_iterator(response)
       end
 
-      def get_all_pages(limit: 0)
-        request = Gitaly::WikiGetAllPagesRequest.new(repository: @gitaly_repo, limit: limit)
+      def get_all_pages(limit: 0, sort: nil, direction_desc: false)
+        sort_value = Gitaly::WikiGetAllPagesRequest::SortBy.resolve(sort.to_s.upcase.to_sym)
+
+        params = { repository: @gitaly_repo, limit: limit, direction_desc: direction_desc }
+        params[:sort] = sort_value if sort_value
+
+        request = Gitaly::WikiGetAllPagesRequest.new(params)
         response = GitalyClient.call(@repository.storage, :wiki_service, :wiki_get_all_pages, request, timeout: GitalyClient.medium_timeout)
         pages = []
 
diff --git a/lib/gitlab/graphql/authorize/authorize_field_service.rb b/lib/gitlab/graphql/authorize/authorize_field_service.rb
new file mode 100644
index 00000000000..8deff79fc84
--- /dev/null
+++ b/lib/gitlab/graphql/authorize/authorize_field_service.rb
@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Graphql
+    module Authorize
+      class AuthorizeFieldService
+        def initialize(field)
+          @field = field
+          @old_resolve_proc = @field.resolve_proc
+        end
+
+        def authorizations?
+          authorizations.present?
+        end
+
+        def authorized_resolve
+          proc do |parent_typed_object, args, ctx|
+            resolved_obj = @old_resolve_proc.call(parent_typed_object, args, ctx)
+            authorizing_obj = authorize_against(parent_typed_object)
+            checker = build_checker(ctx[:current_user], authorizing_obj)
+
+            if resolved_obj.respond_to?(:then)
+              resolved_obj.then(&checker)
+            else
+              checker.call(resolved_obj)
+            end
+          end
+        end
+
+        private
+
+        def authorizations
+          @authorizations ||= (type_authorizations + field_authorizations).uniq
+        end
+
+        # Returns any authorize metadata from the return type of @field
+        def type_authorizations
+          type = @field.type
+
+          # When the return type of @field is a collection, find the singular type
+          if type.get_field('edges')
+            type = node_type_for_relay_connection(type)
+          elsif type.list?
+            type = node_type_for_basic_connection(type)
+          end
+
+          Array.wrap(type.metadata[:authorize])
+        end
+
+        # Returns any authorize metadata from @field
+        def field_authorizations
+          Array.wrap(@field.metadata[:authorize])
+        end
+
+        # If it's a built-in/scalar type, authorize using its parent object.
+        # nil means authorize using the resolved object
+        def authorize_against(parent_typed_object)
+          parent_typed_object.object if built_in_type? && parent_typed_object.respond_to?(:object)
+        end
+
+        def build_checker(current_user, authorizing_obj)
+          lambda do |resolved_obj|
+            # Load the elements if they were not loaded by BatchLoader yet
+            resolved_obj = resolved_obj.sync if resolved_obj.respond_to?(:sync)
+
+            check = lambda do |object|
+              authorizations.all? do |ability|
+                Ability.allowed?(current_user, ability, authorizing_obj || object)
+              end
+            end
+
+            case resolved_obj
+            when Array, ActiveRecord::Relation
+              resolved_obj.select(&check)
+            else
+              resolved_obj if check.call(resolved_obj)
+            end
+          end
+        end
+
+        # Returns the singular type for relay connections.
+        # This will be the type class of edges.node
+        def node_type_for_relay_connection(type)
+          type = type.get_field('edges').type.unwrap.get_field('node')&.type
+
+          if type.nil?
+            raise Gitlab::Graphql::Errors::ConnectionDefinitionError,
+              'Connection Type must conform to the Relay Cursor Connections Specification'
+          end
+
+          type
+        end
+
+        # Returns the singular type for basic connections, for example `[Types::ProjectType]`
+        def node_type_for_basic_connection(type)
+          type.unwrap
+        end
+
+        def built_in_type?
+          GraphQL::Schema::BUILT_IN_TYPES.has_value?(node_type_for_basic_connection(@field.type))
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/graphql/authorize/instrumentation.rb b/lib/gitlab/graphql/authorize/instrumentation.rb
index 593da8471dd..15ecc3b04f0 100644
--- a/lib/gitlab/graphql/authorize/instrumentation.rb
+++ b/lib/gitlab/graphql/authorize/instrumentation.rb
@@ -7,46 +7,12 @@ module Gitlab
         # Replace the resolver for the field with one that will only return the
         # resolved object if the permissions check is successful.
         def instrument(_type, field)
-          required_permissions = Array.wrap(field.metadata[:authorize])
-          return field if required_permissions.empty?
+          service = AuthorizeFieldService.new(field)
 
-          old_resolver = field.resolve_proc
-
-          new_resolver = -> (obj, args, ctx) do
-            resolved_obj = old_resolver.call(obj, args, ctx)
-            checker = build_checker(ctx[:current_user], required_permissions)
-
-            if resolved_obj.respond_to?(:then)
-              resolved_obj.then(&checker)
-            else
-              checker.call(resolved_obj)
-            end
-          end
-
-          field.redefine do
-            resolve(new_resolver)
-          end
-        end
-
-        private
-
-        def build_checker(current_user, abilities)
-          lambda do |value|
-            # Load the elements if they weren't loaded by BatchLoader yet
-            value = value.sync if value.respond_to?(:sync)
-
-            check = lambda do |object|
-              abilities.all? do |ability|
-                Ability.allowed?(current_user, ability, object)
-              end
-            end
-
-            case value
-            when Array
-              value.select(&check)
-            else
-              value if check.call(value)
-            end
+          if service.authorizations?
+            field.redefine { resolve(service.authorized_resolve) }
+          else
+            field
           end
         end
       end
diff --git a/lib/gitlab/graphql/errors.rb b/lib/gitlab/graphql/errors.rb
index fe74549e322..bcbba72e017 100644
--- a/lib/gitlab/graphql/errors.rb
+++ b/lib/gitlab/graphql/errors.rb
@@ -6,6 +6,7 @@ module Gitlab
       BaseError = Class.new(GraphQL::ExecutionError)
       ArgumentError = Class.new(BaseError)
       ResourceNotAvailable = Class.new(BaseError)
+      ConnectionDefinitionError = Class.new(BaseError)
     end
   end
 end
diff --git a/lib/gitlab/graphql/query_analyzers/log_query_complexity.rb b/lib/gitlab/graphql/query_analyzers/log_query_complexity.rb
new file mode 100644
index 00000000000..95db130dbfc
--- /dev/null
+++ b/lib/gitlab/graphql/query_analyzers/log_query_complexity.rb
@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Graphql
+    module QueryAnalyzers
+      class LogQueryComplexity
+        class << self
+          def analyzer
+            GraphQL::Analysis::QueryComplexity.new do |query, complexity|
+              # temporary until https://gitlab.com/gitlab-org/gitlab-ce/issues/59587
+              Rails.logger.info("[GraphQL Query Complexity] #{complexity}  | admin? #{query.context[:current_user]&.admin?}")
+            end
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/graphql/tracing.rb b/lib/gitlab/graphql/tracing.rb
new file mode 100644
index 00000000000..6b505e4262b
--- /dev/null
+++ b/lib/gitlab/graphql/tracing.rb
@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Graphql
+    class Tracing < GraphQL::Tracing::PlatformTracing
+      self.platform_keys = {
+        'lex' => 'graphql.lex',
+        'parse' => 'graphql.parse',
+        'validate' => 'graphql.validate',
+        'analyze_query' => 'graphql.analyze',
+        'analyze_multiplex' => 'graphql.analyze',
+        'execute_multiplex' => 'graphql.execute',
+        'execute_query' => 'graphql.execute',
+        'execute_query_lazy' => 'graphql.execute',
+        'execute_field' => 'graphql.execute',
+        'execute_field_lazy' => 'graphql.execute'
+      }
+
+      def platform_field_key(type, field)
+        "#{type.name}.#{field.name}"
+      end
+
+      def platform_trace(platform_key, key, data, &block)
+        start = Gitlab::Metrics::System.monotonic_time
+
+        yield
+      ensure
+        duration = Gitlab::Metrics::System.monotonic_time - start
+
+        graphql_duration_seconds.observe({ platform_key: platform_key, key: key }, duration)
+      end
+
+      private
+
+      def graphql_duration_seconds
+        @graphql_duration_seconds ||= Gitlab::Metrics.histogram(
+          :graphql_duration_seconds,
+          'GraphQL execution time'
+        )
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/kubernetes/helm.rb b/lib/gitlab/kubernetes/helm.rb
index 42c4745ff98..24713223513 100644
--- a/lib/gitlab/kubernetes/helm.rb
+++ b/lib/gitlab/kubernetes/helm.rb
@@ -3,8 +3,8 @@
 module Gitlab
   module Kubernetes
     module Helm
-      HELM_VERSION = '2.12.3'.freeze
-      KUBECTL_VERSION = '1.11.7'.freeze
+      HELM_VERSION = '2.13.1'.freeze
+      KUBECTL_VERSION = '1.11.9'.freeze
       NAMESPACE = 'gitlab-managed-apps'.freeze
       SERVICE_ACCOUNT = 'tiller'.freeze
       CLUSTER_ROLE_BINDING = 'tiller-admin'.freeze
diff --git a/lib/gitlab/metrics/transaction.rb b/lib/gitlab/metrics/transaction.rb
index e91803ecd62..d7986685c65 100644
--- a/lib/gitlab/metrics/transaction.rb
+++ b/lib/gitlab/metrics/transaction.rb
@@ -8,6 +8,8 @@ module Gitlab
 
       # base labels shared among all transactions
       BASE_LABELS = { controller: nil, action: nil }.freeze
+      # labels that potentially contain sensitive information and will be filtered
+      FILTERED_LABELS = [:branch, :path].freeze
 
       THREAD_KEY = :_gitlab_metrics_transaction
 
@@ -64,7 +66,7 @@ module Gitlab
       end
 
       def add_metric(series, values, tags = {})
-        @metrics << Metric.new("#{::Gitlab::Metrics.series_prefix}#{series}", values, tags)
+        @metrics << Metric.new("#{::Gitlab::Metrics.series_prefix}#{series}", values, filter_tags(tags))
       end
 
       # Tracks a business level event
@@ -75,8 +77,9 @@ module Gitlab
       # event_name - The name of the event (e.g. "git_push").
       # tags - A set of tags to attach to the event.
       def add_event(event_name, tags = {})
-        self.class.transaction_metric(event_name, :counter, prefix: 'event_', use_feature_flag: true, tags: tags).increment(tags.merge(labels))
-        @metrics << Metric.new(EVENT_SERIES, { count: 1 }, tags.merge(event: event_name), :event)
+        filtered_tags = filter_tags(tags)
+        self.class.transaction_metric(event_name, :counter, prefix: 'event_', use_feature_flag: true, tags: filtered_tags).increment(filtered_tags.merge(labels))
+        @metrics << Metric.new(EVENT_SERIES, { count: 1 }, filtered_tags.merge(event: event_name), :event)
       end
 
       # Returns a MethodCall object for the given name.
@@ -164,6 +167,12 @@ module Gitlab
           end
         end
       end
+
+      private
+
+      def filter_tags(tags)
+        tags.without(*FILTERED_LABELS)
+      end
     end
   end
 end
diff --git a/lib/gitlab/path_regex.rb b/lib/gitlab/path_regex.rb
index 3c888be0710..a07b1246bee 100644
--- a/lib/gitlab/path_regex.rb
+++ b/lib/gitlab/path_regex.rb
@@ -57,6 +57,7 @@ module Gitlab
       unsubscribes
       uploads
       users
+      v2
     ].freeze
 
     # This list should contain all words following `/*namespace_id/:project_id` in
diff --git a/lib/gitlab/prometheus/queries/additional_metrics_environment_query.rb b/lib/gitlab/prometheus/queries/additional_metrics_environment_query.rb
index 34b705138ba..c49877ddf9d 100644
--- a/lib/gitlab/prometheus/queries/additional_metrics_environment_query.rb
+++ b/lib/gitlab/prometheus/queries/additional_metrics_environment_query.rb
@@ -7,12 +7,16 @@ module Gitlab
         include QueryAdditionalMetrics
 
         # rubocop: disable CodeReuse/ActiveRecord
-        def query(environment_id)
+        def query(environment_id, timeframe_start = 8.hours.ago, timeframe_end = Time.now)
           ::Environment.find_by(id: environment_id).try do |environment|
             query_metrics(
               environment.project,
               environment,
-              common_query_context(environment, timeframe_start: 8.hours.ago.to_f, timeframe_end: Time.now.to_f)
+              common_query_context(
+                environment,
+                timeframe_start: timeframe_start.to_f,
+                timeframe_end: timeframe_end.to_f
+              )
             )
           end
         end
diff --git a/lib/gitlab/prometheus_client.rb b/lib/gitlab/prometheus_client.rb
index 45828c77a33..f13156f898e 100644
--- a/lib/gitlab/prometheus_client.rb
+++ b/lib/gitlab/prometheus_client.rb
@@ -6,6 +6,14 @@ module Gitlab
     Error = Class.new(StandardError)
     QueryError = Class.new(Gitlab::PrometheusClient::Error)
 
+    # Target number of data points for `query_range`.
+    # Please don't exceed the limit of 11000 data points
+    # See https://github.com/prometheus/prometheus/blob/91306bdf24f5395e2601773316945a478b4b263d/web/api/v1/api.go#L347
+    QUERY_RANGE_DATA_POINTS = 600
+
+    # Minimal value of the `step` parameter for `query_range` in seconds.
+    QUERY_RANGE_MIN_STEP = 60
+
     attr_reader :rest_client, :headers
 
     def initialize(rest_client)
@@ -16,6 +24,19 @@ module Gitlab
       json_api_get('query', query: '1')
     end
 
+    def proxy(type, args)
+      path = api_path(type)
+      get(path, args)
+    rescue RestClient::ExceptionWithResponse => ex
+      if ex.response
+        ex.response
+      else
+        raise PrometheusClient::Error, "Network connection error"
+      end
+    rescue RestClient::Exception
+      raise PrometheusClient::Error, "Network connection error"
+    end
+
     def query(query, time: Time.now)
       get_result('vector') do
         json_api_get('query', query: query, time: time.to_f)
@@ -23,12 +44,18 @@ module Gitlab
     end
 
     def query_range(query, start: 8.hours.ago, stop: Time.now)
+      start = start.to_f
+      stop = stop.to_f
+      step = self.class.compute_step(start, stop)
+
       get_result('matrix') do
-        json_api_get('query_range',
-                     query: query,
-                     start: start.to_f,
-                     end: stop.to_f,
-                     step: 1.minute.to_i)
+        json_api_get(
+          'query_range',
+          query: query,
+          start: start,
+          end: stop,
+          step: step
+        )
       end
     end
 
@@ -40,24 +67,24 @@ module Gitlab
       json_api_get('series', 'match': matches, start: start.to_f, end: stop.to_f)
     end
 
+    def self.compute_step(start, stop)
+      diff = stop - start
+
+      step = (diff / QUERY_RANGE_DATA_POINTS).ceil
+
+      [QUERY_RANGE_MIN_STEP, step].max
+    end
+
     private
 
-    def json_api_get(type, args = {})
-      path = ['api', 'v1', type].join('/')
-      get(path, args)
-    rescue JSON::ParserError
-      raise PrometheusClient::Error, 'Parsing response failed'
-    rescue Errno::ECONNREFUSED
-      raise PrometheusClient::Error, 'Connection refused'
+    def api_path(type)
+      ['api', 'v1', type].join('/')
     end
 
-    def get(path, args)
-      response = rest_client[path].get(params: args)
+    def json_api_get(type, args = {})
+      path = api_path(type)
+      response = get(path, args)
       handle_response(response)
-    rescue SocketError
-      raise PrometheusClient::Error, "Can't connect to #{rest_client.url}"
-    rescue OpenSSL::SSL::SSLError
-      raise PrometheusClient::Error, "#{rest_client.url} contains invalid SSL data"
     rescue RestClient::ExceptionWithResponse => ex
       if ex.response
         handle_exception_response(ex.response)
@@ -68,8 +95,18 @@ module Gitlab
       raise PrometheusClient::Error, "Network connection error"
     end
 
+    def get(path, args)
+      rest_client[path].get(params: args)
+    rescue SocketError
+      raise PrometheusClient::Error, "Can't connect to #{rest_client.url}"
+    rescue OpenSSL::SSL::SSLError
+      raise PrometheusClient::Error, "#{rest_client.url} contains invalid SSL data"
+    rescue Errno::ECONNREFUSED
+      raise PrometheusClient::Error, 'Connection refused'
+    end
+
     def handle_response(response)
-      json_data = JSON.parse(response.body)
+      json_data = parse_json(response.body)
       if response.code == 200 && json_data['status'] == 'success'
         json_data['data'] || {}
       else
@@ -81,7 +118,7 @@ module Gitlab
       if response.code == 200 && response['status'] == 'success'
         response['data'] || {}
       elsif response.code == 400
-        json_data = JSON.parse(response.body)
+        json_data = parse_json(response.body)
         raise PrometheusClient::QueryError, json_data['error'] || 'Bad data received'
       else
         raise PrometheusClient::Error, "#{response.code} - #{response.body}"
@@ -92,5 +129,11 @@ module Gitlab
       data = yield
       data['result'] if data['resultType'] == expected_type
     end
+
+    def parse_json(response_body)
+      JSON.parse(response_body)
+    rescue JSON::ParserError
+      raise PrometheusClient::Error, 'Parsing response failed'
+    end
   end
 end
diff --git a/lib/gitlab/template/base_template.rb b/lib/gitlab/template/base_template.rb
index 0b4cc571dc0..14c9a3e0389 100644
--- a/lib/gitlab/template/base_template.rb
+++ b/lib/gitlab/template/base_template.rb
@@ -16,6 +16,12 @@ module Gitlab
       end
       alias_method :key, :name
 
+      def full_name
+        Pathname.new(@path)
+          .relative_path_from(self.class.base_dir)
+          .to_s
+      end
+
       def content
         @finder.read(@path)
       end
diff --git a/lib/gitlab/untrusted_regexp/ruby_syntax.rb b/lib/gitlab/untrusted_regexp/ruby_syntax.rb
index 91f300f97d0..6adf119aa75 100644
--- a/lib/gitlab/untrusted_regexp/ruby_syntax.rb
+++ b/lib/gitlab/untrusted_regexp/ruby_syntax.rb
@@ -6,7 +6,7 @@ module Gitlab
     # and converts that to RE2 representation:
     # /<regexp>/<flags>
     class RubySyntax
-      PATTERN = %r{^/(?<regexp>.+)/(?<flags>[ismU]*)$}.freeze
+      PATTERN = %r{^/(?<regexp>.*)/(?<flags>[ismU]*)$}.freeze
 
       # Checks if pattern matches a regexp pattern
       # but does not enforce it's validity
@@ -16,28 +16,47 @@ module Gitlab
 
       # The regexp can match the pattern `/.../`, but may not be fabricatable:
       # it can be invalid or incomplete: `/match ( string/`
-      def self.valid?(pattern)
-        !!self.fabricate(pattern)
+      def self.valid?(pattern, fallback: false)
+        !!self.fabricate(pattern, fallback: fallback)
       end
 
-      def self.fabricate(pattern)
-        self.fabricate!(pattern)
+      def self.fabricate(pattern, fallback: false)
+        self.fabricate!(pattern, fallback: fallback)
       rescue RegexpError
         nil
       end
 
-      def self.fabricate!(pattern)
+      def self.fabricate!(pattern, fallback: false)
         raise RegexpError, 'Pattern is not string!' unless pattern.is_a?(String)
 
         matches = pattern.match(PATTERN)
         raise RegexpError, 'Invalid regular expression!' if matches.nil?
 
-        expression = matches[:regexp]
-        flags = matches[:flags]
-        expression.prepend("(?#{flags})") if flags.present?
+        begin
+          create_untrusted_regexp(matches[:regexp], matches[:flags])
+        rescue RegexpError
+          raise unless fallback &&
+              Feature.enabled?(:allow_unsafe_ruby_regexp, default_enabled: false)
 
-        UntrustedRegexp.new(expression, multiline: false)
+          create_ruby_regexp(matches[:regexp], matches[:flags])
+        end
       end
+
+      def self.create_untrusted_regexp(pattern, flags)
+        pattern.prepend("(?#{flags})") if flags.present?
+
+        UntrustedRegexp.new(pattern, multiline: false)
+      end
+      private_class_method :create_untrusted_regexp
+
+      def self.create_ruby_regexp(pattern, flags)
+        options = 0
+        options += Regexp::IGNORECASE if flags&.include?('i')
+        options += Regexp::MULTILINE if flags&.include?('m')
+
+        Regexp.new(pattern, options)
+      end
+      private_class_method :create_ruby_regexp
     end
   end
 end
diff --git a/lib/gitlab/url_helpers.rb b/lib/gitlab/url_helpers.rb
new file mode 100644
index 00000000000..883585c196f
--- /dev/null
+++ b/lib/gitlab/url_helpers.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Gitlab
+  class UrlHelpers
+    WSS_PROTOCOL = "wss".freeze
+    def self.as_wss(url)
+      return unless url.present?
+
+      URI.parse(url).tap do |uri|
+        uri.scheme = WSS_PROTOCOL
+      end.to_s
+    rescue URI::InvalidURIError
+      nil
+    end
+  end
+end
diff --git a/lib/gitlab/workhorse.rb b/lib/gitlab/workhorse.rb
index 5d5a867c9ab..533757d2237 100644
--- a/lib/gitlab/workhorse.rb
+++ b/lib/gitlab/workhorse.rb
@@ -63,13 +63,26 @@ module Gitlab
         ]
       end
 
-      def send_git_archive(repository, ref:, format:, append_sha:)
+      def send_git_archive(repository, ref:, format:, append_sha:, path: nil)
         format ||= 'tar.gz'
         format = format.downcase
-        params = repository.archive_metadata(ref, Gitlab.config.gitlab.repository_downloads_path, format, append_sha: append_sha)
-        raise "Repository or ref not found" if params.empty?
+        metadata = repository.archive_metadata(ref, Gitlab.config.gitlab.repository_downloads_path, format, append_sha: append_sha, path: path)
 
-        params['GitalyServer'] = gitaly_server_hash(repository)
+        raise "Repository or ref not found" if metadata.empty?
+
+        params = {
+          'GitalyServer' => gitaly_server_hash(repository),
+          'ArchivePath' => metadata['ArchivePath'],
+          'GetArchiveRequest' => encode_binary(
+            Gitaly::GetArchiveRequest.new(
+              repository: repository.gitaly_repository,
+              commit_id: metadata['CommitId'],
+              prefix: metadata['ArchivePrefix'],
+              format: archive_format(format),
+              path: path.presence || ""
+            ).to_proto
+          )
+        }
 
         # If present DisableCache must be a Boolean. Otherwise workhorse ignores it.
         params['DisableCache'] = true if git_archive_cache_disabled?
@@ -149,16 +162,16 @@ module Gitlab
         ]
       end
 
-      def terminal_websocket(terminal)
+      def channel_websocket(channel)
         details = {
-          'Terminal' => {
-            'Subprotocols' => terminal[:subprotocols],
-            'Url' => terminal[:url],
-            'Header' => terminal[:headers],
-            'MaxSessionTime' => terminal[:max_session_time]
+          'Channel' => {
+            'Subprotocols' => channel[:subprotocols],
+            'Url' => channel[:url],
+            'Header' => channel[:headers],
+            'MaxSessionTime' => channel[:max_session_time]
           }
         }
-        details['Terminal']['CAPem'] = terminal[:ca_pem] if terminal.key?(:ca_pem)
+        details['Channel']['CAPem'] = channel[:ca_pem] if channel.key?(:ca_pem)
 
         details
       end
@@ -220,6 +233,10 @@ module Gitlab
         Base64.urlsafe_encode64(JSON.dump(hash))
       end
 
+      def encode_binary(binary)
+        Base64.urlsafe_encode64(binary)
+      end
+
       def gitaly_server_hash(repository)
         {
           address: Gitlab::GitalyClient.address(repository.project.repository_storage),
@@ -238,6 +255,19 @@ module Gitlab
       def git_archive_cache_disabled?
         ENV['WORKHORSE_ARCHIVE_CACHE_DISABLED'].present? || Feature.enabled?(:workhorse_archive_cache_disabled)
       end
+
+      def archive_format(format)
+        case format
+        when "tar.bz2", "tbz", "tbz2", "tb2", "bz2"
+          Gitaly::GetArchiveRequest::Format::TAR_BZ2
+        when "tar"
+          Gitaly::GetArchiveRequest::Format::TAR
+        when "zip"
+          Gitaly::GetArchiveRequest::Format::ZIP
+        else
+          Gitaly::GetArchiveRequest::Format::TAR_GZ
+        end
+      end
     end
   end
 end
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index a4b75c127cd..a857612a59a 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -19,6 +19,9 @@ msgstr ""
 msgid " Status"
 msgstr ""
 
+msgid " Try to %{action} this file again."
+msgstr ""
+
 msgid " You need to do this before %{grace_period_deadline}."
 msgstr ""
 
@@ -126,6 +129,9 @@ msgstr ""
 msgid "%{label_for_message} unavailable"
 msgstr ""
 
+msgid "%{level_name} visibility has been restricted by the administrator."
+msgstr ""
+
 msgid "%{link_start}Read more%{link_end} about role permissions"
 msgstr ""
 
@@ -351,6 +357,9 @@ msgstr ""
 msgid "A user with write access to the source branch selected this option"
 msgstr ""
 
+msgid "API Help"
+msgstr ""
+
 msgid "About GitLab"
 msgstr ""
 
@@ -480,6 +489,9 @@ msgstr ""
 msgid "Admin Overview"
 msgstr ""
 
+msgid "Admin Section"
+msgstr ""
+
 msgid "AdminArea| You are about to permanently delete the user %{username}. Issues, merge requests, and groups linked to them will be transferred to a system-wide \"Ghost-user\". To avoid data loss, consider using the %{strong_start}block user%{strong_end} feature instead. Once you %{strong_start}Delete user%{strong_end}, it cannot be undone or recovered."
 msgstr ""
 
@@ -1506,9 +1518,6 @@ msgstr ""
 msgid "Choose <strong>Next</strong> at the bottom of the page."
 msgstr ""
 
-msgid "Choose File ..."
-msgstr ""
-
 msgid "Choose a branch/tag (e.g. %{master}) or enter a commit (e.g. %{sha}) to see what's changed or to create a merge request."
 msgstr ""
 
@@ -1530,7 +1539,7 @@ msgstr ""
 msgid "Choose between <code>clone</code> or <code>fetch</code> to get the recent application code"
 msgstr ""
 
-msgid "Choose file..."
+msgid "Choose file…"
 msgstr ""
 
 msgid "Choose the top-level group for your repository imports."
@@ -1719,6 +1728,9 @@ msgstr ""
 msgid "ClusterIntegration|API URL"
 msgstr ""
 
+msgid "ClusterIntegration|API URL should be a valid http/https url."
+msgstr ""
+
 msgid "ClusterIntegration|Add Kubernetes cluster"
 msgstr ""
 
@@ -1779,6 +1791,9 @@ msgstr ""
 msgid "ClusterIntegration|Choose which of your environments will use this cluster."
 msgstr ""
 
+msgid "ClusterIntegration|Cluster name is required."
+msgstr ""
+
 msgid "ClusterIntegration|Clusters are utilized by selecting the nearest ancestor with a matching environment scope. For example, project clusters will override group clusters."
 msgstr ""
 
@@ -1800,7 +1815,7 @@ msgstr ""
 msgid "ClusterIntegration|Copy Kubernetes cluster name"
 msgstr ""
 
-msgid "ClusterIntegration|Copy Token"
+msgid "ClusterIntegration|Copy Service Token"
 msgstr ""
 
 msgid "ClusterIntegration|Create Kubernetes cluster"
@@ -1992,6 +2007,9 @@ msgstr ""
 msgid "ClusterIntegration|Number of nodes"
 msgstr ""
 
+msgid "ClusterIntegration|Number of nodes must be a numerical value."
+msgstr ""
+
 msgid "ClusterIntegration|Please enter access information for your Kubernetes cluster. If you need help, you can read our %{link_to_help_page} on Kubernetes"
 msgstr ""
 
@@ -2004,9 +2022,6 @@ msgstr ""
 msgid "ClusterIntegration|Project cluster"
 msgstr ""
 
-msgid "ClusterIntegration|Project namespace"
-msgstr ""
-
 msgid "ClusterIntegration|Project namespace (optional, unique)"
 msgstr ""
 
@@ -2073,7 +2088,10 @@ msgstr ""
 msgid "ClusterIntegration|Select zone to choose machine type"
 msgstr ""
 
-msgid "ClusterIntegration|Service token"
+msgid "ClusterIntegration|Service Token"
+msgstr ""
+
+msgid "ClusterIntegration|Service token is required."
 msgstr ""
 
 msgid "ClusterIntegration|Show"
@@ -2106,9 +2124,6 @@ msgstr ""
 msgid "ClusterIntegration|Toggle Kubernetes cluster"
 msgstr ""
 
-msgid "ClusterIntegration|Token"
-msgstr ""
-
 msgid "ClusterIntegration|Update failed. Please check the logs and try again."
 msgstr ""
 
@@ -3013,19 +3028,10 @@ msgstr ""
 msgid "Download asset"
 msgstr ""
 
-msgid "Download tar"
-msgstr ""
-
-msgid "Download tar.bz2"
-msgstr ""
-
-msgid "Download tar.gz"
-msgstr ""
-
-msgid "Download zip"
+msgid "Download source code"
 msgstr ""
 
-msgid "DownloadArtifacts|Download"
+msgid "Download this directory"
 msgstr ""
 
 msgid "DownloadCommit|Email Patches"
@@ -3574,6 +3580,9 @@ msgstr ""
 msgid "Failed to check related branches."
 msgstr ""
 
+msgid "Failed to create resources"
+msgstr ""
+
 msgid "Failed to deploy to"
 msgstr ""
 
@@ -4538,6 +4547,9 @@ msgstr ""
 msgid "Job"
 msgstr ""
 
+msgid "Job Failed #%{build_id}"
+msgstr ""
+
 msgid "Job ID"
 msgstr ""
 
@@ -4598,6 +4610,9 @@ msgstr ""
 msgid "Job|The artifacts will be removed"
 msgstr ""
 
+msgid "Job|This job failed because the necessary resources were not successfully created."
+msgstr ""
+
 msgid "Job|This job is stuck because the project doesn't have any runners online assigned to it."
 msgstr ""
 
@@ -4783,6 +4798,9 @@ msgstr ""
 msgid "Leave"
 msgstr ""
 
+msgid "Leave edit mode? All unsaved changes will be lost."
+msgstr ""
+
 msgid "Leave group"
 msgstr ""
 
@@ -4932,6 +4950,9 @@ msgstr ""
 msgid "Markdown"
 msgstr ""
 
+msgid "Markdown Help"
+msgstr ""
+
 msgid "Markdown enabled"
 msgstr ""
 
@@ -5402,6 +5423,9 @@ msgstr ""
 msgid "No files found."
 msgstr ""
 
+msgid "No job trace"
+msgstr ""
+
 msgid "No labels with such name or description"
 msgstr ""
 
@@ -5468,6 +5492,9 @@ msgstr ""
 msgid "Not now"
 msgstr ""
 
+msgid "Not ready yet. Try again later."
+msgstr ""
+
 msgid "Not started"
 msgstr ""
 
@@ -5626,6 +5653,9 @@ msgstr ""
 msgid "Open in Xcode"
 msgstr ""
 
+msgid "Open raw"
+msgstr ""
+
 msgid "Open sidebar"
 msgstr ""
 
@@ -5749,6 +5779,9 @@ msgstr ""
 msgid "Permissions"
 msgstr ""
 
+msgid "Permissions Help"
+msgstr ""
+
 msgid "Permissions, LFS, 2FA"
 msgstr ""
 
@@ -6025,9 +6058,15 @@ msgstr ""
 msgid "Preview"
 msgstr ""
 
+msgid "Preview changes"
+msgstr ""
+
 msgid "Preview payload"
 msgstr ""
 
+msgid "Previous Artifacts"
+msgstr ""
+
 msgid "Prioritize"
 msgstr ""
 
@@ -6343,9 +6382,6 @@ msgstr ""
 msgid "Project avatar"
 msgstr ""
 
-msgid "Project avatar in repository: %{link}"
-msgstr ""
-
 msgid "Project details"
 msgstr ""
 
@@ -6553,6 +6589,9 @@ msgstr ""
 msgid "Public - The project can be accessed without any authentication."
 msgstr ""
 
+msgid "Public Access Help"
+msgstr ""
+
 msgid "Public deploy keys (%{deploy_keys_count})"
 msgstr ""
 
@@ -6583,6 +6622,9 @@ msgstr ""
 msgid "README"
 msgstr ""
 
+msgid "Rake Tasks Help"
+msgstr ""
+
 msgid "Read more"
 msgstr ""
 
@@ -6678,6 +6720,12 @@ msgstr ""
 msgid "Remove project"
 msgstr ""
 
+msgid "Remove this label? Are you sure?"
+msgstr ""
+
+msgid "Remove this label? This will affect all projects within the group. Are you sure?"
+msgstr ""
+
 msgid "Removed group can not be restored!"
 msgstr ""
 
@@ -6696,6 +6744,9 @@ msgstr ""
 msgid "Reopen milestone"
 msgstr ""
 
+msgid "Replace"
+msgstr ""
+
 msgid "Reply to comment"
 msgstr ""
 
@@ -6831,6 +6882,9 @@ msgstr ""
 msgid "Retry this job"
 msgstr ""
 
+msgid "Retry this job in order to create the necessary resources."
+msgstr ""
+
 msgid "Retry verification"
 msgstr ""
 
@@ -6920,6 +6974,9 @@ msgstr ""
 msgid "SSH Keys"
 msgstr ""
 
+msgid "SSH Keys Help"
+msgstr ""
+
 msgid "SSH host keys"
 msgstr ""
 
@@ -7049,6 +7106,9 @@ msgstr ""
 msgid "SearchAutocomplete|in this project"
 msgstr ""
 
+msgid "SearchResults|Showing %{from} - %{to} of %{count} %{scope} for \"%{term}\""
+msgstr ""
+
 msgid "Secret"
 msgstr ""
 
@@ -7426,6 +7486,9 @@ msgstr ""
 msgid "Sort by"
 msgstr ""
 
+msgid "Sort direction"
+msgstr ""
+
 msgid "SortOptions|Access level, ascending"
 msgstr ""
 
@@ -7744,6 +7807,9 @@ msgstr ""
 msgid "System Hooks"
 msgstr ""
 
+msgid "System Hooks Help"
+msgstr ""
+
 msgid "System Info"
 msgstr ""
 
@@ -7876,6 +7942,11 @@ msgstr ""
 msgid "Test failed."
 msgstr ""
 
+msgid "The %{type} contains the following error:"
+msgid_plural "The %{type} contains the following errors:"
+msgstr[0] ""
+msgstr[1] ""
+
 msgid "The Git LFS objects will <strong>not</strong> be synced."
 msgstr ""
 
@@ -7918,6 +7989,15 @@ msgstr ""
 msgid "The global settings require you to enable Two-Factor Authentication for your account."
 msgstr ""
 
+msgid "The group and any internal projects can be viewed by any logged in user."
+msgstr ""
+
+msgid "The group and any public projects can be viewed without any authentication."
+msgstr ""
+
+msgid "The group and its projects can only be viewed by members."
+msgstr ""
+
 msgid "The group settings for %{group_links} require you to enable Two-Factor Authentication for your account. You can %{leave_group_links}."
 msgstr ""
 
@@ -7996,6 +8076,18 @@ msgstr ""
 msgid "The review stage shows the time from creating the merge request to merging it. The data will automatically be added after you merge your first merge request."
 msgstr ""
 
+msgid "The snippet can be accessed without any authentication."
+msgstr ""
+
+msgid "The snippet is visible only to me."
+msgstr ""
+
+msgid "The snippet is visible only to project members."
+msgstr ""
+
+msgid "The snippet is visible to any logged in user."
+msgstr ""
+
 msgid "The staging stage shows the time between merging the MR and deploying code to the production environment. The data will be automatically added once you deploy to production for the first time."
 msgstr ""
 
@@ -8846,6 +8938,9 @@ msgstr ""
 msgid "User map"
 msgstr ""
 
+msgid "User settings"
+msgstr ""
+
 msgid "User was successfully created."
 msgstr ""
 
@@ -8999,6 +9094,9 @@ msgstr ""
 msgid "View it on GitLab"
 msgstr ""
 
+msgid "View job trace"
+msgstr ""
+
 msgid "View jobs"
 msgstr ""
 
@@ -9074,6 +9172,9 @@ msgstr ""
 msgid "Web terminal"
 msgstr ""
 
+msgid "Webhooks Help"
+msgstr ""
+
 msgid "When a runner is locked, it cannot be assigned to other projects"
 msgstr ""
 
@@ -9206,6 +9307,9 @@ msgstr ""
 msgid "Wiki|Create page"
 msgstr ""
 
+msgid "Wiki|Created date"
+msgstr ""
+
 msgid "Wiki|Edit Page"
 msgstr ""
 
@@ -9224,6 +9328,9 @@ msgstr ""
 msgid "Wiki|Pages"
 msgstr ""
 
+msgid "Wiki|Title"
+msgstr ""
+
 msgid "Wiki|Wiki Pages"
 msgstr ""
 
@@ -9233,6 +9340,9 @@ msgstr ""
 msgid "Withdraw Access Request"
 msgstr ""
 
+msgid "Workflow Help"
+msgstr ""
+
 msgid "Write"
 msgstr ""
 
@@ -9437,6 +9547,12 @@ msgstr ""
 msgid "You'll need to use different branch names to get a valid comparison."
 msgstr ""
 
+msgid "You're not allowed to make changes to this project directly. A fork of this project has been created that you can make changes in, so you can submit a merge request."
+msgstr ""
+
+msgid "You're not allowed to make changes to this project directly. A fork of this project is being created that you can make changes in, so you can submit a merge request."
+msgstr ""
+
 msgid "You're only seeing %{startTag}other activity%{endTag} in the feed. To add a comment, switch to one of the following options."
 msgstr ""
 
@@ -9939,6 +10055,9 @@ msgstr ""
 msgid "private"
 msgstr ""
 
+msgid "processing"
+msgstr ""
+
 msgid "project"
 msgstr ""
 
diff --git a/package.json b/package.json
index ceb36a92cc8..105651fb01d 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
   "private": true,
   "scripts": {
     "clean": "rm -rf public/assets tmp/cache/*-loader",
-    "dev-server": "nodemon -w 'config/webpack.config.js' --exec 'webpack-dev-server --config config/webpack.config.js'",
+    "dev-server": "NODE_OPTIONS=\"--max-old-space-size=3584\" nodemon -w 'config/webpack.config.js' --exec 'webpack-dev-server --config config/webpack.config.js'",
     "eslint": "eslint --max-warnings 0 --report-unused-disable-directives --ext .js,.vue .",
     "eslint-fix": "eslint --max-warnings 0 --report-unused-disable-directives --ext .js,.vue --fix .",
     "eslint-report": "eslint --max-warnings 0 --ext .js,.vue --format html --output-file ./eslint-report.html --no-inline-config .",
@@ -21,8 +21,8 @@
     "stylelint-file": "node node_modules/stylelint/bin/stylelint.js",
     "stylelint-create-utility-map": "node scripts/frontend/stylelint/stylelint-utility-map.js",
     "test": "yarn jest && yarn karma",
-    "webpack": "webpack --config config/webpack.config.js",
-    "webpack-prod": "NODE_ENV=production webpack --config config/webpack.config.js"
+    "webpack": "NODE_OPTIONS=\"--max-old-space-size=3584\" webpack --config config/webpack.config.js",
+    "webpack-prod": "NODE_OPTIONS=\"--max-old-space-size=3584\" NODE_ENV=production webpack --config config/webpack.config.js"
   },
   "dependencies": {
     "@babel/core": "^7.2.2",
@@ -139,7 +139,7 @@
   },
   "devDependencies": {
     "@babel/plugin-transform-modules-commonjs": "^7.2.0",
-    "@gitlab/eslint-config": "^1.4.0",
+    "@gitlab/eslint-config": "^1.5.0",
     "@vue/test-utils": "^1.0.0-beta.25",
     "axios-mock-adapter": "^1.15.0",
     "babel-jest": "^24.1.0",
diff --git a/qa/qa/page/file/show.rb b/qa/qa/page/file/show.rb
index abd8ebb089f..89806430edb 100644
--- a/qa/qa/page/file/show.rb
+++ b/qa/qa/page/file/show.rb
@@ -6,7 +6,7 @@ module QA
 
         view 'app/helpers/blob_helper.rb' do
           element :edit_button, "_('Edit')" # rubocop:disable QA/ElementWithPattern
-          element :delete_button, /label:\s+"Delete"/ # rubocop:disable QA/ElementWithPattern
+          element :delete_button, '_("Delete")' # rubocop:disable QA/ElementWithPattern
         end
 
         view 'app/views/projects/blob/_remove.html.haml' do
diff --git a/qa/qa/page/project/operations/kubernetes/add_existing.rb b/qa/qa/page/project/operations/kubernetes/add_existing.rb
index ffd5b36e1ae..63a230fbdb2 100644
--- a/qa/qa/page/project/operations/kubernetes/add_existing.rb
+++ b/qa/qa/page/project/operations/kubernetes/add_existing.rb
@@ -6,7 +6,7 @@ module QA
           class AddExisting < Page::Base
             view 'app/views/clusters/clusters/user/_form.html.haml' do
               element :cluster_name, 'text_field :name' # rubocop:disable QA/ElementWithPattern
-              element :api_url, 'text_field :api_url' # rubocop:disable QA/ElementWithPattern
+              element :api_url, 'url_field :api_url' # rubocop:disable QA/ElementWithPattern
               element :ca_certificate, 'text_area :ca_cert' # rubocop:disable QA/ElementWithPattern
               element :token, 'text_field :token' # rubocop:disable QA/ElementWithPattern
               element :add_cluster_button, "submit s_('ClusterIntegration|Add Kubernetes cluster')" # rubocop:disable QA/ElementWithPattern
diff --git a/qa/qa/specs/features/browser_ui/3_create/merge_request/create_merge_request_spec.rb b/qa/qa/specs/features/browser_ui/3_create/merge_request/create_merge_request_spec.rb
index 1eada4a6c28..0ff71baed90 100644
--- a/qa/qa/specs/features/browser_ui/3_create/merge_request/create_merge_request_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/merge_request/create_merge_request_spec.rb
@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 
 module QA
-  context 'Create' do
+  # Failure issue: https://gitlab.com/gitlab-org/quality/staging/issues/50
+  context 'Create', :quarantine do
     describe 'Merge request creation' do
       it 'user creates a new merge request', :smoke do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
diff --git a/qa/qa/specs/features/browser_ui/3_create/snippet/create_snippet_spec.rb b/qa/qa/specs/features/browser_ui/3_create/snippet/create_snippet_spec.rb
index b643468a664..f6f0468e76e 100644
--- a/qa/qa/specs/features/browser_ui/3_create/snippet/create_snippet_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/snippet/create_snippet_spec.rb
@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 
 module QA
-  context 'Create', :smoke do
+  # Failure issue: https://gitlab.com/gitlab-org/quality/staging/issues/49
+  context 'Create', :smoke, :quarantine do
     describe 'Snippet creation' do
       it 'User creates a snippet' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
diff --git a/qa/qa/specs/features/browser_ui/4_verify/ci_variable/add_ci_variable_spec.rb b/qa/qa/specs/features/browser_ui/4_verify/ci_variable/add_ci_variable_spec.rb
index 0837b720df1..7aaafde6afa 100644
--- a/qa/qa/specs/features/browser_ui/4_verify/ci_variable/add_ci_variable_spec.rb
+++ b/qa/qa/specs/features/browser_ui/4_verify/ci_variable/add_ci_variable_spec.rb
@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 
 module QA
-  context 'Verify' do
+  # Failure issue: https://gitlab.com/gitlab-org/quality/nightly/issues/91
+  context 'Verify', :quarantine do
     describe 'CI variable support' do
       it 'user adds a CI variable' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
diff --git a/qa/qa/specs/features/browser_ui/6_release/deploy_token/add_deploy_token_spec.rb b/qa/qa/specs/features/browser_ui/6_release/deploy_token/add_deploy_token_spec.rb
index 9f34e4218c1..caa9be341b4 100644
--- a/qa/qa/specs/features/browser_ui/6_release/deploy_token/add_deploy_token_spec.rb
+++ b/qa/qa/specs/features/browser_ui/6_release/deploy_token/add_deploy_token_spec.rb
@@ -8,11 +8,11 @@ module QA
         Page::Main::Login.act { sign_in_using_credentials }
 
         deploy_token_name = 'deploy token name'
-        deploy_token_expires_at = Date.today + 7 # 1 Week from now
+        one_week_from_now = Date.today + 7
 
         deploy_token = Resource::DeployToken.fabricate! do |resource|
           resource.name = deploy_token_name
-          resource.expires_at = deploy_token_expires_at
+          resource.expires_at = one_week_from_now
         end
 
         expect(deploy_token.username.length).to be > 0
diff --git a/qa/qa/tools/generate_perf_testdata.rb b/qa/qa/tools/generate_perf_testdata.rb
index 49a1af8e9f0..de8cfa1aed9 100644
--- a/qa/qa/tools/generate_perf_testdata.rb
+++ b/qa/qa/tools/generate_perf_testdata.rb
@@ -33,6 +33,7 @@ module QA
         add_new_file
         methods_arr = [
           method(:create_issues),
+          method(:create_labels),
           method(:create_todos),
           method(:create_merge_requests),
           method(:create_issue_with_500_discussions),
@@ -80,6 +81,15 @@ module QA
         STDOUT.puts "Created todos"
       end
 
+      def create_labels
+        30.times do |i|
+          post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/labels").url,
+          "name=label#{i}&color=#{Faker::Color.hex_color}"
+        end
+        @urls[:labels_page] = @urls[:project_page] + "/labels"
+        STDOUT.puts "Created labels"
+      end
+
       def create_merge_requests
         30.times do |i|
           post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/merge_requests").url, "source_branch=branch#{i}&target_branch=master&title=MR#{i}"
@@ -108,36 +118,77 @@ module QA
         500.times do
           post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/issues/#{issue_id}/discussions").url, "body=\"Let us discuss\""
         end
+
+        labels_list = (0..15).map {|i| "label#{i}"}.join(',')
+        # Add description and labels
+        put Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/issues/#{issue_id}").url, "description=#{Faker::Lorem.sentences(500).join(" ")}&labels=#{labels_list}"
         @urls[:large_issue] = @urls[:project_page] + "/issues/#{issue_id}"
         STDOUT.puts "Created Issue with 500 Discussions"
       end
 
       def create_mr_with_large_files
         content_arr = []
-        20.times do |i|
+        16.times do |i|
           faker_line_arr = Faker::Lorem.sentences(1500)
           content = faker_line_arr.join("\n\r")
-          post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/repository/files/hello#{i}.txt").url, "branch=master&commit_message=\"Add hello#{i}.txt\"&content=#{content}"
+          post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/repository/files/hello#{i}.txt").url,
+            "branch=master&commit_message=\"Add hello#{i}.txt\"&content=#{content}"
           content_arr[i] = faker_line_arr
         end
 
-        post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/repository/branches").url, "branch=performance&ref=master"
+        post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/repository/branches").url,
+        "branch=performance&ref=master"
 
-        20.times do |i|
+        16.times do |i|
           missed_line_array = content_arr[i].each_slice(2).map(&:first)
           content = missed_line_array.join("\n\rIm new!:D \n\r ")
-          put Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/repository/files/hello#{i}.txt").url, "branch=performance&commit_message=\"Update hello#{i}.txt\"&content=#{content}"
+          put Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/repository/files/hello#{i}.txt").url,
+          "branch=performance&commit_message=\"Update hello#{i}.txt\"&content=#{content}"
         end
 
-        create_mr_response = post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/merge_requests").url, "source_branch=performance&target_branch=master&title=Large_MR"
+        create_mr_response = post Runtime::API::Request.new(@api_client, """/projects/#{@group_name}%2F#{@project_name}/merge_requests""").url,
+        "source_branch=performance&target_branch=master&title=Large_MR"
 
         iid = JSON.parse(create_mr_response.body)["iid"]
-        500.times do
-          post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/merge_requests/#{iid}/discussions").url, "body=\"Let us discuss\""
+        diff_refs = JSON.parse(create_mr_response.body)["diff_refs"]
+
+        # Add discussions to diff tab and resolve a few!
+        should_resolve = false
+        16.times do |i|
+          1.upto(9) do |j|
+            create_diff_note(iid, i, j, diff_refs["head_sha"], diff_refs["start_sha"], diff_refs["base_sha"], "new_line")
+            create_diff_note_response = create_diff_note(iid, i, j, diff_refs["head_sha"], diff_refs["start_sha"], diff_refs["base_sha"], "old_line")
+
+            if should_resolve
+              discussion_id = JSON.parse(create_diff_note_response.body)["id"]
+              put Runtime::API::Request.new(@api_client, """/projects/#{@group_name}%2F#{@project_name}/merge_requests/#{iid}/discussions/#{discussion_id}""").url,
+              "resolved=true"
+            end
+
+            should_resolve ^= true
+          end
+        end
+
+        # Add discussions to main tab
+        100.times do
+          post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/merge_requests/#{iid}/discussions").url,
+          "body=\"Let us discuss\""
         end
         @urls[:large_mr] = JSON.parse(create_mr_response.body)["web_url"]
         STDOUT.puts "Created MR with 500 Discussions and 20 Very Large Files"
       end
+
+      def create_diff_note(iid, file_count, line_count, head_sha, start_sha, base_sha, line_type)
+        post Runtime::API::Request.new(@api_client, "/projects/#{@group_name}%2F#{@project_name}/merge_requests/#{iid}/discussions").url,
+          """body=\"Let us discuss\"&
+          position[position_type]=text&
+          position[new_path]=hello#{file_count}.txt&
+          position[old_path]=hello#{file_count}.txt&
+          position[#{line_type}]=#{line_count * 100}&
+          position[head_sha]=#{head_sha}&
+          position[start_sha]=#{start_sha}&
+          position[base_sha]=#{base_sha}"""
+      end
     end
   end
 end
diff --git a/spec/config/object_store_settings_spec.rb b/spec/config/object_store_settings_spec.rb
index b1ada3c99db..efb620fe6dd 100644
--- a/spec/config/object_store_settings_spec.rb
+++ b/spec/config/object_store_settings_spec.rb
@@ -3,7 +3,7 @@ require Rails.root.join('config', 'object_store_settings.rb')
 
 describe ObjectStoreSettings do
   describe '.parse' do
-    it 'should set correct default values' do
+    it 'sets correct default values' do
       settings = described_class.parse(nil)
 
       expect(settings['enabled']).to be false
diff --git a/spec/controllers/concerns/issuable_collections_spec.rb b/spec/controllers/concerns/issuable_collections_spec.rb
index 8580900215c..a82b66361ca 100644
--- a/spec/controllers/concerns/issuable_collections_spec.rb
+++ b/spec/controllers/concerns/issuable_collections_spec.rb
@@ -117,7 +117,7 @@ describe IssuableCollections do
         due_date: '2017-01-01',
         group_id: '3',
         iids: '4',
-        label_name: 'foo',
+        label_name: ['foo'],
         milestone_title: 'bar',
         my_reaction_emoji: 'thumbsup',
         non_archived: 'true',
@@ -142,7 +142,7 @@ describe IssuableCollections do
         'author_id' => '2',
         'author_username' => 'user2',
         'confidential' => true,
-        'label_name' => 'foo',
+        'label_name' => ['foo'],
         'milestone_title' => 'bar',
         'my_reaction_emoji' => 'thumbsup',
         'due_date' => '2017-01-01',
diff --git a/spec/controllers/dashboard/milestones_controller_spec.rb b/spec/controllers/dashboard/milestones_controller_spec.rb
index ab40b4eb178..828de0e7ca5 100644
--- a/spec/controllers/dashboard/milestones_controller_spec.rb
+++ b/spec/controllers/dashboard/milestones_controller_spec.rb
@@ -75,7 +75,7 @@ describe Dashboard::MilestonesController do
       expect(response.body).not_to include(project_milestone.title)
     end
 
-    it 'should show counts of group and project milestones to which the user belongs to' do
+    it 'shows counts of group and project milestones to which the user belongs to' do
       get :index
 
       expect(response.body).to include("Open\n<span class=\"badge badge-pill\">2</span>")
diff --git a/spec/controllers/dashboard_controller_spec.rb b/spec/controllers/dashboard_controller_spec.rb
index c857a78d5e8..b039ec2906c 100644
--- a/spec/controllers/dashboard_controller_spec.rb
+++ b/spec/controllers/dashboard_controller_spec.rb
@@ -23,4 +23,37 @@ describe DashboardController do
 
   it_behaves_like 'authenticates sessionless user', :issues, :atom, author_id: User.first
   it_behaves_like 'authenticates sessionless user', :issues_calendar, :ics
+
+  describe "#check_filters_presence!" do
+    let(:user) { create(:user) }
+
+    before do
+      sign_in(user)
+      get :merge_requests, params: params
+    end
+
+    context "no filters" do
+      let(:params) { {} }
+
+      it 'sets @no_filters_set to false' do
+        expect(assigns[:no_filters_set]).to eq(true)
+      end
+    end
+
+    context "scalar filters" do
+      let(:params) { { author_id: user.id } }
+
+      it 'sets @no_filters_set to false' do
+        expect(assigns[:no_filters_set]).to eq(false)
+      end
+    end
+
+    context "array filters" do
+      let(:params) { { label_name: ['bug'] } }
+
+      it 'sets @no_filters_set to false' do
+        expect(assigns[:no_filters_set]).to eq(false)
+      end
+    end
+  end
 end
diff --git a/spec/controllers/groups/clusters_controller_spec.rb b/spec/controllers/groups/clusters_controller_spec.rb
index ef23ffaa843..e5180ec5c5c 100644
--- a/spec/controllers/groups/clusters_controller_spec.rb
+++ b/spec/controllers/groups/clusters_controller_spec.rb
@@ -455,7 +455,7 @@ describe Groups::ClustersController do
     context 'when domain is invalid' do
       let(:domain) { 'http://not-a-valid-domain' }
 
-      it 'should not update cluster attributes' do
+      it 'does not update cluster attributes' do
         go
 
         cluster.reload
diff --git a/spec/controllers/groups/settings/ci_cd_controller_spec.rb b/spec/controllers/groups/settings/ci_cd_controller_spec.rb
index 15eb0a442a6..3290ed8b088 100644
--- a/spec/controllers/groups/settings/ci_cd_controller_spec.rb
+++ b/spec/controllers/groups/settings/ci_cd_controller_spec.rb
@@ -124,7 +124,7 @@ describe Groups::Settings::CiCdController do
         end
 
         context 'when explicitly enabling auto devops' do
-          it 'should update group attribute' do
+          it 'updates group attribute' do
             expect(group.auto_devops_enabled).to eq(true)
           end
         end
@@ -132,7 +132,7 @@ describe Groups::Settings::CiCdController do
         context 'when explicitly disabling auto devops' do
           let(:auto_devops_param) { '0' }
 
-          it 'should update group attribute' do
+          it 'updates group attribute' do
             expect(group.auto_devops_enabled).to eq(false)
           end
         end
diff --git a/spec/controllers/groups_controller_spec.rb b/spec/controllers/groups_controller_spec.rb
index b2e6df6060a..2b803e7151f 100644
--- a/spec/controllers/groups_controller_spec.rb
+++ b/spec/controllers/groups_controller_spec.rb
@@ -566,11 +566,11 @@ describe GroupsController do
           }
       end
 
-      it 'should return a notice' do
+      it 'returns a notice' do
         expect(flash[:notice]).to eq("Group '#{group.name}' was successfully transferred.")
       end
 
-      it 'should redirect to the new path' do
+      it 'redirects to the new path' do
         expect(response).to redirect_to("/#{new_parent_group.path}/#{group.path}")
       end
     end
@@ -587,11 +587,11 @@ describe GroupsController do
           }
       end
 
-      it 'should return a notice' do
+      it 'returns a notice' do
         expect(flash[:notice]).to eq("Group '#{group.name}' was successfully transferred.")
       end
 
-      it 'should redirect to the new path' do
+      it 'redirects to the new path' do
         expect(response).to redirect_to("/#{group.path}")
       end
     end
@@ -611,12 +611,12 @@ describe GroupsController do
           }
       end
 
-      it 'should return an alert' do
+      it 'returns an alert' do
         expect(flash[:alert]).to eq "Transfer failed: namespace directory cannot be moved"
       end
 
-      it 'should redirect to the current path' do
-        expect(response).to render_template(:edit)
+      it 'redirects to the current path' do
+        expect(response).to redirect_to(edit_group_path(group))
       end
     end
 
@@ -633,7 +633,7 @@ describe GroupsController do
           }
       end
 
-      it 'should be denied' do
+      it 'is denied' do
         expect(response).to have_gitlab_http_status(404)
       end
     end
diff --git a/spec/controllers/omniauth_callbacks_controller_spec.rb b/spec/controllers/omniauth_callbacks_controller_spec.rb
index 06c6f49f7cc..b823a8d7463 100644
--- a/spec/controllers/omniauth_callbacks_controller_spec.rb
+++ b/spec/controllers/omniauth_callbacks_controller_spec.rb
@@ -55,7 +55,7 @@ describe OmniauthCallbacksController, type: :controller do
         allow(@routes).to receive(:generate_extras) { [path, []] }
       end
 
-      it 'it calls through to the failure handler' do
+      it 'calls through to the failure handler' do
         request.env['omniauth.error'] = OneLogin::RubySaml::ValidationError.new("Fingerprint mismatch")
         request.env['omniauth.error.strategy'] = OmniAuth::Strategies::SAML.new(nil)
         stub_route_as('/users/auth/saml/callback')
diff --git a/spec/controllers/projects/blob_controller_spec.rb b/spec/controllers/projects/blob_controller_spec.rb
index 3801fca09dc..32949e0e7d6 100644
--- a/spec/controllers/projects/blob_controller_spec.rb
+++ b/spec/controllers/projects/blob_controller_spec.rb
@@ -285,7 +285,7 @@ describe Projects::BlobController do
           merge_request.update!(source_project: other_project, target_project: other_project)
         end
 
-        it "it redirect to blob" do
+        it "redirects to blob" do
           put :update, params: mr_params
 
           expect(response).to redirect_to(blob_after_edit_path)
diff --git a/spec/controllers/projects/ci/lints_controller_spec.rb b/spec/controllers/projects/ci/lints_controller_spec.rb
index cfa010c2d1c..0b79484bbfa 100644
--- a/spec/controllers/projects/ci/lints_controller_spec.rb
+++ b/spec/controllers/projects/ci/lints_controller_spec.rb
@@ -16,15 +16,15 @@ describe Projects::Ci::LintsController do
         get :show, params: { namespace_id: project.namespace, project_id: project }
       end
 
-      it 'should be success' do
+      it 'is success' do
         expect(response).to be_success
       end
 
-      it 'should render show page' do
+      it 'renders show page' do
         expect(response).to render_template :show
       end
 
-      it 'should retrieve project' do
+      it 'retrieves project' do
         expect(assigns(:project)).to eq(project)
       end
     end
@@ -36,7 +36,7 @@ describe Projects::Ci::LintsController do
         get :show, params: { namespace_id: project.namespace, project_id: project }
       end
 
-      it 'should respond with 404' do
+      it 'responds with 404' do
         expect(response).to have_gitlab_http_status(404)
       end
     end
@@ -74,7 +74,7 @@ describe Projects::Ci::LintsController do
         post :create, params: { namespace_id: project.namespace, project_id: project, content: content }
       end
 
-      it 'should be success' do
+      it 'is success' do
         expect(response).to be_success
       end
 
@@ -82,7 +82,7 @@ describe Projects::Ci::LintsController do
         expect(response).to render_template :show
       end
 
-      it 'should retrieve project' do
+      it 'retrieves project' do
         expect(assigns(:project)).to eq(project)
       end
     end
@@ -102,7 +102,7 @@ describe Projects::Ci::LintsController do
         post :create, params: { namespace_id: project.namespace, project_id: project, content: content }
       end
 
-      it 'should assign errors' do
+      it 'assigns errors' do
         expect(assigns[:error]).to eq('jobs:rubocop config contains unknown keys: scriptt')
       end
     end
@@ -114,7 +114,7 @@ describe Projects::Ci::LintsController do
         post :create, params: { namespace_id: project.namespace, project_id: project, content: content }
       end
 
-      it 'should respond with 404' do
+      it 'responds with 404' do
         expect(response).to have_gitlab_http_status(404)
       end
     end
diff --git a/spec/controllers/projects/commits_controller_spec.rb b/spec/controllers/projects/commits_controller_spec.rb
index 8cb9130b834..9fb455dd974 100644
--- a/spec/controllers/projects/commits_controller_spec.rb
+++ b/spec/controllers/projects/commits_controller_spec.rb
@@ -15,7 +15,7 @@ describe Projects::CommitsController do
 
     describe "GET commits_root" do
       context "no ref is provided" do
-        it 'should redirect to the default branch of the project' do
+        it 'redirects to the default branch of the project' do
           get(:commits_root,
               params: {
                 namespace_id: project.namespace,
diff --git a/spec/controllers/projects/environments/prometheus_api_controller_spec.rb b/spec/controllers/projects/environments/prometheus_api_controller_spec.rb
new file mode 100644
index 00000000000..5a0b92c2514
--- /dev/null
+++ b/spec/controllers/projects/environments/prometheus_api_controller_spec.rb
@@ -0,0 +1,152 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Projects::Environments::PrometheusApiController do
+  set(:project) { create(:project) }
+  set(:environment) { create(:environment, project: project) }
+  set(:user) { create(:user) }
+
+  before do
+    project.add_reporter(user)
+    sign_in(user)
+  end
+
+  describe 'GET #proxy' do
+    let(:prometheus_proxy_service) { instance_double(Prometheus::ProxyService) }
+    let(:expected_params) do
+      ActionController::Parameters.new(
+        environment_params(
+          proxy_path: 'query',
+          controller: 'projects/environments/prometheus_api',
+          action: 'proxy'
+        )
+      ).permit!
+    end
+
+    context 'with valid requests' do
+      before do
+        allow(Prometheus::ProxyService).to receive(:new)
+          .with(environment, 'GET', 'query', expected_params)
+          .and_return(prometheus_proxy_service)
+
+        allow(prometheus_proxy_service).to receive(:execute)
+          .and_return(service_result)
+      end
+
+      context 'with success result' do
+        let(:service_result) { { status: :success, body: prometheus_body } }
+        let(:prometheus_body) { '{"status":"success"}' }
+        let(:prometheus_json_body) { JSON.parse(prometheus_body) }
+
+        it 'returns prometheus response' do
+          get :proxy, params: environment_params
+
+          expect(Prometheus::ProxyService).to have_received(:new)
+            .with(environment, 'GET', 'query', expected_params)
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(json_response).to eq(prometheus_json_body)
+        end
+      end
+
+      context 'with nil result' do
+        let(:service_result) { nil }
+
+        it 'returns 202 accepted' do
+          get :proxy, params: environment_params
+
+          expect(json_response['status']).to eq('processing')
+          expect(json_response['message']).to eq('Not ready yet. Try again later.')
+          expect(response).to have_gitlab_http_status(:accepted)
+        end
+      end
+
+      context 'with 404 result' do
+        let(:service_result) { { http_status: 404, status: :success, body: '{"body": "value"}' } }
+
+        it 'returns body' do
+          get :proxy, params: environment_params
+
+          expect(response).to have_gitlab_http_status(:not_found)
+          expect(json_response['body']).to eq('value')
+        end
+      end
+
+      context 'with error result' do
+        context 'with http_status' do
+          let(:service_result) do
+            { http_status: :service_unavailable, status: :error, message: 'error message' }
+          end
+
+          it 'sets the http response status code' do
+            get :proxy, params: environment_params
+
+            expect(response).to have_gitlab_http_status(:service_unavailable)
+            expect(json_response['status']).to eq('error')
+            expect(json_response['message']).to eq('error message')
+          end
+        end
+
+        context 'without http_status' do
+          let(:service_result) { { status: :error, message: 'error message' } }
+
+          it 'returns bad_request' do
+            get :proxy, params: environment_params
+
+            expect(response).to have_gitlab_http_status(:bad_request)
+            expect(json_response['status']).to eq('error')
+            expect(json_response['message']).to eq('error message')
+          end
+        end
+      end
+    end
+
+    context 'with inappropriate requests' do
+      context 'with anonymous user' do
+        before do
+          sign_out(user)
+        end
+
+        it 'redirects to signin page' do
+          get :proxy, params: environment_params
+
+          expect(response).to redirect_to(new_user_session_path)
+        end
+      end
+
+      context 'without correct permissions' do
+        before do
+          project.team.truncate
+        end
+
+        it 'returns 404' do
+          get :proxy, params: environment_params
+
+          expect(response).to have_gitlab_http_status(:not_found)
+        end
+      end
+    end
+
+    context 'with invalid environment id' do
+      let(:other_environment) { create(:environment) }
+
+      it 'returns 404' do
+        get :proxy, params: environment_params(id: other_environment.id)
+
+        expect(response).to have_gitlab_http_status(:not_found)
+      end
+    end
+  end
+
+  private
+
+  def environment_params(params = {})
+    {
+      id: environment.id.to_s,
+      namespace_id: project.namespace.name,
+      project_id: project.name,
+      proxy_path: 'query',
+      query: '1'
+    }.merge(params)
+  end
+end
diff --git a/spec/controllers/projects/environments_controller_spec.rb b/spec/controllers/projects/environments_controller_spec.rb
index 36ce1119100..43639875265 100644
--- a/spec/controllers/projects/environments_controller_spec.rb
+++ b/spec/controllers/projects/environments_controller_spec.rb
@@ -283,7 +283,7 @@ describe Projects::EnvironmentsController do
             .and_return([:fake_terminal])
 
           expect(Gitlab::Workhorse)
-            .to receive(:terminal_websocket)
+            .to receive(:channel_websocket)
             .with(:fake_terminal)
             .and_return(workhorse: :response)
 
@@ -392,7 +392,7 @@ describe Projects::EnvironmentsController do
 
       context 'when requesting metrics as JSON' do
         it 'returns a metrics JSON document' do
-          get :additional_metrics, params: environment_params(format: :json)
+          additional_metrics
 
           expect(response).to have_gitlab_http_status(204)
           expect(json_response).to eq({})
@@ -412,7 +412,7 @@ describe Projects::EnvironmentsController do
       end
 
       it 'returns a metrics JSON document' do
-        get :additional_metrics, params: environment_params(format: :json)
+        additional_metrics
 
         expect(response).to be_ok
         expect(json_response['success']).to be(true)
@@ -420,6 +420,32 @@ describe Projects::EnvironmentsController do
         expect(json_response['last_update']).to eq(42)
       end
     end
+
+    context 'when only one time param is provided' do
+      context 'when :metrics_time_window feature flag is disabled' do
+        before do
+          stub_feature_flags(metrics_time_window: false)
+          expect(environment).to receive(:additional_metrics).with(no_args).and_return(nil)
+        end
+
+        it 'returns a time-window agnostic response' do
+          additional_metrics(start: '1552647300.651094')
+
+          expect(response).to have_gitlab_http_status(204)
+          expect(json_response).to eq({})
+        end
+      end
+
+      it 'raises an error when start is missing' do
+        expect { additional_metrics(start: '1552647300.651094') }
+          .to raise_error(ActionController::ParameterMissing)
+      end
+
+      it 'raises an error when end is missing' do
+        expect { additional_metrics(start: '1552647300.651094') }
+          .to raise_error(ActionController::ParameterMissing)
+      end
+    end
   end
 
   describe 'GET #search' do
@@ -500,4 +526,8 @@ describe Projects::EnvironmentsController do
                        project_id: project,
                        id: environment.id)
   end
+
+  def additional_metrics(opts = {})
+    get :additional_metrics, params: environment_params(format: :json, **opts)
+  end
 end
diff --git a/spec/controllers/projects/jobs_controller_spec.rb b/spec/controllers/projects/jobs_controller_spec.rb
index d8a331b3cf0..23e4e9806c2 100644
--- a/spec/controllers/projects/jobs_controller_spec.rb
+++ b/spec/controllers/projects/jobs_controller_spec.rb
@@ -989,7 +989,7 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do
       context 'and valid id' do
         it 'returns the terminal for the job' do
           expect(Gitlab::Workhorse)
-            .to receive(:terminal_websocket)
+            .to receive(:channel_websocket)
             .and_return(workhorse: :response)
 
           get_terminal_websocket(id: job.id)
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index c8fa93a74ee..017162519d8 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -60,6 +60,8 @@ describe Projects::MergeRequestsController do
       end
 
       it "renders merge request page" do
+        expect(::Gitlab::GitalyClient).to receive(:allow_ref_name_caching).and_call_original
+
         go(format: :html)
 
         expect(response).to be_success
diff --git a/spec/controllers/projects/mirrors_controller_spec.rb b/spec/controllers/projects/mirrors_controller_spec.rb
index 86a12a5e903..f2b73956e8d 100644
--- a/spec/controllers/projects/mirrors_controller_spec.rb
+++ b/spec/controllers/projects/mirrors_controller_spec.rb
@@ -65,7 +65,7 @@ describe Projects::MirrorsController do
         expect(flash[:notice]).to match(/successfully updated/)
       end
 
-      it 'should create a RemoteMirror object' do
+      it 'creates a RemoteMirror object' do
         expect { do_put(project, remote_mirrors_attributes: remote_mirror_attributes) }.to change(RemoteMirror, :count).by(1)
       end
     end
@@ -82,7 +82,7 @@ describe Projects::MirrorsController do
         expect(flash[:alert]).to match(/Only allowed protocols are/)
       end
 
-      it 'should not create a RemoteMirror object' do
+      it 'does not create a RemoteMirror object' do
         expect { do_put(project, remote_mirrors_attributes: remote_mirror_attributes) }.not_to change(RemoteMirror, :count)
       end
     end
diff --git a/spec/controllers/projects/pipelines_controller_spec.rb b/spec/controllers/projects/pipelines_controller_spec.rb
index b64ae552efc..814100f7d5d 100644
--- a/spec/controllers/projects/pipelines_controller_spec.rb
+++ b/spec/controllers/projects/pipelines_controller_spec.rb
@@ -97,6 +97,8 @@ describe Projects::PipelinesController do
         RequestStore.clear!
         RequestStore.begin!
 
+        expect(::Gitlab::GitalyClient).to receive(:allow_ref_name_caching).and_call_original
+
         expect { get_pipelines_index_json }
           .to change { Gitlab::GitalyClient.get_request_count }.by(2)
       end
diff --git a/spec/controllers/projects/project_members_controller_spec.rb b/spec/controllers/projects/project_members_controller_spec.rb
index 3cc3fe69fba..33486edcdd1 100644
--- a/spec/controllers/projects/project_members_controller_spec.rb
+++ b/spec/controllers/projects/project_members_controller_spec.rb
@@ -5,7 +5,7 @@ describe Projects::ProjectMembersController do
   let(:project) { create(:project, :public, :access_requestable) }
 
   describe 'GET index' do
-    it 'should have the project_members address with a 200 status code' do
+    it 'has the project_members address with a 200 status code' do
       get :index, params: { namespace_id: project.namespace, project_id: project }
 
       expect(response).to have_gitlab_http_status(200)
diff --git a/spec/controllers/projects/services_controller_spec.rb b/spec/controllers/projects/services_controller_spec.rb
index 601a292bf54..d00d5bf579d 100644
--- a/spec/controllers/projects/services_controller_spec.rb
+++ b/spec/controllers/projects/services_controller_spec.rb
@@ -147,7 +147,7 @@ describe Projects::ServicesController do
           params: { namespace_id: project.namespace, project_id: project, id: service.to_param, service: { namespace: 'updated_namespace' } }
       end
 
-      it 'should not update the service' do
+      it 'does not update the service' do
         service.reload
         expect(service.namespace).not_to eq('updated_namespace')
       end
@@ -172,7 +172,7 @@ describe Projects::ServicesController do
     context 'with approved services' do
       let(:service_id) { 'jira' }
 
-      it 'should render edit page' do
+      it 'renders edit page' do
         expect(response).to be_success
       end
     end
@@ -180,7 +180,7 @@ describe Projects::ServicesController do
     context 'with a deprecated service' do
       let(:service_id) { 'kubernetes' }
 
-      it 'should render edit page' do
+      it 'renders edit page' do
         expect(response).to be_success
       end
     end
diff --git a/spec/controllers/projects_controller_spec.rb b/spec/controllers/projects_controller_spec.rb
index 356d606d5c5..56d38b9475e 100644
--- a/spec/controllers/projects_controller_spec.rb
+++ b/spec/controllers/projects_controller_spec.rb
@@ -703,6 +703,16 @@ describe ProjectsController do
       expect(JSON.parse(response.body).keys).to match_array(%w(body references))
     end
 
+    context 'when not authorized' do
+      let(:private_project) { create(:project, :private) }
+
+      it 'returns 404' do
+        post :preview_markdown, params: { namespace_id: private_project.namespace, id: private_project, text: '*Markdown* text' }
+
+        expect(response).to have_gitlab_http_status(404)
+      end
+    end
+
     context 'state filter on references' do
       let(:issue) { create(:issue, :closed, project: public_project) }
       let(:merge_request) { create(:merge_request, :closed, target_project: public_project) }
diff --git a/spec/controllers/user_callouts_controller_spec.rb b/spec/controllers/user_callouts_controller_spec.rb
index c71d75a3e7f..3cbbba934b8 100644
--- a/spec/controllers/user_callouts_controller_spec.rb
+++ b/spec/controllers/user_callouts_controller_spec.rb
@@ -14,11 +14,11 @@ describe UserCalloutsController do
       let(:feature_name) { UserCallout.feature_names.keys.first }
 
       context 'when callout entry does not exist' do
-        it 'should create a callout entry with dismissed state' do
+        it 'creates a callout entry with dismissed state' do
           expect { subject }.to change { UserCallout.count }.by(1)
         end
 
-        it 'should return success' do
+        it 'returns success' do
           subject
 
           expect(response).to have_gitlab_http_status(:ok)
@@ -28,7 +28,7 @@ describe UserCalloutsController do
       context 'when callout entry already exists' do
         let!(:callout) { create(:user_callout, feature_name: UserCallout.feature_names.keys.first, user: user) }
 
-        it 'should return success' do
+        it 'returns success' do
           subject
 
           expect(response).to have_gitlab_http_status(:ok)
@@ -39,7 +39,7 @@ describe UserCalloutsController do
     context 'with invalid feature name' do
       let(:feature_name) { 'bogus_feature_name' }
 
-      it 'should return bad request' do
+      it 'returns bad request' do
         subject
 
         expect(response).to have_gitlab_http_status(:bad_request)
diff --git a/spec/factories/ci/builds.rb b/spec/factories/ci/builds.rb
index 067391c1179..f8c494c159e 100644
--- a/spec/factories/ci/builds.rb
+++ b/spec/factories/ci/builds.rb
@@ -336,6 +336,11 @@ FactoryBot.define do
       failure_reason 2
     end
 
+    trait :prerequisite_failure do
+      failed
+      failure_reason 10
+    end
+
     trait :with_runner_session do
       after(:build) do |build|
         build.build_runner_session(url: 'https://localhost')
diff --git a/spec/features/commits/user_uses_quick_actions_spec.rb b/spec/features/commits/user_uses_quick_actions_spec.rb
index 9a4b7bd2444..4b7e7465df1 100644
--- a/spec/features/commits/user_uses_quick_actions_spec.rb
+++ b/spec/features/commits/user_uses_quick_actions_spec.rb
@@ -22,27 +22,6 @@ describe 'Commit > User uses quick actions', :js do
     let(:tag_message) { 'Stable release' }
     let(:truncated_commit_sha) { Commit.truncate_sha(commit.sha) }
 
-    it 'tags this commit' do
-      add_note("/tag #{tag_name} #{tag_message}")
-
-      expect(page).to have_content 'Commands applied'
-      expect(page).to have_content "tagged commit #{truncated_commit_sha}"
-      expect(page).to have_content tag_name
-
-      visit project_tag_path(project, tag_name)
-      expect(page).to have_content tag_name
-      expect(page).to have_content tag_message
-      expect(page).to have_content truncated_commit_sha
-    end
-
-    describe 'preview', :js do
-      it 'removes quick action from note and explains it' do
-        preview_note("/tag #{tag_name} #{tag_message}")
-
-        expect(page).not_to have_content '/tag'
-        expect(page).to have_content %{Tags this commit to #{tag_name} with "#{tag_message}"}
-        expect(page).to have_content tag_name
-      end
-    end
+    it_behaves_like 'tag quick action'
   end
 end
diff --git a/spec/features/dashboard/merge_requests_spec.rb b/spec/features/dashboard/merge_requests_spec.rb
index 9ffa75aee47..4965770605a 100644
--- a/spec/features/dashboard/merge_requests_spec.rb
+++ b/spec/features/dashboard/merge_requests_spec.rb
@@ -44,6 +44,8 @@ describe 'Dashboard Merge Requests' do
   end
 
   context 'merge requests exist' do
+    let(:label) { create(:label) }
+
     let!(:assigned_merge_request) do
       create(:merge_request,
         assignee: current_user,
@@ -72,6 +74,14 @@ describe 'Dashboard Merge Requests' do
               target_project: public_project, source_project: forked_project)
     end
 
+    let!(:labeled_merge_request) do
+      create(:labeled_merge_request,
+              source_branch: 'labeled',
+              labels: [label],
+              author: current_user,
+              source_project: project)
+    end
+
     let!(:other_merge_request) do
       create(:merge_request,
               source_branch: 'fix',
@@ -90,6 +100,7 @@ describe 'Dashboard Merge Requests' do
       expect(page).not_to have_content(authored_merge_request.title)
       expect(page).not_to have_content(authored_merge_request_from_fork.title)
       expect(page).not_to have_content(other_merge_request.title)
+      expect(page).not_to have_content(labeled_merge_request.title)
     end
 
     it 'shows authored merge requests', :js do
@@ -98,7 +109,21 @@ describe 'Dashboard Merge Requests' do
 
       expect(page).to have_content(authored_merge_request.title)
       expect(page).to have_content(authored_merge_request_from_fork.title)
+      expect(page).to have_content(labeled_merge_request.title)
+
+      expect(page).not_to have_content(assigned_merge_request.title)
+      expect(page).not_to have_content(assigned_merge_request_from_fork.title)
+      expect(page).not_to have_content(other_merge_request.title)
+    end
+
+    it 'shows labeled merge requests', :js do
+      reset_filters
+      input_filtered_search("label:#{label.name}")
 
+      expect(page).to have_content(labeled_merge_request.title)
+
+      expect(page).not_to have_content(authored_merge_request.title)
+      expect(page).not_to have_content(authored_merge_request_from_fork.title)
       expect(page).not_to have_content(assigned_merge_request.title)
       expect(page).not_to have_content(assigned_merge_request_from_fork.title)
       expect(page).not_to have_content(other_merge_request.title)
diff --git a/spec/features/expand_collapse_diffs_spec.rb b/spec/features/expand_collapse_diffs_spec.rb
index 8d801161148..b2b3382666a 100644
--- a/spec/features/expand_collapse_diffs_spec.rb
+++ b/spec/features/expand_collapse_diffs_spec.rb
@@ -34,7 +34,7 @@ describe 'Expand and collapse diffs', :js do
     define_method(file.split('.').first) { file_container(file) }
   end
 
-  it 'should show the diff content with a highlighted line when linking to line' do
+  it 'shows the diff content with a highlighted line when linking to line' do
     expect(large_diff).not_to have_selector('.code')
     expect(large_diff).to have_selector('.nothing-here-block')
 
@@ -48,7 +48,7 @@ describe 'Expand and collapse diffs', :js do
     expect(large_diff).to have_selector('.hll')
   end
 
-  it 'should show the diff content when linking to file' do
+  it 'shows the diff content when linking to file' do
     expect(large_diff).not_to have_selector('.code')
     expect(large_diff).to have_selector('.nothing-here-block')
 
diff --git a/spec/features/explore/groups_list_spec.rb b/spec/features/explore/groups_list_spec.rb
index 8ed4051856e..56f6b1f7eaf 100644
--- a/spec/features/explore/groups_list_spec.rb
+++ b/spec/features/explore/groups_list_spec.rb
@@ -68,17 +68,17 @@ describe 'Explore Groups page', :js do
   end
 
   describe 'landing component' do
-    it 'should show a landing component' do
+    it 'shows a landing component' do
       expect(page).to have_content('Below you will find all the groups that are public.')
     end
 
-    it 'should be dismissable' do
+    it 'is dismissable' do
       find('.dismiss-button').click
 
       expect(page).not_to have_content('Below you will find all the groups that are public.')
     end
 
-    it 'should persistently not show once dismissed' do
+    it 'does not show persistently once dismissed' do
       find('.dismiss-button').click
 
       visit explore_groups_path
diff --git a/spec/features/groups/clusters/user_spec.rb b/spec/features/groups/clusters/user_spec.rb
index 2410cd92e3f..b661b5cbaef 100644
--- a/spec/features/groups/clusters/user_spec.rb
+++ b/spec/features/groups/clusters/user_spec.rb
@@ -69,7 +69,7 @@ describe 'User Cluster', :js do
       end
 
       it 'user sees a validation error' do
-        expect(page).to have_css('#error_explanation')
+        expect(page).to have_css('.gl-field-error')
       end
     end
   end
diff --git a/spec/features/groups/settings/ci_cd_spec.rb b/spec/features/groups/settings/ci_cd_spec.rb
index 0f793dbab6e..5b1a9512c55 100644
--- a/spec/features/groups/settings/ci_cd_spec.rb
+++ b/spec/features/groups/settings/ci_cd_spec.rb
@@ -43,7 +43,7 @@ describe 'Group CI/CD settings' do
     end
 
     context 'as owner first visiting group settings' do
-      it 'should see instance enabled badge' do
+      it 'sees instance enabled badge' do
         visit group_settings_ci_cd_path(group)
 
         page.within '#auto-devops-settings' do
@@ -53,7 +53,7 @@ describe 'Group CI/CD settings' do
     end
 
     context 'when Auto DevOps group has been enabled' do
-      it 'should see group enabled badge' do
+      it 'sees group enabled badge' do
         group.update!(auto_devops_enabled: true)
 
         visit group_settings_ci_cd_path(group)
@@ -65,7 +65,7 @@ describe 'Group CI/CD settings' do
     end
 
     context 'when Auto DevOps group has been disabled' do
-      it 'should not see a badge' do
+      it 'does not see a badge' do
         group.update!(auto_devops_enabled: false)
 
         visit group_settings_ci_cd_path(group)
diff --git a/spec/features/groups_spec.rb b/spec/features/groups_spec.rb
index c2f32c76422..8e7f78cab81 100644
--- a/spec/features/groups_spec.rb
+++ b/spec/features/groups_spec.rb
@@ -237,7 +237,7 @@ describe 'Group' do
     let!(:project) { create(:project, namespace: group) }
     let!(:path) { group_path(group) }
 
-    it 'it renders projects and groups on the page' do
+    it 'renders projects and groups on the page' do
       visit path
       wait_for_requests
 
diff --git a/spec/features/help_pages_spec.rb b/spec/features/help_pages_spec.rb
index e24b1f4349d..bcd2b90d3bb 100644
--- a/spec/features/help_pages_spec.rb
+++ b/spec/features/help_pages_spec.rb
@@ -82,15 +82,15 @@ describe 'Help Pages' do
       visit help_path
     end
 
-    it 'should display custom help page text' do
+    it 'displays custom help page text' do
       expect(page).to have_text "My Custom Text"
     end
 
-    it 'should hide marketing content when enabled' do
+    it 'hides marketing content when enabled' do
       expect(page).not_to have_link "Get a support subscription"
     end
 
-    it 'should use a custom support url' do
+    it 'uses a custom support url' do
       expect(page).to have_link "See our website for getting help", href: "http://example.com/help"
     end
   end
diff --git a/spec/features/issues/filtered_search/dropdown_assignee_spec.rb b/spec/features/issues/filtered_search/dropdown_assignee_spec.rb
index e0b1e286dee..75313442b65 100644
--- a/spec/features/issues/filtered_search/dropdown_assignee_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_assignee_spec.rb
@@ -42,7 +42,7 @@ describe 'Dropdown assignee', :js do
       expect(page).to have_css(js_dropdown_assignee, visible: false)
     end
 
-    it 'should show loading indicator when opened' do
+    it 'shows loading indicator when opened' do
       slow_requests do
         # We aren't using `input_filtered_search` because we want to see the loading indicator
         filtered_search.set('assignee:')
@@ -51,13 +51,13 @@ describe 'Dropdown assignee', :js do
       end
     end
 
-    it 'should hide loading indicator when loaded' do
+    it 'hides loading indicator when loaded' do
       input_filtered_search('assignee:', submit: false, extra_space: false)
 
       expect(find(js_dropdown_assignee)).not_to have_css('.filter-dropdown-loading')
     end
 
-    it 'should load all the assignees when opened' do
+    it 'loads all the assignees when opened' do
       input_filtered_search('assignee:', submit: false, extra_space: false)
 
       expect(dropdown_assignee_size).to eq(4)
diff --git a/spec/features/issues/filtered_search/dropdown_author_spec.rb b/spec/features/issues/filtered_search/dropdown_author_spec.rb
index bedc61b9eed..bc8d9bc8450 100644
--- a/spec/features/issues/filtered_search/dropdown_author_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_author_spec.rb
@@ -50,7 +50,7 @@ describe 'Dropdown author', :js do
       expect(page).to have_css(js_dropdown_author, visible: false)
     end
 
-    it 'should show loading indicator when opened' do
+    it 'shows loading indicator when opened' do
       slow_requests do
         filtered_search.set('author:')
 
@@ -58,13 +58,13 @@ describe 'Dropdown author', :js do
       end
     end
 
-    it 'should hide loading indicator when loaded' do
+    it 'hides loading indicator when loaded' do
       send_keys_to_filtered_search('author:')
 
       expect(page).not_to have_css('#js-dropdown-author .filter-dropdown-loading')
     end
 
-    it 'should load all the authors when opened' do
+    it 'loads all the authors when opened' do
       send_keys_to_filtered_search('author:')
 
       expect(dropdown_author_size).to eq(4)
diff --git a/spec/features/issues/filtered_search/dropdown_emoji_spec.rb b/spec/features/issues/filtered_search/dropdown_emoji_spec.rb
index f36d4e8f23f..a5c3ab7e7d0 100644
--- a/spec/features/issues/filtered_search/dropdown_emoji_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_emoji_spec.rb
@@ -69,7 +69,7 @@ describe 'Dropdown emoji', :js do
         expect(page).to have_css(js_dropdown_emoji, visible: false)
       end
 
-      it 'should show loading indicator when opened' do
+      it 'shows loading indicator when opened' do
         slow_requests do
           filtered_search.set('my-reaction:')
 
@@ -77,13 +77,13 @@ describe 'Dropdown emoji', :js do
         end
       end
 
-      it 'should hide loading indicator when loaded' do
+      it 'hides loading indicator when loaded' do
         send_keys_to_filtered_search('my-reaction:')
 
         expect(page).not_to have_css('#js-dropdown-my-reaction .filter-dropdown-loading')
       end
 
-      it 'should load all the emojis when opened' do
+      it 'loads all the emojis when opened' do
         send_keys_to_filtered_search('my-reaction:')
 
         expect(dropdown_emoji_size).to eq(4)
diff --git a/spec/features/issues/filtered_search/dropdown_milestone_spec.rb b/spec/features/issues/filtered_search/dropdown_milestone_spec.rb
index b330eafe1d1..7584339ccc0 100644
--- a/spec/features/issues/filtered_search/dropdown_milestone_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_milestone_spec.rb
@@ -49,7 +49,7 @@ describe 'Dropdown milestone', :js do
       expect(page).to have_css(js_dropdown_milestone, visible: false)
     end
 
-    it 'should show loading indicator when opened' do
+    it 'shows loading indicator when opened' do
       slow_requests do
         filtered_search.set('milestone:')
 
@@ -57,13 +57,13 @@ describe 'Dropdown milestone', :js do
       end
     end
 
-    it 'should hide loading indicator when loaded' do
+    it 'hides loading indicator when loaded' do
       filtered_search.set('milestone:')
 
       expect(find(js_dropdown_milestone)).not_to have_css('.filter-dropdown-loading')
     end
 
-    it 'should load all the milestones when opened' do
+    it 'loads all the milestones when opened' do
       filtered_search.set('milestone:')
 
       expect(filter_dropdown).to have_selector('.filter-dropdown .filter-dropdown-item', count: 6)
diff --git a/spec/features/issues/form_spec.rb b/spec/features/issues/form_spec.rb
index f2e4c5779df..26c781350e5 100644
--- a/spec/features/issues/form_spec.rb
+++ b/spec/features/issues/form_spec.rb
@@ -45,7 +45,7 @@ describe 'New/edit issue', :js do
         wait_for_requests
       end
 
-      it 'should display selected users even if they are not part of the original API call' do
+      it 'displays selected users even if they are not part of the original API call' do
         find('.dropdown-input-field').native.send_keys user2.name
 
         page.within '.dropdown-menu-user' do
diff --git a/spec/features/issues/issue_detail_spec.rb b/spec/features/issues/issue_detail_spec.rb
index 76bc93e9766..791bd003597 100644
--- a/spec/features/issues/issue_detail_spec.rb
+++ b/spec/features/issues/issue_detail_spec.rb
@@ -26,7 +26,7 @@ describe 'Issue Detail', :js do
       wait_for_requests
     end
 
-    it 'should encode the description to prevent xss issues' do
+    it 'encodes the description to prevent xss issues' do
       page.within('.issuable-details .detail-page-description') do
         expect(page).to have_selector('img', count: 1)
         expect(find('img')['onerror']).to be_nil
diff --git a/spec/features/issues/user_uses_quick_actions_spec.rb b/spec/features/issues/user_uses_quick_actions_spec.rb
index 362f8a468ec..6a8b5e76cda 100644
--- a/spec/features/issues/user_uses_quick_actions_spec.rb
+++ b/spec/features/issues/user_uses_quick_actions_spec.rb
@@ -43,6 +43,7 @@ describe 'Issues > User uses quick actions', :js do
   describe 'issue-only commands' do
     let(:user) { create(:user) }
     let(:project) { create(:project, :public) }
+    let(:issue) { create(:issue, project: project, due_date: Date.new(2016, 8, 28)) }
 
     before do
       project.add_maintainer(user)
@@ -55,6 +56,9 @@ describe 'Issues > User uses quick actions', :js do
       wait_for_requests
     end
 
+    it_behaves_like 'confidential quick action'
+    it_behaves_like 'remove_due_date quick action'
+
     describe 'adding a due date from note' do
       let(:issue) { create(:issue, project: project) }
 
@@ -73,24 +77,6 @@ describe 'Issues > User uses quick actions', :js do
       end
     end
 
-    describe 'removing a due date from note' do
-      let(:issue) { create(:issue, project: project, due_date: Date.new(2016, 8, 28)) }
-
-      it_behaves_like 'remove_due_date action available and due date can be removed'
-
-      context 'when the current user cannot update the due date' do
-        let(:guest) { create(:user) }
-        before do
-          project.add_guest(guest)
-          gitlab_sign_out
-          sign_in(guest)
-          visit project_issue_path(project, issue)
-        end
-
-        it_behaves_like 'remove_due_date action not available'
-      end
-    end
-
     describe 'toggling the WIP prefix from the title from note' do
       let(:issue) { create(:issue, project: project) }
 
@@ -137,42 +123,6 @@ describe 'Issues > User uses quick actions', :js do
       end
     end
 
-    describe 'make issue confidential' do
-      let(:issue) { create(:issue, project: project) }
-      let(:original_issue) { create(:issue, project: project) }
-
-      context 'when the current user can update issues' do
-        it 'does not create a note, and marks the issue as confidential' do
-          add_note("/confidential")
-
-          expect(page).not_to have_content "/confidential"
-          expect(page).to have_content 'Commands applied'
-          expect(page).to have_content "made the issue confidential"
-
-          expect(issue.reload).to be_confidential
-        end
-      end
-
-      context 'when the current user cannot update the issue' do
-        let(:guest) { create(:user) }
-        before do
-          project.add_guest(guest)
-          gitlab_sign_out
-          sign_in(guest)
-          visit project_issue_path(project, issue)
-        end
-
-        it 'does not create a note, and does not mark the issue as confidential' do
-          add_note("/confidential")
-
-          expect(page).not_to have_content 'Commands applied'
-          expect(page).not_to have_content "made the issue confidential"
-
-          expect(issue.reload).not_to be_confidential
-        end
-      end
-    end
-
     describe 'move the issue to another project' do
       let(:issue) { create(:issue, project: project) }
 
diff --git a/spec/features/labels_hierarchy_spec.rb b/spec/features/labels_hierarchy_spec.rb
index 7c31e67a7fa..bac297de4a6 100644
--- a/spec/features/labels_hierarchy_spec.rb
+++ b/spec/features/labels_hierarchy_spec.rb
@@ -145,7 +145,7 @@ describe 'Labels Hierarchy', :js, :nested_groups do
       visit new_project_issue_path(project_1)
     end
 
-    it 'should be able to assign ancestor group labels' do
+    it 'is able to assign ancestor group labels' do
       fill_in 'issue_title', with: 'new created issue'
       fill_in 'issue_description', with: 'new issue description'
 
diff --git a/spec/features/merge_request/user_allows_commits_from_memebers_who_can_merge_spec.rb b/spec/features/merge_request/user_allows_commits_from_memebers_who_can_merge_spec.rb
index 0ccab5b2fac..b8c4a78e24f 100644
--- a/spec/features/merge_request/user_allows_commits_from_memebers_who_can_merge_spec.rb
+++ b/spec/features/merge_request/user_allows_commits_from_memebers_who_can_merge_spec.rb
@@ -76,7 +76,7 @@ describe 'create a merge request, allowing commits from members who can merge to
       sign_in(member)
     end
 
-    it 'it hides the option from members' do
+    it 'hides the option from members' do
       visit edit_project_merge_request_path(target_project, merge_request)
 
       expect(page).not_to have_content('Allows commits from members who can merge to the target branch')
diff --git a/spec/features/merge_request/user_sees_merge_widget_spec.rb b/spec/features/merge_request/user_sees_merge_widget_spec.rb
index 2609546990d..40ba676ff92 100644
--- a/spec/features/merge_request/user_sees_merge_widget_spec.rb
+++ b/spec/features/merge_request/user_sees_merge_widget_spec.rb
@@ -302,7 +302,7 @@ describe 'Merge request > User sees merge widget', :js do
       visit project_merge_request_path(project_only_mwps, merge_request_in_only_mwps_project)
     end
 
-    it 'should be allowed to merge' do
+    it 'is allowed to merge' do
       # Wait for the `ci_status` and `merge_check` requests
       wait_for_requests
 
diff --git a/spec/features/merge_request/user_sees_versions_spec.rb b/spec/features/merge_request/user_sees_versions_spec.rb
index 5c45e363997..6eae3fd4676 100644
--- a/spec/features/merge_request/user_sees_versions_spec.rb
+++ b/spec/features/merge_request/user_sees_versions_spec.rb
@@ -230,7 +230,7 @@ describe 'Merge request > User sees versions', :js do
       wait_for_requests
     end
 
-    it 'should only show diffs from the commit' do
+    it 'only shows diffs from the commit' do
       diff_commit_ids = find_all('.diff-file [data-commit-id]').map {|diff| diff['data-commit-id']}
 
       expect(diff_commit_ids).not_to be_empty
diff --git a/spec/features/merge_request/user_suggests_changes_on_diff_spec.rb b/spec/features/merge_request/user_suggests_changes_on_diff_spec.rb
index c19e299097e..1b5dd6945e0 100644
--- a/spec/features/merge_request/user_suggests_changes_on_diff_spec.rb
+++ b/spec/features/merge_request/user_suggests_changes_on_diff_spec.rb
@@ -6,6 +6,14 @@ describe 'User comments on a diff', :js do
   include MergeRequestDiffHelpers
   include RepoHelpers
 
+  def expect_suggestion_has_content(element, expected_changing_content, expected_suggested_content)
+    changing_content = element.all(:css, '.line_holder.old').map(&:text)
+    suggested_content = element.all(:css, '.line_holder.new').map(&:text)
+
+    expect(changing_content).to eq(expected_changing_content)
+    expect(suggested_content).to eq(expected_suggested_content)
+  end
+
   let(:project) { create(:project, :repository) }
   let(:merge_request) do
     create(:merge_request_with_diffs, source_project: project, target_project: project, source_branch: 'merge-test')
@@ -33,8 +41,18 @@ describe 'User comments on a diff', :js do
       page.within('.diff-discussions') do
         expect(page).to have_button('Apply suggestion')
         expect(page).to have_content('Suggested change')
-        expect(page).to have_content('	url = https://github.com/gitlabhq/gitlab-shell.git')
-        expect(page).to have_content('# change to a comment')
+      end
+
+      page.within('.md-suggestion-diff') do
+        expected_changing_content = [
+          "6 url = https://github.com/gitlabhq/gitlab-shell.git"
+        ]
+
+        expected_suggested_content = [
+          "6 # change to a comment"
+        ]
+
+        expect_suggestion_has_content(page, expected_changing_content, expected_suggested_content)
       end
     end
 
@@ -64,7 +82,7 @@ describe 'User comments on a diff', :js do
       click_diff_line(find("[id='#{sample_compare.changes[1][:line_code]}']"))
 
       page.within('.js-discussion-note-form') do
-        fill_in('note_note', with: "```suggestion\n# change to a comment\n```\n```suggestion\n# or that\n```")
+        fill_in('note_note', with: "```suggestion\n# change to a comment\n```\n```suggestion:-2\n# or that\n# heh\n```")
         click_button('Comment')
       end
 
@@ -74,11 +92,90 @@ describe 'User comments on a diff', :js do
         suggestion_1 = page.all(:css, '.md-suggestion-diff')[0]
         suggestion_2 = page.all(:css, '.md-suggestion-diff')[1]
 
-        expect(suggestion_1).to have_content('	url = https://github.com/gitlabhq/gitlab-shell.git')
-        expect(suggestion_1).to have_content('# change to a comment')
+        suggestion_1_expected_changing_content = [
+          "6 url = https://github.com/gitlabhq/gitlab-shell.git"
+        ]
+        suggestion_1_expected_suggested_content = [
+          "6 # change to a comment"
+        ]
+
+        suggestion_2_expected_changing_content = [
+          "4 [submodule \"gitlab-shell\"]",
+          "5 path = gitlab-shell",
+          "6 url = https://github.com/gitlabhq/gitlab-shell.git"
+        ]
+        suggestion_2_expected_suggested_content = [
+          "4 # or that",
+          "5 # heh"
+        ]
+
+        expect_suggestion_has_content(suggestion_1,
+                                      suggestion_1_expected_changing_content,
+                                      suggestion_1_expected_suggested_content)
+
+        expect_suggestion_has_content(suggestion_2,
+                                      suggestion_2_expected_changing_content,
+                                      suggestion_2_expected_suggested_content)
+      end
+    end
+  end
+
+  context 'multi-line suggestions' do
+    it 'suggestion is presented' do
+      click_diff_line(find("[id='#{sample_compare.changes[1][:line_code]}']"))
+
+      page.within('.js-discussion-note-form') do
+        fill_in('note_note', with: "```suggestion:-3+5\n# change to a\n# comment\n# with\n# broken\n# lines\n```")
+        click_button('Comment')
+      end
 
-        expect(suggestion_2).to have_content('	url = https://github.com/gitlabhq/gitlab-shell.git')
-        expect(suggestion_2).to have_content('# or that')
+      wait_for_requests
+
+      page.within('.diff-discussions') do
+        expect(page).to have_button('Apply suggestion')
+        expect(page).to have_content('Suggested change')
+      end
+
+      page.within('.md-suggestion-diff') do
+        expected_changing_content = [
+          "3 url = git://github.com/randx/six.git",
+          "4 [submodule \"gitlab-shell\"]",
+          "5 path = gitlab-shell",
+          "6 url = https://github.com/gitlabhq/gitlab-shell.git",
+          "7 [submodule \"gitlab-grack\"]",
+          "8 path = gitlab-grack",
+          "9 url = https://gitlab.com/gitlab-org/gitlab-grack.git"
+        ]
+
+        expected_suggested_content = [
+          "3 # change to a",
+          "4 # comment",
+          "5 # with",
+          "6 # broken",
+          "7 # lines"
+        ]
+
+        expect_suggestion_has_content(page, expected_changing_content, expected_suggested_content)
+      end
+    end
+
+    it 'suggestion is appliable' do
+      click_diff_line(find("[id='#{sample_compare.changes[1][:line_code]}']"))
+
+      page.within('.js-discussion-note-form') do
+        fill_in('note_note', with: "```suggestion:-3+5\n# change to a\n# comment\n# with\n# broken\n# lines\n```")
+        click_button('Comment')
+      end
+
+      wait_for_requests
+
+      page.within('.diff-discussions') do
+        expect(page).not_to have_content('Applied')
+
+        click_button('Apply suggestion')
+        wait_for_requests
+
+        expect(page).to have_content('Applied')
       end
     end
   end
diff --git a/spec/features/merge_request/user_uses_quick_actions_spec.rb b/spec/features/merge_request/user_uses_quick_actions_spec.rb
index a2b5859bd1e..5e466fb41d0 100644
--- a/spec/features/merge_request/user_uses_quick_actions_spec.rb
+++ b/spec/features/merge_request/user_uses_quick_actions_spec.rb
@@ -56,6 +56,9 @@ describe 'Merge request > User uses quick actions', :js do
       project.add_maintainer(user)
     end
 
+    it_behaves_like 'merge quick action'
+    it_behaves_like 'target_branch quick action'
+
     describe 'toggling the WIP prefix in the title from note' do
       context 'when the current user can toggle the WIP prefix' do
         before do
@@ -102,151 +105,5 @@ describe 'Merge request > User uses quick actions', :js do
         end
       end
     end
-
-    describe 'merging the MR from the note' do
-      context 'when the current user can merge the MR' do
-        before do
-          sign_in(user)
-          visit project_merge_request_path(project, merge_request)
-        end
-
-        it 'merges the MR' do
-          add_note("/merge")
-
-          expect(page).to have_content 'Commands applied'
-
-          expect(merge_request.reload).to be_merged
-        end
-      end
-
-      context 'when the head diff changes in the meanwhile' do
-        before do
-          merge_request.source_branch = 'another_branch'
-          merge_request.save
-          sign_in(user)
-          visit project_merge_request_path(project, merge_request)
-        end
-
-        it 'does not merge the MR' do
-          add_note("/merge")
-
-          expect(page).not_to have_content 'Your commands have been executed!'
-
-          expect(merge_request.reload).not_to be_merged
-        end
-      end
-
-      context 'when the current user cannot merge the MR' do
-        before do
-          project.add_guest(guest)
-          sign_in(guest)
-          visit project_merge_request_path(project, merge_request)
-        end
-
-        it 'does not merge the MR' do
-          add_note("/merge")
-
-          expect(page).not_to have_content 'Your commands have been executed!'
-
-          expect(merge_request.reload).not_to be_merged
-        end
-      end
-    end
-
-    describe 'adding a due date from note' do
-      before do
-        sign_in(user)
-        visit project_merge_request_path(project, merge_request)
-      end
-
-      it_behaves_like 'due quick action not available'
-    end
-
-    describe 'removing a due date from note' do
-      before do
-        sign_in(user)
-        visit project_merge_request_path(project, merge_request)
-      end
-
-      it_behaves_like 'remove_due_date action not available'
-    end
-
-    describe '/target_branch command in merge request' do
-      let(:another_project) { create(:project, :public, :repository) }
-      let(:new_url_opts) { { merge_request: { source_branch: 'feature' } } }
-
-      before do
-        another_project.add_maintainer(user)
-        sign_in(user)
-      end
-
-      it 'changes target_branch in new merge_request' do
-        visit project_new_merge_request_path(another_project, new_url_opts)
-
-        fill_in "merge_request_title", with: 'My brand new feature'
-        fill_in "merge_request_description", with: "le feature \n/target_branch fix\nFeature description:"
-        click_button "Submit merge request"
-
-        merge_request = another_project.merge_requests.first
-        expect(merge_request.description).to eq "le feature \nFeature description:"
-        expect(merge_request.target_branch).to eq 'fix'
-      end
-
-      it 'does not change target branch when merge request is edited' do
-        new_merge_request = create(:merge_request, source_project: another_project)
-
-        visit edit_project_merge_request_path(another_project, new_merge_request)
-        fill_in "merge_request_description", with: "Want to update target branch\n/target_branch fix\n"
-        click_button "Save changes"
-
-        new_merge_request = another_project.merge_requests.first
-        expect(new_merge_request.description).to include('/target_branch')
-        expect(new_merge_request.target_branch).not_to eq('fix')
-      end
-    end
-
-    describe '/target_branch command from note' do
-      context 'when the current user can change target branch' do
-        before do
-          sign_in(user)
-          visit project_merge_request_path(project, merge_request)
-        end
-
-        it 'changes target branch from a note' do
-          add_note("message start \n/target_branch merge-test\n message end.")
-
-          wait_for_requests
-          expect(page).not_to have_content('/target_branch')
-          expect(page).to have_content('message start')
-          expect(page).to have_content('message end.')
-
-          expect(merge_request.reload.target_branch).to eq 'merge-test'
-        end
-
-        it 'does not fail when target branch does not exists' do
-          add_note('/target_branch totally_not_existing_branch')
-
-          expect(page).not_to have_content('/target_branch')
-
-          expect(merge_request.target_branch).to eq 'feature'
-        end
-      end
-
-      context 'when current user can not change target branch' do
-        before do
-          project.add_guest(guest)
-          sign_in(guest)
-          visit project_merge_request_path(project, merge_request)
-        end
-
-        it 'does not change target branch' do
-          add_note('/target_branch merge-test')
-
-          expect(page).not_to have_content '/target_branch merge-test'
-
-          expect(merge_request.target_branch).to eq 'feature'
-        end
-      end
-    end
   end
 end
diff --git a/spec/features/projects/blobs/blob_show_spec.rb b/spec/features/projects/blobs/blob_show_spec.rb
index a7aa63018fd..aa2e538cc8e 100644
--- a/spec/features/projects/blobs/blob_show_spec.rb
+++ b/spec/features/projects/blobs/blob_show_spec.rb
@@ -572,7 +572,7 @@ describe 'File blob', :js do
       visit_blob('files/ruby/test.rb', ref: 'feature')
     end
 
-    it 'should show the realtime pipeline status' do
+    it 'shows the realtime pipeline status' do
       page.within('.commit-actions') do
         expect(page).to have_css('.ci-status-icon')
         expect(page).to have_css('.ci-status-icon-running')
diff --git a/spec/features/projects/branches/download_buttons_spec.rb b/spec/features/projects/branches/download_buttons_spec.rb
index c8dc72a34ec..3e75890725e 100644
--- a/spec/features/projects/branches/download_buttons_spec.rb
+++ b/spec/features/projects/branches/download_buttons_spec.rb
@@ -35,7 +35,7 @@ describe 'Download buttons in branches page' do
       it 'shows download artifacts button' do
         href = latest_succeeded_project_artifacts_path(project, 'binary-encoding/download', job: 'build')
 
-        expect(page).to have_link "Download '#{build.name}'", href: href
+        expect(page).to have_link build.name, href: href
       end
     end
   end
diff --git a/spec/features/projects/clusters/applications_spec.rb b/spec/features/projects/clusters/applications_spec.rb
index aa1c3902f0f..527508b3519 100644
--- a/spec/features/projects/clusters/applications_spec.rb
+++ b/spec/features/projects/clusters/applications_spec.rb
@@ -80,7 +80,7 @@ describe 'Clusters Applications', :js do
         context 'on an abac cluster' do
           let(:cluster) { create(:cluster, :provided_by_gcp, :rbac_disabled, projects: [project]) }
 
-          it 'should show info block and not be installable' do
+          it 'shows info block and not be installable' do
             page.within('.js-cluster-application-row-knative') do
               expect(page).to have_css('.rbac-notice')
               expect(page.find(:css, '.js-cluster-application-install-button')['disabled']).to eq('true')
@@ -91,7 +91,7 @@ describe 'Clusters Applications', :js do
         context 'on an rbac cluster' do
           let(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) }
 
-          it 'should not show callout block and be installable' do
+          it 'does not show callout block and be installable' do
             page.within('.js-cluster-application-row-knative') do
               expect(page).not_to have_css('.rbac-notice')
               expect(page).to have_css('.js-cluster-application-install-button:not([disabled])')
diff --git a/spec/features/projects/clusters/gcp_spec.rb b/spec/features/projects/clusters/gcp_spec.rb
index 9322e29d744..83e582c34f0 100644
--- a/spec/features/projects/clusters/gcp_spec.rb
+++ b/spec/features/projects/clusters/gcp_spec.rb
@@ -92,7 +92,7 @@ describe 'Gcp Cluster', :js do
         end
 
         it 'user sees a validation error' do
-          expect(page).to have_css('#error_explanation')
+          expect(page).to have_css('.gl-field-error')
         end
       end
     end
diff --git a/spec/features/projects/clusters/user_spec.rb b/spec/features/projects/clusters/user_spec.rb
index 1f2f7592d8b..fe4f737a7da 100644
--- a/spec/features/projects/clusters/user_spec.rb
+++ b/spec/features/projects/clusters/user_spec.rb
@@ -53,7 +53,7 @@ describe 'User Cluster', :js do
       end
 
       it 'user sees a validation error' do
-        expect(page).to have_css('#error_explanation')
+        expect(page).to have_css('.gl-field-error')
       end
     end
   end
diff --git a/spec/features/projects/commit/mini_pipeline_graph_spec.rb b/spec/features/projects/commit/mini_pipeline_graph_spec.rb
index 19f6ebf2c1a..614f11c8392 100644
--- a/spec/features/projects/commit/mini_pipeline_graph_spec.rb
+++ b/spec/features/projects/commit/mini_pipeline_graph_spec.rb
@@ -43,7 +43,7 @@ describe 'Mini Pipeline Graph in Commit View', :js do
       visit project_commit_path(project, project.commit.id)
     end
 
-    it 'should not display a mini pipeline graph' do
+    it 'does not display a mini pipeline graph' do
       expect(page).not_to have_selector('.mr-widget-pipeline-graph')
     end
   end
diff --git a/spec/features/projects/environments/environment_spec.rb b/spec/features/projects/environments/environment_spec.rb
index fe71cb7661a..da4ef6428d4 100644
--- a/spec/features/projects/environments/environment_spec.rb
+++ b/spec/features/projects/environments/environment_spec.rb
@@ -159,7 +159,7 @@ describe 'Environment' do
               context 'for project maintainer' do
                 let(:role) { :maintainer }
 
-                it 'it shows the terminal button' do
+                it 'shows the terminal button' do
                   expect(page).to have_terminal_button
                 end
 
diff --git a/spec/features/projects/environments/environments_spec.rb b/spec/features/projects/environments/environments_spec.rb
index b2a435e554d..7b7e45312d9 100644
--- a/spec/features/projects/environments/environments_spec.rb
+++ b/spec/features/projects/environments/environments_spec.rb
@@ -30,7 +30,7 @@ describe 'Environments page', :js do
       end
 
       describe 'in available tab page' do
-        it 'should show one environment' do
+        it 'shows one environment' do
           visit_environments(project, scope: 'available')
 
           expect(page).to have_css('.environments-container')
@@ -44,7 +44,7 @@ describe 'Environments page', :js do
           create_list(:environment, 4, project: project, state: :available)
         end
 
-        it 'should render second page of pipelines' do
+        it 'renders second page of pipelines' do
           visit_environments(project, scope: 'available')
 
           find('.js-next-button').click
@@ -56,7 +56,7 @@ describe 'Environments page', :js do
       end
 
       describe 'in stopped tab page' do
-        it 'should show no environments' do
+        it 'shows no environments' do
           visit_environments(project, scope: 'stopped')
 
           expect(page).to have_css('.environments-container')
@@ -72,7 +72,7 @@ describe 'Environments page', :js do
           allow_any_instance_of(Kubeclient::Client).to receive(:proxy_url).and_raise(Kubeclient::HttpError.new(401, 'Unauthorized', nil))
         end
 
-        it 'should show one environment without error' do
+        it 'shows one environment without error' do
           visit_environments(project, scope: 'available')
 
           expect(page).to have_css('.environments-container')
@@ -87,7 +87,7 @@ describe 'Environments page', :js do
       end
 
       describe 'in available tab page' do
-        it 'should show no environments' do
+        it 'shows no environments' do
           visit_environments(project, scope: 'available')
 
           expect(page).to have_css('.environments-container')
@@ -96,7 +96,7 @@ describe 'Environments page', :js do
       end
 
       describe 'in stopped tab page' do
-        it 'should show one environment' do
+        it 'shows one environment' do
           visit_environments(project, scope: 'stopped')
 
           expect(page).to have_css('.environments-container')
diff --git a/spec/features/projects/files/download_buttons_spec.rb b/spec/features/projects/files/download_buttons_spec.rb
index 03cb3530e2b..111972a6b00 100644
--- a/spec/features/projects/files/download_buttons_spec.rb
+++ b/spec/features/projects/files/download_buttons_spec.rb
@@ -30,7 +30,7 @@ describe 'Projects > Files > Download buttons in files tree' do
     it 'shows download artifacts button' do
       href = latest_succeeded_project_artifacts_path(project, "#{project.default_branch}/download", job: 'build')
 
-      expect(page).to have_link "Download '#{build.name}'", href: href
+      expect(page).to have_link build.name, href: href
     end
   end
 end
diff --git a/spec/features/projects/members/invite_group_spec.rb b/spec/features/projects/members/invite_group_spec.rb
index b2d2dba55f1..7432c600c1e 100644
--- a/spec/features/projects/members/invite_group_spec.rb
+++ b/spec/features/projects/members/invite_group_spec.rb
@@ -159,7 +159,7 @@ describe 'Project > Members > Invite group', :js do
         open_select2 '#link_group_id'
       end
 
-      it 'should infinitely scroll' do
+      it 'infinitely scrolls' do
         expect(find('.select2-drop .select2-results')).to have_selector('.select2-result', count: 1)
 
         scroll_select2_to_bottom('.select2-drop .select2-results:visible')
diff --git a/spec/features/projects/pipeline_schedules_spec.rb b/spec/features/projects/pipeline_schedules_spec.rb
index ee6b67b2188..b1a705f09ce 100644
--- a/spec/features/projects/pipeline_schedules_spec.rb
+++ b/spec/features/projects/pipeline_schedules_spec.rb
@@ -93,14 +93,14 @@ describe 'Pipeline Schedules', :js do
         expect(page).to have_button('UTC')
       end
 
-      it 'it creates a new scheduled pipeline' do
+      it 'creates a new scheduled pipeline' do
         fill_in_schedule_form
         save_pipeline_schedule
 
         expect(page).to have_content('my fancy description')
       end
 
-      it 'it prevents an invalid form from being submitted' do
+      it 'prevents an invalid form from being submitted' do
         save_pipeline_schedule
 
         expect(page).to have_content('This field is required')
@@ -112,7 +112,7 @@ describe 'Pipeline Schedules', :js do
         edit_pipeline_schedule
       end
 
-      it 'it displays existing properties' do
+      it 'displays existing properties' do
         description = find_field('schedule_description').value
         expect(description).to eq('pipeline schedule')
         expect(page).to have_button('master')
diff --git a/spec/features/projects/pipelines/pipeline_spec.rb b/spec/features/projects/pipelines/pipeline_spec.rb
index b197557039d..cf334e1e4da 100644
--- a/spec/features/projects/pipelines/pipeline_spec.rb
+++ b/spec/features/projects/pipelines/pipeline_spec.rb
@@ -154,7 +154,7 @@ describe 'Pipeline', :js do
           end
         end
 
-        it 'should be possible to retry the success job' do
+        it 'is possible to retry the success job' do
           find('#ci-badge-build .ci-action-icon-container').click
 
           expect(page).not_to have_content('Retry job')
@@ -194,13 +194,13 @@ describe 'Pipeline', :js do
           end
         end
 
-        it 'should be possible to retry the failed build' do
+        it 'is possible to retry the failed build' do
           find('#ci-badge-test .ci-action-icon-container').click
 
           expect(page).not_to have_content('Retry job')
         end
 
-        it 'should include the failure reason' do
+        it 'includes the failure reason' do
           page.within('#ci-badge-test') do
             build_link = page.find('.js-pipeline-graph-job-link')
             expect(build_link['data-original-title']).to eq('test - failed - (unknown failure)')
@@ -220,7 +220,7 @@ describe 'Pipeline', :js do
           end
         end
 
-        it 'should be possible to play the manual job' do
+        it 'is possible to play the manual job' do
           find('#ci-badge-manual-build .ci-action-icon-container').click
 
           expect(page).not_to have_content('Play job')
@@ -454,7 +454,7 @@ describe 'Pipeline', :js do
         expect(page).to have_content('Cancel running')
       end
 
-      it 'should not link to job' do
+      it 'does not link to job' do
         expect(page).not_to have_selector('.js-pipeline-graph-job-link')
       end
     end
diff --git a/spec/features/projects/pipelines/pipelines_spec.rb b/spec/features/projects/pipelines/pipelines_spec.rb
index 7ca3b3d8edd..cb14db7665d 100644
--- a/spec/features/projects/pipelines/pipelines_spec.rb
+++ b/spec/features/projects/pipelines/pipelines_spec.rb
@@ -542,19 +542,19 @@ describe 'Pipelines', :js do
           visit_project_pipelines
         end
 
-        it 'should render a mini pipeline graph' do
+        it 'renders a mini pipeline graph' do
           expect(page).to have_selector('.js-mini-pipeline-graph')
           expect(page).to have_selector('.js-builds-dropdown-button')
         end
 
         context 'when clicking a stage badge' do
-          it 'should open a dropdown' do
+          it 'opens a dropdown' do
             find('.js-builds-dropdown-button').click
 
             expect(page).to have_link build.name
           end
 
-          it 'should be possible to cancel pending build' do
+          it 'is possible to cancel pending build' do
             find('.js-builds-dropdown-button').click
             find('.js-ci-action').click
             wait_for_requests
@@ -570,7 +570,7 @@ describe 'Pipelines', :js do
                                        name: 'build')
           end
 
-          it 'should display the failure reason' do
+          it 'displays the failure reason' do
             find('.js-builds-dropdown-button').click
 
             within('.js-builds-dropdown-list') do
@@ -587,21 +587,21 @@ describe 'Pipelines', :js do
           create(:ci_empty_pipeline, project: project)
         end
 
-        it 'should render pagination' do
+        it 'renders pagination' do
           visit project_pipelines_path(project)
           wait_for_requests
 
           expect(page).to have_selector('.gl-pagination')
         end
 
-        it 'should render second page of pipelines' do
+        it 'renders second page of pipelines' do
           visit project_pipelines_path(project, page: '2')
           wait_for_requests
 
           expect(page).to have_selector('.gl-pagination .page', count: 2)
         end
 
-        it 'should show updated content' do
+        it 'shows updated content' do
           visit project_pipelines_path(project)
           wait_for_requests
           page.find('.js-next-button .page-link').click
diff --git a/spec/features/projects/show/download_buttons_spec.rb b/spec/features/projects/show/download_buttons_spec.rb
index 3a2dcc5aa55..fee5f8001b0 100644
--- a/spec/features/projects/show/download_buttons_spec.rb
+++ b/spec/features/projects/show/download_buttons_spec.rb
@@ -35,11 +35,10 @@ describe 'Projects > Show > Download buttons' do
       it 'shows download artifacts button' do
         href = latest_succeeded_project_artifacts_path(project, "#{project.default_branch}/download", job: 'build')
 
-        expect(page).to have_link "Download '#{build.name}'", href: href
+        expect(page).to have_link build.name, href: href
       end
 
       it 'download links have download attribute' do
-        expect(page).to have_selector('a', text: 'Download')
         page.all('a', text: 'Download').each do |link|
           expect(link[:download]).to eq ''
         end
diff --git a/spec/features/projects/snippets/user_comments_on_snippet_spec.rb b/spec/features/projects/snippets/user_comments_on_snippet_spec.rb
index 9c1ef78b0ca..4e1e2f330ec 100644
--- a/spec/features/projects/snippets/user_comments_on_snippet_spec.rb
+++ b/spec/features/projects/snippets/user_comments_on_snippet_spec.rb
@@ -23,14 +23,14 @@ describe 'Projects > Snippets > User comments on a snippet', :js do
     expect(page).to have_content('Good snippet!')
   end
 
-  it 'should have autocomplete' do
+  it 'has autocomplete' do
     find('#note_note').native.send_keys('')
     fill_in 'note[note]', with: '@'
 
     expect(page).to have_selector('.atwho-view')
   end
 
-  it 'should have zen mode' do
+  it 'has zen mode' do
     find('.js-zen-enter').click
     expect(page).to have_selector('.fullscreen')
   end
diff --git a/spec/features/projects/tags/download_buttons_spec.rb b/spec/features/projects/tags/download_buttons_spec.rb
index fbfd8cee7aa..4c8ec53836a 100644
--- a/spec/features/projects/tags/download_buttons_spec.rb
+++ b/spec/features/projects/tags/download_buttons_spec.rb
@@ -36,7 +36,7 @@ describe 'Download buttons in tags page' do
       it 'shows download artifacts button' do
         href = latest_succeeded_project_artifacts_path(project, "#{tag}/download", job: 'build')
 
-        expect(page).to have_link "Download '#{build.name}'", href: href
+        expect(page).to have_link build.name, href: href
       end
     end
   end
diff --git a/spec/features/projects/wiki/user_views_wiki_pages_spec.rb b/spec/features/projects/wiki/user_views_wiki_pages_spec.rb
new file mode 100644
index 00000000000..5c16d7783f0
--- /dev/null
+++ b/spec/features/projects/wiki/user_views_wiki_pages_spec.rb
@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'User views wiki pages' do
+  include WikiHelpers
+
+  let(:user) { create(:user) }
+  let(:project) { create(:project, :wiki_repo, namespace: user.namespace) }
+
+  let!(:wiki_page1) do
+    create(:wiki_page, wiki: project.wiki, attrs: { title: '3 home', content: '3' })
+  end
+  let!(:wiki_page2) do
+    create(:wiki_page, wiki: project.wiki, attrs: { title: '1 home', content: '1' })
+  end
+  let!(:wiki_page3) do
+    create(:wiki_page, wiki: project.wiki, attrs: { title: '2 home', content: '2' })
+  end
+
+  let(:pages) do
+    page.find('.wiki-pages-list').all('li').map { |li| li.find('a') }
+  end
+
+  before do
+    project.add_maintainer(user)
+    sign_in(user)
+    visit(project_wikis_pages_path(project))
+  end
+
+  context 'ordered by title' do
+    let(:pages_ordered_by_title) { [wiki_page2, wiki_page3, wiki_page1] }
+
+    context 'asc' do
+      it 'pages are displayed in direct order' do
+        pages.each.with_index do |page_title, index|
+          expect(page_title.text).to eq(pages_ordered_by_title[index].title)
+        end
+      end
+    end
+
+    context 'desc' do
+      before do
+        page.within('.wiki-sort-dropdown') do
+          page.find('.qa-reverse-sort').click
+        end
+      end
+
+      it 'pages are displayed in reversed order' do
+        pages.reverse_each.with_index do |page_title, index|
+          expect(page_title.text).to eq(pages_ordered_by_title[index].title)
+        end
+      end
+    end
+  end
+
+  context 'ordered by created_at' do
+    let(:pages_ordered_by_created_at) { [wiki_page1, wiki_page2, wiki_page3] }
+
+    before do
+      page.within('.wiki-sort-dropdown') do
+        click_button('Title')
+        click_link('Created date')
+      end
+    end
+
+    context 'asc' do
+      it 'pages are displayed in direct order' do
+        pages.each.with_index do |page_title, index|
+          expect(page_title.text).to eq(pages_ordered_by_created_at[index].title)
+        end
+      end
+    end
+
+    context 'desc' do
+      before do
+        page.within('.wiki-sort-dropdown') do
+          page.find('.qa-reverse-sort').click
+        end
+      end
+
+      it 'pages are displayed in reversed order' do
+        pages.reverse_each.with_index do |page_title, index|
+          expect(page_title.text).to eq(pages_ordered_by_created_at[index].title)
+        end
+      end
+    end
+  end
+end
diff --git a/spec/features/raven_js_spec.rb b/spec/features/raven_js_spec.rb
index b0923b451ee..9a049764dec 100644
--- a/spec/features/raven_js_spec.rb
+++ b/spec/features/raven_js_spec.rb
@@ -3,13 +3,13 @@ require 'spec_helper'
 describe 'RavenJS' do
   let(:raven_path) { '/raven.chunk.js' }
 
-  it 'should not load raven if sentry is disabled' do
+  it 'does not load raven if sentry is disabled' do
     visit new_user_session_path
 
     expect(has_requested_raven).to eq(false)
   end
 
-  it 'should load raven if sentry is enabled' do
+  it 'loads raven if sentry is enabled' do
     stub_application_setting(clientside_sentry_dsn: 'https://key@domain.com/id', clientside_sentry_enabled: true)
 
     visit new_user_session_path
diff --git a/spec/features/snippets/notes_on_personal_snippets_spec.rb b/spec/features/snippets/notes_on_personal_snippets_spec.rb
index fc6726985ae..78e0a43ce6d 100644
--- a/spec/features/snippets/notes_on_personal_snippets_spec.rb
+++ b/spec/features/snippets/notes_on_personal_snippets_spec.rb
@@ -83,7 +83,7 @@ describe 'Comments on personal snippets', :js do
       expect(find('div#notes')).to have_content('This is awesome!')
     end
 
-    it 'should not have autocomplete' do
+    it 'does not have autocomplete' do
       wait_for_requests
 
       find('#note_note').native.send_keys('')
diff --git a/spec/features/users/overview_spec.rb b/spec/features/users/overview_spec.rb
index 3db9ae7a951..bfa85696e19 100644
--- a/spec/features/users/overview_spec.rb
+++ b/spec/features/users/overview_spec.rb
@@ -93,7 +93,7 @@ describe 'Overview tab on a user profile', :js do
     describe 'user has no personal projects' do
       include_context 'visit overview tab'
 
-      it 'it shows an empty project list with an info message' do
+      it 'shows an empty project list with an info message' do
         page.within('.projects-block') do
           expect(page).to have_selector('.loading', visible: false)
           expect(page).to have_content('You haven\'t created any personal projects.')
@@ -113,7 +113,7 @@ describe 'Overview tab on a user profile', :js do
 
       include_context 'visit overview tab'
 
-      it 'it shows one entry in the list of projects' do
+      it 'shows one entry in the list of projects' do
         page.within('.projects-block') do
           expect(page).to have_selector('.project-row', count: 1)
         end
@@ -139,7 +139,7 @@ describe 'Overview tab on a user profile', :js do
 
       include_context 'visit overview tab'
 
-      it 'it shows max. ten entries in the list of projects' do
+      it 'shows max. ten entries in the list of projects' do
         page.within('.projects-block') do
           expect(page).to have_selector('.project-row', count: 10)
         end
diff --git a/spec/finders/issues_finder_spec.rb b/spec/finders/issues_finder_spec.rb
index 00b6cad1a66..fe53fabe54c 100644
--- a/spec/finders/issues_finder_spec.rb
+++ b/spec/finders/issues_finder_spec.rb
@@ -719,7 +719,7 @@ describe IssuesFinder do
     end
   end
 
-  describe '#use_subquery_for_search?' do
+  describe '#use_cte_for_search?' do
     let(:finder) { described_class.new(nil, params) }
 
     before do
@@ -731,7 +731,7 @@ describe IssuesFinder do
       let(:params) { { attempt_group_search_optimizations: true } }
 
       it 'returns false' do
-        expect(finder.use_subquery_for_search?).to be_falsey
+        expect(finder.use_cte_for_search?).to be_falsey
       end
     end
 
@@ -743,15 +743,15 @@ describe IssuesFinder do
       end
 
       it 'returns false' do
-        expect(finder.use_subquery_for_search?).to be_falsey
+        expect(finder.use_cte_for_search?).to be_falsey
       end
     end
 
-    context 'when the attempt_group_search_optimizations param is falsey' do
+    context 'when the force_cte param is falsey' do
       let(:params) { { search: 'foo' } }
 
       it 'returns false' do
-        expect(finder.use_subquery_for_search?).to be_falsey
+        expect(finder.use_cte_for_search?).to be_falsey
       end
     end
 
@@ -763,80 +763,39 @@ describe IssuesFinder do
       end
 
       it 'returns false' do
-        expect(finder.use_subquery_for_search?).to be_falsey
+        expect(finder.use_cte_for_search?).to be_falsey
       end
     end
 
-    context 'when force_cte? is true' do
-      let(:params) { { search: 'foo', attempt_group_search_optimizations: true, force_cte: true } }
-
-      it 'returns false' do
-        expect(finder.use_subquery_for_search?).to be_falsey
-      end
-    end
-
-    context 'when all conditions are met' do
-      let(:params) { { search: 'foo', attempt_group_search_optimizations: true } }
-
-      it 'returns true' do
-        expect(finder.use_subquery_for_search?).to be_truthy
-      end
-    end
-  end
+    context 'when attempt_group_search_optimizations is unset and attempt_project_search_optimizations is set' do
+      let(:params) { { search: 'foo', attempt_project_search_optimizations: true } }
 
-  describe '#use_cte_for_count?' do
-    let(:finder) { described_class.new(nil, params) }
-
-    before do
-      allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
-      stub_feature_flags(attempt_group_search_optimizations: true)
-    end
-
-    context 'when there is no search param' do
-      let(:params) { { attempt_group_search_optimizations: true, force_cte: true } }
-
-      it 'returns false' do
-        expect(finder.use_cte_for_count?).to be_falsey
-      end
-    end
-
-    context 'when the database is not Postgres' do
-      let(:params) { { search: 'foo', force_cte: true, attempt_group_search_optimizations: true } }
-
-      before do
-        allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
-      end
-
-      it 'returns false' do
-        expect(finder.use_cte_for_count?).to be_falsey
-      end
-    end
-
-    context 'when the force_cte param is falsey' do
-      let(:params) { { search: 'foo' } }
+      context 'and the corresponding feature flag is disabled' do
+        before do
+          stub_feature_flags(attempt_project_search_optimizations: false)
+        end
 
-      it 'returns false' do
-        expect(finder.use_cte_for_count?).to be_falsey
+        it 'returns false' do
+          expect(finder.use_cte_for_search?).to be_falsey
+        end
       end
-    end
 
-    context 'when the attempt_group_search_optimizations flag is disabled' do
-      let(:params) { { search: 'foo', force_cte: true, attempt_group_search_optimizations: true } }
-
-      before do
-        stub_feature_flags(attempt_group_search_optimizations: false)
-      end
+      context 'and the corresponding feature flag is enabled' do
+        before do
+          stub_feature_flags(attempt_project_search_optimizations: true)
+        end
 
-      it 'returns false' do
-        expect(finder.use_cte_for_count?).to be_falsey
+        it 'returns true' do
+          expect(finder.use_cte_for_search?).to be_truthy
+        end
       end
     end
 
     context 'when all conditions are met' do
-      let(:params) { { search: 'foo', force_cte: true, attempt_group_search_optimizations: true } }
+      let(:params) { { search: 'foo', attempt_group_search_optimizations: true } }
 
       it 'returns true' do
-        expect(finder.use_cte_for_count?).to be_truthy
+        expect(finder.use_cte_for_search?).to be_truthy
       end
     end
   end
diff --git a/spec/finders/merge_requests_finder_spec.rb b/spec/finders/merge_requests_finder_spec.rb
index 56136eb84bc..f508b9bdb6f 100644
--- a/spec/finders/merge_requests_finder_spec.rb
+++ b/spec/finders/merge_requests_finder_spec.rb
@@ -83,6 +83,14 @@ describe MergeRequestsFinder do
         expect(merge_requests).to contain_exactly(merge_request2)
       end
 
+      it 'filters by source project id' do
+        params = { source_project_id: merge_request2.source_project_id }
+
+        merge_requests = described_class.new(user, params).execute
+
+        expect(merge_requests).to contain_exactly(merge_request1, merge_request2, merge_request3)
+      end
+
       it 'filters by state' do
         params = { state: 'locked' }
 
diff --git a/spec/finders/milestones_finder_spec.rb b/spec/finders/milestones_finder_spec.rb
index ecffbb9e197..34c7b508c56 100644
--- a/spec/finders/milestones_finder_spec.rb
+++ b/spec/finders/milestones_finder_spec.rb
@@ -9,7 +9,7 @@ describe MilestonesFinder do
   let!(:milestone_3) { create(:milestone, project: project_1, state: 'active', due_date: Date.tomorrow) }
   let!(:milestone_4) { create(:milestone, project: project_2, state: 'active') }
 
-  it 'it returns milestones for projects' do
+  it 'returns milestones for projects' do
     result = described_class.new(project_ids: [project_1.id, project_2.id], state: 'all').execute
 
     expect(result).to contain_exactly(milestone_3, milestone_4)
diff --git a/spec/fixtures/api/schemas/public_api/v4/merge_request.json b/spec/fixtures/api/schemas/public_api/v4/merge_request.json
index cd50be00418..918f2c4b47d 100644
--- a/spec/fixtures/api/schemas/public_api/v4/merge_request.json
+++ b/spec/fixtures/api/schemas/public_api/v4/merge_request.json
@@ -119,6 +119,12 @@
       "merge_status", "sha", "merge_commit_sha", "user_notes_count",
       "should_remove_source_branch", "force_remove_source_branch",
       "web_url", "squash"
-    ]
+    ],
+    "head_pipeline": {
+      "oneOf": [
+        { "type": "null" },
+        { "$ref": "pipeline/detail.json" }
+      ]
+    }
   }
 }
diff --git a/spec/fixtures/api/schemas/public_api/v4/pipeline/basic.json b/spec/fixtures/api/schemas/public_api/v4/pipeline/basic.json
index 56f86856dd4..a7207d2d991 100644
--- a/spec/fixtures/api/schemas/public_api/v4/pipeline/basic.json
+++ b/spec/fixtures/api/schemas/public_api/v4/pipeline/basic.json
@@ -13,6 +13,5 @@
     "ref": { "type": "string" },
     "status": { "type": "string" },
     "web_url": { "type": "string" }
-  },
-  "additionalProperties": false
+  }
 }
diff --git a/spec/fixtures/api/schemas/public_api/v4/pipeline/detail.json b/spec/fixtures/api/schemas/public_api/v4/pipeline/detail.json
new file mode 100644
index 00000000000..63e130d4055
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/pipeline/detail.json
@@ -0,0 +1,32 @@
+{
+  "type": "object",
+  "allOf": [
+    { "$ref": "basic.json" },
+    {
+      "properties": {
+        "before_sha": { "type": ["string", "null"] },
+        "tag": { "type": ["boolean"] },
+        "yaml_errors": { "type": ["string", "null"] },
+        "user": {
+          "anyOf": [
+            { "type": ["object", "null"] },
+            { "$ref": "../user/basic.json" }
+          ]
+        },
+        "created_at": { "type": ["date", "null"] },
+        "updated_at": { "type": ["date", "null"] },
+        "started_at": { "type": ["date", "null"] },
+        "finished_at": { "type": ["date", "null"] },
+        "committed_at": { "type": ["date", "null"] },
+        "duration": { "type": ["number", "null"] },
+        "coverage": { "type": ["string", "null"] },
+        "detailed_status": {
+          "oneOf": [
+            { "type": "null" },
+            { "$ref": "../../../status/ci_detailed_status.json" }
+          ]
+        }
+      }
+    }
+  ]
+}
diff --git a/spec/fixtures/blockquote_fence_after.md b/spec/fixtures/blockquote_fence_after.md
index 2652a842c0e..555905bf07e 100644
--- a/spec/fixtures/blockquote_fence_after.md
+++ b/spec/fixtures/blockquote_fence_after.md
@@ -18,10 +18,13 @@ Double `>>>` inside code block:
 
 Blockquote outside code block:
 
+
 > Quote
 
+
 Code block inside blockquote:
 
+
 > Quote
 >
 > ```
@@ -30,8 +33,10 @@ Code block inside blockquote:
 >
 > Quote
 
+
 Single `>>>` inside code block inside blockquote:
 
+
 > Quote
 >
 > ```
@@ -42,8 +47,10 @@ Single `>>>` inside code block inside blockquote:
 >
 > Quote
 
+
 Double `>>>` inside code block inside blockquote:
 
+
 > Quote
 >
 > ```
@@ -56,6 +63,7 @@ Double `>>>` inside code block inside blockquote:
 >
 > Quote
 
+
 Single `>>>` inside HTML:
 
 <pre>
@@ -76,10 +84,13 @@ Double `>>>` inside HTML:
 
 Blockquote outside HTML:
 
+
 > Quote
 
+
 HTML inside blockquote:
 
+
 > Quote
 >
 > <pre>
@@ -88,8 +99,10 @@ HTML inside blockquote:
 >
 > Quote
 
+
 Single `>>>` inside HTML inside blockquote:
 
+
 > Quote
 >
 > <pre>
@@ -100,8 +113,10 @@ Single `>>>` inside HTML inside blockquote:
 >
 > Quote
 
+
 Double `>>>` inside HTML inside blockquote:
 
+
 > Quote
 >
 > <pre>
@@ -113,3 +128,4 @@ Double `>>>` inside HTML inside blockquote:
 > </pre>
 >
 > Quote
+
diff --git a/spec/frontend/helpers/monitor_helper_spec.js b/spec/frontend/helpers/monitor_helper_spec.js
new file mode 100644
index 00000000000..2e8bff298c4
--- /dev/null
+++ b/spec/frontend/helpers/monitor_helper_spec.js
@@ -0,0 +1,45 @@
+import * as monitorHelper from '~/helpers/monitor_helper';
+
+describe('monitor helper', () => {
+  const defaultConfig = { default: true, name: 'default name' };
+  const name = 'data name';
+  const series = [[1, 1], [2, 2], [3, 3]];
+  const data = ({ metric = { default_name: name }, values = series } = {}) => [{ metric, values }];
+
+  describe('makeDataSeries', () => {
+    const expectedDataSeries = [
+      {
+        ...defaultConfig,
+        data: series,
+      },
+    ];
+
+    it('converts query results to data series', () => {
+      expect(monitorHelper.makeDataSeries(data({ metric: {} }), defaultConfig)).toEqual(
+        expectedDataSeries,
+      );
+    });
+
+    it('returns an empty array if no query results exist', () => {
+      expect(monitorHelper.makeDataSeries([], defaultConfig)).toEqual([]);
+    });
+
+    it('handles multi-series query results', () => {
+      const expectedData = { ...expectedDataSeries[0], name: 'default name: data name' };
+
+      expect(monitorHelper.makeDataSeries([...data(), ...data()], defaultConfig)).toEqual([
+        expectedData,
+        expectedData,
+      ]);
+    });
+
+    it('excludes NaN values', () => {
+      expect(
+        monitorHelper.makeDataSeries(
+          data({ metric: {}, values: [[1, 1], [2, NaN]] }),
+          defaultConfig,
+        ),
+      ).toEqual([{ ...expectedDataSeries[0], data: [[1, 1]] }]);
+    });
+  });
+});
diff --git a/spec/frontend/vue_shared/components/__snapshots__/resizable_chart_container_spec.js.snap b/spec/frontend/vue_shared/components/__snapshots__/resizable_chart_container_spec.js.snap
new file mode 100644
index 00000000000..add0c36a120
--- /dev/null
+++ b/spec/frontend/vue_shared/components/__snapshots__/resizable_chart_container_spec.js.snap
@@ -0,0 +1,21 @@
+// Jest Snapshot v1, https://goo.gl/fbAQLP
+
+exports[`Resizable Chart Container renders the component 1`] = `
+<div>
+  <div
+    class="slot"
+  >
+    <span
+      class="width"
+    >
+      0
+    </span>
+     
+    <span
+      class="height"
+    >
+      0
+    </span>
+  </div>
+</div>
+`;
diff --git a/spec/frontend/vue_shared/components/markdown/suggestion_diff_row_spec.js b/spec/frontend/vue_shared/components/markdown/suggestion_diff_row_spec.js
new file mode 100644
index 00000000000..866d6eb05c6
--- /dev/null
+++ b/spec/frontend/vue_shared/components/markdown/suggestion_diff_row_spec.js
@@ -0,0 +1,98 @@
+import { shallowMount, createLocalVue } from '@vue/test-utils';
+import SuggestionDiffRow from '~/vue_shared/components/markdown/suggestion_diff_row.vue';
+
+const oldLine = {
+  can_receive_suggestion: false,
+  line_code: null,
+  meta_data: null,
+  new_line: null,
+  old_line: 5,
+  rich_text: '-oldtext',
+  text: '-oldtext',
+  type: 'old',
+};
+
+const newLine = {
+  can_receive_suggestion: false,
+  line_code: null,
+  meta_data: null,
+  new_line: 6,
+  old_line: null,
+  rich_text: '-newtext',
+  text: '-newtext',
+  type: 'new',
+};
+
+describe(SuggestionDiffRow.name, () => {
+  let wrapper;
+
+  const factory = (options = {}) => {
+    const localVue = createLocalVue();
+
+    wrapper = shallowMount(SuggestionDiffRow, {
+      localVue,
+      ...options,
+    });
+  };
+
+  const findOldLineWrapper = () => wrapper.find('.old_line');
+  const findNewLineWrapper = () => wrapper.find('.new_line');
+
+  afterEach(() => {
+    wrapper.destroy();
+  });
+
+  it('renders correctly', () => {
+    factory({
+      propsData: {
+        line: oldLine,
+      },
+    });
+
+    expect(wrapper.is('.line_holder')).toBe(true);
+  });
+
+  describe('when passed line has type old', () => {
+    beforeEach(() => {
+      factory({
+        propsData: {
+          line: oldLine,
+        },
+      });
+    });
+
+    it('has old class when line has type old', () => {
+      expect(wrapper.find('td').classes()).toContain('old');
+    });
+
+    it('has old line number rendered', () => {
+      expect(findOldLineWrapper().text()).toBe('5');
+    });
+
+    it('has no new line number rendered', () => {
+      expect(findNewLineWrapper().text()).toBe('');
+    });
+  });
+
+  describe('when passed line has type new', () => {
+    beforeEach(() => {
+      factory({
+        propsData: {
+          line: newLine,
+        },
+      });
+    });
+
+    it('has new class when line has type new', () => {
+      expect(wrapper.find('td').classes()).toContain('new');
+    });
+
+    it('has no old line number rendered', () => {
+      expect(findOldLineWrapper().text()).toBe('');
+    });
+
+    it('has no new line number rendered', () => {
+      expect(findNewLineWrapper().text()).toBe('6');
+    });
+  });
+});
diff --git a/spec/frontend/vue_shared/components/resizable_chart_container_spec.js b/spec/frontend/vue_shared/components/resizable_chart_container_spec.js
new file mode 100644
index 00000000000..8f533e8ab24
--- /dev/null
+++ b/spec/frontend/vue_shared/components/resizable_chart_container_spec.js
@@ -0,0 +1,64 @@
+import Vue from 'vue';
+import { mount } from '@vue/test-utils';
+import ResizableChartContainer from '~/vue_shared/components/resizable_chart/resizable_chart_container.vue';
+import $ from 'jquery';
+
+jest.mock('~/lib/utils/common_utils', () => ({
+  debounceByAnimationFrame(callback) {
+    return jest.spyOn({ callback }, 'callback');
+  },
+}));
+
+describe('Resizable Chart Container', () => {
+  let wrapper;
+
+  beforeEach(() => {
+    wrapper = mount(ResizableChartContainer, {
+      attachToDocument: true,
+      scopedSlots: {
+        default: `
+        <div class="slot" slot-scope="{ width, height }">
+          <span class="width">{{width}}</span>
+          <span class="height">{{height}}</span>
+        </div>
+        `,
+      },
+    });
+  });
+
+  afterEach(() => {
+    wrapper.destroy();
+  });
+
+  it('renders the component', () => {
+    expect(wrapper.element).toMatchSnapshot();
+  });
+
+  it('updates the slot width and height props', () => {
+    const width = 1920;
+    const height = 1080;
+
+    // JSDOM mocks and sets clientWidth/clientHeight to 0 so we set manually
+    wrapper.vm.$refs.chartWrapper = { clientWidth: width, clientHeight: height };
+
+    $(document).trigger('content.resize');
+
+    return Vue.nextTick().then(() => {
+      const widthNode = wrapper.find('.slot > .width');
+      const heightNode = wrapper.find('.slot > .height');
+
+      expect(parseInt(widthNode.text(), 10)).toEqual(width);
+      expect(parseInt(heightNode.text(), 10)).toEqual(height);
+    });
+  });
+
+  it('calls onResize on manual resize', () => {
+    $(document).trigger('content.resize');
+    expect(wrapper.vm.debouncedResize).toHaveBeenCalled();
+  });
+
+  it('calls onResize on page resize', () => {
+    window.dispatchEvent(new Event('resize'));
+    expect(wrapper.vm.debouncedResize).toHaveBeenCalled();
+  });
+});
diff --git a/spec/graphql/features/authorization_spec.rb b/spec/graphql/features/authorization_spec.rb
index a229d29afa6..00e31568a9e 100644
--- a/spec/graphql/features/authorization_spec.rb
+++ b/spec/graphql/features/authorization_spec.rb
@@ -5,61 +5,245 @@ require 'spec_helper'
 describe 'Gitlab::Graphql::Authorization' do
   set(:user) { create(:user) }
 
+  let(:permission_single) { :foo }
+  let(:permission_collection) { [:foo, :bar] }
   let(:test_object) { double(name: 'My name') }
-  let(:object_type) { object_type_class }
-  let(:query_type) { query_type_class(object_type, test_object) }
-  let(:schema) { schema_class(query_type) }
+  let(:query_string) { '{ object() { name } }' }
+  let(:result) { execute_query(query_type)['data'] }
 
-  let(:execute) do
-    schema.execute(
-      query_string,
-      context: { current_user: user },
-      variables: {}
-    )
+  subject { result['object'] }
+
+  shared_examples 'authorization with a single permission' do
+    it 'returns the protected field when user has permission' do
+      permit(permission_single)
+
+      expect(subject).to eq('name' => test_object.name)
+    end
+
+    it 'returns nil when user is not authorized' do
+      expect(subject).to be_nil
+    end
   end
 
-  let(:result) { execute['data'] }
+  shared_examples 'authorization with a collection of permissions' do
+    it 'returns the protected field when user has all permissions' do
+      permit(*permission_collection)
+
+      expect(subject).to eq('name' => test_object.name)
+    end
+
+    it 'returns nil when user only has one of the permissions' do
+      permit(permission_collection.first)
+
+      expect(subject).to be_nil
+    end
+
+    it 'returns nil when user only has none of the permissions' do
+      expect(subject).to be_nil
+    end
+  end
 
   before do
     # By default, disallow all permissions.
     allow(Ability).to receive(:allowed?).and_return(false)
   end
 
-  describe 'authorizing with a single permission' do
-    let(:query_string) { '{ singlePermission() { name } }' }
+  describe 'Field authorizations' do
+    let(:type) { type_factory }
+
+    describe 'with a single permission' do
+      let(:query_type) do
+        query_factory do |query|
+          query.field :object, type, null: true, resolve: ->(obj, args, ctx) { test_object }, authorize: permission_single
+        end
+      end
+
+      include_examples 'authorization with a single permission'
+    end
+
+    describe 'with a collection of permissions' do
+      let(:query_type) do
+        permissions = permission_collection
+        query_factory do |qt|
+          qt.field :object, type, null: true, resolve: ->(obj, args, ctx) { test_object } do
+            authorize permissions
+          end
+        end
+      end
+
+      include_examples 'authorization with a collection of permissions'
+    end
+  end
+
+  describe 'Field authorizations when field is a built in type' do
+    let(:query_type) do
+      query_factory do |query|
+        query.field :object, type, null: true, resolve: ->(obj, args, ctx) { test_object }
+      end
+    end
 
-    subject { result['singlePermission'] }
+    describe 'with a single permission' do
+      let(:type) do
+        type_factory do |type|
+          type.field :name, GraphQL::STRING_TYPE, null: true, authorize: permission_single
+        end
+      end
+
+      it 'returns the protected field when user has permission' do
+        permit(permission_single)
 
-    it 'should return the protected field when user has permission' do
-      permit(:foo)
+        expect(subject).to eq('name' => test_object.name)
+      end
 
-      expect(subject['name']).to eq(test_object.name)
+      it 'returns nil when user is not authorized' do
+        expect(subject).to eq('name' => nil)
+      end
     end
 
-    it 'should return nil when user is not authorized' do
-      expect(subject).to be_nil
+    describe 'with a collection of permissions' do
+      let(:type) do
+        permissions = permission_collection
+        type_factory do |type|
+          type.field :name, GraphQL::STRING_TYPE, null: true do
+            authorize permissions
+          end
+        end
+      end
+
+      it 'returns the protected field when user has all permissions' do
+        permit(*permission_collection)
+
+        expect(subject).to eq('name' => test_object.name)
+      end
+
+      it 'returns nil when user only has one of the permissions' do
+        permit(permission_collection.first)
+
+        expect(subject).to eq('name' => nil)
+      end
+
+      it 'returns nil when user only has none of the permissions' do
+        expect(subject).to eq('name' => nil)
+      end
+    end
+  end
+
+  describe 'Type authorizations' do
+    let(:query_type) do
+      query_factory do |query|
+        query.field :object, type, null: true, resolve: ->(obj, args, ctx) { test_object }
+      end
+    end
+
+    describe 'with a single permission' do
+      let(:type) do
+        type_factory do |type|
+          type.authorize permission_single
+        end
+      end
+
+      include_examples 'authorization with a single permission'
+    end
+
+    describe 'with a collection of permissions' do
+      let(:type) do
+        type_factory do |type|
+          type.authorize permission_collection
+        end
+      end
+
+      include_examples 'authorization with a collection of permissions'
     end
   end
 
-  describe 'authorizing with an Array of permissions' do
-    let(:query_string) { '{ permissionCollection() { name } }' }
+  describe 'type and field authorizations together' do
+    let(:permission_1) { permission_collection.first }
+    let(:permission_2) { permission_collection.last }
+
+    let(:type) do
+      type_factory do |type|
+        type.authorize permission_1
+      end
+    end
+
+    let(:query_type) do
+      query_factory do |query|
+        query.field :object, type, null: true, resolve: ->(obj, args, ctx) { test_object }, authorize: permission_2
+      end
+    end
+
+    include_examples 'authorization with a collection of permissions'
+  end
 
-    subject { result['permissionCollection'] }
+  describe 'type authorizations when applied to a relay connection' do
+    let(:query_string) { '{ object() { edges { node { name } } } }' }
 
-    it 'should return the protected field when user has all permissions' do
-      permit(:foo, :bar)
+    let(:type) do
+      type_factory do |type|
+        type.authorize permission_single
+      end
+    end
 
-      expect(subject['name']).to eq(test_object.name)
+    let(:query_type) do
+      query_factory do |query|
+        query.field :object, type.connection_type, null: true, resolve: ->(obj, args, ctx) { [test_object] }
+      end
     end
 
-    it 'should return nil when user only has one of the permissions' do
-      permit(:foo)
+    subject { result.dig('object', 'edges') }
 
-      expect(subject).to be_nil
+    it 'returns the protected field when user has permission' do
+      permit(permission_single)
+
+      expect(subject).not_to be_empty
+      expect(subject.first['node']).to eq('name' => test_object.name)
     end
 
-    it 'should return nil when user only has none of the permissions' do
-      expect(subject).to be_nil
+    it 'returns nil when user is not authorized' do
+      expect(subject).to be_empty
+    end
+  end
+
+  describe 'type authorizations when applied to a basic connection' do
+    let(:type) do
+      type_factory do |type|
+        type.authorize permission_single
+      end
+    end
+
+    let(:query_type) do
+      query_factory do |query|
+        query.field :object, [type], null: true, resolve: ->(obj, args, ctx) { [test_object] }
+      end
+    end
+
+    subject { result['object'].first }
+
+    include_examples 'authorization with a single permission'
+  end
+
+  describe 'when connections do not follow the correct specification' do
+    let(:query_string) { '{ object() { edges { node { name }} } }' }
+
+    let(:type) do
+      bad_node = type_factory do |type|
+        type.graphql_name 'BadNode'
+        type.field :bad_node, GraphQL::STRING_TYPE, null: true
+      end
+
+      type_factory do |type|
+        type.field :edges, [bad_node], null: true
+      end
+    end
+
+    let(:query_type) do
+      query_factory do |query|
+        query.field :object, type, null: true
+      end
+    end
+
+    it 'throws an error' do
+      expect { result }.to raise_error(Gitlab::Graphql::Errors::ConnectionDefinitionError)
     end
   end
 
@@ -71,36 +255,34 @@ describe 'Gitlab::Graphql::Authorization' do
     end
   end
 
-  def object_type_class
+  def type_factory
     Class.new(Types::BaseObject) do
-      graphql_name 'TestObject'
+      graphql_name 'TestType'
 
       field :name, GraphQL::STRING_TYPE, null: true
+
+      yield(self) if block_given?
     end
   end
 
-  def query_type_class(type, object)
+  def query_factory
     Class.new(Types::BaseObject) do
       graphql_name 'TestQuery'
 
-      field :single_permission, type,
-        null: true,
-        authorize: :foo,
-        resolve: ->(obj, args, ctx) { object }
-
-      field :permission_collection, type,
-        null: true,
-        resolve: ->(obj, args, ctx) { object } do
-        authorize [:foo, :bar]
-      end
+      yield(self) if block_given?
     end
   end
 
-  def schema_class(query)
-    Class.new(GraphQL::Schema) do
+  def execute_query(query_type)
+    schema = Class.new(GraphQL::Schema) do
       use Gitlab::Graphql::Authorize
-
-      query(query)
+      query(query_type)
     end
+
+    schema.execute(
+      query_string,
+      context: { current_user: user },
+      variables: {}
+    )
   end
 end
diff --git a/spec/graphql/gitlab_schema_spec.rb b/spec/graphql/gitlab_schema_spec.rb
index b9ddb427e85..74e93b2c4df 100644
--- a/spec/graphql/gitlab_schema_spec.rb
+++ b/spec/graphql/gitlab_schema_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe GitlabSchema do
@@ -31,6 +33,46 @@ describe GitlabSchema do
     expect(connection).to eq(Gitlab::Graphql::Connections::KeysetConnection)
   end
 
+  context 'for different types of users' do
+    it 'returns DEFAULT_MAX_COMPLEXITY for no context' do
+      expect(GraphQL::Schema)
+        .to receive(:execute)
+        .with('query', hash_including(max_complexity: GitlabSchema::DEFAULT_MAX_COMPLEXITY))
+
+      described_class.execute('query')
+    end
+
+    it 'returns DEFAULT_MAX_COMPLEXITY for no user' do
+      expect(GraphQL::Schema)
+        .to receive(:execute)
+        .with('query', hash_including(max_complexity: GitlabSchema::DEFAULT_MAX_COMPLEXITY))
+
+      described_class.execute('query', context: {})
+    end
+
+    it 'returns AUTHENTICATED_COMPLEXITY for a logged in user' do
+      user = build :user
+
+      expect(GraphQL::Schema).to receive(:execute).with('query', hash_including(max_complexity: GitlabSchema::AUTHENTICATED_COMPLEXITY))
+
+      described_class.execute('query', context: { current_user: user })
+    end
+
+    it 'returns ADMIN_COMPLEXITY for an admin user' do
+      user = build :user, :admin
+
+      expect(GraphQL::Schema).to receive(:execute).with('query', hash_including(max_complexity: GitlabSchema::ADMIN_COMPLEXITY))
+
+      described_class.execute('query', context: { current_user: user })
+    end
+
+    it 'returns what was passed on the query' do
+      expect(GraphQL::Schema).to receive(:execute).with('query', { max_complexity: 1234 })
+
+      described_class.execute('query', max_complexity: 1234)
+    end
+  end
+
   def field_instrumenters
     described_class.instrumenters[:field]
   end
diff --git a/spec/graphql/types/base_field_spec.rb b/spec/graphql/types/base_field_spec.rb
new file mode 100644
index 00000000000..b5697ee5245
--- /dev/null
+++ b/spec/graphql/types/base_field_spec.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Types::BaseField do
+  context 'when considering complexity' do
+    it 'defaults to 1' do
+      field = described_class.new(name: 'test', type: GraphQL::STRING_TYPE, null: true)
+
+      expect(field.to_graphql.complexity).to eq 1
+    end
+
+    it 'has specified value' do
+      field = described_class.new(name: 'test', type: GraphQL::STRING_TYPE, null: true, complexity: 12)
+
+      expect(field.to_graphql.complexity).to eq 12
+    end
+  end
+end
diff --git a/spec/graphql/types/issue_type_spec.rb b/spec/graphql/types/issue_type_spec.rb
index 63a07647a60..dc37b15001f 100644
--- a/spec/graphql/types/issue_type_spec.rb
+++ b/spec/graphql/types/issue_type_spec.rb
@@ -4,4 +4,6 @@ describe GitlabSchema.types['Issue'] do
   it { expect(described_class).to expose_permissions_using(Types::PermissionTypes::Issue) }
 
   it { expect(described_class.graphql_name).to eq('Issue') }
+
+  it { expect(described_class).to require_graphql_authorizations(:read_issue) }
 end
diff --git a/spec/graphql/types/merge_request_type_spec.rb b/spec/graphql/types/merge_request_type_spec.rb
index c369953e3ea..89c12879074 100644
--- a/spec/graphql/types/merge_request_type_spec.rb
+++ b/spec/graphql/types/merge_request_type_spec.rb
@@ -3,14 +3,9 @@ require 'spec_helper'
 describe GitlabSchema.types['MergeRequest'] do
   it { expect(described_class).to expose_permissions_using(Types::PermissionTypes::MergeRequest) }
 
-  describe 'head pipeline' do
-    it 'has a head pipeline field' do
-      expect(described_class).to have_graphql_field(:head_pipeline)
-    end
+  it { expect(described_class).to require_graphql_authorizations(:read_merge_request) }
 
-    it 'authorizes the field' do
-      expect(described_class.fields['headPipeline'])
-        .to require_graphql_authorizations(:read_pipeline)
-    end
+  describe 'nested head pipeline' do
+    it { expect(described_class).to have_graphql_field(:head_pipeline) }
   end
 end
diff --git a/spec/graphql/types/milestone_type_spec.rb b/spec/graphql/types/milestone_type_spec.rb
new file mode 100644
index 00000000000..f7ee79eae9f
--- /dev/null
+++ b/spec/graphql/types/milestone_type_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe GitlabSchema.types['Milestone'] do
+  it { expect(described_class.graphql_name).to eq('Milestone') }
+
+  it { expect(described_class).to require_graphql_authorizations(:read_milestone) }
+end
diff --git a/spec/graphql/types/project_type_spec.rb b/spec/graphql/types/project_type_spec.rb
index e8f1c84f8d6..e0ad09bdf22 100644
--- a/spec/graphql/types/project_type_spec.rb
+++ b/spec/graphql/types/project_type_spec.rb
@@ -5,19 +5,11 @@ describe GitlabSchema.types['Project'] do
 
   it { expect(described_class.graphql_name).to eq('Project') }
 
+  it { expect(described_class).to require_graphql_authorizations(:read_project) }
+
   describe 'nested merge request' do
     it { expect(described_class).to have_graphql_field(:merge_requests) }
     it { expect(described_class).to have_graphql_field(:merge_request) }
-
-    it 'authorizes the merge request' do
-      expect(described_class.fields['mergeRequest'])
-        .to require_graphql_authorizations(:read_merge_request)
-    end
-
-    it 'authorizes the merge requests' do
-      expect(described_class.fields['mergeRequests'])
-        .to require_graphql_authorizations(:read_merge_request)
-    end
   end
 
   describe 'nested issues' do
diff --git a/spec/graphql/types/query_type_spec.rb b/spec/graphql/types/query_type_spec.rb
index 07c61ea7647..69e3ea8a4a9 100644
--- a/spec/graphql/types/query_type_spec.rb
+++ b/spec/graphql/types/query_type_spec.rb
@@ -15,10 +15,6 @@ describe GitlabSchema.types['Query'] do
       is_expected.to have_graphql_type(Types::ProjectType)
       is_expected.to have_graphql_resolver(Resolvers::ProjectResolver)
     end
-
-    it 'authorizes with read_project' do
-      is_expected.to require_graphql_authorizations(:read_project)
-    end
   end
 
   describe 'metadata field' do
diff --git a/spec/graphql/types/user_type_spec.rb b/spec/graphql/types/user_type_spec.rb
new file mode 100644
index 00000000000..8134cc13eb4
--- /dev/null
+++ b/spec/graphql/types/user_type_spec.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe GitlabSchema.types['User'] do
+  it { expect(described_class.graphql_name).to eq('User') }
+
+  it { expect(described_class).to require_graphql_authorizations(:read_user) }
+end
diff --git a/spec/helpers/icons_helper_spec.rb b/spec/helpers/icons_helper_spec.rb
index 4b40d523287..37e9ddadb8c 100644
--- a/spec/helpers/icons_helper_spec.rb
+++ b/spec/helpers/icons_helper_spec.rb
@@ -59,19 +59,19 @@ describe IconsHelper do
     describe 'non existing icon' do
       non_existing = 'non_existing_icon_sprite'
 
-      it 'should raise in development mode' do
+      it 'raises in development mode' do
         allow(Rails.env).to receive(:development?).and_return(true)
 
         expect { sprite_icon(non_existing) }.to raise_error(ArgumentError, /is not a known icon/)
       end
 
-      it 'should raise in test mode' do
+      it 'raises in test mode' do
         allow(Rails.env).to receive(:test?).and_return(true)
 
         expect { sprite_icon(non_existing) }.to raise_error(ArgumentError, /is not a known icon/)
       end
 
-      it 'should not raise in production mode' do
+      it 'does not raise in production mode' do
         allow(Rails.env).to receive(:test?).and_return(false)
         allow(Rails.env).to receive(:development?).and_return(false)
 
diff --git a/spec/helpers/search_helper_spec.rb b/spec/helpers/search_helper_spec.rb
index 9cff0291250..2f59cfda0a0 100644
--- a/spec/helpers/search_helper_spec.rb
+++ b/spec/helpers/search_helper_spec.rb
@@ -12,7 +12,7 @@ describe SearchHelper do
         allow(self).to receive(:current_user).and_return(nil)
       end
 
-      it "it returns nil" do
+      it "returns nil" do
         expect(search_autocomplete_opts("q")).to be_nil
       end
     end
diff --git a/spec/helpers/version_check_helper_spec.rb b/spec/helpers/version_check_helper_spec.rb
index bfec7ad4bba..e384e2bf9a0 100644
--- a/spec/helpers/version_check_helper_spec.rb
+++ b/spec/helpers/version_check_helper_spec.rb
@@ -2,7 +2,7 @@ require 'spec_helper'
 
 describe VersionCheckHelper do
   describe '#version_status_badge' do
-    it 'should return nil if not dev environment and not enabled' do
+    it 'returns nil if not dev environment and not enabled' do
       allow(Rails.env).to receive(:production?) { false }
       allow(Gitlab::CurrentSettings.current_application_settings).to receive(:version_check_enabled) { false }
 
@@ -16,16 +16,16 @@ describe VersionCheckHelper do
         allow(VersionCheck).to receive(:url) { 'https://version.host.com/check.svg?gitlab_info=xxx' }
       end
 
-      it 'should return an image tag' do
+      it 'returns an image tag' do
         expect(helper.version_status_badge).to start_with('<img')
       end
 
-      it 'should have a js prefixed css class' do
+      it 'has a js prefixed css class' do
         expect(helper.version_status_badge)
           .to match(/class="js-version-status-badge lazy"/)
       end
 
-      it 'should have a VersionCheck url as the src' do
+      it 'has a VersionCheck url as the src' do
         expect(helper.version_status_badge)
           .to include(%{src="https://version.host.com/check.svg?gitlab_info=xxx"})
       end
diff --git a/spec/helpers/wiki_helper_spec.rb b/spec/helpers/wiki_helper_spec.rb
index 92c6f27a867..8eab40aeaf3 100644
--- a/spec/helpers/wiki_helper_spec.rb
+++ b/spec/helpers/wiki_helper_spec.rb
@@ -18,4 +18,56 @@ describe WikiHelper do
       end
     end
   end
+
+  describe '#wiki_sort_controls' do
+    let(:project) { create(:project) }
+    let(:wiki_link) { helper.wiki_sort_controls(project, sort, direction) }
+    let(:classes) { "btn btn-default has-tooltip reverse-sort-btn qa-reverse-sort" }
+
+    def expected_link(sort, direction, icon_class)
+      path = "/#{project.full_path}/wikis/pages?direction=#{direction}&sort=#{sort}"
+
+      helper.link_to(path, type: 'button', class: classes, title: 'Sort direction') do
+        helper.sprite_icon("sort-#{icon_class}", size: 16)
+      end
+    end
+
+    context 'initial call' do
+      let(:sort) { nil }
+      let(:direction) { nil }
+
+      it 'renders with default values' do
+        expect(wiki_link).to eq(expected_link('title', 'desc', 'lowest'))
+      end
+    end
+
+    context 'sort by title' do
+      let(:sort) { 'title' }
+      let(:direction) { 'asc' }
+
+      it 'renders a link with opposite direction' do
+        expect(wiki_link).to eq(expected_link('title', 'desc', 'lowest'))
+      end
+    end
+
+    context 'sort by created_at' do
+      let(:sort) { 'created_at' }
+      let(:direction) { 'desc' }
+
+      it 'renders a link with opposite direction' do
+        expect(wiki_link).to eq(expected_link('created_at', 'asc', 'highest'))
+      end
+    end
+  end
+
+  describe '#wiki_sort_title' do
+    it 'returns a title corresponding to a key' do
+      expect(helper.wiki_sort_title('created_at')).to eq('Created date')
+      expect(helper.wiki_sort_title('title')).to eq('Title')
+    end
+
+    it 'defaults to Title if a key is unknown' do
+      expect(helper.wiki_sort_title('unknown')).to eq('Title')
+    end
+  end
 end
diff --git a/spec/javascripts/ide/components/file_row_extra_spec.js b/spec/javascripts/ide/components/file_row_extra_spec.js
index c93a939ad71..d7fed3f0681 100644
--- a/spec/javascripts/ide/components/file_row_extra_spec.js
+++ b/spec/javascripts/ide/components/file_row_extra_spec.js
@@ -20,7 +20,7 @@ describe('IDE extra file row component', () => {
       file: {
         ...file('test'),
       },
-      mouseOver: false,
+      dropdownOpen: false,
     });
 
     spyOnProperty(vm, 'getUnstagedFilesCountForPath').and.returnValue(() => unstagedFilesCount);
diff --git a/spec/javascripts/ide/components/new_dropdown/index_spec.js b/spec/javascripts/ide/components/new_dropdown/index_spec.js
index 83e530f0a6a..aaebe88f314 100644
--- a/spec/javascripts/ide/components/new_dropdown/index_spec.js
+++ b/spec/javascripts/ide/components/new_dropdown/index_spec.js
@@ -56,11 +56,11 @@ describe('new dropdown component', () => {
     });
   });
 
-  describe('dropdownOpen', () => {
+  describe('isOpen', () => {
     it('scrolls dropdown into view', done => {
       spyOn(vm.$refs.dropdownMenu, 'scrollIntoView');
 
-      vm.dropdownOpen = true;
+      vm.isOpen = true;
 
       setTimeout(() => {
         expect(vm.$refs.dropdownMenu.scrollIntoView).toHaveBeenCalledWith({
diff --git a/spec/javascripts/ide/components/pipelines/list_spec.js b/spec/javascripts/ide/components/pipelines/list_spec.js
index 68487733cb9..80829f2358a 100644
--- a/spec/javascripts/ide/components/pipelines/list_spec.js
+++ b/spec/javascripts/ide/components/pipelines/list_spec.js
@@ -11,6 +11,8 @@ describe('IDE pipelines list', () => {
   let vm;
   let mock;
 
+  const findLoadingState = () => vm.$el.querySelector('.loading-container');
+
   beforeEach(done => {
     const store = createStore();
 
@@ -95,7 +97,7 @@ describe('IDE pipelines list', () => {
 
   describe('empty state', () => {
     it('renders pipelines empty state', done => {
-      vm.$store.state.pipelines.latestPipeline = false;
+      vm.$store.state.pipelines.latestPipeline = null;
 
       vm.$nextTick(() => {
         expect(vm.$el.querySelector('.empty-state')).not.toBe(null);
@@ -106,15 +108,30 @@ describe('IDE pipelines list', () => {
   });
 
   describe('loading state', () => {
-    it('renders loading state when there is no latest pipeline', done => {
-      vm.$store.state.pipelines.latestPipeline = null;
+    beforeEach(() => {
       vm.$store.state.pipelines.isLoadingPipeline = true;
+    });
 
-      vm.$nextTick(() => {
-        expect(vm.$el.querySelector('.loading-container')).not.toBe(null);
+    it('does not render when pipeline has loaded before', done => {
+      vm.$store.state.pipelines.hasLoadedPipeline = true;
 
-        done();
-      });
+      vm.$nextTick()
+        .then(() => {
+          expect(findLoadingState()).toBe(null);
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+
+    it('renders loading state when there is no latest pipeline', done => {
+      vm.$store.state.pipelines.hasLoadedPipeline = false;
+
+      vm.$nextTick()
+        .then(() => {
+          expect(findLoadingState()).not.toBe(null);
+        })
+        .then(done)
+        .catch(done.fail);
     });
   });
 });
diff --git a/spec/javascripts/ide/stores/actions/merge_request_spec.js b/spec/javascripts/ide/stores/actions/merge_request_spec.js
index a5839630657..4dd0c1150eb 100644
--- a/spec/javascripts/ide/stores/actions/merge_request_spec.js
+++ b/spec/javascripts/ide/stores/actions/merge_request_spec.js
@@ -2,7 +2,6 @@ import MockAdapter from 'axios-mock-adapter';
 import axios from '~/lib/utils/axios_utils';
 import store from '~/ide/stores';
 import actions, {
-  getMergeRequestsForBranch,
   getMergeRequestData,
   getMergeRequestChanges,
   getMergeRequestVersions,
@@ -12,13 +11,17 @@ import service from '~/ide/services';
 import { activityBarViews } from '~/ide/constants';
 import { resetStore } from '../../helpers';
 
+const TEST_PROJECT = 'abcproject';
+const TEST_PROJECT_ID = 17;
+
 describe('IDE store merge request actions', () => {
   let mock;
 
   beforeEach(() => {
     mock = new MockAdapter(axios);
 
-    store.state.projects.abcproject = {
+    store.state.projects[TEST_PROJECT] = {
+      id: TEST_PROJECT_ID,
       mergeRequests: {},
     };
   });
@@ -41,10 +44,11 @@ describe('IDE store merge request actions', () => {
 
         it('calls getProjectMergeRequests service method', done => {
           store
-            .dispatch('getMergeRequestsForBranch', { projectId: 'abcproject', branchId: 'bar' })
+            .dispatch('getMergeRequestsForBranch', { projectId: TEST_PROJECT, branchId: 'bar' })
             .then(() => {
-              expect(service.getProjectMergeRequests).toHaveBeenCalledWith('abcproject', {
+              expect(service.getProjectMergeRequests).toHaveBeenCalledWith(TEST_PROJECT, {
                 source_branch: 'bar',
+                source_project_id: TEST_PROJECT_ID,
                 order_by: 'created_at',
                 per_page: 1,
               });
@@ -56,13 +60,11 @@ describe('IDE store merge request actions', () => {
 
         it('sets the "Merge Request" Object', done => {
           store
-            .dispatch('getMergeRequestsForBranch', { projectId: 'abcproject', branchId: 'bar' })
+            .dispatch('getMergeRequestsForBranch', { projectId: TEST_PROJECT, branchId: 'bar' })
             .then(() => {
-              expect(Object.keys(store.state.projects.abcproject.mergeRequests).length).toEqual(1);
-              expect(Object.keys(store.state.projects.abcproject.mergeRequests)[0]).toEqual('2');
-              expect(store.state.projects.abcproject.mergeRequests[2]).toEqual(
-                jasmine.objectContaining(mrData),
-              );
+              expect(store.state.projects.abcproject.mergeRequests).toEqual({
+                '2': jasmine.objectContaining(mrData),
+              });
               done();
             })
             .catch(done.fail);
@@ -70,7 +72,7 @@ describe('IDE store merge request actions', () => {
 
         it('sets "Current Merge Request" object to the most recent MR', done => {
           store
-            .dispatch('getMergeRequestsForBranch', { projectId: 'abcproject', branchId: 'bar' })
+            .dispatch('getMergeRequestsForBranch', { projectId: TEST_PROJECT, branchId: 'bar' })
             .then(() => {
               expect(store.state.currentMergeRequestId).toEqual('2');
               done();
@@ -87,9 +89,9 @@ describe('IDE store merge request actions', () => {
 
         it('does not fail if there are no merge requests for current branch', done => {
           store
-            .dispatch('getMergeRequestsForBranch', { projectId: 'abcproject', branchId: 'foo' })
+            .dispatch('getMergeRequestsForBranch', { projectId: TEST_PROJECT, branchId: 'foo' })
             .then(() => {
-              expect(Object.keys(store.state.projects.abcproject.mergeRequests).length).toEqual(0);
+              expect(store.state.projects[TEST_PROJECT].mergeRequests).toEqual({});
               expect(store.state.currentMergeRequestId).toEqual('');
               done();
             })
@@ -106,7 +108,8 @@ describe('IDE store merge request actions', () => {
       it('flashes message, if error', done => {
         const flashSpy = spyOnDependency(actions, 'flash');
 
-        getMergeRequestsForBranch({ commit() {} }, { projectId: 'abcproject', branchId: 'bar' })
+        store
+          .dispatch('getMergeRequestsForBranch', { projectId: TEST_PROJECT, branchId: 'bar' })
           .then(() => {
             fail('Expected getMergeRequestsForBranch to throw an error');
           })
@@ -132,9 +135,9 @@ describe('IDE store merge request actions', () => {
 
       it('calls getProjectMergeRequestData service method', done => {
         store
-          .dispatch('getMergeRequestData', { projectId: 'abcproject', mergeRequestId: 1 })
+          .dispatch('getMergeRequestData', { projectId: TEST_PROJECT, mergeRequestId: 1 })
           .then(() => {
-            expect(service.getProjectMergeRequestData).toHaveBeenCalledWith('abcproject', 1, {
+            expect(service.getProjectMergeRequestData).toHaveBeenCalledWith(TEST_PROJECT, 1, {
               render_html: true,
             });
 
@@ -145,10 +148,12 @@ describe('IDE store merge request actions', () => {
 
       it('sets the Merge Request Object', done => {
         store
-          .dispatch('getMergeRequestData', { projectId: 'abcproject', mergeRequestId: 1 })
+          .dispatch('getMergeRequestData', { projectId: TEST_PROJECT, mergeRequestId: 1 })
           .then(() => {
-            expect(store.state.projects.abcproject.mergeRequests['1'].title).toBe('mergerequest');
             expect(store.state.currentMergeRequestId).toBe(1);
+            expect(store.state.projects[TEST_PROJECT].mergeRequests['1'].title).toBe(
+              'mergerequest',
+            );
 
             done();
           })
@@ -170,7 +175,7 @@ describe('IDE store merge request actions', () => {
             dispatch,
             state: store.state,
           },
-          { projectId: 'abcproject', mergeRequestId: 1 },
+          { projectId: TEST_PROJECT, mergeRequestId: 1 },
         )
           .then(done.fail)
           .catch(() => {
@@ -179,7 +184,7 @@ describe('IDE store merge request actions', () => {
               action: jasmine.any(Function),
               actionText: 'Please try again',
               actionPayload: {
-                projectId: 'abcproject',
+                projectId: TEST_PROJECT,
                 mergeRequestId: 1,
                 force: false,
               },
@@ -193,7 +198,7 @@ describe('IDE store merge request actions', () => {
 
   describe('getMergeRequestChanges', () => {
     beforeEach(() => {
-      store.state.projects.abcproject.mergeRequests['1'] = { changes: [] };
+      store.state.projects[TEST_PROJECT].mergeRequests['1'] = { changes: [] };
     });
 
     describe('success', () => {
@@ -207,9 +212,9 @@ describe('IDE store merge request actions', () => {
 
       it('calls getProjectMergeRequestChanges service method', done => {
         store
-          .dispatch('getMergeRequestChanges', { projectId: 'abcproject', mergeRequestId: 1 })
+          .dispatch('getMergeRequestChanges', { projectId: TEST_PROJECT, mergeRequestId: 1 })
           .then(() => {
-            expect(service.getProjectMergeRequestChanges).toHaveBeenCalledWith('abcproject', 1);
+            expect(service.getProjectMergeRequestChanges).toHaveBeenCalledWith(TEST_PROJECT, 1);
 
             done();
           })
@@ -218,9 +223,9 @@ describe('IDE store merge request actions', () => {
 
       it('sets the Merge Request Changes Object', done => {
         store
-          .dispatch('getMergeRequestChanges', { projectId: 'abcproject', mergeRequestId: 1 })
+          .dispatch('getMergeRequestChanges', { projectId: TEST_PROJECT, mergeRequestId: 1 })
           .then(() => {
-            expect(store.state.projects.abcproject.mergeRequests['1'].changes.title).toBe(
+            expect(store.state.projects[TEST_PROJECT].mergeRequests['1'].changes.title).toBe(
               'mergerequest',
             );
             done();
@@ -243,7 +248,7 @@ describe('IDE store merge request actions', () => {
             dispatch,
             state: store.state,
           },
-          { projectId: 'abcproject', mergeRequestId: 1 },
+          { projectId: TEST_PROJECT, mergeRequestId: 1 },
         )
           .then(done.fail)
           .catch(() => {
@@ -252,7 +257,7 @@ describe('IDE store merge request actions', () => {
               action: jasmine.any(Function),
               actionText: 'Please try again',
               actionPayload: {
-                projectId: 'abcproject',
+                projectId: TEST_PROJECT,
                 mergeRequestId: 1,
                 force: false,
               },
@@ -266,7 +271,7 @@ describe('IDE store merge request actions', () => {
 
   describe('getMergeRequestVersions', () => {
     beforeEach(() => {
-      store.state.projects.abcproject.mergeRequests['1'] = { versions: [] };
+      store.state.projects[TEST_PROJECT].mergeRequests['1'] = { versions: [] };
     });
 
     describe('success', () => {
@@ -279,9 +284,9 @@ describe('IDE store merge request actions', () => {
 
       it('calls getProjectMergeRequestVersions service method', done => {
         store
-          .dispatch('getMergeRequestVersions', { projectId: 'abcproject', mergeRequestId: 1 })
+          .dispatch('getMergeRequestVersions', { projectId: TEST_PROJECT, mergeRequestId: 1 })
           .then(() => {
-            expect(service.getProjectMergeRequestVersions).toHaveBeenCalledWith('abcproject', 1);
+            expect(service.getProjectMergeRequestVersions).toHaveBeenCalledWith(TEST_PROJECT, 1);
 
             done();
           })
@@ -290,9 +295,9 @@ describe('IDE store merge request actions', () => {
 
       it('sets the Merge Request Versions Object', done => {
         store
-          .dispatch('getMergeRequestVersions', { projectId: 'abcproject', mergeRequestId: 1 })
+          .dispatch('getMergeRequestVersions', { projectId: TEST_PROJECT, mergeRequestId: 1 })
           .then(() => {
-            expect(store.state.projects.abcproject.mergeRequests['1'].versions.length).toBe(1);
+            expect(store.state.projects[TEST_PROJECT].mergeRequests['1'].versions.length).toBe(1);
             done();
           })
           .catch(done.fail);
@@ -313,7 +318,7 @@ describe('IDE store merge request actions', () => {
             dispatch,
             state: store.state,
           },
-          { projectId: 'abcproject', mergeRequestId: 1 },
+          { projectId: TEST_PROJECT, mergeRequestId: 1 },
         )
           .then(done.fail)
           .catch(() => {
@@ -322,7 +327,7 @@ describe('IDE store merge request actions', () => {
               action: jasmine.any(Function),
               actionText: 'Please try again',
               actionPayload: {
-                projectId: 'abcproject',
+                projectId: TEST_PROJECT,
                 mergeRequestId: 1,
                 force: false,
               },
@@ -336,7 +341,7 @@ describe('IDE store merge request actions', () => {
 
   describe('openMergeRequest', () => {
     const mr = {
-      projectId: 'abcproject',
+      projectId: TEST_PROJECT,
       targetProjectId: 'defproject',
       mergeRequestId: 2,
     };
diff --git a/spec/javascripts/ide/stores/modules/pipelines/mutations_spec.js b/spec/javascripts/ide/stores/modules/pipelines/mutations_spec.js
index eb7346bd5fc..b558c45f574 100644
--- a/spec/javascripts/ide/stores/modules/pipelines/mutations_spec.js
+++ b/spec/javascripts/ide/stores/modules/pipelines/mutations_spec.js
@@ -27,63 +27,71 @@ describe('IDE pipelines mutations', () => {
   });
 
   describe(types.RECEIVE_LASTEST_PIPELINE_SUCCESS, () => {
-    it('sets loading to false on success', () => {
-      mutations[types.RECEIVE_LASTEST_PIPELINE_SUCCESS](
-        mockedState,
-        fullPipelinesResponse.data.pipelines[0],
-      );
+    const itSetsPipelineLoadingStates = () => {
+      it('sets has loaded to true', () => {
+        expect(mockedState.hasLoadedPipeline).toBe(true);
+      });
 
-      expect(mockedState.isLoadingPipeline).toBe(false);
-    });
+      it('sets loading to false on success', () => {
+        expect(mockedState.isLoadingPipeline).toBe(false);
+      });
+    };
+
+    describe('with pipeline', () => {
+      beforeEach(() => {
+        mutations[types.RECEIVE_LASTEST_PIPELINE_SUCCESS](
+          mockedState,
+          fullPipelinesResponse.data.pipelines[0],
+        );
+      });
 
-    it('sets latestPipeline', () => {
-      mutations[types.RECEIVE_LASTEST_PIPELINE_SUCCESS](
-        mockedState,
-        fullPipelinesResponse.data.pipelines[0],
-      );
+      itSetsPipelineLoadingStates();
 
-      expect(mockedState.latestPipeline).toEqual({
-        id: '51',
-        path: 'test',
-        commit: { id: '123' },
-        details: { status: jasmine.any(Object) },
-        yamlError: undefined,
+      it('sets latestPipeline', () => {
+        expect(mockedState.latestPipeline).toEqual({
+          id: '51',
+          path: 'test',
+          commit: { id: '123' },
+          details: { status: jasmine.any(Object) },
+          yamlError: undefined,
+        });
       });
-    });
 
-    it('does not set latest pipeline if pipeline is null', () => {
-      mutations[types.RECEIVE_LASTEST_PIPELINE_SUCCESS](mockedState, null);
-
-      expect(mockedState.latestPipeline).toEqual(false);
+      it('sets stages', () => {
+        expect(mockedState.stages.length).toBe(2);
+        expect(mockedState.stages).toEqual([
+          {
+            id: 0,
+            dropdownPath: stages[0].dropdown_path,
+            name: stages[0].name,
+            status: stages[0].status,
+            isCollapsed: false,
+            isLoading: false,
+            jobs: [],
+          },
+          {
+            id: 1,
+            dropdownPath: stages[1].dropdown_path,
+            name: stages[1].name,
+            status: stages[1].status,
+            isCollapsed: false,
+            isLoading: false,
+            jobs: [],
+          },
+        ]);
+      });
     });
 
-    it('sets stages', () => {
-      mutations[types.RECEIVE_LASTEST_PIPELINE_SUCCESS](
-        mockedState,
-        fullPipelinesResponse.data.pipelines[0],
-      );
+    describe('with null', () => {
+      beforeEach(() => {
+        mutations[types.RECEIVE_LASTEST_PIPELINE_SUCCESS](mockedState, null);
+      });
 
-      expect(mockedState.stages.length).toBe(2);
-      expect(mockedState.stages).toEqual([
-        {
-          id: 0,
-          dropdownPath: stages[0].dropdown_path,
-          name: stages[0].name,
-          status: stages[0].status,
-          isCollapsed: false,
-          isLoading: false,
-          jobs: [],
-        },
-        {
-          id: 1,
-          dropdownPath: stages[1].dropdown_path,
-          name: stages[1].name,
-          status: stages[1].status,
-          isCollapsed: false,
-          isLoading: false,
-          jobs: [],
-        },
-      ]);
+      itSetsPipelineLoadingStates();
+
+      it('does not set latest pipeline if pipeline is null', () => {
+        expect(mockedState.latestPipeline).toEqual(null);
+      });
     });
   });
 
diff --git a/spec/javascripts/jobs/components/job_app_spec.js b/spec/javascripts/jobs/components/job_app_spec.js
index ba5d672f189..cef40117304 100644
--- a/spec/javascripts/jobs/components/job_app_spec.js
+++ b/spec/javascripts/jobs/components/job_app_spec.js
@@ -17,6 +17,7 @@ describe('Job App ', () => {
   const props = {
     endpoint: `${gl.TEST_HOST}jobs/123.json`,
     runnerHelpUrl: 'help/runner',
+    deploymentHelpUrl: 'help/deployment',
     runnerSettingsUrl: 'settings/ci-cd/runners',
     terminalPath: 'jobs/123/terminal',
     pagePath: `${gl.TEST_HOST}jobs/123`,
@@ -253,6 +254,41 @@ describe('Job App ', () => {
       });
     });
 
+    describe('unmet prerequisites block', () => {
+      it('renders unmet prerequisites block when there is an unmet prerequisites failure', done => {
+        mock.onGet(props.endpoint).replyOnce(
+          200,
+          Object.assign({}, job, {
+            status: {
+              group: 'failed',
+              icon: 'status_failed',
+              label: 'failed',
+              text: 'failed',
+              details_path: 'path',
+              illustration: {
+                content: 'Retry this job in order to create the necessary resources.',
+                image: 'path',
+                size: 'svg-430',
+                title: 'Failed to create resources',
+              },
+            },
+            failure_reason: 'unmet_prerequisites',
+            has_trace: false,
+            runners: {
+              available: true,
+            },
+            tags: [],
+          }),
+        );
+        vm = mountComponentWithStore(Component, { props, store });
+
+        setTimeout(() => {
+          expect(vm.$el.querySelector('.js-job-failed')).not.toBeNull();
+          done();
+        }, 0);
+      });
+    });
+
     describe('environments block', () => {
       it('renders environment block when job has environment', done => {
         mock.onGet(props.endpoint).replyOnce(
diff --git a/spec/javascripts/jobs/components/unmet_prerequisites_block_spec.js b/spec/javascripts/jobs/components/unmet_prerequisites_block_spec.js
new file mode 100644
index 00000000000..68fcb321214
--- /dev/null
+++ b/spec/javascripts/jobs/components/unmet_prerequisites_block_spec.js
@@ -0,0 +1,37 @@
+import Vue from 'vue';
+import component from '~/jobs/components/unmet_prerequisites_block.vue';
+import mountComponent from '../../helpers/vue_mount_component_helper';
+
+describe('Unmet Prerequisites Block Job component', () => {
+  const Component = Vue.extend(component);
+  let vm;
+  const helpPath = '/user/project/clusters/index.html#troubleshooting-failed-deployment-jobs';
+
+  beforeEach(() => {
+    vm = mountComponent(Component, {
+      hasNoRunnersForProject: true,
+      helpPath,
+    });
+  });
+
+  afterEach(() => {
+    vm.$destroy();
+  });
+
+  it('renders an alert with the correct message', () => {
+    const container = vm.$el.querySelector('.js-failed-unmet-prerequisites');
+    const alertMessage =
+      'This job failed because the necessary resources were not successfully created.';
+
+    expect(container).not.toBeNull();
+    expect(container.innerHTML).toContain(alertMessage);
+  });
+
+  it('renders link to help page', () => {
+    const helpLink = vm.$el.querySelector('.js-help-path');
+
+    expect(helpLink).not.toBeNull();
+    expect(helpLink.innerHTML).toContain('More information');
+    expect(helpLink.getAttribute('href')).toEqual(helpPath);
+  });
+});
diff --git a/spec/javascripts/notes/mock_data.js b/spec/javascripts/notes/mock_data.js
index 348743081eb..1df5cf9ef68 100644
--- a/spec/javascripts/notes/mock_data.js
+++ b/spec/javascripts/notes/mock_data.js
@@ -44,8 +44,7 @@ export const noteableDataMock = {
   milestone: null,
   milestone_id: null,
   moved_to_id: null,
-  preview_note_path:
-    '/gitlab-org/gitlab-ce/preview_markdown?quick_actions_target_id=98&quick_actions_target_type=Issue',
+  preview_note_path: '/gitlab-org/gitlab-ce/preview_markdown?target_id=98&target_type=Issue',
   project_id: 2,
   state: 'opened',
   time_estimate: 0,
@@ -347,8 +346,7 @@ export const loggedOutnoteableData = {
   },
   noteable_note_url: '/group/project/merge_requests/1#note_1',
   create_note_path: '/gitlab-org/gitlab-ce/notes?target_id=98&target_type=issue',
-  preview_note_path:
-    '/gitlab-org/gitlab-ce/preview_markdown?quick_actions_target_id=98&quick_actions_target_type=Issue',
+  preview_note_path: '/gitlab-org/gitlab-ce/preview_markdown?target_id=98&target_type=Issue',
 };
 
 export const collapseNotesMock = [
diff --git a/spec/javascripts/sidebar/todo_spec.js b/spec/javascripts/sidebar/todo_spec.js
index 657e88ecb96..f46ea5a0499 100644
--- a/spec/javascripts/sidebar/todo_spec.js
+++ b/spec/javascripts/sidebar/todo_spec.js
@@ -116,7 +116,7 @@ describe('SidebarTodo', () => {
       const dataAttributes = {
         issuableId: '1',
         issuableType: 'epic',
-        originalTitle: 'Mark todo as done',
+        originalTitle: '',
         placement: 'left',
         container: 'body',
         boundary: 'viewport',
@@ -130,6 +130,10 @@ describe('SidebarTodo', () => {
       });
     });
 
+    it('check button label computed property', () => {
+      expect(vm.buttonLabel).toEqual('Mark todo as done');
+    });
+
     it('renders button label element when `collapsed` prop is `false`', () => {
       const buttonLabelEl = vm.$el.querySelector('span.issuable-todo-inner');
 
diff --git a/spec/javascripts/vue_shared/components/file_row_spec.js b/spec/javascripts/vue_shared/components/file_row_spec.js
index d1fd899c1a8..7da69e3fa84 100644
--- a/spec/javascripts/vue_shared/components/file_row_spec.js
+++ b/spec/javascripts/vue_shared/components/file_row_spec.js
@@ -1,5 +1,6 @@
 import Vue from 'vue';
 import FileRow from '~/vue_shared/components/file_row.vue';
+import FileRowExtra from '~/ide/components/file_row_extra.vue';
 import { file } from 'spec/ide/helpers';
 import mountComponent from '../../helpers/vue_mount_component_helper';
 
@@ -16,6 +17,10 @@ describe('File row component', () => {
     vm.$destroy();
   });
 
+  const findNewDropdown = () => vm.$el.querySelector('.ide-new-btn .dropdown');
+  const findNewDropdownButton = () => vm.$el.querySelector('.ide-new-btn .dropdown button');
+  const findFileRow = () => vm.$el.querySelector('.file-row');
+
   it('renders name', () => {
     createComponent({
       file: file('t4'),
@@ -84,4 +89,59 @@ describe('File row component', () => {
 
     expect(vm.$el.querySelector('.js-file-row-header')).not.toBe(null);
   });
+
+  describe('new dropdown', () => {
+    beforeEach(() => {
+      createComponent({
+        file: file('t5'),
+        level: 1,
+        extraComponent: FileRowExtra,
+      });
+    });
+
+    it('renders in extra component', () => {
+      expect(findNewDropdown()).not.toBe(null);
+    });
+
+    it('is hidden at start', () => {
+      expect(findNewDropdown()).not.toHaveClass('show');
+    });
+
+    it('is opened when button is clicked', done => {
+      expect(vm.dropdownOpen).toBe(false);
+      findNewDropdownButton().dispatchEvent(new Event('click'));
+
+      vm.$nextTick()
+        .then(() => {
+          expect(vm.dropdownOpen).toBe(true);
+          expect(findNewDropdown()).toHaveClass('show');
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+
+    describe('when opened', () => {
+      beforeEach(() => {
+        vm.dropdownOpen = true;
+      });
+
+      it('stays open when button triggers mouseout', () => {
+        findNewDropdownButton().dispatchEvent(new Event('mouseout'));
+
+        expect(vm.dropdownOpen).toBe(true);
+      });
+
+      it('stays open when button triggers mouseleave', () => {
+        findNewDropdownButton().dispatchEvent(new Event('mouseleave'));
+
+        expect(vm.dropdownOpen).toBe(true);
+      });
+
+      it('closes when row triggers mouseleave', () => {
+        findFileRow().dispatchEvent(new Event('mouseleave'));
+
+        expect(vm.dropdownOpen).toBe(false);
+      });
+    });
+  });
 });
diff --git a/spec/javascripts/vue_shared/components/markdown/header_spec.js b/spec/javascripts/vue_shared/components/markdown/header_spec.js
index e733a95288e..d4be2451f0b 100644
--- a/spec/javascripts/vue_shared/components/markdown/header_spec.js
+++ b/spec/javascripts/vue_shared/components/markdown/header_spec.js
@@ -98,7 +98,7 @@ describe('Markdown field header component', () => {
   it('renders suggestion template', () => {
     vm.lineContent = 'Some content';
 
-    expect(vm.mdSuggestion).toEqual('```suggestion\n{text}\n```');
+    expect(vm.mdSuggestion).toEqual('```suggestion:-0+0\n{text}\n```');
   });
 
   it('does not render suggestion button if `canSuggest` is set to false', () => {
diff --git a/spec/javascripts/vue_shared/components/markdown/suggestion_diff_spec.js b/spec/javascripts/vue_shared/components/markdown/suggestion_diff_spec.js
index f87c2a92f47..ea74cb9eb21 100644
--- a/spec/javascripts/vue_shared/components/markdown/suggestion_diff_spec.js
+++ b/spec/javascripts/vue_shared/components/markdown/suggestion_diff_spec.js
@@ -1,21 +1,50 @@
 import Vue from 'vue';
 import SuggestionDiffComponent from '~/vue_shared/components/markdown/suggestion_diff.vue';
+import { selectDiffLines } from '~/vue_shared/components/lib/utils/diff_utils';
 
 const MOCK_DATA = {
   canApply: true,
-  newLines: [
-    { content: 'Line 1\n', lineNumber: 1 },
-    { content: 'Line 2\n', lineNumber: 2 },
-    { content: 'Line 3\n', lineNumber: 3 },
-  ],
-  fromLine: 1,
-  fromContent: 'Old content',
   suggestion: {
     id: 1,
+    diff_lines: [
+      {
+        can_receive_suggestion: false,
+        line_code: null,
+        meta_data: null,
+        new_line: null,
+        old_line: 5,
+        rich_text: '-test',
+        text: '-test',
+        type: 'old',
+      },
+      {
+        can_receive_suggestion: true,
+        line_code: null,
+        meta_data: null,
+        new_line: 5,
+        old_line: null,
+        rich_text: '+new test',
+        text: '+new test',
+        type: 'new',
+      },
+      {
+        can_receive_suggestion: true,
+        line_code: null,
+        meta_data: null,
+        new_line: 5,
+        old_line: null,
+        rich_text: '+new test2',
+        text: '+new test2',
+        type: 'new',
+      },
+    ],
   },
   helpPagePath: 'path_to_docs',
 };
 
+const lines = selectDiffLines(MOCK_DATA.suggestion.diff_lines);
+const newLines = lines.filter(line => line.type === 'new');
+
 describe('Suggestion Diff component', () => {
   let vm;
 
@@ -39,30 +68,23 @@ describe('Suggestion Diff component', () => {
     });
 
     it('renders the oldLineNumber', () => {
-      const fromLine = vm.$el.querySelector('.qa-old-diff-line-number').innerHTML;
+      const fromLine = vm.$el.querySelector('.old_line').innerHTML;
 
-      expect(parseInt(fromLine, 10)).toBe(vm.fromLine);
+      expect(parseInt(fromLine, 10)).toBe(lines[0].old_line);
     });
 
     it('renders the oldLineContent', () => {
       const fromContent = vm.$el.querySelector('.line_content.old').innerHTML;
 
-      expect(fromContent.includes(vm.fromContent)).toBe(true);
-    });
-
-    it('renders the contents of newLines', () => {
-      const newLines = vm.$el.querySelectorAll('.line_holder.new');
-
-      newLines.forEach((line, i) => {
-        expect(newLines[i].innerHTML.includes(vm.newLines[i].content)).toBe(true);
-      });
+      expect(fromContent.includes(lines[0].text)).toBe(true);
     });
 
-    it('renders a line number for each line', () => {
-      const newLineNumbers = vm.$el.querySelectorAll('.qa-new-diff-line-number');
+    it('renders new lines', () => {
+      const newLinesElements = vm.$el.querySelectorAll('.line_holder.new');
 
-      newLineNumbers.forEach((line, i) => {
-        expect(newLineNumbers[i].innerHTML.includes(vm.newLines[i].lineNumber)).toBe(true);
+      newLinesElements.forEach((line, i) => {
+        expect(newLinesElements[i].innerHTML.includes(newLines[i].new_line)).toBe(true);
+        expect(newLinesElements[i].innerHTML.includes(newLines[i].text)).toBe(true);
       });
     });
   });
diff --git a/spec/javascripts/vue_shared/components/markdown/suggestions_spec.js b/spec/javascripts/vue_shared/components/markdown/suggestions_spec.js
index 33be63a3a1e..b7de40b4831 100644
--- a/spec/javascripts/vue_shared/components/markdown/suggestions_spec.js
+++ b/spec/javascripts/vue_shared/components/markdown/suggestions_spec.js
@@ -2,46 +2,52 @@ import Vue from 'vue';
 import SuggestionsComponent from '~/vue_shared/components/markdown/suggestions.vue';
 
 const MOCK_DATA = {
-  fromLine: 1,
-  fromContent: 'Old content',
-  suggestions: [],
+  suggestions: [
+    {
+      id: 1,
+      appliable: true,
+      applied: false,
+      current_user: {
+        can_apply: true,
+      },
+      diff_lines: [
+        {
+          can_receive_suggestion: false,
+          line_code: null,
+          meta_data: null,
+          new_line: null,
+          old_line: 5,
+          rich_text: '-test',
+          text: '-test',
+          type: 'old',
+        },
+        {
+          can_receive_suggestion: true,
+          line_code: null,
+          meta_data: null,
+          new_line: 5,
+          old_line: null,
+          rich_text: '+new test',
+          text: '+new test',
+          type: 'new',
+        },
+      ],
+    },
+  ],
   noteHtml: `
+      <div class="suggestion">
+      <div class="line">-oldtest</div>
+    </div>  
     <div class="suggestion">
-      <div class="line">Suggestion 1</div>
+      <div class="line">+newtest</div>
     </div>    
-    
-    <div class="suggestion">
-      <div class="line">Suggestion 2</div>
-    </div>
   `,
   isApplied: false,
   helpPagePath: 'path_to_docs',
 };
 
-const generateLine = content => {
-  const line = document.createElement('div');
-  line.className = 'line';
-  line.innerHTML = content;
-
-  return line;
-};
-
-const generateMockLines = () => {
-  const line1 = generateLine('Line 1');
-  const line2 = generateLine('Line 2');
-  const line3 = generateLine('- Line 3');
-  const container = document.createElement('div');
-
-  container.appendChild(line1);
-  container.appendChild(line2);
-  container.appendChild(line3);
-
-  return container;
-};
-
 describe('Suggestion component', () => {
   let vm;
-  let extractedLines;
   let diffTable;
 
   beforeEach(done => {
@@ -51,8 +57,7 @@ describe('Suggestion component', () => {
       propsData: MOCK_DATA,
     }).$mount();
 
-    extractedLines = vm.extractNewLines(generateMockLines());
-    diffTable = vm.generateDiff(extractedLines).$mount().$el;
+    diffTable = vm.generateDiff(0).$mount().$el;
 
     spyOn(vm, 'renderSuggestions');
     vm.renderSuggestions();
@@ -70,32 +75,8 @@ describe('Suggestion component', () => {
 
     it('renders suggestions', () => {
       expect(vm.renderSuggestions).toHaveBeenCalled();
-      expect(vm.$el.innerHTML.includes('Suggestion 1')).toBe(true);
-      expect(vm.$el.innerHTML.includes('Suggestion 2')).toBe(true);
-    });
-  });
-
-  describe('extractNewLines', () => {
-    it('extracts suggested lines', () => {
-      const expectedReturn = [
-        { content: 'Line 1\n', lineNumber: 1 },
-        { content: 'Line 2\n', lineNumber: 2 },
-        { content: '- Line 3\n', lineNumber: 3 },
-      ];
-
-      expect(vm.extractNewLines(generateMockLines())).toEqual(expectedReturn);
-    });
-
-    it('increments line number for each extracted line', () => {
-      expect(extractedLines[0].lineNumber).toEqual(1);
-      expect(extractedLines[1].lineNumber).toEqual(2);
-      expect(extractedLines[2].lineNumber).toEqual(3);
-    });
-
-    it('returns empty array if no lines are found', () => {
-      const el = document.createElement('div');
-
-      expect(vm.extractNewLines(el)).toEqual([]);
+      expect(vm.$el.innerHTML.includes('oldtest')).toBe(true);
+      expect(vm.$el.innerHTML.includes('newtest')).toBe(true);
     });
   });
 
@@ -109,17 +90,17 @@ describe('Suggestion component', () => {
     });
 
     it('generates a diff table that contains contents the suggested lines', () => {
-      extractedLines.forEach((line, i) => {
-        expect(diffTable.innerHTML.includes(extractedLines[i].content)).toBe(true);
+      MOCK_DATA.suggestions[0].diff_lines.forEach(line => {
+        const text = line.text.substring(1);
+
+        expect(diffTable.innerHTML.includes(text)).toBe(true);
       });
     });
 
     it('generates a diff table with the correct line number for each suggested line', () => {
-      const lines = diffTable.getElementsByClassName('qa-new-diff-line-number');
+      const lines = diffTable.querySelectorAll('.old_line');
 
-      expect([...lines][0].innerHTML).toBe('1');
-      expect([...lines][1].innerHTML).toBe('2');
-      expect([...lines][2].innerHTML).toBe('3');
+      expect(parseInt([...lines][0].innerHTML, 10)).toBe(5);
     });
   });
 });
diff --git a/spec/lib/api/helpers/custom_validators_spec.rb b/spec/lib/api/helpers/custom_validators_spec.rb
index 9945d598a14..aed86b21cb7 100644
--- a/spec/lib/api/helpers/custom_validators_spec.rb
+++ b/spec/lib/api/helpers/custom_validators_spec.rb
@@ -21,7 +21,7 @@ describe API::Helpers::CustomValidators do
     end
 
     context 'invalid parameters' do
-      it 'should raise a validation error' do
+      it 'raises a validation error' do
         expect_validation_error({ 'test' => 'some_value' })
       end
     end
@@ -44,7 +44,7 @@ describe API::Helpers::CustomValidators do
     end
 
     context 'invalid parameters' do
-      it 'should raise a validation error' do
+      it 'raises a validation error' do
         expect_validation_error({ 'test' => 'some_other_string' })
       end
     end
@@ -67,7 +67,7 @@ describe API::Helpers::CustomValidators do
     end
 
     context 'invalid parameters' do
-      it 'should raise a validation error' do
+      it 'raises a validation error' do
         expect_validation_error({ 'test' => 'some_other_string' })
       end
     end
diff --git a/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb b/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb
index b645e49bd43..5b3f679084e 100644
--- a/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb
+++ b/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb
@@ -13,6 +13,6 @@ describe Banzai::Filter::BlockquoteFenceFilter do
   end
 
   it 'allows trailing whitespace on blockquote fence lines' do
-    expect(filter(">>> \ntest\n>>> ")).to eq("> test")
+    expect(filter(">>> \ntest\n>>> ")).to eq("\n> test\n")
   end
 end
diff --git a/spec/lib/banzai/filter/plantuml_filter_spec.rb b/spec/lib/banzai/filter/plantuml_filter_spec.rb
index 8235c411eb7..6f7acfe7072 100644
--- a/spec/lib/banzai/filter/plantuml_filter_spec.rb
+++ b/spec/lib/banzai/filter/plantuml_filter_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 describe Banzai::Filter::PlantumlFilter do
   include FilterSpecHelper
 
-  it 'should replace plantuml pre tag with img tag' do
+  it 'replaces plantuml pre tag with img tag' do
     stub_application_setting(plantuml_enabled: true, plantuml_url: "http://localhost:8080")
     input = '<pre><code lang="plantuml">Bob -> Sara : Hello</code></pre>'
     output = '<div class="imageblock"><div class="content"><img class="plantuml" src="http://localhost:8080/png/U9npoazIqBLJ24uiIbImKl18pSd91m0rkGMq"></div></div>'
@@ -12,7 +12,7 @@ describe Banzai::Filter::PlantumlFilter do
     expect(doc.to_s).to eq output
   end
 
-  it 'should not replace plantuml pre tag with img tag if disabled' do
+  it 'does not replace plantuml pre tag with img tag if disabled' do
     stub_application_setting(plantuml_enabled: false)
     input = '<pre><code lang="plantuml">Bob -> Sara : Hello</code></pre>'
     output = '<pre><code lang="plantuml">Bob -&gt; Sara : Hello</code></pre>'
@@ -21,7 +21,7 @@ describe Banzai::Filter::PlantumlFilter do
     expect(doc.to_s).to eq output
   end
 
-  it 'should not replace plantuml pre tag with img tag if url is invalid' do
+  it 'does not replace plantuml pre tag with img tag if url is invalid' do
     stub_application_setting(plantuml_enabled: true, plantuml_url: "invalid")
     input = '<pre><code lang="plantuml">Bob -> Sara : Hello</code></pre>'
     output = '<div class="listingblock"><div class="content"><pre class="plantuml plantuml-error"> PlantUML Error: cannot connect to PlantUML server at "invalid"</pre></div></div>'
diff --git a/spec/lib/banzai/suggestions_parser_spec.rb b/spec/lib/banzai/suggestions_parser_spec.rb
deleted file mode 100644
index 79658d710ce..00000000000
--- a/spec/lib/banzai/suggestions_parser_spec.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe Banzai::SuggestionsParser do
-  describe '.parse' do
-    it 'returns a list of suggestion contents' do
-      markdown = <<-MARKDOWN.strip_heredoc
-        ```suggestion
-          foo
-          bar
-        ```
-
-        ```
-          nothing
-        ```
-
-        ```suggestion
-          xpto
-          baz
-        ```
-
-        ```thing
-          this is not a suggestion, it's a thing
-        ```
-      MARKDOWN
-
-      expect(described_class.parse(markdown)).to eq(["  foo\n  bar",
-                                                     "  xpto\n  baz"])
-    end
-  end
-end
diff --git a/spec/lib/forever_spec.rb b/spec/lib/forever_spec.rb
index 494c0561975..b9ffe895bf0 100644
--- a/spec/lib/forever_spec.rb
+++ b/spec/lib/forever_spec.rb
@@ -5,7 +5,7 @@ describe Forever do
     subject { described_class.date }
 
     context 'when using PostgreSQL' do
-      it 'should return Postgresql future date' do
+      it 'returns Postgresql future date' do
         allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
 
         expect(subject).to eq(described_class::POSTGRESQL_DATE)
@@ -13,7 +13,7 @@ describe Forever do
     end
 
     context 'when using MySQL' do
-      it 'should return MySQL future date' do
+      it 'returns MySQL future date' do
         allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
 
         expect(subject).to eq(described_class::MYSQL_DATE)
diff --git a/spec/lib/gitlab/background_migration/populate_cluster_kubernetes_namespace_table_spec.rb b/spec/lib/gitlab/background_migration/populate_cluster_kubernetes_namespace_table_spec.rb
index 812e0cc6947..128e118ac17 100644
--- a/spec/lib/gitlab/background_migration/populate_cluster_kubernetes_namespace_table_spec.rb
+++ b/spec/lib/gitlab/background_migration/populate_cluster_kubernetes_namespace_table_spec.rb
@@ -19,7 +19,7 @@ describe Gitlab::BackgroundMigration::PopulateClusterKubernetesNamespaceTable, :
   end
 
   shared_examples 'consistent kubernetes namespace attributes' do
-    it 'should populate namespace and service account information' do
+    it 'populates namespace and service account information' do
       migration.perform
 
       clusters_with_namespace.each do |cluster|
@@ -41,7 +41,7 @@ describe Gitlab::BackgroundMigration::PopulateClusterKubernetesNamespaceTable, :
   context 'when no Clusters::Project has a Clusters::KubernetesNamespace' do
     let(:cluster_projects) { cluster_projects_table.all }
 
-    it 'should create a Clusters::KubernetesNamespace per Clusters::Project' do
+    it 'creates a Clusters::KubernetesNamespace per Clusters::Project' do
       expect do
         migration.perform
       end.to change(Clusters::KubernetesNamespace, :count).by(cluster_projects_table.count)
@@ -57,7 +57,7 @@ describe Gitlab::BackgroundMigration::PopulateClusterKubernetesNamespaceTable, :
       create_kubernetes_namespace(clusters_table.all)
     end
 
-    it 'should not create any Clusters::KubernetesNamespace' do
+    it 'does not create any Clusters::KubernetesNamespace' do
       expect do
         migration.perform
       end.not_to change(Clusters::KubernetesNamespace, :count)
@@ -78,7 +78,7 @@ describe Gitlab::BackgroundMigration::PopulateClusterKubernetesNamespaceTable, :
       end.to change(Clusters::KubernetesNamespace, :count).by(with_no_kubernetes_namespace.count)
     end
 
-    it 'should not modify clusters with Clusters::KubernetesNamespace' do
+    it 'does not modify clusters with Clusters::KubernetesNamespace' do
       migration.perform
 
       with_kubernetes_namespace.each do |cluster|
diff --git a/spec/lib/gitlab/background_migration/populate_fork_networks_range_spec.rb b/spec/lib/gitlab/background_migration/populate_fork_networks_range_spec.rb
index 8582af96199..0e73c8c59c9 100644
--- a/spec/lib/gitlab/background_migration/populate_fork_networks_range_spec.rb
+++ b/spec/lib/gitlab/background_migration/populate_fork_networks_range_spec.rb
@@ -41,7 +41,7 @@ describe Gitlab::BackgroundMigration::PopulateForkNetworksRange, :migration, sch
     migration.perform(1, 3)
   end
 
-  it 'it creates the fork network' do
+  it 'creates the fork network' do
     expect(fork_network1).not_to be_nil
     expect(fork_network2).not_to be_nil
   end
diff --git a/spec/lib/gitlab/ci/build/policy/refs_spec.rb b/spec/lib/gitlab/ci/build/policy/refs_spec.rb
index ec0450643c3..22ca681cfd3 100644
--- a/spec/lib/gitlab/ci/build/policy/refs_spec.rb
+++ b/spec/lib/gitlab/ci/build/policy/refs_spec.rb
@@ -101,6 +101,32 @@ describe Gitlab::Ci::Build::Policy::Refs do
         expect(described_class.new(['/fix-.*/']))
           .not_to be_satisfied_by(pipeline)
       end
+
+      context 'when unsafe regexp is used' do
+        let(:subject) { described_class.new(['/^(?!master).+/']) }
+
+        context 'when allow_unsafe_ruby_regexp is disabled' do
+          before do
+            stub_feature_flags(allow_unsafe_ruby_regexp: false)
+          end
+
+          it 'ignores invalid regexp' do
+            expect(subject)
+              .not_to be_satisfied_by(pipeline)
+          end
+        end
+
+        context 'when allow_unsafe_ruby_regexp is enabled' do
+          before do
+            stub_feature_flags(allow_unsafe_ruby_regexp: true)
+          end
+
+          it 'is satisfied by regexp' do
+            expect(subject)
+              .to be_satisfied_by(pipeline)
+          end
+        end
+      end
     end
 
     context 'malicious regexp' do
diff --git a/spec/lib/gitlab/ci/config/entry/policy_spec.rb b/spec/lib/gitlab/ci/config/entry/policy_spec.rb
index 1c987e13a9a..fba5671594d 100644
--- a/spec/lib/gitlab/ci/config/entry/policy_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/policy_spec.rb
@@ -1,4 +1,5 @@
 require 'fast_spec_helper'
+require 'support/helpers/stub_feature_flags'
 require_dependency 'active_model'
 
 describe Gitlab::Ci::Config::Entry::Policy do
@@ -33,6 +34,44 @@ describe Gitlab::Ci::Config::Entry::Policy do
           end
         end
 
+        context 'when config is an empty regexp' do
+          let(:config) { ['//'] }
+
+          describe '#valid?' do
+            it 'is valid' do
+              expect(entry).to be_valid
+            end
+          end
+        end
+
+        context 'when using unsafe regexp' do
+          include StubFeatureFlags
+
+          let(:config) { ['/^(?!master).+/'] }
+
+          subject { described_class.new([regexp]) }
+
+          context 'when allow_unsafe_ruby_regexp is disabled' do
+            before do
+              stub_feature_flags(allow_unsafe_ruby_regexp: false)
+            end
+
+            it 'is not valid' do
+              expect(entry).not_to be_valid
+            end
+          end
+
+          context 'when allow_unsafe_ruby_regexp is enabled' do
+            before do
+              stub_feature_flags(allow_unsafe_ruby_regexp: true)
+            end
+
+            it 'is valid' do
+              expect(entry).to be_valid
+            end
+          end
+        end
+
         context 'when config is a special keyword' do
           let(:config) { %w[tags triggers branches] }
 
@@ -67,6 +106,34 @@ describe Gitlab::Ci::Config::Entry::Policy do
       end
     end
 
+    context 'when using unsafe regexp' do
+      include StubFeatureFlags
+
+      let(:config) { { refs: ['/^(?!master).+/'] } }
+
+      subject { described_class.new([regexp]) }
+
+      context 'when allow_unsafe_ruby_regexp is disabled' do
+        before do
+          stub_feature_flags(allow_unsafe_ruby_regexp: false)
+        end
+
+        it 'is not valid' do
+          expect(entry).not_to be_valid
+        end
+      end
+
+      context 'when allow_unsafe_ruby_regexp is enabled' do
+        before do
+          stub_feature_flags(allow_unsafe_ruby_regexp: true)
+        end
+
+        it 'is valid' do
+          expect(entry).to be_valid
+        end
+      end
+    end
+
     context 'when specifying kubernetes policy' do
       let(:config) { { kubernetes: 'active' } }
 
diff --git a/spec/lib/gitlab/ci/config/external/file/base_spec.rb b/spec/lib/gitlab/ci/config/external/file/base_spec.rb
index fa39b32d7ab..dd536a241bd 100644
--- a/spec/lib/gitlab/ci/config/external/file/base_spec.rb
+++ b/spec/lib/gitlab/ci/config/external/file/base_spec.rb
@@ -26,7 +26,7 @@ describe Gitlab::Ci::Config::External::File::Base do
     context 'when a location is present' do
       let(:location) { 'some-location' }
 
-      it 'should return true' do
+      it 'returns true' do
         expect(subject).to be_matching
       end
     end
@@ -34,7 +34,7 @@ describe Gitlab::Ci::Config::External::File::Base do
     context 'with a location is missing' do
       let(:location) { nil }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(subject).not_to be_matching
       end
     end
diff --git a/spec/lib/gitlab/ci/config/external/file/local_spec.rb b/spec/lib/gitlab/ci/config/external/file/local_spec.rb
index dc14b07287e..9451db9522a 100644
--- a/spec/lib/gitlab/ci/config/external/file/local_spec.rb
+++ b/spec/lib/gitlab/ci/config/external/file/local_spec.rb
@@ -15,7 +15,7 @@ describe Gitlab::Ci::Config::External::File::Local do
     context 'when a local is specified' do
       let(:params) { { local: 'file' } }
 
-      it 'should return true' do
+      it 'returns true' do
         expect(local_file).to be_matching
       end
     end
@@ -23,7 +23,7 @@ describe Gitlab::Ci::Config::External::File::Local do
     context 'with a missing local' do
       let(:params) { { local: nil } }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(local_file).not_to be_matching
       end
     end
@@ -31,7 +31,7 @@ describe Gitlab::Ci::Config::External::File::Local do
     context 'with a missing local key' do
       let(:params) { {} }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(local_file).not_to be_matching
       end
     end
@@ -45,7 +45,7 @@ describe Gitlab::Ci::Config::External::File::Local do
         allow_any_instance_of(described_class).to receive(:fetch_local_content).and_return("image: 'ruby2:2'")
       end
 
-      it 'should return true' do
+      it 'returns true' do
         expect(local_file.valid?).to be_truthy
       end
     end
@@ -53,7 +53,7 @@ describe Gitlab::Ci::Config::External::File::Local do
     context 'when is not a valid local path' do
       let(:location) { '/lib/gitlab/ci/templates/non-existent-file.yml' }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(local_file.valid?).to be_falsy
       end
     end
@@ -61,7 +61,7 @@ describe Gitlab::Ci::Config::External::File::Local do
     context 'when is not a yaml file' do
       let(:location) { '/config/application.rb' }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(local_file.valid?).to be_falsy
       end
     end
@@ -84,7 +84,7 @@ describe Gitlab::Ci::Config::External::File::Local do
         allow_any_instance_of(described_class).to receive(:fetch_local_content).and_return(local_file_content)
       end
 
-      it 'should return the content of the file' do
+      it 'returns the content of the file' do
         expect(local_file.content).to eq(local_file_content)
       end
     end
@@ -92,7 +92,7 @@ describe Gitlab::Ci::Config::External::File::Local do
     context 'with an invalid file' do
       let(:location) { '/lib/gitlab/ci/templates/non-existent-file.yml' }
 
-      it 'should be nil' do
+      it 'is nil' do
         expect(local_file.content).to be_nil
       end
     end
@@ -101,7 +101,7 @@ describe Gitlab::Ci::Config::External::File::Local do
   describe '#error_message' do
     let(:location) { '/lib/gitlab/ci/templates/non-existent-file.yml' }
 
-    it 'should return an error message' do
+    it 'returns an error message' do
       expect(local_file.error_message).to eq("Local file `#{location}` does not exist!")
     end
   end
diff --git a/spec/lib/gitlab/ci/config/external/file/project_spec.rb b/spec/lib/gitlab/ci/config/external/file/project_spec.rb
index 6e89bb1b30f..4acb4f324d3 100644
--- a/spec/lib/gitlab/ci/config/external/file/project_spec.rb
+++ b/spec/lib/gitlab/ci/config/external/file/project_spec.rb
@@ -19,7 +19,7 @@ describe Gitlab::Ci::Config::External::File::Project do
     context 'when a file and project is specified' do
       let(:params) { { file: 'file.yml', project: 'project' } }
 
-      it 'should return true' do
+      it 'returns true' do
         expect(project_file).to be_matching
       end
     end
@@ -27,7 +27,7 @@ describe Gitlab::Ci::Config::External::File::Project do
     context 'with only file is specified' do
       let(:params) { { file: 'file.yml' } }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(project_file).not_to be_matching
       end
     end
@@ -35,7 +35,7 @@ describe Gitlab::Ci::Config::External::File::Project do
     context 'with only project is specified' do
       let(:params) { { project: 'project' } }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(project_file).not_to be_matching
       end
     end
@@ -43,7 +43,7 @@ describe Gitlab::Ci::Config::External::File::Project do
     context 'with a missing local key' do
       let(:params) { {} }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(project_file).not_to be_matching
       end
     end
@@ -61,14 +61,14 @@ describe Gitlab::Ci::Config::External::File::Project do
         stub_project_blob(root_ref_sha, '/file.yml') { 'image: ruby:2.1' }
       end
 
-      it 'should return true' do
+      it 'returns true' do
         expect(project_file).to be_valid
       end
 
       context 'when user does not have permission to access file' do
         let(:context_user) { create(:user) }
 
-        it 'should return false' do
+        it 'returns false' do
           expect(project_file).not_to be_valid
           expect(project_file.error_message).to include("Project `#{project.full_path}` not found or access denied!")
         end
@@ -86,7 +86,7 @@ describe Gitlab::Ci::Config::External::File::Project do
         stub_project_blob(ref_sha, '/file.yml') { 'image: ruby:2.1' }
       end
 
-      it 'should return true' do
+      it 'returns true' do
         expect(project_file).to be_valid
       end
     end
@@ -102,7 +102,7 @@ describe Gitlab::Ci::Config::External::File::Project do
         stub_project_blob(root_ref_sha, '/file.yml') { '' }
       end
 
-      it 'should return false' do
+      it 'returns false' do
         expect(project_file).not_to be_valid
         expect(project_file.error_message).to include("Project `#{project.full_path}` file `/file.yml` is empty!")
       end
@@ -113,7 +113,7 @@ describe Gitlab::Ci::Config::External::File::Project do
         { project: project.full_path, ref: 'I-Do-Not-Exist', file: '/file.yml' }
       end
 
-      it 'should return false' do
+      it 'returns false' do
         expect(project_file).not_to be_valid
         expect(project_file.error_message).to include("Project `#{project.full_path}` reference `I-Do-Not-Exist` does not exist!")
       end
@@ -124,7 +124,7 @@ describe Gitlab::Ci::Config::External::File::Project do
         { project: project.full_path, file: '/invalid-file.yml' }
       end
 
-      it 'should return false' do
+      it 'returns false' do
         expect(project_file).not_to be_valid
         expect(project_file.error_message).to include("Project `#{project.full_path}` file `/invalid-file.yml` does not exist!")
       end
@@ -135,7 +135,7 @@ describe Gitlab::Ci::Config::External::File::Project do
         { project: project.full_path, file: '/invalid-file' }
       end
 
-      it 'should return false' do
+      it 'returns false' do
         expect(project_file).not_to be_valid
         expect(project_file.error_message).to include('Included file `/invalid-file` does not have YAML extension!')
       end
diff --git a/spec/lib/gitlab/ci/config/external/file/remote_spec.rb b/spec/lib/gitlab/ci/config/external/file/remote_spec.rb
index c5b32c29759..d8a61618e77 100644
--- a/spec/lib/gitlab/ci/config/external/file/remote_spec.rb
+++ b/spec/lib/gitlab/ci/config/external/file/remote_spec.rb
@@ -21,7 +21,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
     context 'when a remote is specified' do
       let(:params) { { remote: 'http://remote' } }
 
-      it 'should return true' do
+      it 'returns true' do
         expect(remote_file).to be_matching
       end
     end
@@ -29,7 +29,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
     context 'with a missing remote' do
       let(:params) { { remote: nil } }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(remote_file).not_to be_matching
       end
     end
@@ -37,7 +37,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
     context 'with a missing remote key' do
       let(:params) { {} }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(remote_file).not_to be_matching
       end
     end
@@ -49,7 +49,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
         WebMock.stub_request(:get, location).to_return(body: remote_file_content)
       end
 
-      it 'should return true' do
+      it 'returns true' do
         expect(remote_file.valid?).to be_truthy
       end
     end
@@ -57,7 +57,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
     context 'with an irregular url' do
       let(:location) { 'not-valid://gitlab.com/gitlab-org/gitlab-ce/blob/1234/.gitlab-ci-1.yml' }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(remote_file.valid?).to be_falsy
       end
     end
@@ -67,7 +67,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
         allow(Gitlab::HTTP).to receive(:get).and_raise(Timeout::Error)
       end
 
-      it 'should be falsy' do
+      it 'is falsy' do
         expect(remote_file.valid?).to be_falsy
       end
     end
@@ -75,7 +75,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
     context 'when is not a yaml file' do
       let(:location) { 'https://asdasdasdaj48ggerexample.com' }
 
-      it 'should be falsy' do
+      it 'is falsy' do
         expect(remote_file.valid?).to be_falsy
       end
     end
@@ -83,7 +83,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
     context 'with an internal url' do
       let(:location) { 'http://localhost:8080' }
 
-      it 'should be falsy' do
+      it 'is falsy' do
         expect(remote_file.valid?).to be_falsy
       end
     end
@@ -95,7 +95,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
         WebMock.stub_request(:get, location).to_return(body: remote_file_content)
       end
 
-      it 'should return the content of the file' do
+      it 'returns the content of the file' do
         expect(remote_file.content).to eql(remote_file_content)
       end
     end
@@ -105,7 +105,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
         allow(Gitlab::HTTP).to receive(:get).and_raise(Timeout::Error)
       end
 
-      it 'should be falsy' do
+      it 'is falsy' do
         expect(remote_file.content).to be_falsy
       end
     end
@@ -117,7 +117,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
         WebMock.stub_request(:get, location).to_raise(SocketError.new('Some HTTP error'))
       end
 
-      it 'should be nil' do
+      it 'is nil' do
         expect(remote_file.content).to be_nil
       end
     end
@@ -125,7 +125,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
     context 'with an internal url' do
       let(:location) { 'http://localhost:8080' }
 
-      it 'should be nil' do
+      it 'is nil' do
         expect(remote_file.content).to be_nil
       end
     end
@@ -147,7 +147,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
         WebMock.stub_request(:get, location).to_timeout
       end
 
-      it 'should returns error message about a timeout' do
+      it 'returns error message about a timeout' do
         expect(subject).to match /could not be fetched because of a timeout error!/
       end
     end
@@ -157,7 +157,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
         WebMock.stub_request(:get, location).to_raise(Gitlab::HTTP::Error)
       end
 
-      it 'should returns error message about a HTTP error' do
+      it 'returns error message about a HTTP error' do
         expect(subject).to match /could not be fetched because of HTTP error!/
       end
     end
@@ -167,7 +167,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
         WebMock.stub_request(:get, location).to_return(body: remote_file_content, status: 404)
       end
 
-      it 'should returns error message about a timeout' do
+      it 'returns error message about a timeout' do
         expect(subject).to match /could not be fetched because of HTTP code `404` error!/
       end
     end
@@ -175,7 +175,7 @@ describe Gitlab::Ci::Config::External::File::Remote do
     context 'when the URL is blocked' do
       let(:location) { 'http://127.0.0.1/some/path/to/config.yaml' }
 
-      it 'should include details about blocked URL' do
+      it 'includes details about blocked URL' do
         expect(subject).to eq "Remote file could not be fetched because URL '#{location}' " \
                               'is blocked: Requests to localhost are not allowed!'
       end
diff --git a/spec/lib/gitlab/ci/config/external/file/template_spec.rb b/spec/lib/gitlab/ci/config/external/file/template_spec.rb
index 8ecaf4800f8..1609b8fd66b 100644
--- a/spec/lib/gitlab/ci/config/external/file/template_spec.rb
+++ b/spec/lib/gitlab/ci/config/external/file/template_spec.rb
@@ -16,7 +16,7 @@ describe Gitlab::Ci::Config::External::File::Template do
     context 'when a template is specified' do
       let(:params) { { template: 'some-template' } }
 
-      it 'should return true' do
+      it 'returns true' do
         expect(template_file).to be_matching
       end
     end
@@ -24,7 +24,7 @@ describe Gitlab::Ci::Config::External::File::Template do
     context 'with a missing template' do
       let(:params) { { template: nil } }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(template_file).not_to be_matching
       end
     end
@@ -32,7 +32,7 @@ describe Gitlab::Ci::Config::External::File::Template do
     context 'with a missing template key' do
       let(:params) { {} }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(template_file).not_to be_matching
       end
     end
@@ -42,7 +42,7 @@ describe Gitlab::Ci::Config::External::File::Template do
     context 'when is a valid template name' do
       let(:template) { 'Auto-DevOps.gitlab-ci.yml' }
 
-      it 'should return true' do
+      it 'returns true' do
         expect(template_file).to be_valid
       end
     end
@@ -50,7 +50,7 @@ describe Gitlab::Ci::Config::External::File::Template do
     context 'with invalid template name' do
       let(:template) { 'Template.yml' }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(template_file).not_to be_valid
         expect(template_file.error_message).to include('Template file `Template.yml` is not a valid location!')
       end
@@ -59,7 +59,7 @@ describe Gitlab::Ci::Config::External::File::Template do
     context 'with a non-existing template' do
       let(:template) { 'I-Do-Not-Have-This-Template.gitlab-ci.yml' }
 
-      it 'should return false' do
+      it 'returns false' do
         expect(template_file).not_to be_valid
         expect(template_file.error_message).to include('Included file `I-Do-Not-Have-This-Template.gitlab-ci.yml` is empty or does not exist!')
       end
diff --git a/spec/lib/gitlab/ci/config/external/processor_spec.rb b/spec/lib/gitlab/ci/config/external/processor_spec.rb
index 3f6f6d7c5d9..e94bb44f990 100644
--- a/spec/lib/gitlab/ci/config/external/processor_spec.rb
+++ b/spec/lib/gitlab/ci/config/external/processor_spec.rb
@@ -21,7 +21,7 @@ describe Gitlab::Ci::Config::External::Processor do
     context 'when no external files defined' do
       let(:values) { { image: 'ruby:2.2' } }
 
-      it 'should return the same values' do
+      it 'returns the same values' do
         expect(processor.perform).to eq(values)
       end
     end
@@ -29,7 +29,7 @@ describe Gitlab::Ci::Config::External::Processor do
     context 'when an invalid local file is defined' do
       let(:values) { { include: '/lib/gitlab/ci/templates/non-existent-file.yml', image: 'ruby:2.2' } }
 
-      it 'should raise an error' do
+      it 'raises an error' do
         expect { processor.perform }.to raise_error(
           described_class::IncludeError,
           "Local file `/lib/gitlab/ci/templates/non-existent-file.yml` does not exist!"
@@ -45,7 +45,7 @@ describe Gitlab::Ci::Config::External::Processor do
         WebMock.stub_request(:get, remote_file).to_raise(SocketError.new('Some HTTP error'))
       end
 
-      it 'should raise an error' do
+      it 'raises an error' do
         expect { processor.perform }.to raise_error(
           described_class::IncludeError,
           "Remote file `#{remote_file}` could not be fetched because of a socket error!"
@@ -78,12 +78,12 @@ describe Gitlab::Ci::Config::External::Processor do
         WebMock.stub_request(:get, remote_file).to_return(body: external_file_content)
       end
 
-      it 'should append the file to the values' do
+      it 'appends the file to the values' do
         output = processor.perform
         expect(output.keys).to match_array([:image, :before_script, :rspec, :rubocop])
       end
 
-      it "should remove the 'include' keyword" do
+      it "removes the 'include' keyword" do
         expect(processor.perform[:include]).to be_nil
       end
     end
@@ -105,12 +105,12 @@ describe Gitlab::Ci::Config::External::Processor do
           .to receive(:fetch_local_content).and_return(local_file_content)
       end
 
-      it 'should append the file to the values' do
+      it 'appends the file to the values' do
         output = processor.perform
         expect(output.keys).to match_array([:image, :before_script])
       end
 
-      it "should remove the 'include' keyword" do
+      it "removes the 'include' keyword" do
         expect(processor.perform[:include]).to be_nil
       end
     end
@@ -148,11 +148,11 @@ describe Gitlab::Ci::Config::External::Processor do
         WebMock.stub_request(:get, remote_file).to_return(body: remote_file_content)
       end
 
-      it 'should append the files to the values' do
+      it 'appends the files to the values' do
         expect(processor.perform.keys).to match_array([:image, :stages, :before_script, :rspec])
       end
 
-      it "should remove the 'include' keyword" do
+      it "removes the 'include' keyword" do
         expect(processor.perform[:include]).to be_nil
       end
     end
@@ -167,7 +167,7 @@ describe Gitlab::Ci::Config::External::Processor do
           .to receive(:fetch_local_content).and_return(local_file_content)
       end
 
-      it 'should raise an error' do
+      it 'raises an error' do
         expect { processor.perform }.to raise_error(
           described_class::IncludeError,
           "Included file `/lib/gitlab/ci/templates/template.yml` does not have valid YAML syntax!"
@@ -190,7 +190,7 @@ describe Gitlab::Ci::Config::External::Processor do
         HEREDOC
       end
 
-      it 'should take precedence' do
+      it 'takes precedence' do
         WebMock.stub_request(:get, remote_file).to_return(body: remote_file_content)
         expect(processor.perform[:image]).to eq('ruby:2.2')
       end
diff --git a/spec/lib/gitlab/ci/config_spec.rb b/spec/lib/gitlab/ci/config_spec.rb
index 00b2753c5fc..fd2a29e4ddb 100644
--- a/spec/lib/gitlab/ci/config_spec.rb
+++ b/spec/lib/gitlab/ci/config_spec.rb
@@ -225,7 +225,7 @@ describe Gitlab::Ci::Config do
     end
 
     context "when gitlab_ci_yml has valid 'include' defined" do
-      it 'should return a composed hash' do
+      it 'returns a composed hash' do
         before_script_values = [
           "apt-get update -qq && apt-get install -y -qq sqlite3 libsqlite3-dev nodejs", "ruby -v",
           "which ruby",
@@ -316,7 +316,7 @@ describe Gitlab::Ci::Config do
         HEREDOC
       end
 
-      it 'should take precedence' do
+      it 'takes precedence' do
         expect(config.to_hash).to eq({ image: 'ruby:2.2' })
       end
     end
@@ -341,7 +341,7 @@ describe Gitlab::Ci::Config do
         HEREDOC
       end
 
-      it 'should merge the variables dictionaries' do
+      it 'merges the variables dictionaries' do
         expect(config.to_hash).to eq({ variables: { A: 'alpha', B: 'beta', C: 'gamma', D: 'delta' } })
       end
     end
diff --git a/spec/lib/gitlab/ci/pipeline/chain/skip_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/skip_spec.rb
index dc13cae961c..c7f4fc98ca3 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/skip_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/skip_spec.rb
@@ -23,7 +23,7 @@ describe Gitlab::Ci::Pipeline::Chain::Skip do
       step.perform!
     end
 
-    it 'should break the chain' do
+    it 'breaks the chain' do
       expect(step.break?).to be true
     end
 
@@ -37,11 +37,11 @@ describe Gitlab::Ci::Pipeline::Chain::Skip do
       step.perform!
     end
 
-    it 'should not break the chain' do
+    it 'does not break the chain' do
       expect(step.break?).to be false
     end
 
-    it 'should not skip a pipeline chain' do
+    it 'does not skip a pipeline chain' do
       expect(pipeline.reload).not_to be_skipped
     end
   end
diff --git a/spec/lib/gitlab/ci/status/build/factory_spec.rb b/spec/lib/gitlab/ci/status/build/factory_spec.rb
index b379b08ad62..b6231510b91 100644
--- a/spec/lib/gitlab/ci/status/build/factory_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/factory_spec.rb
@@ -123,6 +123,35 @@ describe Gitlab::Ci::Status::Build::Factory do
         expect(status.action_path).to include 'retry'
       end
     end
+
+    context 'when build has unmet prerequisites' do
+      let(:build) { create(:ci_build, :prerequisite_failure) }
+
+      it 'matches correct core status' do
+        expect(factory.core_status).to be_a Gitlab::Ci::Status::Failed
+      end
+
+      it 'matches correct extended statuses' do
+        expect(factory.extended_statuses)
+          .to eq [Gitlab::Ci::Status::Build::Retryable,
+                  Gitlab::Ci::Status::Build::FailedUnmetPrerequisites]
+      end
+
+      it 'fabricates a failed with unmet prerequisites build status' do
+        expect(status).to be_a Gitlab::Ci::Status::Build::FailedUnmetPrerequisites
+      end
+
+      it 'fabricates status with correct details' do
+        expect(status.text).to eq 'failed'
+        expect(status.icon).to eq 'status_failed'
+        expect(status.favicon).to eq 'favicon_status_failed'
+        expect(status.label).to eq 'failed'
+        expect(status).to have_details
+        expect(status).to have_action
+        expect(status.action_title).to include 'Retry'
+        expect(status.action_path).to include 'retry'
+      end
+    end
   end
 
   context 'when build is a canceled' do
diff --git a/spec/lib/gitlab/ci/status/build/failed_unmet_prerequisites_spec.rb b/spec/lib/gitlab/ci/status/build/failed_unmet_prerequisites_spec.rb
new file mode 100644
index 00000000000..a4854bdc6b9
--- /dev/null
+++ b/spec/lib/gitlab/ci/status/build/failed_unmet_prerequisites_spec.rb
@@ -0,0 +1,37 @@
+require 'spec_helper'
+
+RSpec.describe Gitlab::Ci::Status::Build::FailedUnmetPrerequisites do
+  describe '#illustration' do
+    subject { described_class.new(double).illustration }
+
+    it { is_expected.to include(:image, :size, :title, :content) }
+  end
+
+  describe '.matches?' do
+    let(:build) { create(:ci_build, :created) }
+
+    subject { described_class.matches?(build, double) }
+
+    context 'when build has not failed' do
+      it { is_expected.to be_falsey }
+    end
+
+    context 'when build has failed' do
+      before do
+        build.drop!(failure_reason)
+      end
+
+      context 'with unmet prerequisites' do
+        let(:failure_reason) { :unmet_prerequisites }
+
+        it { is_expected.to be_truthy }
+      end
+
+      context 'with a different error' do
+        let(:failure_reason) { :runner_system_failure }
+
+        it { is_expected.to be_falsey }
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/ci/templates/templates_spec.rb b/spec/lib/gitlab/ci/templates/templates_spec.rb
index 4e3681cd943..b52064b3036 100644
--- a/spec/lib/gitlab/ci/templates/templates_spec.rb
+++ b/spec/lib/gitlab/ci/templates/templates_spec.rb
@@ -3,46 +3,32 @@
 require 'spec_helper'
 
 describe "CI YML Templates" do
-  ABSTRACT_TEMPLATES = %w[Serverless].freeze
-  # These templates depend on the presence of the `project`
-  # param to enable processing of `include:` within CI config.
-  PROJECT_DEPENDENT_TEMPLATES = %w[Auto-DevOps DAST].freeze
-
-  def self.concrete_templates
-    Gitlab::Template::GitlabCiYmlTemplate.all.reject do |template|
-      ABSTRACT_TEMPLATES.include?(template.name)
-    end
-  end
+  using RSpec::Parameterized::TableSyntax
 
-  def self.abstract_templates
-    Gitlab::Template::GitlabCiYmlTemplate.all.select do |template|
-      ABSTRACT_TEMPLATES.include?(template.name)
-    end
+  subject { Gitlab::Ci::YamlProcessor.new(content) }
+
+  where(:template_name) do
+    Gitlab::Template::GitlabCiYmlTemplate.all.map(&:full_name)
   end
 
-  describe 'concrete templates with CI/CD jobs' do
-    concrete_templates.each do |template|
-      it "#{template.name} template should be valid" do
-        # Trigger processing of included files
-        project = create(:project, :test_repo) if PROJECT_DEPENDENT_TEMPLATES.include?(template.name)
+  with_them do
+    let(:content) do
+      <<~EOS
+        include:
+          - template: #{template_name}
 
-        expect { Gitlab::Ci::YamlProcessor.new(template.content, project: project) }
-          .not_to raise_error
-      end
+        concrete_build_implemented_by_a_user:
+          stage: test
+          script: do something
+      EOS
+    end
+
+    it 'is valid' do
+      expect { subject }.not_to raise_error
     end
-  end
 
-  describe 'abstract templates without concrete jobs defined' do
-    abstract_templates.each do |template|
-      it "#{template.name} template should be valid after being implemented" do
-        content = template.content + <<~EOS
-          concrete_build_implemented_by_a_user:
-            stage: build
-            script: do something
-        EOS
-
-        expect { Gitlab::Ci::YamlProcessor.new(content) }.not_to raise_error
-      end
+    it 'require default stages to be included' do
+      expect(subject.stages).to include(*Gitlab::Ci::Config::Entry::Stages.default)
     end
   end
 end
diff --git a/spec/lib/gitlab/ci/yaml_processor_spec.rb b/spec/lib/gitlab/ci/yaml_processor_spec.rb
index 63a0d54dcfc..2bea17ed030 100644
--- a/spec/lib/gitlab/ci/yaml_processor_spec.rb
+++ b/spec/lib/gitlab/ci/yaml_processor_spec.rb
@@ -615,14 +615,22 @@ module Gitlab
         subject { Gitlab::Ci::YamlProcessor.new(YAML.dump(config), opts) }
 
         context "when validating a ci config file with no project context" do
-          context "when an array is provided" do
-            let(:include_content) { ["/local.gitlab-ci.yml"] }
+          context "when a single string is provided" do
+            let(:include_content) { "/local.gitlab-ci.yml" }
 
             it "does not return any error" do
               expect { subject }.not_to raise_error
             end
           end
 
+          context "when an array is provided" do
+            let(:include_content) { ["/local.gitlab-ci.yml"] }
+
+            it "returns a validation error" do
+              expect { subject }.to raise_error(Gitlab::Ci::YamlProcessor::ValidationError, /does not have project/)
+            end
+          end
+
           context "when an array of wrong keyed object is provided" do
             let(:include_content) { [{ yolo: "/local.gitlab-ci.yml" }] }
 
@@ -635,11 +643,18 @@ module Gitlab
             let(:include_content) do
               [
                 'https://gitlab.com/awesome-project/raw/master/.before-script-template.yml',
-                '/templates/.after-script-template.yml',
                 { template: 'Auto-DevOps.gitlab-ci.yml' }
               ]
             end
 
+            before do
+              WebMock.stub_request(:get, 'https://gitlab.com/awesome-project/raw/master/.before-script-template.yml')
+                .to_return(
+                  status: 200,
+                  headers: { 'Content-Type' => 'application/json' },
+                  body: 'prepare: { script: ls -al }')
+            end
+
             it "does not return any error" do
               expect { subject }.not_to raise_error
             end
diff --git a/spec/lib/gitlab/contributions_calendar_spec.rb b/spec/lib/gitlab/contributions_calendar_spec.rb
index b7924302014..51e5bdc6307 100644
--- a/spec/lib/gitlab/contributions_calendar_spec.rb
+++ b/spec/lib/gitlab/contributions_calendar_spec.rb
@@ -150,13 +150,13 @@ describe Gitlab::ContributionsCalendar do
   end
 
   describe '#starting_year' do
-    it "should be the start of last year" do
+    it "is the start of last year" do
       expect(calendar.starting_year).to eq(last_year.year)
     end
   end
 
   describe '#starting_month' do
-    it "should be the start of this month" do
+    it "is the start of this month" do
       expect(calendar.starting_month).to eq(today.month)
     end
   end
diff --git a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1_spec.rb b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1_spec.rb
index 1d31f96159c..ddd54a669a3 100644
--- a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1_spec.rb
+++ b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1_spec.rb
@@ -27,7 +27,7 @@ describe Gitlab::Database::RenameReservedPathsMigration::V1, :delete do
   describe '#rename_wildcard_paths' do
     it_behaves_like 'renames child namespaces'
 
-    it 'should rename projects' do
+    it 'renames projects' do
       rename_projects = double
       expect(described_class::RenameProjects)
         .to receive(:new).with(['the-path'], subject)
@@ -40,7 +40,7 @@ describe Gitlab::Database::RenameReservedPathsMigration::V1, :delete do
   end
 
   describe '#rename_root_paths' do
-    it 'should rename namespaces' do
+    it 'renames namespaces' do
       rename_namespaces = double
       expect(described_class::RenameNamespaces)
         .to receive(:new).with(['the-path'], subject)
diff --git a/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb b/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb
index 256166dbad3..0697594c725 100644
--- a/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb
+++ b/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb
@@ -27,7 +27,7 @@ describe Gitlab::Diff::FileCollection::MergeRequestDiff do
     let(:diffable) { merge_request.merge_request_diff }
   end
 
-  it 'it uses a different cache key if diff line keys change' do
+  it 'uses a different cache key if diff line keys change' do
     mr_diff = described_class.new(merge_request.merge_request_diff, diff_options: nil)
     key = mr_diff.cache_key
 
diff --git a/spec/lib/gitlab/diff/suggestion_spec.rb b/spec/lib/gitlab/diff/suggestion_spec.rb
index 71fd25df698..d7ca0e0a522 100644
--- a/spec/lib/gitlab/diff/suggestion_spec.rb
+++ b/spec/lib/gitlab/diff/suggestion_spec.rb
@@ -10,6 +10,16 @@ describe Gitlab::Diff::Suggestion do
                                             lines_above: above,
                                             lines_below: below)
     end
+
+    it 'returns diff lines with correct line numbers' do
+      diff_lines = suggestion.diff_lines
+
+      expect(diff_lines).to all(be_a(Gitlab::Diff::Line))
+
+      expected_diff_lines.each_with_index do |expected_line, index|
+        expect(diff_lines[index].to_hash).to include(expected_line)
+      end
+    end
   end
 
   let(:merge_request) { create(:merge_request) }
@@ -48,6 +58,18 @@ describe Gitlab::Diff::Suggestion do
       let(:expected_above) { line - 1 }
       let(:expected_below) { below }
       let(:expected_lines) { blob_lines_data(line - expected_above, line + expected_below) }
+      let(:expected_diff_lines) do
+        [
+          { old_pos: 1, new_pos: 1, type: 'old', text: "-require 'fileutils'" },
+          { old_pos: 2, new_pos: 1, type: 'old', text: "-require 'open3'" },
+          { old_pos: 3, new_pos: 1, type: 'old', text: "-" },
+          { old_pos: 4, new_pos: 1, type: 'old', text: "-module Popen" },
+          { old_pos: 5, new_pos: 1, type: 'old', text: "-  extend self" },
+          { old_pos: 6, new_pos: 1, type: 'old', text: "-" },
+          { old_pos: 7, new_pos: 1, type: 'new', text: "+# parsed suggestion content" },
+          { old_pos: 7, new_pos: 2, type: 'new', text: "+# with comments" }
+        ]
+      end
 
       it_behaves_like 'correct suggestion raw content'
     end
@@ -59,6 +81,47 @@ describe Gitlab::Diff::Suggestion do
       let(:expected_below) { below }
       let(:expected_above) { above }
       let(:expected_lines) { blob_lines_data(line - expected_above, line + expected_below) }
+      let(:expected_diff_lines) do
+        [
+          { old_pos: 4, new_pos: 4, type: "match", text: "@@ -4 +4" },
+          { old_pos: 4, new_pos: 4, type: "old", text: "-module Popen" },
+          { old_pos: 5, new_pos: 4, type: "old", text: "-  extend self" },
+          { old_pos: 6, new_pos: 4, type: "old", text: "-" },
+          { old_pos: 7, new_pos: 4, type: "old", text: "-  def popen(cmd, path=nil)" },
+          { old_pos: 8, new_pos: 4, type: "old", text: "-    unless cmd.is_a?(Array)" },
+          { old_pos: 9, new_pos: 4, type: "old", text: "-      raise RuntimeError, \"System commands must be given as an array of strings\"" },
+          { old_pos: 10, new_pos: 4, type: "old", text: "-    end" },
+          { old_pos: 11, new_pos: 4, type: "old", text: "-" },
+          { old_pos: 12, new_pos: 4, type: "old", text: "-    path ||= Dir.pwd" },
+          { old_pos: 13, new_pos: 4, type: "old", text: "-" },
+          { old_pos: 14, new_pos: 4, type: "old", text: "-    vars = {" },
+          { old_pos: 15, new_pos: 4, type: "old", text: "-      \"PWD\" => path" },
+          { old_pos: 16, new_pos: 4, type: "old", text: "-    }" },
+          { old_pos: 17, new_pos: 4, type: "old", text: "-" },
+          { old_pos: 18, new_pos: 4, type: "old", text: "-    options = {" },
+          { old_pos: 19, new_pos: 4, type: "old", text: "-      chdir: path" },
+          { old_pos: 20, new_pos: 4, type: "old", text: "-    }" },
+          { old_pos: 21, new_pos: 4, type: "old", text: "-" },
+          { old_pos: 22, new_pos: 4, type: "old", text: "-    unless File.directory?(path)" },
+          { old_pos: 23, new_pos: 4, type: "old", text: "-      FileUtils.mkdir_p(path)" },
+          { old_pos: 24, new_pos: 4, type: "old", text: "-    end" },
+          { old_pos: 25, new_pos: 4, type: "old", text: "-" },
+          { old_pos: 26, new_pos: 4, type: "old", text: "-    @cmd_output = \"\"" },
+          { old_pos: 27, new_pos: 4, type: "old", text: "-    @cmd_status = 0" },
+          { old_pos: 28, new_pos: 4, type: "old", text: "-" },
+          { old_pos: 29, new_pos: 4, type: "old", text: "-    Open3.popen3(vars, *cmd, options) do |stdin, stdout, stderr, wait_thr|" },
+          { old_pos: 30, new_pos: 4, type: "old", text: "-      @cmd_output << stdout.read" },
+          { old_pos: 31, new_pos: 4, type: "old", text: "-      @cmd_output << stderr.read" },
+          { old_pos: 32, new_pos: 4, type: "old", text: "-      @cmd_status = wait_thr.value.exitstatus" },
+          { old_pos: 33, new_pos: 4, type: "old", text: "-    end" },
+          { old_pos: 34, new_pos: 4, type: "old", text: "-" },
+          { old_pos: 35, new_pos: 4, type: "old", text: "-    return @cmd_output, @cmd_status" },
+          { old_pos: 36, new_pos: 4, type: "old", text: "-  end" },
+          { old_pos: 37, new_pos: 4, type: "old", text: "-end" },
+          { old_pos: 38, new_pos: 4, type: "new", text: "+# parsed suggestion content" },
+          { old_pos: 38, new_pos: 5, type: "new", text: "+# with comments" }
+        ]
+      end
 
       it_behaves_like 'correct suggestion raw content'
     end
@@ -70,17 +133,19 @@ describe Gitlab::Diff::Suggestion do
       let(:expected_below) { below }
       let(:expected_above) { above }
       let(:expected_lines) { blob_lines_data(line - expected_above, line + expected_below) }
-
-      it_behaves_like 'correct suggestion raw content'
-    end
-
-    context 'when no extra lines (single-line suggestion)' do
-      let(:line) { 5 }
-      let(:above) { 0 }
-      let(:below) { 0 }
-      let(:expected_below) { below }
-      let(:expected_above) { above }
-      let(:expected_lines) { blob_lines_data(line - expected_above, line + expected_below) }
+      let(:expected_diff_lines) do
+        [
+          { old_pos: 3, new_pos: 3, type: "match", text: "@@ -3 +3" },
+          { old_pos: 3, new_pos: 3, type: "old", text: "-" },
+          { old_pos: 4, new_pos: 3, type: "old", text: "-module Popen" },
+          { old_pos: 5, new_pos: 3, type: "old", text: "-  extend self" },
+          { old_pos: 6, new_pos: 3, type: "old", text: "-" },
+          { old_pos: 7, new_pos: 3, type: "old", text: "-  def popen(cmd, path=nil)" },
+          { old_pos: 8, new_pos: 3, type: "old", text: "-    unless cmd.is_a?(Array)" },
+          { old_pos: 9, new_pos: 3, type: "new", text: "+# parsed suggestion content" },
+          { old_pos: 9, new_pos: 4, type: "new", text: "+# with comments" }
+        ]
+      end
 
       it_behaves_like 'correct suggestion raw content'
     end
diff --git a/spec/lib/gitlab/diff/suggestions_parser_spec.rb b/spec/lib/gitlab/diff/suggestions_parser_spec.rb
index 1119ea04995..1f2af42f6e7 100644
--- a/spec/lib/gitlab/diff/suggestions_parser_spec.rb
+++ b/spec/lib/gitlab/diff/suggestions_parser_spec.rb
@@ -69,5 +69,66 @@ describe Gitlab::Diff::SuggestionsParser do
                                                   lines_below: 0)
       end
     end
+
+    context 'multi-line suggestions' do
+      let(:markdown) do
+        <<-MARKDOWN.strip_heredoc
+          ```suggestion:-2+1
+            # above and below
+          ```
+
+          ```
+            nothing
+          ```
+
+          ```suggestion:-3
+            # only above
+          ```
+
+          ```suggestion:+3
+            # only below
+          ```
+
+          ```thing
+            this is not a suggestion, it's a thing
+          ```
+        MARKDOWN
+      end
+
+      it 'returns a list of Gitlab::Diff::Suggestion' do
+        expect(subject).to all(be_a(Gitlab::Diff::Suggestion))
+        expect(subject.size).to eq(3)
+      end
+
+      it 'suggestion with above and below param has correct data' do
+        from_line = position.new_line - 2
+        to_line = position.new_line + 1
+
+        expect(subject.first.to_hash).to include(from_content: blob_lines_data(from_line, to_line),
+                                                 to_content: "  # above and below\n",
+                                                 lines_above: 2,
+                                                 lines_below: 1)
+      end
+
+      it 'suggestion with above param has correct data' do
+        from_line = position.new_line - 3
+        to_line = position.new_line
+
+        expect(subject.second.to_hash).to eq(from_content: blob_lines_data(from_line, to_line),
+                                             to_content: "  # only above\n",
+                                             lines_above: 3,
+                                             lines_below: 0)
+      end
+
+      it 'suggestion with below param has correct data' do
+        from_line = position.new_line
+        to_line = position.new_line + 3
+
+        expect(subject.third.to_hash).to eq(from_content: blob_lines_data(from_line, to_line),
+                                            to_content: "  # only below\n",
+                                            lines_above: 0,
+                                            lines_below: 3)
+      end
+    end
   end
 end
diff --git a/spec/lib/gitlab/git/commit_spec.rb b/spec/lib/gitlab/git/commit_spec.rb
index 4a4ac833e39..507bf222810 100644
--- a/spec/lib/gitlab/git/commit_spec.rb
+++ b/spec/lib/gitlab/git/commit_spec.rb
@@ -113,13 +113,13 @@ describe Gitlab::Git::Commit, :seed_helper do
 
   context 'Class methods' do
     shared_examples '.find' do
-      it "should return first head commit if without params" do
+      it "returns first head commit if without params" do
         expect(described_class.last(repository).id).to eq(
           rugged_repo.head.target.oid
         )
       end
 
-      it "should return valid commit" do
+      it "returns valid commit" do
         expect(described_class.find(repository, SeedRepo::Commit::ID)).to be_valid_commit
       end
 
@@ -127,21 +127,21 @@ describe Gitlab::Git::Commit, :seed_helper do
         expect(described_class.find(repository, SeedRepo::Commit::ID).parent_ids).to be_an(Array)
       end
 
-      it "should return valid commit for tag" do
+      it "returns valid commit for tag" do
         expect(described_class.find(repository, 'v1.0.0').id).to eq('6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9')
       end
 
-      it "should return nil for non-commit ids" do
+      it "returns nil for non-commit ids" do
         blob = Gitlab::Git::Blob.find(repository, SeedRepo::Commit::ID, "files/ruby/popen.rb")
         expect(described_class.find(repository, blob.id)).to be_nil
       end
 
-      it "should return nil for parent of non-commit object" do
+      it "returns nil for parent of non-commit object" do
         blob = Gitlab::Git::Blob.find(repository, SeedRepo::Commit::ID, "files/ruby/popen.rb")
         expect(described_class.find(repository, "#{blob.id}^")).to be_nil
       end
 
-      it "should return nil for nonexisting ids" do
+      it "returns nil for nonexisting ids" do
         expect(described_class.find(repository, "+123_4532530XYZ")).to be_nil
       end
 
@@ -328,7 +328,7 @@ describe Gitlab::Git::Commit, :seed_helper do
     end
 
     describe '.find_all' do
-      it 'should return a return a collection of commits' do
+      it 'returns a return a collection of commits' do
         commits = described_class.find_all(repository)
 
         expect(commits).to all( be_a_kind_of(described_class) )
diff --git a/spec/lib/gitlab/git/diff_spec.rb b/spec/lib/gitlab/git/diff_spec.rb
index 1d22329b670..9ab669ad488 100644
--- a/spec/lib/gitlab/git/diff_spec.rb
+++ b/spec/lib/gitlab/git/diff_spec.rb
@@ -182,7 +182,7 @@ EOT
     context "without default options" do
       let(:filtered_options) { described_class.filter_diff_options(options) }
 
-      it "should filter invalid options" do
+      it "filters invalid options" do
         expect(filtered_options).not_to have_key(:invalid_opt)
       end
     end
@@ -193,16 +193,16 @@ EOT
         described_class.filter_diff_options(options, default_options)
       end
 
-      it "should filter invalid options" do
+      it "filters invalid options" do
         expect(filtered_options).not_to have_key(:invalid_opt)
         expect(filtered_options).not_to have_key(:bad_opt)
       end
 
-      it "should merge with default options" do
+      it "merges with default options" do
         expect(filtered_options).to have_key(:ignore_whitespace_change)
       end
 
-      it "should override default options" do
+      it "overrides default options" do
         expect(filtered_options).to have_key(:max_files)
         expect(filtered_options[:max_files]).to eq(100)
       end
diff --git a/spec/lib/gitlab/git/gitmodules_parser_spec.rb b/spec/lib/gitlab/git/gitmodules_parser_spec.rb
index 6fd2b33486b..de81dcd227d 100644
--- a/spec/lib/gitlab/git/gitmodules_parser_spec.rb
+++ b/spec/lib/gitlab/git/gitmodules_parser_spec.rb
@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe Gitlab::Git::GitmodulesParser do
-  it 'should parse a .gitmodules file correctly' do
+  it 'parses a .gitmodules file correctly' do
     data = <<~GITMODULES
       [submodule "vendor/libgit2"]
          path = vendor/libgit2
diff --git a/spec/lib/gitlab/git/repository_spec.rb b/spec/lib/gitlab/git/repository_spec.rb
index 8ba6862392c..fdb43d1221a 100644
--- a/spec/lib/gitlab/git/repository_spec.rb
+++ b/spec/lib/gitlab/git/repository_spec.rb
@@ -152,13 +152,14 @@ describe Gitlab::Git::Repository, :seed_helper do
     let(:append_sha) { true }
     let(:ref) { 'master' }
     let(:format) { nil }
+    let(:path) { nil }
 
     let(:expected_extension) { 'tar.gz' }
     let(:expected_filename) { "#{expected_prefix}.#{expected_extension}" }
     let(:expected_path) { File.join(storage_path, cache_key, expected_filename) }
     let(:expected_prefix) { "gitlab-git-test-#{ref}-#{SeedRepo::LastCommit::ID}" }
 
-    subject(:metadata) { repository.archive_metadata(ref, storage_path, 'gitlab-git-test', format, append_sha: append_sha) }
+    subject(:metadata) { repository.archive_metadata(ref, storage_path, 'gitlab-git-test', format, append_sha: append_sha, path: path) }
 
     it 'sets CommitId to the commit SHA' do
       expect(metadata['CommitId']).to eq(SeedRepo::LastCommit::ID)
@@ -176,6 +177,14 @@ describe Gitlab::Git::Repository, :seed_helper do
       expect(metadata['ArchivePath']).to eq(expected_path)
     end
 
+    context 'path is set' do
+      let(:path) { 'foo/bar' }
+
+      it 'appends the path to the prefix' do
+        expect(metadata['ArchivePrefix']).to eq("#{expected_prefix}-foo-bar")
+      end
+    end
+
     context 'append_sha varies archive path and filename' do
       where(:append_sha, :ref, :expected_prefix) do
         sha = SeedRepo::LastCommit::ID
@@ -441,20 +450,20 @@ describe Gitlab::Git::Repository, :seed_helper do
       ensure_seeds
     end
 
-    it "should create a new branch" do
+    it "creates a new branch" do
       expect(repository.create_branch('new_branch', 'master')).not_to be_nil
     end
 
-    it "should create a new branch with the right name" do
+    it "creates a new branch with the right name" do
       expect(repository.create_branch('another_branch', 'master').name).to eq('another_branch')
     end
 
-    it "should fail if we create an existing branch" do
+    it "fails if we create an existing branch" do
       repository.create_branch('duplicated_branch', 'master')
       expect {repository.create_branch('duplicated_branch', 'master')}.to raise_error("Branch duplicated_branch already exists")
     end
 
-    it "should fail if we create a branch from a non existing ref" do
+    it "fails if we create a branch from a non existing ref" do
       expect {repository.create_branch('branch_based_in_wrong_ref', 'master_2_the_revenge')}.to raise_error("Invalid reference master_2_the_revenge")
     end
   end
@@ -513,7 +522,7 @@ describe Gitlab::Git::Repository, :seed_helper do
   describe "#refs_hash" do
     subject { repository.refs_hash }
 
-    it "should have as many entries as branches and tags" do
+    it "has as many entries as branches and tags" do
       expected_refs = SeedRepo::Repo::BRANCHES + SeedRepo::Repo::TAGS
       # We flatten in case a commit is pointed at by more than one branch and/or tag
       expect(subject.values.flatten.size).to eq(expected_refs.size)
@@ -604,11 +613,11 @@ describe Gitlab::Git::Repository, :seed_helper do
     end
 
     shared_examples 'search files by content' do
-      it 'should have 2 items' do
+      it 'has 2 items' do
         expect(search_results.size).to eq(2)
       end
 
-      it 'should have the correct matching line' do
+      it 'has the correct matching line' do
         expect(search_results).to contain_exactly("search-files-by-content-branch:encoding/CHANGELOG\u00001\u0000search-files-by-content change\n",
                                                   "search-files-by-content-branch:anotherfile\u00001\u0000search-files-by-content change\n")
       end
@@ -841,7 +850,7 @@ describe Gitlab::Git::Repository, :seed_helper do
       context "where provides 'after' timestamp" do
         options = { after: Time.iso8601('2014-03-03T20:15:01+00:00') }
 
-        it "should returns commits on or after that timestamp" do
+        it "returns commits on or after that timestamp" do
           commits = repository.log(options)
 
           expect(commits.size).to be > 0
@@ -854,7 +863,7 @@ describe Gitlab::Git::Repository, :seed_helper do
       context "where provides 'before' timestamp" do
         options = { before: Time.iso8601('2014-03-03T20:15:01+00:00') }
 
-        it "should returns commits on or before that timestamp" do
+        it "returns commits on or before that timestamp" do
           commits = repository.log(options)
 
           expect(commits.size).to be > 0
@@ -1055,14 +1064,14 @@ describe Gitlab::Git::Repository, :seed_helper do
   end
 
   describe '#find_branch' do
-    it 'should return a Branch for master' do
+    it 'returns a Branch for master' do
       branch = repository.find_branch('master')
 
       expect(branch).to be_a_kind_of(Gitlab::Git::Branch)
       expect(branch.name).to eq('master')
     end
 
-    it 'should handle non-existent branch' do
+    it 'handles non-existent branch' do
       branch = repository.find_branch('this-is-garbage')
 
       expect(branch).to eq(nil)
diff --git a/spec/lib/gitlab/graphql/authorize/authorize_field_service_spec.rb b/spec/lib/gitlab/graphql/authorize/authorize_field_service_spec.rb
new file mode 100644
index 00000000000..6114aca0616
--- /dev/null
+++ b/spec/lib/gitlab/graphql/authorize/authorize_field_service_spec.rb
@@ -0,0 +1,106 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+# Also see spec/graphql/features/authorization_spec.rb for
+# integration tests of AuthorizeFieldService
+describe Gitlab::Graphql::Authorize::AuthorizeFieldService do
+  describe '#build_checker' do
+    let(:current_user) { double(:current_user) }
+    let(:abilities) { [double(:first_ability), double(:last_ability)] }
+
+    context 'when authorizing against the object' do
+      let(:checker) do
+        service = described_class.new(double(resolve_proc: proc {}))
+        allow(service).to receive(:authorizations).and_return(abilities)
+        service.__send__(:build_checker, current_user, nil)
+      end
+
+      it 'returns a checker which checks for a single object' do
+        object = double(:object)
+
+        abilities.each do |ability|
+          spy_ability_check_for(ability, object, passed: true)
+        end
+
+        expect(checker.call(object)).to eq(object)
+      end
+
+      it 'returns a checker which checks for all objects' do
+        objects = [double(:first), double(:last)]
+
+        abilities.each do |ability|
+          objects.each do |object|
+            spy_ability_check_for(ability, object, passed: true)
+          end
+        end
+
+        expect(checker.call(objects)).to eq(objects)
+      end
+
+      context 'when some objects would not pass the check' do
+        it 'returns nil when it is single object' do
+          disallowed = double(:object)
+
+          spy_ability_check_for(abilities.first, disallowed, passed: false)
+
+          expect(checker.call(disallowed)).to be_nil
+        end
+
+        it 'returns only objects which passed when there are more than one' do
+          allowed = double(:allowed)
+          disallowed = double(:disallowed)
+
+          spy_ability_check_for(abilities.first, disallowed, passed: false)
+
+          abilities.each do |ability|
+            spy_ability_check_for(ability, allowed, passed: true)
+          end
+
+          expect(checker.call([disallowed, allowed])).to contain_exactly(allowed)
+        end
+      end
+    end
+
+    context 'when authorizing against another object' do
+      let(:authorizing_obj) { double(:object) }
+
+      let(:checker) do
+        service = described_class.new(double(resolve_proc: proc {}))
+        allow(service).to receive(:authorizations).and_return(abilities)
+        service.__send__(:build_checker, current_user, authorizing_obj)
+      end
+
+      it 'returns a checker which checks for a single object' do
+        object = double(:object)
+
+        abilities.each do |ability|
+          spy_ability_check_for(ability, authorizing_obj, passed: true)
+        end
+
+        expect(checker.call(object)).to eq(object)
+      end
+
+      it 'returns a checker which checks for all objects' do
+        objects = [double(:first), double(:last)]
+
+        abilities.each do |ability|
+          objects.each do |object|
+            spy_ability_check_for(ability, authorizing_obj, passed: true)
+          end
+        end
+
+        expect(checker.call(objects)).to eq(objects)
+      end
+    end
+  end
+
+  private
+
+  def spy_ability_check_for(ability, object, passed: true)
+    expect(Ability)
+      .to receive(:allowed?)
+      .with(current_user, ability, object)
+      .and_return(passed)
+  end
+end
diff --git a/spec/lib/gitlab/graphql/authorize/instrumentation_spec.rb b/spec/lib/gitlab/graphql/authorize/instrumentation_spec.rb
deleted file mode 100644
index cf3a8bcc8b4..00000000000
--- a/spec/lib/gitlab/graphql/authorize/instrumentation_spec.rb
+++ /dev/null
@@ -1,67 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe Gitlab::Graphql::Authorize::Instrumentation do
-  describe '#build_checker' do
-    let(:current_user) { double(:current_user) }
-    let(:abilities) { [double(:first_ability), double(:last_ability)] }
-
-    let(:checker) do
-      described_class.new.__send__(:build_checker, current_user, abilities)
-    end
-
-    it 'returns a checker which checks for a single object' do
-      object = double(:object)
-
-      abilities.each do |ability|
-        spy_ability_check_for(ability, object, passed: true)
-      end
-
-      expect(checker.call(object)).to eq(object)
-    end
-
-    it 'returns a checker which checks for all objects' do
-      objects = [double(:first), double(:last)]
-
-      abilities.each do |ability|
-        objects.each do |object|
-          spy_ability_check_for(ability, object, passed: true)
-        end
-      end
-
-      expect(checker.call(objects)).to eq(objects)
-    end
-
-    context 'when some objects would not pass the check' do
-      it 'returns nil when it is single object' do
-        disallowed = double(:object)
-
-        spy_ability_check_for(abilities.first, disallowed, passed: false)
-
-        expect(checker.call(disallowed)).to be_nil
-      end
-
-      it 'returns only objects which passed when there are more than one' do
-        allowed = double(:allowed)
-        disallowed = double(:disallowed)
-
-        spy_ability_check_for(abilities.first, disallowed, passed: false)
-
-        abilities.each do |ability|
-          spy_ability_check_for(ability, allowed, passed: true)
-        end
-
-        expect(checker.call([disallowed, allowed]))
-          .to contain_exactly(allowed)
-      end
-    end
-
-    def spy_ability_check_for(ability, object, passed: true)
-      expect(Ability)
-        .to receive(:allowed?)
-        .with(current_user, ability, object)
-        .and_return(passed)
-    end
-  end
-end
diff --git a/spec/lib/gitlab/graphql/tracing_spec.rb b/spec/lib/gitlab/graphql/tracing_spec.rb
new file mode 100644
index 00000000000..7300a9a572e
--- /dev/null
+++ b/spec/lib/gitlab/graphql/tracing_spec.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::Graphql::Tracing do
+  let(:graphql_duration_seconds_histogram) { double('Gitlab::Metrics::NullMetric') }
+
+  it 'updates graphql histogram with expected labels' do
+    query = 'query { users { id } }'
+    tracer = described_class.new
+
+    allow(tracer)
+      .to receive(:graphql_duration_seconds)
+      .and_return(graphql_duration_seconds_histogram)
+
+    expect_metric('graphql.lex', 'lex')
+    expect_metric('graphql.parse', 'parse')
+    expect_metric('graphql.validate', 'validate')
+    expect_metric('graphql.analyze', 'analyze_multiplex')
+    expect_metric('graphql.execute', 'execute_query_lazy')
+    expect_metric('graphql.execute', 'execute_multiplex')
+
+    GitlabSchema.execute(query, context: { tracers: [tracer] })
+  end
+
+  private
+
+  def expect_metric(platform_key, key)
+    expect(graphql_duration_seconds_histogram)
+      .to receive(:observe)
+      .with({ platform_key: platform_key, key: key }, be > 0.0)
+  end
+end
diff --git a/spec/lib/gitlab/kubernetes/cluster_role_binding_spec.rb b/spec/lib/gitlab/kubernetes/cluster_role_binding_spec.rb
index 4a669408025..e1106f7496a 100644
--- a/spec/lib/gitlab/kubernetes/cluster_role_binding_spec.rb
+++ b/spec/lib/gitlab/kubernetes/cluster_role_binding_spec.rb
@@ -28,7 +28,7 @@ describe Gitlab::Kubernetes::ClusterRoleBinding do
 
     subject { cluster_role_binding.generate }
 
-    it 'should build a Kubeclient Resource' do
+    it 'builds a Kubeclient Resource' do
       is_expected.to eq(resource)
     end
   end
diff --git a/spec/lib/gitlab/kubernetes/config_map_spec.rb b/spec/lib/gitlab/kubernetes/config_map_spec.rb
index fe65d03875f..911d6024804 100644
--- a/spec/lib/gitlab/kubernetes/config_map_spec.rb
+++ b/spec/lib/gitlab/kubernetes/config_map_spec.rb
@@ -18,7 +18,7 @@ describe Gitlab::Kubernetes::ConfigMap do
     let(:resource) { ::Kubeclient::Resource.new(metadata: metadata, data: application.files) }
     subject { config_map.generate }
 
-    it 'should build a Kubeclient Resource' do
+    it 'builds a Kubeclient Resource' do
       is_expected.to eq(resource)
     end
   end
diff --git a/spec/lib/gitlab/kubernetes/helm/base_command_spec.rb b/spec/lib/gitlab/kubernetes/helm/base_command_spec.rb
index aacae78be43..78a4eb44e38 100644
--- a/spec/lib/gitlab/kubernetes/helm/base_command_spec.rb
+++ b/spec/lib/gitlab/kubernetes/helm/base_command_spec.rb
@@ -41,7 +41,7 @@ describe Gitlab::Kubernetes::Helm::BaseCommand do
   describe '#pod_resource' do
     subject { base_command.pod_resource }
 
-    it 'should returns a kubeclient resoure with pod content for application' do
+    it 'returns a kubeclient resoure with pod content for application' do
       is_expected.to be_an_instance_of ::Kubeclient::Resource
     end
 
diff --git a/spec/lib/gitlab/kubernetes/helm/certificate_spec.rb b/spec/lib/gitlab/kubernetes/helm/certificate_spec.rb
index 167bee22fc3..04649353976 100644
--- a/spec/lib/gitlab/kubernetes/helm/certificate_spec.rb
+++ b/spec/lib/gitlab/kubernetes/helm/certificate_spec.rb
@@ -5,7 +5,7 @@ describe Gitlab::Kubernetes::Helm::Certificate do
   describe '.generate_root' do
     subject { described_class.generate_root }
 
-    it 'should generate a root CA that expires a long way in the future' do
+    it 'generates a root CA that expires a long way in the future' do
       expect(subject.cert.not_after).to be > 999.years.from_now
     end
   end
@@ -13,14 +13,14 @@ describe Gitlab::Kubernetes::Helm::Certificate do
   describe '#issue' do
     subject { described_class.generate_root.issue }
 
-    it 'should generate a cert that expires soon' do
+    it 'generates a cert that expires soon' do
       expect(subject.cert.not_after).to be < 60.minutes.from_now
     end
 
     context 'passing in INFINITE_EXPIRY' do
       subject { described_class.generate_root.issue(expires_in: described_class::INFINITE_EXPIRY) }
 
-      it 'should generate a cert that expires a long way in the future' do
+      it 'generates a cert that expires a long way in the future' do
         expect(subject.cert.not_after).to be > 999.years.from_now
       end
     end
diff --git a/spec/lib/gitlab/kubernetes/helm/pod_spec.rb b/spec/lib/gitlab/kubernetes/helm/pod_spec.rb
index 95b6b3fd953..10876709f36 100644
--- a/spec/lib/gitlab/kubernetes/helm/pod_spec.rb
+++ b/spec/lib/gitlab/kubernetes/helm/pod_spec.rb
@@ -10,11 +10,11 @@ describe Gitlab::Kubernetes::Helm::Pod do
     subject { described_class.new(command, namespace, service_account_name: service_account_name) }
 
     context 'with a command' do
-      it 'should generate a Kubeclient::Resource' do
+      it 'generates a Kubeclient::Resource' do
         expect(subject.generate).to be_a_kind_of(Kubeclient::Resource)
       end
 
-      it 'should generate the appropriate metadata' do
+      it 'generates the appropriate metadata' do
         metadata = subject.generate.metadata
         expect(metadata.name).to eq("install-#{app.name}")
         expect(metadata.namespace).to eq('gitlab-managed-apps')
@@ -22,45 +22,45 @@ describe Gitlab::Kubernetes::Helm::Pod do
         expect(metadata.labels['gitlab.org/application']).to eq(app.name)
       end
 
-      it 'should generate a container spec' do
+      it 'generates a container spec' do
         spec = subject.generate.spec
         expect(spec.containers.count).to eq(1)
       end
 
-      it 'should generate the appropriate specifications for the container' do
+      it 'generates the appropriate specifications for the container' do
         container = subject.generate.spec.containers.first
         expect(container.name).to eq('helm')
-        expect(container.image).to eq('registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/2.12.3-kube-1.11.7')
+        expect(container.image).to eq('registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/2.13.1-kube-1.11.9')
         expect(container.env.count).to eq(3)
         expect(container.env.map(&:name)).to match_array([:HELM_VERSION, :TILLER_NAMESPACE, :COMMAND_SCRIPT])
         expect(container.command).to match_array(["/bin/sh"])
         expect(container.args).to match_array(["-c", "$(COMMAND_SCRIPT)"])
       end
 
-      it 'should include a never restart policy' do
+      it 'includes a never restart policy' do
         spec = subject.generate.spec
         expect(spec.restartPolicy).to eq('Never')
       end
 
-      it 'should include volumes for the container' do
+      it 'includes volumes for the container' do
         container = subject.generate.spec.containers.first
         expect(container.volumeMounts.first['name']).to eq('configuration-volume')
         expect(container.volumeMounts.first['mountPath']).to eq("/data/helm/#{app.name}/config")
       end
 
-      it 'should include a volume inside the specification' do
+      it 'includes a volume inside the specification' do
         spec = subject.generate.spec
         expect(spec.volumes.first['name']).to eq('configuration-volume')
       end
 
-      it 'should mount configMap specification in the volume' do
+      it 'mounts configMap specification in the volume' do
         volume = subject.generate.spec.volumes.first
         expect(volume.configMap['name']).to eq("values-content-configuration-#{app.name}")
         expect(volume.configMap['items'].first['key']).to eq(:'values.yaml')
         expect(volume.configMap['items'].first['path']).to eq(:'values.yaml')
       end
 
-      it 'should have no serviceAccountName' do
+      it 'has no serviceAccountName' do
         spec = subject.generate.spec
         expect(spec.serviceAccountName).to be_nil
       end
@@ -68,7 +68,7 @@ describe Gitlab::Kubernetes::Helm::Pod do
       context 'with a service_account_name' do
         let(:service_account_name) { 'sa' }
 
-        it 'should use the serviceAccountName provided' do
+        it 'uses the serviceAccountName provided' do
           spec = subject.generate.spec
           expect(spec.serviceAccountName).to eq(service_account_name)
         end
diff --git a/spec/lib/gitlab/kubernetes/role_binding_spec.rb b/spec/lib/gitlab/kubernetes/role_binding_spec.rb
index a1a59533bfb..50acee254cb 100644
--- a/spec/lib/gitlab/kubernetes/role_binding_spec.rb
+++ b/spec/lib/gitlab/kubernetes/role_binding_spec.rb
@@ -42,7 +42,7 @@ describe Gitlab::Kubernetes::RoleBinding, '#generate' do
     ).generate
   end
 
-  it 'should build a Kubeclient Resource' do
+  it 'builds a Kubeclient Resource' do
     is_expected.to eq(resource)
   end
 end
diff --git a/spec/lib/gitlab/kubernetes/service_account_spec.rb b/spec/lib/gitlab/kubernetes/service_account_spec.rb
index 8da9e932dc3..0d525966d18 100644
--- a/spec/lib/gitlab/kubernetes/service_account_spec.rb
+++ b/spec/lib/gitlab/kubernetes/service_account_spec.rb
@@ -17,7 +17,7 @@ describe Gitlab::Kubernetes::ServiceAccount do
 
     subject { service_account.generate }
 
-    it 'should build a Kubeclient Resource' do
+    it 'builds a Kubeclient Resource' do
       is_expected.to eq(resource)
     end
   end
diff --git a/spec/lib/gitlab/kubernetes/service_account_token_spec.rb b/spec/lib/gitlab/kubernetes/service_account_token_spec.rb
index 0773d3d9aec..0d334bed45f 100644
--- a/spec/lib/gitlab/kubernetes/service_account_token_spec.rb
+++ b/spec/lib/gitlab/kubernetes/service_account_token_spec.rb
@@ -28,7 +28,7 @@ describe Gitlab::Kubernetes::ServiceAccountToken do
 
     subject { service_account_token.generate }
 
-    it 'should build a Kubeclient Resource' do
+    it 'builds a Kubeclient Resource' do
       is_expected.to eq(resource)
     end
   end
diff --git a/spec/lib/gitlab/metrics/transaction_spec.rb b/spec/lib/gitlab/metrics/transaction_spec.rb
new file mode 100644
index 00000000000..e70fde09edd
--- /dev/null
+++ b/spec/lib/gitlab/metrics/transaction_spec.rb
@@ -0,0 +1,229 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::Metrics::Transaction do
+  let(:transaction) { described_class.new }
+  let(:metric) { transaction.metrics[0] }
+
+  let(:sensitive_tags) do
+    {
+      path: 'private',
+      branch: 'sensitive'
+    }
+  end
+
+  shared_examples 'tag filter' do |sane_tags|
+    it 'filters potentially sensitive tags' do
+      expect(metric.tags).to eq(sane_tags)
+    end
+  end
+
+  describe '#duration' do
+    it 'returns the duration of a transaction in seconds' do
+      transaction.run { }
+
+      expect(transaction.duration).to be > 0
+    end
+  end
+
+  describe '#allocated_memory' do
+    it 'returns the allocated memory in bytes' do
+      transaction.run { 'a' * 32 }
+
+      expect(transaction.allocated_memory).to be_a_kind_of(Numeric)
+    end
+  end
+
+  describe '#run' do
+    it 'yields the supplied block' do
+      expect { |b| transaction.run(&b) }.to yield_control
+    end
+
+    it 'stores the transaction in the current thread' do
+      transaction.run do
+        expect(described_class.current).to eq(transaction)
+      end
+    end
+
+    it 'removes the transaction from the current thread upon completion' do
+      transaction.run { }
+
+      expect(described_class.current).to be_nil
+    end
+  end
+
+  describe '#add_metric' do
+    it 'adds a metric to the transaction' do
+      transaction.add_metric('foo', value: 1)
+
+      expect(metric.series).to eq('rails_foo')
+      expect(metric.tags).to eq({})
+      expect(metric.values).to eq(value: 1)
+    end
+
+    context 'with sensitive tags' do
+      before do
+        transaction
+          .add_metric('foo', { value: 1 }, **sensitive_tags.merge(sane: 'yes'))
+      end
+
+      it_behaves_like 'tag filter', sane: 'yes'
+    end
+  end
+
+  describe '#method_call_for' do
+    it 'returns a MethodCall' do
+      method = transaction.method_call_for('Foo#bar', :Foo, '#bar')
+
+      expect(method).to be_an_instance_of(Gitlab::Metrics::MethodCall)
+    end
+  end
+
+  describe '#increment' do
+    it 'increments a counter' do
+      transaction.increment(:time, 1)
+      transaction.increment(:time, 2)
+
+      values = metric_values(time: 3)
+
+      expect(transaction).to receive(:add_metric)
+        .with('transactions', values, {})
+
+      transaction.track_self
+    end
+  end
+
+  describe '#set' do
+    it 'sets a value' do
+      transaction.set(:number, 10)
+
+      values = metric_values(number: 10)
+
+      expect(transaction).to receive(:add_metric)
+        .with('transactions', values, {})
+
+      transaction.track_self
+    end
+  end
+
+  describe '#finish' do
+    it 'tracks the transaction details and submits them to Sidekiq' do
+      expect(transaction).to receive(:track_self)
+      expect(transaction).to receive(:submit)
+
+      transaction.finish
+    end
+  end
+
+  describe '#track_self' do
+    it 'adds a metric for the transaction itself' do
+      values = metric_values
+
+      expect(transaction).to receive(:add_metric)
+        .with('transactions', values, {})
+
+      transaction.track_self
+    end
+  end
+
+  describe '#submit' do
+    it 'submits the metrics to Sidekiq' do
+      transaction.track_self
+
+      expect(Gitlab::Metrics).to receive(:submit_metrics)
+        .with([an_instance_of(Hash)])
+
+      transaction.submit
+    end
+
+    it 'adds the action as a tag for every metric' do
+      allow(transaction)
+        .to receive(:labels)
+        .and_return(controller: 'Foo', action: 'bar')
+
+      transaction.track_self
+
+      hash = {
+        series: 'rails_transactions',
+        tags: { action: 'Foo#bar' },
+        values: metric_values,
+        timestamp: a_kind_of(Integer)
+      }
+
+      expect(Gitlab::Metrics).to receive(:submit_metrics)
+        .with([hash])
+
+      transaction.submit
+    end
+
+    it 'does not add an action tag for events' do
+      allow(transaction)
+        .to receive(:labels)
+        .and_return(controller: 'Foo', action: 'bar')
+
+      transaction.add_event(:meow)
+
+      hash = {
+        series: 'events',
+        tags: { event: :meow },
+        values: { count: 1 },
+        timestamp: a_kind_of(Integer)
+      }
+
+      expect(Gitlab::Metrics).to receive(:submit_metrics)
+        .with([hash])
+
+      transaction.submit
+    end
+  end
+
+  describe '#add_event' do
+    it 'adds a metric' do
+      transaction.add_event(:meow)
+
+      expect(metric).to be_an_instance_of(Gitlab::Metrics::Metric)
+    end
+
+    it "does not prefix the metric's series name" do
+      transaction.add_event(:meow)
+
+      expect(metric.series).to eq(described_class::EVENT_SERIES)
+    end
+
+    it 'tracks a counter for every event' do
+      transaction.add_event(:meow)
+
+      expect(metric.values).to eq(count: 1)
+    end
+
+    it 'tracks the event name' do
+      transaction.add_event(:meow)
+
+      expect(metric.tags).to eq(event: :meow)
+    end
+
+    it 'allows tracking of custom tags' do
+      transaction.add_event(:meow, animal: 'cat')
+
+      expect(metric.tags).to eq(event: :meow, animal: 'cat')
+    end
+
+    context 'with sensitive tags' do
+      before do
+        transaction.add_event(:meow, **sensitive_tags.merge(sane: 'yes'))
+      end
+
+      it_behaves_like 'tag filter', event: :meow, sane: 'yes'
+    end
+  end
+
+  private
+
+  def metric_values(opts = {})
+    {
+      duration: 0.0,
+      allocated_memory: a_kind_of(Numeric)
+    }.merge(opts)
+  end
+end
diff --git a/spec/lib/gitlab/path_regex_spec.rb b/spec/lib/gitlab/path_regex_spec.rb
index 312e5e55af8..71e69a0d418 100644
--- a/spec/lib/gitlab/path_regex_spec.rb
+++ b/spec/lib/gitlab/path_regex_spec.rb
@@ -100,7 +100,7 @@ describe Gitlab::PathRegex do
   end
 
   let(:ee_top_level_words) do
-    ['unsubscribes']
+    %w(unsubscribes v2)
   end
 
   let(:files_in_public) do
diff --git a/spec/lib/gitlab/prometheus/queries/additional_metrics_environment_query_spec.rb b/spec/lib/gitlab/prometheus/queries/additional_metrics_environment_query_spec.rb
index 5a88b23aa82..a6589f0c0a3 100644
--- a/spec/lib/gitlab/prometheus/queries/additional_metrics_environment_query_spec.rb
+++ b/spec/lib/gitlab/prometheus/queries/additional_metrics_environment_query_spec.rb
@@ -9,9 +9,35 @@ describe Gitlab::Prometheus::Queries::AdditionalMetricsEnvironmentQuery do
     let(:query_params) { [environment.id] }
 
     it 'queries using specific time' do
-      expect(client).to receive(:query_range).with(anything, start: 8.hours.ago.to_f, stop: Time.now.to_f)
-
+      expect(client).to receive(:query_range)
+        .with(anything, start: 8.hours.ago.to_f, stop: Time.now.to_f)
       expect(query_result).not_to be_nil
     end
+
+    context 'when start and end time parameters are provided' do
+      let(:query_params) { [environment.id, start_time, end_time] }
+
+      context 'as unix timestamps' do
+        let(:start_time) { 4.hours.ago.to_f }
+        let(:end_time) { 2.hours.ago.to_f }
+
+        it 'queries using the provided times' do
+          expect(client).to receive(:query_range)
+            .with(anything, start: start_time, stop: end_time)
+          expect(query_result).not_to be_nil
+        end
+      end
+
+      context 'as Date/Time objects' do
+        let(:start_time) { 4.hours.ago }
+        let(:end_time) { 2.hours.ago }
+
+        it 'queries using the provided times converted to unix' do
+          expect(client).to receive(:query_range)
+            .with(anything, start: start_time.to_f, stop: end_time.to_f)
+          expect(query_result).not_to be_nil
+        end
+      end
+    end
   end
 end
diff --git a/spec/lib/gitlab/prometheus_client_spec.rb b/spec/lib/gitlab/prometheus_client_spec.rb
index 4c3b8deefb9..f15ae83a02c 100644
--- a/spec/lib/gitlab/prometheus_client_spec.rb
+++ b/spec/lib/gitlab/prometheus_client_spec.rb
@@ -60,15 +60,13 @@ describe Gitlab::PrometheusClient do
   end
 
   describe 'failure to reach a provided prometheus url' do
-    let(:prometheus_url) {"https://prometheus.invalid.example.com"}
+    let(:prometheus_url) {"https://prometheus.invalid.example.com/api/v1/query?query=1"}
 
-    subject { described_class.new(RestClient::Resource.new(prometheus_url)) }
-
-    context 'exceptions are raised' do
+    shared_examples 'exceptions are raised' do
       it 'raises a Gitlab::PrometheusClient::Error error when a SocketError is rescued' do
         req_stub = stub_prometheus_request_with_exception(prometheus_url, SocketError)
 
-        expect { subject.send(:get, '/', {}) }
+        expect { subject }
           .to raise_error(Gitlab::PrometheusClient::Error, "Can't connect to #{prometheus_url}")
         expect(req_stub).to have_been_requested
       end
@@ -76,7 +74,7 @@ describe Gitlab::PrometheusClient do
       it 'raises a Gitlab::PrometheusClient::Error error when a SSLError is rescued' do
         req_stub = stub_prometheus_request_with_exception(prometheus_url, OpenSSL::SSL::SSLError)
 
-        expect { subject.send(:get, '/', {}) }
+        expect { subject }
           .to raise_error(Gitlab::PrometheusClient::Error, "#{prometheus_url} contains invalid SSL data")
         expect(req_stub).to have_been_requested
       end
@@ -84,11 +82,23 @@ describe Gitlab::PrometheusClient do
       it 'raises a Gitlab::PrometheusClient::Error error when a RestClient::Exception is rescued' do
         req_stub = stub_prometheus_request_with_exception(prometheus_url, RestClient::Exception)
 
-        expect { subject.send(:get, '/', {}) }
+        expect { subject }
           .to raise_error(Gitlab::PrometheusClient::Error, "Network connection error")
         expect(req_stub).to have_been_requested
       end
     end
+
+    context 'ping' do
+      subject { described_class.new(RestClient::Resource.new(prometheus_url)).ping }
+
+      it_behaves_like 'exceptions are raised'
+    end
+
+    context 'proxy' do
+      subject { described_class.new(RestClient::Resource.new(prometheus_url)).proxy('query', { query: '1' }) }
+
+      it_behaves_like 'exceptions are raised'
+    end
   end
 
   describe '#query' do
@@ -230,4 +240,87 @@ describe Gitlab::PrometheusClient do
       let(:execute_query) { subject.query_range(prometheus_query) }
     end
   end
+
+  describe '.compute_step' do
+    using RSpec::Parameterized::TableSyntax
+
+    let(:now) { Time.now.utc }
+
+    subject { described_class.compute_step(start, stop) }
+
+    where(:time_interval_in_seconds, :step) do
+      0               | 60
+      10.hours        | 60
+      10.hours + 1    | 61
+      # frontend options
+      30.minutes      | 60
+      3.hours         | 60
+      8.hours         | 60
+      1.day           | 144
+      3.days          | 432
+      1.week          | 1008
+    end
+
+    with_them do
+      let(:start) { now - time_interval_in_seconds }
+      let(:stop) { now }
+
+      it { is_expected.to eq(step) }
+    end
+  end
+
+  describe 'proxy' do
+    context 'get API' do
+      let(:prometheus_query) { prometheus_cpu_query('env-slug') }
+      let(:query_url) { prometheus_query_url(prometheus_query) }
+
+      around do |example|
+        Timecop.freeze { example.run }
+      end
+
+      context 'when response status code is 200' do
+        it 'returns response object' do
+          req_stub = stub_prometheus_request(query_url, body: prometheus_value_body('vector'))
+
+          response = subject.proxy('query', { query: prometheus_query })
+          json_response = JSON.parse(response.body)
+
+          expect(response.code).to eq(200)
+          expect(json_response).to eq({
+            'status' => 'success',
+            'data' => {
+              'resultType' => 'vector',
+              'result' => [{ "metric" => {}, "value" => [1488772511.004, "0.000041021495238095323"] }]
+            }
+          })
+          expect(req_stub).to have_been_requested
+        end
+      end
+
+      context 'when response status code is not 200' do
+        it 'returns response object' do
+          req_stub = stub_prometheus_request(query_url, status: 400, body: { error: 'error' })
+
+          response = subject.proxy('query', { query: prometheus_query })
+          json_response = JSON.parse(response.body)
+
+          expect(req_stub).to have_been_requested
+          expect(response.code).to eq(400)
+          expect(json_response).to eq('error' => 'error')
+        end
+      end
+
+      context 'when RestClient::Exception is raised' do
+        before do
+          stub_prometheus_request_with_exception(query_url, RestClient::Exception)
+        end
+
+        it 'raises PrometheusClient::Error' do
+          expect { subject.proxy('query', { query: prometheus_query }) }.to(
+            raise_error(Gitlab::PrometheusClient::Error, 'Network connection error')
+          )
+        end
+      end
+    end
+  end
 end
diff --git a/spec/lib/gitlab/search_results_spec.rb b/spec/lib/gitlab/search_results_spec.rb
index 4b57eecff93..312aa3be490 100644
--- a/spec/lib/gitlab/search_results_spec.rb
+++ b/spec/lib/gitlab/search_results_spec.rb
@@ -97,7 +97,7 @@ describe Gitlab::SearchResults do
         results.objects('merge_requests')
       end
 
-      it 'it skips project filter if default project context is used' do
+      it 'skips project filter if default project context is used' do
         allow(results).to receive(:default_project_filter).and_return(true)
 
         expect(results).not_to receive(:project_ids_relation)
@@ -113,7 +113,7 @@ describe Gitlab::SearchResults do
         results.objects('issues')
       end
 
-      it 'it skips project filter if default project context is used' do
+      it 'skips project filter if default project context is used' do
         allow(results).to receive(:default_project_filter).and_return(true)
 
         expect(results).not_to receive(:project_ids_relation)
diff --git a/spec/lib/gitlab/tracing/rails/action_view_subscriber_spec.rb b/spec/lib/gitlab/tracing/rails/action_view_subscriber_spec.rb
index c9d1a06b3e6..0bbaf5968ed 100644
--- a/spec/lib/gitlab/tracing/rails/action_view_subscriber_spec.rb
+++ b/spec/lib/gitlab/tracing/rails/action_view_subscriber_spec.rb
@@ -7,19 +7,19 @@ describe Gitlab::Tracing::Rails::ActionViewSubscriber do
   using RSpec::Parameterized::TableSyntax
 
   shared_examples 'an actionview notification' do
-    it 'should notify the tracer when the hash contains null values' do
+    it 'notifies the tracer when the hash contains null values' do
       expect(subject).to receive(:postnotify_span).with(notification_name, start, finish, tags: expected_tags, exception: exception)
 
       subject.public_send(notify_method, start, finish, payload)
     end
 
-    it 'should notify the tracer when the payload is missing values' do
+    it 'notifies the tracer when the payload is missing values' do
       expect(subject).to receive(:postnotify_span).with(notification_name, start, finish, tags: expected_tags, exception: exception)
 
       subject.public_send(notify_method, start, finish, payload.compact)
     end
 
-    it 'should not throw exceptions when with the default tracer' do
+    it 'does not throw exceptions when with the default tracer' do
       expect { subject.public_send(notify_method, start, finish, payload) }.not_to raise_error
     end
   end
diff --git a/spec/lib/gitlab/tracing/rails/active_record_subscriber_spec.rb b/spec/lib/gitlab/tracing/rails/active_record_subscriber_spec.rb
index 3d066843148..7bd0875fa68 100644
--- a/spec/lib/gitlab/tracing/rails/active_record_subscriber_spec.rb
+++ b/spec/lib/gitlab/tracing/rails/active_record_subscriber_spec.rb
@@ -53,19 +53,19 @@ describe Gitlab::Tracing::Rails::ActiveRecordSubscriber do
         }
       end
 
-      it 'should notify the tracer when the hash contains null values' do
+      it 'notifies the tracer when the hash contains null values' do
         expect(subject).to receive(:postnotify_span).with(operation_name, start, finish, tags: expected_tags, exception: exception)
 
         subject.notify(start, finish, payload)
       end
 
-      it 'should notify the tracer when the payload is missing values' do
+      it 'notifies the tracer when the payload is missing values' do
         expect(subject).to receive(:postnotify_span).with(operation_name, start, finish, tags: expected_tags, exception: exception)
 
         subject.notify(start, finish, payload.compact)
       end
 
-      it 'should not throw exceptions when with the default tracer' do
+      it 'does not throw exceptions when with the default tracer' do
         expect { subject.notify(start, finish, payload) }.not_to raise_error
       end
     end
diff --git a/spec/lib/gitlab/tracing_spec.rb b/spec/lib/gitlab/tracing_spec.rb
index 566b5050e47..db75ce2a998 100644
--- a/spec/lib/gitlab/tracing_spec.rb
+++ b/spec/lib/gitlab/tracing_spec.rb
@@ -14,7 +14,7 @@ describe Gitlab::Tracing do
     end
 
     with_them do
-      it 'should return the correct state for .enabled?' do
+      it 'returns the correct state for .enabled?' do
         expect(described_class).to receive(:connection_string).and_return(connection_string)
 
         expect(described_class.enabled?).to eq(enabled_state)
@@ -33,7 +33,7 @@ describe Gitlab::Tracing do
     end
 
     with_them do
-      it 'should return the correct state for .tracing_url_enabled?' do
+      it 'returns the correct state for .tracing_url_enabled?' do
         expect(described_class).to receive(:enabled?).and_return(enabled?)
         allow(described_class).to receive(:tracing_url_template).and_return(tracing_url_template)
 
@@ -56,7 +56,7 @@ describe Gitlab::Tracing do
     end
 
     with_them do
-      it 'should return the correct state for .tracing_url' do
+      it 'returns the correct state for .tracing_url' do
         expect(described_class).to receive(:tracing_url_enabled?).and_return(tracing_url_enabled?)
         allow(described_class).to receive(:tracing_url_template).and_return(tracing_url_template)
         allow(Gitlab::CorrelationId).to receive(:current_id).and_return(correlation_id)
diff --git a/spec/lib/gitlab/untrusted_regexp/ruby_syntax_spec.rb b/spec/lib/gitlab/untrusted_regexp/ruby_syntax_spec.rb
index 005d41580de..f1882e03581 100644
--- a/spec/lib/gitlab/untrusted_regexp/ruby_syntax_spec.rb
+++ b/spec/lib/gitlab/untrusted_regexp/ruby_syntax_spec.rb
@@ -1,5 +1,6 @@
 require 'fast_spec_helper'
 require 'support/shared_examples/malicious_regexp_shared_examples'
+require 'support/helpers/stub_feature_flags'
 
 describe Gitlab::UntrustedRegexp::RubySyntax do
   describe '.matches_syntax?' do
@@ -33,6 +34,12 @@ describe Gitlab::UntrustedRegexp::RubySyntax do
       end
     end
 
+    context 'when regexp is empty' do
+      it 'fabricates regexp correctly' do
+        expect(described_class.fabricate('//')).not_to be_nil
+      end
+    end
+
     context 'when regexp is a raw pattern' do
       it 'returns error' do
         expect(described_class.fabricate('some .* thing')).to be_nil
@@ -41,24 +48,63 @@ describe Gitlab::UntrustedRegexp::RubySyntax do
   end
 
   describe '.fabricate!' do
-    context 'when regexp is using /regexp/ scheme with flags' do
-      it 'fabricates regexp with a single flag' do
-        regexp = described_class.fabricate!('/something/i')
+    context 'safe regexp is used' do
+      context 'when regexp is using /regexp/ scheme with flags' do
+        it 'fabricates regexp with a single flag' do
+          regexp = described_class.fabricate!('/something/i')
+
+          expect(regexp).to eq Gitlab::UntrustedRegexp.new('(?i)something')
+          expect(regexp.scan('SOMETHING')).to be_one
+        end
 
-        expect(regexp).to eq Gitlab::UntrustedRegexp.new('(?i)something')
-        expect(regexp.scan('SOMETHING')).to be_one
+        it 'fabricates regexp with multiple flags' do
+          regexp = described_class.fabricate!('/something/im')
+
+          expect(regexp).to eq Gitlab::UntrustedRegexp.new('(?im)something')
+        end
+
+        it 'fabricates regexp without flags' do
+          regexp = described_class.fabricate!('/something/')
+
+          expect(regexp).to eq Gitlab::UntrustedRegexp.new('something')
+        end
       end
+    end
 
-      it 'fabricates regexp with multiple flags' do
-        regexp = described_class.fabricate!('/something/im')
+    context 'when unsafe regexp is used' do
+      include StubFeatureFlags
 
-        expect(regexp).to eq Gitlab::UntrustedRegexp.new('(?im)something')
+      before do
+        stub_feature_flags(allow_unsafe_ruby_regexp: true)
+
+        allow(Gitlab::UntrustedRegexp).to receive(:new).and_raise(RegexpError)
       end
 
-      it 'fabricates regexp without flags' do
-        regexp = described_class.fabricate!('/something/')
+      context 'when no fallback is enabled' do
+        it 'raises an exception' do
+          expect { described_class.fabricate!('/something/') }
+            .to raise_error(RegexpError)
+        end
+      end
+
+      context 'when fallback is used' do
+        it 'fabricates regexp with a single flag' do
+          regexp = described_class.fabricate!('/something/i', fallback: true)
+
+          expect(regexp).to eq Regexp.new('something', Regexp::IGNORECASE)
+        end
+
+        it 'fabricates regexp with multiple flags' do
+          regexp = described_class.fabricate!('/something/im', fallback: true)
+
+          expect(regexp).to eq Regexp.new('something', Regexp::IGNORECASE | Regexp::MULTILINE)
+        end
+
+        it 'fabricates regexp without flags' do
+          regexp = described_class.fabricate!('/something/', fallback: true)
 
-        expect(regexp).to eq Gitlab::UntrustedRegexp.new('something')
+          expect(regexp).to eq Regexp.new('something')
+        end
       end
     end
 
diff --git a/spec/lib/gitlab/url_sanitizer_spec.rb b/spec/lib/gitlab/url_sanitizer_spec.rb
index 6e98a999766..5861e6955a6 100644
--- a/spec/lib/gitlab/url_sanitizer_spec.rb
+++ b/spec/lib/gitlab/url_sanitizer_spec.rb
@@ -161,7 +161,7 @@ describe Gitlab::UrlSanitizer do
   end
 
   context 'when credentials contains special chars' do
-    it 'should parse the URL without errors' do
+    it 'parses the URL without errors' do
       url_sanitizer = described_class.new("https://foo:b?r@github.com/me/project.git")
 
       expect(url_sanitizer.sanitized_url).to eq("https://github.com/me/project.git")
diff --git a/spec/lib/gitlab/workhorse_spec.rb b/spec/lib/gitlab/workhorse_spec.rb
index d88086b01b1..f8ce399287a 100644
--- a/spec/lib/gitlab/workhorse_spec.rb
+++ b/spec/lib/gitlab/workhorse_spec.rb
@@ -16,20 +16,12 @@ describe Gitlab::Workhorse do
     let(:ref) { 'master' }
     let(:format) { 'zip' }
     let(:storage_path) { Gitlab.config.gitlab.repository_downloads_path }
-    let(:base_params) { repository.archive_metadata(ref, storage_path, format, append_sha: nil) }
-    let(:gitaly_params) do
-      base_params.merge(
-        'GitalyServer' => {
-          'address' => Gitlab::GitalyClient.address(project.repository_storage),
-          'token' => Gitlab::GitalyClient.token(project.repository_storage)
-        },
-        'GitalyRepository' => repository.gitaly_repository.to_h.deep_stringify_keys
-      )
-    end
+    let(:path) { 'some/path' }
+    let(:metadata) { repository.archive_metadata(ref, storage_path, format, append_sha: nil, path: path) }
     let(:cache_disabled) { false }
 
     subject do
-      described_class.send_git_archive(repository, ref: ref, format: format, append_sha: nil)
+      described_class.send_git_archive(repository, ref: ref, format: format, append_sha: nil, path: path)
     end
 
     before do
@@ -41,7 +33,22 @@ describe Gitlab::Workhorse do
 
       expect(key).to eq('Gitlab-Workhorse-Send-Data')
       expect(command).to eq('git-archive')
-      expect(params).to include(gitaly_params)
+      expect(params).to eq({
+        'GitalyServer' => {
+          address: Gitlab::GitalyClient.address(project.repository_storage),
+          token: Gitlab::GitalyClient.token(project.repository_storage)
+        },
+        'ArchivePath' => metadata['ArchivePath'],
+        'GetArchiveRequest' => Base64.urlsafe_encode64(
+          Gitaly::GetArchiveRequest.new(
+            repository: repository.gitaly_repository,
+            commit_id: metadata['CommitId'],
+            prefix: metadata['ArchivePrefix'],
+            format: Gitaly::GetArchiveRequest::Format::ZIP,
+            path: path
+          ).to_proto
+        )
+      }.deep_stringify_keys)
     end
 
     context 'when archive caching is disabled' do
@@ -87,7 +94,7 @@ describe Gitlab::Workhorse do
     end
   end
 
-  describe '.terminal_websocket' do
+  describe '.channel_websocket' do
     def terminal(ca_pem: nil)
       out = {
         subprotocols: ['foo'],
@@ -101,25 +108,25 @@ describe Gitlab::Workhorse do
 
     def workhorse(ca_pem: nil)
       out = {
-        'Terminal' => {
+        'Channel' => {
           'Subprotocols' => ['foo'],
           'Url' => 'wss://example.com/terminal.ws',
           'Header' => { 'Authorization' => ['Token x'] },
           'MaxSessionTime' => 600
         }
       }
-      out['Terminal']['CAPem'] = ca_pem if ca_pem
+      out['Channel']['CAPem'] = ca_pem if ca_pem
       out
     end
 
     context 'without ca_pem' do
-      subject { described_class.terminal_websocket(terminal) }
+      subject { described_class.channel_websocket(terminal) }
 
       it { is_expected.to eq(workhorse) }
     end
 
     context 'with ca_pem' do
-      subject { described_class.terminal_websocket(terminal(ca_pem: "foo")) }
+      subject { described_class.channel_websocket(terminal(ca_pem: "foo")) }
 
       it { is_expected.to eq(workhorse(ca_pem: "foo")) }
     end
diff --git a/spec/mailers/notify_spec.rb b/spec/mailers/notify_spec.rb
index 3c8897ed37c..5fa1369c00a 100644
--- a/spec/mailers/notify_spec.rb
+++ b/spec/mailers/notify_spec.rb
@@ -30,6 +30,19 @@ describe Notify do
                    description: 'My awesome description!')
   end
 
+  describe 'with HTML-encoded entities' do
+    before do
+      described_class.test_email('test@test.com', 'Subject', 'Some body with &mdash;').deliver
+    end
+
+    subject { ActionMailer::Base.deliveries.last }
+
+    it 'retains 7bit encoding' do
+      expect(subject.body.ascii_only?).to eq(true)
+      expect(subject.body.encoding).to eq('7bit')
+    end
+  end
+
   context 'for a project' do
     shared_examples 'an assignee email' do
       it 'is sent to the assignee as the author' do
diff --git a/spec/migrations/migrate_auto_dev_ops_domain_to_cluster_domain_spec.rb b/spec/migrations/migrate_auto_dev_ops_domain_to_cluster_domain_spec.rb
index b1ff3cfd355..349cffea70e 100644
--- a/spec/migrations/migrate_auto_dev_ops_domain_to_cluster_domain_spec.rb
+++ b/spec/migrations/migrate_auto_dev_ops_domain_to_cluster_domain_spec.rb
@@ -25,7 +25,7 @@ describe MigrateAutoDevOpsDomainToClusterDomain, :migration do
   context 'with ProjectAutoDevOps with no domain' do
     let(:domain) { nil }
 
-    it 'should not update cluster project' do
+    it 'does not update cluster project' do
       migrate!
 
       expect(clusters_without_domain.count).to eq(clusters_table.count)
@@ -35,7 +35,7 @@ describe MigrateAutoDevOpsDomainToClusterDomain, :migration do
   context 'with ProjectAutoDevOps with domain' do
     let(:domain) { 'example-domain.com' }
 
-    it 'should update all cluster projects' do
+    it 'updates all cluster projects' do
       migrate!
 
       expect(clusters_with_domain.count).to eq(clusters_table.count)
@@ -49,7 +49,7 @@ describe MigrateAutoDevOpsDomainToClusterDomain, :migration do
       setup_cluster_projects_with_domain(quantity: 25, domain: nil)
     end
 
-    it 'should only update specific cluster projects' do
+    it 'only updates specific cluster projects' do
       migrate!
 
       expect(clusters_with_domain.count).to eq(20)
diff --git a/spec/migrations/schedule_runners_token_encryption_spec.rb b/spec/migrations/schedule_runners_token_encryption_spec.rb
index 376d2795277..97ff6c128f3 100644
--- a/spec/migrations/schedule_runners_token_encryption_spec.rb
+++ b/spec/migrations/schedule_runners_token_encryption_spec.rb
@@ -1,7 +1,7 @@
 require 'spec_helper'
 require Rails.root.join('db', 'post_migrate', '20181121111200_schedule_runners_token_encryption')
 
-describe ScheduleRunnersTokenEncryption, :migration do
+describe ScheduleRunnersTokenEncryption, :migration, :sidekiq do
   let(:settings) { table(:application_settings) }
   let(:namespaces) { table(:namespaces) }
   let(:projects) { table(:projects) }
diff --git a/spec/migrations/schedule_sync_issuables_state_id_spec.rb b/spec/migrations/schedule_sync_issuables_state_id_spec.rb
index bf974d60b24..bc94f8820bd 100644
--- a/spec/migrations/schedule_sync_issuables_state_id_spec.rb
+++ b/spec/migrations/schedule_sync_issuables_state_id_spec.rb
@@ -3,7 +3,7 @@
 require 'spec_helper'
 require Rails.root.join('db', 'post_migrate', '20190214112022_schedule_sync_issuables_state_id.rb')
 
-describe ScheduleSyncIssuablesStateId, :migration do
+describe ScheduleSyncIssuablesStateId, :migration, :sidekiq do
   let(:namespaces) { table(:namespaces) }
   let(:projects) { table(:projects) }
   let(:merge_requests) { table(:merge_requests) }
diff --git a/spec/models/application_setting_spec.rb b/spec/models/application_setting_spec.rb
index c5579dafb4a..c81572d739e 100644
--- a/spec/models/application_setting_spec.rb
+++ b/spec/models/application_setting_spec.rb
@@ -6,6 +6,7 @@ describe ApplicationSetting do
   let(:setting) { described_class.create_from_defaults }
 
   it { include(CacheableAttributes) }
+  it { include(ApplicationSettingImplementation) }
   it { expect(described_class.current_without_cache).to eq(described_class.last) }
 
   it { expect(setting).to be_valid }
@@ -286,12 +287,10 @@ describe ApplicationSetting do
   end
 
   context 'restrict creating duplicates' do
-    before do
-      described_class.create_from_defaults
-    end
+    let!(:current_settings) { described_class.create_from_defaults }
 
-    it 'raises an record creation violation if already created' do
-      expect { described_class.create_from_defaults }.to raise_error(ActiveRecord::RecordNotUnique)
+    it 'returns the current settings' do
+      expect(described_class.create_from_defaults).to eq(current_settings)
     end
   end
 
diff --git a/spec/models/badge_spec.rb b/spec/models/badge_spec.rb
index 314d7d1e9f4..c661f5384ea 100644
--- a/spec/models/badge_spec.rb
+++ b/spec/models/badge_spec.rb
@@ -61,7 +61,7 @@ describe Badge do
   end
 
   shared_examples 'rendered_links' do
-    it 'should use the project information to populate the url placeholders' do
+    it 'uses the project information to populate the url placeholders' do
       stub_project_commit_info(project)
 
       expect(badge.public_send("rendered_#{method}", project)).to eq "http://www.example.com/#{project.full_path}/#{project.id}/master/whatever"
diff --git a/spec/models/badges/project_badge_spec.rb b/spec/models/badges/project_badge_spec.rb
index e683d110252..d41c5cf2ca1 100644
--- a/spec/models/badges/project_badge_spec.rb
+++ b/spec/models/badges/project_badge_spec.rb
@@ -14,7 +14,7 @@ describe ProjectBadge do
   end
 
   shared_examples 'rendered_links' do
-    it 'should use the badge project information to populate the url placeholders' do
+    it 'uses the badge project information to populate the url placeholders' do
       stub_project_commit_info(project)
 
       expect(badge.public_send("rendered_#{method}")).to eq "http://www.example.com/#{project.full_path}/#{project.id}/master/whatever"
diff --git a/spec/models/ci/build_runner_session_spec.rb b/spec/models/ci/build_runner_session_spec.rb
index a52c10019e6..e51fd009f50 100644
--- a/spec/models/ci/build_runner_session_spec.rb
+++ b/spec/models/ci/build_runner_session_spec.rb
@@ -13,25 +13,33 @@ describe Ci::BuildRunnerSession, model: true do
   it { is_expected.to validate_presence_of(:url).with_message('must be a valid URL') }
 
   describe '#terminal_specification' do
-    let(:terminal_specification) { subject.terminal_specification }
+    let(:specification) { subject.terminal_specification }
+
+    it 'returns terminal.gitlab.com protocol' do
+      expect(specification[:subprotocols]).to eq ['terminal.gitlab.com']
+    end
+
+    it 'returns a wss url' do
+      expect(specification[:url]).to start_with('wss://')
+    end
 
     it 'returns empty hash if no url' do
       subject.url = ''
 
-      expect(terminal_specification).to be_empty
+      expect(specification).to be_empty
     end
 
     context 'when url is present' do
       it 'returns ca_pem nil if empty certificate' do
         subject.certificate = ''
 
-        expect(terminal_specification[:ca_pem]).to be_nil
+        expect(specification[:ca_pem]).to be_nil
       end
 
       it 'adds Authorization header if authorization is present' do
         subject.authorization = 'whatever'
 
-        expect(terminal_specification[:headers]).to include(Authorization: ['whatever'])
+        expect(specification[:headers]).to include(Authorization: ['whatever'])
       end
     end
   end
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 2c41dfa65cd..1352a2de2d7 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -117,6 +117,16 @@ describe Ci::Build do
       it 'returns the job' do
         is_expected.to include(job)
       end
+
+      context 'when ci_enable_legacy_artifacts feature flag is disabled' do
+        before do
+          stub_feature_flags(ci_enable_legacy_artifacts: false)
+        end
+
+        it 'does not return the job' do
+          is_expected.not_to include(job)
+        end
+      end
     end
 
     context 'when job has a job artifact archive' do
@@ -471,6 +481,14 @@ describe Ci::Build do
         let(:build) { create(:ci_build, :legacy_artifacts) }
 
         it { is_expected.to be_truthy }
+
+        context 'when ci_enable_legacy_artifacts feature flag is disabled' do
+          before do
+            stub_feature_flags(ci_enable_legacy_artifacts: false)
+          end
+
+          it { is_expected.to be_falsy }
+        end
       end
     end
   end
@@ -2708,13 +2726,13 @@ describe Ci::Build do
           project.deploy_tokens << deploy_token
         end
 
-        it 'should include deploy token variables' do
+        it 'includes deploy token variables' do
           is_expected.to include(*deploy_token_variables)
         end
       end
 
       context 'when gitlab-deploy-token does not exist' do
-        it 'should not include deploy token variables' do
+        it 'does not include deploy token variables' do
           expect(subject.find { |v| v[:key] == 'CI_DEPLOY_USER'}).to be_nil
           expect(subject.find { |v| v[:key] == 'CI_DEPLOY_PASSWORD'}).to be_nil
         end
@@ -3198,7 +3216,7 @@ describe Ci::Build do
       it 'does not try to create a todo' do
         project.add_developer(user)
 
-        expect(service).not_to receive(:commit_status_merge_requests)
+        expect(service).not_to receive(:pipeline_merge_requests)
 
         subject.drop!
       end
@@ -3234,7 +3252,23 @@ describe Ci::Build do
     end
 
     context 'when build is not configured to be retried' do
-      subject { create(:ci_build, :running, project: project, user: user) }
+      subject { create(:ci_build, :running, project: project, user: user, pipeline: pipeline) }
+
+      let(:pipeline) do
+        create(:ci_pipeline,
+          project: project,
+          ref: 'feature',
+          sha: merge_request.diff_head_sha,
+          merge_requests_as_head_pipeline: [merge_request])
+      end
+
+      let(:merge_request) do
+        create(:merge_request, :opened,
+          source_branch: 'feature',
+          source_project: project,
+          target_branch: 'master',
+          target_project: project)
+      end
 
       it 'does not retry build' do
         expect(described_class).not_to receive(:retry)
@@ -3253,7 +3287,10 @@ describe Ci::Build do
       it 'creates a todo' do
         project.add_developer(user)
 
-        expect(service).to receive(:commit_status_merge_requests)
+        expect_next_instance_of(TodoService) do |todo_service|
+          expect(todo_service)
+            .to receive(:merge_request_build_failed).with(merge_request)
+        end
 
         subject.drop!
       end
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index b3ab63925dd..2cb581696a0 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -72,7 +72,7 @@ describe Ci::Runner do
         expect(instance_runner.errors.full_messages).to include('Runner cannot have projects assigned')
       end
 
-      it 'should fail to save a group assigned to a project runner even if the runner is already saved' do
+      it 'fails to save a group assigned to a project runner even if the runner is already saved' do
         group_runner
 
         expect { create(:group, runners: [project_runner]) }
diff --git a/spec/models/clusters/applications/cert_manager_spec.rb b/spec/models/clusters/applications/cert_manager_spec.rb
index af7eadfc74c..5cd80edb3a1 100644
--- a/spec/models/clusters/applications/cert_manager_spec.rb
+++ b/spec/models/clusters/applications/cert_manager_spec.rb
@@ -36,7 +36,7 @@ describe Clusters::Applications::CertManager do
 
     it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::InstallCommand) }
 
-    it 'should be initialized with cert_manager arguments' do
+    it 'is initialized with cert_manager arguments' do
       expect(subject.name).to eq('certmanager')
       expect(subject.chart).to eq('stable/cert-manager')
       expect(subject.version).to eq('v0.5.2')
@@ -52,7 +52,7 @@ describe Clusters::Applications::CertManager do
         cert_manager.email = cert_email
       end
 
-      it 'should use his/her email to register issuer with certificate provider' do
+      it 'uses his/her email to register issuer with certificate provider' do
         expect(subject.files).to eq(cert_manager.files.merge(cluster_issuer_file))
       end
     end
@@ -68,7 +68,7 @@ describe Clusters::Applications::CertManager do
     context 'application failed to install previously' do
       let(:cert_manager) { create(:clusters_applications_cert_managers, :errored, version: '0.0.1') }
 
-      it 'should be initialized with the locked version' do
+      it 'is initialized with the locked version' do
         expect(subject.version).to eq('v0.5.2')
       end
     end
@@ -80,7 +80,7 @@ describe Clusters::Applications::CertManager do
 
     subject { application.files }
 
-    it 'should include cert_manager specific keys in the values.yaml file' do
+    it 'includes cert_manager specific keys in the values.yaml file' do
       expect(values).to include('ingressShim')
     end
   end
diff --git a/spec/models/clusters/applications/helm_spec.rb b/spec/models/clusters/applications/helm_spec.rb
index f97d126d918..f177d493a2e 100644
--- a/spec/models/clusters/applications/helm_spec.rb
+++ b/spec/models/clusters/applications/helm_spec.rb
@@ -36,11 +36,11 @@ describe Clusters::Applications::Helm do
 
     it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::InitCommand) }
 
-    it 'should be initialized with 1 arguments' do
+    it 'is initialized with 1 arguments' do
       expect(subject.name).to eq('helm')
     end
 
-    it 'should have cert files' do
+    it 'has cert files' do
       expect(subject.files[:'ca.pem']).to be_present
       expect(subject.files[:'ca.pem']).to eq(helm.ca_cert)
 
diff --git a/spec/models/clusters/applications/ingress_spec.rb b/spec/models/clusters/applications/ingress_spec.rb
index 09e60b9a206..113d29b5551 100644
--- a/spec/models/clusters/applications/ingress_spec.rb
+++ b/spec/models/clusters/applications/ingress_spec.rb
@@ -73,7 +73,7 @@ describe Clusters::Applications::Ingress do
 
     it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::InstallCommand) }
 
-    it 'should be initialized with ingress arguments' do
+    it 'is initialized with ingress arguments' do
       expect(subject.name).to eq('ingress')
       expect(subject.chart).to eq('stable/nginx-ingress')
       expect(subject.version).to eq('1.1.2')
@@ -92,7 +92,7 @@ describe Clusters::Applications::Ingress do
     context 'application failed to install previously' do
       let(:ingress) { create(:clusters_applications_ingress, :errored, version: 'nginx') }
 
-      it 'should be initialized with the locked version' do
+      it 'is initialized with the locked version' do
         expect(subject.version).to eq('1.1.2')
       end
     end
@@ -104,7 +104,7 @@ describe Clusters::Applications::Ingress do
 
     subject { application.files }
 
-    it 'should include ingress valid keys in values' do
+    it 'includes ingress valid keys in values' do
       expect(values).to include('image')
       expect(values).to include('repository')
       expect(values).to include('stats')
diff --git a/spec/models/clusters/applications/jupyter_spec.rb b/spec/models/clusters/applications/jupyter_spec.rb
index 5970a1959b5..1a7363b64f9 100644
--- a/spec/models/clusters/applications/jupyter_spec.rb
+++ b/spec/models/clusters/applications/jupyter_spec.rb
@@ -45,7 +45,7 @@ describe Clusters::Applications::Jupyter do
 
     it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::InstallCommand) }
 
-    it 'should be initialized with 4 arguments' do
+    it 'is initialized with 4 arguments' do
       expect(subject.name).to eq('jupyter')
       expect(subject.chart).to eq('jupyter/jupyterhub')
       expect(subject.version).to eq('0.9-174bbd5')
@@ -65,7 +65,7 @@ describe Clusters::Applications::Jupyter do
     context 'application failed to install previously' do
       let(:jupyter) { create(:clusters_applications_jupyter, :errored, version: '0.0.1') }
 
-      it 'should be initialized with the locked version' do
+      it 'is initialized with the locked version' do
         expect(subject.version).to eq('0.9-174bbd5')
       end
     end
@@ -77,7 +77,7 @@ describe Clusters::Applications::Jupyter do
 
     subject { application.files }
 
-    it 'should include valid values' do
+    it 'includes valid values' do
       expect(values).to include('ingress')
       expect(values).to include('hub')
       expect(values).to include('rbac')
diff --git a/spec/models/clusters/applications/knative_spec.rb b/spec/models/clusters/applications/knative_spec.rb
index 25493689fbc..5e68f2634da 100644
--- a/spec/models/clusters/applications/knative_spec.rb
+++ b/spec/models/clusters/applications/knative_spec.rb
@@ -77,17 +77,17 @@ describe Clusters::Applications::Knative do
   end
 
   shared_examples 'a command' do
-    it 'should be an instance of Helm::InstallCommand' do
+    it 'is an instance of Helm::InstallCommand' do
       expect(subject).to be_an_instance_of(Gitlab::Kubernetes::Helm::InstallCommand)
     end
 
-    it 'should be initialized with knative arguments' do
+    it 'is initialized with knative arguments' do
       expect(subject.name).to eq('knative')
       expect(subject.chart).to eq('knative/knative')
       expect(subject.files).to eq(knative.files)
     end
 
-    it 'should not install metrics for prometheus' do
+    it 'does not install metrics for prometheus' do
       expect(subject.postinstall).to be_nil
     end
 
@@ -97,7 +97,7 @@ describe Clusters::Applications::Knative do
 
       subject { knative.install_command }
 
-      it 'should install metrics' do
+      it 'installs metrics' do
         expect(subject.postinstall).not_to be_nil
         expect(subject.postinstall.length).to be(1)
         expect(subject.postinstall[0]).to eql("kubectl apply -f #{Clusters::Applications::Knative::METRICS_CONFIG}")
@@ -108,7 +108,7 @@ describe Clusters::Applications::Knative do
   describe '#install_command' do
     subject { knative.install_command }
 
-    it 'should be initialized with latest version' do
+    it 'is initialized with latest version' do
       expect(subject.version).to eq('0.3.0')
     end
 
@@ -119,7 +119,7 @@ describe Clusters::Applications::Knative do
     let!(:current_installed_version) { knative.version = '0.1.0' }
     subject { knative.update_command }
 
-    it 'should be initialized with current version' do
+    it 'is initialized with current version' do
       expect(subject.version).to eq(current_installed_version)
     end
 
@@ -132,7 +132,7 @@ describe Clusters::Applications::Knative do
 
     subject { application.files }
 
-    it 'should include knative specific keys in the values.yaml file' do
+    it 'includes knative specific keys in the values.yaml file' do
       expect(values).to include('domain')
     end
   end
@@ -165,7 +165,7 @@ describe Clusters::Applications::Knative do
       synchronous_reactive_cache(knative)
     end
 
-    it 'should be able k8s core for pod details' do
+    it 'is able k8s core for pod details' do
       expect(knative.service_pod_details(namespace.namespace, cluster.cluster_project.project.name)).not_to be_nil
     end
   end
@@ -190,7 +190,7 @@ describe Clusters::Applications::Knative do
       stub_kubeclient_service_pods
     end
 
-    it 'should have an unintialized cache' do
+    it 'has an unintialized cache' do
       is_expected.to be_nil
     end
 
@@ -204,11 +204,11 @@ describe Clusters::Applications::Knative do
         synchronous_reactive_cache(knative)
       end
 
-      it 'should have cached services' do
+      it 'has cached services' do
         is_expected.not_to be_nil
       end
 
-      it 'should match our namespace' do
+      it 'matches our namespace' do
         expect(knative.services_for(ns: namespace)).not_to be_nil
       end
     end
diff --git a/spec/models/clusters/applications/prometheus_spec.rb b/spec/models/clusters/applications/prometheus_spec.rb
index 82a502addd4..e8ba9737c23 100644
--- a/spec/models/clusters/applications/prometheus_spec.rb
+++ b/spec/models/clusters/applications/prometheus_spec.rb
@@ -94,7 +94,7 @@ describe Clusters::Applications::Prometheus do
 
     it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::InstallCommand) }
 
-    it 'should be initialized with 3 arguments' do
+    it 'is initialized with 3 arguments' do
       expect(subject.name).to eq('prometheus')
       expect(subject.chart).to eq('stable/prometheus')
       expect(subject.version).to eq('6.7.3')
@@ -113,12 +113,12 @@ describe Clusters::Applications::Prometheus do
     context 'application failed to install previously' do
       let(:prometheus) { create(:clusters_applications_prometheus, :errored, version: '2.0.0') }
 
-      it 'should be initialized with the locked version' do
+      it 'is initialized with the locked version' do
         expect(subject.version).to eq('6.7.3')
       end
     end
 
-    it 'should not install knative metrics' do
+    it 'does not install knative metrics' do
       expect(subject.postinstall).to be_nil
     end
 
@@ -128,7 +128,7 @@ describe Clusters::Applications::Prometheus do
 
       subject { prometheus.install_command }
 
-      it 'should install knative metrics' do
+      it 'installs knative metrics' do
         expect(subject.postinstall).to include("kubectl apply -f #{Clusters::Applications::Knative::METRICS_CONFIG}")
       end
     end
@@ -142,7 +142,7 @@ describe Clusters::Applications::Prometheus do
       expect(prometheus.upgrade_command(values)).to be_an_instance_of(::Gitlab::Kubernetes::Helm::InstallCommand)
     end
 
-    it 'should be initialized with 3 arguments' do
+    it 'is initialized with 3 arguments' do
       command = prometheus.upgrade_command(values)
 
       expect(command.name).to eq('prometheus')
@@ -180,7 +180,7 @@ describe Clusters::Applications::Prometheus do
 
     subject { application.files }
 
-    it 'should include prometheus valid values' do
+    it 'includes prometheus valid values' do
       expect(values).to include('alertmanager')
       expect(values).to include('kubeStateMetrics')
       expect(values).to include('nodeExporter')
@@ -204,7 +204,7 @@ describe Clusters::Applications::Prometheus do
       expect(subject[:'values.yaml']).to eq({ hello: :world })
     end
 
-    it 'should include cert files' do
+    it 'includes cert files' do
       expect(subject[:'ca.pem']).to be_present
       expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
 
@@ -220,7 +220,7 @@ describe Clusters::Applications::Prometheus do
         application.cluster.application_helm.ca_cert = nil
       end
 
-      it 'should not include cert files' do
+      it 'does not include cert files' do
         expect(subject[:'ca.pem']).not_to be_present
         expect(subject[:'cert.pem']).not_to be_present
         expect(subject[:'key.pem']).not_to be_present
diff --git a/spec/models/clusters/applications/runner_spec.rb b/spec/models/clusters/applications/runner_spec.rb
index 7e2f5835279..399a13f82cb 100644
--- a/spec/models/clusters/applications/runner_spec.rb
+++ b/spec/models/clusters/applications/runner_spec.rb
@@ -21,7 +21,7 @@ describe Clusters::Applications::Runner do
 
     it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::InstallCommand) }
 
-    it 'should be initialized with 4 arguments' do
+    it 'is initialized with 4 arguments' do
       expect(subject.name).to eq('runner')
       expect(subject.chart).to eq('runner/gitlab-runner')
       expect(subject.version).to eq('0.3.0')
@@ -41,7 +41,7 @@ describe Clusters::Applications::Runner do
     context 'application failed to install previously' do
       let(:gitlab_runner) { create(:clusters_applications_runner, :errored, runner: ci_runner, version: '0.1.13') }
 
-      it 'should be initialized with the locked version' do
+      it 'is initialized with the locked version' do
         expect(subject.version).to eq('0.3.0')
       end
     end
@@ -53,7 +53,7 @@ describe Clusters::Applications::Runner do
 
     subject { application.files }
 
-    it 'should include runner valid values' do
+    it 'includes runner valid values' do
       expect(values).to include('concurrent')
       expect(values).to include('checkInterval')
       expect(values).to include('rbac')
@@ -131,7 +131,7 @@ describe Clusters::Applications::Runner do
         allow(application).to receive(:chart_values).and_return(stub_values)
       end
 
-      it 'should overwrite values.yaml' do
+      it 'overwrites values.yaml' do
         expect(values).to match(/privileged: '?#{application.privileged}/)
       end
     end
diff --git a/spec/models/clusters/cluster_spec.rb b/spec/models/clusters/cluster_spec.rb
index fabd2806d9a..894ef3fb956 100644
--- a/spec/models/clusters/cluster_spec.rb
+++ b/spec/models/clusters/cluster_spec.rb
@@ -269,7 +269,7 @@ describe Clusters::Cluster do
       context 'when cluster is not a valid hostname' do
         let(:cluster) { build(:cluster, domain: 'http://not.a.valid.hostname') }
 
-        it 'should add an error on domain' do
+        it 'adds an error on domain' do
           expect(subject).not_to be_valid
           expect(subject.errors[:domain].first).to eq('contains invalid characters (valid characters: [a-z0-9\\-])')
         end
@@ -599,7 +599,7 @@ describe Clusters::Cluster do
         stub_application_setting(auto_devops_domain: 'global_domain.com')
       end
 
-      it 'should include KUBE_INGRESS_BASE_DOMAIN' do
+      it 'includes KUBE_INGRESS_BASE_DOMAIN' do
         expect(subject.to_hash).to include(KUBE_INGRESS_BASE_DOMAIN: 'global_domain.com')
       end
     end
@@ -607,7 +607,7 @@ describe Clusters::Cluster do
     context 'with a cluster domain' do
       let(:cluster) { create(:cluster, :provided_by_gcp, domain: 'example.com') }
 
-      it 'should include KUBE_INGRESS_BASE_DOMAIN' do
+      it 'includes KUBE_INGRESS_BASE_DOMAIN' do
         expect(subject.to_hash).to include(KUBE_INGRESS_BASE_DOMAIN: 'example.com')
       end
     end
@@ -615,7 +615,7 @@ describe Clusters::Cluster do
     context 'with no domain' do
       let(:cluster) { create(:cluster, :provided_by_gcp, :project) }
 
-      it 'should return an empty array' do
+      it 'returns an empty array' do
         expect(subject.to_hash).to be_empty
       end
     end
diff --git a/spec/models/clusters/kubernetes_namespace_spec.rb b/spec/models/clusters/kubernetes_namespace_spec.rb
index 579f486f99f..b5cba80b806 100644
--- a/spec/models/clusters/kubernetes_namespace_spec.rb
+++ b/spec/models/clusters/kubernetes_namespace_spec.rb
@@ -60,7 +60,7 @@ RSpec.describe Clusters::KubernetesNamespace, type: :model do
       context 'when platform has a namespace assigned' do
         let(:namespace) { 'platform-namespace' }
 
-        it 'should copy the namespace' do
+        it 'copies the namespace' do
           subject
 
           expect(kubernetes_namespace.namespace).to eq('platform-namespace')
@@ -72,7 +72,7 @@ RSpec.describe Clusters::KubernetesNamespace, type: :model do
         let(:namespace) { nil }
         let(:project_slug) { "#{project.path}-#{project.id}" }
 
-        it 'should fallback to project namespace' do
+        it 'fallbacks to project namespace' do
           subject
 
           expect(kubernetes_namespace.namespace).to eq(project_slug)
@@ -83,7 +83,7 @@ RSpec.describe Clusters::KubernetesNamespace, type: :model do
     describe '#service_account_name' do
       let(:service_account_name) { "#{kubernetes_namespace.namespace}-service-account" }
 
-      it 'should set a service account name based on namespace' do
+      it 'sets a service account name based on namespace' do
         subject
 
         expect(kubernetes_namespace.service_account_name).to eq(service_account_name)
diff --git a/spec/models/clusters/platforms/kubernetes_spec.rb b/spec/models/clusters/platforms/kubernetes_spec.rb
index 14bec17a2bd..0281dd2c303 100644
--- a/spec/models/clusters/platforms/kubernetes_spec.rb
+++ b/spec/models/clusters/platforms/kubernetes_spec.rb
@@ -447,7 +447,7 @@ describe Clusters::Platforms::Kubernetes, :use_clean_rails_memory_store_caching
     let(:platform) { cluster.platform }
 
     context 'when namespace is updated' do
-      it 'should call ConfigureWorker' do
+      it 'calls ConfigureWorker' do
         expect(ClusterConfigureWorker).to receive(:perform_async).with(cluster.id).once
 
         platform.namespace = 'new-namespace'
@@ -456,7 +456,7 @@ describe Clusters::Platforms::Kubernetes, :use_clean_rails_memory_store_caching
     end
 
     context 'when namespace is not updated' do
-      it 'should not call ConfigureWorker' do
+      it 'does not call ConfigureWorker' do
         expect(ClusterConfigureWorker).not_to receive(:perform_async)
 
         platform.username = "new-username"
diff --git a/spec/models/concerns/issuable_spec.rb b/spec/models/concerns/issuable_spec.rb
index 259ac6852a8..27ed298ae08 100644
--- a/spec/models/concerns/issuable_spec.rb
+++ b/spec/models/concerns/issuable_spec.rb
@@ -659,7 +659,7 @@ describe Issuable do
     end
 
     context 'adding time' do
-      it 'should update the total time spent' do
+      it 'updates the total time spent' do
         spend_time(1800)
 
         expect(issue.total_time_spent).to eq(1800)
@@ -679,7 +679,7 @@ describe Issuable do
         spend_time(1800)
       end
 
-      it 'should update the total time spent' do
+      it 'updates the total time spent' do
         spend_time(-900)
 
         expect(issue.total_time_spent).to eq(900)
diff --git a/spec/models/concerns/prometheus_adapter_spec.rb b/spec/models/concerns/prometheus_adapter_spec.rb
index db20a8b4701..25a2d290f76 100644
--- a/spec/models/concerns/prometheus_adapter_spec.rb
+++ b/spec/models/concerns/prometheus_adapter_spec.rb
@@ -77,6 +77,28 @@ describe PrometheusAdapter, :use_clean_rails_memory_store_caching do
         end
       end
     end
+
+    describe 'additional_metrics' do
+      let(:additional_metrics_environment_query) { Gitlab::Prometheus::Queries::AdditionalMetricsEnvironmentQuery }
+      let(:environment) { build_stubbed(:environment, slug: 'env-slug') }
+      let(:time_window) { [1552642245.067, 1552642095.831] }
+
+      around do |example|
+        Timecop.freeze { example.run }
+      end
+
+      context 'with valid data' do
+        subject { service.query(:additional_metrics_environment, environment, *time_window) }
+
+        before do
+          stub_reactive_cache(service, prometheus_data, additional_metrics_environment_query, environment.id, *time_window)
+        end
+
+        it 'returns reactive data' do
+          expect(subject).to eq(prometheus_data)
+        end
+      end
+    end
   end
 
   describe '#calculate_reactive_cache' do
@@ -121,4 +143,24 @@ describe PrometheusAdapter, :use_clean_rails_memory_store_caching do
       end
     end
   end
+
+  describe '#build_query_args' do
+    subject { service.build_query_args(*args) }
+
+    context 'when active record models are included' do
+      let(:args) { [double(:environment, id: 12)] }
+
+      it 'serializes by id' do
+        is_expected.to eq [12]
+      end
+    end
+
+    context 'when args are safe for serialization' do
+      let(:args) { ['stringy arg', 5, 6.0, :symbolic_arg] }
+
+      it 'does nothing' do
+        is_expected.to eq args
+      end
+    end
+  end
 end
diff --git a/spec/models/concerns/reactive_caching_spec.rb b/spec/models/concerns/reactive_caching_spec.rb
index 32e13d5abed..53df9e0bc05 100644
--- a/spec/models/concerns/reactive_caching_spec.rb
+++ b/spec/models/concerns/reactive_caching_spec.rb
@@ -16,6 +16,10 @@ describe ReactiveCaching, :use_clean_rails_memory_store_caching do
 
     attr_reader :id
 
+    def self.primary_key
+      :id
+    end
+
     def initialize(id, &blk)
       @id = id
       @calculator = blk
@@ -106,6 +110,46 @@ describe ReactiveCaching, :use_clean_rails_memory_store_caching do
     end
   end
 
+  describe '.reactive_cache_worker_finder' do
+    context 'with default reactive_cache_worker_finder' do
+      let(:args) { %w(other args) }
+
+      before do
+        allow(instance.class).to receive(:find_by).with(id: instance.id)
+          .and_return(instance)
+      end
+
+      it 'calls the activerecord find_by method' do
+        result = instance.class.reactive_cache_worker_finder.call(instance.id, *args)
+
+        expect(result).to eq(instance)
+        expect(instance.class).to have_received(:find_by).with(id: instance.id)
+      end
+    end
+
+    context 'with custom reactive_cache_worker_finder' do
+      let(:args) { %w(arg1 arg2) }
+      let(:instance) { CustomFinderCacheTest.new(666, &calculation) }
+
+      class CustomFinderCacheTest < CacheTest
+        self.reactive_cache_worker_finder = ->(_id, *args) { from_cache(*args) }
+
+        def self.from_cache(*args); end
+      end
+
+      before do
+        allow(instance.class).to receive(:from_cache).with(*args).and_return(instance)
+      end
+
+      it 'overrides the default reactive_cache_worker_finder' do
+        result = instance.class.reactive_cache_worker_finder.call(instance.id, *args)
+
+        expect(result).to eq(instance)
+        expect(instance.class).to have_received(:from_cache).with(*args)
+      end
+    end
+  end
+
   describe '#clear_reactive_cache!' do
     before do
       stub_reactive_cache(instance, 4)
diff --git a/spec/models/concerns/spammable_spec.rb b/spec/models/concerns/spammable_spec.rb
index 650d49e41a1..67353475251 100644
--- a/spec/models/concerns/spammable_spec.rb
+++ b/spec/models/concerns/spammable_spec.rb
@@ -12,7 +12,7 @@ describe Spammable do
   end
 
   describe 'ClassMethods' do
-    it 'should return correct attr_spammable' do
+    it 'returns correct attr_spammable' do
       expect(issue.spammable_text).to eq("#{issue.title}\n#{issue.description}")
     end
   end
@@ -20,7 +20,7 @@ describe Spammable do
   describe 'InstanceMethods' do
     let(:issue) { build(:issue, spam: true) }
 
-    it 'should be invalid if spam' do
+    it 'is invalid if spam' do
       expect(issue.valid?).to be_falsey
     end
 
diff --git a/spec/models/deploy_token_spec.rb b/spec/models/deploy_token_spec.rb
index 05320703e25..2fe82eaa778 100644
--- a/spec/models/deploy_token_spec.rb
+++ b/spec/models/deploy_token_spec.rb
@@ -9,7 +9,7 @@ describe DeployToken do
   it { is_expected.to have_many(:projects).through(:project_deploy_tokens) }
 
   describe '#ensure_token' do
-    it 'should ensure a token' do
+    it 'ensures a token' do
       deploy_token.token = nil
       deploy_token.save
 
@@ -19,13 +19,13 @@ describe DeployToken do
 
   describe '#ensure_at_least_one_scope' do
     context 'with at least one scope' do
-      it 'should be valid' do
+      it 'is valid' do
         is_expected.to be_valid
       end
     end
 
     context 'with no scopes' do
-      it 'should be invalid' do
+      it 'is invalid' do
         deploy_token = build(:deploy_token, read_repository: false, read_registry: false)
 
         expect(deploy_token).not_to be_valid
@@ -36,13 +36,13 @@ describe DeployToken do
 
   describe '#scopes' do
     context 'with all the scopes' do
-      it 'should return scopes assigned to DeployToken' do
+      it 'returns scopes assigned to DeployToken' do
         expect(deploy_token.scopes).to eq([:read_repository, :read_registry])
       end
     end
 
     context 'with only one scope' do
-      it 'should return scopes assigned to DeployToken' do
+      it 'returns scopes assigned to DeployToken' do
         deploy_token = create(:deploy_token, read_registry: false)
         expect(deploy_token.scopes).to eq([:read_repository])
       end
@@ -50,7 +50,7 @@ describe DeployToken do
   end
 
   describe '#revoke!' do
-    it 'should update revoke attribute' do
+    it 'updates revoke attribute' do
       deploy_token.revoke!
       expect(deploy_token.revoked?).to be_truthy
     end
@@ -58,20 +58,20 @@ describe DeployToken do
 
   describe "#active?" do
     context "when it has been revoked" do
-      it 'should return false' do
+      it 'returns false' do
         deploy_token.revoke!
         expect(deploy_token.active?).to be_falsy
       end
     end
 
     context "when it hasn't been revoked and is not expired" do
-      it 'should return true' do
+      it 'returns true' do
         expect(deploy_token.active?).to be_truthy
       end
     end
 
     context "when it hasn't been revoked and is expired" do
-      it 'should return true' do
+      it 'returns true' do
         deploy_token.update_attribute(:expires_at, Date.today - 5.days)
         expect(deploy_token.active?).to be_falsy
       end
@@ -80,7 +80,7 @@ describe DeployToken do
     context "when it hasn't been revoked and has no expiry" do
       let(:deploy_token) { create(:deploy_token, expires_at: nil) }
 
-      it 'should return true' do
+      it 'returns true' do
         expect(deploy_token.active?).to be_truthy
       end
     end
@@ -126,7 +126,7 @@ describe DeployToken do
     context 'when using Forever.date' do
       let(:deploy_token) { create(:deploy_token, expires_at: nil) }
 
-      it 'should return nil' do
+      it 'returns nil' do
         expect(deploy_token.expires_at).to be_nil
       end
     end
@@ -135,7 +135,7 @@ describe DeployToken do
       let(:expires_at) { Date.today + 5.months }
       let(:deploy_token) { create(:deploy_token, expires_at: expires_at) }
 
-      it 'should return the personalized date' do
+      it 'returns the personalized date' do
         expect(deploy_token.expires_at).to eq(expires_at)
       end
     end
@@ -145,7 +145,7 @@ describe DeployToken do
     context 'when passing nil' do
       let(:deploy_token) { create(:deploy_token, expires_at: nil) }
 
-      it 'should assign Forever.date' do
+      it 'assigns Forever.date' do
         expect(deploy_token.read_attribute(:expires_at)).to eq(Forever.date)
       end
     end
@@ -154,7 +154,7 @@ describe DeployToken do
       let(:expires_at) { Date.today + 5.months }
       let(:deploy_token) { create(:deploy_token, expires_at: expires_at) }
 
-      it 'should respect the value' do
+      it 'respects the value' do
         expect(deploy_token.read_attribute(:expires_at)).to eq(expires_at)
       end
     end
@@ -166,14 +166,14 @@ describe DeployToken do
     subject { project.deploy_tokens.gitlab_deploy_token }
 
     context 'with a gitlab deploy token associated' do
-      it 'should return the gitlab deploy token' do
+      it 'returns the gitlab deploy token' do
         deploy_token = create(:deploy_token, :gitlab_deploy_token, projects: [project])
         is_expected.to eq(deploy_token)
       end
     end
 
     context 'with no gitlab deploy token associated' do
-      it 'should return nil' do
+      it 'returns nil' do
         is_expected.to be_nil
       end
     end
diff --git a/spec/models/environment_spec.rb b/spec/models/environment_spec.rb
index ca5eed60b56..cfe7c7ef0b0 100644
--- a/spec/models/environment_spec.rb
+++ b/spec/models/environment_spec.rb
@@ -687,7 +687,8 @@ describe Environment do
 
   describe '#additional_metrics' do
     let(:project) { create(:prometheus_project) }
-    subject { environment.additional_metrics }
+    let(:metric_params) { [] }
+    subject { environment.additional_metrics(*metric_params) }
 
     context 'when the environment has additional metrics' do
       before do
@@ -695,12 +696,26 @@ describe Environment do
       end
 
       it 'returns the additional metrics from the deployment service' do
-        expect(environment.prometheus_adapter).to receive(:query)
-                                                .with(:additional_metrics_environment, environment)
-                                                .and_return(:fake_metrics)
+        expect(environment.prometheus_adapter)
+          .to receive(:query)
+          .with(:additional_metrics_environment, environment)
+          .and_return(:fake_metrics)
 
         is_expected.to eq(:fake_metrics)
       end
+
+      context 'when time window arguments are provided' do
+        let(:metric_params) { [1552642245.067, Time.now] }
+
+        it 'queries with the expected parameters' do
+          expect(environment.prometheus_adapter)
+            .to receive(:query)
+            .with(:additional_metrics_environment, environment, *metric_params.map(&:to_f))
+            .and_return(:fake_metrics)
+
+          is_expected.to eq(:fake_metrics)
+        end
+      end
     end
 
     context 'when the environment does not have metrics' do
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 2c6abddca17..ad3e3061b9a 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -364,6 +364,32 @@ describe Group do
     it { expect(group.has_maintainer?(nil)).to be_falsey }
   end
 
+  describe '#last_owner?' do
+    before do
+      @members = setup_group_members(group)
+    end
+
+    it { expect(group.last_owner?(@members[:owner])).to be_truthy }
+
+    context 'with two owners' do
+      before do
+        create(:group_member, :owner, group: group)
+      end
+
+      it { expect(group.last_owner?(@members[:owner])).to be_falsy }
+    end
+
+    context 'with owners from a parent', :postgresql do
+      before do
+        parent_group = create(:group)
+        create(:group_member, :owner, group: parent_group)
+        group.update(parent: parent_group)
+      end
+
+      it { expect(group.last_owner?(@members[:owner])).to be_falsy }
+    end
+  end
+
   describe '#lfs_enabled?' do
     context 'LFS enabled globally' do
       before do
@@ -762,14 +788,14 @@ describe Group do
 
   describe '#has_parent?' do
     context 'when the group has a parent' do
-      it 'should be truthy' do
+      it 'is truthy' do
         group = create(:group, :nested)
         expect(group.has_parent?).to be_truthy
       end
     end
 
     context 'when the group has no parent' do
-      it 'should be falsy' do
+      it 'is falsy' do
         group = create(:group, parent: nil)
         expect(group.has_parent?).to be_falsy
       end
diff --git a/spec/models/namespace_spec.rb b/spec/models/namespace_spec.rb
index 62e7dd3231b..387d1221c76 100644
--- a/spec/models/namespace_spec.rb
+++ b/spec/models/namespace_spec.rb
@@ -740,14 +740,14 @@ describe Namespace do
 
   describe '#full_path_was' do
     context 'when the group has no parent' do
-      it 'should return the path was' do
+      it 'returns the path was' do
         group = create(:group, parent: nil)
         expect(group.full_path_was).to eq(group.path_was)
       end
     end
 
     context 'when a parent is assigned to a group with no previous parent' do
-      it 'should return the path was' do
+      it 'returns the path was' do
         group = create(:group, parent: nil)
 
         parent = create(:group)
@@ -758,7 +758,7 @@ describe Namespace do
     end
 
     context 'when a parent is removed from the group' do
-      it 'should return the parent full path' do
+      it 'returns the parent full path' do
         parent = create(:group)
         group = create(:group, parent: parent)
         group.parent = nil
@@ -768,7 +768,7 @@ describe Namespace do
     end
 
     context 'when changing parents' do
-      it 'should return the previous parent full path' do
+      it 'returns the previous parent full path' do
         parent = create(:group)
         group = create(:group, parent: parent)
         new_parent = create(:group)
diff --git a/spec/models/network/graph_spec.rb b/spec/models/network/graph_spec.rb
index d1a2bedf542..232172fde76 100644
--- a/spec/models/network/graph_spec.rb
+++ b/spec/models/network/graph_spec.rb
@@ -22,7 +22,7 @@ describe Network::Graph do
       expect(commits).to all( be_kind_of(Network::Commit) )
     end
 
-    it 'it the commits by commit date (descending)' do
+    it 'sorts commits by commit date (descending)' do
       # Remove duplicate timestamps because they make it harder to
       # assert that the commits are sorted as expected.
       commits = graph.commits.uniq(&:date)
diff --git a/spec/models/project_auto_devops_spec.rb b/spec/models/project_auto_devops_spec.rb
index 8ad28ce68cc..b81e5610e2c 100644
--- a/spec/models/project_auto_devops_spec.rb
+++ b/spec/models/project_auto_devops_spec.rb
@@ -117,7 +117,7 @@ describe ProjectAutoDevops do
     context 'when the project is public' do
       let(:project) { create(:project, :repository, :public) }
 
-      it 'should not create a gitlab deploy token' do
+      it 'does not create a gitlab deploy token' do
         expect do
           auto_devops.save
         end.not_to change { DeployToken.count }
@@ -127,7 +127,7 @@ describe ProjectAutoDevops do
     context 'when the project is internal' do
       let(:project) { create(:project, :repository, :internal) }
 
-      it 'should create a gitlab deploy token' do
+      it 'creates a gitlab deploy token' do
         expect do
           auto_devops.save
         end.to change { DeployToken.count }.by(1)
@@ -137,7 +137,7 @@ describe ProjectAutoDevops do
     context 'when the project is private' do
       let(:project) { create(:project, :repository, :private) }
 
-      it 'should create a gitlab deploy token' do
+      it 'creates a gitlab deploy token' do
         expect do
           auto_devops.save
         end.to change { DeployToken.count }.by(1)
@@ -148,7 +148,7 @@ describe ProjectAutoDevops do
       let(:project) { create(:project, :repository, :internal) }
       let(:auto_devops) { build(:project_auto_devops, project: project) }
 
-      it 'should create a deploy token' do
+      it 'creates a deploy token' do
         expect do
           auto_devops.save
         end.to change { DeployToken.count }.by(1)
@@ -159,7 +159,7 @@ describe ProjectAutoDevops do
       let(:project) { create(:project, :repository, :internal) }
       let(:auto_devops) { build(:project_auto_devops, enabled: nil, project: project) }
 
-      it 'should create a deploy token' do
+      it 'creates a deploy token' do
         allow(Gitlab::CurrentSettings).to receive(:auto_devops_enabled?).and_return(true)
 
         expect do
@@ -172,7 +172,7 @@ describe ProjectAutoDevops do
       let(:project) { create(:project, :repository, :internal) }
       let(:auto_devops) { build(:project_auto_devops, :disabled, project: project) }
 
-      it 'should not create a deploy token' do
+      it 'does not create a deploy token' do
         expect do
           auto_devops.save
         end.not_to change { DeployToken.count }
@@ -184,7 +184,7 @@ describe ProjectAutoDevops do
       let!(:deploy_token) { create(:deploy_token, :gitlab_deploy_token, projects: [project]) }
       let(:auto_devops) { build(:project_auto_devops, project: project) }
 
-      it 'should not create a deploy token' do
+      it 'does not create a deploy token' do
         expect do
           auto_devops.save
         end.not_to change { DeployToken.count }
@@ -196,7 +196,7 @@ describe ProjectAutoDevops do
       let!(:deploy_token) { create(:deploy_token, :gitlab_deploy_token, :expired, projects: [project]) }
       let(:auto_devops) { build(:project_auto_devops, project: project) }
 
-      it 'should not create a deploy token' do
+      it 'does not create a deploy token' do
         expect do
           auto_devops.save
         end.not_to change { DeployToken.count }
diff --git a/spec/models/project_services/kubernetes_service_spec.rb b/spec/models/project_services/kubernetes_service_spec.rb
index 7bf093b71e7..3a381cb405d 100644
--- a/spec/models/project_services/kubernetes_service_spec.rb
+++ b/spec/models/project_services/kubernetes_service_spec.rb
@@ -70,11 +70,11 @@ describe KubernetesService, :use_clean_rails_memory_store_caching do
         kubernetes_service.properties['namespace'] = "foo"
       end
 
-      it 'should not update attributes' do
+      it 'does not update attributes' do
         expect(kubernetes_service.save).to be_falsy
       end
 
-      it 'should include an error with a deprecation message' do
+      it 'includes an error with a deprecation message' do
         kubernetes_service.valid?
         expect(kubernetes_service.errors[:base].first).to match(/Kubernetes service integration has been deprecated/)
       end
@@ -83,7 +83,7 @@ describe KubernetesService, :use_clean_rails_memory_store_caching do
     context 'with a non-deprecated service' do
       let(:kubernetes_service) { create(:kubernetes_service) }
 
-      it 'should update attributes' do
+      it 'updates attributes' do
         kubernetes_service.properties['namespace'] = 'foo'
         expect(kubernetes_service.save).to be_truthy
       end
@@ -98,15 +98,15 @@ describe KubernetesService, :use_clean_rails_memory_store_caching do
         kubernetes_service.save
       end
 
-      it 'should deactive the service' do
+      it 'deactivates the service' do
         expect(kubernetes_service.active?).to be_falsy
       end
 
-      it 'should not include a deprecation message as error' do
+      it 'does not include a deprecation message as error' do
         expect(kubernetes_service.errors.messages.count).to eq(0)
       end
 
-      it 'should update attributes' do
+      it 'updates attributes' do
         expect(kubernetes_service.properties['namespace']).to eq("foo")
       end
     end
@@ -118,7 +118,7 @@ describe KubernetesService, :use_clean_rails_memory_store_caching do
         kubernetes_service.properties['namespace'] = 'foo'
       end
 
-      it 'should update attributes' do
+      it 'updates attributes' do
         expect(kubernetes_service.save).to be_truthy
         expect(kubernetes_service.properties['namespace']).to eq('foo')
       end
@@ -392,13 +392,13 @@ describe KubernetesService, :use_clean_rails_memory_store_caching do
     let(:kubernetes_service) { create(:kubernetes_service) }
 
     context 'with an active kubernetes service' do
-      it 'should return false' do
+      it 'returns false' do
         expect(kubernetes_service.deprecated?).to be_falsy
       end
     end
 
     context 'with a inactive kubernetes service' do
-      it 'should return true' do
+      it 'returns true' do
         kubernetes_service.update_attribute(:active, false)
         expect(kubernetes_service.deprecated?).to be_truthy
       end
@@ -408,18 +408,18 @@ describe KubernetesService, :use_clean_rails_memory_store_caching do
   describe "#deprecation_message" do
     let(:kubernetes_service) { create(:kubernetes_service) }
 
-    it 'should indicate the service is deprecated' do
+    it 'indicates the service is deprecated' do
       expect(kubernetes_service.deprecation_message).to match(/Kubernetes service integration has been deprecated/)
     end
 
     context 'if the services is active' do
-      it 'should return a message' do
+      it 'returns a message' do
         expect(kubernetes_service.deprecation_message).to match(/Your Kubernetes cluster information on this page is still editable/)
       end
     end
 
     context 'if the service is not active' do
-      it 'should return a message' do
+      it 'returns a message' do
         kubernetes_service.update_attribute(:active, false)
         expect(kubernetes_service.deprecation_message).to match(/Fields on this page are now uneditable/)
       end
diff --git a/spec/models/project_services/pivotaltracker_service_spec.rb b/spec/models/project_services/pivotaltracker_service_spec.rb
index de2c8790405..773b8b7890f 100644
--- a/spec/models/project_services/pivotaltracker_service_spec.rb
+++ b/spec/models/project_services/pivotaltracker_service_spec.rb
@@ -56,7 +56,7 @@ describe PivotaltrackerService do
       WebMock.stub_request(:post, url)
     end
 
-    it 'should post correct message' do
+    it 'posts correct message' do
       service.execute(push_data)
       expect(WebMock).to have_requested(:post, url).with(
         body: {
@@ -81,14 +81,14 @@ describe PivotaltrackerService do
         end
       end
 
-      it 'should post message if branch is in the list' do
+      it 'posts message if branch is in the list' do
         service.execute(push_data(branch: 'master'))
         service.execute(push_data(branch: 'v10'))
 
         expect(WebMock).to have_requested(:post, url).twice
       end
 
-      it 'should not post message if branch is not in the list' do
+      it 'does not post message if branch is not in the list' do
         service.execute(push_data(branch: 'mas'))
         service.execute(push_data(branch: 'v11'))
 
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 33e514cd7b9..5eb31430ccd 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -415,7 +415,7 @@ describe Project do
         project.project_feature.update_attribute(:builds_access_level, ProjectFeature::DISABLED)
       end
 
-      it 'should return .external pipelines' do
+      it 'returns .external pipelines' do
         expect(project.all_pipelines).to all(have_attributes(source: 'external'))
         expect(project.all_pipelines.size).to eq(1)
       end
@@ -439,7 +439,7 @@ describe Project do
         project.project_feature.update_attribute(:builds_access_level, ProjectFeature::DISABLED)
       end
 
-      it 'should return .external pipelines' do
+      it 'returns .external pipelines' do
         expect(project.ci_pipelines).to all(have_attributes(source: 'external'))
         expect(project.ci_pipelines.size).to eq(1)
       end
@@ -1910,7 +1910,7 @@ describe Project do
                                        tags: %w[latest rc1])
         end
 
-        it 'should have image tags' do
+        it 'has image tags' do
           expect(project).to have_container_registry_tags
         end
       end
@@ -1921,7 +1921,7 @@ describe Project do
                                        tags: %w[latest rc1 pre1])
         end
 
-        it 'should have image tags' do
+        it 'has image tags' do
           expect(project).to have_container_registry_tags
         end
       end
@@ -1931,7 +1931,7 @@ describe Project do
           stub_container_registry_tags(repository: :any, tags: [])
         end
 
-        it 'should not have image tags' do
+        it 'does not have image tags' do
           expect(project).not_to have_container_registry_tags
         end
       end
@@ -1942,16 +1942,16 @@ describe Project do
         stub_container_registry_config(enabled: false)
       end
 
-      it 'should not have image tags' do
+      it 'does not have image tags' do
         expect(project).not_to have_container_registry_tags
       end
 
-      it 'should not check root repository tags' do
+      it 'does not check root repository tags' do
         expect(project).not_to receive(:full_path)
         expect(project).not_to have_container_registry_tags
       end
 
-      it 'should iterate through container repositories' do
+      it 'iterates through container repositories' do
         expect(project).to receive(:container_repositories)
         expect(project).not_to have_container_registry_tags
       end
@@ -2638,7 +2638,7 @@ describe Project do
         let!(:cluster) { kubernetes_namespace.cluster }
         let(:project) { kubernetes_namespace.project }
 
-        it 'should return token from kubernetes namespace' do
+        it 'returns token from kubernetes namespace' do
           expect(project.deployment_variables).to include(
             { key: 'KUBE_TOKEN', value: kubernetes_namespace.service_account_token, public: false, masked: true }
           )
diff --git a/spec/models/remote_mirror_spec.rb b/spec/models/remote_mirror_spec.rb
index 0478094034a..f743dfed31f 100644
--- a/spec/models/remote_mirror_spec.rb
+++ b/spec/models/remote_mirror_spec.rb
@@ -7,14 +7,14 @@ describe RemoteMirror, :mailer do
 
   describe 'URL validation' do
     context 'with a valid URL' do
-      it 'should be valid' do
+      it 'is valid' do
         remote_mirror = build(:remote_mirror)
         expect(remote_mirror).to be_valid
       end
     end
 
     context 'with an invalid URL' do
-      it 'should not be valid' do
+      it 'is not valid' do
         remote_mirror = build(:remote_mirror, url: 'ftp://invalid.invalid')
 
         expect(remote_mirror).not_to be_valid
diff --git a/spec/models/repository_spec.rb b/spec/models/repository_spec.rb
index 2578208659a..3f5d285bc2c 100644
--- a/spec/models/repository_spec.rb
+++ b/spec/models/repository_spec.rb
@@ -50,7 +50,7 @@ describe Repository do
     it { is_expected.not_to include('fix') }
 
     describe 'when storage is broken', :broken_storage do
-      it 'should raise a storage error' do
+      it 'raises a storage error' do
         expect_to_raise_storage_error do
           broken_repository.branch_names_contains(sample_commit.id)
         end
@@ -225,7 +225,7 @@ describe Repository do
     it { is_expected.to eq('c1acaa58bbcbc3eafe538cb8274ba387047b69f8') }
 
     describe 'when storage is broken', :broken_storage do
-      it 'should raise a storage error' do
+      it 'raises a storage error' do
         expect_to_raise_storage_error do
           broken_repository.last_commit_id_for_path(sample_commit.id, '.gitignore')
         end
@@ -249,7 +249,7 @@ describe Repository do
     end
 
     describe 'when storage is broken', :broken_storage do
-      it 'should raise a storage error' do
+      it 'raises a storage error' do
         expect_to_raise_storage_error do
           broken_repository.last_commit_for_path(sample_commit.id, '.gitignore').id
         end
@@ -390,7 +390,7 @@ describe Repository do
     end
 
     describe 'when storage is broken', :broken_storage do
-      it 'should raise a storage error' do
+      it 'raises a storage error' do
         expect_to_raise_storage_error { broken_repository.find_commits_by_message('s') }
       end
     end
@@ -726,7 +726,7 @@ describe Repository do
     end
 
     describe 'when storage is broken', :broken_storage do
-      it 'should raise a storage error' do
+      it 'raises a storage error' do
         expect_to_raise_storage_error do
           broken_repository.search_files_by_content('feature', 'master')
         end
@@ -775,7 +775,7 @@ describe Repository do
     end
 
     describe 'when storage is broken', :broken_storage do
-      it 'should raise a storage error' do
+      it 'raises a storage error' do
         expect_to_raise_storage_error { broken_repository.search_files_by_name('files', 'master') }
       end
     end
@@ -817,7 +817,7 @@ describe Repository do
     let(:broken_repository) { create(:project, :broken_storage).repository }
 
     describe 'when storage is broken', :broken_storage do
-      it 'should raise a storage error' do
+      it 'raises a storage error' do
         expect_to_raise_storage_error do
           broken_repository.fetch_ref(broken_repository, source_ref: '1', target_ref: '2')
         end
@@ -1018,7 +1018,7 @@ describe Repository do
         repository.add_branch(project.creator, ref, 'master')
       end
 
-      it 'should be true' do
+      it 'is true' do
         is_expected.to eq(true)
       end
     end
@@ -1028,7 +1028,7 @@ describe Repository do
         repository.add_tag(project.creator, ref, 'master')
       end
 
-      it 'should be false' do
+      it 'is false' do
         is_expected.to eq(false)
       end
     end
@@ -1152,7 +1152,7 @@ describe Repository do
     end
 
     context 'with broken storage', :broken_storage do
-      it 'should raise a storage error' do
+      it 'raises a storage error' do
         expect_to_raise_storage_error { broken_repository.exists? }
       end
     end
@@ -2249,11 +2249,11 @@ describe Repository do
     let(:commit) { repository.commit }
     let(:ancestor) { commit.parents.first }
 
-    it 'it is an ancestor' do
+    it 'is an ancestor' do
       expect(repository.ancestor?(ancestor.id, commit.id)).to eq(true)
     end
 
-    it 'it is not an ancestor' do
+    it 'is not an ancestor' do
       expect(repository.ancestor?(commit.id, ancestor.id)).to eq(false)
     end
 
diff --git a/spec/models/service_spec.rb b/spec/models/service_spec.rb
index 2f025038bab..64db32781fe 100644
--- a/spec/models/service_spec.rb
+++ b/spec/models/service_spec.rb
@@ -291,7 +291,7 @@ describe Service do
   describe "#deprecated?" do
     let(:project) { create(:project, :repository) }
 
-    it 'should return false by default' do
+    it 'returns false by default' do
       service = create(:service, project: project)
       expect(service.deprecated?).to be_falsy
     end
@@ -300,7 +300,7 @@ describe Service do
   describe "#deprecation_message" do
     let(:project) { create(:project, :repository) }
 
-    it 'should be empty by default' do
+    it 'is empty by default' do
       service = create(:service, project: project)
       expect(service.deprecation_message).to be_nil
     end
diff --git a/spec/models/suggestion_spec.rb b/spec/models/suggestion_spec.rb
index cafc725dddb..8d4e9070b19 100644
--- a/spec/models/suggestion_spec.rb
+++ b/spec/models/suggestion_spec.rb
@@ -21,6 +21,22 @@ describe Suggestion do
     end
   end
 
+  describe '#diff_lines' do
+    let(:suggestion) { create(:suggestion, :content_from_repo) }
+
+    it 'returns parsed diff lines' do
+      expected_diff_lines = Gitlab::Diff::SuggestionDiff.new(suggestion).diff_lines
+      diff_lines = suggestion.diff_lines
+
+      expect(diff_lines.size).to eq(expected_diff_lines.size)
+      expect(diff_lines).to all(be_a(Gitlab::Diff::Line))
+
+      expected_diff_lines.each_with_index do |expected_line, index|
+        expect(diff_lines[index].to_hash).to eq(expected_line.to_hash)
+      end
+    end
+  end
+
   describe '#appliable?' do
     context 'when note does not support suggestions' do
       it 'returns false' do
diff --git a/spec/models/wiki_page_spec.rb b/spec/models/wiki_page_spec.rb
index e68da67818a..cacdb0e0595 100644
--- a/spec/models/wiki_page_spec.rb
+++ b/spec/models/wiki_page_spec.rb
@@ -20,12 +20,16 @@ describe WikiPage do
     context 'when there are pages' do
       before do
         create_page('dir_1/dir_1_1/page_3', 'content')
+        create_page('page_1', 'content')
         create_page('dir_1/page_2', 'content')
         create_page('dir_2/page_5', 'content')
+        create_page('page_6', 'content')
         create_page('dir_2/page_4', 'content')
-        create_page('page_1', 'content')
       end
+
       let(:page_1) { wiki.find_page('page_1') }
+      let(:page_6) { wiki.find_page('page_6') }
+
       let(:dir_1) do
         WikiDirectory.new('dir_1', [wiki.find_page('dir_1/page_2')])
       end
@@ -38,25 +42,38 @@ describe WikiPage do
         WikiDirectory.new('dir_2', pages)
       end
 
-      it 'returns an array with pages and directories' do
-        expected_grouped_entries = [page_1, dir_1, dir_1_1, dir_2]
+      context 'sort by title' do
+        let(:grouped_entries) { described_class.group_by_directory(wiki.pages) }
+        let(:expected_grouped_entries) { [dir_1_1, dir_1, dir_2, page_1, page_6] }
 
-        grouped_entries = described_class.group_by_directory(wiki.pages)
+        it 'returns an array with pages and directories' do
+          grouped_entries.each_with_index do |page_or_dir, i|
+            expected_page_or_dir = expected_grouped_entries[i]
+            expected_slugs = get_slugs(expected_page_or_dir)
+            slugs = get_slugs(page_or_dir)
 
-        grouped_entries.each_with_index do |page_or_dir, i|
-          expected_page_or_dir = expected_grouped_entries[i]
-          expected_slugs = get_slugs(expected_page_or_dir)
-          slugs = get_slugs(page_or_dir)
+            expect(slugs).to match_array(expected_slugs)
+          end
+        end
+      end
+
+      context 'sort by created_at' do
+        let(:grouped_entries) { described_class.group_by_directory(wiki.pages(sort: 'created_at')) }
+        let(:expected_grouped_entries) { [dir_1_1, page_1, dir_1, dir_2, page_6] }
 
-          expect(slugs).to match_array(expected_slugs)
+        it 'returns an array with pages and directories' do
+          grouped_entries.each_with_index do |page_or_dir, i|
+            expected_page_or_dir = expected_grouped_entries[i]
+            expected_slugs = get_slugs(expected_page_or_dir)
+            slugs = get_slugs(page_or_dir)
+
+            expect(slugs).to match_array(expected_slugs)
+          end
         end
       end
 
-      it 'returns an array sorted by alphabetical position' do
-        # Directories and pages within directories are sorted alphabetically.
-        # Pages at root come before everything.
-        expected_order = ['page_1', 'dir_1/page_2', 'dir_1/dir_1_1/page_3',
-                          'dir_2/page_4', 'dir_2/page_5']
+      it 'returns an array with retained order with directories at the top' do
+        expected_order = ['dir_1/dir_1_1/page_3', 'dir_1/page_2', 'dir_2/page_4', 'dir_2/page_5', 'page_1', 'page_6']
 
         grouped_entries = described_class.group_by_directory(wiki.pages)
 
diff --git a/spec/policies/group_member_policy_spec.rb b/spec/policies/group_member_policy_spec.rb
new file mode 100644
index 00000000000..7bd7184cffe
--- /dev/null
+++ b/spec/policies/group_member_policy_spec.rb
@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe GroupMemberPolicy do
+  let(:guest) { create(:user) }
+  let(:owner) { create(:user) }
+  let(:group) { create(:group, :private) }
+
+  before do
+    group.add_guest(guest)
+    group.add_owner(owner)
+  end
+
+  let(:member_related_permissions) do
+    [:update_group_member, :destroy_group_member]
+  end
+
+  let(:membership) { current_user.members.first }
+
+  subject { described_class.new(current_user, membership) }
+
+  def expect_allowed(*permissions)
+    permissions.each { |p| is_expected.to be_allowed(p) }
+  end
+
+  def expect_disallowed(*permissions)
+    permissions.each { |p| is_expected.not_to be_allowed(p) }
+  end
+
+  context 'with guest user' do
+    let(:current_user) { guest }
+
+    it do
+      expect_disallowed(:member_related_permissions)
+    end
+  end
+
+  context 'with one owner' do
+    let(:current_user) { owner }
+
+    it do
+      expect_disallowed(:destroy_group_member)
+      expect_disallowed(:update_group_member)
+    end
+  end
+
+  context 'with more than one owner' do
+    let(:current_user) { owner }
+
+    before do
+      group.add_owner(create(:user))
+    end
+
+    it do
+      expect_allowed(:destroy_group_member)
+      expect_allowed(:update_group_member)
+    end
+  end
+
+  context 'with the group parent', :postgresql do
+    let(:current_user) { create :user }
+    let(:subgroup) { create(:group, :private, parent: group)}
+
+    before do
+      group.add_owner(owner)
+      subgroup.add_owner(current_user)
+    end
+
+    it do
+      expect_allowed(:destroy_group_member)
+      expect_allowed(:update_group_member)
+    end
+  end
+
+  context 'without group parent' do
+    let(:current_user) { create :user }
+    let(:subgroup) { create(:group, :private)}
+
+    before do
+      subgroup.add_owner(current_user)
+    end
+
+    it do
+      expect_disallowed(:destroy_group_member)
+      expect_disallowed(:update_group_member)
+    end
+  end
+
+  context 'without group parent with two owners' do
+    let(:current_user) { create :user }
+    let(:other_user) { create :user }
+    let(:subgroup) { create(:group, :private)}
+
+    before do
+      subgroup.add_owner(current_user)
+      subgroup.add_owner(other_user)
+    end
+
+    it do
+      expect_allowed(:destroy_group_member)
+      expect_allowed(:update_group_member)
+    end
+  end
+end
diff --git a/spec/presenters/ci/bridge_presenter_spec.rb b/spec/presenters/ci/bridge_presenter_spec.rb
new file mode 100644
index 00000000000..986818a7b9e
--- /dev/null
+++ b/spec/presenters/ci/bridge_presenter_spec.rb
@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+describe Ci::BridgePresenter do
+  set(:project) { create(:project) }
+  set(:pipeline) { create(:ci_pipeline, project: project) }
+  set(:bridge) { create(:ci_bridge, pipeline: pipeline, status: :failed) }
+
+  subject(:presenter) do
+    described_class.new(bridge)
+  end
+
+  it 'presents information about recoverable state' do
+    expect(presenter).to be_recoverable
+  end
+end
diff --git a/spec/presenters/ci/build_presenter_spec.rb b/spec/presenters/ci/build_presenter_spec.rb
index 676835b3880..e202f7a9b5f 100644
--- a/spec/presenters/ci/build_presenter_spec.rb
+++ b/spec/presenters/ci/build_presenter_spec.rb
@@ -180,7 +180,7 @@ describe Ci::BuildPresenter do
     context 'When build has failed and retried' do
       let(:build) { create(:ci_build, :script_failure, :retried, pipeline: pipeline) }
 
-      it 'should include the reason of failure and the retried title' do
+      it 'includes the reason of failure and the retried title' do
         tooltip = subject.tooltip_message
 
         expect(tooltip).to eq("#{build.name} - failed - (script failure) (retried)")
@@ -190,7 +190,7 @@ describe Ci::BuildPresenter do
     context 'When build has failed and is allowed to' do
       let(:build) { create(:ci_build, :script_failure, :allowed_to_fail, pipeline: pipeline) }
 
-      it 'should include the reason of failure' do
+      it 'includes the reason of failure' do
         tooltip = subject.tooltip_message
 
         expect(tooltip).to eq("#{build.name} - failed - (script failure) (allowed to fail)")
@@ -200,7 +200,7 @@ describe Ci::BuildPresenter do
     context 'For any other build (no retried)' do
       let(:build) { create(:ci_build, :success, pipeline: pipeline) }
 
-      it 'should include build name and status' do
+      it 'includes build name and status' do
         tooltip = subject.tooltip_message
 
         expect(tooltip).to eq("#{build.name} - passed")
@@ -210,7 +210,7 @@ describe Ci::BuildPresenter do
     context 'For any other build (retried)' do
       let(:build) { create(:ci_build, :success, :retried, pipeline: pipeline) }
 
-      it 'should include build name and status' do
+      it 'includes build name and status' do
         tooltip = subject.tooltip_message
 
         expect(tooltip).to eq("#{build.name} - passed (retried)")
@@ -269,7 +269,7 @@ describe Ci::BuildPresenter do
     context 'when is a script or missing dependency failure' do
       let(:failure_reasons) { %w(script_failure missing_dependency_failure archived_failure) }
 
-      it 'should return false' do
+      it 'returns false' do
         failure_reasons.each do |failure_reason|
           build.update_attribute(:failure_reason, failure_reason)
           expect(presenter.recoverable?).to be_falsy
@@ -280,7 +280,7 @@ describe Ci::BuildPresenter do
     context 'when is any other failure type' do
       let(:failure_reasons) { %w(unknown_failure api_failure stuck_or_timeout_failure runner_system_failure) }
 
-      it 'should return true' do
+      it 'returns true' do
         failure_reasons.each do |failure_reason|
           build.update_attribute(:failure_reason, failure_reason)
           expect(presenter.recoverable?).to be_truthy
diff --git a/spec/requests/api/graphql/gitlab_schema_spec.rb b/spec/requests/api/graphql/gitlab_schema_spec.rb
new file mode 100644
index 00000000000..708a000532b
--- /dev/null
+++ b/spec/requests/api/graphql/gitlab_schema_spec.rb
@@ -0,0 +1,16 @@
+require 'spec_helper'
+
+describe 'GitlabSchema configurations' do
+  include GraphqlHelpers
+
+  let(:project) { create(:project, :repository) }
+  let!(:query)  { graphql_query_for('project', 'fullPath' => project.full_path) }
+
+  it 'shows an error if complexity it too high' do
+    allow(GitlabSchema).to receive(:max_query_complexity).and_return 1
+
+    post_graphql(query, current_user: nil)
+
+    expect(graphql_errors.first['message']).to include('which exceeds max complexity of 1')
+  end
+end
diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb
index 537194b8e11..6640ce2b07e 100644
--- a/spec/requests/api/internal_spec.rb
+++ b/spec/requests/api/internal_spec.rb
@@ -498,6 +498,40 @@ describe API::Internal do
       end
     end
 
+    context "console message" do
+      before do
+        project.add_developer(user)
+      end
+
+      context "git pull" do
+        context "with no console message" do
+          it "has the correct payload" do
+            pull(key, project)
+
+            expect(response).to have_gitlab_http_status(200)
+            expect(json_response['gl_console_messages']).to eq([])
+          end
+        end
+
+        context "with a console message" do
+          let(:console_messages) { ['message for the console'] }
+
+          it "has the correct payload" do
+            expect_next_instance_of(Gitlab::GitAccess) do |access|
+              expect(access).to receive(:check_for_console_messages)
+                                  .with('git-upload-pack')
+                                  .and_return(console_messages)
+            end
+
+            pull(key, project)
+
+            expect(response).to have_gitlab_http_status(200)
+            expect(json_response['gl_console_messages']).to eq(console_messages)
+          end
+        end
+      end
+    end
+
     context "blocked user" do
       let(:personal_project) { create(:project, namespace: user.namespace) }
 
diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb
index 4259fda7f04..7ffa365c651 100644
--- a/spec/requests/api/merge_requests_spec.rb
+++ b/spec/requests/api/merge_requests_spec.rb
@@ -729,6 +729,14 @@ describe API::MergeRequests do
   end
 
   describe "GET /projects/:id/merge_requests/:merge_request_iid" do
+    it 'matches json schema' do
+      merge_request = create(:merge_request, :with_test_reports, milestone: milestone1, author: user, assignee: user, source_project: project, target_project: project, title: "Test", created_at: base_time)
+      get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user)
+
+      expect(response).to have_gitlab_http_status(200)
+      expect(response).to match_response_schema('public_api/v4/merge_request')
+    end
+
     it 'exposes known attributes' do
       create(:award_emoji, :downvote, awardable: merge_request)
       create(:award_emoji, :upvote, awardable: merge_request)
@@ -1353,7 +1361,12 @@ describe API::MergeRequests do
     end
 
     it 'returns 405 if the build failed for a merge request that requires success' do
-      allow_any_instance_of(MergeRequest).to receive(:mergeable_ci_state?).and_return(false)
+      project.update!(only_allow_merge_if_pipeline_succeeds: true)
+
+      create(:ci_pipeline,
+             :failed,
+             sha: merge_request.diff_head_sha,
+             merge_requests_as_head_pipeline: [merge_request])
 
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user)
 
diff --git a/spec/requests/api/pipelines_spec.rb b/spec/requests/api/pipelines_spec.rb
index 52599db9a9e..9fed07cae82 100644
--- a/spec/requests/api/pipelines_spec.rb
+++ b/spec/requests/api/pipelines_spec.rb
@@ -399,6 +399,13 @@ describe API::Pipelines do
 
   describe 'GET /projects/:id/pipelines/:pipeline_id' do
     context 'authorized user' do
+      it 'exposes known attributes' do
+        get api("/projects/#{project.id}/pipelines/#{pipeline.id}", user)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(response).to match_response_schema('public_api/v4/pipeline/detail')
+      end
+
       it 'returns project pipelines' do
         get api("/projects/#{project.id}/pipelines/#{pipeline.id}", user)
 
@@ -428,7 +435,7 @@ describe API::Pipelines do
     end
 
     context 'unauthorized user' do
-      it 'should not return a project pipeline' do
+      it 'does not return a project pipeline' do
         get api("/projects/#{project.id}/pipelines/#{pipeline.id}", non_member)
 
         expect(response).to have_gitlab_http_status(404)
@@ -474,7 +481,7 @@ describe API::Pipelines do
 
     context 'unauthorized user' do
       context 'when user is not member' do
-        it 'should return a 404' do
+        it 'returns a 404' do
           delete api("/projects/#{project.id}/pipelines/#{pipeline.id}", non_member)
 
           expect(response).to have_gitlab_http_status(404)
@@ -489,7 +496,7 @@ describe API::Pipelines do
           project.add_developer(developer)
         end
 
-        it 'should return a 403' do
+        it 'returns a 403' do
           delete api("/projects/#{project.id}/pipelines/#{pipeline.id}", developer)
 
           expect(response).to have_gitlab_http_status(403)
@@ -519,7 +526,7 @@ describe API::Pipelines do
     end
 
     context 'unauthorized user' do
-      it 'should not return a project pipeline' do
+      it 'does not return a project pipeline' do
         post api("/projects/#{project.id}/pipelines/#{pipeline.id}/retry", non_member)
 
         expect(response).to have_gitlab_http_status(404)
diff --git a/spec/requests/api/project_clusters_spec.rb b/spec/requests/api/project_clusters_spec.rb
index 81442125a1c..94e6ca2c07c 100644
--- a/spec/requests/api/project_clusters_spec.rb
+++ b/spec/requests/api/project_clusters_spec.rb
@@ -22,7 +22,7 @@ describe API::ProjectClusters do
     end
 
     context 'non-authorized user' do
-      it 'should respond with 404' do
+      it 'responds with 404' do
         get api("/projects/#{project.id}/clusters", non_member)
 
         expect(response).to have_gitlab_http_status(404)
@@ -34,15 +34,15 @@ describe API::ProjectClusters do
         get api("/projects/#{project.id}/clusters", current_user)
       end
 
-      it 'should respond with 200' do
+      it 'responds with 200' do
         expect(response).to have_gitlab_http_status(200)
       end
 
-      it 'should include pagination headers' do
+      it 'includes pagination headers' do
         expect(response).to include_pagination_headers
       end
 
-      it 'should only include authorized clusters' do
+      it 'onlies include authorized clusters' do
         cluster_ids = json_response.map { |cluster| cluster['id'] }
 
         expect(cluster_ids).to match_array(clusters.pluck(:id))
@@ -67,7 +67,7 @@ describe API::ProjectClusters do
     end
 
     context 'non-authorized user' do
-      it 'should respond with 404' do
+      it 'responds with 404' do
         get api("/projects/#{project.id}/clusters/#{cluster_id}", non_member)
 
         expect(response).to have_gitlab_http_status(404)
@@ -132,7 +132,7 @@ describe API::ProjectClusters do
                  projects: [project])
         end
 
-        it 'should not include GCP provider info' do
+        it 'does not include GCP provider info' do
           expect(json_response['provider_gcp']).not_to be_present
         end
       end
@@ -194,7 +194,7 @@ describe API::ProjectClusters do
     end
 
     context 'non-authorized user' do
-      it 'should respond with 404' do
+      it 'responds with 404' do
         post api("/projects/#{project.id}/clusters/user", non_member), params: cluster_params
 
         expect(response).to have_gitlab_http_status(404)
@@ -207,11 +207,11 @@ describe API::ProjectClusters do
       end
 
       context 'with valid params' do
-        it 'should respond with 201' do
+        it 'responds with 201' do
           expect(response).to have_gitlab_http_status(201)
         end
 
-        it 'should create a new Cluster::Cluster' do
+        it 'creates a new Cluster::Cluster' do
           cluster_result = Clusters::Cluster.find(json_response["id"])
           platform_kubernetes = cluster_result.platform
 
@@ -246,7 +246,7 @@ describe API::ProjectClusters do
       context 'when user sets authorization type as ABAC' do
         let(:authorization_type) { 'abac' }
 
-        it 'should create an ABAC cluster' do
+        it 'creates an ABAC cluster' do
           cluster_result = Clusters::Cluster.find(json_response['id'])
 
           expect(cluster_result.platform.abac?).to be_truthy
@@ -256,15 +256,15 @@ describe API::ProjectClusters do
       context 'with invalid params' do
         let(:namespace) { 'invalid_namespace' }
 
-        it 'should respond with 400' do
+        it 'responds with 400' do
           expect(response).to have_gitlab_http_status(400)
         end
 
-        it 'should not create a new Clusters::Cluster' do
+        it 'does not create a new Clusters::Cluster' do
           expect(project.reload.clusters).to be_empty
         end
 
-        it 'should return validation errors' do
+        it 'returns validation errors' do
           expect(json_response['message']['platform_kubernetes.namespace'].first).to be_present
         end
       end
@@ -278,11 +278,11 @@ describe API::ProjectClusters do
         post api("/projects/#{project.id}/clusters/user", current_user), params: cluster_params
       end
 
-      it 'should respond with 403' do
+      it 'responds with 403' do
         expect(response).to have_gitlab_http_status(403)
       end
 
-      it 'should return an appropriate message' do
+      it 'returns an appropriate message' do
         expect(json_response['message']).to include('Instance does not support multiple Kubernetes clusters')
       end
     end
@@ -314,7 +314,7 @@ describe API::ProjectClusters do
     end
 
     context 'non-authorized user' do
-      it 'should respond with 404' do
+      it 'responds with 404' do
         put api("/projects/#{project.id}/clusters/#{cluster.id}", non_member), params: update_params
 
         expect(response).to have_gitlab_http_status(404)
@@ -329,11 +329,11 @@ describe API::ProjectClusters do
       end
 
       context 'with valid params' do
-        it 'should respond with 200' do
+        it 'responds with 200' do
           expect(response).to have_gitlab_http_status(200)
         end
 
-        it 'should update cluster attributes' do
+        it 'updates cluster attributes' do
           expect(cluster.domain).to eq('new-domain.com')
           expect(cluster.platform_kubernetes.namespace).to eq('new-namespace')
         end
@@ -342,17 +342,17 @@ describe API::ProjectClusters do
       context 'with invalid params' do
         let(:namespace) { 'invalid_namespace' }
 
-        it 'should respond with 400' do
+        it 'responds with 400' do
           expect(response).to have_gitlab_http_status(400)
         end
 
-        it 'should not update cluster attributes' do
+        it 'does not update cluster attributes' do
           expect(cluster.domain).not_to eq('new_domain.com')
           expect(cluster.platform_kubernetes.namespace).not_to eq('invalid_namespace')
           expect(cluster.kubernetes_namespace.namespace).not_to eq('invalid_namespace')
         end
 
-        it 'should return validation errors' do
+        it 'returns validation errors' do
           expect(json_response['message']['platform_kubernetes.namespace'].first).to match('can contain only lowercase letters')
         end
       end
@@ -366,11 +366,11 @@ describe API::ProjectClusters do
             }
           end
 
-          it 'should respond with 400' do
+          it 'responds with 400' do
             expect(response).to have_gitlab_http_status(400)
           end
 
-          it 'should return validation error' do
+          it 'returns validation error' do
             expect(json_response['message']['platform_kubernetes.base'].first).to eq('Cannot modify managed Kubernetes cluster')
           end
         end
@@ -378,7 +378,7 @@ describe API::ProjectClusters do
         context 'when user tries to change namespace' do
           let(:namespace) { 'new-namespace' }
 
-          it 'should respond with 200' do
+          it 'responds with 200' do
             expect(response).to have_gitlab_http_status(200)
           end
         end
@@ -407,11 +407,11 @@ describe API::ProjectClusters do
           }
         end
 
-        it 'should respond with 200' do
+        it 'responds with 200' do
           expect(response).to have_gitlab_http_status(200)
         end
 
-        it 'should update platform kubernetes attributes' do
+        it 'updates platform kubernetes attributes' do
           platform_kubernetes = cluster.platform_kubernetes
 
           expect(cluster.name).to eq('new-name')
@@ -424,7 +424,7 @@ describe API::ProjectClusters do
       context 'with a cluster that does not belong to user' do
         let(:cluster) { create(:cluster, :project, :provided_by_user) }
 
-        it 'should respond with 404' do
+        it 'responds with 404' do
           expect(response).to have_gitlab_http_status(404)
         end
       end
@@ -440,7 +440,7 @@ describe API::ProjectClusters do
     end
 
     context 'non-authorized user' do
-      it 'should respond with 404' do
+      it 'responds with 404' do
         delete api("/projects/#{project.id}/clusters/#{cluster.id}", non_member), params: cluster_params
 
         expect(response).to have_gitlab_http_status(404)
@@ -452,18 +452,18 @@ describe API::ProjectClusters do
         delete api("/projects/#{project.id}/clusters/#{cluster.id}", current_user), params: cluster_params
       end
 
-      it 'should respond with 204' do
+      it 'responds with 204' do
         expect(response).to have_gitlab_http_status(204)
       end
 
-      it 'should delete the cluster' do
+      it 'deletes the cluster' do
         expect(Clusters::Cluster.exists?(id: cluster.id)).to be_falsy
       end
 
       context 'with a cluster that does not belong to user' do
         let(:cluster) { create(:cluster, :project, :provided_by_user) }
 
-        it 'should respond with 404' do
+        it 'responds with 404' do
           expect(response).to have_gitlab_http_status(404)
         end
       end
diff --git a/spec/serializers/analytics_stage_serializer_spec.rb b/spec/serializers/analytics_stage_serializer_spec.rb
index be6aa7c65c3..dbfb3eace83 100644
--- a/spec/serializers/analytics_stage_serializer_spec.rb
+++ b/spec/serializers/analytics_stage_serializer_spec.rb
@@ -14,7 +14,7 @@ describe AnalyticsStageSerializer do
     allow_any_instance_of(Gitlab::CycleAnalytics::BaseEventFetcher).to receive(:event_result).and_return({})
   end
 
-  it 'it generates payload for single object' do
+  it 'generates payload for single object' do
     expect(subject).to be_kind_of Hash
   end
 
diff --git a/spec/serializers/analytics_summary_serializer_spec.rb b/spec/serializers/analytics_summary_serializer_spec.rb
index 236c244b402..8fa0574bfd6 100644
--- a/spec/serializers/analytics_summary_serializer_spec.rb
+++ b/spec/serializers/analytics_summary_serializer_spec.rb
@@ -18,7 +18,7 @@ describe AnalyticsSummarySerializer do
       .to receive(:value).and_return(1.12)
   end
 
-  it 'it generates payload for single object' do
+  it 'generates payload for single object' do
     expect(subject).to be_kind_of Hash
   end
 
diff --git a/spec/serializers/build_details_entity_spec.rb b/spec/serializers/build_details_entity_spec.rb
index f6bd6e9ede4..1edf69dc290 100644
--- a/spec/serializers/build_details_entity_spec.rb
+++ b/spec/serializers/build_details_entity_spec.rb
@@ -112,5 +112,15 @@ describe BuildDetailsEntity do
         expect(subject['merge_request_path']).to be_nil
       end
     end
+
+    context 'when the build has failed' do
+      let(:build) { create(:ci_build, :created) }
+
+      before do
+        build.drop!(:unmet_prerequisites)
+      end
+
+      it { is_expected.to include(failure_reason: 'unmet_prerequisites') }
+    end
   end
 end
diff --git a/spec/serializers/environment_entity_spec.rb b/spec/serializers/environment_entity_spec.rb
index 791b64dc356..c2312734042 100644
--- a/spec/serializers/environment_entity_spec.rb
+++ b/spec/serializers/environment_entity_spec.rb
@@ -54,7 +54,7 @@ describe EnvironmentEntity do
                projects: [project])
       end
 
-      it 'should include cluster_type' do
+      it 'includes cluster_type' do
         expect(subject).to include(:cluster_type)
         expect(subject[:cluster_type]).to eq('project_type')
       end
@@ -65,7 +65,7 @@ describe EnvironmentEntity do
         create(:kubernetes_service, project: project)
       end
 
-      it 'should not include cluster_type' do
+      it 'does not include cluster_type' do
         expect(subject).not_to include(:cluster_type)
       end
     end
diff --git a/spec/serializers/job_entity_spec.rb b/spec/serializers/job_entity_spec.rb
index 851b41a7f7e..8de61d4d466 100644
--- a/spec/serializers/job_entity_spec.rb
+++ b/spec/serializers/job_entity_spec.rb
@@ -154,15 +154,15 @@ describe JobEntity do
       expect(subject[:status][:label]).to eq('failed')
     end
 
-    it 'should indicate the failure reason on tooltip' do
+    it 'indicates the failure reason on tooltip' do
       expect(subject[:status][:tooltip]).to eq('failed - (API failure)')
     end
 
-    it 'should include a callout message with a verbose output' do
+    it 'includes a callout message with a verbose output' do
       expect(subject[:callout_message]).to eq('There has been an API failure, please try again')
     end
 
-    it 'should state that it is not recoverable' do
+    it 'states that it is not recoverable' do
       expect(subject[:recoverable]).to be_truthy
     end
   end
@@ -178,15 +178,15 @@ describe JobEntity do
       expect(subject[:status][:label]).to eq('failed (allowed to fail)')
     end
 
-    it 'should indicate the failure reason on tooltip' do
+    it 'indicates the failure reason on tooltip' do
       expect(subject[:status][:tooltip]).to eq('failed - (API failure) (allowed to fail)')
     end
 
-    it 'should include a callout message with a verbose output' do
+    it 'includes a callout message with a verbose output' do
       expect(subject[:callout_message]).to eq('There has been an API failure, please try again')
     end
 
-    it 'should state that it is not recoverable' do
+    it 'states that it is not recoverable' do
       expect(subject[:recoverable]).to be_truthy
     end
   end
@@ -194,7 +194,7 @@ describe JobEntity do
   context 'when the job failed with a script failure' do
     let(:job) { create(:ci_build, :failed, :script_failure) }
 
-    it 'should not include callout message or recoverable keys' do
+    it 'does not include callout message or recoverable keys' do
       expect(subject).not_to include('callout_message')
       expect(subject).not_to include('recoverable')
     end
@@ -203,7 +203,7 @@ describe JobEntity do
   context 'when job failed and is recoverable' do
     let(:job) { create(:ci_build, :api_failure) }
 
-    it 'should state it is recoverable' do
+    it 'states it is recoverable' do
       expect(subject[:recoverable]).to be_truthy
     end
   end
@@ -211,7 +211,7 @@ describe JobEntity do
   context 'when job passed' do
     let(:job) { create(:ci_build, :success) }
 
-    it 'should not include callout message or recoverable keys' do
+    it 'does not include callout message or recoverable keys' do
       expect(subject).not_to include('callout_message')
       expect(subject).not_to include('recoverable')
     end
diff --git a/spec/serializers/merge_request_widget_entity_spec.rb b/spec/serializers/merge_request_widget_entity_spec.rb
index 0e99ef38d2f..b89898f26f7 100644
--- a/spec/serializers/merge_request_widget_entity_spec.rb
+++ b/spec/serializers/merge_request_widget_entity_spec.rb
@@ -287,7 +287,7 @@ describe MergeRequestWidgetEntity do
       resource.commits.find { |c| c.short_id == short_id }
     end
 
-    it 'should not include merge commits' do
+    it 'does not include merge commits' do
       commits_in_widget = subject[:commits_without_merge_commits]
 
       expect(commits_in_widget.length).to be < resource.commits.length
diff --git a/spec/serializers/suggestion_entity_spec.rb b/spec/serializers/suggestion_entity_spec.rb
index d38fc2b132b..d282a7f9c7a 100644
--- a/spec/serializers/suggestion_entity_spec.rb
+++ b/spec/serializers/suggestion_entity_spec.rb
@@ -13,8 +13,7 @@ describe SuggestionEntity do
   subject { entity.as_json }
 
   it 'exposes correct attributes' do
-    expect(subject).to include(:id, :from_line, :to_line, :appliable,
-                               :applied, :from_content, :to_content)
+    expect(subject.keys).to match_array([:id, :appliable, :applied, :diff_lines, :current_user])
   end
 
   it 'exposes current user abilities' do
diff --git a/spec/services/clusters/applications/check_installation_progress_service_spec.rb b/spec/services/clusters/applications/check_installation_progress_service_spec.rb
index 19446ce1cf8..1cca89d31d7 100644
--- a/spec/services/clusters/applications/check_installation_progress_service_spec.rb
+++ b/spec/services/clusters/applications/check_installation_progress_service_spec.rb
@@ -33,14 +33,22 @@ describe Clusters::Applications::CheckInstallationProgressService, '#execute' do
     end
   end
 
-  shared_examples 'error logging' do
+  shared_examples 'error handling' do
     context 'when installation raises a Kubeclient::HttpError' do
       let(:cluster) { create(:cluster, :provided_by_user, :project) }
+      let(:logger) { service.send(:logger) }
+      let(:error) { Kubeclient::HttpError.new(401, 'Unauthorized', nil) }
 
       before do
         application.update!(cluster: cluster)
 
-        expect(service).to receive(:installation_phase).and_raise(Kubeclient::HttpError.new(401, 'Unauthorized', nil))
+        expect(service).to receive(:installation_phase).and_raise(error)
+      end
+
+      include_examples 'logs kubernetes errors' do
+        let(:error_name) { 'Kubeclient::HttpError' }
+        let(:error_message) { 'Unauthorized' }
+        let(:error_code) { 401 }
       end
 
       it 'shows the response code from the error' do
@@ -49,12 +57,6 @@ describe Clusters::Applications::CheckInstallationProgressService, '#execute' do
         expect(application).to be_errored.or(be_update_errored)
         expect(application.status_reason).to eq('Kubernetes error: 401')
       end
-
-      it 'should log error' do
-        expect(service.send(:logger)).to receive(:error)
-
-        service.execute
-      end
     end
   end
 
@@ -66,7 +68,7 @@ describe Clusters::Applications::CheckInstallationProgressService, '#execute' do
   context 'when application is updating' do
     let(:application) { create(:clusters_applications_helm, :updating) }
 
-    include_examples 'error logging'
+    include_examples 'error handling'
 
     RESCHEDULE_PHASES.each { |phase| it_behaves_like 'a not yet terminated installation', phase }
 
@@ -127,7 +129,7 @@ describe Clusters::Applications::CheckInstallationProgressService, '#execute' do
   end
 
   context 'when application is installing' do
-    include_examples 'error logging'
+    include_examples 'error handling'
 
     RESCHEDULE_PHASES.each { |phase| it_behaves_like 'a not yet terminated installation', phase }
 
diff --git a/spec/services/clusters/applications/install_service_spec.rb b/spec/services/clusters/applications/install_service_spec.rb
index 018d9822d3e..db0c33a95b2 100644
--- a/spec/services/clusters/applications/install_service_spec.rb
+++ b/spec/services/clusters/applications/install_service_spec.rb
@@ -39,51 +39,34 @@ describe Clusters::Applications::InstallService do
         expect(helm_client).to receive(:install).with(install_command).and_raise(error)
       end
 
+      include_examples 'logs kubernetes errors' do
+        let(:error_name) { 'Kubeclient::HttpError' }
+        let(:error_message) { 'system failure' }
+        let(:error_code) { 500 }
+      end
+
       it 'make the application errored' do
         service.execute
 
         expect(application).to be_errored
         expect(application.status_reason).to match('Kubernetes error: 500')
       end
-
-      it 'logs errors' do
-        expect(service.send(:logger)).to receive(:error).with(
-          {
-            exception: 'Kubeclient::HttpError',
-            message: 'system failure',
-            service: 'Clusters::Applications::InstallService',
-            app_id: application.id,
-            project_ids: application.cluster.project_ids,
-            group_ids: [],
-            error_code: 500
-          }
-        )
-
-        expect(Gitlab::Sentry).to receive(:track_acceptable_exception).with(
-          error,
-          extra: {
-            exception: 'Kubeclient::HttpError',
-            message: 'system failure',
-            service: 'Clusters::Applications::InstallService',
-            app_id: application.id,
-            project_ids: application.cluster.project_ids,
-            group_ids: [],
-            error_code: 500
-          }
-        )
-
-        service.execute
-      end
     end
 
     context 'a non kubernetes error happens' do
       let(:application) { create(:clusters_applications_helm, :scheduled) }
-      let(:error) { StandardError.new("something bad happened") }
+      let(:error) { StandardError.new('something bad happened') }
 
       before do
         expect(application).to receive(:make_installing!).once.and_raise(error)
       end
 
+      include_examples 'logs kubernetes errors' do
+        let(:error_name) { 'StandardError' }
+        let(:error_message) { 'something bad happened' }
+        let(:error_code) { nil }
+      end
+
       it 'make the application errored' do
         expect(helm_client).not_to receive(:install)
 
@@ -92,35 +75,6 @@ describe Clusters::Applications::InstallService do
         expect(application).to be_errored
         expect(application.status_reason).to eq("Can't start installation process.")
       end
-
-      it 'logs errors' do
-        expect(service.send(:logger)).to receive(:error).with(
-          {
-            exception: 'StandardError',
-            error_code: nil,
-            message: 'something bad happened',
-            service: 'Clusters::Applications::InstallService',
-            app_id: application.id,
-            project_ids: application.cluster.projects.pluck(:id),
-            group_ids: []
-          }
-        )
-
-        expect(Gitlab::Sentry).to receive(:track_acceptable_exception).with(
-          error,
-          extra: {
-            exception: 'StandardError',
-            error_code: nil,
-            message: 'something bad happened',
-            service: 'Clusters::Applications::InstallService',
-            app_id: application.id,
-            project_ids: application.cluster.projects.pluck(:id),
-            group_ids: []
-          }
-        )
-
-        service.execute
-      end
     end
   end
 end
diff --git a/spec/services/clusters/applications/patch_service_spec.rb b/spec/services/clusters/applications/patch_service_spec.rb
index d4ee3243b84..10b1379a127 100644
--- a/spec/services/clusters/applications/patch_service_spec.rb
+++ b/spec/services/clusters/applications/patch_service_spec.rb
@@ -41,47 +41,30 @@ describe Clusters::Applications::PatchService do
         expect(helm_client).to receive(:update).with(update_command).and_raise(error)
       end
 
+      include_examples 'logs kubernetes errors' do
+        let(:error_name) { 'Kubeclient::HttpError' }
+        let(:error_message) { 'system failure' }
+        let(:error_code) { 500 }
+      end
+
       it 'make the application errored' do
         service.execute
 
         expect(application).to be_update_errored
         expect(application.status_reason).to match('Kubernetes error: 500')
       end
-
-      it 'logs errors' do
-        expect(service.send(:logger)).to receive(:error).with(
-          {
-            exception: 'Kubeclient::HttpError',
-            message: 'system failure',
-            service: 'Clusters::Applications::PatchService',
-            app_id: application.id,
-            project_ids: application.cluster.project_ids,
-            group_ids: [],
-            error_code: 500
-          }
-        )
-
-        expect(Gitlab::Sentry).to receive(:track_acceptable_exception).with(
-          error,
-          extra: {
-            exception: 'Kubeclient::HttpError',
-            message: 'system failure',
-            service: 'Clusters::Applications::PatchService',
-            app_id: application.id,
-            project_ids: application.cluster.project_ids,
-            group_ids: [],
-            error_code: 500
-          }
-        )
-
-        service.execute
-      end
     end
 
     context 'a non kubernetes error happens' do
       let(:application) { create(:clusters_applications_knative, :scheduled) }
       let(:error) { StandardError.new('something bad happened') }
 
+      include_examples 'logs kubernetes errors' do
+        let(:error_name) { 'StandardError' }
+        let(:error_message) { 'something bad happened' }
+        let(:error_code) { nil }
+      end
+
       before do
         expect(application).to receive(:make_updating!).once.and_raise(error)
       end
@@ -94,35 +77,6 @@ describe Clusters::Applications::PatchService do
         expect(application).to be_update_errored
         expect(application.status_reason).to eq("Can't start update process.")
       end
-
-      it 'logs errors' do
-        expect(service.send(:logger)).to receive(:error).with(
-          {
-            exception: 'StandardError',
-            error_code: nil,
-            message: 'something bad happened',
-            service: 'Clusters::Applications::PatchService',
-            app_id: application.id,
-            project_ids: application.cluster.projects.pluck(:id),
-            group_ids: []
-          }
-        )
-
-        expect(Gitlab::Sentry).to receive(:track_acceptable_exception).with(
-          error,
-          extra: {
-            exception: 'StandardError',
-            error_code: nil,
-            message: 'something bad happened',
-            service: 'Clusters::Applications::PatchService',
-            app_id: application.id,
-            project_ids: application.cluster.projects.pluck(:id),
-            group_ids: []
-          }
-        )
-
-        service.execute
-      end
     end
   end
 end
diff --git a/spec/services/clusters/applications/upgrade_service_spec.rb b/spec/services/clusters/applications/upgrade_service_spec.rb
index 1822fc38dbd..dd2e6e94e4f 100644
--- a/spec/services/clusters/applications/upgrade_service_spec.rb
+++ b/spec/services/clusters/applications/upgrade_service_spec.rb
@@ -41,41 +41,18 @@ describe Clusters::Applications::UpgradeService do
         expect(helm_client).to receive(:update).with(install_command).and_raise(error)
       end
 
+      include_examples 'logs kubernetes errors' do
+        let(:error_name) { 'Kubeclient::HttpError' }
+        let(:error_message) { 'system failure' }
+        let(:error_code) { 500 }
+      end
+
       it 'make the application errored' do
         service.execute
 
         expect(application).to be_update_errored
         expect(application.status_reason).to match('Kubernetes error: 500')
       end
-
-      it 'logs errors' do
-        expect(service.send(:logger)).to receive(:error).with(
-          {
-            exception: 'Kubeclient::HttpError',
-            message: 'system failure',
-            service: 'Clusters::Applications::UpgradeService',
-            app_id: application.id,
-            project_ids: application.cluster.project_ids,
-            group_ids: [],
-            error_code: 500
-          }
-        )
-
-        expect(Gitlab::Sentry).to receive(:track_acceptable_exception).with(
-          error,
-          extra: {
-            exception: 'Kubeclient::HttpError',
-            message: 'system failure',
-            service: 'Clusters::Applications::UpgradeService',
-            app_id: application.id,
-            project_ids: application.cluster.project_ids,
-            group_ids: [],
-            error_code: 500
-          }
-        )
-
-        service.execute
-      end
     end
 
     context 'a non kubernetes error happens' do
@@ -86,6 +63,12 @@ describe Clusters::Applications::UpgradeService do
         expect(application).to receive(:make_updating!).once.and_raise(error)
       end
 
+      include_examples 'logs kubernetes errors' do
+        let(:error_name) { 'StandardError' }
+        let(:error_message) { 'something bad happened' }
+        let(:error_code) { nil }
+      end
+
       it 'make the application errored' do
         expect(helm_client).not_to receive(:update)
 
@@ -94,35 +77,6 @@ describe Clusters::Applications::UpgradeService do
         expect(application).to be_update_errored
         expect(application.status_reason).to eq("Can't start upgrade process.")
       end
-
-      it 'logs errors' do
-        expect(service.send(:logger)).to receive(:error).with(
-          {
-            exception: 'StandardError',
-            error_code: nil,
-            message: 'something bad happened',
-            service: 'Clusters::Applications::UpgradeService',
-            app_id: application.id,
-            project_ids: application.cluster.projects.pluck(:id),
-            group_ids: []
-          }
-        )
-
-        expect(Gitlab::Sentry).to receive(:track_acceptable_exception).with(
-          error,
-          extra: {
-            exception: 'StandardError',
-            error_code: nil,
-            message: 'something bad happened',
-            service: 'Clusters::Applications::UpgradeService',
-            app_id: application.id,
-            project_ids: application.cluster.projects.pluck(:id),
-            group_ids: []
-          }
-        )
-
-        service.execute
-      end
     end
   end
 end
diff --git a/spec/services/clusters/gcp/kubernetes/create_or_update_service_account_service_spec.rb b/spec/services/clusters/gcp/kubernetes/create_or_update_service_account_service_spec.rb
index 11a65d0c300..382b9043566 100644
--- a/spec/services/clusters/gcp/kubernetes/create_or_update_service_account_service_spec.rb
+++ b/spec/services/clusters/gcp/kubernetes/create_or_update_service_account_service_spec.rb
@@ -89,7 +89,7 @@ describe Clusters::Gcp::Kubernetes::CreateOrUpdateServiceAccountService do
 
       it_behaves_like 'creates service account and token'
 
-      it 'should create a cluster role binding with cluster-admin access' do
+      it 'creates a cluster role binding with cluster-admin access' do
         subject
 
         expect(WebMock).to have_requested(:post, api_url + "/apis/rbac.authorization.k8s.io/v1/clusterrolebindings").with(
diff --git a/spec/services/deploy_tokens/create_service_spec.rb b/spec/services/deploy_tokens/create_service_spec.rb
index 3a2bbf1ecd1..1bd0356a73b 100644
--- a/spec/services/deploy_tokens/create_service_spec.rb
+++ b/spec/services/deploy_tokens/create_service_spec.rb
@@ -9,11 +9,11 @@ describe DeployTokens::CreateService do
     subject { described_class.new(project, user, deploy_token_params).execute }
 
     context 'when the deploy token is valid' do
-      it 'should create a new DeployToken' do
+      it 'creates a new DeployToken' do
         expect { subject }.to change { DeployToken.count }.by(1)
       end
 
-      it 'should create a new ProjectDeployToken' do
+      it 'creates a new ProjectDeployToken' do
         expect { subject }.to change { ProjectDeployToken.count }.by(1)
       end
 
@@ -25,7 +25,7 @@ describe DeployTokens::CreateService do
     context 'when expires at date is not passed' do
       let(:deploy_token_params) { attributes_for(:deploy_token, expires_at: '') }
 
-      it 'should set Forever.date' do
+      it 'sets Forever.date' do
         expect(subject.read_attribute(:expires_at)).to eq(Forever.date)
       end
     end
@@ -33,11 +33,11 @@ describe DeployTokens::CreateService do
     context 'when the deploy token is invalid' do
       let(:deploy_token_params) { attributes_for(:deploy_token, read_repository: false, read_registry: false) }
 
-      it 'should not create a new DeployToken' do
+      it 'does not create a new DeployToken' do
         expect { subject }.not_to change { DeployToken.count }
       end
 
-      it 'should not create a new ProjectDeployToken' do
+      it 'does not create a new ProjectDeployToken' do
         expect { subject }.not_to change { ProjectDeployToken.count }
       end
     end
diff --git a/spec/services/groups/transfer_service_spec.rb b/spec/services/groups/transfer_service_spec.rb
index 79d504b9b45..0bc67dbb4a1 100644
--- a/spec/services/groups/transfer_service_spec.rb
+++ b/spec/services/groups/transfer_service_spec.rb
@@ -12,11 +12,11 @@ describe Groups::TransferService, :postgresql do
         allow(Group).to receive(:supports_nested_objects?).and_return(false)
       end
 
-      it 'should return false' do
+      it 'returns false' do
         expect(transfer_service.execute(new_parent_group)).to be_falsy
       end
 
-      it 'should add an error on group' do
+      it 'adds an error on group' do
         transfer_service.execute(new_parent_group)
         expect(transfer_service.error).to eq('Transfer failed: Database is not supported.')
       end
@@ -30,11 +30,11 @@ describe Groups::TransferService, :postgresql do
         create(:group_member, :owner, group: new_parent_group, user: user)
       end
 
-      it 'should return false' do
+      it 'returns false' do
         expect(transfer_service.execute(new_parent_group)).to be_falsy
       end
 
-      it 'should add an error on group' do
+      it 'adds an error on group' do
         transfer_service.execute(new_parent_group)
         expect(transfer_service.error).to eq('Transfer failed: namespace directory cannot be moved')
       end
@@ -50,7 +50,7 @@ describe Groups::TransferService, :postgresql do
       context 'when the group is already a root group' do
         let(:group) { create(:group, :public) }
 
-        it 'should add an error on group' do
+        it 'adds an error on group' do
           transfer_service.execute(nil)
           expect(transfer_service.error).to eq('Transfer failed: Group is already a root group.')
         end
@@ -59,11 +59,11 @@ describe Groups::TransferService, :postgresql do
       context 'when the user does not have the right policies' do
         let!(:group_member) { create(:group_member, :guest, group: group, user: user) }
 
-        it "should return false" do
+        it "returns false" do
           expect(transfer_service.execute(nil)).to be_falsy
         end
 
-        it "should add an error on group" do
+        it "adds an error on group" do
           transfer_service.execute(new_parent_group)
           expect(transfer_service.error).to eq("Transfer failed: You don't have enough permissions.")
         end
@@ -76,11 +76,11 @@ describe Groups::TransferService, :postgresql do
           create(:group, path: 'not-unique')
         end
 
-        it 'should return false' do
+        it 'returns false' do
           expect(transfer_service.execute(nil)).to be_falsy
         end
 
-        it 'should add an error on group' do
+        it 'adds an error on group' do
           transfer_service.execute(nil)
           expect(transfer_service.error).to eq('Transfer failed: The parent group already has a subgroup with the same path.')
         end
@@ -96,17 +96,17 @@ describe Groups::TransferService, :postgresql do
           group.reload
         end
 
-        it 'should update group attributes' do
+        it 'updates group attributes' do
           expect(group.parent).to be_nil
         end
 
-        it 'should update group children path' do
+        it 'updates group children path' do
           group.children.each do |subgroup|
             expect(subgroup.full_path).to eq("#{group.path}/#{subgroup.path}")
           end
         end
 
-        it 'should update group projects path' do
+        it 'updates group projects path' do
           group.projects.each do |project|
             expect(project.full_path).to eq("#{group.path}/#{project.path}")
           end
@@ -122,11 +122,11 @@ describe Groups::TransferService, :postgresql do
       context 'when the new parent group is the same as the previous parent group' do
         let(:group) { create(:group, :public, :nested, parent: new_parent_group) }
 
-        it 'should return false' do
+        it 'returns false' do
           expect(transfer_service.execute(new_parent_group)).to be_falsy
         end
 
-        it 'should add an error on group' do
+        it 'adds an error on group' do
           transfer_service.execute(new_parent_group)
           expect(transfer_service.error).to eq('Transfer failed: Group is already associated to the parent group.')
         end
@@ -135,11 +135,11 @@ describe Groups::TransferService, :postgresql do
       context 'when the user does not have the right policies' do
         let!(:group_member) { create(:group_member, :guest, group: group, user: user) }
 
-        it "should return false" do
+        it "returns false" do
           expect(transfer_service.execute(new_parent_group)).to be_falsy
         end
 
-        it "should add an error on group" do
+        it "adds an error on group" do
           transfer_service.execute(new_parent_group)
           expect(transfer_service.error).to eq("Transfer failed: You don't have enough permissions.")
         end
@@ -152,11 +152,11 @@ describe Groups::TransferService, :postgresql do
           create(:group, path: "not-unique", parent: new_parent_group)
         end
 
-        it 'should return false' do
+        it 'returns false' do
           expect(transfer_service.execute(new_parent_group)).to be_falsy
         end
 
-        it 'should add an error on group' do
+        it 'adds an error on group' do
           transfer_service.execute(new_parent_group)
           expect(transfer_service.error).to eq('Transfer failed: The parent group already has a subgroup with the same path.')
         end
@@ -171,11 +171,11 @@ describe Groups::TransferService, :postgresql do
           group.update_attribute(:path, 'foo')
         end
 
-        it 'should return false' do
+        it 'returns false' do
           expect(transfer_service.execute(new_parent_group)).to be_falsy
         end
 
-        it 'should add an error on group' do
+        it 'adds an error on group' do
           transfer_service.execute(new_parent_group)
           expect(transfer_service.error).to eq('Transfer failed: Validation failed: Group URL has already been taken')
         end
@@ -191,7 +191,7 @@ describe Groups::TransferService, :postgresql do
           let(:new_parent_group) { create(:group, :public) }
           let(:group) { create(:group, :private, :nested) }
 
-          it 'should not update the visibility for the group' do
+          it 'does not update the visibility for the group' do
             group.reload
             expect(group.private?).to be_truthy
             expect(group.visibility_level).not_to eq(new_parent_group.visibility_level)
@@ -202,27 +202,27 @@ describe Groups::TransferService, :postgresql do
           let(:new_parent_group) { create(:group, :private) }
           let(:group) { create(:group, :public, :nested) }
 
-          it 'should update visibility level based on the parent group' do
+          it 'updates visibility level based on the parent group' do
             group.reload
             expect(group.private?).to be_truthy
             expect(group.visibility_level).to eq(new_parent_group.visibility_level)
           end
         end
 
-        it 'should update visibility for the group based on the parent group' do
+        it 'updates visibility for the group based on the parent group' do
           expect(group.visibility_level).to eq(new_parent_group.visibility_level)
         end
 
-        it 'should update parent group to the new parent ' do
+        it 'updates parent group to the new parent' do
           expect(group.parent).to eq(new_parent_group)
         end
 
-        it 'should return the group as children of the new parent' do
+        it 'returns the group as children of the new parent' do
           expect(new_parent_group.children.count).to eq(1)
           expect(new_parent_group.children.first).to eq(group)
         end
 
-        it 'should create a redirect for the group' do
+        it 'creates a redirect for the group' do
           expect(group.redirect_routes.count).to eq(1)
         end
       end
@@ -236,21 +236,21 @@ describe Groups::TransferService, :postgresql do
           transfer_service.execute(new_parent_group)
         end
 
-        it 'should update subgroups path' do
+        it 'updates subgroups path' do
           new_parent_path = new_parent_group.path
           group.children.each do |subgroup|
             expect(subgroup.full_path).to eq("#{new_parent_path}/#{group.path}/#{subgroup.path}")
           end
         end
 
-        it 'should create redirects for the subgroups' do
+        it 'creates redirects for the subgroups' do
           expect(group.redirect_routes.count).to eq(1)
           expect(subgroup1.redirect_routes.count).to eq(1)
           expect(subgroup2.redirect_routes.count).to eq(1)
         end
 
         context 'when the new parent has a higher visibility than the children' do
-          it 'should not update the children visibility' do
+          it 'does not update the children visibility' do
             expect(subgroup1.private?).to be_truthy
             expect(subgroup2.internal?).to be_truthy
           end
@@ -261,7 +261,7 @@ describe Groups::TransferService, :postgresql do
           let!(:subgroup2) { create(:group, :public, parent: group) }
           let(:new_parent_group) { create(:group, :private) }
 
-          it 'should update children visibility to match the new parent' do
+          it 'updates children visibility to match the new parent' do
             group.children.each do |subgroup|
               expect(subgroup.private?).to be_truthy
             end
@@ -279,21 +279,21 @@ describe Groups::TransferService, :postgresql do
           transfer_service.execute(new_parent_group)
         end
 
-        it 'should update projects path' do
+        it 'updates projects path' do
           new_parent_path = new_parent_group.path
           group.projects.each do |project|
             expect(project.full_path).to eq("#{new_parent_path}/#{group.path}/#{project.name}")
           end
         end
 
-        it 'should create permanent redirects for the projects' do
+        it 'creates permanent redirects for the projects' do
           expect(group.redirect_routes.count).to eq(1)
           expect(project1.redirect_routes.count).to eq(1)
           expect(project2.redirect_routes.count).to eq(1)
         end
 
         context 'when the new parent has a higher visibility than the projects' do
-          it 'should not update projects visibility' do
+          it 'does not update projects visibility' do
             expect(project1.private?).to be_truthy
             expect(project2.internal?).to be_truthy
           end
@@ -304,7 +304,7 @@ describe Groups::TransferService, :postgresql do
           let!(:project2) { create(:project, :repository, :public, namespace: group) }
           let(:new_parent_group) { create(:group, :private) }
 
-          it 'should update projects visibility to match the new parent' do
+          it 'updates projects visibility to match the new parent' do
             group.projects.each do |project|
               expect(project.private?).to be_truthy
             end
@@ -324,21 +324,21 @@ describe Groups::TransferService, :postgresql do
           transfer_service.execute(new_parent_group)
         end
 
-        it 'should update subgroups path' do
+        it 'updates subgroups path' do
           new_parent_path = new_parent_group.path
           group.children.each do |subgroup|
             expect(subgroup.full_path).to eq("#{new_parent_path}/#{group.path}/#{subgroup.path}")
           end
         end
 
-        it 'should update projects path' do
+        it 'updates projects path' do
           new_parent_path = new_parent_group.path
           group.projects.each do |project|
             expect(project.full_path).to eq("#{new_parent_path}/#{group.path}/#{project.name}")
           end
         end
 
-        it 'should create redirect for the subgroups and projects' do
+        it 'creates redirect for the subgroups and projects' do
           expect(group.redirect_routes.count).to eq(1)
           expect(subgroup1.redirect_routes.count).to eq(1)
           expect(subgroup2.redirect_routes.count).to eq(1)
@@ -360,7 +360,7 @@ describe Groups::TransferService, :postgresql do
           transfer_service.execute(new_parent_group)
         end
 
-        it 'should update subgroups path' do
+        it 'updates subgroups path' do
           new_base_path = "#{new_parent_group.path}/#{group.path}"
           group.children.each do |children|
             expect(children.full_path).to eq("#{new_base_path}/#{children.path}")
@@ -372,7 +372,7 @@ describe Groups::TransferService, :postgresql do
           end
         end
 
-        it 'should update projects path' do
+        it 'updates projects path' do
           new_parent_path = "#{new_parent_group.path}/#{group.path}"
           subgroup1.projects.each do |project|
             project_full_path = "#{new_parent_path}/#{project.namespace.path}/#{project.name}"
@@ -380,7 +380,7 @@ describe Groups::TransferService, :postgresql do
           end
         end
 
-        it 'should create redirect for the subgroups and projects' do
+        it 'creates redirect for the subgroups and projects' do
           expect(group.redirect_routes.count).to eq(1)
           expect(project1.redirect_routes.count).to eq(1)
           expect(subgroup1.redirect_routes.count).to eq(1)
@@ -402,7 +402,7 @@ describe Groups::TransferService, :postgresql do
           transfer_service.execute(new_parent_group)
         end
 
-        it 'should restore group and projects visibility' do
+        it 'restores group and projects visibility' do
           subgroup1.reload
           project1.reload
           expect(subgroup1.public?).to be_truthy
diff --git a/spec/services/issues/build_service_spec.rb b/spec/services/issues/build_service_spec.rb
index 86e58fe06b9..74f1e83b362 100644
--- a/spec/services/issues/build_service_spec.rb
+++ b/spec/services/issues/build_service_spec.rb
@@ -58,8 +58,10 @@ describe Issues::BuildService do
                     "> That has a quote\n"\
                     ">>>\n"
         note_result = "    > This is a string\n"\
+                      "    > \n"\
                       "    > > with a blockquote\n"\
-                      "    > > > That has a quote\n"
+                      "    > > > That has a quote\n"\
+                      "    > \n"
         discussion = create(:diff_note_on_merge_request, note: note_text).to_discussion
         expect(service.item_for_discussion(discussion)).to include(note_result)
       end
diff --git a/spec/services/merge_requests/add_todo_when_build_fails_service_spec.rb b/spec/services/merge_requests/add_todo_when_build_fails_service_spec.rb
index af0a214c00f..39a2ef579dd 100644
--- a/spec/services/merge_requests/add_todo_when_build_fails_service_spec.rb
+++ b/spec/services/merge_requests/add_todo_when_build_fails_service_spec.rb
@@ -77,6 +77,22 @@ describe MergeRequests::AddTodoWhenBuildFailsService do
         service.execute(commit_status)
       end
     end
+
+    context 'when build belongs to a merge request pipeline' do
+      let(:pipeline) do
+        create(:ci_pipeline, source: :merge_request_event,
+                             ref: merge_request.merge_ref_path,
+                             merge_request: merge_request,
+                             merge_requests_as_head_pipeline: [merge_request])
+      end
+
+      let(:commit_status) { create(:ci_build, ref: merge_request.merge_ref_path, pipeline: pipeline) }
+
+      it 'notifies the todo service' do
+        expect(todo_service).to receive(:merge_request_build_failed).with(merge_request)
+        service.execute(commit_status)
+      end
+    end
   end
 
   describe '#close' do
@@ -106,6 +122,22 @@ describe MergeRequests::AddTodoWhenBuildFailsService do
         service.close(commit_status)
       end
     end
+
+    context 'when build belongs to a merge request pipeline' do
+      let(:pipeline) do
+        create(:ci_pipeline, source: :merge_request_event,
+                             ref: merge_request.merge_ref_path,
+                             merge_request: merge_request,
+                             merge_requests_as_head_pipeline: [merge_request])
+      end
+
+      let(:commit_status) { create(:ci_build, ref: merge_request.merge_ref_path, pipeline: pipeline) }
+
+      it 'notifies the todo service' do
+        expect(todo_service).to receive(:merge_request_build_retried).with(merge_request)
+        service.close(commit_status)
+      end
+    end
   end
 
   describe '#close_all' do
diff --git a/spec/services/merge_requests/create_service_spec.rb b/spec/services/merge_requests/create_service_spec.rb
index 55e7b46248b..dc5d1cf2f04 100644
--- a/spec/services/merge_requests/create_service_spec.rb
+++ b/spec/services/merge_requests/create_service_spec.rb
@@ -263,19 +263,6 @@ describe MergeRequests::CreateService do
               expect(merge_request.actual_head_pipeline).to be_merge_request_event
             end
           end
-
-          context "when the 'ci_merge_request_pipeline' feature flag is disabled" do
-            before do
-              stub_feature_flags(ci_merge_request_pipeline: false)
-            end
-
-            it 'does not create a detached merge request pipeline' do
-              expect(merge_request).to be_persisted
-
-              merge_request.reload
-              expect(merge_request.merge_request_pipelines.count).to eq(0)
-            end
-          end
         end
 
         context "when .gitlab-ci.yml does not have merge_requests keywords" do
diff --git a/spec/services/merge_requests/merge_when_pipeline_succeeds_service_spec.rb b/spec/services/merge_requests/merge_when_pipeline_succeeds_service_spec.rb
index 52bbd4e794d..8b7db1b2f1f 100644
--- a/spec/services/merge_requests/merge_when_pipeline_succeeds_service_spec.rb
+++ b/spec/services/merge_requests/merge_when_pipeline_succeeds_service_spec.rb
@@ -95,7 +95,7 @@ describe MergeRequests::MergeWhenPipelineSucceedsService do
                              sha: '1234abcdef', status: 'success')
       end
 
-      it 'it does not merge request' do
+      it 'does not merge request' do
         expect(MergeWorker).not_to receive(:perform_async)
         service.trigger(old_pipeline)
       end
@@ -112,6 +112,21 @@ describe MergeRequests::MergeWhenPipelineSucceedsService do
         service.trigger(unrelated_pipeline)
       end
     end
+
+    context 'when pipeline is merge request pipeline' do
+      let(:pipeline) do
+        create(:ci_pipeline, :success,
+          source: :merge_request_event,
+          ref: mr_merge_if_green_enabled.merge_ref_path,
+          merge_request: mr_merge_if_green_enabled,
+          merge_requests_as_head_pipeline: [mr_merge_if_green_enabled])
+      end
+
+      it 'merges the associated merge request' do
+        expect(MergeWorker).to receive(:perform_async)
+        service.trigger(pipeline)
+      end
+    end
   end
 
   describe "#cancel" do
diff --git a/spec/services/merge_requests/refresh_service_spec.rb b/spec/services/merge_requests/refresh_service_spec.rb
index 25cbac6d7ee..bd10523bc94 100644
--- a/spec/services/merge_requests/refresh_service_spec.rb
+++ b/spec/services/merge_requests/refresh_service_spec.rb
@@ -230,17 +230,6 @@ describe MergeRequests::RefreshService do
             end.not_to change { @merge_request.merge_request_pipelines.count }
           end
         end
-
-        context "when the 'ci_merge_request_pipeline' feature flag is disabled" do
-          before do
-            stub_feature_flags(ci_merge_request_pipeline: false)
-          end
-
-          it 'does not create a detached merge request pipeline' do
-            expect { subject }
-              .not_to change { @merge_request.merge_request_pipelines.count }
-          end
-        end
       end
 
       context "when .gitlab-ci.yml does not have merge_requests keywords" do
@@ -465,35 +454,35 @@ describe MergeRequests::RefreshService do
       end
       let(:force_push_commit) { @project.commit('feature').id }
 
-      it 'should reload a new diff for a push to the forked project' do
+      it 'reloads a new diff for a push to the forked project' do
         expect do
           service.new(@fork_project, @user).execute(@oldrev, first_commit, 'refs/heads/master')
           reload_mrs
         end.to change { forked_master_mr.merge_request_diffs.count }.by(1)
       end
 
-      it 'should reload a new diff for a force push to the source branch' do
+      it 'reloads a new diff for a force push to the source branch' do
         expect do
           service.new(@fork_project, @user).execute(@oldrev, force_push_commit, 'refs/heads/master')
           reload_mrs
         end.to change { forked_master_mr.merge_request_diffs.count }.by(1)
       end
 
-      it 'should reload a new diff for a force push to the target branch' do
+      it 'reloads a new diff for a force push to the target branch' do
         expect do
           service.new(@project, @user).execute(@oldrev, force_push_commit, 'refs/heads/master')
           reload_mrs
         end.to change { forked_master_mr.merge_request_diffs.count }.by(1)
       end
 
-      it 'should reload a new diff for a push to the target project that contains a commit in the MR' do
+      it 'reloads a new diff for a push to the target project that contains a commit in the MR' do
         expect do
           service.new(@project, @user).execute(@oldrev, first_commit, 'refs/heads/master')
           reload_mrs
         end.to change { forked_master_mr.merge_request_diffs.count }.by(1)
       end
 
-      it 'should not increase the diff count for a new push to target branch' do
+      it 'does not increase the diff count for a new push to target branch' do
         new_commit = @project.repository.create_file(@user, 'new-file.txt', 'A new file',
                                                      message: 'This is a test',
                                                      branch_name: 'master')
diff --git a/spec/services/preview_markdown_service_spec.rb b/spec/services/preview_markdown_service_spec.rb
index 85515d548a7..a1d31464e07 100644
--- a/spec/services/preview_markdown_service_spec.rb
+++ b/spec/services/preview_markdown_service_spec.rb
@@ -2,7 +2,7 @@ require 'spec_helper'
 
 describe PreviewMarkdownService do
   let(:user) { create(:user) }
-  let(:project) { create(:project) }
+  let(:project) { create(:project, :repository) }
 
   before do
     project.add_developer(user)
@@ -20,23 +20,72 @@ describe PreviewMarkdownService do
   end
 
   describe 'suggestions' do
-    let(:params) { { text: "```suggestion\nfoo\n```", preview_suggestions: preview_suggestions } }
+    let(:merge_request) do
+      create(:merge_request, target_project: project, source_project: project)
+    end
+    let(:text) { "```suggestion\nfoo\n```" }
+    let(:params) do
+      suggestion_params.merge(text: text,
+                              target_type: 'MergeRequest',
+                              target_id: merge_request.iid)
+    end
     let(:service) { described_class.new(project, user, params) }
 
     context 'when preview markdown param is present' do
-      let(:preview_suggestions) { true }
+      let(:path) { "files/ruby/popen.rb" }
+      let(:line) { 10 }
+      let(:diff_refs) { merge_request.diff_refs }
+
+      let(:suggestion_params) do
+        {
+          preview_suggestions: true,
+          file_path: path,
+          line: line,
+          base_sha: diff_refs.base_sha,
+          start_sha: diff_refs.start_sha,
+          head_sha: diff_refs.head_sha
+        }
+      end
+
+      it 'returns suggestions referenced in text' do
+        position = Gitlab::Diff::Position.new(new_path: path,
+                                              new_line: line,
+                                              diff_refs: diff_refs)
+
+        expect(Gitlab::Diff::SuggestionsParser)
+          .to receive(:parse)
+          .with(text, position: position, project: merge_request.project)
+          .and_call_original
 
-      it 'returns users referenced in text' do
         result = service.execute
 
-        expect(result[:suggestions]).to eq(['foo'])
+        expect(result[:suggestions]).to all(be_a(Gitlab::Diff::Suggestion))
+      end
+
+      context 'when user is not authorized' do
+        let(:another_user) { create(:user) }
+        let(:service) { described_class.new(project, another_user, params) }
+
+        before do
+          project.add_guest(another_user)
+        end
+
+        it 'returns no suggestions' do
+          result = service.execute
+
+          expect(result[:suggestions]).to be_empty
+        end
       end
     end
 
     context 'when preview markdown param is not present' do
-      let(:preview_suggestions) { false }
+      let(:suggestion_params) do
+        {
+          preview_suggestions: false
+        }
+      end
 
-      it 'returns users referenced in text' do
+      it 'returns suggestions referenced in text' do
         result = service.execute
 
         expect(result[:suggestions]).to eq([])
@@ -49,8 +98,8 @@ describe PreviewMarkdownService do
     let(:params) do
       {
         text: "Please do it\n/assign #{user.to_reference}",
-        quick_actions_target_type: 'Issue',
-        quick_actions_target_id: issue.id
+        target_type: 'Issue',
+        target_id: issue.id
       }
     end
     let(:service) { described_class.new(project, user, params) }
@@ -72,7 +121,7 @@ describe PreviewMarkdownService do
     let(:params) do
       {
         text: "My work\n/estimate 2y",
-        quick_actions_target_type: 'MergeRequest'
+        target_type: 'MergeRequest'
       }
     end
     let(:service) { described_class.new(project, user, params) }
@@ -96,8 +145,8 @@ describe PreviewMarkdownService do
     let(:params) do
       {
         text: "My work\n/tag v1.2.3 Stable release",
-        quick_actions_target_type: 'Commit',
-        quick_actions_target_id: commit.id
+        target_type: 'Commit',
+        target_id: commit.id
       }
     end
     let(:service) { described_class.new(project, user, params) }
diff --git a/spec/services/projects/auto_devops/disable_service_spec.rb b/spec/services/projects/auto_devops/disable_service_spec.rb
index 76977d7a1a7..fb1ab3f9949 100644
--- a/spec/services/projects/auto_devops/disable_service_spec.rb
+++ b/spec/services/projects/auto_devops/disable_service_spec.rb
@@ -46,7 +46,7 @@ describe Projects::AutoDevops::DisableService, '#execute' do
           create(:ci_pipeline, :failed, :auto_devops_source, project: project)
         end
 
-        it 'should disable Auto DevOps for project' do
+        it 'disables Auto DevOps for project' do
           subject
 
           expect(auto_devops.enabled).to eq(false)
@@ -58,7 +58,7 @@ describe Projects::AutoDevops::DisableService, '#execute' do
           create_list(:ci_pipeline, 2, :failed, :auto_devops_source, project: project)
         end
 
-        it 'should explicitly disable Auto DevOps for project' do
+        it 'explicitly disables Auto DevOps for project' do
           subject
 
           expect(auto_devops.reload.enabled).to eq(false)
@@ -70,7 +70,7 @@ describe Projects::AutoDevops::DisableService, '#execute' do
           create(:ci_pipeline, :success, :auto_devops_source, project: project)
         end
 
-        it 'should not disable Auto DevOps for project' do
+        it 'does not disable Auto DevOps for project' do
           subject
 
           expect(auto_devops.reload.enabled).to be_nil
@@ -85,14 +85,14 @@ describe Projects::AutoDevops::DisableService, '#execute' do
         create(:ci_pipeline, :failed, :auto_devops_source, project: project)
       end
 
-      it 'should disable Auto DevOps for project' do
+      it 'disables Auto DevOps for project' do
         subject
         auto_devops = project.reload.auto_devops
 
         expect(auto_devops.enabled).to eq(false)
       end
 
-      it 'should create a ProjectAutoDevops record' do
+      it 'creates a ProjectAutoDevops record' do
         expect { subject }.to change { ProjectAutoDevops.count }.from(0).to(1)
       end
     end
diff --git a/spec/services/projects/participants_service_spec.rb b/spec/services/projects/participants_service_spec.rb
index 4b6d0c51363..8455b9bc3cf 100644
--- a/spec/services/projects/participants_service_spec.rb
+++ b/spec/services/projects/participants_service_spec.rb
@@ -41,12 +41,12 @@ describe Projects::ParticipantsService do
         group.add_owner(user)
       end
 
-      it 'should return an url for the avatar' do
+      it 'returns an url for the avatar' do
         expect(service.groups.size).to eq 1
         expect(service.groups.first[:avatar_url]).to eq("/uploads/-/system/group/avatar/#{group.id}/dk.png")
       end
 
-      it 'should return an url for the avatar with relative url' do
+      it 'returns an url for the avatar with relative url' do
         stub_config_setting(relative_url_root: '/gitlab')
         stub_config_setting(url: Settings.send(:build_gitlab_url))
 
diff --git a/spec/services/prometheus/proxy_service_spec.rb b/spec/services/prometheus/proxy_service_spec.rb
new file mode 100644
index 00000000000..4bdb20de4c9
--- /dev/null
+++ b/spec/services/prometheus/proxy_service_spec.rb
@@ -0,0 +1,195 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Prometheus::ProxyService do
+  include ReactiveCachingHelpers
+
+  set(:project) { create(:project) }
+  set(:environment) { create(:environment, project: project) }
+
+  describe '#initialize' do
+    let(:params) { ActionController::Parameters.new(query: '1').permit! }
+
+    it 'initializes attributes' do
+      result = described_class.new(environment, 'GET', 'query', params)
+
+      expect(result.proxyable).to eq(environment)
+      expect(result.method).to eq('GET')
+      expect(result.path).to eq('query')
+      expect(result.params).to eq('query' => '1')
+    end
+
+    it 'converts ActionController::Parameters into hash' do
+      result = described_class.new(environment, 'GET', 'query', params)
+
+      expect(result.params).to be_an_instance_of(Hash)
+    end
+
+    context 'with unknown params' do
+      let(:params) { ActionController::Parameters.new(query: '1', other_param: 'val').permit! }
+
+      it 'filters unknown params' do
+        result = described_class.new(environment, 'GET', 'query', params)
+
+        expect(result.params).to eq('query' => '1')
+      end
+    end
+  end
+
+  describe '#execute' do
+    let(:prometheus_adapter) { instance_double(PrometheusService) }
+    let(:params) { ActionController::Parameters.new(query: '1').permit! }
+
+    subject { described_class.new(environment, 'GET', 'query', params) }
+
+    context 'when prometheus_adapter is nil' do
+      before do
+        allow(environment).to receive(:prometheus_adapter).and_return(nil)
+      end
+
+      it 'returns error' do
+        expect(subject.execute).to eq(
+          status: :error,
+          message: 'No prometheus server found',
+          http_status: :service_unavailable
+        )
+      end
+    end
+
+    context 'when prometheus_adapter cannot query' do
+      before do
+        allow(environment).to receive(:prometheus_adapter).and_return(prometheus_adapter)
+        allow(prometheus_adapter).to receive(:can_query?).and_return(false)
+      end
+
+      it 'returns error' do
+        expect(subject.execute).to eq(
+          status: :error,
+          message: 'No prometheus server found',
+          http_status: :service_unavailable
+        )
+      end
+    end
+
+    context 'cannot proxy' do
+      subject { described_class.new(environment, 'POST', 'garbage', params) }
+
+      it 'returns error' do
+        expect(subject.execute).to eq(
+          message: 'Proxy support for this API is not available currently',
+          status: :error
+        )
+      end
+    end
+
+    context 'with caching', :use_clean_rails_memory_store_caching do
+      let(:return_value) { { 'http_status' => 200, 'body' => 'body' } }
+
+      let(:opts) do
+        [environment.class.name, environment.id, 'GET', 'query', { 'query' => '1' }]
+      end
+
+      before do
+        allow(environment).to receive(:prometheus_adapter)
+          .and_return(prometheus_adapter)
+        allow(prometheus_adapter).to receive(:can_query?).and_return(true)
+      end
+
+      context 'when value present in cache' do
+        before do
+          stub_reactive_cache(subject, return_value, opts)
+        end
+
+        it 'returns cached value' do
+          result = subject.execute
+
+          expect(result[:http_status]).to eq(return_value[:http_status])
+          expect(result[:body]).to eq(return_value[:body])
+        end
+      end
+
+      context 'when value not present in cache' do
+        it 'returns nil' do
+          expect(ReactiveCachingWorker)
+            .to receive(:perform_async)
+            .with(subject.class, subject.id, *opts)
+
+          result = subject.execute
+
+          expect(result).to eq(nil)
+        end
+      end
+    end
+
+    context 'call prometheus api' do
+      let(:prometheus_client) { instance_double(Gitlab::PrometheusClient) }
+
+      before do
+        synchronous_reactive_cache(subject)
+
+        allow(environment).to receive(:prometheus_adapter)
+          .and_return(prometheus_adapter)
+        allow(prometheus_adapter).to receive(:can_query?).and_return(true)
+        allow(prometheus_adapter).to receive(:prometheus_client_wrapper)
+          .and_return(prometheus_client)
+      end
+
+      context 'connection to prometheus server succeeds' do
+        let(:rest_client_response) { instance_double(RestClient::Response) }
+        let(:prometheus_http_status_code) { 400 }
+
+        let(:response_body) do
+          '{"status":"error","errorType":"bad_data","error":"parse error at char 1: no expression found in input"}'
+        end
+
+        before do
+          allow(prometheus_client).to receive(:proxy).and_return(rest_client_response)
+
+          allow(rest_client_response).to receive(:code)
+            .and_return(prometheus_http_status_code)
+          allow(rest_client_response).to receive(:body).and_return(response_body)
+        end
+
+        it 'returns the http status code and body from prometheus' do
+          expect(subject.execute).to eq(
+            http_status: prometheus_http_status_code,
+            body: response_body,
+            status: :success
+          )
+        end
+      end
+
+      context 'connection to prometheus server fails' do
+        context 'prometheus client raises Gitlab::PrometheusClient::Error' do
+          before do
+            allow(prometheus_client).to receive(:proxy)
+              .and_raise(Gitlab::PrometheusClient::Error, 'Network connection error')
+          end
+
+          it 'returns error' do
+            expect(subject.execute).to eq(
+              status: :error,
+              message: 'Network connection error',
+              http_status: :service_unavailable
+            )
+          end
+        end
+      end
+    end
+  end
+
+  describe '.from_cache' do
+    it 'initializes an instance of ProxyService class' do
+      result = described_class.from_cache(
+        environment.class.name, environment.id, 'GET', 'query', { 'query' => '1' }
+      )
+
+      expect(result).to be_an_instance_of(described_class)
+      expect(result.proxyable).to eq(environment)
+      expect(result.method).to eq('GET')
+      expect(result.path).to eq('query')
+      expect(result.params).to eq('query' => '1')
+    end
+  end
+end
diff --git a/spec/services/suggestions/apply_service_spec.rb b/spec/services/suggestions/apply_service_spec.rb
index 80b5dcac6c7..7732767137c 100644
--- a/spec/services/suggestions/apply_service_spec.rb
+++ b/spec/services/suggestions/apply_service_spec.rb
@@ -51,6 +51,10 @@ describe Suggestions::ApplyService do
                                diff_refs: merge_request.diff_refs)
   end
 
+  let(:diff_note) do
+    create(:diff_note_on_merge_request, noteable: merge_request, position: position, project: project)
+  end
+
   let(:suggestion) do
     create(:suggestion, :content_from_repo, note: diff_note,
                                             to_content: "      raise RuntimeError, 'Explosion'\n      # explosion?\n")
@@ -108,12 +112,6 @@ describe Suggestions::ApplyService do
                                target_project: project)
       end
 
-      let!(:diff_note) do
-        create(:diff_note_on_merge_request, noteable: merge_request,
-                                            position: position,
-                                            project: project)
-      end
-
       before do
         project.add_maintainer(user)
       end
@@ -192,11 +190,6 @@ describe Suggestions::ApplyService do
           CONTENT
         end
 
-        let(:merge_request) do
-          create(:merge_request, source_project: project,
-                                 target_project: project)
-        end
-
         def create_suggestion(diff, old_line: nil, new_line: nil, from_content:, to_content:, path:)
           position = Gitlab::Diff::Position.new(old_path: path,
                                                 new_path: path,
@@ -291,6 +284,55 @@ describe Suggestions::ApplyService do
           expect(suggestion_2_diff.strip).to eq(expected_suggestion_2_diff.strip)
         end
       end
+
+      context 'multi-line suggestion' do
+        let(:expected_content) do
+          <<~CONTENT
+            require 'fileutils'
+            require 'open3'
+
+            module Popen
+              extend self
+
+            # multi
+            # line
+
+                vars = {
+                  "PWD" => path
+                }
+
+                options = {
+                  chdir: path
+                }
+
+                unless File.directory?(path)
+                  FileUtils.mkdir_p(path)
+                end
+
+                @cmd_output = ""
+                @cmd_status = 0
+
+                Open3.popen3(vars, *cmd, options) do |stdin, stdout, stderr, wait_thr|
+                  @cmd_output << stdout.read
+                  @cmd_output << stderr.read
+                  @cmd_status = wait_thr.value.exitstatus
+                end
+
+                return @cmd_output, @cmd_status
+              end
+            end
+          CONTENT
+        end
+
+        let(:suggestion) do
+          create(:suggestion, :content_from_repo, note: diff_note,
+                                                  lines_above: 2,
+                                                  lines_below: 3,
+                                                  to_content: "# multi\n# line\n")
+        end
+
+        it_behaves_like 'successfully creates commit and updates suggestion'
+      end
     end
 
     context 'fork-project' do
diff --git a/spec/services/task_list_toggle_service_spec.rb b/spec/services/task_list_toggle_service_spec.rb
index b1260cf740a..9adaee6481b 100644
--- a/spec/services/task_list_toggle_service_spec.rb
+++ b/spec/services/task_list_toggle_service_spec.rb
@@ -113,4 +113,25 @@ describe TaskListToggleService do
 
     expect(toggler.execute).to be_falsey
   end
+
+  it 'properly handles a GitLab blockquote' do
+    markdown =
+      <<-EOT.strip_heredoc
+      >>>
+      gitlab blockquote
+      >>>
+
+      * [ ] Task 1
+      * [x] Task 2
+    EOT
+
+    markdown_html = Banzai::Pipeline::FullPipeline.call(markdown, project: nil)[:output].to_html
+    toggler = described_class.new(markdown, markdown_html,
+                                  toggle_as_checked: true,
+                                  line_source: '* [ ] Task 1', line_number: 5)
+
+    expect(toggler.execute).to be_truthy
+    expect(toggler.updated_markdown.lines[4]).to eq "* [x] Task 1\n"
+    expect(toggler.updated_markdown_html).to include('disabled checked> Task 1')
+  end
 end
diff --git a/spec/support/features/discussion_comments_shared_example.rb b/spec/support/features/discussion_comments_shared_example.rb
index 42a086d58d2..5b79c40f27b 100644
--- a/spec/support/features/discussion_comments_shared_example.rb
+++ b/spec/support/features/discussion_comments_shared_example.rb
@@ -224,7 +224,7 @@ shared_examples 'discussion comments' do |resource_name|
           find(toggle_selector).click
         end
 
-        it 'should have "Start discussion" selected' do
+        it 'has "Start discussion" selected' do
           find("#{menu_selector} li", match: :first)
           items = all("#{menu_selector} li")
 
@@ -267,7 +267,7 @@ shared_examples 'discussion comments' do |resource_name|
             end
           end
 
-          it 'should have "Comment" selected when opening the menu' do
+          it 'has "Comment" selected when opening the menu' do
             find(toggle_selector).click
 
             find("#{menu_selector} li", match: :first)
diff --git a/spec/support/helpers/graphql_helpers.rb b/spec/support/helpers/graphql_helpers.rb
index ca28325eab9..f59f42ee902 100644
--- a/spec/support/helpers/graphql_helpers.rb
+++ b/spec/support/helpers/graphql_helpers.rb
@@ -93,6 +93,8 @@ module GraphqlHelpers
   end
 
   def all_graphql_fields_for(class_name, parent_types = Set.new)
+    allow_unlimited_graphql_complexity
+
     type = GitlabSchema.types[class_name.to_s]
     return "" unless type
 
@@ -170,4 +172,10 @@ module GraphqlHelpers
 
     field_type
   end
+
+  # for most tests, we want to allow unlimited complexity
+  def allow_unlimited_graphql_complexity
+    allow_any_instance_of(GitlabSchema).to receive(:max_complexity).and_return nil
+    allow(GitlabSchema).to receive(:max_query_complexity).with(any_args).and_return nil
+  end
 end
diff --git a/spec/support/helpers/prometheus_helpers.rb b/spec/support/helpers/prometheus_helpers.rb
index ce1f9fce10d..08d1d7a6059 100644
--- a/spec/support/helpers/prometheus_helpers.rb
+++ b/spec/support/helpers/prometheus_helpers.rb
@@ -25,12 +25,16 @@ module PrometheusHelpers
     "https://prometheus.example.com/api/v1/query?#{query}"
   end
 
-  def prometheus_query_range_url(prometheus_query, start: 8.hours.ago, stop: Time.now.to_f)
+  def prometheus_query_range_url(prometheus_query, start: 8.hours.ago, stop: Time.now, step: nil)
+    start = start.to_f
+    stop = stop.to_f
+    step ||= Gitlab::PrometheusClient.compute_step(start, stop)
+
     query = {
       query: prometheus_query,
-      start: start.to_f,
+      start: start,
       end: stop,
-      step: 1.minute.to_i
+      step: step
     }.to_query
 
     "https://prometheus.example.com/api/v1/query_range?#{query}"
diff --git a/spec/support/redis/redis_shared_examples.rb b/spec/support/redis/redis_shared_examples.rb
index a8b00004fe7..6aa59960092 100644
--- a/spec/support/redis/redis_shared_examples.rb
+++ b/spec/support/redis/redis_shared_examples.rb
@@ -90,7 +90,7 @@ RSpec.shared_examples "redis_shared_examples" do
     subject { described_class._raw_config }
     let(:config_file_name) { '/var/empty/doesnotexist' }
 
-    it 'should be frozen' do
+    it 'is frozen' do
       expect(subject).to be_frozen
     end
 
diff --git a/spec/support/shared_context/policies/project_policy_shared_context.rb b/spec/support/shared_context/policies/project_policy_shared_context.rb
index 3ad6e067674..ee5cfcd850d 100644
--- a/spec/support/shared_context/policies/project_policy_shared_context.rb
+++ b/spec/support/shared_context/policies/project_policy_shared_context.rb
@@ -25,6 +25,7 @@ RSpec.shared_context 'ProjectPolicy context' do
       admin_issue admin_label admin_list read_commit_status read_build
       read_container_image read_pipeline read_environment read_deployment
       read_merge_request download_wiki_code read_sentry_issue read_release
+      read_prometheus
     ]
   end
 
diff --git a/spec/support/shared_examples/controllers/set_sort_order_from_user_preference_shared_examples.rb b/spec/support/shared_examples/controllers/set_sort_order_from_user_preference_shared_examples.rb
index 98ab04c5636..eb051166a69 100644
--- a/spec/support/shared_examples/controllers/set_sort_order_from_user_preference_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/set_sort_order_from_user_preference_shared_examples.rb
@@ -4,7 +4,7 @@ shared_examples 'set sort order from user preference' do
     # however any other field present in user_preferences table can be used for testing.
 
     context 'when database is in read-only mode' do
-      it 'it does not update user preference' do
+      it 'does not update user preference' do
         allow(Gitlab::Database).to receive(:read_only?).and_return(true)
 
         expect_any_instance_of(UserPreference).not_to receive(:update).with({ controller.send(:issuable_sorting_field) => sorting_param })
diff --git a/spec/support/shared_examples/helm_generated_script.rb b/spec/support/shared_examples/helm_generated_script.rb
index ba9b7d3bdcf..01bee603274 100644
--- a/spec/support/shared_examples/helm_generated_script.rb
+++ b/spec/support/shared_examples/helm_generated_script.rb
@@ -6,7 +6,7 @@ shared_examples 'helm commands' do
       EOS
     end
 
-    it 'should return appropriate command' do
+    it 'returns appropriate command' do
       expect(subject.generate_script.strip).to eq((helm_setup + commands).strip)
     end
   end
diff --git a/spec/support/shared_examples/issuables_list_metadata_shared_examples.rb b/spec/support/shared_examples/issuables_list_metadata_shared_examples.rb
index 90d67fd00fc..244f4766a84 100644
--- a/spec/support/shared_examples/issuables_list_metadata_shared_examples.rb
+++ b/spec/support/shared_examples/issuables_list_metadata_shared_examples.rb
@@ -1,11 +1,11 @@
 shared_examples 'issuables list meta-data' do |issuable_type, action = nil|
   include ProjectForksHelper
 
-  def get_action(action, project)
+  def get_action(action, project, extra_params = {})
     if action
-      get action, params: { author_id: project.creator.id }
+      get action, params: { author_id: project.creator.id }.merge(extra_params)
     else
-      get :index, params: { namespace_id: project.namespace, project_id: project }
+      get :index, params: { namespace_id: project.namespace, project_id: project }.merge(extra_params)
     end
   end
 
@@ -17,23 +17,44 @@ shared_examples 'issuables list meta-data' do |issuable_type, action = nil|
     end
   end
 
-  before do
-    @issuable_ids = %w[fix improve/awesome].map do |source_branch|
-      create_issuable(issuable_type, project, source_branch: source_branch).id
+  let!(:issuables) do
+    %w[fix improve/awesome].map do |source_branch|
+      create_issuable(issuable_type, project, source_branch: source_branch)
     end
   end
 
+  let(:issuable_ids) { issuables.map(&:id) }
+
   it "creates indexed meta-data object for issuable notes and votes count" do
     get_action(action, project)
 
     meta_data = assigns(:issuable_meta_data)
 
     aggregate_failures do
-      expect(meta_data.keys).to match_array(@issuable_ids)
+      expect(meta_data.keys).to match_array(issuables.map(&:id))
       expect(meta_data.values).to all(be_kind_of(Issuable::IssuableMeta))
     end
   end
 
+  context 'searching' do
+    let(:result_issuable) { issuables.first }
+    let(:search) { result_issuable.title }
+
+    before do
+      stub_feature_flags(attempt_project_search_optimizations: true)
+    end
+
+    # .simple_sorts is the same across all Sortable classes
+    sorts = ::Issue.simple_sorts.keys + %w[popularity priority label_priority]
+    sorts.each do |sort|
+      it "works when sorting by #{sort}" do
+        get_action(action, project, search: search, sort: sort)
+
+        expect(assigns(:issuable_meta_data).keys).to include(result_issuable.id)
+      end
+    end
+  end
+
   it "avoids N+1 queries" do
     control = ActiveRecord::QueryRecorder.new { get_action(action, project) }
     issuable = create_issuable(issuable_type, project, source_branch: 'csv')
diff --git a/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb b/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
index d87b3181e80..033b65bdc84 100644
--- a/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
+++ b/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
@@ -9,12 +9,12 @@ shared_examples 'cluster application helm specs' do |application_name|
         application.cluster.application_helm.ca_cert = nil
       end
 
-      it 'should not include cert files when there is no ca_cert entry' do
+      it 'does not include cert files when there is no ca_cert entry' do
         expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
       end
     end
 
-    it 'should include cert files when there is a ca_cert entry' do
+    it 'includes cert files when there is a ca_cert entry' do
       expect(subject).to include(:'ca.pem', :'cert.pem', :'key.pem')
       expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
 
diff --git a/spec/support/shared_examples/quick_actions/commit/tag_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/commit/tag_quick_action_shared_examples.rb
index 4604d867507..b337a1c18d8 100644
--- a/spec/support/shared_examples/quick_actions/commit/tag_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/commit/tag_quick_action_shared_examples.rb
@@ -1,4 +1,28 @@
 # frozen_string_literal: true
 
 shared_examples 'tag quick action' do
+  context "post note to existing commit" do
+    it 'tags this commit' do
+      add_note("/tag #{tag_name} #{tag_message}")
+
+      expect(page).to have_content 'Commands applied'
+      expect(page).to have_content "tagged commit #{truncated_commit_sha}"
+      expect(page).to have_content tag_name
+
+      visit project_tag_path(project, tag_name)
+      expect(page).to have_content tag_name
+      expect(page).to have_content tag_message
+      expect(page).to have_content truncated_commit_sha
+    end
+  end
+
+  context 'preview', :js do
+    it 'removes quick action from note and explains it' do
+      preview_note("/tag #{tag_name} #{tag_message}")
+
+      expect(page).not_to have_content '/tag'
+      expect(page).to have_content %{Tags this commit to #{tag_name} with "#{tag_message}"}
+      expect(page).to have_content tag_name
+    end
+  end
 end
diff --git a/spec/support/shared_examples/quick_actions/issue/confidential_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/issue/confidential_quick_action_shared_examples.rb
index c68e5aee842..336500487fe 100644
--- a/spec/support/shared_examples/quick_actions/issue/confidential_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/issue/confidential_quick_action_shared_examples.rb
@@ -1,4 +1,35 @@
 # frozen_string_literal: true
 
 shared_examples 'confidential quick action' do
+  context 'when the current user can update issues' do
+    it 'does not create a note, and marks the issue as confidential' do
+      add_note('/confidential')
+
+      expect(page).not_to have_content '/confidential'
+      expect(page).to have_content 'Commands applied'
+      expect(page).to have_content 'made the issue confidential'
+
+      expect(issue.reload).to be_confidential
+    end
+  end
+
+  context 'when the current user cannot update the issue' do
+    let(:guest) { create(:user) }
+
+    before do
+      project.add_guest(guest)
+      gitlab_sign_out
+      sign_in(guest)
+      visit project_issue_path(project, issue)
+    end
+
+    it 'does not create a note, and does not mark the issue as confidential' do
+      add_note('/confidential')
+
+      expect(page).not_to have_content 'Commands applied'
+      expect(page).not_to have_content 'made the issue confidential'
+
+      expect(issue.reload).not_to be_confidential
+    end
+  end
 end
diff --git a/spec/support/shared_examples/quick_actions/issue/remove_due_date_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/issue/remove_due_date_quick_action_shared_examples.rb
index 5904164fcfc..dd1676a08e2 100644
--- a/spec/support/shared_examples/quick_actions/issue/remove_due_date_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/issue/remove_due_date_quick_action_shared_examples.rb
@@ -1,25 +1,35 @@
 # frozen_string_literal: true
 
-shared_examples 'remove_due_date action not available' do
-  it 'does not remove the due date' do
-    add_note("/remove_due_date")
+shared_examples 'remove_due_date quick action' do
+  context 'remove_due_date action available and due date can be removed' do
+    it 'removes the due date accordingly' do
+      add_note('/remove_due_date')
 
-    expect(page).not_to have_content 'Commands applied'
-    expect(page).not_to have_content '/remove_due_date'
-  end
-end
+      expect(page).not_to have_content '/remove_due_date'
+      expect(page).to have_content 'Commands applied'
+
+      visit project_issue_path(project, issue)
 
-shared_examples 'remove_due_date action available and due date can be removed' do
-  it 'removes the due date accordingly' do
-    add_note('/remove_due_date')
+      page.within '.due_date' do
+        expect(page).to have_content 'No due date'
+      end
+    end
+  end
 
-    expect(page).not_to have_content '/remove_due_date'
-    expect(page).to have_content 'Commands applied'
+  context 'remove_due_date action not available' do
+    let(:guest) { create(:user) }
+    before do
+      project.add_guest(guest)
+      gitlab_sign_out
+      sign_in(guest)
+      visit project_issue_path(project, issue)
+    end
 
-    visit project_issue_path(project, issue)
+    it 'does not remove the due date' do
+      add_note("/remove_due_date")
 
-    page.within '.due_date' do
-      expect(page).to have_content 'No due date'
+      expect(page).not_to have_content 'Commands applied'
+      expect(page).not_to have_content '/remove_due_date'
     end
   end
 end
diff --git a/spec/support/shared_examples/quick_actions/merge_request/merge_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/merge_request/merge_quick_action_shared_examples.rb
index 31d88183f0d..c454ddc4bba 100644
--- a/spec/support/shared_examples/quick_actions/merge_request/merge_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/merge_request/merge_quick_action_shared_examples.rb
@@ -1,4 +1,51 @@
 # frozen_string_literal: true
 
 shared_examples 'merge quick action' do
+  context 'when the current user can merge the MR' do
+    before do
+      sign_in(user)
+      visit project_merge_request_path(project, merge_request)
+    end
+
+    it 'merges the MR' do
+      add_note("/merge")
+
+      expect(page).to have_content 'Commands applied'
+
+      expect(merge_request.reload).to be_merged
+    end
+  end
+
+  context 'when the head diff changes in the meanwhile' do
+    before do
+      merge_request.source_branch = 'another_branch'
+      merge_request.save
+      sign_in(user)
+      visit project_merge_request_path(project, merge_request)
+    end
+
+    it 'does not merge the MR' do
+      add_note("/merge")
+
+      expect(page).not_to have_content 'Your commands have been executed!'
+
+      expect(merge_request.reload).not_to be_merged
+    end
+  end
+
+  context 'when the current user cannot merge the MR' do
+    before do
+      project.add_guest(guest)
+      sign_in(guest)
+      visit project_merge_request_path(project, merge_request)
+    end
+
+    it 'does not merge the MR' do
+      add_note("/merge")
+
+      expect(page).not_to have_content 'Your commands have been executed!'
+
+      expect(merge_request.reload).not_to be_merged
+    end
+  end
 end
diff --git a/spec/support/shared_examples/quick_actions/merge_request/target_branch_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/merge_request/target_branch_quick_action_shared_examples.rb
index ccb4a85325b..cf2bdb1dd68 100644
--- a/spec/support/shared_examples/quick_actions/merge_request/target_branch_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/merge_request/target_branch_quick_action_shared_examples.rb
@@ -1,4 +1,81 @@
 # frozen_string_literal: true
 
 shared_examples 'target_branch quick action' do
+  describe '/target_branch command in merge request' do
+    let(:another_project) { create(:project, :public, :repository) }
+    let(:new_url_opts) { { merge_request: { source_branch: 'feature' } } }
+
+    before do
+      another_project.add_maintainer(user)
+      sign_in(user)
+    end
+
+    it 'changes target_branch in new merge_request' do
+      visit project_new_merge_request_path(another_project, new_url_opts)
+
+      fill_in "merge_request_title", with: 'My brand new feature'
+      fill_in "merge_request_description", with: "le feature \n/target_branch fix\nFeature description:"
+      click_button "Submit merge request"
+
+      merge_request = another_project.merge_requests.first
+      expect(merge_request.description).to eq "le feature \nFeature description:"
+      expect(merge_request.target_branch).to eq 'fix'
+    end
+
+    it 'does not change target branch when merge request is edited' do
+      new_merge_request = create(:merge_request, source_project: another_project)
+
+      visit edit_project_merge_request_path(another_project, new_merge_request)
+      fill_in "merge_request_description", with: "Want to update target branch\n/target_branch fix\n"
+      click_button "Save changes"
+
+      new_merge_request = another_project.merge_requests.first
+      expect(new_merge_request.description).to include('/target_branch')
+      expect(new_merge_request.target_branch).not_to eq('fix')
+    end
+  end
+
+  describe '/target_branch command from note' do
+    context 'when the current user can change target branch' do
+      before do
+        sign_in(user)
+        visit project_merge_request_path(project, merge_request)
+      end
+
+      it 'changes target branch from a note' do
+        add_note("message start \n/target_branch merge-test\n message end.")
+
+        wait_for_requests
+        expect(page).not_to have_content('/target_branch')
+        expect(page).to have_content('message start')
+        expect(page).to have_content('message end.')
+
+        expect(merge_request.reload.target_branch).to eq 'merge-test'
+      end
+
+      it 'does not fail when target branch does not exists' do
+        add_note('/target_branch totally_not_existing_branch')
+
+        expect(page).not_to have_content('/target_branch')
+
+        expect(merge_request.target_branch).to eq 'feature'
+      end
+    end
+
+    context 'when current user can not change target branch' do
+      before do
+        project.add_guest(guest)
+        sign_in(guest)
+        visit project_merge_request_path(project, merge_request)
+      end
+
+      it 'does not change target branch' do
+        add_note('/target_branch merge-test')
+
+        expect(page).not_to have_content '/target_branch merge-test'
+
+        expect(merge_request.target_branch).to eq 'feature'
+      end
+    end
+  end
 end
diff --git a/spec/support/shared_examples/services/base_helm_service_shared_examples.rb b/spec/support/shared_examples/services/base_helm_service_shared_examples.rb
new file mode 100644
index 00000000000..78a8e49fd76
--- /dev/null
+++ b/spec/support/shared_examples/services/base_helm_service_shared_examples.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+shared_examples 'logs kubernetes errors' do
+  let(:error_hash) do
+    {
+      service: service.class.name,
+      app_id: application.id,
+      project_ids: application.cluster.project_ids,
+      group_ids: [],
+      error_code: error_code
+    }
+  end
+
+  let(:logger_hash) do
+    error_hash.merge(
+      exception: error_name,
+      message: error_message,
+      backtrace: instance_of(Array)
+    )
+  end
+
+  it 'logs into kubernetes.log and Sentry' do
+    expect(service.send(:logger)).to receive(:error).with(logger_hash)
+
+    expect(Gitlab::Sentry).to receive(:track_acceptable_exception).with(
+      error,
+      extra: hash_including(error_hash)
+    )
+
+    service.execute
+  end
+end
diff --git a/spec/support/shared_examples/snippet_visibility_shared_examples.rb b/spec/support/shared_examples/snippet_visibility_shared_examples.rb
index 4f662db2120..833c31a57cb 100644
--- a/spec/support/shared_examples/snippet_visibility_shared_examples.rb
+++ b/spec/support/shared_examples/snippet_visibility_shared_examples.rb
@@ -220,11 +220,11 @@ RSpec.shared_examples 'snippet visibility' do
       end
 
       context "For #{params[:project_type]} project and #{params[:user_type]} users" do
-        it 'should agree with the read_project_snippet policy' do
+        it 'agrees with the read_project_snippet policy' do
           expect(can?(user, :read_project_snippet, snippet)).to eq(outcome)
         end
 
-        it 'should return proper outcome' do
+        it 'returns proper outcome' do
           results = described_class.new(user, project: project).execute
 
           expect(results.include?(snippet)).to eq(outcome)
@@ -232,7 +232,7 @@ RSpec.shared_examples 'snippet visibility' do
       end
 
       context "Without a given project and #{params[:user_type]} users" do
-        it 'should return proper outcome' do
+        it 'returns proper outcome' do
           results = described_class.new(user).execute
           expect(results.include?(snippet)).to eq(outcome)
         end
@@ -283,16 +283,16 @@ RSpec.shared_examples 'snippet visibility' do
       let!(:snippet) { create(:personal_snippet, visibility_level: snippet_visibility, author: author) }
 
       context "For personal and #{params[:snippet_visibility]} snippets with #{params[:user_type]} user" do
-        it 'should agree with read_personal_snippet policy' do
+        it 'agrees with read_personal_snippet policy' do
           expect(can?(user, :read_personal_snippet, snippet)).to eq(outcome)
         end
 
-        it 'should return proper outcome' do
+        it 'returns proper outcome' do
           results = described_class.new(user).execute
           expect(results.include?(snippet)).to eq(outcome)
         end
 
-        it 'should return personal snippets when the user cannot read cross project' do
+        it 'returns personal snippets when the user cannot read cross project' do
           allow(Ability).to receive(:allowed?).and_call_original
           allow(Ability).to receive(:allowed?).with(user, :read_cross_project) { false }
 
diff --git a/spec/uploaders/records_uploads_spec.rb b/spec/uploaders/records_uploads_spec.rb
index 3592a11360d..42352f9b9f8 100644
--- a/spec/uploaders/records_uploads_spec.rb
+++ b/spec/uploaders/records_uploads_spec.rb
@@ -71,7 +71,7 @@ describe RecordsUploads do
       expect { uploader.store!(upload_fixture('rails_sample.jpg')) }.not_to change { Upload.count }
     end
 
-    it 'it destroys Upload records at the same path before recording' do
+    it 'destroys Upload records at the same path before recording' do
       existing = Upload.create!(
         path: File.join('uploads', 'rails_sample.jpg'),
         size: 512.kilobytes,
@@ -88,10 +88,19 @@ describe RecordsUploads do
   end
 
   describe '#destroy_upload callback' do
-    it 'it destroys Upload records at the same path after removal' do
+    it 'destroys Upload records at the same path after removal' do
       uploader.store!(upload_fixture('rails_sample.jpg'))
 
       expect { uploader.remove! }.to change { Upload.count }.from(1).to(0)
     end
   end
+
+  describe '#filename' do
+    it 'gets the filename from the path recorded in the database, not CarrierWave' do
+      uploader.store!(upload_fixture('rails_sample.jpg'))
+      expect_any_instance_of(GitlabUploader).not_to receive(:filename)
+
+      expect(uploader.filename).to eq('rails_sample.jpg')
+    end
+  end
 end
diff --git a/spec/views/groups/edit.html.haml_spec.rb b/spec/views/groups/edit.html.haml_spec.rb
index 38cfb84f0d5..29e15960fb8 100644
--- a/spec/views/groups/edit.html.haml_spec.rb
+++ b/spec/views/groups/edit.html.haml_spec.rb
@@ -12,7 +12,7 @@ describe 'groups/edit.html.haml' do
     end
 
     shared_examples_for '"Share with group lock" setting' do |checkbox_options|
-      it 'should have the correct label, help text, and checkbox options' do
+      it 'has the correct label, help text, and checkbox options' do
         assign(:group, test_group)
         allow(view).to receive(:can?).with(test_user, :admin_group, test_group).and_return(true)
         allow(view).to receive(:can_change_group_visibility_level?).and_return(false)
diff --git a/spec/views/projects/_home_panel.html.haml_spec.rb b/spec/views/projects/_home_panel.html.haml_spec.rb
index 908ecb898e4..12925a5ab07 100644
--- a/spec/views/projects/_home_panel.html.haml_spec.rb
+++ b/spec/views/projects/_home_panel.html.haml_spec.rb
@@ -45,7 +45,7 @@ describe 'projects/_home_panel' do
 
   context 'badges' do
     shared_examples 'show badges' do
-      it 'should render the all badges' do
+      it 'renders the all badges' do
         render
 
         expect(rendered).to have_selector('.project-badges a')
@@ -70,7 +70,7 @@ describe 'projects/_home_panel' do
     context 'has no badges' do
       let(:project) { create(:project) }
 
-      it 'should not render any badge' do
+      it 'does not render any badge' do
         render
 
         expect(rendered).not_to have_selector('.project-badges')
diff --git a/spec/views/projects/settings/ci_cd/_autodevops_form.html.haml_spec.rb b/spec/views/projects/settings/ci_cd/_autodevops_form.html.haml_spec.rb
index b52fc719a64..ff2d491539b 100644
--- a/spec/views/projects/settings/ci_cd/_autodevops_form.html.haml_spec.rb
+++ b/spec/views/projects/settings/ci_cd/_autodevops_form.html.haml_spec.rb
@@ -13,4 +13,14 @@ describe 'projects/settings/ci_cd/_autodevops_form' do
 
     expect(rendered).to have_text('You must add a Kubernetes cluster integration to this project with a domain in order for your deployment strategy to work correctly.')
   end
+
+  context 'when the project has an available kubernetes cluster' do
+    let!(:cluster) { create(:cluster, cluster_type: :project_type, projects: [project]) }
+
+    it 'does not show a warning message' do
+      render
+
+      expect(rendered).not_to have_text('You must add a Kubernetes cluster')
+    end
+  end
 end
diff --git a/spec/views/shared/milestones/_issuables.html.haml.rb b/spec/views/shared/milestones/_issuables.html.haml.rb
index 4769d569548..cbbb984935f 100644
--- a/spec/views/shared/milestones/_issuables.html.haml.rb
+++ b/spec/views/shared/milestones/_issuables.html.haml.rb
@@ -11,12 +11,12 @@ describe 'shared/milestones/_issuables.html.haml' do
     stub_template 'shared/milestones/_issuable.html.haml' => ''
   end
 
-  it 'should show the issuables count if show_counter is true' do
+  it 'shows the issuables count if show_counter is true' do
     render 'shared/milestones/issuables', show_counter: true
     expect(rendered).to have_content('100')
   end
 
-  it 'should not show the issuables count if show_counter is false' do
+  it 'does not show the issuables count if show_counter is false' do
     render 'shared/milestones/issuables', show_counter: false
     expect(rendered).not_to have_content('100')
   end
@@ -24,7 +24,7 @@ describe 'shared/milestones/_issuables.html.haml' do
   describe 'a high issuables count' do
     let(:issuables_size) { 1000 }
 
-    it 'should show a delimited number if show_counter is true' do
+    it 'shows a delimited number if show_counter is true' do
       render 'shared/milestones/issuables', show_counter: true
       expect(rendered).to have_content('1,000')
     end
diff --git a/spec/views/shared/projects/_project.html.haml_spec.rb b/spec/views/shared/projects/_project.html.haml_spec.rb
index 3b14045e61f..dc223861037 100644
--- a/spec/views/shared/projects/_project.html.haml_spec.rb
+++ b/spec/views/shared/projects/_project.html.haml_spec.rb
@@ -8,13 +8,13 @@ describe 'shared/projects/_project.html.haml' do
     allow(view).to receive(:can?) { true }
   end
 
-  it 'should render creator avatar if project has a creator' do
+  it 'renders creator avatar if project has a creator' do
     render 'shared/projects/project', use_creator_avatar: true, project: project
 
     expect(rendered).to have_selector('img.avatar')
   end
 
-  it 'should render a generic avatar if project does not have a creator' do
+  it 'renders a generic avatar if project does not have a creator' do
     project.creator = nil
 
     render 'shared/projects/project', use_creator_avatar: true, project: project
diff --git a/yarn.lock b/yarn.lock
index 15fa876300b..2eddf32124f 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -645,17 +645,17 @@
   dependencies:
     bootstrap "^4.1.3"
 
-"@gitlab/eslint-config@^1.4.0":
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/@gitlab/eslint-config/-/eslint-config-1.4.0.tgz#2e59e55a7cd024e3a450d2a896060ec4d763a5dc"
-  integrity sha512-nkecTWRNS/KD9q5lHFSc3J6zO/g1/OV9DaKiay+0nLjnGO9jQVRArRIYpnzgbUz2p15jOMVToVafW0YbbHZkwg==
+"@gitlab/eslint-config@^1.5.0":
+  version "1.5.0"
+  resolved "https://registry.yarnpkg.com/@gitlab/eslint-config/-/eslint-config-1.5.0.tgz#0c8c3ae74f276eb6671bd7c60f331bc0f2d2e5cf"
+  integrity sha512-KgJgoIZNpGauFpCV1iCptesYN7I8abtYRBLU9xcH0oocC/xp3JmbLfsZ+lEtrk8pl99Q2mKiAuaPpzxjXr6hBw==
   dependencies:
     babel-eslint "^10.0.1"
     eslint-config-airbnb-base "^13.1.0"
     eslint-config-prettier "^3.3.0"
     eslint-plugin-filenames "^1.3.2"
-    eslint-plugin-import "^2.14.0"
-    eslint-plugin-promise "^4.0.1"
+    eslint-plugin-import "^2.16.0"
+    eslint-plugin-promise "^4.1.1"
     eslint-plugin-vue "^5.0.0"
 
 "@gitlab/svgs@^1.58.0":
@@ -1164,15 +1164,7 @@ apollo-link-http-common@^0.2.8:
     ts-invariant "^0.3.2"
     tslib "^1.9.3"
 
-apollo-link@^1.0.0, apollo-link@^1.2.3:
-  version "1.2.3"
-  resolved "https://registry.yarnpkg.com/apollo-link/-/apollo-link-1.2.3.tgz#9bd8d5fe1d88d31dc91dae9ecc22474d451fb70d"
-  integrity sha512-iL9yS2OfxYhigme5bpTbmRyC+Htt6tyo2fRMHT3K1XRL/C5IQDDz37OjpPy4ndx7WInSvfSZaaOTKFja9VWqSw==
-  dependencies:
-    apollo-utilities "^1.0.0"
-    zen-observable-ts "^0.8.10"
-
-apollo-link@^1.2.11, apollo-link@^1.2.6:
+apollo-link@^1.0.0, apollo-link@^1.2.11, apollo-link@^1.2.3, apollo-link@^1.2.6:
   version "1.2.11"
   resolved "https://registry.yarnpkg.com/apollo-link/-/apollo-link-1.2.11.tgz#493293b747ad3237114ccd22e9f559e5e24a194d"
   integrity sha512-PQvRCg13VduLy3X/0L79M6uOpTh5iHdxnxYuo8yL7sJlWybKRJwsv4IcRBJpMFbChOOaHY7Og9wgPo6DLKDKDA==
@@ -1191,7 +1183,7 @@ apollo-upload-client@^10.0.0:
     apollo-link-http-common "^0.2.8"
     extract-files "^5.0.0"
 
-apollo-utilities@1.2.1, apollo-utilities@^1.0.0, apollo-utilities@^1.2.1:
+apollo-utilities@1.2.1, apollo-utilities@^1.2.1:
   version "1.2.1"
   resolved "https://registry.yarnpkg.com/apollo-utilities/-/apollo-utilities-1.2.1.tgz#1c3a1ebf5607d7c8efe7636daaf58e7463b41b3c"
   integrity sha512-Zv8Udp9XTSFiN8oyXOjf6PMHepD4yxxReLsl6dPUy5Ths7jti3nmlBzZUOxuTWRwZn0MoclqL7RQ5UEJN8MAxg==
@@ -3673,7 +3665,7 @@ eslint-import-resolver-jest@^2.1.1:
     micromatch "^3.1.6"
     resolve "^1.5.0"
 
-eslint-import-resolver-node@^0.3.1:
+eslint-import-resolver-node@^0.3.1, eslint-import-resolver-node@^0.3.2:
   version "0.3.2"
   resolved "https://registry.yarnpkg.com/eslint-import-resolver-node/-/eslint-import-resolver-node-0.3.2.tgz#58f15fb839b8d0576ca980413476aab2472db66a"
   integrity sha512-sfmTqJfPSizWu4aymbPr4Iidp5yKm8yDkHp+Ir3YiTHiiDfxh69mOUsmiqW6RZ9zRXFaF64GtYmN7e+8GHBv6Q==
@@ -3705,6 +3697,14 @@ eslint-module-utils@^2.2.0:
     debug "^2.6.8"
     pkg-dir "^1.0.0"
 
+eslint-module-utils@^2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/eslint-module-utils/-/eslint-module-utils-2.3.0.tgz#546178dab5e046c8b562bbb50705e2456d7bda49"
+  integrity sha512-lmDJgeOOjk8hObTysjqH7wyMi+nsHwwvfBykwfhjR1LNdd7C2uFJBvx4OpWYpXOw4df1yE1cDEVd1yLHitk34w==
+  dependencies:
+    debug "^2.6.8"
+    pkg-dir "^2.0.0"
+
 eslint-plugin-filenames@^1.3.2:
   version "1.3.2"
   resolved "https://registry.yarnpkg.com/eslint-plugin-filenames/-/eslint-plugin-filenames-1.3.2.tgz#7094f00d7aefdd6999e3ac19f72cea058e590cf7"
@@ -3738,6 +3738,22 @@ eslint-plugin-import@^2.14.0:
     read-pkg-up "^2.0.0"
     resolve "^1.6.0"
 
+eslint-plugin-import@^2.16.0:
+  version "2.16.0"
+  resolved "https://registry.yarnpkg.com/eslint-plugin-import/-/eslint-plugin-import-2.16.0.tgz#97ac3e75d0791c4fac0e15ef388510217be7f66f"
+  integrity sha512-z6oqWlf1x5GkHIFgrSvtmudnqM6Q60KM4KvpWi5ubonMjycLjndvd5+8VAZIsTlHC03djdgJuyKG6XO577px6A==
+  dependencies:
+    contains-path "^0.1.0"
+    debug "^2.6.9"
+    doctrine "1.5.0"
+    eslint-import-resolver-node "^0.3.2"
+    eslint-module-utils "^2.3.0"
+    has "^1.0.3"
+    lodash "^4.17.11"
+    minimatch "^3.0.4"
+    read-pkg-up "^2.0.0"
+    resolve "^1.9.0"
+
 eslint-plugin-jasmine@^2.10.1:
   version "2.10.1"
   resolved "https://registry.yarnpkg.com/eslint-plugin-jasmine/-/eslint-plugin-jasmine-2.10.1.tgz#5733b709e751f4bc40e31e1c16989bd2cdfbec97"
@@ -3748,10 +3764,10 @@ eslint-plugin-jest@^22.3.0:
   resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-22.3.0.tgz#a10f10dedfc92def774ec9bb5bfbd2fb8e1c96d2"
   integrity sha512-P1mYVRNlOEoO5T9yTqOfucjOYf1ktmJ26NjwjH8sxpCFQa6IhBGr5TpKl3hcAAT29hOsRJVuMWmTsHoUVo9FoA==
 
-eslint-plugin-promise@^4.0.1:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/eslint-plugin-promise/-/eslint-plugin-promise-4.0.1.tgz#2d074b653f35a23d1ba89d8e976a985117d1c6a2"
-  integrity sha512-Si16O0+Hqz1gDHsys6RtFRrW7cCTB6P7p3OJmKp3Y3dxpQE2qwOA7d3xnV+0mBmrPoi0RBnxlCKvqu70te6wjg==
+eslint-plugin-promise@^4.1.1:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/eslint-plugin-promise/-/eslint-plugin-promise-4.1.1.tgz#1e08cb68b5b2cd8839f8d5864c796f56d82746db"
+  integrity sha512-faAHw7uzlNPy7b45J1guyjazw28M+7gJokKUjC5JSFoYfUEyy6Gw/i7YQvmv2Yk00sUjWcmzXQLpU1Ki/C2IZQ==
 
 eslint-plugin-vue@^5.0.0:
   version "5.0.0"
@@ -4917,6 +4933,13 @@ has@^1.0.1:
   dependencies:
     function-bind "^1.0.2"
 
+has@^1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/has/-/has-1.0.3.tgz#722d7cbfc1f6aa8241f16dd814e011e1f41e8796"
+  integrity sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==
+  dependencies:
+    function-bind "^1.1.1"
+
 hash-base@^2.0.0:
   version "2.0.2"
   resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-2.0.2.tgz#66ea1d856db4e8a5470cadf6fce23ae5244ef2e1"
@@ -8095,6 +8118,13 @@ pkg-dir@^1.0.0:
   dependencies:
     find-up "^1.0.0"
 
+pkg-dir@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-2.0.0.tgz#f6d5d1109e19d63edf428e0bd57e12777615334b"
+  integrity sha1-9tXREJ4Z1j7fQo4L1X4Sd3YVM0s=
+  dependencies:
+    find-up "^2.1.0"
+
 pkg-dir@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-3.0.0.tgz#2749020f239ed990881b1f71210d51eb6523bea3"
@@ -9102,7 +9132,7 @@ resolve@1.1.7, resolve@1.1.x:
   resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b"
   integrity sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs=
 
-resolve@1.x, resolve@^1.10.0, resolve@^1.3.2, resolve@^1.4.0, resolve@^1.5.0, resolve@^1.6.0:
+resolve@1.x, resolve@^1.10.0, resolve@^1.3.2, resolve@^1.4.0, resolve@^1.5.0, resolve@^1.6.0, resolve@^1.9.0:
   version "1.10.0"
   resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.10.0.tgz#3bdaaeaf45cc07f375656dfd2e54ed0810b101ba"
   integrity sha512-3sUr9aq5OfSg2S9pNtPA9hL1FVEAjvfOC4leW0SNf/mpnaakz2a9femSd6LqAww2RaFctwyf1lCqnTHuF1rxDg==
@@ -11536,13 +11566,6 @@ yeast@0.1.2:
   resolved "https://registry.yarnpkg.com/yeast/-/yeast-0.1.2.tgz#008e06d8094320c372dbc2f8ed76a0ca6c8ac419"
   integrity sha1-AI4G2AlDIMNy28L47XagymyKxBk=
 
-zen-observable-ts@^0.8.10:
-  version "0.8.10"
-  resolved "https://registry.yarnpkg.com/zen-observable-ts/-/zen-observable-ts-0.8.10.tgz#18e2ce1c89fe026e9621fd83cc05168228fce829"
-  integrity sha512-5vqMtRggU/2GhePC9OU4sYEWOdvmayp2k3gjPf4F0mXwB3CSbbNznfDUvDJx9O2ZTa1EIXdJhPchQveFKwNXPQ==
-  dependencies:
-    zen-observable "^0.8.0"
-
 zen-observable-ts@^0.8.18:
   version "0.8.18"
   resolved "https://registry.yarnpkg.com/zen-observable-ts/-/zen-observable-ts-0.8.18.tgz#ade44b1060cc4a800627856ec10b9c67f5f639c8"