16 files changed, 124 insertions, 22 deletions

diff --git a/changelogs/unreleased/add_index_on_ci_builds_updated_at.yml b/changelogs/unreleased/add_index_on_ci_builds_updated_at.yml
new file mode 100644
index 00000000000..ede9b946a70
--- /dev/null
+++ b/changelogs/unreleased/add_index_on_ci_builds_updated_at.yml
@@ -0,0 +1,4 @@
+---
+title: Add index on ci_builds.updated_at
+merge_request: 10870
+author: blackst0ne
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 06c9f734c2a..c2eaf263937 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -505,6 +505,11 @@ production: &base
     # If you use non-standard ssh port you need to specify it
     # ssh_port: 22
 
+  workhorse:
+    # File that contains the secret key for verifying access for gitlab-workhorse.
+    # Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app).
+    # secret_file: /home/git/gitlab/.gitlab_workhorse_secret
+
   ## Git settings
   # CAUTION!
   # Use the default values unless you really know what you are doing
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 87bf48a3dcd..7a8f00f11b2 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -388,6 +388,12 @@ Settings.gitlab_shell['owner_group']  ||= Settings.gitlab.user
 Settings.gitlab_shell['ssh_path_prefix'] ||= Settings.__send__(:build_gitlab_shell_ssh_path_prefix)
 
 #
+# Workhorse
+#
+Settings['workhorse'] ||= Settingslogic.new({})
+Settings.workhorse['secret_file'] ||= Rails.root.join('.gitlab_workhorse_secret')
+
+#
 # Repositories
 #
 Settings['repositories'] ||= Settingslogic.new({})
diff --git a/db/migrate/20170423064036_add_index_on_ci_builds_updated_at.rb b/db/migrate/20170423064036_add_index_on_ci_builds_updated_at.rb
new file mode 100644
index 00000000000..0bbb74ee05e
--- /dev/null
+++ b/db/migrate/20170423064036_add_index_on_ci_builds_updated_at.rb
@@ -0,0 +1,19 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddIndexOnCiBuildsUpdatedAt < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index :ci_builds, :updated_at
+  end
+
+  def down
+    remove_concurrent_index :ci_builds, :updated_at if index_exists?(:ci_builds, :updated_at)
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 290d969d7de..7b13f2a98a1 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20170419001229) do
+ActiveRecord::Schema.define(version: 20170423064036) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -241,6 +241,7 @@ ActiveRecord::Schema.define(version: 20170419001229) do
   add_index "ci_builds", ["status", "type", "runner_id"], name: "index_ci_builds_on_status_and_type_and_runner_id", using: :btree
   add_index "ci_builds", ["status"], name: "index_ci_builds_on_status", using: :btree
   add_index "ci_builds", ["token"], name: "index_ci_builds_on_token", unique: true, using: :btree
+  add_index "ci_builds", ["updated_at"], name: "index_ci_builds_on_updated_at", using: :btree
 
   create_table "ci_pipelines", force: :cascade do |t|
     t.string "ref"
diff --git a/doc/api/projects.md b/doc/api/projects.md
index 63f88a464f5..51de4fef7ff 100644
--- a/doc/api/projects.md
+++ b/doc/api/projects.md
@@ -859,6 +859,17 @@ Parameters:
 | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) |
 | `file` | string | yes | The file to be uploaded |
 
+To upload a file from your filesystem, use the `--form` argument. This causes
+cURL to post data using the header `Content-Type: multipart/form-data`.
+The `file=` parameter must point to a file on your filesystem and be preceded
+by `@`. For example:
+
+```bash
+curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "file=@dk.png" https://gitlab.example.com/api/v3/projects/5/uploads
+```
+
+Returned object:
+
 ```json
 {
   "alt": "dk",
@@ -868,8 +879,8 @@ Parameters:
 ```
 
 **Note**: The returned `url` is relative to the project path.
-In Markdown contexts, the link is automatically expanded when the format in `markdown` is used.
-
+In Markdown contexts, the link is automatically expanded when the format in
+`markdown` is used.
 
 ## Project members
 
diff --git a/features/profile/profile.feature b/features/profile/profile.feature
index dc1339deb4c..70f47c97173 100644
--- a/features/profile/profile.feature
+++ b/features/profile/profile.feature
@@ -60,7 +60,9 @@ Feature: Profile
     Then I should see a password error message
 
   Scenario: I visit history tab
-    Given I have activity
+    Given I logout
+    And I sign in via the UI
+    And I have activity
     When I visit Audit Log page
     Then I should see my activity
 
diff --git a/features/project/forked_merge_requests.feature b/features/project/forked_merge_requests.feature
index 67f1e117f7f..9809b0ea0fe 100644
--- a/features/project/forked_merge_requests.feature
+++ b/features/project/forked_merge_requests.feature
@@ -41,8 +41,7 @@ Feature: Project Forked Merge Requests
 
   @javascript
   Scenario: I see the users in the target project for a new merge request
-    Given I logout
-    And I sign in as an admin
+    Given I sign in as an admin
     And I have a project forked off of "Shop" called "Forked Shop"
     Then I visit project "Forked Shop" merge requests page
     And I click link "New Merge Request"
diff --git a/features/steps/project/forked_merge_requests.rb b/features/steps/project/forked_merge_requests.rb
index ef1bb453615..8081b764be6 100644
--- a/features/steps/project/forked_merge_requests.rb
+++ b/features/steps/project/forked_merge_requests.rb
@@ -6,7 +6,7 @@ class Spinach::Features::ProjectForkedMergeRequests < Spinach::FeatureSteps
   include Select2Helper
 
   step 'I am a member of project "Shop"' do
-    @project = Project.find_by(name: "Shop")
+    @project = ::Project.find_by(name: "Shop")
     @project ||= create(:project, :repository, name: "Shop")
     @project.team << [@user, :reporter]
   end
diff --git a/features/steps/project/merge_requests/acceptance.rb b/features/steps/project/merge_requests/acceptance.rb
index d7167352e02..7521a9439e3 100644
--- a/features/steps/project/merge_requests/acceptance.rb
+++ b/features/steps/project/merge_requests/acceptance.rb
@@ -43,7 +43,7 @@ class Spinach::Features::ProjectMergeRequestsAcceptance < Spinach::FeatureSteps
   end
 
   step 'I am signed in as a developer of the project' do
-    login_as(@user)
+    sign_in(@user)
   end
 
   step 'I should see merge request merged' do
diff --git a/features/steps/project/merge_requests/revert.rb b/features/steps/project/merge_requests/revert.rb
index a8f4e4ef027..1149c1c2426 100644
--- a/features/steps/project/merge_requests/revert.rb
+++ b/features/steps/project/merge_requests/revert.rb
@@ -31,7 +31,7 @@ class Spinach::Features::RevertMergeRequests < Spinach::FeatureSteps
 
   step 'I am signed in as a developer of the project' do
     @user = create(:user) { |u| @project.add_developer(u) }
-    login_as(@user)
+    sign_in(@user)
   end
 
   step 'There is an open Merge Request' do
diff --git a/features/steps/shared/authentication.rb b/features/steps/shared/authentication.rb
index 5c3e724746b..97fac595d8e 100644
--- a/features/steps/shared/authentication.rb
+++ b/features/steps/shared/authentication.rb
@@ -1,23 +1,33 @@
-require Rails.root.join('spec', 'support', 'login_helpers')
+require Rails.root.join('features', 'support', 'login_helpers')
 
 module SharedAuthentication
   include Spinach::DSL
   include LoginHelpers
 
   step 'I sign in as a user' do
-    login_as :user
+    sign_out(@user) if @user
+
+    @user = create(:user)
+    sign_in(@user)
+  end
+
+  step 'I sign in via the UI' do
+    gitlab_sign_in(create(:user))
   end
 
   step 'I sign in as an admin' do
-    login_as :admin
+    sign_out(@user) if @user
+
+    @user = create(:admin)
+    sign_in(@user)
   end
 
   step 'I sign in as "John Doe"' do
-    login_with(user_exists("John Doe"))
+    gitlab_sign_in(user_exists("John Doe"))
   end
 
   step 'I sign in as "Mary Jane"' do
-    login_with(user_exists("Mary Jane"))
+    gitlab_sign_in(user_exists("Mary Jane"))
   end
 
   step 'I should be redirected to sign in page' do
@@ -25,14 +35,41 @@ module SharedAuthentication
   end
 
   step "I logout" do
-    logout
+    gitlab_sign_out
   end
 
   step "I logout directly" do
-    logout_direct
+    gitlab_sign_out
   end
 
   def current_user
     @user || User.reorder(nil).first
   end
+
+  private
+
+  def gitlab_sign_in(user)
+    visit new_user_session_path
+
+    fill_in "user_login", with: user.email
+    fill_in "user_password", with: "12345678"
+    check 'user_remember_me'
+    click_button "Sign in"
+
+    @user = user
+  end
+
+  def gitlab_sign_out
+    return unless @user
+
+    if Capybara.current_driver == Capybara.javascript_driver
+      find('.header-user-dropdown-toggle').click
+      click_link 'Sign out'
+      expect(page).to have_button('Sign in')
+    else
+      sign_out(@user)
+    end
+
+    @user = nil
+  end
 end
diff --git a/features/support/login_helpers.rb b/features/support/login_helpers.rb
new file mode 100644
index 00000000000..540ff25a4f2
--- /dev/null
+++ b/features/support/login_helpers.rb
@@ -0,0 +1,19 @@
+module LoginHelpers
+  # After inclusion, IntegrationHelpers calls these two methods that aren't
+  # supported by Spinach, so we perform the end results ourselves
+  class << self
+    def setup(*args)
+      Spinach.hooks.before_scenario do
+        Warden.test_mode!
+      end
+    end
+
+    def teardown(*args)
+      Spinach.hooks.after_scenario do
+        Warden.test_reset!
+      end
+    end
+  end
+
+  include Devise::Test::IntegrationHelpers
+end
diff --git a/lib/gitlab/workhorse.rb b/lib/gitlab/workhorse.rb
index e6e40f6945d..c551f939df1 100644
--- a/lib/gitlab/workhorse.rb
+++ b/lib/gitlab/workhorse.rb
@@ -168,7 +168,7 @@ module Gitlab
       end
 
       def secret_path
-        Rails.root.join('.gitlab_workhorse_secret')
+        Gitlab.config.workhorse.secret_file
       end
 
       def set_key_and_notify(key, value, expire: nil, overwrite: true)
diff --git a/spec/support/login_helpers.rb b/spec/support/login_helpers.rb
index 9ffb00be0b8..e6da852e728 100644
--- a/spec/support/login_helpers.rb
+++ b/spec/support/login_helpers.rb
@@ -84,8 +84,4 @@ module LoginHelpers
   def logout_direct
     page.driver.submit :delete, '/users/sign_out', {}
   end
-
-  def skip_ci_admin_auth
-    allow_any_instance_of(Ci::Admin::ApplicationController).to receive_messages(authenticate_admin!: true)
-  end
 end
diff --git a/spec/support/wait_for_ajax.rb b/spec/support/wait_for_ajax.rb
index 0f9dc2dee75..508de2ee8e1 100644
--- a/spec/support/wait_for_ajax.rb
+++ b/spec/support/wait_for_ajax.rb
@@ -6,10 +6,13 @@ module WaitForAjax
   end
 
   def finished_all_ajax_requests?
+    return true unless javascript_test?
+    return true if page.evaluate_script('typeof jQuery === "undefined"')
+
     page.evaluate_script('jQuery.active').zero?
   end
 
   def javascript_test?
-    [:selenium, :webkit, :chrome, :poltergeist].include?(Capybara.current_driver)
+    Capybara.current_driver == Capybara.javascript_driver
   end
 end